Iljitsch van Beijnum | 6 Jul 00:46 2007

IPv6 transit over AMS-IX

Hi,

I'm looking for people who can sell some IPv6 transit over the AMS-IX.

You should probably reply privately.

Iljitsch

Bernhard Schmidt | 9 Jul 20:09 2007
Picon

Contact at AS701?

Hi,

anyone here from AS701? It appears that since about Friday you are 
leaking a number of prefixes you receive from AS12702 (MCI Europe) to 
peers like Sprint, GBLX, NTT/Verio and Level3. Even worse, as far as I 
can tell from my own networks through GBLX and using web-traceroute from 
the Chicago SixXS-POP through Sprint you are dropping all packets 
travelling through your network on ingress.

Example:

grh.sixxs.net> sh bgp ipv6 regexp _701_12702_
[...]
*  2001:1408::/32   2402:8000::1                           0 24541 30071 
6175 701 12702 6830 20704 i
*                   2001:4f8:4::2                          0 3557 2914 
701 12702 6830 20704 i
[...]
Total number of prefixes 66

Regards,
Bernhard

John Payne | 9 Jul 22:55 2007

Re: Contact at AS701?


On Jul 9, 2007, at 2:09 PM, Bernhard Schmidt wrote:

> Hi,
>
> anyone here from AS701? It appears that since about Friday you are  
> leaking a number of prefixes you receive from AS12702 (MCI Europe)  
> to peers like Sprint, GBLX, NTT/Verio and Level3.

I'd have thought that was to be expected - 701 is Verizon Business US  
(MCI, UUNET, ....) or the US partner network to (12)702

> Even worse, as far as I can tell from my own networks through GBLX  
> and using web-traceroute from the Chicago SixXS-POP through Sprint  
> you are dropping all packets travelling through your network on  
> ingress.

Now that might be a problem :)

>
> Example:
>
> grh.sixxs.net> sh bgp ipv6 regexp _701_12702_
> [...]
> *  2001:1408::/32   2402:8000::1                           0 24541  
> 30071 6175 701 12702 6830 20704 i
> *                   2001:4f8:4::2                          0 3557  
> 2914 701 12702 6830 20704 i
> [...]
> Total number of prefixes 66
(Continue reading)

Bernhard Schmidt | 9 Jul 23:16 2007
Picon

Re: Contact at AS701?

On Mon, Jul 09, 2007 at 04:55:51PM -0400, John Payne wrote:

>> anyone here from AS701? It appears that since about Friday you are leaking 
>> a number of prefixes you receive from AS12702 (MCI Europe) to peers like 
>> Sprint, GBLX, NTT/Verio and Level3.
> I'd have thought that was to be expected - 701 is Verizon Business US (MCI, 
> UUNET, ....) or the US partner network to (12)702

Sorry for not being 100% clear, the paths leaked have been received by
12702 on peering sessions, for example from 

1273 (Cable & Wireless)
6453 (Teleglobe)
6830 (UPC)

to name the largest ones. There is no way those should be advertised by
701 to Sprint, GBLX et al. 

Advertising MCI customer routes would indeed be expected, but as far as
I can tell right now _no_ prefix that shares this path is a MCI Europe
customer prefix. Either because those are not announced (which would be
a funny coincidence) or because most networks peer with 12702 directly.

Regards,
Bernhard

Bernhard Schmidt | 10 Jul 10:53 2007
Picon

Re: Contact at AS701?

Hi Gerrit,

> I'm not directly responsible for AS701, but for the EMEA Part
> AS12702. I will check what has happened in the US and make the
> US colleagues aware of this route leak. It is definetly not the
> expected behaviour.

Thanks, I think this issue is more or less fixed. I believe the few 
remaining paths

grh.sixxs.net> sh bgp ipv6 regexp _701_12702_
BGP table version is 0, local router ID is 213.197.29.32
Status codes: s suppressed, d damped, h history, * valid, > best, i - 
internal
Origin codes: i - IGP, e - EGP, ? - incomplete

    Network          Next Hop            Metric LocPrf Weight Path
*  2001:600::/32    2001:410:9000:1::1
                                                            0 25689 2884 
6509 3425 293 284 701 12702 i
*  2001:6d0::/32    2001:1888::2                           0 6435 4618 
6175 701 12702 1273 5568 i
*  2001:820::/32    2001:410:9000:1::1
                                                            0 25689 2884 
6509 3425 293 284 701 12702 16186 i
*  2001:828::/32    2001:410:9000:1::1
                                                            0 25689 2884 
6509 3425 293 284 701 12702 21155 i
*  2001:860::/32    2001:1888::2                           0 6435 4618 
6175 701 12702 6830 5410 i
(Continue reading)

Christian Hahn | 10 Jul 11:19 2007
Picon

Re: Contact at AS701?


Bernhard Schmidt wrote:
> 
> are some sort of ghosts, judging that they all come from the same set of
> two badly connected ASNs and Sprint itself has other paths as well, for
> example
> 
> *  2001:2000::/20   2001:1888::2                           0 6435 4618
> 6175 701 12702 1273 1299 i
> *                   2001:4978:2:10::ffff
>                                                            0 26943 6175
> 4555 5609 3320 3320 3320 1299 i
Hi Bernhard,

I don't see that "route" at my Peering Router with AS1299, so I assume thats a
really ghost a bit deeper in the net. Will look into it.

regards,
Christian
> 
> BTW, 3320 is a funny shop :-)
> 
> Bernhard

Gerrit Wenig | 10 Jul 09:28 2007

Re: Contact at AS701?

Hi Bernhard,

On Mon, 09 Jul 2007, Bernhard Schmidt wrote:
> On Mon, Jul 09, 2007 at 04:55:51PM -0400, John Payne wrote:
> 
> >> anyone here from AS701? It appears that since about Friday you are leaking 
> >> a number of prefixes you receive from AS12702 (MCI Europe) to peers like 
> >> Sprint, GBLX, NTT/Verio and Level3.
> > I'd have thought that was to be expected - 701 is Verizon Business US (MCI, 
> > UUNET, ....) or the US partner network to (12)702
> 
> Sorry for not being 100% clear, the paths leaked have been received by
> 12702 on peering sessions, for example from 
> 
> 1273 (Cable & Wireless)
> 6453 (Teleglobe)
> 6830 (UPC)
> 
> to name the largest ones. There is no way those should be advertised by
> 701 to Sprint, GBLX et al. 
> 
> Advertising MCI customer routes would indeed be expected, but as far as
> I can tell right now _no_ prefix that shares this path is a MCI Europe
> customer prefix. Either because those are not announced (which would be
> a funny coincidence) or because most networks peer with 12702 directly.

I'm not directly responsible for AS701, but for the EMEA Part
AS12702. I will check what has happened in the US and make the
US colleagues aware of this route leak. It is definetly not the
expected behaviour.
(Continue reading)

Seth Mattinen | 14 Jul 19:44 2007
Picon

Subnetting Practices

I'm working on a subnetting scheme for my IPv6 deployment and I'm 
curious to what the current best practices regarding IPv6 subnets are. 
For example, if I need a point-to-point link, something I'd normally 
assign a /30 in v4, I see /64 being used as the v6 equivalent. This 
seems kind of wasteful to me, so if anyone out there can clarify why, 
I'd appreciate it.

~Seth

Roland Dobbins | 14 Jul 19:48 2007
Picon

Re: Subnetting Practices


On Jul 14, 2007, at 10:44 AM, Seth Mattinen wrote:

> This seems kind of wasteful to me, so if anyone out there can  
> clarify why, I'd appreciate it.

Not only is it wasteful, but it's a security risk, as it essentially  
turns one's router into a sinkhole for any type of scanning activity  
or DDoS crafted to exploit this inexplicable practice, IMHO.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins <at> cisco.com> // 408.527.6376 voice

        Culture eats strategy for breakfast.

                -- Ford Motor Company

Seth Mattinen | 14 Jul 20:16 2007
Picon

Re: Subnetting Practices

Roland Dobbins wrote:
> 
> On Jul 14, 2007, at 10:44 AM, Seth Mattinen wrote:
> 
>> This seems kind of wasteful to me, so if anyone out there can clarify 
>> why, I'd appreciate it.
> 
> Not only is it wasteful, but it's a security risk, as it essentially 
> turns one's router into a sinkhole for any type of scanning activity or 
> DDoS crafted to exploit this inexplicable practice, IMHO.
> 

I'm inclined to use something *way* smaller (like a /126 since /127's 
are bad) for router links. I thought the push behind IPv6 was because 
we're running out of v4 space, and I see standard practice blowing a /64 
on a link that'll never have more than 2 devices on it. Lots of stuff I 
read encourages seemingly wasteful practices in v6 space as a good thing 
and it confuses me.

~Seth


Gmane