Re: [NANOG] US DoD receives chunked IPv6 /13 (14x /22 but nottotally consecutive)

From: Warren Kumari (no email)
Date: Fri May 16 2008 - 14:41:43 EDT

  • Next message: Christopher Morrow: "Re: [NANOG] US DoD receives chunked IPv6 /13 (14x /22 but not totally consecutive)"

    On May 16, 2008, at 2:15 PM, Robert D. Scott wrote:

    > OH, You mean like putting a sniper in a bunch of trees. They know that
    > tactic well. :)

    Yup -- http://www.youtube.com/watch?v=ltmMJntSfQI

    W

    >
    >
    > Robert D. Scott
    > Senior Network Engineer 352-273-0113 Phone
    > CNS - Network Services 352-392-2061 CNS Receptionist
    > University of Florida 352-392-9440 FAX
    > Florida Lambda Rail 352-294-3571 FLR NOC
    > Gainesville, FL 32611
    >
    >
    > -----Original Message-----
    > From: Dorn Hetzel [mailto:]
    > Sent: Friday, May 16, 2008 1:59 PM
    > To: Jeroen Massar
    > Cc: NANOG list
    > Subject: Re: [NANOG] US DoD receives chunked IPv6 /13 (14x /22 but
    > nottotally consecutive)
    >
    >
    > Perhaps it is an attempt to make their address space so sparsely
    > populated
    > that it's close to impossible to find a host without knowing it's
    > address in
    > the first place?
    >
    > On Fri, May 16, 2008 at 1:09 PM, Jeroen Massar <>
    > wrote:
    >
    >> Hi folks,
    >>
    >> As everybody is a big fan of securing their networks against foreign
    >> attacks, be aware that the US DoD has been assigned 14 /22's, IPv6
    >> that
    >> is, not IPv4, they all come from a single IPv6 /13 though, which is
    >> what
    >> they apparently asked for in the beginning, at least that was the
    >> rumor,
    >> well they got what they wanted.
    >>
    >> I've recorded it into GRH as a single /13 though, as that is what
    >> it is,
    >> and I am not going to bother whois'ing and entering the 14 separate
    >> entries there, as that is useless, especially as they will most
    >> likely
    >> never appear in the global routing tables anyway.
    >>
    >> Depending on your love for the US, you might want to add special
    >> rules
    >> in your network to be able to easily detect Cyber Attacks and other
    >> such
    >> things towards that address space, to be able to better serve your
    >> country, may that be the US or any other country for that matter.
    >>
    >> I am of course wondering why ARIN gave 1 organization 14 separate /
    >> 22's,
    >> even though they are recorded exactly the same, just different
    >> prefixes
    >> and netnames and it is effectively one huge /13. They could easily
    >> have
    >> been recorded as that one /13, it is not like eg Canada (no other
    >> countries that fall under ARIN now is there) will get a couple of the
    >> chunks of remaining space in between there. By assigning them
    >> separate
    >> /22's, they effectively are stating that it is good to fragment the
    >> address space and by having them recorded in whois, also that
    >> announcing
    >> more specifics from that /13 is just fine.
    >>
    >> The other fun question is of course what a single organization has
    >> to do
    >> with (2^(48-13)=) 34.359.738.368, yes indeed, 34 billion /48's which
    >> cover 2.251.799.813.685.248 /64's which is a number that I can't even
    >> pronounce. According to Wikipedia the US only has a mere population
    >> of
    >> 304,080,000, that means that every US citizen can get a 1000+ /48's
    >> from
    >> their DoD, thus maybe every nuclear warhead and every bullet is
    >> getting
    >> their own /48 or something to be able to justify for that amount of
    >> address space. At least this gives the opportunity to hardcode that
    >> block out of hardware if you want to avoid it being ever used by the
    >> publicly known part of the US DoD. I wouldn't mind seeing the request
    >> form that can justify this amount of address space though, must be
    >> a lot
    >> of fun.
    >>
    >> Now back to your regular NANOG schedule....
    >>
    >> Greets,
    >> Jeroen
    >>
    >> (who will hide himself in a nice Swiss nuclear bunker till the flames
    >> are all gone ;)
    >>
    >> 1) http://en.wikipedia.org/wiki/United_States
    >> which points to: http://www.census.gov/population/www/popclockus.html
    >>
    >>
    >> _______________________________________________
    >> NANOG mailing list
    >>
    >> http://mailman.nanog.org/mailman/listinfo/nanog
    >>
    > _______________________________________________
    > NANOG mailing list
    >
    > http://mailman.nanog.org/mailman/listinfo/nanog
    >
    >
    >
    > _______________________________________________
    > NANOG mailing list
    >
    > http://mailman.nanog.org/mailman/listinfo/nanog
    >

    --
    Hope is not a strategy.
           --  Ben Treynor, Google
    _______________________________________________
    NANOG mailing list
    http://mailman.nanog.org/mailman/listinfo/nanog
    

  • Next message: Christopher Morrow: "Re: [NANOG] US DoD receives chunked IPv6 /13 (14x /22 but not totally consecutive)"





    Hosted Email Solutions

    Invaluement Anti-Spam DNSBLs



    Powered By FreeBSD   Powered By FreeBSD