Re: scope of the 69/8 problem

[bdragon]

This discussion falls into a pattern we've seen before:

1) Operators doing the right thing experience a problem created by
operators doing the wrong thing.
2) It is not possible to isolate the pain to only the operators
doing the wrong thing.
3) The only way to solve the problem is to raise the level of pain across
the board so as to force those ultimately causeing the pain to
self-marginalize.
4) No one is willing to accept any pain they don't absolutely _have_ to
even if it would save them pain in the future
5) Therefore the islands of pain remain indefinately, but as long as
I'm not affected, I don't care.

The above can be applied to:
1) filtering of 69/8
2) excessive deaggregation of routes
3) RPF
4) Use of RFC1918 in ways which violate RFC1918 (packets crossing
enterprise boundaries)
5) Actually using .0 and .255 for networks with masks which allow
this.
6) IPv6
7) Multicast
8) etc

To bring back around to the issue of 69/8, yes, the only way to
solve the problem is to bring a set of important things into that
network. No one who controls any important thing would actually
do such a thing. So those folks in 69/8 will likely go out of business,
or find ways around their problem which will likely involve other
bad operator activity, continuing to advance our problems indefinately
and in new and interesting ways.

Re: scope of the 69/8 problem

[Stephen Sprunk]

Thus spake E.B. Dreger [EMAIL PROTECTED]
 If the roots and gTLDs are truly unwilling to help, and a handful
 of entities can't cooperate, I have serious concerns why they
 have been handed responsibility for such a critical piece of
 infrastructure.  I'd expect it's too hard to be a good netizen
 whining on other lists... but NANOG?  Roots and TLDs?

 Perhaps this is an omen of the Internet yet to come.  Oh joy.

Come on, you're asking the root and/or TLD operators to renumber their
servers -- not a trivial task -- every few months to intentionally disable
their own service for what amounts to an academic experience.

These folks are in the business of running a critical system that requires
100% uptime for hundreds of millions of users, and they do a damned good
job.  Let them do it in peace, and find some other must have service (like
porn) to put in 69/8.

S

Stephen Sprunk God does not play dice.  --Albert Einstein
CCIE #3723 God is an inveterate gambler, and He throws the
K5SSSdice at every possible opportunity. --Stephen Hawking

Re: scope of the 69/8 problem

[jlewis]

On Tue, 11 Mar 2003, Stephen Sprunk wrote:

 Come on, you're asking the root and/or TLD operators to renumber their
 servers -- not a trivial task -- every few months to intentionally disable
 their own service for what amounts to an academic experience.

Not for academic experience, but to encourage people to fix their broken 
filters.  And while renumbering a large network might be non-trivial, 
changing the IP or adding an IP alias on 13 individual servers should be 
a trivial operation.

 These folks are in the business of running a critical system that requires
 100% uptime for hundreds of millions of users, and they do a damned good
 job.  Let them do it in peace, and find some other must have service (like
 porn) to put in 69/8.

100% uptime for the service, not for each individual server.

So now the 69/8 holders, in addition to driving a campaign to get others 
to fix their networks, should offer free hosting to porn sites?  How about 
free hosting for spamvertized sites?...oh wait, that might make the 
problem worse :)
 
--
 Jon Lewis [EMAIL PROTECTED]|  I route
 System Administrator|  therefore you are
 Atlantic Net|  
_ http://www.lewis.org/~jlewis/pgp for PGP public key_

RE: scope of the 69/8 problem

[Cutler, James R]

RE:  If the roots and gTLDs are truly unwilling to help...

The cost of installing entirely new root hints files on every
Internet-attached name server around the world is ridiculously large.  It
has nothing to do with willing.

Perhaps, if the problem were defined in proper terms, and a solution
involving moving, for example, .net or .org to the blackballed space were
made to the registry/DNS owners, a discussion of real possible events could
ensue.  

In the meantime, most of the discussion in this thread is wasted time and
going to the wrong targets.

-
James R. Cutler,  EDS
800 Tower Drive, Troy, MI 48098
1 248 265 7514
[EMAIL PROTECTED]


-Original Message-
From: E.B. Dreger [mailto:[EMAIL PROTECTED] 
Sent: 2003-03-10, Monday 6:23 PM
To: [EMAIL PROTECTED]
Subject: scope of the 69/8 problem



FS Date: Mon, 10 Mar 2003 17:41:56 -0500
FS From: Frank Scalzo


FS Moving all root-servers WOULD fix the problem. Although I doubt 
FS anyone is really going to be willing to make the news by causing 
FS that much of an outage.

I'm eager to see stats indicating how large the problem is.  If the problem
is this severe, it seems all the more wrong to let innocent third parties
suffer due to what IP space was bestowed upon them.

If the roots and gTLDs are truly unwilling to help, and a handful of
entities can't cooperate, I have serious concerns why they have been handed
responsibility for such a critical piece of infrastructure.  I'd expect
it's too hard to be a good netizen whining on other lists... but NANOG?
Roots and TLDs?

Perhaps this is an omen of the Internet yet to come.  Oh joy.


Eddy
--
Brotsman  Dreger, Inc. - EverQuick Internet Division Bandwidth, consulting,
e-commerce, hosting, and network building
Phone: +1 (785) 865-5885 Lawrence and [inter]national
Phone: +1 (316) 794-8922 Wichita

~
Date: Mon, 21 May 2001 11:23:58 + (GMT)
From: A Trap [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Please ignore this portion of my mail signature.

These last few lines are a trap for address-harvesting spambots. Do NOT send
mail to [EMAIL PROTECTED], or you are likely to be blocked.

RE: scope of the 69/8 problem

[E.B. Dreger]

CJR Date: Mon, 10 Mar 2003 18:58:29 -0500
CJR From: Cutler, James R


CJR The cost of installing entirely new root hints files on
CJR every Internet-attached name server around the world is
CJR ridiculously large.  It has nothing to do with willing.

The cost of having 69/8 space is said to be ridiculously large,
and falls on the unfortunate recipients.  Both the root zone and
hints are PGP-signed; transfer could be automated.

I found the check/update root hints citation with a bit of
Google... the grasshopper book, 4th edition, page 157.  So it's
not an RFC, but rather a recommendation.


CJR Perhaps, if the problem were defined in proper terms, and a

I thought it had been.


CJR solution involving moving, for example, .net or .org to the
CJR blackballed space were made to the registry/DNS owners, a
CJR discussion of real possible events could ensue.

Yes.

This has been suggested.  Granted, little distinction has been
made between root/TLD.  The TLDs would be much easier to
implement than the roots.


CJR In the meantime, most of the discussion in this thread is
CJR wasted time and going to the wrong targets.

Perhaps.  ARIN, root operators, gTLD ops, IANA members, etc. are
known to read NANOG.  Of course, more direct lists exist...


Last post from me on this.


Eddy
--
Brotsman  Dreger, Inc. - EverQuick Internet Division
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 (785) 865-5885 Lawrence and [inter]national
Phone: +1 (316) 794-8922 Wichita

~
Date: Mon, 21 May 2001 11:23:58 + (GMT)
From: A Trap [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Please ignore this portion of my mail signature.

These last few lines are a trap for address-harvesting spambots.
Do NOT send mail to [EMAIL PROTECTED], or you are likely to
be blocked.