nanog mailing list archives
Re: DNS DOS increasing?
From: "E.B. Dreger" <eddy+public+spam () noc everquick net>
Date: Tue, 22 Jan 2002 01:26:08 +0000 (GMT)
Date: Mon, 21 Jan 2002 18:50:07 -0500 (EST) From: Stephen Griffin <stephen.griffin () rcn com>
With the added benefit of not increasing the routing table size. The downfall is (potentially) increased address consumption (perhaps mitigated in that small entities doubling a /28 is still better than lying cheating and stealing for a "large" PI or PA block).
Let's pretend for a moment that all IPv4 space is unallocated. Clean slate. We have room for ~ 2^16 ASNs and ~ 0.7*2^32 addresses. This works out to a bit under a /16 per ASN on average, assuming that we use all ASNs. Considering that we're running out of IP space faster than ASNs (even after discounting wasteful 4/8-, 12/8-, 38/8-, etc.-style allocations), I think that this is conservative. Let's also carve up IP space similar to the original classful method, specifying a "natural" granularity... say /10 for 1/8 through 8/8, on to /28 for 223/8. If SMD can singelhandedly (or close to it) define the top of swamp space, surely a group can similarly devise an allocation policy and filtering BCP. ;-) When one needs IP space, one receives a "natural" size subnet with room for growth. e.g., perhaps I would get 223.0.0.0/28, with the rest of 223.0.0.0/26 reserved to "grow into". If I'm growing slowly enough, then 223.0.0.32/27 might be allocated to someone else. If I need no more space, perhaps even 223.0.0.16/28 will belong to another. Contiguous blocks are friendlier on the routing table. Imagine for a moment that each ASN needed one and only one subnet. Yes, I know that this means coarser granularity and more waste... but two or three subnets would give more flexibility and still yield a far kinder, gentler table. (When one hits, say, five subnets, perhaps one would have to renumber two or three into a shorter prefix within a year.) Granularity grouping means that providers can filter based on subnet length without anyone getting upset. I'd not be so bothered by Verio-style filtering if it didn't plonk so many IMHEDO[1]-valid routes. [1] In My Humble Edge-Dwelling Opinion I think that we can have conservative IP allocation and reasonable routing tables if space is administered differently. People will attempt to hoard any valuable resource... less valuable, less hoarding. Better auditing, less hoarding. You want new space, you justify your old -- including legacy /8 blocks. Yes, I know that this is all a bit idealistic. But I don't think it's so idealistic that none can creep into reality. (Then again, look at the rate at which swamp space has been returned since the introduction of CIDR...) Eddy --------------------------------------------------------------------------- Brotsman & Dreger, Inc. - EverQuick Internet Division Phone: +1 (316) 794-8922 Wichita/(Inter)national Phone: +1 (785) 865-5885 Lawrence --------------------------------------------------------------------------- Date: Mon, 21 May 2001 11:23:58 +0000 (GMT) From: A Trap <blacklist () brics com> To: blacklist () brics com Subject: Please ignore this portion of my mail signature. These last few lines are a trap for address-harvesting spambots. Do NOT send mail to <blacklist () brics com>, or you are likely to be blocked.
Current thread:
- Re: DNS DOS increasing?, (continued)
- Re: DNS DOS increasing? Avleen Vig (Jan 20)
- Re: DNS DOS increasing? Alex Kamantauskas (Jan 21)
- RE: DNS DOS increasing? James Smith (Jan 21)
- RE: DNS DOS increasing? E.B. Dreger (Jan 21)
- Re: DNS DOS increasing? Joel Baker (Jan 21)
- Re: DNS DOS increasing? E.B. Dreger (Jan 21)
- RE: DNS DOS increasing? E.B. Dreger (Jan 21)
- Re: DNS DOS increasing? Avleen Vig (Jan 20)
- RE: DNS DOS increasing? Karyn Ulriksen (Jan 21)
- Re: DNS DOS increasing? Rob Evans (Jan 21)
- RE: DNS DOS increasing? James Smith (Jan 21)
- Re: DNS DOS increasing? Stephen Griffin (Jan 21)
- Re: DNS DOS increasing? E.B. Dreger (Jan 21)
- Re: DNS DOS increasing? Stephen Griffin (Jan 21)
- Re: DNS DOS increasing? Miquel van Smoorenburg (Jan 21)
- Re: DNS DOS increasing? just me (Jan 21)
- Re: DNS DOS increasing? E.B. Dreger (Jan 21)
- Re: DNS DOS increasing? just me (Jan 21)
- RE: DNS DOS increasing? Curtis Maurand (Jan 21)
- RE: DNS DOS increasing? Curtis Maurand (Jan 21)
- RE: DNS DOS increasing? James Smith (Jan 22)