[AusNOG] another ipv6 Q

Jeroen Massar jeroen at massar.ch
Fri Jul 4 01:21:40 EST 2014 

On 2014-07-03 03:20, Mark Newton wrote:
> 
> On Jul 3, 2014, at 4:48 PM, Jeroen Massar <jeroen at massar.ch
> <mailto:jeroen at massar.ch>> wrote:
> 
>> On 2014-07-03 02:36, Mark Newton wrote:
>>> Nope, complete bullshit.  I’m yet to find an ISP who isn’t
>>> comfortable with any announcement down to /56.  My /48 subnet is
>>> working just fine, thank you very much.
>>
>> Which /48 is that? Is that out of a PA or a PI block? As the latter is
>> fine, the former will nicely be filtered in a LOT of locations.
> 
> It’s a /48 out of someone else’s PI /32.

There is no such thing as a "PI /32". Please read the APNIC
documentation and the previous links given in this thread.


>> As for /56s (and even /64) announcements, they only leak through
>> "transits" that want to up their prefix count... everybody else nicely
>> filters them out as they do not belong in BGP.
> 
> sixxs isn’t “everybody else.”

SixXS PoPs use various networks around the world, it is not "everybody
else", but quite a representative set of hosts.

Hence, indeed, it is VERY easy for me to do a traceroute6 and other
useful diagnostics from a very diversified set of networks. Quite a few
of those return the same result I showed below.


GRH (https://www.sixxs.net/tools/grh/) peers with a LOT of networks
around the world. It very clearly shows the state of BGP and how things
are filtered.

You can also verify this with RIS (http://ris.ripe.net) if you want a
separate source though. And there are more tools like that.



>> Nope, b0rked. Amazing that BGP made that one make it to Sydney.
> 
> Seems to be working pretty well to me, mate. Maybe you aren’t
> interpreting the output
> of your tools correctly.

Take a guess what happens after having been playing the "debug IPv6"
game for a long long time....


>   - mark
> 
>>  traceroute6 -s 2406:c500:fffd:0:201:c0ff:fe0d:ced2 www.sixxs.net
> <http://www.sixxs.net>
> traceroute6: Warning: nginx.sixxs.net <http://nginx.sixxs.net> has
> multiple addresses; using 2001:4830:e6:7::2

Did I state I traced from one of the, currently 3, hosts that host
www.sixxs.net?

That you are able to reach some destinations is likely. As I stated,
there are "transits" that do not filter to be able to bump their prefix
count.

Thus indeed, when you are lucky it works. But there are many examples
where it does not.


Note that I am not telling you (SAGE, the rest of the list) this so that
you feel bad or something. I am telling you this as it hurts your
connectivity and their are proper solutions to the problems you are having.

Greets,
 Jeroen

More information about the AusNOG mailing list