I support this proposal.
...Skeeve
Skeeve Stevens - eintellego Networks Pty Ltd
skeeve at eintellegonetworks dot com ; www.eintellegonetworks.com
Phone: 1300 239 038; Cell +61 (0)414 753 383 ; skype://skeeve
facebook.com/eintellegonetworks ; linkedin.com/in/skeeve
twitter.com/theispguy ; blog: www.theispguy.com
The Experts Who The Experts Call
Juniper - Cisco - Cloud - Consulting - IPv4 Brokering
On Sun, Jan 26, 2014 at 12:21 PM, Andy Linton <asjl at lpnz dot org> wrote:
Dear SIG members
The proposal "prop-110v001: Designate 1.2.3.0/24 as Anycast to supportDNS Infrastructure" has been sent to the Policy SIG for review. It willbe presented at the Policy SIG at APNIC 37 in Petaling Jaya, Malaysia,on Thursday, 27 February 2014.
We invite you to review and comment on the proposal on the mailing listbefore the meeting.
The comment period on the mailing list before an APNIC meeting is animportant part of the policy development process. We encourage you toexpress your views on the proposal:
- Do you support or oppose this proposal?- Does this proposal solve a problem you are experiencing? If so,tell the community about your situation.- Do you see any disadvantages in this proposal?- Is there anything in the proposal that is not clear?- What changes could be made to this proposal to make it moreeffective?
Information about this policy proposals is available from:
Andy, Masato
------------------------------------------------------------------------prop-110v001: Designate 1.2.3.0/24 as Anycast to support DNSInfrastructure------------------------------------------------------------------------
Proposers: Dean Pemberton, dean at internetnz dot net dot nzGeoff Huston, gih at apnic dot net
1. Problem statement--------------------
Network 1 (1.0.0.0/8) was allocated to APNIC by the IANA on 19January 2010. In line with standard practice APNIC's Resource QualityAssurance activities determined that 95% of the address space wouldbe suitable for delegation as it was found to be relatively free ofunwanted traffic [1].
Testing, conducted by APNIC R&D found that certain blocks withinNetwork 1 attract significant amounts of unwanted traffic, primarilydue to its unauthorised use as private address space [2].
Analysis revealed that, prior to any delegations being made from theblock, 1.0.0.0/8 attracted an average of 140Mbps - 160Mbps ofunsolicited incoming traffic as a continuous sustained traffic level,with peak bursts of over 800Mbps.
The analysis highlighted individual addresses such as 1.2.3.4 withits covering /24 (identified as 1.2.3.0/24) remain in APNICquarantine and it is believed they will not be suitable for normaladdress distribution.
The proposal proposes the use of 1.2.3.0/24 in a context of locallyscoped infrastructure support for DNS resolvers.
2. Objective of policy change-----------------------------
As the addresses attract extremely high levels of unsolicitedincoming traffic, the block has been withheld from allocation andperiodically checked to determine if the incoming traffic profile hasaltered. None has been observed to date. After four years, it nowseems unlikely there will ever be any change in the incoming trafficprofile.
The objective of this proposal is to permit the use 1.2.3.0/24 as aanycast addresses to be used in context of scoped routing to supportthe deployment of DNS resolvers. It is noted that as long asproviders who use this address use basic route scope limitations, theside effect of large volumes of unsolicited incoming traffic wouldbe, to some extent mitigated down to manageable levels.
3. Situation in other regions-----------------------------
Improper use of this address space is a globally common issue. Howeverthe block is delegated only APNIC and so therefor, no other RIR hasequivalent policy to deal with the situation.
4. Proposed policy solution---------------------------
This proposal recommends that the APNIC community agree to assign1.2.3.0/24 to the APNIC Secretariat, to be managed as a commonanycast address to support DNS infrastructure deployment
Any party who applies to APNIC to use this address block on anon-exclusive basis to number their DNS resolver will receive aSigned Letter of Authority to permit their Autonomous System tooriginate a route for 1.2.3.0/24, and APNIC will also publish a RPKIROA designating the AS as being permitted to originate a route. ThisROA shall be valid until APNIC is advised otherwise by the AS holder.
5. Advantages / Disadvantages-----------------------------
Advantages
- It will make use of this otherwise unusable address space.- DNS operators will have an easy-to-remember address they can use tocommunicate with their users (e.g. configure "1.2.3.4" as your DNSresolver")
Disadvantages
- The address attracts a large volume of unsolicited incomingtraffic, and leakage of an anycast advertisement outside of alimited local scope may impact on the integrity of the DNS servicelocated at the point associated with the scope leakage. Someoperators with high capacity infrastructure may see this as anegligible issue.
6. Impact on APNIC------------------
Although this space will no longer be available for use by a singleAPNIC/NIR account holder, the proposal would result in benefit forall APNIC community members, as well as the communities in otherregions.
There is the need to set up an administrative process in thereception of applications to use the address block, and in themaintenance of a set of ROAs associated with these applications
References----------
[1] Resource Quality Good for Most of IPv4 Network “1”
[2] Traffic in Network 1.0.0.0/8
* sig-policy: APNIC SIG on resource management policy *
_______________________________________________
sig-policy mailing list
sig-policy at lists dot apnic dot net
http://mailman.apnic.net/mailman/listinfo/sig-policy