Dear SIG membersA new version of the proposal "prop-110: Designate 1.2.3.0/24 as Anycastto support DNS Infrastructure" has been sent to the Policy SIG for review.Information about earlier versions is available from:You are encouraged to express your views on the proposal:- Do you support or oppose this proposal?- Is there anything in the proposal that is not clear?- What changes could be made to this proposal to make it more effective?Regards,Masato------------------------------------------------------------------------prop-110v002: Designate 1.2.3.0/24 as Anycast to support DNSInfrastructure------------------------------------------------------------------------Proposers: Dean Pemberton, dean at internetnz dot net dot nzGeoff Huston, gih at apnic dot net1. Problem statement--------------------Network 1 (1.0.0.0/8) was allocated to APNIC by the IANA on 19January 2010. In line with standard practice APNIC's Resource QualityAssurance activities determined that 95% of the address space wouldbe suitable for delegation as it was found to be relatively free ofunwanted traffic [1].Testing, conducted by APNIC R&D found that certain blocks withinNetwork 1 attract significant amounts of unwanted traffic, primarilydue to its unauthorised use as private address space [2].Analysis revealed that, prior to any delegations being made from theblock, 1.0.0.0/8 attracted an average of 140Mbps - 160Mbps ofunsolicited incoming traffic as a continuous sustained traffic level,with peak bursts of over 800Mbps.The analysis highlighted individual addresses such as 1.2.3.4 withits covering /24 (identified as 1.2.3.0/24) remain in APNICquarantine and it is believed they will not be suitable for normaladdress distribution.The proposal proposes the use of 1.2.3.0/24 in a context of locallyscoped infrastructure support for DNS resolvers.2. Objective of policy change-----------------------------As the addresses attract extremely high levels of unsolicitedincoming traffic, the block has been withheld from allocation andperiodically checked to determine if the incoming traffic profile hasaltered. None has been observed to date. After four years, it nowseems unlikely there will ever be any change in the incoming trafficprofile.The objective of this proposal is to permit the use 1.2.3.0/24 as aanycast addresses to be used in context of scoped routing to supportthe deployment of DNS resolvers. It is noted that as long asproviders who use this address use basic route scope limitations, theside effect of large volumes of unsolicited incoming traffic wouldbe, to some extent mitigated down to manageable levels.3. Situation in other regions-----------------------------Improper use of this address space is a globally common issue.However the block is delegated only APNIC and so therefor, no otherRIR has equivalent policy to deal with the situation.4. Proposed policy solution---------------------------This proposal recommends that the APNIC community agree to assign1.2.3.0/24 to the APNIC Secretariat for use in the context of locallyscoped infrastructure support for DNS resolvers.At some future point there is nothing restricting an RFC beingwritten to include this prefix into the special-purpose IPv4registry. However, at this time it is considered sufficient for theAPNIC community to designate this prefix to be managed as a commonanycast address for locally scoped infrastructure support for DNSresolvers.5. Advantages / Disadvantages-----------------------------Advantages- It will make use of this otherwise unusable address space.- DNS operators will have an easy-to-remember address they can use tocommunicate with their users (e.g. configure "1.2.3.4" as your DNSresolver")Disadvantages- The address attracts a large volume of unsolicited incomingtraffic, and leakage of an anycast advertisement outside of alimited local scope may impact on the integrity of the DNS servicelocated at the point associated with the scope leakage. Someoperators with high capacity infrastructure may see this as anegligible issue.6. Impact on APNIC------------------Although this space will no longer be available for use by a singleAPNIC/NIR account holder, the proposal would result in benefit forall APNIC community members, as well as the communities in otherregions.References----------[1] Resource Quality Good for Most of IPv4 Network "1"[2] Traffic in Network 1.0.0.0/8
* sig-policy: APNIC SIG on resource management policy *
_______________________________________________
sig-policy mailing list
sig-policy at lists dot apnic dot net
http://mailman.apnic.net/mailman/listinfo/sig-policy