Mailing List Archive

Streams Transport and PIP.

Good grief. V7 was Robert Ullman’s CATNIP. He wanted to sell hardware to everyone, and V7 was the interchange protocol between IPv4, IPX, and CLNS.

Sent using a machine that autocorrects in interesting ways...

> On Feb 15, 2021, at 12:41 PM, Valdis Kl?tnieks <valdis.kletnieks@vt.edu> wrote:
>
> ?On Mon, 15 Feb 2021 10:51:51 -0800, Sabri Berisha said:
>
>> Well, considering this RIPE article that talked about IPv7 already..
>>
>> https://lists.ripe.net/pipermail/ripe-org-closed/1993/msg00024.html
>
> Bonus points for those who remember/know where v5 and v8 were from :)

V5 was

V8!  heh ... wow hadn't thought of that for a while ...

On 2/15/2021 3:39 PM, Valdis Kl?tnieks wrote:
> On Mon, 15 Feb 2021 10:51:51 -0800, Sabri Berisha said:
>
>> Well, considering this RIPE article that talked about IPv7 already..
>>
>> https://lists.ripe.net/pipermail/ripe-org-closed/1993/msg00024.html
> Bonus points for those who remember/know where v5 and v8 were from :)

On Mon, Feb 15, 2021 at 9:36 PM Joe Loiacono <jloiacon@gmail.com> wrote:

> V8! heh ... wow hadn't thought of that for a while ...

... Slaps forehead and says: "Wow, I could've had a V8!"

1993 matches my recollections as well.

Network Working Group S. Bradner
Internet draft Harvard University
A. Mankin
NRL
September 1994



The Recommendation for the IP Next Generation Protocol


<draft-ipng-recommendation-00.txt>



> On 16 Feb 2021, at 04:28, Mel Beckman <mel@beckman.org> wrote:
>
> LOL! Well, Mike says “definitely at least 1993”, whereas Wikipedia itself says that Wikipedia cannot be trusted. Mike, to my knowledge, has never admitted being wrong. So I’m going with Mike :)
>
> I think it was Al Gore who first proposed IPv6, right Mike? :)
>
> -mel beckman
>
>> On Feb 15, 2021, at 6:36 AM, Kenneth J. Dupuis <ken@kjtd.net> wrote:
>>
>> ?
>> 1995? https://en.m.wikipedia.org/wiki/IPv6
>>
>> On Feb 11, 2021 8:51 PM, Michael Thomas <mike@mtcc.com> wrote:
>>
>> On 2/11/21 5:41 PM, Izaac wrote:
>> >
>> >> IPv6 restores that ability and RFC-1918 is a bandaid for an obsolete protocol.
>> > So, in your mind, IPv4 was "obsolete" in 1996 -- almost three years
>> > before IPv6 was even specified? Fascinating. I could be in no way
>> > mistaken for an IPv4/NAT apologist, but that one's new on me.
>>
>> ipv6 was on my radar in the early 90's. it was definitely at least 1993,
>> maybe earlier.
>>
>> Mike
>>
>>

--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka@isc.org

> it?s unclear if there?s been any systematic look-back or institutional
> learning coming out of the entire experience.

i am always impressed by optimism in the face of cold reality

In my humble but correct opinion one of the things which sabotages
these efforts is an aversion to any solution which doesn't feel like
it would work quickly and decisively (ask Bezos to offer a discount to
anyone using IPv6 to order on Amazon???)

I remember back in ~2003 on the Anti-Spam Research Group some
interesting ideas* being shot down because that would take ten years
to deploy! 2003.

And here we are about 25 years into IPv6 still looking for that silver
bullet.

What might be more useful would be forming some sort of group with the
understanding that they might produce a ten year or longer timeline of
steps which might more fully deploy IPv6.

* In all honesty they weren't all that interesting. But for example
"we need to respecify SMTP to stop spam!" had a half-life of about 60
minutes dying on the rebuttal that even if you did that it would take
TEN YEARS to get wide adoption of an SMTP replacement. I never saw how
such proposals would help with spam but ok perhaps they were
discouraged by the rebuts.

--
-Barry Shein

Software Tool & Die | bzs@TheWorld.com | http://www.TheWorld.com
Purveyors to the Trade | Voice: +1 617-STD-WRLD | 800-THE-WRLD
The World: Since 1989 | A Public Information Utility | *oo*

On 2/13/21 18:24, Mark Foster wrote:

> So the business case will be the 'killer app' or perhaps 'killer service' that's IPv6-only and that'll provide a business reason.
>
> But chicken and egg.. who wants to run a service that's IPv6-only and miss out on such a big userbase?

Am I the only one who remembers "The Great IPv6 Experiment" from way
back in 2007?

--
Jay Hennigan - jay@west.net
Network Engineering - CCIE #7880
503 897-8550 - WB6RDV

I remember. And I have the HE.net Guru Badge to prove it :)

And don’t forget the World IPv6 Launch in 2012.

IPv6. The protocol of the future, and always will be :)


-mel via cell

> On Feb 26, 2021, at 3:49 PM, Jay Hennigan <jay@west.net> wrote:
>
> ?On 2/13/21 18:24, Mark Foster wrote:
>
>> So the business case will be the 'killer app' or perhaps 'killer service' that's IPv6-only and that'll provide a business reason.
>> But chicken and egg.. who wants to run a service that's IPv6-only and miss out on such a big userbase?
>
> Am I the only one who remembers "The Great IPv6 Experiment" from way back in 2007?
>
> --
> Jay Hennigan - jay@west.net
> Network Engineering - CCIE #7880
> 503 897-8550 - WB6RDV

> On Feb 26, 2021, at 7:50 PM, Mel Beckman <mel@beckman.org> wrote:
>
> IPv6. The protocol of the future, and always will be :)

“Why be part of the solution when there’s good money to be made in prolonging the problem?”

Two questions...

1. How many on this list already have dual-stack or IPv6 only in operation?

2. If you are running IPv4 only, and a major service was to switch to IPv6
only,..
a. How fast would you move to a dual-stack of IPv6 only?
b. What would it impact your customers?
c. How would it impact your business?

Joe Klein

"inveniet viam, aut faciet" --- Seneca's Hercules Furens (Act II, Scene 1)
"*I skate to where the puck is going to be, not to where it has been."
-- *Wayne
Gretzky
"I never lose. I either win or learn" - Nelson Mandela


On Thu, Feb 11, 2021 at 12:56 PM William Herrin <bill@herrin.us> wrote:

> On Thu, Feb 11, 2021 at 6:13 AM Izaac <izaac@setec.org> wrote:
> > On Wed, Feb 10, 2021 at 10:38:00AM -0800, William Herrin wrote:
> > > None whatsoever. You just have to be really big.
> >
> > Hi Beel,
>
> That was unnecessary. Sorry I used an S instead of a Z.
>
> > Thanks for backing me up with an example of an organization with
> > competent network engineering. Their ability to almost infinitely
> > leverage the existing rfc1918 address space to serve an appreciable
> > fraction of all Internet attached hosts is a real demonstration of the
> > possible.
>
> Except they don't. One of the reasons you can't put vms in multiple
> regions into the same VPC is they don't have enough IP addresses to
> uniquely address the backend hosts in every region. They end up with a
> squirrelly VPC peering thing they relies on multiple gateway hosts to
> overcome the address partitioning from overlapping RFC1918.
>
> In other words, it proves the exact opposite of your assertion.
>
> Regards,
> Bill Herrin
>
>
>
> --
> William Herrin
> bill@herrin.us
> https://bill.herrin.us/
>

On Thu, Mar 11, 2021 at 10:54 AM j k <jsklein@gmail.com> wrote:
>
> Two questions...
>
> 1. How many on this list already have dual-stack or IPv6 only in operation?

we're coming up on the 10yr anniversary of 'world ipv6 day'.. so I
would HOPE 'lots' :)
probably that's not entirely a good 'hope' :(

> 2. If you are running IPv4 only, and a major service was to switch to IPv6 only,..
> a. How fast would you move to a dual-stack of IPv6 only?
> b. What would it impact your customers?
> c. How would it impact your business?
>

This is REALY now a days: "people will learn when they get bit"
much like 'gosh, password is not a great password, who knew?'
or: "well, who needs windows updates anyway?"

evangelizing ipv6 is... not worth the effort :( because if you didn't
get them memo over the last 10yrs
you are verizon and you are not changing stance until something
significant enough bites you.
(yearly email about verizon residential service and lack of ipv6 support.. )

As noted - https://www.washingtonpost.com/technology/2021/04/24/pentagon-internet-address-mystery/#click=https://t.co/mVh26yBq9G

FYI,
/John

John Curran
President and CEO
American Registry for Internet Numbers

On Jan 20, 2021, at 8:35 AM, John Curran <jcurran@istaff.org> wrote:

?
Tom –

Most definitely: lack of routing history is not at all a reliable indicator of the potential for valid routing of a given IPv4 block in the future, so best practice suggest that allocated address space should not be blocked by others without specific cause.

Doing otherwise opens one up to unexpected surprises when issued space suddenly becomes more active in routing and is yet is inexplicably unreachable for some destinations.

/John

On Nov 5, 2019, at 10:38 AM, Tom Beecher <beecher@beecher.cc> wrote:


Using the generally accepted definition of a bogon ( RFC 1918 / 5735 / 6598 + netblock not allocated by an RiR ), 22/8 is not a bogon and shouldn't be treated as one.

The DoD does not announce it to the DFZ, as is their choice, but nothing says they may not change that position tomorrow. There are plenty of subnets out there that are properly allocated by an RiR, but the assignees do not send them to the DFZ because of $reasons.

In my opinion, creating bogon lists that include allocated but not advertised prefixes is poor practice that is likely to end up biting an operator at one point or another.

On Tue, Nov 5, 2019 at 9:45 AM Töma Gavrichenkov <ximaera@gmail.com<mailto:ximaera@gmail.com>> wrote:
Peace,

On Tue, Nov 5, 2019, 4:55 PM David Conrad <drc@virtualized.org<mailto:drc@virtualized.org>> wrote:
> On Nov 4, 2019, at 10:56 PM, Grant Taylor via NANOG <nanog@nanog.org<mailto:nanog@nanog.org>> wrote:
>> This thread got me to wondering, is there any
>> legitimate reason to see 22/8 on the public
>> Internet? Or would it be okay to treat 22/8
>> like a Bogon and drop it at the network edge?
>
> Given the transfer market for IPv4 addresses,
> the spot price for IPv4 addresses, and the need
> of even governments to find “free” (as in
> unconstrained) money, I’d think treating any
> legacy /8 as a bogon would not be prudent.

It has been said before in this thread that the DoD actively uses this
network internally. I believe if the DoD were to cut costs, they
would be able to do it much more effectively in many other areas, and
their IPv4 networks would be about the last thing they would think of
(along with switching off ACs Bernard Ebbers-style). With that in
mind, treating the DoD networks as bogons now makes total sense to me.

--
Töma

This doesn’t sound good, no matter how you slice it. The lack of transparency with a civilian resource is troubling at a minimum. I’m going to bogon this space as a defensive measure, until its real — and detailed — purpose can be known. The secret places of our government have proven themselves untrustworthy in the protection of citizens’ data and networks. They tend to think they know “what’s good for” us.

-mel

On Apr 24, 2021, at 8:05 AM, John Curran <jcurran@arin.net> wrote:

?
As noted - https://www.washingtonpost.com/technology/2021/04/24/pentagon-internet-address-mystery/#click=https://t.co/mVh26yBq9G

FYI,
/John

John Curran
President and CEO
American Registry for Internet Numbers

On Jan 20, 2021, at 8:35 AM, John Curran <jcurran@istaff.org> wrote:

?
Tom –

Most definitely: lack of routing history is not at all a reliable indicator of the potential for valid routing of a given IPv4 block in the future, so best practice suggest that allocated address space should not be blocked by others without specific cause.

Doing otherwise opens one up to unexpected surprises when issued space suddenly becomes more active in routing and is yet is inexplicably unreachable for some destinations.

/John

On Nov 5, 2019, at 10:38 AM, Tom Beecher <beecher@beecher.cc> wrote:


Using the generally accepted definition of a bogon ( RFC 1918 / 5735 / 6598 + netblock not allocated by an RiR ), 22/8 is not a bogon and shouldn't be treated as one.

The DoD does not announce it to the DFZ, as is their choice, but nothing says they may not change that position tomorrow. There are plenty of subnets out there that are properly allocated by an RiR, but the assignees do not send them to the DFZ because of $reasons.

In my opinion, creating bogon lists that include allocated but not advertised prefixes is poor practice that is likely to end up biting an operator at one point or another.

On Tue, Nov 5, 2019 at 9:45 AM Töma Gavrichenkov <ximaera@gmail.com<mailto:ximaera@gmail.com>> wrote:
Peace,

On Tue, Nov 5, 2019, 4:55 PM David Conrad <drc@virtualized.org<mailto:drc@virtualized.org>> wrote:
> On Nov 4, 2019, at 10:56 PM, Grant Taylor via NANOG <nanog@nanog.org<mailto:nanog@nanog.org>> wrote:
>> This thread got me to wondering, is there any
>> legitimate reason to see 22/8 on the public
>> Internet? Or would it be okay to treat 22/8
>> like a Bogon and drop it at the network edge?
>
> Given the transfer market for IPv4 addresses,
> the spot price for IPv4 addresses, and the need
> of even governments to find “free” (as in
> unconstrained) money, I’d think treating any
> legacy /8 as a bogon would not be prudent.

It has been said before in this thread that the DoD actively uses this
network internally. I believe if the DoD were to cut costs, they
would be able to do it much more effectively in many other areas, and
their IPv4 networks would be about the last thing they would think of
(along with switching off ACs Bernard Ebbers-style). With that in
mind, treating the DoD networks as bogons now makes total sense to me.

--
Töma

Huh?




-----
Mike Hammett
Intelligent Computing Solutions

Midwest Internet Exchange

The Brothers WISP

----- Original Message -----

From: "Mel Beckman" <mel@beckman.org>
To: "John Curran" <jcurran@arin.net>
Cc: nanog@nanog.org
Sent: Saturday, April 24, 2021 10:24:45 AM
Subject: Re: DoD IP Space

This doesn’t sound good, no matter how you slice it. The lack of transparency with a civilian resource is troubling at a minimum. I’m going to bogon this space as a defensive measure, until its real — and detailed — purpose can be known. The secret places of our government have proven themselves untrustworthy in the protection of citizens’ data and networks. They tend to think they know “what’s good for” us.


-mel



On Apr 24, 2021, at 8:05 AM, John Curran <jcurran@arin.net> wrote:




<blockquote>


As noted - https://www.washingtonpost.com/technology/2021/04/24/pentagon-internet-address-mystery/#click=https://t.co/mVh26yBq9G


FYI,
/John


John Curran
President and CEO
American Registry for Internet Numbers


<blockquote>
On Jan 20, 2021, at 8:35 AM, John Curran <jcurran@istaff.org> wrote:


</blockquote>

<blockquote>


Tom –


Most definitely: lack of routing history is not at all a reliable indicator of the potential for valid routing of a given IPv4 block in the future, so best practice suggest that allocated address space should not be blocked by others without specific cause.


Doing otherwise opens one up to unexpected surprises when issued space suddenly becomes more active in routing and is yet is inexplicably unreachable for some destinations.


/John


<blockquote>
On Nov 5, 2019, at 10:38 AM, Tom Beecher <beecher@beecher.cc> wrote:


</blockquote>

<blockquote>




Using the generally accepted definition of a bogon ( RFC 1918 / 5735 / 6598 + netblock not allocated by an RiR ), 22/8 is not a bogon and shouldn't be treated as one.



The DoD does not announce it to the DFZ, as is their choice, but nothing says they may not change that position tomorrow. There are plenty of subnets out there that are properly allocated by an RiR, but the assignees do not send them to the DFZ because of $reasons.


In my opinion, creating bogon lists that include allocated but not advertised prefixes is poor practice that is likely to end up biting an operator at one point or another.


On Tue, Nov 5, 2019 at 9:45 AM Töma Gavrichenkov < ximaera@gmail.com > wrote:

<blockquote>
Peace,

On Tue, Nov 5, 2019, 4:55 PM David Conrad < drc@virtualized.org > wrote:
> On Nov 4, 2019, at 10:56 PM, Grant Taylor via NANOG < nanog@nanog.org > wrote:
>> This thread got me to wondering, is there any
>> legitimate reason to see 22/8 on the public
>> Internet? Or would it be okay to treat 22/8
>> like a Bogon and drop it at the network edge?
>
> Given the transfer market for IPv4 addresses,
> the spot price for IPv4 addresses, and the need
> of even governments to find “free” (as in
> unconstrained) money, I’d think treating any
> legacy /8 as a bogon would not be prudent.

It has been said before in this thread that the DoD actively uses this
network internally. I believe if the DoD were to cut costs, they
would be able to do it much more effectively in many other areas, and
their IPv4 networks would be about the last thing they would think of
(along with switching off ACs Bernard Ebbers-style). With that in
mind, treating the DoD networks as bogons now makes total sense to me.

--
Töma

</blockquote>

</blockquote>

</blockquote>

</blockquote>

I will not permit traffic into my network whose proven-malicious IP space owner is devious about its purpose. You can, if you want.

-mel

On Apr 24, 2021, at 8:28 AM, Mike Hammett <nanog@ics-il.net> wrote:

?
Huh?



-----
Mike Hammett
Intelligent Computing Solutions<http://www.ics-il.com/>
[http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/ICSIL>[http://www.ics-il.com/images/googleicon.png]<https://plus.google.com/+IntelligentComputingSolutionsDeKalb>[http://www.ics-il.com/images/linkedinicon.png]<https://www.linkedin.com/company/intelligent-computing-solutions>[http://www.ics-il.com/images/twittericon.png]<https://twitter.com/ICSIL>
Midwest Internet Exchange<http://www.midwest-ix.com/>
[http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/mdwestix>[http://www.ics-il.com/images/linkedinicon.png]<https://www.linkedin.com/company/midwest-internet-exchange>[http://www.ics-il.com/images/twittericon.png]<https://twitter.com/mdwestix>
The Brothers WISP<http://www.thebrotherswisp.com/>
[http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/thebrotherswisp>[http://www.ics-il.com/images/youtubeicon.png]<https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
________________________________
From: "Mel Beckman" <mel@beckman.org>
To: "John Curran" <jcurran@arin.net>
Cc: nanog@nanog.org
Sent: Saturday, April 24, 2021 10:24:45 AM
Subject: Re: DoD IP Space

This doesn’t sound good, no matter how you slice it. The lack of transparency with a civilian resource is troubling at a minimum. I’m going to bogon this space as a defensive measure, until its real — and detailed — purpose can be known. The secret places of our government have proven themselves untrustworthy in the protection of citizens’ data and networks. They tend to think they know “what’s good for” us.

-mel

On Apr 24, 2021, at 8:05 AM, John Curran <jcurran@arin.net> wrote:

?
As noted - https://www.washingtonpost.com/technology/2021/04/24/pentagon-internet-address-mystery/#click=https://t.co/mVh26yBq9G

FYI,
/John

John Curran
President and CEO
American Registry for Internet Numbers

On Jan 20, 2021, at 8:35 AM, John Curran <jcurran@istaff.org> wrote:

?
Tom –

Most definitely: lack of routing history is not at all a reliable indicator of the potential for valid routing of a given IPv4 block in the future, so best practice suggest that allocated address space should not be blocked by others without specific cause.

Doing otherwise opens one up to unexpected surprises when issued space suddenly becomes more active in routing and is yet is inexplicably unreachable for some destinations.

/John

On Nov 5, 2019, at 10:38 AM, Tom Beecher <beecher@beecher.cc> wrote:


Using the generally accepted definition of a bogon ( RFC 1918 / 5735 / 6598 + netblock not allocated by an RiR ), 22/8 is not a bogon and shouldn't be treated as one.

The DoD does not announce it to the DFZ, as is their choice, but nothing says they may not change that position tomorrow. There are plenty of subnets out there that are properly allocated by an RiR, but the assignees do not send them to the DFZ because of $reasons.

In my opinion, creating bogon lists that include allocated but not advertised prefixes is poor practice that is likely to end up biting an operator at one point or another.

On Tue, Nov 5, 2019 at 9:45 AM Töma Gavrichenkov <ximaera@gmail.com<mailto:ximaera@gmail.com>> wrote:
Peace,

On Tue, Nov 5, 2019, 4:55 PM David Conrad <drc@virtualized.org<mailto:drc@virtualized.org>> wrote:
> On Nov 4, 2019, at 10:56 PM, Grant Taylor via NANOG <nanog@nanog.org<mailto:nanog@nanog.org>> wrote:
>> This thread got me to wondering, is there any
>> legitimate reason to see 22/8 on the public
>> Internet? Or would it be okay to treat 22/8
>> like a Bogon and drop it at the network edge?
>
> Given the transfer market for IPv4 addresses,
> the spot price for IPv4 addresses, and the need
> of even governments to find “free” (as in
> unconstrained) money, I’d think treating any
> legacy /8 as a bogon would not be prudent.

It has been said before in this thread that the DoD actively uses this
network internally. I believe if the DoD were to cut costs, they
would be able to do it much more effectively in many other areas, and
their IPv4 networks would be about the last thing they would think of
(along with switching off ACs Bernard Ebbers-style). With that in
mind, treating the DoD networks as bogons now makes total sense to me.

--
Töma

"proven-malicious IP space owner"


The DoD?




-----
Mike Hammett
Intelligent Computing Solutions

Midwest Internet Exchange

The Brothers WISP

----- Original Message -----

From: "Mel Beckman" <mel@beckman.org>
To: "Mike Hammett" <nanog@ics-il.net>
Cc: nanog@nanog.org, "John Curran" <jcurran@arin.net>
Sent: Saturday, April 24, 2021 10:37:42 AM
Subject: Re: DoD IP Space

I will not permit traffic into my network whose proven-malicious IP space owner is devious about its purpose. You can, if you want.


-mel



On Apr 24, 2021, at 8:28 AM, Mike Hammett <nanog@ics-il.net> wrote:




<blockquote>


Huh?




-----
Mike Hammett
Intelligent Computing Solutions

Midwest Internet Exchange

The Brothers WISP

----- Original Message -----

From: "Mel Beckman" <mel@beckman.org>
To: "John Curran" <jcurran@arin.net>
Cc: nanog@nanog.org
Sent: Saturday, April 24, 2021 10:24:45 AM
Subject: Re: DoD IP Space

This doesn’t sound good, no matter how you slice it. The lack of transparency with a civilian resource is troubling at a minimum. I’m going to bogon this space as a defensive measure, until its real — and detailed — purpose can be known. The secret places of our government have proven themselves untrustworthy in the protection of citizens’ data and networks. They tend to think they know “what’s good for” us.


-mel


<blockquote>
On Apr 24, 2021, at 8:05 AM, John Curran <jcurran@arin.net> wrote:


</blockquote>

<blockquote>


As noted - https://www.washingtonpost.com/technology/2021/04/24/pentagon-internet-address-mystery/#click=https://t.co/mVh26yBq9G


FYI,
/John


John Curran
President and CEO
American Registry for Internet Numbers


<blockquote>
On Jan 20, 2021, at 8:35 AM, John Curran <jcurran@istaff.org> wrote:


</blockquote>

<blockquote>


Tom –


Most definitely: lack of routing history is not at all a reliable indicator of the potential for valid routing of a given IPv4 block in the future, so best practice suggest that allocated address space should not be blocked by others without specific cause.


Doing otherwise opens one up to unexpected surprises when issued space suddenly becomes more active in routing and is yet is inexplicably unreachable for some destinations.


/John


<blockquote>
On Nov 5, 2019, at 10:38 AM, Tom Beecher <beecher@beecher.cc> wrote:


</blockquote>

<blockquote>




Using the generally accepted definition of a bogon ( RFC 1918 / 5735 / 6598 + netblock not allocated by an RiR ), 22/8 is not a bogon and shouldn't be treated as one.



The DoD does not announce it to the DFZ, as is their choice, but nothing says they may not change that position tomorrow. There are plenty of subnets out there that are properly allocated by an RiR, but the assignees do not send them to the DFZ because of $reasons.


In my opinion, creating bogon lists that include allocated but not advertised prefixes is poor practice that is likely to end up biting an operator at one point or another.


On Tue, Nov 5, 2019 at 9:45 AM Töma Gavrichenkov < ximaera@gmail.com > wrote:

<blockquote>
Peace,

On Tue, Nov 5, 2019, 4:55 PM David Conrad < drc@virtualized.org > wrote:
> On Nov 4, 2019, at 10:56 PM, Grant Taylor via NANOG < nanog@nanog.org > wrote:
>> This thread got me to wondering, is there any
>> legitimate reason to see 22/8 on the public
>> Internet? Or would it be okay to treat 22/8
>> like a Bogon and drop it at the network edge?
>
> Given the transfer market for IPv4 addresses,
> the spot price for IPv4 addresses, and the need
> of even governments to find “free” (as in
> unconstrained) money, I’d think treating any
> legacy /8 as a bogon would not be prudent.

It has been said before in this thread that the DoD actively uses this
network internally. I believe if the DoD were to cut costs, they
would be able to do it much more effectively in many other areas, and
their IPv4 networks would be about the last thing they would think of
(along with switching off ACs Bernard Ebbers-style). With that in
mind, treating the DoD networks as bogons now makes total sense to me.

--
Töma

</blockquote>

</blockquote>

</blockquote>

</blockquote>


</blockquote>

In this specific case the group of self-described DOD network cowboys who, due to lack of transparency and public oversight, could be doing all manner of nefarious things with this IP space. It can’t help to let it in, and it can definitely hurt.

But you know that. So why are you playing dumb?

-mel

On Apr 24, 2021, at 8:44 AM, Mike Hammett <nanog@ics-il.net> wrote:

?
"proven-malicious IP space owner"

The DoD?



-----
Mike Hammett
Intelligent Computing Solutions<http://www.ics-il.com/>
[http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/ICSIL>[http://www.ics-il.com/images/googleicon.png]<https://plus.google.com/+IntelligentComputingSolutionsDeKalb>[http://www.ics-il.com/images/linkedinicon.png]<https://www.linkedin.com/company/intelligent-computing-solutions>[http://www.ics-il.com/images/twittericon.png]<https://twitter.com/ICSIL>
Midwest Internet Exchange<http://www.midwest-ix.com/>
[http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/mdwestix>[http://www.ics-il.com/images/linkedinicon.png]<https://www.linkedin.com/company/midwest-internet-exchange>[http://www.ics-il.com/images/twittericon.png]<https://twitter.com/mdwestix>
The Brothers WISP<http://www.thebrotherswisp.com/>
[http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/thebrotherswisp>[http://www.ics-il.com/images/youtubeicon.png]<https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
________________________________
From: "Mel Beckman" <mel@beckman.org>
To: "Mike Hammett" <nanog@ics-il.net>
Cc: nanog@nanog.org, "John Curran" <jcurran@arin.net>
Sent: Saturday, April 24, 2021 10:37:42 AM
Subject: Re: DoD IP Space

I will not permit traffic into my network whose proven-malicious IP space owner is devious about its purpose. You can, if you want.

-mel

On Apr 24, 2021, at 8:28 AM, Mike Hammett <nanog@ics-il.net> wrote:

?
Huh?



-----
Mike Hammett
Intelligent Computing Solutions<http://www.ics-il.com/>
[http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/ICSIL>[http://www.ics-il.com/images/googleicon.png]<https://plus.google.com/+IntelligentComputingSolutionsDeKalb>[http://www.ics-il.com/images/linkedinicon.png]<https://www.linkedin.com/company/intelligent-computing-solutions>[http://www.ics-il.com/images/twittericon.png]<https://twitter.com/ICSIL>
Midwest Internet Exchange<http://www.midwest-ix.com/>
[http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/mdwestix>[http://www.ics-il.com/images/linkedinicon.png]<https://www.linkedin.com/company/midwest-internet-exchange>[http://www.ics-il.com/images/twittericon.png]<https://twitter.com/mdwestix>
The Brothers WISP<http://www.thebrotherswisp.com/>
[http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/thebrotherswisp>[http://www.ics-il.com/images/youtubeicon.png]<https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
________________________________
From: "Mel Beckman" <mel@beckman.org>
To: "John Curran" <jcurran@arin.net>
Cc: nanog@nanog.org
Sent: Saturday, April 24, 2021 10:24:45 AM
Subject: Re: DoD IP Space

This doesn’t sound good, no matter how you slice it. The lack of transparency with a civilian resource is troubling at a minimum. I’m going to bogon this space as a defensive measure, until its real — and detailed — purpose can be known. The secret places of our government have proven themselves untrustworthy in the protection of citizens’ data and networks. They tend to think they know “what’s good for” us.

-mel

On Apr 24, 2021, at 8:05 AM, John Curran <jcurran@arin.net> wrote:

?
As noted - https://www.washingtonpost.com/technology/2021/04/24/pentagon-internet-address-mystery/#click=https://t.co/mVh26yBq9G

FYI,
/John

John Curran
President and CEO
American Registry for Internet Numbers

On Jan 20, 2021, at 8:35 AM, John Curran <jcurran@istaff.org> wrote:

?
Tom –

Most definitely: lack of routing history is not at all a reliable indicator of the potential for valid routing of a given IPv4 block in the future, so best practice suggest that allocated address space should not be blocked by others without specific cause.

Doing otherwise opens one up to unexpected surprises when issued space suddenly becomes more active in routing and is yet is inexplicably unreachable for some destinations.

/John

On Nov 5, 2019, at 10:38 AM, Tom Beecher <beecher@beecher.cc> wrote:


Using the generally accepted definition of a bogon ( RFC 1918 / 5735 / 6598 + netblock not allocated by an RiR ), 22/8 is not a bogon and shouldn't be treated as one.

The DoD does not announce it to the DFZ, as is their choice, but nothing says they may not change that position tomorrow. There are plenty of subnets out there that are properly allocated by an RiR, but the assignees do not send them to the DFZ because of $reasons.

In my opinion, creating bogon lists that include allocated but not advertised prefixes is poor practice that is likely to end up biting an operator at one point or another.

On Tue, Nov 5, 2019 at 9:45 AM Töma Gavrichenkov <ximaera@gmail.com<mailto:ximaera@gmail.com>> wrote:
Peace,

On Tue, Nov 5, 2019, 4:55 PM David Conrad <drc@virtualized.org<mailto:drc@virtualized.org>> wrote:
> On Nov 4, 2019, at 10:56 PM, Grant Taylor via NANOG <nanog@nanog.org<mailto:nanog@nanog.org>> wrote:
>> This thread got me to wondering, is there any
>> legitimate reason to see 22/8 on the public
>> Internet? Or would it be okay to treat 22/8
>> like a Bogon and drop it at the network edge?
>
> Given the transfer market for IPv4 addresses,
> the spot price for IPv4 addresses, and the need
> of even governments to find “free” (as in
> unconstrained) money, I’d think treating any
> legacy /8 as a bogon would not be prudent.

It has been said before in this thread that the DoD actively uses this
network internally. I believe if the DoD were to cut costs, they
would be able to do it much more effectively in many other areas, and
their IPv4 networks would be about the last thing they would think of
(along with switching off ACs Bernard Ebbers-style). With that in
mind, treating the DoD networks as bogons now makes total sense to me.

--
Töma

I encourage my competition to make equally arbitrary routing decisions.




-----
Mike Hammett
Intelligent Computing Solutions

Midwest Internet Exchange

The Brothers WISP

----- Original Message -----

From: "Mel Beckman" <mel@beckman.org>
To: "Mike Hammett" <nanog@ics-il.net>
Cc: nanog@nanog.org, "John Curran" <jcurran@arin.net>
Sent: Saturday, April 24, 2021 10:53:26 AM
Subject: Re: DoD IP Space


In this specific case the group of self-described DOD network cowboys who, due to lack of transparency and public oversight, could be doing all manner of nefarious things with this IP space. It can’t help to let it in, and it can definitely hurt.


But you know that. So why are you playing dumb?


-mel



On Apr 24, 2021, at 8:44 AM, Mike Hammett <nanog@ics-il.net> wrote:




<blockquote>


"proven-malicious IP space owner"


The DoD?




-----
Mike Hammett
Intelligent Computing Solutions

Midwest Internet Exchange

The Brothers WISP

----- Original Message -----

From: "Mel Beckman" <mel@beckman.org>
To: "Mike Hammett" <nanog@ics-il.net>
Cc: nanog@nanog.org, "John Curran" <jcurran@arin.net>
Sent: Saturday, April 24, 2021 10:37:42 AM
Subject: Re: DoD IP Space

I will not permit traffic into my network whose proven-malicious IP space owner is devious about its purpose. You can, if you want.


-mel


<blockquote>
On Apr 24, 2021, at 8:28 AM, Mike Hammett <nanog@ics-il.net> wrote:


</blockquote>

<blockquote>


Huh?




-----
Mike Hammett
Intelligent Computing Solutions

Midwest Internet Exchange

The Brothers WISP

----- Original Message -----

From: "Mel Beckman" <mel@beckman.org>
To: "John Curran" <jcurran@arin.net>
Cc: nanog@nanog.org
Sent: Saturday, April 24, 2021 10:24:45 AM
Subject: Re: DoD IP Space

This doesn’t sound good, no matter how you slice it. The lack of transparency with a civilian resource is troubling at a minimum. I’m going to bogon this space as a defensive measure, until its real — and detailed — purpose can be known. The secret places of our government have proven themselves untrustworthy in the protection of citizens’ data and networks. They tend to think they know “what’s good for” us.


-mel


<blockquote>
On Apr 24, 2021, at 8:05 AM, John Curran <jcurran@arin.net> wrote:


</blockquote>

<blockquote>


As noted - https://www.washingtonpost.com/technology/2021/04/24/pentagon-internet-address-mystery/#click=https://t.co/mVh26yBq9G


FYI,
/John


John Curran
President and CEO
American Registry for Internet Numbers


<blockquote>
On Jan 20, 2021, at 8:35 AM, John Curran <jcurran@istaff.org> wrote:


</blockquote>

<blockquote>


Tom –


Most definitely: lack of routing history is not at all a reliable indicator of the potential for valid routing of a given IPv4 block in the future, so best practice suggest that allocated address space should not be blocked by others without specific cause.


Doing otherwise opens one up to unexpected surprises when issued space suddenly becomes more active in routing and is yet is inexplicably unreachable for some destinations.


/John


<blockquote>
On Nov 5, 2019, at 10:38 AM, Tom Beecher <beecher@beecher.cc> wrote:


</blockquote>

<blockquote>




Using the generally accepted definition of a bogon ( RFC 1918 / 5735 / 6598 + netblock not allocated by an RiR ), 22/8 is not a bogon and shouldn't be treated as one.



The DoD does not announce it to the DFZ, as is their choice, but nothing says they may not change that position tomorrow. There are plenty of subnets out there that are properly allocated by an RiR, but the assignees do not send them to the DFZ because of $reasons.


In my opinion, creating bogon lists that include allocated but not advertised prefixes is poor practice that is likely to end up biting an operator at one point or another.


On Tue, Nov 5, 2019 at 9:45 AM Töma Gavrichenkov < ximaera@gmail.com > wrote:

<blockquote>
Peace,

On Tue, Nov 5, 2019, 4:55 PM David Conrad < drc@virtualized.org > wrote:
> On Nov 4, 2019, at 10:56 PM, Grant Taylor via NANOG < nanog@nanog.org > wrote:
>> This thread got me to wondering, is there any
>> legitimate reason to see 22/8 on the public
>> Internet? Or would it be okay to treat 22/8
>> like a Bogon and drop it at the network edge?
>
> Given the transfer market for IPv4 addresses,
> the spot price for IPv4 addresses, and the need
> of even governments to find “free” (as in
> unconstrained) money, I’d think treating any
> legacy /8 as a bogon would not be prudent.

It has been said before in this thread that the DoD actively uses this
network internally. I believe if the DoD were to cut costs, they
would be able to do it much more effectively in many other areas, and
their IPv4 networks would be about the last thing they would think of
(along with switching off ACs Bernard Ebbers-style). With that in
mind, treating the DoD networks as bogons now makes total sense to me.

--
Töma

</blockquote>

</blockquote>

</blockquote>

</blockquote>


</blockquote>


</blockquote>

On Sat, Apr 24, 2021 at 8:26 AM Mel Beckman <mel@beckman.org> wrote:
> This doesn’t sound good, no matter how you slice it. The lack of
> transparency with a civilian resource is troubling at a minimum.

You do understand that the addresses in question are not and have
never been "civilian." They came into DoD's possession when this was
all still a military project funded by what's now DARPA.

Personally, I think we may have an all time record for the largest
honeypot ever constructed. I'd love to be a fly on that wall.

Regards,
Bill Herrin



--
William Herrin
bill@herrin.us
https://bill.herrin.us/

Bill,

It’s the INTERNET that is civilian, not the IP space. As long as that IP space was isolated to the .mil network, it was private space, as far as the Internet was concerned. Now DoD has moved it into the civilian Internet, and I treat them as potentially malicious as I do any other organization that lies, cheats, and steals the public trust.

-mel

> On Apr 24, 2021, at 3:45 PM, William Herrin <bill@herrin.us> wrote:
>
> On Sat, Apr 24, 2021 at 8:26 AM Mel Beckman <mel@beckman.org> wrote:
>> This doesn’t sound good, no matter how you slice it. The lack of
>> transparency with a civilian resource is troubling at a minimum.
>
> You do understand that the addresses in question are not and have
> never been "civilian." They came into DoD's possession when this was
> all still a military project funded by what's now DARPA.
>
> Personally, I think we may have an all time record for the largest
> honeypot ever constructed. I'd love to be a fly on that wall.
>
> Regards,
> Bill Herrin
>
>
>
> --
> William Herrin
> bill@herrin.us
> https://bill.herrin.us/

The internet that is subsidized by that same Government....

Logic.

On Sat, Apr 24, 2021 at 18:19 Mel Beckman <mel@beckman.org> wrote:

> Bill,
>
> It’s the INTERNET that is civilian, not the IP space. As long as that IP
> space was isolated to the .mil network, it was private space, as far as the
> Internet was concerned. Now DoD has moved it into the civilian Internet,
> and I treat them as potentially malicious as I do any other organization
> that lies, cheats, and steals the public trust.
>
> -mel
>
> > On Apr 24, 2021, at 3:45 PM, William Herrin <bill@herrin.us> wrote:
> >
> > On Sat, Apr 24, 2021 at 8:26 AM Mel Beckman <mel@beckman.org> wrote:
> >> This doesn’t sound good, no matter how you slice it. The lack of
> >> transparency with a civilian resource is troubling at a minimum.
> >
> > You do understand that the addresses in question are not and have
> > never been "civilian." They came into DoD's possession when this was
> > all still a military project funded by what's now DARPA.
> >
> > Personally, I think we may have an all time record for the largest
> > honeypot ever constructed. I'd love to be a fly on that wall.
> >
> > Regards,
> > Bill Herrin
> >
> >
> >
> > --
> > William Herrin
> > bill@herrin.us
> > https://bill.herrin.us/
>
> --
Jason

Mel,

I hope you're not implementing this in an ISP network, it's not net neutral if a carrier is making a (political) route/filtering decision. (Points to The Great Firewall of China)

Ryan

-----Original Message-----
From: NANOG <nanog-bounces+ryan=rkhtech.org@nanog.org> On Behalf Of Mel Beckman
Sent: Saturday, April 24, 2021 4:17 PM
To: William Herrin <bill@herrin.us>
Cc: nanog@nanog.org
Subject: Re: DoD IP Space

Bill,

It’s the INTERNET that is civilian, not the IP space. As long as that IP space was isolated to the .mil network, it was private space, as far as the Internet was concerned. Now DoD has moved it into the civilian Internet, and I treat them as potentially malicious as I do any other organization that lies, cheats, and steals the public trust.

-mel

> On Apr 24, 2021, at 3:45 PM, William Herrin <bill@herrin.us> wrote:
>
> On Sat, Apr 24, 2021 at 8:26 AM Mel Beckman <mel@beckman.org> wrote:
>> This doesn’t sound good, no matter how you slice it. The lack of
>> transparency with a civilian resource is troubling at a minimum.
>
> You do understand that the addresses in question are not and have
> never been "civilian." They came into DoD's possession when this was
> all still a military project funded by what's now DARPA.
>
> Personally, I think we may have an all time record for the largest
> honeypot ever constructed. I'd love to be a fly on that wall.
>
> Regards,
> Bill Herrin
>
>
>
> --
> William Herrin
> bill@herrin.us
> https://bill.herrin.us/

Ryan,

My motives are not political. It doesn’t matter which party is behind this (and it looks like both would have to be, based on the timeline).

I’m treating this sudden advertisement of IP space as I would any other hostile actor, which NANOGers filter all the time. If the DOD comes clean and provides the required registered contact information, I might reconsider. But I’ve already called the published abuse contact number, and they say they don’t deal with “the public”. Until the DoD makes clear their intentions, blocking this IP space is the only sensible decision.

-mel

> On Apr 24, 2021, at 9:11 PM, Ryan Hamel <administrator@rkhtech.org> wrote:
>
> ?Mel,
>
> I hope you're not implementing this in an ISP network, it's not net neutral if a carrier is making a (political) route/filtering decision. (Points to The Great Firewall of China)
>
> Ryan
>
> -----Original Message-----
> From: NANOG <nanog-bounces+ryan=rkhtech.org@nanog.org> On Behalf Of Mel Beckman
> Sent: Saturday, April 24, 2021 4:17 PM
> To: William Herrin <bill@herrin.us>
> Cc: nanog@nanog.org
> Subject: Re: DoD IP Space
>
> Bill,
>
> It’s the INTERNET that is civilian, not the IP space. As long as that IP space was isolated to the .mil network, it was private space, as far as the Internet was concerned. Now DoD has moved it into the civilian Internet, and I treat them as potentially malicious as I do any other organization that lies, cheats, and steals the public trust.
>
> -mel
>
>> On Apr 24, 2021, at 3:45 PM, William Herrin <bill@herrin.us> wrote:
>>
>>> On Sat, Apr 24, 2021 at 8:26 AM Mel Beckman <mel@beckman.org> wrote:
>>> This doesn’t sound good, no matter how you slice it. The lack of
>>> transparency with a civilian resource is troubling at a minimum.
>>
>> You do understand that the addresses in question are not and have
>> never been "civilian." They came into DoD's possession when this was
>> all still a military project funded by what's now DARPA.
>>
>> Personally, I think we may have an all time record for the largest
>> honeypot ever constructed. I'd love to be a fly on that wall.
>>
>> Regards,
>> Bill Herrin
>>
>>
>>
>> --
>> William Herrin
>> bill@herrin.us
>> https://bill.herrin.us/
>
>

Jason,

The government subsidizes farms, too. That doesn’t mean we let them be militarized.

Logic. :)

-mel

On Apr 24, 2021, at 4:35 PM, Jason Biel <jason@biel-tech.com> wrote:

?
The internet that is subsidized by that same Government....

Logic.

On Sat, Apr 24, 2021 at 18:19 Mel Beckman <mel@beckman.org<mailto:mel@beckman.org>> wrote:
Bill,

It’s the INTERNET that is civilian, not the IP space. As long as that IP space was isolated to the .mil network, it was private space, as far as the Internet was concerned. Now DoD has moved it into the civilian Internet, and I treat them as potentially malicious as I do any other organization that lies, cheats, and steals the public trust.

-mel

> On Apr 24, 2021, at 3:45 PM, William Herrin <bill@herrin.us<mailto:bill@herrin.us>> wrote:
>
> On Sat, Apr 24, 2021 at 8:26 AM Mel Beckman <mel@beckman.org<mailto:mel@beckman.org>> wrote:
>> This doesn’t sound good, no matter how you slice it. The lack of
>> transparency with a civilian resource is troubling at a minimum.
>
> You do understand that the addresses in question are not and have
> never been "civilian." They came into DoD's possession when this was
> all still a military project funded by what's now DARPA.
>
> Personally, I think we may have an all time record for the largest
> honeypot ever constructed. I'd love to be a fly on that wall.
>
> Regards,
> Bill Herrin
>
>
>
> --
> William Herrin
> bill@herrin.us<mailto:bill@herrin.us>
> https://bill.herrin.us/

--
Jason

On 25/04/2021 3:24 am, Mel Beckman wrote:
> This doesn’t sound good, no matter how you slice it. The lack of
> transparency with a civilian resource is troubling at a minimum. I’m
> going to bogon this space as a defensive measure, until its real — and
> detailed — purpose can be known. The secret places of our government
> have proven themselves untrustworthy in the protection of citizens’
> data and networks. They tend to think they know “what’s good for” us.
>
>  -mel
>

Why does anyone on the Internet need to publish to your arbitrary
standards, what they intend to do with their IP address ranges?

Failure to advertise the IP address space to the Internet (until now,
perhaps) doesn't make the address space any less legitimate, and though
I'd expect the DoD to generally comply with all of the expected norms
around BGP arrangements and published whois details, at the end of the
day, they can nominate who should originate it from their AS and as long
as we can see who owns it.... it's just not our business.

Any organisation who's used DoD space in a way that's likely to conflict
with, well, the DoD, gambled and lost.

Mark.