The 69/8 Networking Problem

jaredmauch writes "A number of networking providers who receive address space from ARIN have been having problems with their recent IP space allocations. This is a result of outdated filters that applied a few years ago during the boom time of the net, but have not been updated to reflect the current state of the network. Here is a paper that documents some of the problems this filtering is causing providers."

I have a 69/8 address

[DetrimentalFiend]

...and although most places have finally gotten their act together, this is still a bit of a problem for us. Our ISP has been working quite hard to get people to update their filters (the ISP was one of the first to get addresses in this space), but it's still a bit of a problem. Hopefully being on the front page of slashdot will help the problem some.

Roll on IPv6

[The+Real+Chrisjc]

I would love everything to be IPv6 now, but it ain't gonna happen for atleast 10 years I think. Even new equipment hasn't got IPv6 :(
That would solve problems like this, and create lots of lovely new ones :/

If only the world was perfect eh?

Re:Roll on IPv6

>That would solve problems like this

no, it wouldn't. unallocated ip's are still going to be acl'd out as illegal sources until such time as they are allocated regardless of ipv6 vs ipv4.

Re:Roll on IPv6

[Omnifarious]

IPv6 could provide almost as much protection as a NAT.

Every single network gets at least a full /64 in IPv6. 64 bits is a lot of bits. Your devices IPs wouldn't be guessable. Script kiddies would have to run a very noticeable address scan, and even that would not be likely to find a randomly numbered device in a reasonable amount of time.

Not surprising

Frankly this isn't a big surprise. If IANA gave up another previously reserved netblock like 0.0.0.0/8, 96.0.0.0/4, 112.0.0.0/5, 120.0.0.0/6, 124.0.0.0/7, 126.0.0.0/8 or the plethora of other reserved netblocks then they should expect peeps to still have them blacklisted in their personal ACLs. This is only common sense. This isn't exactly news. IANA should have been very forthcoming and gone public with the fact that a previously reserved netblock was no longer reserved PRIOR to selling parts of it. How else would they expect admins like myself to know about the change?

Re:Devalued IP Space?

[Sandman1971]

You can't purchase IPs anymore. All IPs are now RENTED from the ISP in question. With routing protocols the way they are, there are very few portable classes available, and those are grandfathered. You can no longer buy a class and expect to keep it if you change providers. The IPs belong to the ISP/provider. All you're doing is renting them.

exactly

[ArchieBunker]

Theres a ton of companies sitting on class A blocks and doing nothing with them. Anything from 4.0.0.0 and up is hardly used. Redistribute these as a temporary solution until IPv6 is mainstream.

Re:exactly

Why do think HP bought Compaq?
now they have 15/8 and 16/8 two consequecutive class A

69/8? Screw 'em!

[Anonymous+Struct]

When I started working for the company I'm working for, whose name shall remain unpublished, there was a bit of funny going on with the ip addressing schemes of our various offices. Instead of fooling around with that silly private address space nonsense, they just went allocating /8 blocks devil-may-care, one for each office, and I'll just say there were more than ten of them. Oddest bit was, nobody really seemed to notice all that much, except for the few odd folks who'd try to visit their alma mater's website and met with frustration every time. 128/8 and 129/8 were mysteriously always unavailable.

So 69/8 is blacked out? Ah, big deal. At least the dba can get to Oracle's website now. 192/8 was an office with about 60 people, if you can believe that. Strange folks out there setting up networks. Shield your young.

Re:Devalued IP Space?

[Sandman1971]

Sure you can. But you also have to remember that most backbone providers will not accept BGP advertisements smaller than /19 (32 Class Bs). To get that kind of range at Arin, you have to prove something like 75% utilisation now, and up to 100% utilisation within 3 months. So unless you're an ISP/backbone/server/web farm or a big company, you'll have a tough time proving you need 8 class Bs.

ISPs and weird filtering

[phorm]

Have you ever had a IP address that you just couldn't get to, though you were positive that it was up and online?

So... you go over to a friend's (or for those who can , SSH to an alternate machine) and the IP is accessible. You know the site is available, so you spend a lot of time in the firewall settings, even opening the firewall entirely... but still no luck.

I had this problem with my ISP, and finally traced it to that 66.xx.xx.xx IP addresses were unreachable (including redhat.com, very annoying), but only when I was on a certain bank of dynamically assigned IP's. Releasing my IP and leaving the PC off overnight used to solve the problem.

For awhile, it was occuring after I got a dedicated IP as well. When I called my ISP on this, they told me to reboot my modem, let it sit off for about 15, and then restart. Try explaining to low-tier tech support about how downtime is bad when you run a server.

Luckily, all is fixed now, since I've moved to another city (same ISP, but no problems), but I wonder if this problem is related to base ISP-side filtering, or if anyone else has experienced it. At one time, I had a box with a non 66.xx.xx.xx IP and a box with a 66.xx.xx.xx IP and they couldn't even talk to each other properly, though both could get online without a problem!

1 stone, 2 birds, kill

[Skapare]

I was originally going to propose this for 126/8, but this netblock seems more appropriate. ARIN should take 69/8 back and re-assign it specifically for the purpose of spammers and their hosting services. Make it illegal (like maybe a death penalty) for doing any spamming or hosting any spammers unless it's done from this block of address space.