Dear colleagues
Version 2 of prop-110: DesignateÂ1.2.3.0/24Âas Anycast to support DNS
Infrastructure, reached consensus at the APNIC 37ÂPolicyÂSIG, but did
not reach consensus at the APNIC 37 Member Meeting.
Therefore, this proposal is being returned to the authors and theÂPolicy
SIGÂmailing list for further consideration.
Proposal details
----------------
The objective of this proposal is to permit the useÂ1.2.3.0/24Âas
anycast addresses to be used in context of scoped routing to support the
deployment of DNS resolvers.
Proposal details including the full text of the proposal, history, and
links to mailing list discussions are available at:
ÂÂÂÂÂÂÂhttp://www.apnic.net/policy/proposals/prop-110
Regards
Masato
------------------------------------------------------------------------
prop-110v002: DesignateÂ1.2.3.0/24Âas Anycast to support DNS
ÂÂÂÂÂÂÂÂÂÂÂÂÂ Infrastructure
------------------------------------------------------------------------
Proposers:ÂÂÂÂÂÂ Dean Pemberton,Âdean at internetnz dot net dot nz
ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ Geoff Huston,Âgih at apnic dot net
1. Problem statement
--------------------
ÂÂ Network 1 (1.0.0.0/8) was allocated to APNIC by the IANA on 19
ÂÂ January 2010. In line with standard practice APNIC's Resource Quality
ÂÂ Assurance activities determined that 95% of the address space would
ÂÂ be suitable for delegation as it was found to be relatively free of
ÂÂ unwanted traffic [1].
ÂÂ Testing, conducted by APNIC R&D found that certain blocks within
ÂÂ Network 1 attract significant amounts of unwanted traffic, primarily
ÂÂ due to its unauthorised use as private address space [2].
ÂÂ Analysis revealed that, prior to any delegations being made from the
ÂÂ block,Â1.0.0.0/8Âattracted an average of 140Mbps - 160Mbps of
ÂÂ unsolicited incoming traffic as a continuous sustained traffic level,
ÂÂ with peak bursts of over 800Mbps.
ÂÂ The analysis highlighted individual addresses such as 1.2.3.4 with
ÂÂ its covering /24 (identified asÂ1.2.3.0/24) remain in APNIC
ÂÂ quarantine and it is believed they will not be suitable for normal
ÂÂ address distribution.
ÂÂ The proposal proposes the use ofÂ1.2.3.0/24Âin a context of locally
ÂÂ scoped infrastructure support for DNS resolvers.
2. Objective ofÂpolicyÂchange
-----------------------------
ÂÂ As the addresses attract extremely high levels of unsolicited
ÂÂ incoming traffic, the block has been withheld from allocation and
ÂÂ periodically checked to determine if the incoming traffic profile has
ÂÂ altered. None has been observed to date. After four years, it now
ÂÂ seems unlikely there will ever be any change in the incoming traffic
ÂÂ profile.
ÂÂ The objective of this proposal is to permit the useÂ1.2.3.0/24Âas a
ÂÂ anycast addresses to be used in context of scoped routing to support
ÂÂ the deployment of DNS resolvers. It is noted that as long as
ÂÂ providers who use this address use basic route scope limitations, the
ÂÂ side effect of large volumes of unsolicited incoming traffic would
ÂÂ be, to some extent mitigated down to manageable levels.
3. Situation in other regions
-----------------------------
ÂÂ Improper use of this address space is a globally common issue.
ÂÂ However the block is delegated only APNIC and so therefor, no other
ÂÂ RIR has equivalentÂpolicyÂto deal with the situation.
4. ProposedÂpolicyÂsolution
---------------------------
ÂÂ This proposal recommends that the APNIC community agree to assign
ÂÂÂ1.2.3.0/24Âto the APNIC Secretariat for use in the context of locally
ÂÂ scoped infrastructure support for DNS resolvers.
ÂÂ At some future point there is nothing restricting an RFC being
ÂÂ written to include this prefix into the special-purpose IPv4
 registry. However, at this time it is considered sufficient for the
ÂÂ APNIC community to designate this prefix to be managed as a common
ÂÂ anycast address for locally scoped infrastructure support for DNS
ÂÂ resolvers.
5. Advantages / Disadvantages
-----------------------------
Advantages
ÂÂ - It will make use of this otherwise unusable address space.
ÂÂ - DNS operators will have an easy-to-remember address they can use to
ÂÂÂÂ communicate with their users (e.g. configure "1.2.3.4" as your DNS
ÂÂÂÂ resolver")
Disadvantages
ÂÂ - The address attracts a large volume of unsolicited incoming
ÂÂÂÂ traffic, and leakage of an anycast advertisement outside of a
ÂÂÂÂ limited local scope may impact on the integrity of the DNS service
ÂÂÂÂ located at the point associated with the scope leakage. Some
ÂÂÂÂ operators with high capacity infrastructure may see this as a
ÂÂÂÂ negligible issue.
6. Impact on APNIC
------------------
ÂÂ Although this space will no longer be available for use by a single
ÂÂ APNIC/NIR account holder, the proposal would result in benefit for
ÂÂ all APNIC community members, as well as the communities in other
ÂÂ regions.
References
----------
ÂÂ [1] Resource Quality Good for Most of IPv4 Network "1"
ÂÂÂhttp://www.apnic.net/publications/press/releases/2010/network-1.pdf
ÂÂ [2] Traffic in NetworkÂ1.0.0.0/8
ÂÂÂhttp://www.potaroo.net/ispcol/2010-03/net1.html