[sig-policy] prop-132-v002: AS0 for Bogons

  • To: Policy SIG <sig-policy@apnic.net>
  • Subject: [sig-policy] prop-132-v002: AS0 for Bogons
  • From: Sumon Ahmed Sabir <sasabir@gmail.com>
  • Date: Thu, 22 Aug 2019 11:52:13 +0600
  • Delivered-to: sig-policy@clove.apnic.net
  • Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=D7J7bF2HU5JP+98Glm8VlJAGlqu8nxEZRwYl+8DoMIY=; b=vYY28ExKqpVWarYfZNqTzRngLK5z8VERDdi1BQGJncu01LJkg9f88v7JQo83r6g0Cr HGfzQ9rYoG6fNJ55CRTx5oM4lvAtDrjma37vCRNzYNDlR/mnaX91vikPkAvMDyYGCPUq hicCvMINr6WNMLmrlEgrfvX1i1yeeAusrO2FeNnD+NXuxa2Pe5ePHizfk2UaF7AGWzGw Fx2IMJ4FIQYXXx1ud3A56Tso9g099SLEKLbL+RXcSio3Vqy+M9tAaIK8O8GRSitZMfbO Bmv165YQzAz3Snv7VSBxBxe797KX996O5uB6wVqVgOB2CSW5TkLXREr7MkmFbSHf2SSf myxA==
  • List-archive: <http://mailman.apnic.net/mailing-lists/sig-policy/>
  • List-help: <mailto:sig-policy-request@lists.apnic.net?subject=help>
  • List-id: APNIC SIG on resource management policy <sig-policy.lists.apnic.net>
  • List-post: <mailto:sig-policy@lists.apnic.net>
  • List-subscribe: <https://mailman.apnic.net/mailman/listinfo/sig-policy>, <mailto:sig-policy-request@lists.apnic.net?subject=subscribe>
  • List-unsubscribe: <https://mailman.apnic.net/mailman/options/sig-policy>, <mailto:sig-policy-request@lists.apnic.net?subject=unsubscribe>

    • Dear SIG members

      A new version of the proposal "prop-132: AS0 for Bogons"
      has been sent to the Policy SIG for review.

      Information about earlier versions is available from:
      http://www.apnic.net/policy/proposals/prop-132

      You are encouraged to express your views on the proposal:

        - Do you support or oppose the proposal?
        - Is there anything in the proposal that is not clear?
        - What changes could be made to this proposal to make it more effective?

      Please find the text of the proposal below.

      Kind Regards,

      Sumon, Bertrand, Ching-Heng
      APNIC Policy SIG Chairs


      ----------------------------------------------------------------------

      prop-132-v002: AS0 for Bogons

      ----------------------------------------------------------------------

      Proposer: Aftab Siddiqui
                 aftab.siddiqui@gmail.com


      1. Problem statement
      --------------------
      Bogons are defined in RFC3871, A "Bogon" (plural: "bogons") is a packet
      with an IP source address in an address block not yet allocated by IANA
      or the Regional Internet Registries (ARIN, RIPE NCC, APNIC, AFRINIC and
      LACNIC) as well as all addresses reserved for private or special use by
      RFCs.  See [RFC3330] and [RFC1918].

      As of now, there are 287 IPv4 bogons and 73 IPv6 bogons in the global 
      routing
      table. In the past, several attempts have been made to filter out such 
      bogons
      through various methods such as static filters and updating them 
      occasionally
      but it is hard to keep an up to date filters, TeamCymru and CAIDA 
      provides full
      bogon list in text format to update such filters. TeamCymru also 
      provides bogon
      BGP feed where they send all the bogons via a BGP session which then can be
      discarded automatically. Beside all these attempts the issue of Bogon 
      Advertisement
      hasn't be resolved so far.


      2. Objective of policy change
      -----------------------------
      The purpose of creating AS0 (zero) ROAs for unallocated address space by 
      APNIC
      is to resolve the issue of Bogon announcement. When APNIC issues an AS0 
      ROA for
      unallocated address space under APNIC’s administration then it will be 
      marked as
      “Invalid” if someone tries to advertise the same address space.


      Currently, in the absence of any ROA, these bogons are marked as 
      “NotFound”. Since
      many operators have implemented ROV and either planning or already 
      discarding “Invalid”
      then all the AS0 ROAs which APNIC will create for unallocated address 
      space will be
      discarded as well.

      3. Situation in other regions
      -----------------------------
      No such policy in any region at the moment.


      4. Proposed policy solution
      ---------------------------
      APNIC will create AS0(zero) ROAs for all the unallocated address space 
      (IPv4 and IPv6)
      for which APNIC is the current administrator. Any resource holder (APNIC 
      member) can
      create AS0 (zero) ROAs for the resources they have under their 
      account/administration.


      A ROA is a positive attestation that a prefix holder has authorised an 
      AS to originate a
      route for this prefix whereas, a ROA for the same prefixes with AS0 
      (zero) origin shows
      negative intent from the resource holder that they don't want to 
      advertise the prefix(es)
      at this point but they are the rightful custodian.


      Only APNIC has the authority to create ROAs for address space not yet 
      allocated to the members
      and only APNIC can issue AS0 (zero) ROAs. Once they ROA is issued and 
      APNIC wants to allocate
      the address space to its member, simply they can revoke the ROA and 
      delegate the address space
      to members. (this proposal doesn't formulate operational process).

      5. Advantages / Disadvantages
      -----------------------------
      Advantages:
      Those implementing ROV globally and discarding the invalids will be able 
      to discard bogons from
      APNIC region automatically.

      Disadvantages:
      No apparent disadvantage

      6. Impact on resource holders
      -----------------------------
      No impact to APNIC or respective NIR resource holders not implementing 
      ROV. Those implementing ROV
      and discarding the invalids will not see any bogons in their routing table.


      7. References
      -------------------------------------------------------
      RFC6483 - https://tools.ietf.org/rfc/rfc6483.txt
      RFC6491 - https://tools.ietf.org/rfc/rfc6491.txt
      RFC7607 - https://tools.ietf.org/rfc/rfc7607.txt
      _______________________________________________