On Tue, 27 Jun 2017 at 22:29, Krunal Shah <ks...@primustel.ca> wrote:
> Hello, > > What subnet mask you are people using for point to point IPs between two > ASes? Specially with IPv6, We have a transit provider who wants us to use > /64 which does not make sense for this purpose. isn’t it recommended to use > /127 as per RFC 6164 like /30 and /31 are common for IPv4. Yes, "longer than /64" subnets are fine for point2point. If the equipment on both sides supports RFC 6164 I'd use a /127, otherwise a /126. I was thinking, if someone is using RFC7404 for point to point IP between > two ASes and establish BGP over link local addresses. This way you have > your own IP space on your router and transit provider does not have to > allocate IP space for point to point interface between two ASes. In > traceroutes you would see only loopback IP address with GUA assigned from > your allocated routable address space. Remotely DDoS to this link isn’t > possible this way. Thoughts? I wouldn't use link-local in context of Inter-Domain Routing. Too hard to troubleshoot, many networks expect globally unique IP addresses for their BGP neighbors, you want to be able to call a NOC and have the IPs function as semaphore for the circuit ID. What you could do is set aside a block which you blackhole or tarpit through ingress ACLs, and use linknets from that "globally unusable ip space". Some providers can offer you a router2router linknet from such unreachable IP space so you don't have to set it apart. Kind regards, Job >
