In October 2014 we started announcing a few longer-than-/24 prefixes and determined they were not very visible according to the Routing Information Service (RIS) and RIPE Atlas measurements. Now, almost a year later, we revisit this.
At the time of writing this article, ARIN had only 65 /24 IPv4 blocks available in its pool. That pool is expected to run out fairly soon, so one can expect a bit more pressure on other means to obtain IPv4 address space in the ARIN service region. One interesting block of IPv4 address space in the ARIN pool is 23.128/10, which is reserved
to facilitate IPv6 deployment (
see policy
)
.
In September 2014 the RIPE NCC received experimental assignments from this 23.128/10 block to test reachability of prefixes. What's special about them is that the maximum allocation size is a /24, while the minimum allocation size is a /28. There has been much discussion on the NANOG mailing list about the usability and routability of prefixes longer than a /24. So we decided to test that. The results were published in Propagation of Longer-than-/24 IPv4 Prefixes on RIPE Labs.
Here we describe how our measures of reachability of these prefixes have changed since we last reported on this.
Routing setup changes
We announce two sets of a /24, /25 and /28 from Routing Information Service (RIS) route collector rrc03 in Amsterdam. One set has valid route objects, the other set does not.
In early September 2015 we changed the configuration of rrc03 slightly, so that it gets transit via AS3333, and is now part of AS3333's AS-SET object. After this change we also started actively asking AS3333 transits to consider transiting these routes.
RIS view (control plane)
Figure 1 shows the absolute number of RIS peers that see routes to each of the six prefixes. As we've started to take new RIS peers again, the absolute number of peers seeing our control /24 prefixes went up in August and September, but the number of peers seeing longer prefixes remained at their low levels, although the trend is slightly upwards. Note the three (and a half) distinct dips (November 2014, February 2015, June 2015, and a half one in October 2014) are data collection artifacts, due to maintenance.
Figure 1: Number of RIS peers seeing routes for /24 and longer prefixes out of 23.128/10.
So the most visible longer-than-/24 prefix out of this set is (unsurprisingly) the /25, with a route object, at roughly 25% of RIS peers relative to the /24 prefixes.
If we look at the routes to this prefix in more detail, we see a surprisingly large number of educational-type networks (NRENs) that accepted this route already via AS1103 (SURFnet) and AS20965 (Geant). See Figure 2 below.
Figure 2: Propagation of /25 with route objects for all RIS peers on 9 September 2015 at 10:39:36 . The educational-type networks fan out from AS20965 on the right hand side. Visualisation by BGPlay as part of RIPEstat.
RIPE Atlas view (data plane)
We also have measurements in RIPE Atlas towards pingable targets in all six prefixes. Figure 3 below shows reachability to these six prefixes measured from RIPE Atlas. For methodology details, see [1] .
As you can see in this figure, reachability of these prefixes hasn't changed dramatically in the past year. A reachability of up to 30% for the longer-than-/24 prefixes is not enough for most purposes for which people use IPv4 address space. There is an interesting jump towards the end of June 2015 where both the /25 and /28 reachability jump by a few percentage points. We haven't identified what caused this.
Figure 3: Reachability of experimental /24 and longer prefixes out of 23.128/10 as seen by RIPE Atlas.
Currently about 6% of ASNs in the IPv4 routing table have at least one RIPE Atlas probe. We expect this coverage to be biased towards network operators and others interested in networking, so the number we show here could very well be on the high side.
Conclusion
Both control plane and data plane measurements show low (15-30%) visibility/reachability for longer-than-/24 prefixes out of ARIN's 23.128/10 address space. This makes longer-than-/24 prefixes not usable for the purpose of providing global Internet service, and if one requests address space from ARIN from this particular address block, requesting a /24 seems to be the wise choice.
Our efforts in September 2015 to try to maximise reachability of these prefixes had very little effect. Putting the setup behind AS3333 and asking our transits about this didn't change things much. Neither did making the longer-than-/24 prefixes visible at the Amsterdam Internet Exchange ( AMS-IX ) route servers.
We'll further monitor this, and if we see interesting changes in reachability and visibility, especially after publishing this post, we'll add an update to the post with updated graphs.
[1] Methodology: For this figure we took a sample of RIPE Atlas data every three days and we converted that to AS level data. We only show data for ASNs where all probes succeeded or all probes failed reaching a certain destination. Mixed-result-ASNs were in the order of 1% or less of the results.
Comments 5
Comments are disabled on articles published more than a year ago. If you'd like to inform us of any issues, please reach out to us via the contact form here.
Tassos •
Are there any measurements on the estimated size of the global BGP table when all of these (possible) /25 to /28 blocks don't get filtered?
Hide replies
Emile Aben •
Interesting thought. We'd need to specify what /25 to /28 we would expect. Just limiting this thought experiment to 23.128/10 , it could be deaggregated to 2^18 = 262,144 IPv4 prefixes. I don't want to think about how many prefixes it would be if the whole Internet address space would be /25 to /28 IPv4 prefixes, but all of IPv4 address space (excluding D and E class, and reserved /8s) deaggregated to /28s would be 221/256*2^28 = 231,735,296 IPv4 prefixes. (all back-of-the-envelope, hope somebody can correct me on typos and/or thinkos). As to how prevalent they are 'in-the-wild': We do get some longer-than-/24s in the RIS route collectors, but I have no idea how representative that would be for the wider Internet, as they don't propagate well as shown in the main article above.
Tassos •
So the idea of changing the /24 filters to something longer, if announced to the public and taken advantage of by a noticeable percentage, might cause some kind of meltdown to many border routers.
Teun •
Any plans on doing similar tests for IPv6 prefix reachability?
Hide replies
Emile Aben •
We did this 3 years ago: https://labs.ripe.net/Members/emileaben/ripe-atlas-a-case-study-of-ipv6-48-filtering , but nothing planned currently to do this structurally. I like the idea of doing a similar setup for IPv6.