Similar to an experiment done for IPv4 address space, Merit is now performing a darknet experiment with the IPv6 ranges that have been allocated to the RIRs. This also includes prefixes allocated to the RIPE NCC.
16 November 2012: Responding to concerns from IPv6 address space users, we have requested Merit to replace the 2A00::/12 announcement with announcements for currently unallocated address space: 2a04::/14 and 2a08::/13.
Similar to the darknet experiment Merit performed for various IPv4 ranges allocated to the RIRs (see First Impressions of Pollution in Two RIPE NCC Darknets ), MERIT is now performing a darknet experiment for the IPv6 ranges allocated to the RIRs. The RIPE NCC has authorised Merit to temporarily use and announce 2a00::/12 which was allocated to the RIPE NCC by the IANA.
As part of this experiment, MERIT will announce every /12 allocated to each RIR first sequentially and then together. These announcements will each last one week starting on 1 November 2012. You can find more information about this experiment on the Merit web site .
This effort is a follow-up of the work performed by Geoff Huston, Chief Scientist at APNIC for different regions in order to understand any regional variations that might exist (see Traffic in Network 14.0.0.0/8 and 223.0.0.0/8 and Traffic in 1.0.0.0/8 ). The goal is to collect any unwanted traffic in the darknet of the experiment.
Together with MERIT and Geoff Huston, the RIPE NCC will analyse the data and results will be published here on RIPE Labs. We will also have access to the data in case further analysis is warranted.
Comments 3
Comments are disabled on articles published more than a year ago. If you'd like to inform us of any issues, please reach out to us via the contact form here.
Mirjam Kühne •
We received reports from people getting alert emails from the Resource Certification (RPKI) service. The alerting system can warn you if some of your certified address space has the RPKI validity "Unknown" or "Invalid". The warning will look something like this: > There are alerts about BGP announcements with your certified address > space in the Resource Certification (RPKI) service. > > These are BGP announcements with your certified address space that have > the status Unknown. You should create a ROA for each authorised > announcement to make them Valid: > > AS Number Prefix > AS237 2a00::/12 > > You are able to fix and ignore reported issues, change your alert > settings, or unsubscribe by visiting http://certification.ripe.net/. In this case, the alert is triggered for LIRs who hold an IPv6 address block, but do not announce (all of) it. The *unannounced* address space is being "hijacked" by MERIT as part of its darknet experiment. If you have received the alert, your certified, unannounced IPv6 prefix is hijacked by AS237 because 2a00::/12 is the most specific announcement that overlaps with it. There are two things you can do: 1. Announce *all* of the IPv6 address space you hold. This way AS237 cannot hijack your prefix with a less specific announcement. 2. Suppress the alert for the announcement from AS237 in the Resource Certification (RPKI) system in the LIR Portal. Please note that the RPKI alerting system uses the RIPE NCC Route Collectors to trigger the errors, so there may be slight differences between what they see and what you actually do.
Hide replies
Luci Stanescu •
Hi Mirjam, After receiving the RPKI alerts and e-mailing Merit, I was pointed to this page. Unfortunately, I don't see the 2a00::/12 announcement in the RPKI interface, so I can't suppress the alerts.
Hide replies
Alex Band •
According to RIPE Stat, Merit stopped announcing the prefix: https://stat.ripe.net/widget/routing-status#w[resource]=2a00%3A%3A%2F12 "It was last seen on 2012-11-13 16:00:00Z, announced by AS237." That would be the reason you can no longer see it in the RPKI interface. You also shouldn't be getting an alert email tonight.