<div dir="ltr"><div class="gmail_extra"><div class="gmail_extra"><div style="font-size:small;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial"><br></div><br></div></div><div class="gmail_extra"><div class="gmail_quote">On Mon, Jun 18, 2018 at 4:28 PM, Job Snijders <span dir="ltr"><<a href="mailto:job@ntt.net" target="_blank">job@ntt.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div><div dir="auto">Dear working group,</div><div dir="auto"><br></div><div dir="auto">Feedback welcome - should 2002::/16 still be accepted in the DFZ?</div></div><div dir="auto"><br></div><div dir="auto">Kind regards.</div><div dir="auto"><br></div><div dir="auto">Job</div><div><br><div class="gmail_quote"><div>---------- Forwarded message ---------<br>From: Job Snijders <<a href="mailto:job@ntt.net" target="_blank">job@ntt.net</a>><br>Date: Mon, 18 Jun 2018 at 23:08<br>Subject: Time to add 2002::/16 to bogon filters?<br>To: NANOG [<a href="mailto:nanog@nanog.org" target="_blank">nanog@nanog.org</a>] <<a href="mailto:nanog@nanog.org" target="_blank">nanog@nanog.org</a>><br></div><br><br><div dir="auto">Dear all,</div><div dir="auto"><br></div><div dir="auto">TL;DR: Perhaps it is time to add 2002::/16 to our EBGP bogon filters?</div><div dir="auto"><br></div><div dir="auto">It is kind of strange that in the default-free zone (where we don’t announce defaults to each other) - we will propagate what is effectively an IPv4 default-route, in the IPv6 DFZ. </div><div dir="auto"><br></div><div dir="auto">IETF has politely abandoned the prefix: <div><a href="https://tools.ietf.org/html/rfc7526" target="_blank">https://tools.ietf.org/html/<wbr>rfc7526</a></div></div></div></div></blockquote><div class="gmail_quote"><br></div>RFC7526 most certainly does not deprecate or abandon the prefix 2002::/16. <br><br>From Section 4 of RFC7526;<br><br> This document formally deprecates the anycast 6to4 transition mechanism defined in [RFC3068] and the associated anycast IPv4 address 192.88.99.1.<br> ...<br> The basic unicast 6to4 mechanism defined in [RFC3056] and the associated 6to4 IPv6 prefix 2002::/16 are not deprecated.<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div><div class="gmail_quote"><div dir="auto">Wes George highlighted operational problems from accepting 2002::/16 on the data-plane slide 6: <div><a href="http://iepg.org/2018-03-18-ietf101/wes.pdf" target="_blank">http://iepg.org/2018-03-18-<wbr>ietf101/wes.pdf</a></div></div></div></div></blockquote><div><br>I don't see a slide 6, slide 5 proposes to "Reject DNS queries from 2002::/16 and just let it fall back to IPv4." That seems reasonable to me because by definition a 6to4 host should have IPv4 connectivity, and doing DNS over 6to4 seems like a really bad idea even if 6to4 is working for you. However, it's a long way from completely bogonising 2002::/16</div><div> <br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div><div class="gmail_quote"><div dir="auto">Is there still really any legit reason left to accept, or propagate, 2002::/16 on EBGP sessions in the DFZ?</div></div></div></blockquote><br>Section 6 of RFC7526 has several recommendations, filtering 2002::/16 is not generally one of them. However, if your customers are not using 6to4 at all, then filtering 2002::/16 probably won't hurt anything. But that is not the same thing as saying that 2002::/16 is a bogon in all situations, and that is not supported by RFC7526. If you have other data to support bogonising 2002::/16 I'm happy to listen.<br> <blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div><div class="gmail_quote"><div dir="auto">Kind regards,</div><div dir="auto"><br></div><div dir="auto">Job</div></div></div></blockquote></div><div><br></div>-- <br><div class="gmail_signature">===============================================<br>David Farmer <a href="mailto:Email%3Afarmer@umn.edu" target="_blank">Email:farmer@umn.edu</a><br>Networking & Telecommunication Services<br>Office of Information Technology<br>University of Minnesota <br>2218 University Ave SE Phone: 612-626-0815<br>Minneapolis, MN 55414-3029 Cell: 612-812-9952<br>===============================================</div> </div></div>