As far as my understanding goes, RFC3021 is unsupported on some router devices widely used as it doesn't have a broadcast and network address and is therefore invalid (/s), so some ISPs default to /30 instead for peering and don't filter out their peering networks in BGP.
I think the reason for using /30s instead of /31s is mostly legacy. It's a 19 year old standard and most vendors support it.
Regardless of the point-to-point subnet used for the local peering connection, it's interesting that that many /30s have leaked into the default-free zone. BCP 194 recommends filtering IPv4 prefixes longer than a /24.
Advertising the longest generally-accepted prefix is more of a BGP hijack defense than a DDoS defense. Longest prefix always wins in IP forwarding, so advertising the longest prefix enforces that the best path to you is (usually) selected by local preference or AS path length.
I see it used in DDoS defense by "hijacking" the traffic of the /32. The standard unprotected provider gets hit and the mitigation provider announces a more specific /48 then tunnels the traffic back out of band
The cost of an IP address has risen 3x in those 5 years. It now costs $5500 for a /24. This is a barrier to entry for some, and will become a barrier to entry to more as prices continue to increase.
12 comments
[ 3.1 ms ] story [ 46.8 ms ] threadRegardless of the point-to-point subnet used for the local peering connection, it's interesting that that many /30s have leaked into the default-free zone. BCP 194 recommends filtering IPv4 prefixes longer than a /24.