Renumbering out of 212.13.194.0/23

From BitFolk
Jump to navigation Jump to search

Background

BitFolk currently operates out of an IP address range assigned from its single upstream transit provider, Jump Networks. This assignment has gradually grown from 212.13.198.0/27, through a renumbering into 212.13.194.0/24 and then expanded to 212.13.194.0/23.

The time is now long overdue for BitFolk to be using its own IP address allocation. This allows for independence from one transit/colo provider, as well as to make use of additional transit. BitFolk has been allocated 85.119.80.0/21 by RIPE and is now in the process of renumbering into this space.

Phase I: customer-facing infrastructure

In general all infrastructure is going to renumber into 85.119.80.0/23 rather than being inter-mingled throughout the range with customer IPs.

Currently in progress

NTP servers

  • Announcement
  • Old IPs:
    • 212.13.195.3
    • 212.13.195.4
  • New IPs:
    • 85.119.80.232
    • 85.119.80.233
  • Status: Renumbered, allowing time for customers to update their ACLs
  • Typical places for customers to reference these IPs:
    • restrict ACLs in /etc/ntp.conf
    • Possibly firewall config
  • Old IPs to be withdrawn from service: 2011-10-11

Authoritative DNS server a.authns.bitfolk.com

  • Announcement
  • Old IP:
    • 212.13.194.70
  • New IP:
    • 85.119.80.222
  • Status: Renumbered, allowing time for customers to update their ACLs, zones and registrars
  • Typical places for customers to reference these IPs:
    • Firewall and ACLs for zone transfers (likely)
    • Zone files if you've gone out of your way to create your own nameserver records
    • Registrars if you've created nameservers with these IPs
  • Old IP to be withdrawn from service: 2011-10-17

Spamd service IP

  • Announcement
  • Old IP:
    • 212.13.194.5
  • New IP:
    • 85.119.80.248
  • Status: Renumbered, allowing time for customers to update their mail config and ACLs
  • Typical places for customers to reference these IPs:
    • Mail server config
    • Possibly firewall
  • Old IP to be withdrawn from service: 2011-10-18

Entropy service IP

  • Announcement
  • Old IP:
    • 212.13.194.102
  • New IP:
    • 85.119.80.215 (but please use the host name entropy.lon.bitfolk.com)
  • Status: Renumbered, allowing time for customers to update their config and ACLs
  • Typical places for customers to reference these IPs:
    • /etc/default/ekeyd-egd-linux
    • Possibly firewall
  • Old IP to be withdrawn from service: 2011-10-30

Completed

If you're still using old IPs for these then you can expect that to stop working at any time.

  • All dom0 (host) machines
  • All resolvers

We're not listing the things that are always used by host name (like web sites) and/or not customer-facing (e.g. spamd backend nodes).

Phase II: customers

This phase has not yet begun, but it is imminent. Here's how it's probably going to work, but these plans are subject to change until announced.

  1. All customers will be routed one IPv4 address in the new range for each IPv4 address they have in the old range. e.g.
    • 212.13.194.x85.119.82.x
    • 212.13.195.y85.119.83.y
  2. An announcement will go out that this has happened, and to advise customers to switch to using only the new range as soon as possible.
  3. If you're lucky, BitFolk will monitor traffic to see who is still receiving traffic to the old range of IP addresses and send them a periodic auto-whine email.
  4. Three months after step 1, the old range of IP addresses will cease to be routed.

What about IPv6?

We will also be renumbering all IPv6 as well but consider it too much to cover at once, so it will be done later. In particular, customer prefixes are likely to go from /64 to /56 or /48.

Retrieved from "https://tools.bitfolk.com/w/index.php?title=Renumbering_out_of_212.13.194.0/23&oldid=278"