From 7c2e84f5c2fa68f4a45d49bb26800b6e664e87c0 Mon Sep 17 00:00:00 2001
From: phessler <>
Date: Fri, 11 Sep 2015 14:55:30 +0000
Subject: [PATCH] When ARIN prepared for the IPv4-pocolypse, they put aside a
 /10 for **smaller than /24 allocations**.  Our default ruleset will not allow
 those, even though they will be for various pieces of critical dual-stack
 infrastructure to help IPv6-only systems survive.

This adds a default rule to allow those blocks.  With it, I see the
RIPE announced test blocks on our AMS-IX peers.

ARIN announced this block and policy at, enjoy
https://www.arin.net/announcements/2014/20140130.html

OK benno@, claudio@, sthen@, florian@
---
 src/etc/examples/bgpd.conf | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/etc/examples/bgpd.conf b/src/etc/examples/bgpd.conf
index d5fe6672..98b850f3 100644
--- a/src/etc/examples/bgpd.conf
+++ b/src/etc/examples/bgpd.conf
@@ -1,4 +1,4 @@
-# $OpenBSD: bgpd.conf,v 1.1 2014/07/11 17:10:30 henning Exp $
+# $OpenBSD: bgpd.conf,v 1.2 2015/09/11 14:55:30 phessler Exp $
 # sample bgpd configuration file
 # see bgpd.conf(5)
 
@@ -87,6 +87,12 @@ allow from any inet6 prefixlen 16 - 48
 #allow from any prefix 0.0.0.0/0
 #allow from any prefix ::/0
 
+# https://www.arin.net/announcements/2014/20140130.html
+# This block will be subject to a minimum size allocation of /28 and a
+# maximum size allocation of /24. ARIN should use sparse allocation when
+# possible within that /10 block.
+allow from any inet prefix 23.128.0.0/10 prefixlen 24 - 28	# ARIN IPv6 transition
+
 # filter bogus networks according to RFC5735
 deny from any prefix 0.0.0.0/8 prefixlen >= 8		# 'this' network [RFC1122]
 deny from any prefix 10.0.0.0/8 prefixlen >= 8		# private space [RFC1918]