On 30 Aug 2021, at 9:31 PM, Christopher Morrow <morrowc.lists@gmail.com> wrote:
(I'm going to regret this in the morning, but...)
Perhaps...
On Mon, Aug 30, 2021 at 8:12 PM Owen DeLong via NANOG <nanog@nanog.org <mailto:nanog@nanog.org>> wrote:
AFRINIC approves IPv4 for the purpose of leasing every day. It’s what ISPs do. It’s the definition of an LIR.
All of the RIR's do this, yes. Also, yes LIR/ISP allocate space to their customers. That space may never be actually seen on the ISP/LIR network and may never be seen on the greater Internet...
Quite correct. The operational need for address space can indeed by “internal”; i.e. not routed on the greater Internet.
Yes, most LIRs are also in the connectivity business and provide addresses (mostly/exclusively) to customers of their connectivity services.
If you (royal you) were a datacenter operator and allocated ip space to your customers (machines in racks or vms on machines in racks, etc), is there a real difference here if the machines/vms never exposed or used their IP addresses outside if the tiny world they inhabit ? (the rack or machine)
The want of unique addressing is not uncommon, the need for this in the face of M&A or other business requirements isn't new. Yes, these addresses may not be used outside of the datacenter, or the rack or the machine, but they are still accounted for in: 1) the RIR (to the LIR) 2) the LIR (to the customer) 3) the customer (on machine/vm)
It's a resource that the LIR/datacenter operator must account for, and must have capacity planning bits/pieces in place to handle.
Also all correct, but I will note that in the above case there is some form of networking services being provided and thus require the use of unique addresses to make it happen. Again, the routing to the greater internet isn’t necessarily a component to having the need for IP address space to provide networking services.
I think the discussion about 'with connectivity services' is a bit orthogonal. I also think that if there were such a policy requirement all RIR and LIR would be in violation of that requirement immediately, so I don't imagine that there's going to be one forthcoming.
You have read “connectivity” to be “routed on the greater Internet” and yet we’re all aware that there are many useful networking services that don’t equate - a broadband connection to one’s home may only route a single IP to the greater Internet, but all the devices inside still benefit from the network service provided. Even if the network service provided is entirely internal, there is still networking involved and thus an operational need for IP address to make such networking work. In the ARIN region, if you request IP address space, we assess that per the community-developed Number Resource Policy Manual, i.e. <https://www.arin.net/participate/policy/nrpm/ <https://www.arin.net/participate/policy/nrpm/>> All assignments are made accordingly to “operational need” even to this day - i.e. you have to have some actual networking requirement if you are to be issued an IP address block, although this doesn’t equate to “must be routed on the public Internet”. Do we have parties who postulate their operational need based on entirely internal services, or services that live within virtual devices in a data center? Sure… and some of these are indeed legitimate and fulfilled per policy. We also have folks who get creative and make similar requests for purposes of obtaining address blocks from ARIN – absent any bona fide networking need –for subsequent monetization and these reviewed, revoked, and can be referred to criminal fraud proceedings. For those who need IP address blocks for their network operation, it’s really not complicated – you can call, email, or chat with the ARIN Helpdesk and we’ll work you through it. I don’t know about the policy in the other region, but can state unequivocally that if you call with the need for IP address space for an actual operational networking situation, we’ll do our best to help you with your request and get it approved based on whatever the policies allow. I can also say that if one's purported operational need for address space is "for reassignment to customers but completely absent any networking service”, then don’t bother applying to ARIN – the policies do not provide for issuance under such circumstances and have never in the ARIN region. FYI, /John John Curran President and CEO American Registry for Internet Numbers