Re: IP range for lease
Dear NANOG-ers, Hope this email finds you in good health! Please see my comments below, inline... Le jeudi 6 juillet 2023, Owen DeLong via NANOG <nanog@nanog.org> a écrit :
Karin,
Opinions regarding leasing vary throughout the industry. In my opinion, since the shift to provider assigned addresses during the CIDR efforts in the mid 1990s, the majority of addresses have been leased in one form or another.
Hi Owen, Thanks for your email, brother. ...do you mean that such activity was supported by a policy? or it was just a disruption of a principle which is fundamental; in order to guarantee that the common INRs (Internet Number Resources) are fairly distributed and not easily stockpilled?
The only thing novel here is the leasing of addresses independent of connectivity services.
So! it's a leasing of something not owned? and it became worse with the idea of Monkey(ing it)-In- The-middle (MITM)... What's the difference, please? Are you trying to change a definition, in order to convince this community that this sad practice was started at the very beginning of the INRs distribution? What's your understanding of "need-based"? Why are they stocking INRs without any need to properly use it? ...imho! the waiting list would be less longer with those INRs withing the free pools.
However, once the RIRs and their communities normalized the sale of addresses through directed transfer policies, I think this was an
Any RIR's policy you can share, to support your say?
inevitable next step in the devolution of IPv4 into a monetized asset.
What's the relation between leasing INRs and transfering it? Brother, you know that: * an INR transfer is a one time change in holdership * where leasing INRs is a proof that there is no longer any need of the community's resource held. ...imho! the communities chose a good approach in support to those who maintain Internet services and build the Internet infrastructure. It should be seen as an exceptional rule, not the usual...because it's an alternative when need ends. ...the other alternative, consistent with the principle, is not the leasing of INRs; but the returning.
It doesn’t help that the earliest and most prolific adopters of this form of leasing have been snowshoe spammers.
It helps to better understand how bad is the thing :'( ...please, do consider the following scenario: |1. you have a fundamental principle for INRs distribution within the regional RIR |2. for each resource holder, the RIR is responsible to enforce the Policy Manual |3. a resource holder receives some INRs from a regional RIR |4. that resource holder stops to comply to the principle in "1" |5. the INRs delegated to that resource holder are not used according to the community-based Policy Manual |6. in order to justify its use, that resource holder assign part of the delegated INRs to its clients |7. the clients are asked to comply the the Policy Manual; including the fundamental principle in "1" |8. . How shall it end?
However, there are leasing agencies that insist on getting proper justification from their customers and have strong anti-abuse policies.
Great! btw! what's their need? who need a MITM in the process, when it's possible to simply transfer the resource or simply send it back to the free pool?
I would strongly encourage you to seek out such an organization to partner with if you choose to lease your addresses as there are a number of pitfalls you can encounter otherwise.
...risks are either ways! would you recommend to someone to put its private keys within one else personal's computer? Hi Karim, To summarise, if there is no longer a need, please do either one of the following three things: 1| send it back to the RIR; 2| change the word *lease* to *transfer* and announce your willing to transfer the INRs you hold. 3| do not hesitate to discuss your alternatives with the RIR's Staff. They are paid to support you! Thanks. Shalom, --sb.
Owen
On Jul 3, 2023, at 08:25, Noah <noah@neo.co.tz> wrote:
Hi KARIM,
Considering the fact that IPs are requested on need-basis by resource holders to number your own networks/systems and that of your clients?
Any reason why MEKTEL would want to offer IPs for lease?
Cheers, *.**/noah*
On Mon, Jul 3, 2023 at 6:16 PM KARIM MEKKAOUI <amekkaoui@mektel.ca> wrote:
[...]
-- Best Regards ! __ baya.sylvain[AT cmNOG DOT cm]|<https://cmnog.cm/dokuwiki/Structure> Subscribe to Mailing List: <https://lists.cmnog.cm/mailman/listinfo/cmnog/> __ #LASAINTEBIBLE|#Romains15:33«Que LE #DIEU de #Paix soit avec vous tous! #Amen!» #MaPrière est que tu naisses de nouveau. #Chrétiennement «Comme une biche soupire après des courants d’eau, ainsi mon âme soupire après TOI, ô DIEU!»(#Psaumes42:2)
To summarise, if there is no longer a need, please do either one of the following three things:
1| send it back to the RIR; 2| change the word *lease* to *transfer* and announce your willing to transfer the INRs you hold. 3| do not hesitate to discuss your alternatives with the RIR's Staff. They are paid to support you!
While those are probably the most altruistic things that could be done, almost nobody does those any more. Too much grey area with respect to property rights (or lack thereof) as they relate to INRs. Until there is more concrete case law on the matter, which isn't likely to happen in most of our careers, monetizing it will be the rule. On Mon, Jul 10, 2023 at 10:00 AM Sylvain Baya <abscoco@gmail.com> wrote:
Dear NANOG-ers, Hope this email finds you in good health!
Please see my comments below, inline...
Le jeudi 6 juillet 2023, Owen DeLong via NANOG <nanog@nanog.org> a écrit :
Karin,
Opinions regarding leasing vary throughout the industry. In my opinion, since the shift to provider assigned addresses during the CIDR efforts in the mid 1990s, the majority of addresses have been leased in one form or another.
Hi Owen, Thanks for your email, brother. ...do you mean that such activity was supported by a policy? or it was just a disruption of a principle which is fundamental; in order to guarantee that the common INRs (Internet Number Resources) are fairly distributed and not easily stockpilled?
The only thing novel here is the leasing of addresses independent of connectivity services.
So! it's a leasing of something not owned? and it became worse with the idea of Monkey(ing it)-In- The-middle (MITM)...
What's the difference, please?
Are you trying to change a definition, in order to convince this community that this sad practice was started at the very beginning of the INRs distribution?
What's your understanding of "need-based"? Why are they stocking INRs without any need to properly use it?
...imho! the waiting list would be less longer with those INRs withing the free pools.
However, once the RIRs and their communities normalized the sale of addresses through directed transfer policies, I think this was an
Any RIR's policy you can share, to support your say?
inevitable next step in the devolution of IPv4 into a monetized asset.
What's the relation between leasing INRs and transfering it?
Brother, you know that: * an INR transfer is a one time change in holdership * where leasing INRs is a proof that there is no longer any need of the community's resource held.
...imho! the communities chose a good approach in support to those who maintain Internet services and build the Internet infrastructure. It should be seen as an exceptional rule, not the usual...because it's an alternative when need ends.
...the other alternative, consistent with the principle, is not the leasing of INRs; but the returning.
It doesn’t help that the earliest and most prolific adopters of this form of leasing have been snowshoe spammers.
It helps to better understand how bad is the thing :'(
...please, do consider the following scenario:
|1. you have a fundamental principle for INRs distribution within the regional RIR |2. for each resource holder, the RIR is responsible to enforce the Policy Manual |3. a resource holder receives some INRs from a regional RIR |4. that resource holder stops to comply to the principle in "1" |5. the INRs delegated to that resource holder are not used according to the community-based Policy Manual |6. in order to justify its use, that resource holder assign part of the delegated INRs to its clients |7. the clients are asked to comply the the Policy Manual; including the fundamental principle in "1" |8. .
How shall it end?
However, there are leasing agencies that insist on getting proper justification from their customers and have strong anti-abuse policies.
Great! btw! what's their need? who need a MITM in the process, when it's possible to simply transfer the resource or simply send it back to the free pool?
I would strongly encourage you to seek out such an organization to partner with if you choose to lease your addresses as there are a number of pitfalls you can encounter otherwise.
...risks are either ways! would you recommend to someone to put its private keys within one else personal's computer?
Hi Karim, To summarise, if there is no longer a need, please do either one of the following three things:
1| send it back to the RIR; 2| change the word *lease* to *transfer* and announce your willing to transfer the INRs you hold. 3| do not hesitate to discuss your alternatives with the RIR's Staff. They are paid to support you!
Thanks.
Shalom, --sb.
Owen
On Jul 3, 2023, at 08:25, Noah <noah@neo.co.tz> wrote:
Hi KARIM,
Considering the fact that IPs are requested on need-basis by resource holders to number your own networks/systems and that of your clients?
Any reason why MEKTEL would want to offer IPs for lease?
Cheers, *.**/noah*
On Mon, Jul 3, 2023 at 6:16 PM KARIM MEKKAOUI <amekkaoui@mektel.ca> wrote:
[...]
--
Best Regards ! __ baya.sylvain[AT cmNOG DOT cm]|<https://cmnog.cm/dokuwiki/Structure> Subscribe to Mailing List: <https://lists.cmnog.cm/mailman/listinfo/cmnog/
__ #LASAINTEBIBLE|#Romains15:33«Que LE #DIEU de #Paix soit avec vous tous! #Amen!» #MaPrière est que tu naisses de nouveau. #Chrétiennement «Comme une biche soupire après des courants d’eau, ainsi mon âme soupire après TOI, ô DIEU!»(#Psaumes42:2)
Too much grey area with respect to property rights (or lack thereof) as they relate to INRs. Until there is more concrete case law on the matter, which isn't likely to happen in most of our careers, monetizing it will be the rule.
Hopefully IPv4 becomes irrelevant (although still used) before that happens. That said, the history of other US high courts decisions on critical resources (domains + numbers) is of very reasoned decisions, so if one comes along, it will likely not be what "monetizers" would prefer. Rubens
On Jul 10, 2023, at 06:58, Sylvain Baya <abscoco@gmail.com> wrote:
Dear NANOG-ers, Hope this email finds you in good health!
Please see my comments below, inline...
Le jeudi 6 juillet 2023, Owen DeLong via NANOG <nanog@nanog.org <mailto:nanog@nanog.org>> a écrit :
Karin,
Opinions regarding leasing vary throughout the industry. In my opinion, since the shift to provider assigned addresses during the CIDR efforts in the mid 1990s, the majority of addresses have been leased in one form or another.
Hi Owen, Thanks for your email, brother. ...do you mean that such activity was supported by a policy? or it was just a disruption of a principle which is fundamental; in order to guarantee that the common INRs (Internet Number Resources) are fairly distributed and not easily stockpilled?
I mean that norms have evolved since the initial internet days: Original: All addresses were obtained from Jon Postel and recorded in his notebook. Next step: All addresses were obtained from NIC.DDN.MIL via email template submission. Then: All addresses obtained from successor NICs. Then: Addresses obtained from RIR or successor NIC. Then: Addresses obtained from provider or RIR or NIC, but still permanent issue. Then: Addresses obtained from RIR or NIC are (quasi-)permanent, but addresses obtained from provider are returned upon termination of services. (i.e. leased in association with connectivity) Then: Sometimes you could arrange to keep the addresses from your previous provider by paying them a periodic (annual, monthly, etc.) fee. Now: Essentially the same as the previous era, except that there are some providers who now provide leases without ever providing connectivity. To the best of my knowledge, none of the previous methods were controversial or even received significant notice as they occurred. It was just sort of the natural evolution of address distribution as the internet grew. Really, the difference between being able to pay a former provider to keep your addresses and being able to lease addresses from a non-provider doesn’t seem like a significant change from my perspective. I don’t see any disruption of principle here. To the bets of my knowledge, there is only one RIR which has a policy which specifically precludes this form of leasing (APNIC). Other RIRs policies are silent on the subject. The way number resource policy works is that it generally prohibits behaviors deemed unacceptable by the community rather than enumerating what is permitted. Therefore, silence is consent in most cases.
The only thing novel here is the leasing of addresses independent of connectivity services.
So! it's a leasing of something not owned? and it became worse with the idea of Monkey(ing it)-In- The-middle (MITM)...
I’m not sure I understand what you mean by that. Virtually all providers on the planet currently lease addresses to their subscribers. This occurs on a daily basis. I’d be willing to bet that whatever address you are using at home are leased addresses from your provider (mine are not, but I will admit that I do have leased addresses from providers terminating the tunnels I use to route my real addresses). Your objection here isn’t to leasing (everyone accepts leasing with connectivity for a very long time now, as the internet was relatively smalll when that change occurred.) Your objection is to connectivity independent leasing — leasing by entities that are not providing connectivity services to the lessee.
What's the difference, please?
An odd question given that my stated position is that there is little to no difference between connectivity-based leasing and connectivity independent leasing.
Are you trying to change a definition, in order to convince this community that this sad practice was started at the very beginning of the INRs distribution?
I’m not trying to change anything. The definition of leasing is the plain English meaning of the term — Permitted use of a thing for a period of time specified in a contract in exchange for some value received (usually a fee). This is true of apartments (monthly rent), IP addresses from ISPs (either built into the cost of your ISP services or billed as an add-on), and now IP addresses leased independent of connectivity.
What's your understanding of "need-based"?
So long as the end recipient of the addresses has a legitimate technical need for them, what difference is it who provides the address to them, whether IANA, an RIR, an ISP, or another entity that has registered addresses they don’t currently need?
Why are they stocking INRs without any need to properly use it?
There are so many possible explanations for this that it would be impossible to enumerate them all here, but some that come to mind: A company received a /16 back when they were being issued as class Bs. They are still using 75+% of it, but they have several /24s that they would like to allow others to utilize while they don’t need them. A company received a /8 back when they were being issued as class As. They are utilizing more than 50% of it, have no reason or desire to return it, and wish to monetize the parts they don’t currently need while preserving their ability to utilize them in the future.
...imho! the waiting list would be less longer with those INRs withing the free pools.
I have no strong opinion one way or the other about the waiting list. Frankly, I don’t really care about IPv4 other than the extent to which it continues to damage the internet because of the necessity of accommodating those who have not yet deployed IPv6. Efforts to preserve the viability or image of availability of IPv4 addresses through punitive or austerity measures only cause more harm in this regard.
However, once the RIRs and their communities normalized the sale of addresses through directed transfer policies, I think this was an
Any RIR's policy you can share, to support your say?
ARIN NRPM 8.3, ARIN NRPM 8.4, APNIC 2.13 et. Seq,, RIPE 682, LACNIC 2.3.2.18, https://afrinic.net/resources/transfers I think that covers all 5 RIRs. Is that sufficient?
inevitable next step in the devolution of IPv4 into a monetized asset.
What's the relation between leasing INRs and transfering it?
Leasing is a financial contract to transfer an asset for a limited time in exchange for compensation. A transfer can be done either for a specified time (lease) or permanently. Admittedly, with the exception of RIPE, which specifically enumerates procedures for temporary transfers registered with the RIR, the other RIRs treat leases (temporary transfers) as something strictly between the parties and not involving a transfer of the RIR relationship (other than to the extent that said transfers may be recorded in whois or RDAP through SWIP or other processes). The transfers involving an RIR are generally permanent and usually relate to a sale of number resources. So I think that your question would be better phrased as what is the relation between RIR transfers and leasing? I believe I have answered that in the above paragraph.
Brother, you know that: * an INR transfer is a one time change in holdership * where leasing INRs is a proof that there is no longer any need of the community's resource held.
To the first point, yes, perhaps, with the likely exception of RIPE “temporary transfers”. To the second point, not necessarily. There are many circumstances where a company may have excess resources that are not (practically) severable from the resources they are utilizing. It’s relatively easy for a company holding a /16 to lease out 2,4, or even 30 /24s they don’t currently need for a period of time. It would be hard for them to return just those 30 /24s scattered through their address space while continuing to utilize the remaining 226 /24s that are in active use, for example. Your statement here makes multiple assumptions that are invalid in a variety of circumstances and is, therefore, not actually correct. Further, your failure to recognize that leasing related to connectivity is common practice which even you accept and distinguish it from connectivity-independent leasing, which is what you continue to simply call leasing further confuses the issue.
...imho! the communities chose a good approach in support to those who maintain Internet services and build the Internet infrastructure. It should be seen as an exceptional rule, not the usual...because it's an alternative when need ends.
The approach chosen has leasing built in. The vast majority of internet number resources in use today are leased to their end users. In general, it’s RIR->LIR->End user. The LIR is leasing them from the RIR — They pay an annual fee to the RIR in order to secure a registration of the particular addresses. The End user then leases some fraction of those addresses from the LIR. (The LIR is usually an ISP). This lease may be bundled with their connectivity services from said LIR/ISP, or it may be billed separately (e.g. Comcast charges business customers that want static addresses $15/month for each block of 5 addresses issued). That is the usual, whether you like it or not. The only thing that is novel in this discussion is the idea that an LIR isn’t necessary an ISP.
...the other alternative, consistent with the principle, is not the leasing of INRs; but the returning.
If an LIR is issuing the addresses according to the same policies and needs basis as the RIR that issued them, then how is it inconsistent with the principle? Returning is not always practical and rarely desirable, especially if the organization in question may need the addresses later or if the addresses represent a temporary excess.
It doesn’t help that the earliest and most prolific adopters of this form of leasing have been snowshoe spammers.
It helps to better understand how bad is the thing :'(
Well, it artificially gies the thing a bad name. However, it doesn’t have to be any worse than anything else we are doing.
...please, do consider the following scenario:
|1. you have a fundamental principle for INRs distribution within the regional RIR
It would be interesting if you could enumerate or explain this so-called fundamental principle to which you refer, because some of your subsequent statements are not necessarily consistent with what I perceive to be that principle. Ideally, if you could point to documentation supporting your interpretation, that would also be good.
|2. for each resource holder, the RIR is responsible to enforce the Policy Manual
Yes… To a certain extent. However, this must always be done through contract enforcement processes.
|3. a resource holder receives some INRs from a regional RIR
That’s how it often works, though there are alternatives… A resource holder may have received their resources prior to the creation of the RIR system. A resource holder may have received their resources from an NIR or LIR.
|4. that resource holder stops to comply to the principle in "1"
Going to need more detail here… For the time being, since you haven’t defined the principle in 1 and you haven’t defined the violation in question or in what manner they stopped complying, it’s hard to provide any meaningful comment.
|5. the INRs delegated to that resource holder are not used according to the community-based Policy Manual
This seems like an assumption that isn’t necessarily established fact. Care to elaborate and provide any specifics?
|6. in order to justify its use, that resource holder assign part of the delegated INRs to its clients
ISPs assign part of their delegated INRs to their clients on a daily basis. I don’t see anything wrong here. Please explain the issue?
|7. the clients are asked to comply the the Policy Manual; including the fundamental principle in "1"
In that case, what, exactly is the issue?
|8. .
How shall it end?
From what you have described above, it seems to me that you get the following ends: 1. The LIR in question profits. 2. The end-user in question gets IPv4 resources they might not have been able to acquire otherwise. 3. The finite IPv4 address space is utilized more efficiently. 4. The IPv4 route fragmentation problem goes from incredible quagmire to incredible quagmire * 1.000001. Overall, this doesn’t strike me as being any worse than any other IPv4 bandaid.
However, there are leasing agencies that insist on getting proper justification from their customers and have strong anti-abuse policies.
Great! btw! what's their need? who need a MITM in the process, when it's possible to simply transfer the resource or simply send it back to the free pool?
Transferring resources is incredibly capital intensive. Not all resources can be effectively or efficiently transferred (e.g. 30 /24s scattered throughout a /16). That which cannot be transferred also cannot be returned for the same technical reasons.
I would strongly encourage you to seek out such an organization to partner with if you choose to lease your addresses as there are a number of pitfalls you can encounter otherwise.
...risks are either ways! would you recommend to someone to put its private keys within one else personal's computer?
No, but everyone using Hosted RPKI already does this, so…
Hi Karim, To summarise, if there is no longer a need, please do either one of the following three things:
1| send it back to the RIR; 2| change the word *lease* to *transfer* and announce your willing to transfer the INRs you hold. 3| do not hesitate to discuss your alternatives with the RIR's Staff. They are paid to support you!
And here we have someone else’s opinion. I don’t agree with SB, but that’s nothing new. The difference is that while I recognize that SB has some valid points, I also recognize that there are a number of nuances and complexities in the real world that prevent universal application of his advice. Owen
On Jul 5, 2023, at 10:06 PM, Owen DeLong via NANOG <nanog@nanog.org> wrote: ... Opinions regarding leasing vary throughout the industry. In my opinion, since the shift to provider assigned addresses during the CIDR efforts in the mid 1990s, the majority of addresses have been leased in one form or another. The only thing novel here is the leasing of addresses independent of connectivity services. However, once the RIRs and their communities normalized the sale of addresses through directed transfer policies, I think this was an inevitable next step in the devolution of IPv4 into a monetized asset. It doesn’t help that the earliest and most prolific adopters of this form of leasing have been snowshoe spammers. However, there are leasing agencies that insist on getting proper justification from their customers and have strong anti-abuse policies. I would strongly encourage you to seek out such an organization to partner with if you choose to lease your addresses as there are a number of pitfalls you can encounter otherwise. To follow-up on Owen’s points and clarify just a bit (at least to respect to policy in the ARIN region) – – IP address blocks in the ARIN region are issued by ARIN based upon operational need (as per the community-developed policy document in the Number Resource Policy Manual [NRPM - https://www.arin.net/participate/policy/nrpm/]<https://www.arin.net/participate/policy/nrpm/%5D>) – Portions of IP address blocks are routinely “leased” by ISPs to customers, although such leasing has historically been as part of a bundle including connectivity services. – Because one needs IP addressed to provide connectivity services, leasing of address space as part of providing connectivity is considered operational need (and as such counts towards utilization of one’s address space) – Leasing of IP address space independent of connectivity doesn’t fulfill operational need, and hence doesn’t count as utilization when you come back to ARIN seeking additional space (or approval of a transfer inwards of an IP address block) – Leasing of IP address blocks independent of connectivity is not explicitly recognized in ARIN number resource policy (i.e. there is no policy that specifically allows or prohibits such activity.) – In the ARIN region, we have fairly clear guidelines requiring documentation [via SWIP, RWHOIS, RDAP…] of significant reassignment/reallocations to connectivity customers (as part of documenting IP address block usage), but no clear requirements for reporting of reissuance of space via leasing independent of connectivity. Furthermore, all address blocks in the ARIN registry are required to have accurate abuse contacts (unless residential in which case accurate contacts must be in the upstream providers block.) If folks wish to have the registry operate accordingly to some other policies, please submit a policy proposal <https://www.arin.net/participate/policy/pdp/appendix_b/> (or seek out a member of the ARIN Advisory Council <https://www.arin.net/about/welcome/ac/> which helps shepherd the policy development process and can assist you with preparation of same…) Thanks! /John John Curran President and CEO American Registry for Internet Numbers
On Jul 10, 2023, at 10:22, John Curran <jcurran@arin.net> wrote:
On Jul 5, 2023, at 10:06 PM, Owen DeLong via NANOG <nanog@nanog.org> wrote: ... Opinions regarding leasing vary throughout the industry. In my opinion, since the shift to provider assigned addresses during the CIDR efforts in the mid 1990s, the majority of addresses have been leased in one form or another.
The only thing novel here is the leasing of addresses independent of connectivity services. However, once the RIRs and their communities normalized the sale of addresses through directed transfer policies, I think this was an inevitable next step in the devolution of IPv4 into a monetized asset.
It doesn’t help that the earliest and most prolific adopters of this form of leasing have been snowshoe spammers.
However, there are leasing agencies that insist on getting proper justification from their customers and have strong anti-abuse policies. I would strongly encourage you to seek out such an organization to partner with if you choose to lease your addresses as there are a number of pitfalls you can encounter otherwise.
To follow-up on Owen’s points and clarify just a bit (at least to respect to policy in the ARIN region) –
– IP address blocks in the ARIN region are issued by ARIN based upon operational need (as per the community-developed policy document in the Number Resource Policy Manual [NRPM - https://www.arin.net/participate/policy/nrpm/] <https://www.arin.net/participate/policy/nrpm/%5D>)
– Portions of IP address blocks are routinely “leased” by ISPs to customers, although such leasing has historically been as part of a bundle including connectivity services.
– Because one needs IP addressed to provide connectivity services, leasing of address space as part of providing connectivity is considered operational need (and as such counts towards utilization of one’s address space)
– Leasing of IP address space independent of connectivity doesn’t fulfill operational need, and hence doesn’t count as utilization when you come back to ARIN seeking additional space (or approval of a transfer inwards of an IP address block)
Exceptions apply. For example, I know of situations where providers have continued to lease addresses to former customers that wanted to avoid renumbering, yet ARIN has permitted those addresses to be counted as utilized during applications for additional space. I don’t know if these exceptions were intentional on ARIN’s part or not, but they have definitely occurred and I’m not convinced that ARIN could reject them under existing policy.
– Leasing of IP address blocks independent of connectivity is not explicitly recognized in ARIN number resource policy (i.e. there is no policy that specifically allows or prohibits such activity.)
Correct me if I am wrong here, but in general, that which is not explicitly prohibited is implicitly allowed.
– In the ARIN region, we have fairly clear guidelines requiring documentation [via SWIP, RWHOIS, RDAP…] of significant reassignment/reallocations to connectivity customers (as part of documenting IP address block usage), but no clear requirements for reporting of reissuance of space via leasing independent of connectivity. Furthermore, all address blocks in the ARIN registry are required to have accurate abuse contacts (unless residential in which case accurate contacts must be in the upstream providers block.)
Actually, I couldn’t find anything in the NRPM which leads me to believe that there is any distinction in the documentation requirements for reassignment/reallocation regardless of associated connectivity. None of the policies seemed to specify this. As such, I would think that Connectivity Independent Leasing (CIL) and Connectivity Related Leasing (CRL) would be subject to exactly the same recording/reporting requirements.
If folks wish to have the registry operate accordingly to some other policies, please submit a policy proposal <https://www.arin.net/participate/policy/pdp/appendix_b/> (or seek out a member of the ARIN Advisory Council <https://www.arin.net/about/welcome/ac/> which helps shepherd the policy development process and can assist you with preparation of same…)
I think that you know that if I had a problem with the current status quo, I would do exactly that. ;-) I have never hesitated in the past. Owen
On Jul 11, 2023, at 11:47 AM, Owen DeLong <owen@delong.com> wrote: Actually, I couldn’t find anything in the NRPM which leads me to believe that there is any distinction in the documentation requirements for reassignment/reallocation regardless of associated connectivity. None of the policies seemed to specify this. As such, I would think that Connectivity Independent Leasing (CIL) and Connectivity Related Leasing (CRL) would be subject to exactly the same recording/reporting requirements. Owen – ARIN NRPM Section 4.2.3. "Reassigning and Reallocating Address Space to Customers" utilizes the term “Downstream” in references to both downstream end-users and downstream ISPs documentation requirements. As the community has historically interpreted the phrase “downstream" to refer to connectivity customers (and further that the requirements documented are applied in oder to have accurate operational utilization), ARIN continues to interpret the policy as applicable to reissuance of resources to connectivity customers. Of course, further policy clarity (whether to make clear that it does apply to non-connectivity reassignments or to make clear it does not apply beyond downstream customers) would be most welcome; I believe you are already aware of the policy proposal submission process if you want to propose updating it accordingly. Thanks! /John John Curran President and CEO American Registry for Internet Numbers
On Jul 11, 2023, at 09:04, John Curran <jcurran@arin.net> wrote:
On Jul 11, 2023, at 11:47 AM, Owen DeLong <owen@delong.com> wrote:
Actually, I couldn’t find anything in the NRPM which leads me to believe that there is any distinction in the documentation requirements for reassignment/reallocation regardless of associated connectivity. None of the policies seemed to specify this. As such, I would think that Connectivity Independent Leasing (CIL) and Connectivity Related Leasing (CRL) would be subject to exactly the same recording/reporting requirements.
Owen –
ARIN NRPM Section 4.2.3. "Reassigning and Reallocating Address Space to Customers" utilizes the term “Downstream” in references to both downstream end-users and downstream ISPs documentation requirements.
As the community has historically interpreted the phrase “downstream" to refer to connectivity customers (and further that the requirements documented are applied in oder to have accurate operational utilization), ARIN continues to interpret the policy as applicable to reissuance of resources to connectivity customers.
Of course, further policy clarity (whether to make clear that it does apply to non-connectivity reassignments or to make clear it does not apply beyond downstream customers) would be most welcome; I believe you are already aware of the policy proposal submission process if you want to propose updating it accordingly.
All of the organizations I know of that are leasing space apply the term downstream as it pertains to the issuance of the addresses regardless of the connectivity relationship. I suppose policy clarity here could be useful, but I suspect that just like ISPs, the situation will basically boil down to “those that want to comply will do so in good faith and others will not.” Owen
On Jul 11, 2023, at 12:40 PM, Owen DeLong <owen@delong.com> wrote: On Jul 11, 2023, at 09:04, John Curran <jcurran@arin.net> wrote: ... Of course, further policy clarity (whether to make clear that it does apply to non-connectivity reassignments or to make clear it does not apply beyond downstream customers) would be most welcome; I believe you are already aware of the policy proposal submission process if you want to propose updating it accordingly. All of the organizations I know of that are leasing space apply the term downstream as it pertains to the issuance of the addresses regardless of the connectivity relationship. That may be the case, but since the earliest days of ARIN the term “downstream” has been used by this operator community to refer to customer connectivity, so we’ll maintain current usage until directed otherwise by the community. I suppose policy clarity here could be useful, Indeed. … but I suspect that just like ISPs, the situation will basically boil down to “those that want to comply will do so in good faith and others will not.” That is also up to the community, as there is an obvious tradeoff between enforcement and registry accuracy – if the community wishes more accuracy in the registry, there needs to be clarity in policy regarding what actions ARIN should take with respect to non-compliance. Thanks! /John John Curran President and CEO American Registry for Internet Numbers
On Jul 11, 2023, at 09:52, John Curran <jcurran@arin.net> wrote:
On Jul 11, 2023, at 12:40 PM, Owen DeLong <owen@delong.com> wrote:
On Jul 11, 2023, at 09:04, John Curran <jcurran@arin.net> wrote:
...
Of course, further policy clarity (whether to make clear that it does apply to non-connectivity reassignments or to make clear it does not apply beyond downstream customers) would be most welcome; I believe you are already aware of the policy proposal submission process if you want to propose updating it accordingly.
All of the organizations I know of that are leasing space apply the term downstream as it pertains to the issuance of the addresses regardless of the connectivity relationship.
That may be the case, but since the earliest days of ARIN the term “downstream” has been used by this operator community to refer to customer connectivity, so we’ll maintain current usage until directed otherwise by the community.
I suppose policy clarity here could be useful,
Indeed.
… but I suspect that just like ISPs, the situation will basically boil down to “those that want to comply will do so in good faith and others will not.”
That is also up to the community, as there is an obvious tradeoff between enforcement and registry accuracy – if the community wishes more accuracy in the registry, there needs to be clarity in policy regarding what actions ARIN should take with respect to non-compliance.
Thanks! /John
John Curran President and CEO American Registry for Internet Numbers
In fact, John, some further NRPM research reveals the following: 1. Downstream references almost all apply to address issuance limitations and customer utilization limitations. The only places the term is applied to registration are NRPM 4.2.3..3.2 (Residential customer privacy), NRPM 6.5.5.3.1 (Residential Customer Privacy) and NRPM 6.5.5.4 (Registration Requested by Recipient).. 2. Language requiring registration of reallocations and reassignments are as follows: 4.2.3.7. Registration ISPs are required to demonstrate efficient use of IP address space allocations by providing appropriate documentation, including but not limited to assignment histories, showing their efficient use. 4.2.3.7.1. Reassignment and Reallocation Information Each IPv4 reassignment or reallocation containing a /29 or more addresses shall be registered via SWIP or a directory services system which meets the standards set forth in section 3.2. Reassignment registrations must include each customer name, except where specifically exempted by this policy. Reassignment registrations shall only include point of contact (POC) information if either: (1) requested by the customer; or (2) the reassigned block is intended to be routed and announced outside of the provider’s network. Reallocation registrations must contain the customer’s organization name and appropriate point of contact (POC) information. 4.2.3.7.2. Reassignments and Reallocations Visible Within Seven Days All reassignments and reallocations shall be made visible as required in section 4.2.3.7.1 within seven calendar days of reassignment or reallocation. 6.5.5. Registration ISPs are required to demonstrate efficient use of IP address space allocations by providing appropriate documentation, including but not limited to reassignment and reallocation histories, showing their efficient use. 6.5.5.1. Reassignment Information Each static IPv6 reassignment or reallocation containing a /47 or more addresses, or subdelegation of any size that will be individually announced, shall be registered in the WHOIS directory via SWIP or a distributed service which meets the standards set forth in section 3.2. Reassignment and reallocation registrations shall include each client’s organizational information, except where specifically exempted by this policy. 6.5.5.2. Reassignments and Reallocations Visible Within Seven Days All reassignments and reallocations shall be made visible as required in section 6.5.5.1 within seven calendar days of reassignment or reallocation. 3. I don’t see anything ambiguous in that text that would exclude reassignments or reallocations independent of connectivity from the registration requirements. 4. It is my belief that N$PM4 policies still govern IPv4 space held by ARIN subscribers regardless of whether it was obtained by the current registrant as a result of NRPM4 or NPRM8. Please let me know if that is in error. Owen
On Jul 11, 2023, at 5:14 PM, Owen DeLong <owen@delong.com> wrote: ... In fact, John, some further NRPM research reveals the following: 1. Downstream references almost all apply to address issuance limitations and customer utilization limitations. The only places the term is applied to registration are NRPM 4.2.3..3.2 (Residential customer privacy), NRPM 6.5.5.3.1 (Residential Customer Privacy) and NRPM 6.5.5.4 (Registration Requested by Recipient).. 2. Language requiring registration of reallocations and reassignments are as follows: ... 3. I don’t see anything ambiguous in that text that would exclude reassignments or reallocations independent of connectivity from the registration requirements. Owen - There is nothing explicit either way, and I have provided the current policy interpretation – If you believe it should be done in a specific manner, please propose policy changes to make more explicit. (In any case, please take this topic to ARIN’s ppml mailing list if you wish to continue further discussion, as nanog is not the best list for such topics…) Thanks! /John John Curran President and CEO American Registry for Internet Numbers
On Tue, Jul 11, 2023 at 8:47 AM Owen DeLong via NANOG <nanog@nanog.org> wrote:
– Leasing of IP address blocks independent of connectivity is not explicitly recognized in ARIN number resource policy (i.e. there is no policy that specifically allows or prohibits such activity.)
Correct me if I am wrong here, but in general, that which is not explicitly prohibited is implicitly allowed.
Hi Owen, You're wrong-ish. "Address leasing" is not prohibited per se, it just doesn't count as in-use for the utilization requirements. Consider Amazon AWS. You can have an "elastic IP address" that's not attached to a running server. If it stays that way for most of the month, they charge you for it explicitly rather than wrap it up in the general server charge. In other words, they lease the address without any associated connectivity. Is that address in use per ARIN policy? I don't think it is. Has ARIN ever asked Amazon to detail the number of elastic IP addresses that are not actually in use when it sought more addresses? Probably not. Should they have? Only if there's reason to believe that there are a large enough number of such addresses to make a difference. Otherwise it's purposeless paperwork. Regards, Bill Herrin -- William Herrin bill@herrin.us https://bill.herrin.us/
Owen, BIll - Might I suggest moving this entire discussion over to ARIN’s ppml, as not everyone on nanog list necessary wants to spent their time reading about IP registry policy…? Thanks, /John John Curran President and CEO American Registry for Internet Numbers
On Jul 11, 2023, at 1:02 PM, William Herrin <bill@herrin.us> wrote:
On Tue, Jul 11, 2023 at 8:47 AM Owen DeLong via NANOG <nanog@nanog.org> wrote:
– Leasing of IP address blocks independent of connectivity is not explicitly recognized in ARIN number resource policy (i.e. there is no policy that specifically allows or prohibits such activity.)
Correct me if I am wrong here, but in general, that which is not explicitly prohibited is implicitly allowed.
Hi Owen,
You're wrong-ish. "Address leasing" is not prohibited per se, it just doesn't count as in-use for the utilization requirements.
Consider Amazon AWS. You can have an "elastic IP address" that's not attached to a running server. If it stays that way for most of the month, they charge you for it explicitly rather than wrap it up in the general server charge. In other words, they lease the address without any associated connectivity.
Is that address in use per ARIN policy? I don't think it is. Has ARIN ever asked Amazon to detail the number of elastic IP addresses that are not actually in use when it sought more addresses? Probably not. Should they have? Only if there's reason to believe that there are a large enough number of such addresses to make a difference. Otherwise it's purposeless paperwork.
Regards, Bill Herrin
-- William Herrin bill@herrin.us https://bill.herrin.us/
On Jul 11, 2023, at 10:02, William Herrin <bill@herrin.us> wrote:
On Tue, Jul 11, 2023 at 8:47 AM Owen DeLong via NANOG <nanog@nanog.org> wrote:
– Leasing of IP address blocks independent of connectivity is not explicitly recognized in ARIN number resource policy (i.e. there is no policy that specifically allows or prohibits such activity.)
Correct me if I am wrong here, but in general, that which is not explicitly prohibited is implicitly allowed.
Hi Owen,
You're wrong-ish. "Address leasing" is not prohibited per se, it just doesn't count as in-use for the utilization requirements.
Yes, but that lack of counting while apparently not making it into the NRPM was definitely discussed extensively with the community and the AC and ARIN staff. This is admittedly from memory, but IIRC, the conclusion was that was the best possible interpretation of existing policy as written.
Consider Amazon AWS. You can have an "elastic IP address" that's not attached to a running server. If it stays that way for most of the month, they charge you for it explicitly rather than wrap it up in the general server charge. In other words, they lease the address without any associated connectivity.
Well… Before the lawyers come after me, I’ll agree that $CLOUDPROVIDER acts as you specify and that $CLOUDPROVIDER’s actions are completely reasonable and function as you have described. (I’ve been repeatedly advised to avoid using company names when discussing ARIN policy).
Is that address in use per ARIN policy? I don't think it is. Has ARIN ever asked Amazon to detail the number of elastic IP addresses that are not actually in use when it sought more addresses? Probably not. Should they have? Only if there's reason to believe that there are a large enough number of such addresses to make a difference. Otherwise it's purposeless paperwork.
I think this is a very accurate summary of the current situation, yes. I also suspect that this situation exists in numerous situations where ARIN remains blissfully unaware of it even when it would matter. (Not necessarily with any particular or named $CLOUDPROVIDER, but across all the organizations that ARIN serves, I’d be surprised if none fit this description). Owen
On July 5, 2023 at 19:06 nanog@nanog.org (Owen DeLong via NANOG) wrote:
Karin,
Opinions regarding leasing vary throughout the industry. In my opinion, since the shift to provider assigned addresses during the CIDR efforts in the mid 1990s, the majority of addresses have been leased in one form or another.
The only thing novel here is the leasing of addresses independent of connectivity services. However, once the RIRs and their communities normalized the sale of addresses through directed transfer policies, I think this was an inevitable next step in the devolution of IPv4 into a monetized asset.
It doesn’t help that the earliest and most prolific adopters of this form of leasing have been snowshoe spammers.
However, there are leasing agencies that insist on getting proper justification from their customers and have strong anti-abuse policies. I would strongly encourage you to seek out such an organization to partner with if you choose to lease your addresses as there are a number of pitfalls you can encounter otherwise.
Owen
That was so...responsibly put. I almost thought I wasn't on nanog! -- -Barry Shein Software Tool & Die | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: +1 617-STD-WRLD | 800-THE-WRLD The World: Since 1989 | A Public Information Utility | *oo*
participants (8)
-
bzs@theworld.com
-
Delong.com
-
John Curran
-
Owen DeLong
-
Rubens Kuhl
-
Sylvain Baya
-
Tom Beecher
-
William Herrin