Re: IP adresss management verification
Hi, I'm curious on how regional RIR which allocates ip address, verifies the usage pattern info provided by their members in their application process. Especially ISP requesting for additional allocations (80% utilization, adhered policies etc). Thanks. Regards, Kana
I'm curious on how regional RIR which allocates ip address, verifies
usage pattern info provided by their members in their application
the process. It's quite simple, really. They ask for it. If the iformation that you provided with your application does not answer their questions, they ask you for more information. I assume that all the RIRs will sign an NDA with you, certainly ARIN does this. ARIN may also ask for corporate confidential information in order to verify your application so they have strict internal security policies to keep it confidential. Some people send detailed network diagrams, purchase orders for routers/switches/circuits, sales history data with projected trends, customer lists, etc. If you need specific details, just ask your RIR. --Michael Dillon
At 10:35 PM +0800 11/13/06, Kanagaraj Krishna wrote:
Hi, I'm curious on how regional RIR which allocates ip address, verifies the usage pattern info provided by their members in their application process.
Same as other most other filings: A signed and notarized statement from a company officer, with third party audit from an established accounting firm... Wait, I'm using 2012 guidelines. ;-) Use Michael Dillon's answer for now. A more interesting question might be: How does the community think an RIR should best verify information in the application process today, and should that change as we approach the IPv4 event horizon? /John
Michael's answer is clear enough, and my simplest answer is "ask APNIC". John's more interesting question is also mine ;-) . Regards, MAEMURA Akinori In message <p06240800c17e3fa7dd59@[192.168.3.64]> "Re: IP adresss management verification" "John Curran <jcurran@mail.com>" wrote: | | At 10:35 PM +0800 11/13/06, Kanagaraj Krishna wrote: | >Hi, | > I'm curious on how regional RIR which allocates ip address, verifies the | >usage pattern info provided by their members in their application process. | | Same as other most other filings: A signed and notarized statement from a | company officer, with third party audit from an established accounting firm... | | Wait, I'm using 2012 guidelines. ;-) Use Michael Dillon's answer for now. | | A more interesting question might be: How does the community think an | RIR should best verify information in the application process today, and | should that change as we approach the IPv4 event horizon? | | /John | |
On Mon, 13 Nov 2006 10:36:44 EST, John Curran said:
A more interesting question might be: How does the community think an RIR should best verify information in the application process today, and should that change as we approach the IPv4 event horizon?
I think the current ARIN policies are probably reasonable. I'm not at all sure there's an economically justifiable reason to be even *more* due-diligence as the event horizon approaches. Currently, ARIN more or less trusts the data on the application (and relies on details to catch hinky stuff - if you claim a need for a /12, and are feeding it off one DS-3, there's probably something odd going on). As the clouds on the horizon approach, those who haven't been building IPv6 arks are going to get desperate. It's hard to say what amount of effort ARIN should put into detecting a "sufficiently sophisticated" attempt at outright fraud on the applicant's part. At some point, it will become cheaper to just deploy IPv6 than to do the things needed to get more IPv4 space. What's this week's forcast for the event horizon, anyhow? It keeps moving around....
At some point, it will become cheaper to just deploy IPv6 than to do the things needed to get more IPv4 space.
What's this week's forcast for the event horizon, anyhow? It keeps moving around.... That's what I'd like to know. Is the DoD "deadline" going to motivate anyone? When are we going to be able to announce IPv6 blocks through the major backbones, etc.?
Or is Google simply going to require IPv6 and overnight it will happen? :) -Don
At 10:36 -0500 11/13/06, John Curran wrote:
A more interesting question might be: How does the community think an RIR should best verify information in the application process today, and should that change as we approach the IPv4 event horizon?
IRIS. ;) ARIN is in a tricky place. It has to be open, fair, efficient, and able to keep a secret. Open - listens to the industry without requiring any membership. Fair - policies apply to all on face value. Efficient - low cost to the industry. Keeping secrets - holding confidential data used to justify resource allocations. As long as there is trust, the most efficient way is to rely on what an applicant (for space) claims. Once trust breaks down, all sorts of verification is needed. There are two parts to this. One is what is appropriate for ARIN to rely upon to verify an application. The other is what is an appropriate way for a third party to question the allocation of resources. I mentioned IRIS above because it is more or less WhoIs-on-steroids. One of it's features is the ability to authenticate the client, therefore various clients can be authorized to see different (in detail) data. E.g., to the casual observer, 258.127.3.123 belongs to "private residence" but to ARIN it belongs to Homer Simpson of Springfield. (ARIN can then verify that the addresses in 258.127.3/24 are assigned to different residences.) I'm guilty here of throwing out a solution before the problem. I'm doing this to say that although there is a problem (not as in "we gotta solve this now" problem) and it is quite undefined (how does a third party appeal an allocation, and how does ARIN defend a decision?), we have tools available to work on this already. Ooh, look, something that looks like a nail. Let me hit it with my IRIS hammer. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis +1-571-434-5468 NeuStar I didn't miss the meeting, I left it before I arrived.
participants (7)
-
Donald Stahl
-
Edward Lewis
-
John Curran
-
Kanagaraj Krishna
-
MAEMURA Akinori
-
Michael.Dillon@btradianz.com
-
Valdis.Kletnieks@vt.edu