102/8 AfriNIC 2011-02 whois.afrinic.net ALLOCATED 103/8 APNIC 2011-02 whois.apnic.net ALLOCATED 104/8 ARIN 2011-02 whois.arin.net ALLOCATED 179/8 LACNIC 2011-02 whois.lacnic.net ALLOCATED 185/8 RIPE NCC 2011-02 whois.ripe.net ALLOCATED
It's been a fun ride, adios good friend. -wil On Feb 3, 2011, at 6:35 AM, Scott Howard wrote:
102/8 AfriNIC 2011-02 whois.afrinic.net ALLOCATED 103/8 APNIC 2011-02 whois.apnic.net ALLOCATED 104/8 ARIN 2011-02 whois.arin.net ALLOCATED 179/8 LACNIC 2011-02 whois.lacnic.net ALLOCATED 185/8 RIPE NCC 2011-02 whois.ripe.net ALLOCATED
The real fun's going to be over the next several years as the RIR's become irrelevant in the acquisition of scarce IPv4 resources...and things become less stable as lots of orgs rush to implement a strange new IP version. On Thu, 3 Feb 2011, Wil Schultz wrote:
It's been a fun ride, adios good friend.
-wil
On Feb 3, 2011, at 6:35 AM, Scott Howard wrote:
102/8 AfriNIC 2011-02 whois.afrinic.net ALLOCATED 103/8 APNIC 2011-02 whois.apnic.net ALLOCATED 104/8 ARIN 2011-02 whois.arin.net ALLOCATED 179/8 LACNIC 2011-02 whois.lacnic.net ALLOCATED 185/8 RIPE NCC 2011-02 whois.ripe.net ALLOCATED
---------------------------------------------------------------------- Jon Lewis, MCP :) | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
On Feb 3, 2011, at 10:11 AM, Jon Lewis wrote:
The real fun's going to be over the next several years as the RIR's become irrelevant in the acquisition of scarce IPv4 resources...and things become less stable as lots of orgs rush to implement a strange new IP version.
Supposedly[*] transfers between private entities are still supposed to be justified to the local RIRs. (At least that's how it works in ARIN's area.) -- TTFN, patrick [*] I know, I know....
On Thu, 3 Feb 2011, Wil Schultz wrote:
It's been a fun ride, adios good friend.
-wil
On Feb 3, 2011, at 6:35 AM, Scott Howard wrote:
102/8 AfriNIC 2011-02 whois.afrinic.net ALLOCATED 103/8 APNIC 2011-02 whois.apnic.net ALLOCATED 104/8 ARIN 2011-02 whois.arin.net ALLOCATED 179/8 LACNIC 2011-02 whois.lacnic.net ALLOCATED 185/8 RIPE NCC 2011-02 whois.ripe.net ALLOCATED
---------------------------------------------------------------------- Jon Lewis, MCP :) | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
Folks, Somehow, it is appropriate that this should happen on February 3. On February 3, 1959, Buddy Holly, Richie Valens and JP Richardson (aka The Big Bopper) died in a plane crash. Don McLean immortalized that day as "The Day The Music Died" in his 1971 hit, "American Pie". Ron
On Thu, Feb 03, 2011 at 11:04:29AM -0500, Ronald Bonica wrote:
Folks,
Somehow, it is appropriate that this should happen on February 3. On February 3, 1959, Buddy Holly, Richie Valens and JP Richardson (aka The Big Bopper) died in a plane crash. Don McLean immortalized that day as "The Day The Music Died" in his 1971 hit, "American Pie".
And exactly this song was later rephrased as 'the day the routers died' concerning IPv4 exhaustion at RIPE55 meeting. Another coincidence ? :) -- In theory, there is no difference between theory and practice. But, in practice, there is.
In a message written on Thu, Feb 03, 2011 at 07:48:45PM +0300, Alexandre Snarskii wrote:
On Thu, Feb 03, 2011 at 11:04:29AM -0500, Ronald Bonica wrote:
Somehow, it is appropriate that this should happen on February 3. On February 3, 1959, Buddy Holly, Richie Valens and JP Richardson (aka The Big Bopper) died in a plane crash. Don McLean immortalized that day as "The Day The Music Died" in his 1971 hit, "American Pie".
And exactly this song was later rephrased as 'the day the routers died' concerning IPv4 exhaustion at RIPE55 meeting. Another coincidence ? :)
Let me see if I can speed this thread to it's eventual conclusion. :) Hitler clearly went into hiding and became Buddy Holly, who died in the plane crash. His unground supporters masterminded 9/11 in his memory as a means to use up all the IPv4 addresses sparking a revolution of socialism during the transition to IPv6 lead by Barack Obama. But what most people don't know is that Hitler was just a messager from Xenu, who are fighting a proxy battle with the Raelians on earth for control of the universe. The Japanese have taken up the fight, as the Raelians are here as whales. It is the whales, er Raelians who are pushing for IPv6, so they can address the entire universe when their scheme for world domination finally succeeds. This is why Japan spent so much energy with IPv6 early on, so they could develop a stuxnet like virus that would infect all of the Raelian IPv6 devices and destroy them. It's all really quite obvious, I don't understand why so many people don't see the connections. They are all here in plain sight. I really should stop watching cable news. :) [For the humor impared, some or all of this message may be totally made up.] -- Leo Bicknell - bicknell@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/
On Feb 3, 2011, at 11:04 AM, Ronald Bonica wrote:
Folks,
Somehow, it is appropriate that this should happen on February 3. On February 3, 1959, Buddy Holly, Richie Valens and JP Richardson (aka The Big Bopper) died in a plane crash. Don McLean immortalized that day as "The Day The Music Died" in his 1971 hit, "American Pie".
Yes, among other things it ties it nicely to this http://www.youtube.com/watch?v=_y36fG2Oba0 Regards Marshall
Ron
On Thu, Feb 3, 2011 at 2:04 PM, Ronald Bonica <rbonica@juniper.net> wrote:
Folks,
Somehow, it is appropriate that this should happen on February 3. On February 3, 1959, Buddy Holly, Richie Valens and JP Richardson (aka The Big Bopper) died in a plane crash. Don McLean immortalized that day as "The Day The Music Died" in his 1971 hit, "American Pie".
And at RIPE55, "The Day The Music Died" morphed into "The Day The Routers Died': http://www.youtube.com/watch?v=_y36fG2Oba0 The music is... guess what, about IP address depletion... Rubens
On Feb 3, 2011, at 7:30 AM, Patrick W. Gilmore wrote:
On Feb 3, 2011, at 10:11 AM, Jon Lewis wrote:
The real fun's going to be over the next several years as the RIR's become irrelevant in the acquisition of scarce IPv4 resources...and things become less stable as lots of orgs rush to implement a strange new IP version.
Supposedly[*] transfers between private entities are still supposed to be justified to the local RIRs. (At least that's how it works in ARIN's area.)
The only registry where it doesn't work that way at this time is APNIC. RIPE is unfortunately considering the APNIC model. Fortunately, APNIC is reconsidering their model. Owen
On Feb 3, 2011, at 9:30 AM, Patrick W. Gilmore wrote:
On Feb 3, 2011, at 10:11 AM, Jon Lewis wrote:
The real fun's going to be over the next several years as the RIR's become irrelevant in the acquisition of scarce IPv4 resources...and things become less stable as lots of orgs rush to implement a strange new IP version.
Supposedly[*] transfers between private entities are still supposed to be justified to the local RIRs. (At least that's how it works in ARIN's area.)
That's what the RIR might say. But without legal authority (e.g. under contract, as a regulator, or through statutory authority) it is difficult or impossible to enforce. We can talk about how people "should" return addresses, or "should" justify transfers, etc, but we would only be begging. Transfers will take place outside the RIR scope, because RIR transfer/market policy doesn't accommodate reality. Or, we can fix policy..? Cheers, -Benson
On Feb 3, 2011, at 11:22 AM, Benson Schliesser wrote:
On Feb 3, 2011, at 9:30 AM, Patrick W. Gilmore wrote:
On Feb 3, 2011, at 10:11 AM, Jon Lewis wrote:
The real fun's going to be over the next several years as the RIR's become irrelevant in the acquisition of scarce IPv4 resources...and things become less stable as lots of orgs rush to implement a strange new IP version.
Supposedly[*] transfers between private entities are still supposed to be justified to the local RIRs. (At least that's how it works in ARIN's area.)
That's what the RIR might say. But without legal authority (e.g. under contract, as a regulator, or through statutory authority) it is difficult or impossible to enforce.
You missed the [*] where I said "I know, I know...." -- TTFN, patrick
can talk about how people "should" return addresses, or "should" justify transfers, etc, but we would only be begging. Transfers will take place outside the RIR scope, because RIR transfer/market policy doesn't accommodate reality.
Or, we can fix policy..?
Cheers, -Benson
On Feb 3, 2011, at 11:22 AM, Benson Schliesser wrote:
That's what the RIR might say. But without legal authority (e.g. under contract, as a regulator, or through statutory authority) it is difficult or impossible to enforce.
Transfers are permitted in the ARIN region per the community developed policies.
We can talk about how people "should" return addresses, or "should" justify transfers, etc, but we would only be begging. Transfers will take place outside the RIR scope, because RIR transfer/market policy doesn't accommodate reality.
Such transfers should be reported when noticed, so the resources can be reclaimed and reissued.
Or, we can fix policy..?
Absolutely... if the policy doesn't match your needs, please make a policy proposal. Thanks! /John John Curran President and CEO ARIN
On Feb 3, 2011, at 10:39 AM, John Curran wrote:
On Feb 3, 2011, at 11:22 AM, Benson Schliesser wrote:
That's what the RIR might say. But without legal authority (e.g. under contract, as a regulator, or through statutory authority) it is difficult or impossible to enforce.
Transfers are permitted in the ARIN region per the community developed policies.
Understood. My point is: legacy holders, unless they've signed the LRSA or equivalent, aren't required to submit to the ARIN process.
We can talk about how people "should" return addresses, or "should" justify transfers, etc, but we would only be begging. Transfers will take place outside the RIR scope, because RIR transfer/market policy doesn't accommodate reality.
Such transfers should be reported when noticed, so the resources can be reclaimed and reissued.
Is any RIR authorized, in a legal sense, to "reclaim" legacy address blocks that RIR didn't "issue"? Without that legal authority, is any RIR prepared to accommodate the legal damages stemming from "reclamation"? (Does the RIR membership support such action, in the first place?)
Or, we can fix policy..?
Absolutely... if the policy doesn't match your needs, please make a policy proposal.
That's a good suggestion, which I will follow-up on. I hope the RIR community can change despite its own momentum. Cheers, -Benson
On Feb 3, 2011, at 11:51 AM, Benson Schliesser wrote:
Such transfers should be reported when noticed, so the resources can be reclaimed and reissued.
Is any RIR authorized, in a legal sense, to "reclaim" legacy address blocks that RIR didn't "issue"? Without that legal authority, is any RIR prepared to accommodate the legal damages stemming from "reclamation"? (Does the RIR membership support such action, in the first place?)
Resources are listed in the ARIN WHOIS database, which is administered per policies established by the community in this region. Short answer: there's no shortage of authority updating that database as long as the community wishes it so. /John John Curran President and CEO ARIN
On Feb 3, 2011, at 10:57 AM, John Curran wrote:
On Feb 3, 2011, at 11:51 AM, Benson Schliesser wrote:
Such transfers should be reported when noticed, so the resources can be reclaimed and reissued.
Is any RIR authorized, in a legal sense, to "reclaim" legacy address blocks that RIR didn't "issue"? Without that legal authority, is any RIR prepared to accommodate the legal damages stemming from "reclamation"? (Does the RIR membership support such action, in the first place?)
Resources are listed in the ARIN WHOIS database, which is administered per policies established by the community in this region.
Short answer: there's no shortage of authority updating that database as long as the community wishes it so.
I respect the community-driven process and I respect that ARIN's role is to enforce community-developed policy. From that perspective, thank you for your answer. But that's only valid up to a point. If the community declared overwhelmingly that ARIN should start clubbing random people over the head, I suspect your legal counsel would take issue with that policy and ARIN would refuse to enforce it. Of course this is only theoretical at the moment. The rubber will meet the road soon, now that the exhaustion phase has arrived. Cheers, -Benson
On Feb 3, 2011, at 12:07 PM, Benson Schliesser wrote:
On Feb 3, 2011, at 10:57 AM, John Curran wrote:
On Feb 3, 2011, at 11:51 AM, Benson Schliesser wrote:
Such transfers should be reported when noticed, so the resources can be reclaimed and reissued.
Is any RIR authorized, in a legal sense, to "reclaim" legacy address blocks that RIR didn't "issue"? Without that legal authority, is any RIR prepared to accommodate the legal damages stemming from "reclamation"? (Does the RIR membership support such action, in the first place?)
Resources are listed in the ARIN WHOIS database, which is administered per policies established by the community in this region.
Short answer: there's no shortage of authority updating that database as long as the community wishes it so.
I respect the community-driven process and I respect that ARIN's role is to enforce community-developed policy. From that perspective, thank you for your answer.
But that's only valid up to a point. If the community declared overwhelmingly that ARIN should start clubbing random people over the head, I suspect your legal counsel would take issue with that policy and ARIN would refuse to enforce it.
Clubbing people over the head would not get adopted by the policy progress, since legal review is part of the process. Reclaiming addresses that are used contrary to policy process is already part of the number resource policy in the ARIN region, has passed legal review, and has already been done on occasion.
Of course this is only theoretical at the moment.
Incorrect. It's running code. /John
On Thu, Feb 3, 2011 at 12:07 PM, Benson Schliesser <bensons@queuefull.net> wrote:
On Feb 3, 2011, at 10:57 AM, John Curran wrote:
On Feb 3, 2011, at 11:51 AM, Benson Schliesser wrote:
Such transfers should be reported when noticed, so the resources can be reclaimed and reissued.
Is any RIR authorized, in a legal sense, to "reclaim" legacy address blocks that RIR didn't "issue"? Without that legal authority, is any RIR prepared to accommodate the legal damages stemming from "reclamation"? (Does the RIR membership support such action, in the first place?)
Resources are listed in the ARIN WHOIS database, which is administered per policies established by the community in this region.
Short answer: there's no shortage of authority updating that database as long as the community wishes it so.
I respect the community-driven process and I respect that ARIN's role is to enforce community-developed policy. From that perspective, thank you for your answer.
But that's only valid up to a point. If the community declared overwhelmingly that ARIN should start clubbing random people over the head, I suspect your legal counsel would take issue with that policy and ARIN would refuse to enforce it.
Of course this is only theoretical at the moment. The rubber will meet the road soon, now that the exhaustion phase has arrived.
Cheers, -Benson
I'm not inclined to believe that ARIN members will collectively agree on anything significant, so the policy process is a lot like U.S. government (not a lot getting done). -- Jeffrey Lyon, Leadership Team jeffrey.lyon@blacklotus.net | http://www.blacklotus.net Black Lotus Communications - AS32421 First and Leading in DDoS Protection Solutions
On 02/03/2011 11:41 AM, Jeffrey Lyon wrote:
I'm not inclined to believe that ARIN members will collectively agree on anything significant, so the policy process is a lot like U.S. government (not a lot getting done).
ARIN members don't make binding votes on individual policy actions, they elect the Advisory Council and Board of ARIN. ARIN solicits policy proposals and takes feedback and general counts of yea and nay votes for those proposals before deciding whether to adopt them. All of this is documented: https://www.arin.net/participate/how_to_participate.html It's true a lot of policy proposal never get out of the discussion phase, but they're posted to the PPML and anyone can discuss their reasons for support or opposition, propose improvements and work to get the policy into a state where the AC will bring it under review. This process is far more open than that of the US Government. -- Kevin Stange Chief Technology Officer Steadfast Networks http://steadfast.net Phone: 312-602-2689 ext. 203 | Fax: 312-602-2688 | Cell: 312-320-5867
On Feb 3, 2011, at 10:15 AM, Kevin Stange wrote:
On 02/03/2011 11:41 AM, Jeffrey Lyon wrote:
I'm not inclined to believe that ARIN members will collectively agree on anything significant, so the policy process is a lot like U.S. government (not a lot getting done).
ARIN members don't make binding votes on individual policy actions, they elect the Advisory Council and Board of ARIN. ARIN solicits policy proposals and takes feedback and general counts of yea and nay votes for those proposals before deciding whether to adopt them.
Those advisory votes are by the community, not the membership as well. Owen
OK so the argument is the 'community' is ARIN's source of legal power or is the corporate laws of the State of Virginia? On Feb 3, 2011, at 11:57 AM, John Curran wrote:
On Feb 3, 2011, at 11:51 AM, Benson Schliesser wrote:
Such transfers should be reported when noticed, so the resources can be reclaimed and reissued.
Is any RIR authorized, in a legal sense, to "reclaim" legacy address blocks that RIR didn't "issue"? Without that legal authority, is any RIR prepared to accommodate the legal damages stemming from "reclamation"? (Does the RIR membership support such action, in the first place?)
Resources are listed in the ARIN WHOIS database, which is administered per policies established by the community in this region.
Short answer: there's no shortage of authority updating that database as long as the community wishes it so.
/John
John Curran President and CEO ARIN
On Feb 3, 2011, at 12:26 PM, Ernie Rubi wrote:
OK so the argument is the 'community' is ARIN's source of legal power or is the corporate laws of the State of Virginia?
Mr. Rubi - ARIN operates the ARIN WHOIS database as part of the mission of organization in serving the community, and we're incorporated in the State of Virginia as nonstock corporation pursuant to the Virginia Nonstock Corporation Act. Our corporate documents are available here: <https://www.arin.net/about_us/corp_docs.html> Please do not hesitate to contact me if you have further questions. /John John Curran President and CEO ARIN
I think it's OK to say you cannot/would rather not answer the question, instead of giving a non-answer. I was trying to follow along with your 'the community acquiescence gives us the legal right to take back legacy IP addresses' argument. Cheers, Ernie On Feb 3, 2011, at 12:58 PM, John Curran wrote:
On Feb 3, 2011, at 12:26 PM, Ernie Rubi wrote:
OK so the argument is the 'community' is ARIN's source of legal authority or is it the corporate laws of the State of Virginia?
Mr. Rubi -
ARIN operates the ARIN WHOIS database as part of the mission of organization in serving the community, and we're incorporated in the State of Virginia as nonstock corporation pursuant to the Virginia Nonstock Corporation Act. Our corporate documents are available here: <https://www.arin.net/about_us/corp_docs.html>
Please do not hesitate to contact me if you have further questions. /John
John Curran President and CEO ARIN
Mr. Rubi - I'm sorry if my answer is not clear. If your question was: "What is the source of ARIN's legal authority to manage the ARIN WHOIS database?" then answer is that the database is managed as part of ARIN's mission, per policies established by the community. If you're trying to ask a different question, I'm more than happy to answer, but I'd ask that you be more explicit. Thank you, /John John Curran President and CEO ARIN On Feb 3, 2011, at 1:41 PM, Ernie Rubi wrote:
I think it's OK to say you cannot/would rather not answer the question, instead of giving a non-answer. I was trying to follow along with your 'the community acquiescence gives us the legal right to take back legacy IP addresses' argument.
Cheers,
Ernie
On Feb 3, 2011, at 12:58 PM, John Curran wrote:
On Feb 3, 2011, at 12:26 PM, Ernie Rubi wrote:
OK so the argument is the 'community' is ARIN's source of legal authority or is it the corporate laws of the State of Virginia?
Mr. Rubi -
ARIN operates the ARIN WHOIS database as part of the mission of organization in serving the community, and we're incorporated in the State of Virginia as nonstock corporation pursuant to the Virginia Nonstock Corporation Act. Our corporate documents are available here: <https://www.arin.net/about_us/corp_docs.html>
Please do not hesitate to contact me if you have further questions. /John
John Curran President and CEO ARIN
----- Original Message -----
From: "John Curran" <jcurran@arin.net>
Mr. Rubi -
I'm sorry if my answer is not clear.
If your question was: "What is the source of ARIN's legal authority to manage the ARIN WHOIS database?"
then answer is that the database is managed as part of ARIN's mission, per policies established by the community.
If you're trying to ask a different question, I'm more than happy to answer, but I'd ask that you be more explicit.
I strongly suspect that his question is actually "Does ARIN have any enforceable legal authority to compel an entity to cease using a specific block of address space, absent a contract?" I suspect the actual answer will turn out to depend on whether courts construe that as a property right or not. The situation is analogous to that concerning telephone numbers, and that position has changed over time, in that arena, as I understand it. Cheers, -- jra
That's the question, and it seemed that the answer started to be formulated in terms of 'community acquiescence/policy leads to authority' in a previous email, so I wanted to make sure that was in fact the response to the question, at least in part. ARIN will likely argue that 'this was done already' (i.e. they've taken legacy IP space away from an unwilling/uncooperative holder of said legacy space), but I haven't seen such an example. This is a good debate, a lot of people are already annoyed at these questions and every single one always has an air of 'stfu kid' about them. But then again, a lot of ppl got annoyed at the civil rights movement. (drifting off topic here). You cannot escape these questions and they will be decided firmly (in a legal sense) sooner or later. It may be that this all becomes moot when v6 gets fully deployed, but until then, it's a worthwhile conversation to have. On Feb 3, 2011, at 2:34 PM, Jay Ashworth wrote:
I strongly suspect that his question is actually "Does ARIN have any enforceable legal authority to compel an entity to cease using a specific block of address space, absent a contract?"
On Feb 3, 2011, at 2:34 PM, Jay Ashworth wrote:
I strongly suspect that his question is actually "Does ARIN have any enforceable legal authority to compel an entity to cease using a specific block of address space, absent a contract?"
ARIN has the authority to manage its database, and does so according to the community developed policies. This includes changing the entries which designate the address holder, and specify that there is now a new address holder. None of this has to do with how entities configure their routers or servers. /John John Curran President and CEO ARIN
----- Original Message -----
From: "John Curran" <jcurran@arin.net>
On Feb 3, 2011, at 2:34 PM, Jay Ashworth wrote:
I strongly suspect that his question is actually "Does ARIN have any enforceable legal authority to compel an entity to cease using a specific block of address space, absent a contract?"
ARIN has the authority to manage its database, and does so according to the community developed policies. This includes changing the entries which designate the address holder, and specify that there is now a new address holder.
None of this has to do with how entities configure their routers or servers.
Sure it does. If best common practice is for network operators to get address space from ARIN, and someone gets a block from you that you've supposedly adversely taken back from, say, Goldman Sachs, and starts using it, then *someone* is going to drink your milkshake, whether it be the new user or the old one. There is some reasonable expectation that if you claim to be the Source of All Good (Address) Bits, and you hand out a block that's in dispute, that whomever relied on that will have an action. It's an unpleasant position to be in, but you *are* there, make no mistake. Cheers, -- jra
On Feb 3, 2011, at 3:02 PM, Jay Ashworth wrote:
----- Original Message -----
From: "John Curran" <jcurran@arin.net>
On Feb 3, 2011, at 2:34 PM, Jay Ashworth wrote:
I strongly suspect that his question is actually "Does ARIN have any enforceable legal authority to compel an entity to cease using a specific block of address space, absent a contract?"
ARIN has the authority to manage its database, and does so according to the community developed policies. This includes changing the entries which designate the address holder, and specify that there is now a new address holder.
None of this has to do with how entities configure their routers or servers.
Sure it does. If best common practice is for network operators to get address space from ARIN, and someone gets a block from you that you've supposedly adversely taken back from, say, Goldman Sachs, and starts using it, then *someone* is going to drink your milkshake, whether it be the new user or the old one.
To be clear, that's not ARIN "legally compelling an entity to cease using a specific block of address space" We've never claimed that authority, and I'm not aware of any entity that does claim such authority to compel organizations to make router and system configuration changes. We do claim authority to manage the database as part of our organizational mission. /John John Curran President and CEO ARIN
----- Original Message -----
From: "John Curran" <jcurran@arin.net>
On Feb 3, 2011, at 3:02 PM, Jay Ashworth wrote: To be clear, that's not ARIN "legally compelling an entity to cease using a specific block of address space" We've never claimed that authority, and I'm not aware of any entity that does claim such authority to compel organizations to make router and system configuration changes. We do claim authority to manage the database as part of our organizational mission.
I was insufficiently clear, I guess. If that database, which it is your mission to manage, purports to contain "address blocks which an applicant can safely deploy without fear of conflicting routes being advertised on the greater Internet" (as I understand that it does), and I were such an applicant, and you assigned me a block which was in dispute -- it had been adversely taken away from someone who believed they had rights to it -- *and they were still using it* -- then I as that new applicant would be very unhappy with ARIN, particularly if they did not notify me that there was a conflict. Whether I would take action against ARIN or the old holder, I dunno; IANAL. But, in short, if ARIN ever *does* take a block back adversely, and the holder refuses to let it go, and ARIN assigns that block to someone else... well, things might get messy. Cheers, -- jra
My 2 cents, in the few cases that we've been involved with that dealt with reclaiming space the backbone providers have universally followed what is in the ARIN database. If you need a block routed they generally will not take action until the SWIP is complete and the same is true when pulling space back that had been in use. Since the major ISPs (and most of the minor ones as well) filter the BGP they get from customer they can prevent the advertisement of blocks that are disputed. On 2/3/2011 3:27 PM, Jay Ashworth wrote:
I was insufficiently clear, I guess.
If that database, which it is your mission to manage, purports to contain "address blocks which an applicant can safely deploy without fear of conflicting routes being advertised on the greater Internet" (as I understand that it does), and I were such an applicant, and you assigned me a block which was in dispute -- it had been adversely taken away from someone who believed they had rights to it -- *and they were still using it* -- then I as that new applicant would be very unhappy with ARIN, particularly if they did not notify me that there was a conflict.
Whether I would take action against ARIN or the old holder, I dunno; IANAL.
But, in short, if ARIN ever *does* take a block back adversely, and the holder refuses to let it go, and ARIN assigns that block to someone else...
well, things might get messy.
Cheers, -- jra
-- Scott Helms Vice President of Technology ISP Alliance, Inc. DBA ZCorum (678) 507-5000 -------------------------------- Looking for hand-selected news, views and tips for independent broadband providers? Follow us on Twitter! http://twitter.com/ZCorum --------------------------------
----- Original Message -----
From: "Scott Helms" <khelms@ispalliance.net>
My 2 cents, in the few cases that we've been involved with that dealt with reclaiming space the backbone providers have universally followed what is in the ARIN database. If you need a block routed they generally will not take action until the SWIP is complete and the same is true when pulling space back that had been in use. Since the major ISPs (and most of the minor ones as well) filter the BGP they get from customer they can prevent the advertisement of blocks that are disputed.
Stipulated. But are they going to go up against someone big? Do Lilly, DuPont and Merck need /8? HP need a /7? What if one of those blocks was the subject here? Apple? I will in turn stipulate that these events are not likely. But they're certainly not impossible. Cheers, -- jra
Jay, We were talking about the legacy disbursements here at the office much of the day. It would certainly be *nice* if some of the folks who were granted a class A back in the day would throw the unused parts back in the community bin. I don't think its a good idea to try and force the organizations in question to do so though and I'd guess that IBM and the others we've mentioned all have deeper pockets for legal teams than ARIN or most of the backbone providers. On 2/3/2011 3:55 PM, Jay Ashworth wrote:
----- Original Message -----
From: "Scott Helms"<khelms@ispalliance.net> My 2 cents, in the few cases that we've been involved with that dealt with reclaiming space the backbone providers have universally followed what is in the ARIN database. If you need a block routed they generally will not take action until the SWIP is complete and the same is true when pulling space back that had been in use. Since the major ISPs (and most of the minor ones as well) filter the BGP they get from customer they can prevent the advertisement of blocks that are disputed. Stipulated.
But are they going to go up against someone big?
Do Lilly, DuPont and Merck need /8? HP need a /7?
What if one of those blocks was the subject here?
Apple?
I will in turn stipulate that these events are not likely. But they're certainly not impossible.
Cheers, -- jra
-- Scott Helms Vice President of Technology ISP Alliance, Inc. DBA ZCorum (678) 507-5000 -------------------------------- Looking for hand-selected news, views and tips for independent broadband providers? Follow us on Twitter! http://twitter.com/ZCorum --------------------------------
On Thu, 3 Feb 2011, Scott Helms wrote:
My 2 cents, in the few cases that we've been involved with that dealt with reclaiming space the backbone providers have universally followed what is in
If that legacy block holder were, well, one of the legacy block holders, would you as a backbone provider reject IBM or ATT or HP or Apple, etc? -- david raistrick http://www.netmeister.org/news/learn2quote.html drais@icantclick.org http://www.expita.com/nomime.html
David, That certainly could have an impact, since I imagine that corporations that large are purchasing nice big (expensive) connections. Having said that the cases I am familiar with were all dealt with at the technical level and a "business" rep wasn't involved. The BGP teams at the various providers tend to have a strong respect (much more so than their business leadership) for the RIRs, RFCs, and the various informal practices we've all dealt with that keep the Internet moving properly. On 2/3/2011 3:59 PM, david raistrick wrote:
On Thu, 3 Feb 2011, Scott Helms wrote:
My 2 cents, in the few cases that we've been involved with that dealt with reclaiming space the backbone providers have universally followed what is in
If that legacy block holder were, well, one of the legacy block holders, would you as a backbone provider reject IBM or ATT or HP or Apple, etc?
-- david raistrick http://www.netmeister.org/news/learn2quote.html drais@icantclick.org http://www.expita.com/nomime.html
-- Scott Helms Vice President of Technology ISP Alliance, Inc. DBA ZCorum (678) 507-5000 -------------------------------- Looking for hand-selected news, views and tips for independent broadband providers? Follow us on Twitter! http://twitter.com/ZCorum --------------------------------
On Thu, Feb 3, 2011 at 3:27 PM, Jay Ashworth <jra@baylink.com> wrote:
----- Original Message -----
From: "John Curran" <jcurran@arin.net>
On Feb 3, 2011, at 3:02 PM, Jay Ashworth wrote: To be clear, that's not ARIN "legally compelling an entity to cease using a specific block of address space" We've never claimed that authority, and I'm not aware of any entity that does claim such authority to compel organizations to make router and system configuration changes. We do claim authority to manage the database as part of our organizational mission.
I was insufficiently clear, I guess.
If that database, which it is your mission to manage, purports to contain "address blocks which an applicant can safely deploy without fear of conflicting routes being advertised on the greater Internet" (as I understand that it does), and I were such an applicant, and you assigned me a block which was in dispute -- it had been adversely taken away from someone who believed they had rights to it -- *and they were still using it* -- then I as that new applicant would be very unhappy with ARIN, particularly if they did not notify me that there was a conflict.
Whether I would take action against ARIN or the old holder, I dunno; IANAL.
But, in short, if ARIN ever *does* take a block back adversely, and the holder refuses to let it go, and ARIN assigns that block to someone else...
well, things might get messy.
Cheers, -- jra
On the other hand, if the community agrees to implement something like Spamhaus' DROP list, any space that an RIR wishes to reclaim can be added to the list to prevent routing/peering until such time that the affected user releases their grip. -- Jeffrey Lyon, Leadership Team jeffrey.lyon@blacklotus.net | http://www.blacklotus.net Black Lotus Communications - AS32421 First and Leading in DDoS Protection Solutions
On Feb 3, 2011, at 2:22 PM, John Curran wrote:
To be clear, that's not ARIN "legally compelling an entity to cease using a specific block of address space" We've never claimed that authority, and I'm not aware of any entity that does claim such authority to compel organizations to make router and system configuration changes. We do claim authority to manage the database as part of our organizational mission.
I recognize the technical difference, but I don't think it's material in this instance. Although I'm not a lawyer, I see a few legal hazards in the position you've described. Foremost: (a) there still is potential liability in contributing to a harm (or crime) even if you're not the firsthand actor, and (b) being "community-driven" and "following policy" is not a valid legal defense. ARIN is a business league that maintains a database commonly relied upon for establishing "rights" to use addresses (or "ownership" depending on your view). ARIN may not control the networks that leverage this data, but there is responsibility in publishing it. If people act in a coordinated manner, directly as a result of data that ARIN publishes, then ARIN would be hard pressed to avoid liability. Having said that, it should be clear that I view ARIN "reclaiming" legacy addresses that aren't under contract (i.e. LRSA) as fraud, perhaps even in the legal sense of the word. It might also be considered theft by some. But outright reclaiming from ongoing address holders isn't a big concern of mine, because I doubt ARIN will go far down that path (if it goes at all). My real concern is that ARIN might refuse to recognize legacy transfers, fail to update the Whois database, issue RPKI inappropriately, and cause real damage to live networks. This would be bad for the networks that implement ARIN Whois-based policy, of course. It would also be bad for ARIN if it causes legal disputes (and costs). On that note, I'm going to take my discussion of policy to the PPML list. I'd be interested, however, in NANOG discussion of my comments on Whois, RPKI, etc. Cheers, -Benson
On Feb 3, 2011, at 6:38 PM, Benson Schliesser wrote:
Having said that, it should be clear that I view ARIN "reclaiming" legacy addresses that aren't under contract (i.e. LRSA) as fraud, perhaps even in the legal sense of the word. It might also be considered theft by some. But outright reclaiming from ongoing address holders isn't a big concern of mine, because I doubt ARIN will go far down that path (if it goes at all). My real concern is that ARIN might refuse to recognize legacy transfers, fail to update the Whois database, issue RPKI inappropriately, and cause real damage to live networks. This would be bad for the networks that implement ARIN Whois-based policy, of course.
Benson - ARIN provides legacy holders with WHOIS and IN-ADDR services without charge. If a legacy holder simply wishes to make use of their resources and maintains current directory information, ARIN left them fairly undisturbed since its formation. Via the Legacy RSA, ARIN offers contractual assurances to legacy holders of ARIN providing these services, as well as certain protections from reclamation and policy changes. Note that ARIN can't allow transfers contrary to the community-developed policy, so legacy address holders who wish to do more then just use their resources (e.g. transfer them) are encouraged to get involved in the community to create policies that match their needs. /John John Curran President and CEO ARIN
John, It seams that by stating "Note that ARIN can't allow transfers contrary to the community-developed policy" that you intend to say that ARIN, based on your current policies and processes, will not actively update whois information for legacy block holders that either "sub-assign" or "Transfer" segments of their legacy space to another entity. Is this the case? If so, as many others seam to be asking, do you and the ARIN legal representatives, feel that you can actually legally follow this course and do you feel that, as you had nothing to do with the assignment of this space that you have any real right to deny these services. The community expects you to to have a certain quality of information in the database and not offering updating services can present operational issues to those of us using the database as intended. James ----- Original Message ----- On Feb 3, 2011, at 6:38 PM, Benson Schliesser wrote:
Having said that, it should be clear that I view ARIN "reclaiming" legacy addresses that aren't under contract (i.e. LRSA) as fraud, perhaps even in the legal sense of the word. It might also be considered theft by some. But outright reclaiming from ongoing address holders isn't a big concern of mine, because I doubt ARIN will go far down that path (if it goes at all). My real concern is that ARIN might refuse to recognize legacy transfers, fail to update the Whois database, issue RPKI inappropriately, and cause real damage to live networks. This would be bad for the networks that implement ARIN Whois-based policy, of course.
Benson - ARIN provides legacy holders with WHOIS and IN-ADDR services without charge. If a legacy holder simply wishes to make use of their resources and maintains current directory information, ARIN left them fairly undisturbed since its formation. Via the Legacy RSA, ARIN offers contractual assurances to legacy holders of ARIN providing these services, as well as certain protections from reclamation and policy changes. Note that ARIN can't allow transfers contrary to the community-developed policy, so legacy address holders who wish to do more then just use their resources (e.g. transfer them) are encouraged to get involved in the community to create policies that match their needs. /John John Curran President and CEO ARIN
James - ARIN allows legacy holders to update their registration information, in fact, we even allow such via ARIN Online. No agreement is required with ARIN; we provide this service as well as WHOIS and reverse DNS without charge. If you no longer want to use your address space, you may return it, or transfer according to the community developed policies. /John John Curran President and CEO ARIN On Feb 5, 2011, at 1:54 PM, "James P. Ashton" <james@gitflorida.com> wrote:
John, It seams that by stating "Note that ARIN can't allow transfers contrary to the community-developed policy" that you intend to say that ARIN, based on your current policies and processes, will not actively update whois information for legacy block holders that either "sub-assign" or "Transfer" segments of their legacy space to another entity.
Is this the case? If so, as many others seam to be asking, do you and the ARIN legal representatives, feel that you can actually legally follow this course and do you feel that, as you had nothing to do with the assignment of this space that you have any real right to deny these services. The community expects you to to have a certain quality of information in the database and not offering updating services can present operational issues to those of us using the database as intended.
James
----- Original Message ----- On Feb 3, 2011, at 6:38 PM, Benson Schliesser wrote:
Having said that, it should be clear that I view ARIN "reclaiming" legacy addresses that aren't under contract (i.e. LRSA) as fraud, perhaps even in the legal sense of the word. It might also be considered theft by some. But outright reclaiming from ongoing address holders isn't a big concern of mine, because I doubt ARIN will go far down that path (if it goes at all). My real concern is that ARIN might refuse to recognize legacy transfers, fail to update the Whois database, issue RPKI inappropriately, and cause real damage to live networks. This would be bad for the networks that implement ARIN Whois-based policy, of course.
Benson -
ARIN provides legacy holders with WHOIS and IN-ADDR services without charge. If a legacy holder simply wishes to make use of their resources and maintains current directory information, ARIN left them fairly undisturbed since its formation.
Via the Legacy RSA, ARIN offers contractual assurances to legacy holders of ARIN providing these services, as well as certain protections from reclamation and policy changes. Note that ARIN can't allow transfers contrary to the community-developed policy, so legacy address holders who wish to do more then just use their resources (e.g. transfer them) are encouraged to get involved in the community to create policies that match their needs.
/John
John Curran President and CEO ARIN
On Sat, Feb 5, 2011 at 1:24 PM, John Curran <jcurran@arin.net> wrote:
ARIN allows legacy holders to update their registration information, in fact, we even allow such via ARIN Online. No agreement is required with ARIN; we provide this service as well as WHOIS and reverse DNS without charge. If you no longer want to use your address space, you may return it, or transfer according to the community developed policies.
I think he means to ask: What happens if a legacy registrant (who has not signed any RSA) ad-hoc decided on their own that they have transferred some portion of their space (or their entire address space) to a different organization who was not named on the original IANA or Internic registration, and the legacy resource holder (or transfer recipient) cannot show their transfer was made with/through the approval of IANA, Internic, any RIR, etc, under any legacy policy, the legacy registry did not reflect it, (so there is no existing 'official' record of a transfer). Does ARIN recognize updates from organizations who claim that some resources were transferred to them by a legacy holder and treat the transfer recipient as a valid legacy resource holder? Particularly.... in difficult cases where the original legacy resource holder is completely defunct; the original organization named in the IANA or Internic registration might have moved (where multiple organizations have similar names), be bankrupt, have merged, or renamed itself, no longer able to be contacted, and the "claimed holder" might be claiming the entire legacy allocation was transferred to them (without WHOIS ever being updated) ? Does ARIN recognize all transfers claimed by the verifiable original legacy resource holder and treat transfers they claim to have made as valid? Or is some proof required that any transfer was made before ARIN existed (if an ARIN transfer policy was not followed)? Will they be allowed to update ARIN to reflect their ad-hoc "transfer" (which did not occur in a way that is valid under any current ARIN policy). *Since ARIN policy at the current time requires specified transfers be made through ARIN, and the recipient of address has to meet a utilization criterion. No ad-hoc transfers would seem to be allowed by current ARIN policies, except non-permanent reassignments. For example, if a legacy registrant with a /8 decided "One particular /24 somewhere in the middle of the assignment now permanently belongs to $OTHER_ENTITY" Will ARIN allow them to update WHOIS with that, and from then on treat $OTHER_ENTIY as a legacy holder of that one /24... with $ORIGINAL_ENTITY treated as a legacy holder who 'owns' all the /8 except one /24 ? Will ARIN allow the legacy resource holder to indicate "We have (non-permanently) reallocated or sub-delegated such and such /24 to $OTHER_ENTITY" Even if the legacy holder when obtaining the /8 was an "end user" (and not an ISP) when they obtained their legacy resources?
/John John Curran President and CEO ARIN
-- -JH
On 2/5/2011 4:53 PM, Jimmy Hess wrote:
*Since ARIN policy at the current time requires specified transfers be made through ARIN, and the recipient of address has to meet a utilization criterion. No ad-hoc transfers would seem to be allowed by current ARIN policies, except non-permanent reassignments.
I think ARIN's stance is they can update whois and issue reallocations/assignment information into whois based on their Legacy status. If they want to permanently give their space to someone else, documentation wise, the most they can do is allocate the entire space to the other person. They are still considered the primary holder and the only thing that makes it "permanent" is the contract signed between them and the other party. Given the reallocation, I'm sure the receiving party also can update whois. Jack
On Thu, Feb 3, 2011 at 3:02 PM, Jay Ashworth <jra@baylink.com> wrote:
----- Original Message -----
From: "John Curran" <jcurran@arin.net>
On Feb 3, 2011, at 2:34 PM, Jay Ashworth wrote:
I strongly suspect that his question is actually "Does ARIN have any enforceable legal authority to compel an entity to cease using a specific block of address space, absent a contract?"
ARIN has the authority to manage its database, and does so according to the community developed policies. This includes changing the entries which designate the address holder, and specify that there is now a new address holder.
None of this has to do with how entities configure their routers or servers.
Sure it does. If best common practice is for network operators to get address space from ARIN, and someone gets a block from you that you've supposedly adversely taken back from, say, Goldman Sachs, and starts using it, then *someone* is going to drink your milkshake, whether it be the new user or the old one.
There is some reasonable expectation that if you claim to be the Source of All Good (Address) Bits, and you hand out a block that's in dispute, that whomever relied on that will have an action.
It's an unpleasant position to be in, but you *are* there, make no mistake.
Cheers, -- jra
I think what John Curran is trying to say is that ARIN does not have the authority to reclaim any space, as it merely provides a registration service for the benefit of operators who recognize ARIN's database as legitimate. Similarly, no one is required to recognize the "rights" of legacy block holders which opens the doors for the operator community to declare those blocks as bogons until the legacy holders decide to play nice and release the space to an RIR. In short, no one can take their space by force but we as a community can stop recognizing them as legitimate owners. My highly controversial two cents, -- Jeffrey Lyon, Leadership Team jeffrey.lyon@blacklotus.net | http://www.blacklotus.net Black Lotus Communications - AS32421 First and Leading in DDoS Protection Solutions
Um, I think that's what ARIN means when they say changing the registrant on a block from Entity A to Entity B means. That's effectively 'reclaiming'. As I understand it, I think they also contend that the 'community' could say to ARIN 'take back X legacy block' and that ARIN would have no choice but to do it if the 'community' wished it so (via policy process, etc). On Feb 3, 2011, at 3:28 PM, Jeffrey Lyon wrote:
I think what John Curran is trying to say is that ARIN does not have the authority to reclaim any space
On Thu, Feb 3, 2011 at 3:48 PM, Ernie Rubi <ernesto@cs.fiu.edu> wrote:
Um, I think that's what ARIN means when they say changing the registrant on a block from Entity A to Entity B means. That's effectively 'reclaiming'.
As I understand it, I think they also contend that the 'community' could say to ARIN 'take back X legacy block' and that ARIN would have no choice but to do it if the 'community' wished it so (via policy process, etc).
On Feb 3, 2011, at 3:28 PM, Jeffrey Lyon wrote:
I think what John Curran is trying to say is that ARIN does not have the authority to reclaim any space
Perhaps i'm missing the point, but my interpretation is that legacy holders are sovereign and have the same standing in the community as the RIR's. The only way to get that space back is to ask nicely or for operators to stop routing legacy space. I very seriously doubt that it is within ARIN's mission to form policy that directly impacts non-members. -- Jeffrey Lyon, Leadership Team jeffrey.lyon@blacklotus.net | http://www.blacklotus.net Black Lotus Communications - AS32421 First and Leading in DDoS Protection Solutions
I don't think that's ARIN's position (someone correct me if I'm wrong), especially if you mean to say they having the same 'rights' as RIRs to transfer/assign/lease/delegate/port those IP numbers. Using the numbers you have is another thing entirely. On Feb 3, 2011, at 3:51 PM, Jeffrey Lyon wrote:
my interpretation is that legacy holders are sovereign and have the same standing in the community as the RIR's.
On Feb 3, 2011, at 12:51 PM, Jeffrey Lyon wrote:
On Thu, Feb 3, 2011 at 3:48 PM, Ernie Rubi <ernesto@cs.fiu.edu> wrote:
Um, I think that's what ARIN means when they say changing the registrant on a block from Entity A to Entity B means. That's effectively 'reclaiming'.
As I understand it, I think they also contend that the 'community' could say to ARIN 'take back X legacy block' and that ARIN would have no choice but to do it if the 'community' wished it so (via policy process, etc).
On Feb 3, 2011, at 3:28 PM, Jeffrey Lyon wrote:
I think what John Curran is trying to say is that ARIN does not have the authority to reclaim any space
Perhaps i'm missing the point, but my interpretation is that legacy holders are sovereign and have the same standing in the community as the RIR's. The only way to get that space back is to ask nicely or for operators to stop routing legacy space. I very seriously doubt that it is within ARIN's mission to form policy that directly impacts non-members.
Most ARIN policies directly impact non-members. The vast majority of ARIN resource holders are non-members. Owen
On Thu, Feb 3, 2011 at 1:34 PM, Jay Ashworth <jra@baylink.com> wrote:
I strongly suspect that his question is actually "Does ARIN have any enforceable legal authority to compel an entity to cease using a specific block of address space, absent a contract?"
ARIN has about as much to do with legally compelling an entity (who has signed no contract with ARIN) to stop using a block of IP address space, as a DNSBL has to do with compelling some random spammer to stop attempting to send spam. What keeps people using only IPs they were allocated by a registry are network policies of cooperating networks who are independent of ARIN (aside from possibly receiving an assignment of their own from ARIN). The RIRs and IANA have not been shown to have any legally enforceable authority of their own to stop an IP network from using IPs not assigned by the registry, or to prevent someone from starting to use IPs already assigned by the RIR to someone else. If you need examples; look at all the unofficial usage of 1.0.0.0/8 and 5.0.0.0/8 in private networks, that the RIRs did not attempt to compel anyone to stop. ARIN does not appear to directly legally compel any entity to cease using any specific block of address space. Neither is any other RIR in the business of 'enforcing' that only a registrant uses the IPs, nor does the registry detect if a wrong entity is using the IPs. Neither does any internet registry promise that allocations can be routed on the public internet. You can ignore the RIRs and use whatever IP addresses you want, at your own peril. That peril is not created by any RIR, however; the "peril" is the community response, and response by other organizations you rely on for connectivity. Neither does any internet registry promise that allocations will be unique on the public internet. A competing (non-cooperating) registry could have made a conflicting assignment. The RIRs can only make promises about uniqueness within their own allocations, and that they made the allocations within address space they were delegated by other registries according to their policies. The only thing a registration tells you the registrant is this particular registry administers a database containing that block of IPs, and you are the only organization currently assigned that IP space _by that registry_. If you as a network operator do not cooperate with IANA, then, perhaps you create your own registry, and just use whatever IP addresses you want. However, other networks may refuse to interconnect with you due to their policies determining that to be "improper addressing". It is not as if ARIN has a policy of looking for hijacked/unofficial announcements of address space and dispatching an army of lawyers with 'cease and decist' letters. Instead, what happens is members of the internet community investigate IP space and AS numbers before turning up new interconnections, and decide on their own, which blocks to route, based on peering network's request. Internet connected networks will find the entry in the IANA database for the /8 the requested prefix resides in, find delegation to ARIN, look in the ARIN WHOIS database, and then make a decision to route the blocks or not. The new peer might be required to show correct current registry delegation of the block, authorization from the contact listed in the database, OR merely sign a promise that they will only originate prefixes assigned to them through IANA or a RIR recognized by IANA, BUT the registry operator, ARIN itself is not the entity that imposes any specific requirement. If IP address space is legacy and not properly kept up to date in the registry under current RIR policies, then some community members might choose to reject or disallow their use by a peer, based on their own internal routing policies. Also, many members of the community rely on the ICANN delegated DNS root for all DNS lookups. the .ARPA TLD servers refer to ARIN for Reverse DNS; which is important for adequate SMTP operation, in many mail environments, lack of proper reverse DNS can lead to mail being rejected. If IP address spaces appear to be used by a person other than the registrant, the listed registrant might submit complaints to ISPs in order to act according to their network's routing policies; if their policy is to recognize ARIN's listings as the authoritative ones, they might even turn off prior users of the IP addresses. There is the RPKI pilot. In the future, members of the community may authenticate resource assignment through resource certification according to the policies of the accepted registry, through cryptographic methods. That would certainly give ICANN, IANA, and the RIRs stronger technical enforcement powers. It's even conceivable this could be used in the future to "Revoke such and such evil outside country network's Resource certificates" (so they will be forcibly disconnected) But it's still not 'legal' enforcement of resource 'ownership'. The community members still have the ability to accept use of IP address blocks outside what ARIN determines to be the proper registrations, and recourse is not really ARIN's, if someone other than the proper registrant is making use of the IP address space in disagreement with the registry. -- -JH
On 2/3/2011 14:16, John Curran wrote:
then answer is that the database is managed as part of ARIN's mission, per policies established by the community.
If you're trying to ask a different question, I'm more than happy to answer, but I'd ask that you be more explicit.
On Feb 3, 2011, at 1:41 PM, Ernie Rubi wrote:
I think it's OK to say you cannot/would rather not answer the question, instead of giving a non-answer. I was trying to follow along with your 'the community acquiescence gives us the legal right to take back legacy IP addresses' argument.
I guess my question here is, does ARIN have the right to take Legacy IP space if it's not being used properly? For example 44/8 which is Legacy from IANA. Or does legacy in this context mean a company with a /14 allocation from ARIN thats not using it? If so, how often, if ever has ARIN done this? Can you provide some examples of this being done? -- Bryan Fields 727-409-1194 - Voice 727-214-2508 - Fax http://bryanfields.net
On Feb 3, 2011, at 8:51 AM, Benson Schliesser wrote:
On Feb 3, 2011, at 10:39 AM, John Curran wrote:
On Feb 3, 2011, at 11:22 AM, Benson Schliesser wrote:
That's what the RIR might say. But without legal authority (e.g. under contract, as a regulator, or through statutory authority) it is difficult or impossible to enforce.
Transfers are permitted in the ARIN region per the community developed policies.
Understood. My point is: legacy holders, unless they've signed the LRSA or equivalent, aren't required to submit to the ARIN process.
That remains to be seen. If they give up their space, it is unclear that they have any right to transfer it to another organization rather than return it to the successor registry. There is no precedent established showing that this is allowed.
We can talk about how people "should" return addresses, or "should" justify transfers, etc, but we would only be begging. Transfers will take place outside the RIR scope, because RIR transfer/market policy doesn't accommodate reality.
Such transfers should be reported when noticed, so the resources can be reclaimed and reissued.
Is any RIR authorized, in a legal sense, to "reclaim" legacy address blocks that RIR didn't "issue"? Without that legal authority, is any RIR prepared to accommodate the legal damages stemming from "reclamation"? (Does the RIR membership support such action, in the first place?)
That remains to be seen. IANA has declared them the successor registries for the legacy blocks and there is widespread belief that addresses were issued for use and expected to be returned when that use was no longer valid. The other thing to consider is that the RIR doesn't really need to "reclaim" the block, per se. They can simply stop providing uniqueness to the organizations that don't have a contract with them and issue those numbers to some other organization that has a contract. The other organization would know that their uniqueness is limited to those cooperating in the registry system. Does an organization that has no contract with an RIR have a right to expect that RIR to continue to provide them a unique registration? Owen
On Feb 3, 2011, at 8:59 AM, Owen DeLong wrote:
That remains to be seen. If they give up their space, it is unclear that they have any right to transfer it to another organization rather than return it to the successor registry. There is no precedent established showing that this is allowed.
Right. Like Compaq returned 16/8 when they acquired Digital (and HP returned 16/8 when they acquired Compaq).
That remains to be seen. IANA has declared them the successor registries
No. First, "IANA" does not exist. The term "IANA" now refers to a series of functions currently performed under contract from the US Dept. of Commerce, NTIA by ICANN. As such it can't declare anything. Second, neither ICANN nor the USG has (to my knowledge) declared the RIRs to be "successor registries" (whatever they are). The IPv4 registry continues to exist and will undoubtedly be maintained as it always has been. The only real difference is that there aren't any more IPv4 /8s tagged with "UNALLOCATED".
The other thing to consider is that the RIR doesn't really need to "reclaim" the block, per se. They can simply stop providing uniqueness to the organizations that don't have a contract with them and issue those numbers to some other organization that has a contract. The other organization would know that their uniqueness is limited to those cooperating in the registry system.
Does an organization that has no contract with an RIR have a right to expect that RIR to continue to provide them a unique registration?
The RIRs are self-defined geographical monopolies that provide a set of public infrastructure services to the Internet community at large. It's an interesting question whether that service is limited to only those folks who pay -- my guess if the RIRs took this stance, they'd be looking down the barrel of numerous governmental anti-monopoly/anti-cartel agencies. However, pragmatically speaking, the folks who matter in any of this are the ISPs. The RIRs exist primarily as a means by which ISPs can avoid doing a myriad set of bilateral agreements as to who "owns" what address space to ensure uniqueness. If the RIRs reduce their value by no longer providing that service in an effective way (e.g., by doing what you suggest), I suspect the ISPs would find other entities to provide global uniqueness services. Regards, -drc
Way off topic here...and into the legal arena: As to the monopoly classification, do you think, at least with ARIN (since it is a US/Virginia corporation) that Sherman Act §2 (i.e. antitrust) principles could be applied to require that it relinquish some of the control over said IP space/database and act in a more competitive manner? What about the other RIRs worldwide? I'm not an antitrust lawyer, but there may be an issue there. There was a paper a while back from a UMiami (Michael Froomkin) professor talking about ICANN and Antitrust. http://arxiv.org/pdf/cs/0109075 - This is a legal paper, not an engineering paper. I wonder if those same principles could be applied here. On Feb 3, 2011, at 3:42 PM, David Conrad wrote:
On Feb 3, 2011, at 8:59 AM, Owen DeLong wrote:
That remains to be seen. If they give up their space, it is unclear that they have any right to transfer it to another organization rather than return it to the successor registry. There is no precedent established showing that this is allowed.
Right. Like Compaq returned 16/8 when they acquired Digital (and HP returned 16/8 when they acquired Compaq).
That remains to be seen. IANA has declared them the successor registries
No. First, "IANA" does not exist. The term "IANA" now refers to a series of functions currently performed under contract from the US Dept. of Commerce, NTIA by ICANN. As such it can't declare anything.
Second, neither ICANN nor the USG has (to my knowledge) declared the RIRs to be "successor registries" (whatever they are). The IPv4 registry continues to exist and will undoubtedly be maintained as it always has been. The only real difference is that there aren't any more IPv4 /8s tagged with "UNALLOCATED".
The other thing to consider is that the RIR doesn't really need to "reclaim" the block, per se. They can simply stop providing uniqueness to the organizations that don't have a contract with them and issue those numbers to some other organization that has a contract. The other organization would know that their uniqueness is limited to those cooperating in the registry system.
Does an organization that has no contract with an RIR have a right to expect that RIR to continue to provide them a unique registration?
The RIRs are self-defined geographical monopolies that provide a set of public infrastructure services to the Internet community at large. It's an interesting question whether that service is limited to only those folks who pay -- my guess if the RIRs took this stance, they'd be looking down the barrel of numerous governmental anti-monopoly/anti-cartel agencies.
However, pragmatically speaking, the folks who matter in any of this are the ISPs. The RIRs exist primarily as a means by which ISPs can avoid doing a myriad set of bilateral agreements as to who "owns" what address space to ensure uniqueness. If the RIRs reduce their value by no longer providing that service in an effective way (e.g., by doing what you suggest), I suspect the ISPs would find other entities to provide global uniqueness services.
Regards, -drc
Ernesto M. Rubi Sr. Network Engineer AMPATH/CIARA Florida International Univ, Miami Reply-to: ernesto@cs.fiu.edu Cell: 786-282-6783
On Thu, Feb 3, 2011 at 4:08 PM, Ernie Rubi <ernesto@cs.fiu.edu> wrote:
Way off topic here...and into the legal arena:
As to the monopoly classification, do you think, at least with ARIN (since it is a US/Virginia corporation) that Sherman Act §2 (i.e. antitrust) principles could be applied to require that it relinquish some of the control over said IP space/database and act in a more competitive manner? What about the other RIRs worldwide? I'm not an antitrust lawyer, but there may be an issue there.
There was a paper a while back from a UMiami (Michael Froomkin) professor talking about ICANN and Antitrust. http://arxiv.org/pdf/cs/0109075 - This is a legal paper, not an engineering paper.
I wonder if those same principles could be applied here.
On Feb 3, 2011, at 3:42 PM, David Conrad wrote:
On Feb 3, 2011, at 8:59 AM, Owen DeLong wrote:
That remains to be seen. If they give up their space, it is unclear that they have any right to transfer it to another organization rather than return it to the successor registry. There is no precedent established showing that this is allowed.
Right. Like Compaq returned 16/8 when they acquired Digital (and HP returned 16/8 when they acquired Compaq).
That remains to be seen. IANA has declared them the successor registries
No. First, "IANA" does not exist. The term "IANA" now refers to a series of functions currently performed under contract from the US Dept. of Commerce, NTIA by ICANN. As such it can't declare anything.
Second, neither ICANN nor the USG has (to my knowledge) declared the RIRs to be "successor registries" (whatever they are). The IPv4 registry continues to exist and will undoubtedly be maintained as it always has been. The only real difference is that there aren't any more IPv4 /8s tagged with "UNALLOCATED".
The other thing to consider is that the RIR doesn't really need to "reclaim" the block, per se. They can simply stop providing uniqueness to the organizations that don't have a contract with them and issue those numbers to some other organization that has a contract. The other organization would know that their uniqueness is limited to those cooperating in the registry system.
Does an organization that has no contract with an RIR have a right to expect that RIR to continue to provide them a unique registration?
The RIRs are self-defined geographical monopolies that provide a set of public infrastructure services to the Internet community at large. It's an interesting question whether that service is limited to only those folks who pay -- my guess if the RIRs took this stance, they'd be looking down the barrel of numerous governmental anti-monopoly/anti-cartel agencies.
However, pragmatically speaking, the folks who matter in any of this are the ISPs. The RIRs exist primarily as a means by which ISPs can avoid doing a myriad set of bilateral agreements as to who "owns" what address space to ensure uniqueness. If the RIRs reduce their value by no longer providing that service in an effective way (e.g., by doing what you suggest), I suspect the ISPs would find other entities to provide global uniqueness services.
Regards, -drc
Ernesto M. Rubi Sr. Network Engineer AMPATH/CIARA Florida International Univ, Miami Reply-to: ernesto@cs.fiu.edu Cell: 786-282-6783
Pragmatically, compelling the release of a legacy allocation to a major company could be difficult, however, if the ARIN community were to draft a resolution to reclaim the space it may have a profound effect on public sentiment toward those companies. -- Jeffrey Lyon, Leadership Team jeffrey.lyon@blacklotus.net | http://www.blacklotus.net Black Lotus Communications - AS32421 First and Leading in DDoS Protection Solutions
On Thu, Feb 3, 2011 at 1:27 PM, Jeffrey Lyon <jeffrey.lyon@blacklotus.net> wrote:
Pragmatically, compelling the release of a legacy allocation to a major company could be difficult, however, if the ARIN community were to draft a resolution to reclaim the space it may have a profound effect on public sentiment toward those companies.
A best practice doc / resolution would be good. It's probably most practical for them to renumber into a subset of their existing space, collapsing down from the whole /8 into a /10 or something longer, which would free up 75% of that space or more. A resolution that made that practice a best practice and that asked that enterprises give a general utilization report to the public to give an idea of whether they were close to being able to do that or far from it seems harmless. It all depends on what their internal network allocation model has been all along. Hopefully sane, but we can't plan on it. -- -george william herbert george.herbert@gmail.com
On Thu, 03 Feb 2011 13:39:25 PST, George Herbert said:
It's probably most practical for them to renumber into a subset of their existing space, collapsing down from the whole /8 into a /10 or something longer, which would free up 75% of that space or more.
And they want to go to the trouble of doing that, why, exactly? Imagine taking that to the CIO and/or budgeting people: "We want to start this $mumble-million project to renumber". What's the first question they'll ask? "What's it mean for *our* bottom line?" What's the second? "Then why do we want to spend this money?" It just ain't gonna happen till you have good answers to those. "We can spend $mumble-million renumbering into 1/4 of the space, and then sell off the other 3/4 to various entities for an estimated $mumble-million+20%". *Then* it will happen.
On Thu, Feb 3, 2011 at 1:52 PM, <Valdis.Kletnieks@vt.edu> wrote:
On Thu, 03 Feb 2011 13:39:25 PST, George Herbert said:
It's probably most practical for them to renumber into a subset of their existing space, collapsing down from the whole /8 into a /10 or something longer, which would free up 75% of that space or more.
And they want to go to the trouble of doing that, why, exactly?
Imagine taking that to the CIO and/or budgeting people: "We want to start this $mumble-million project to renumber". What's the first question they'll ask? "What's it mean for *our* bottom line?" What's the second? "Then why do we want to spend this money?"
It just ain't gonna happen till you have good answers to those. "We can spend $mumble-million renumbering into 1/4 of the space, and then sell off the other 3/4 to various entities for an estimated $mumble-million+20%".
*Then* it will happen.
Some of them won't have to renumber at all to collapse into a subset (from what I was told). Some are spaghetti messes. Putting out a policy best practice that says "You really should do this, please" doesn't force multi-million-dollar projects, no. But might prompt returns where no renumbering is required. And can hopefully encourage network revamps going forwards to recover space as they go, if it's not too painful. The alternate method - to just openly commoditize it - will also work, but will incur significant political pushback within the community. I don't know which path is ultimately more productive over long timescales. I think that a best practice asking for handbacks is at least harmless in the nearterm. If we need time to overcome opposition to commoditization on our side of the fence, then that should start now, but we can't plan for overcoming that on a particular schedule. Given that APNIC hits their wall in 6-7 months-ish, I don't know that we can move quickly enough, but someone needs to start and see what happens. -- -george william herbert george.herbert@gmail.com
Subject: Re: And so it ends... From: Ernie Rubi <ernesto@cs.fiu.edu> Date: Thu, 3 Feb 2011 16:08:50 -0500 To: David Conrad <drc@virtualized.org> Cc: NANOG list <nanog@nanog.org>
Way off topic here...and into the legal arena:
As to the monopoly classification, do you think, at least with ARIN (since it is a US/Virginia corporation) that Sherman Act 2 (i.e. antitrust) principles could be applied to require that it relinquish some of the control over said IP space/database and act in a more competitive manner?
Abssolutely *NOT*. their unique status derives from the actions of a contractor "faithfully executing" it's duties on the behalf of the U.S. Gov't. 'Antitrust' does not apply to the Gov't, nor to those acting on its behalf, nor to anyone operating a government-sanctioned monopoly.
What about the other RIRs worldwide?
They're outside U.S. jurisdiction. Sherman Acg 2 is irrelevant to their operation. Even _if_ they were held to be subject to U.S. jurisdiction the prior logic would apply to them as well.
I'm not an antitrust lawyer,
Obvously. <grin>
but there may be an issue there.
nope.
No. First, "IANA" does not exist. The term "IANA" now refers to a series of functions currently performed under contract from the US Dept. of Commerce, NTIA by ICANN. As such it can't declare anything.
On Feb 3, 2011, at 4:34 PM, Robert Bonomi wrote:
Abssolutely *NOT*. their unique status derives from the actions of a contractor "faithfully executing" it's duties on the behalf of the U.S. Gov't. 'Antitrust' does not apply to the Gov't, nor to those acting on its behalf, nor to anyone operating a government-sanctioned monopoly.
Maybe that applies to ICANN. But how does it apply to ARIN? -Benson
On Feb 3, 2011, at 5:34 PM, Robert Bonomi wrote:
Abssolutely *NOT*. their unique status derives from the actions of a contractor "faithfully executing" it's duties on the behalf of the U.S. Gov't. 'Antitrust' does not apply to the Gov't, nor to those acting on its behalf, nor to anyone operating a government-sanctioned monopoly.
Robert - To be clear, ARIN was formed by the Internet operator community to perform these Internet Registry functions. While the USG acknowledged its formation and facilitated the transition of the performance of these functions to ARIN, ARIN is not performing these duties under USG contract. I have no view on the question to which you replied, but want to be certain everyone has clear facts for the discussion. FYI, /John John Curran President and CEO ARIN
Robert, On Feb 3, 2011, at 12:34 PM, Robert Bonomi wrote:
Abssolutely *NOT*. their unique status derives from the actions of a contractor "faithfully executing" it's duties on the behalf of the U.S. Gov't. 'Antitrust' does not apply to the Gov't, nor to those acting on its behalf, nor to anyone operating a government-sanctioned monopoly.
As far as I am aware, the USG contract is with ICANN, not ARIN (see http://www.ntia.doc.gov/ntiahome/domainname/iana/ianacontract_081406.pdf, section C.2.2.1.3).
What about the other RIRs worldwide?
They're outside U.S. jurisdiction. Sherman Acg 2 is irrelevant to their operation.
The question was about other RIRs. Other countries have anti-monopoly/anti-cartel laws. Regards, -drc
Subject: Re: And so it ends... From: David Conrad <drc@virtualized.org> Date: Thu, 3 Feb 2011 15:42:01 -1000 Cc: NANOG list <nanog@nanog.org> To: Robert Bonomi <bonomi@mail.r-bonomi.com>
Robert,
On Feb 3, 2011, at 12:34 PM, Robert Bonomi wrote:
Abssolutely *NOT*. their unique status derives from the actions of a contractor "faithfully executing" it's duties on the behalf of the U.S. Gov't. 'Antitrust' does not apply to the Gov't, nor to those acting on its behalf, nor to anyone operating a government-sanctioned monopoly.
As far as I am aware, the USG contract is with ICANN, not ARIN (see http://www.ntia.doc.gov/ntiahome/domainname/iana/ianacontract_081406.pdf, section C.2.2.1.3).
Correct. _They_ can can delegate "as they see fit", with no requirement to provide competing alternatives. ARIN, the delegatee, is not the 'monopolist' -- the party controlling the situation -- they are just a delagatee of the party who has the monopoly position. Any action to "enforce" competition would be against the monopolist -- the authority who _delegates_ operations, ICANN. Which doesn't fly for the reasons stated. Basically, you cannot force a RIR to share with others that which they get from somebody else. To enforce competition, you would have to force the party who 'controls' the distribution to also provide the thing to the aforeentioned 'somebody else' (singular or plural). Which one cannot do under Sherman, when that party is a government actor.
What about the other RIRs worldwide?
They're outside U.S. jurisdiction. Sherman Acg 2 is irrelevant to their operation.
The question was about other RIRs. Other countries have anti-monopoly/anti-cartel laws.
Irrelevant and immateral to the operation of ICANN. <grin> ICANN "controls" everything, under the auspices of the U.S.G. They have issued 'territory-protected franchises' to a limited number of parties. You cannot force the frachisee to 'share' their franchise. You have to go after the franchisor, and force -them- to issue competing franchises. Nothing prevents anyone in the 'territory' of one franchisee from attempting to do business with a diffrent franchisee. *IF* the franchisees agree among themselves not to deal with anyone that is not within the limits of their protected territory, _that_ could be a proscribed anti-competitive practice *by*the*franchisee*. IF, on the other hand, the 'grant of franchise' allows them to 'sell' only to parties in the defined territory, a refusal to deal with an extra- territorial party is -not- an anti-competitive act by the franchisee. In this situation, one would have to act against the franchisor. Who is exempt as a governent actor.
Regards, -drc
Robert, On Feb 3, 2011, at 8:53 PM, Robert Bonomi wrote:
As far as I am aware, the USG contract is with ICANN, not ARIN (see http://www.ntia.doc.gov/ntiahome/domainname/iana/ianacontract_081406.pdf, section C.2.2.1.3).
Correct. _They_ can can delegate "as they see fit", with no requirement to provide competing alternatives. ARIN, the delegatee, is not the 'monopolist' -- the party controlling the situation -- they are just a delagatee of the party who has the monopoly position.
An interesting perspective. Thanks! Regards, -drc
On Feb 3, 2011, at 3:42 PM, David Conrad wrote:
Second, neither ICANN nor the USG has (to my knowledge) declared the RIRs to be "successor registries" (whatever they are).
David - ARIN succeeded Network Solutions in 1997 in the performance of IP number assignment, Autonomous System number assignment, and IN-ADDR.ARPA tasks.
However, pragmatically speaking, the folks who matter in any of this are the ISPs. The RIRs exist primarily as a means by which ISPs can avoid doing a myriad set of bilateral agreements as to who "owns" what address space to ensure uniqueness. If the RIRs reduce their value by no longer providing that service in an effective way (e.g., by doing what you suggest), I suspect the ISPs would find other entities to provide global uniqueness services.
Full agreement on that point. /John
On Feb 3, 2011, at 4:29 PM, John Curran wrote:
On Feb 3, 2011, at 3:42 PM, David Conrad wrote:
Second, neither ICANN nor the USG has (to my knowledge) declared the RIRs to be "successor registries" (whatever they are).
David - ARIN succeeded Network Solutions in 1997 in the performance of IP number assignment, Autonomous System number assignment, and IN-ADDR.ARPA tasks.
I succeeded my father. That fact does not automatically grant me any authority of his - it has to be legally provided for (e.g. inherited per the law) if I'm to claim it legitimately. Does ARIN have a privileged legal status as a result of their formation by NetSol, by contract with IANA or the US Govt, or otherwise? -Benson
On Thu, 3 Feb 2011, Patrick W. Gilmore wrote:
On Feb 3, 2011, at 10:11 AM, Jon Lewis wrote:
The real fun's going to be over the next several years as the RIR's become irrelevant in the acquisition of scarce IPv4 resources...and things become less stable as lots of orgs rush to implement a strange new IP version.
Supposedly[*] transfers between private entities are still supposed to be justified to the local RIRs. (At least that's how it works in ARIN's area.)
I was going to say this when I walked up to the mic at the IPv4 runout talk yesterday morning, but sat down when they said "we're going to wrap this up now" and ended up going and talking to the RIPE people about it. For a year or more, there have been RIPE region LIRs willing to lease relatively large amounts of IPv4 to anyone willing to pay. The ones I've been noticing have been "snowshoe spammers" who get their RIPE space and then announce it in datacenters in the US...presumably on rented dedicated servers from which they send spam. My point being, the leasing of IP space to non-connectivity customers is already well established, whether it's technically permitted by the [ir]relevant RIRs. I fully expect this to continue and spread. Eventually, holders of large legacy blocks will realize they can make good money acting as an LIR, leasing portions of their unused space to people who need it and can't get it, want it and don't qualify, etc. These start-up LIRs won't be bound by RIR policies, both because in some cases they'll be legacy space holders with no RSA with their region's RIR, and because they won't be worried about eligibility for future RIR allocations of v4 space...because there won't be any. ---------------------------------------------------------------------- Jon Lewis, MCP :) | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
On Feb 3, 2011, at 11:32 AM, Jon Lewis wrote:
My point being, the leasing of IP space to non-connectivity customers is already well established, whether it's technically permitted by the [ir]relevant RIRs. I fully expect this to continue and spread. Eventually, holders of large legacy blocks will realize they can make good money acting as an LIR, leasing portions of their unused space to people who need it and can't get it, want it and don't qualify, etc.
These start-up LIRs won't be bound by RIR policies, both because in some cases they'll be legacy space holders with no RSA with their region's RIR, and because they won't be worried about eligibility for future RIR allocations of v4 space...because there won't be any.
For the ARIN region, it would be nice to know how you'd like ARIN perform in the presence of such activity ("leasing" IP addresses by ISP not providing connectivity). It's possible that such is perfectly reasonable and to simply be ignored, it's also possible that such should be considered a fraudulent transfer and the resources reclaimed. At the end of the day, the policy is set by this community, and clarity over ambiguity is very helpful. Policy proposal process: https://www.arin.net/policy/pdp.html Thanks! /John John Curran President and CEO ARIN
John, I would hope that if some ARIN policy is enacted there would be some way to differentiate between organizations, like the one I belong to, that have provided this kind of service to customers for a number of years and organizations looking to take advantage of the new scarcity. We have and do provide IP space for other ISPs (mainly small and mid size) despite not providing connectivity for a number of reasons. We began providing this as a way of getting connectivity provider independent space to ISPs that lacked their own ASN and usually were not multi-homed because I had so many ISPs changing their upstream provider that it was causing us issues in both our engineering and call center teams. We provide network engineering (think re-IPing lots of ISP networks) and end user technical support (think lots of calls from upset customer who had to change their static IP) for many ISPs around the country. We certainly don't have a huge allocation, we have 209 /24s reassigned and 9 reallocated currently. We also pass along all of the usage and reporting requirements that ARIN requires of us. We also don't make money on the practice we charge a small amount on an annual basis for record keeping. As I said, we started this mainly to prevent network disruption and extra work _not_ as a profit center. How a line might be drawn I don't know, but its important to understand that there are very legitimate reasons to reassign or reallocate space even if you are not providing connectivity for a given network. On 2/3/2011 11:54 AM, John Curran wrote:
On Feb 3, 2011, at 11:32 AM, Jon Lewis wrote:
My point being, the leasing of IP space to non-connectivity customers is already well established, whether it's technically permitted by the [ir]relevant RIRs. I fully expect this to continue and spread. Eventually, holders of large legacy blocks will realize they can make good money acting as an LIR, leasing portions of their unused space to people who need it and can't get it, want it and don't qualify, etc.
These start-up LIRs won't be bound by RIR policies, both because in some cases they'll be legacy space holders with no RSA with their region's RIR, and because they won't be worried about eligibility for future RIR allocations of v4 space...because there won't be any. For the ARIN region, it would be nice to know how you'd like ARIN perform in the presence of such activity ("leasing" IP addresses by ISP not providing connectivity). It's possible that such is perfectly reasonable and to simply be ignored, it's also possible that such should be considered a fraudulent transfer and the resources reclaimed. At the end of the day, the policy is set by this community, and clarity over ambiguity is very helpful.
Policy proposal process: https://www.arin.net/policy/pdp.html
Thanks! /John
John Curran President and CEO ARIN
-- Scott Helms Vice President of Technology ISP Alliance, Inc. DBA ZCorum (678) 507-5000 -------------------------------- Looking for hand-selected news, views and tips for independent broadband providers? Follow us on Twitter! http://twitter.com/ZCorum --------------------------------
On 2/3/2011 9:32 AM, Scott Helms wrote:
John,
I would hope that if some ARIN policy is enacted there would be some way to differentiate between organizations, like the one I belong to, that have provided this kind of service to customers for a number of years and organizations looking to take advantage of the new scarcity. We have and do provide IP space for other ISPs (mainly small and mid size) despite not providing connectivity for a number of reasons. We began providing this as a way of getting connectivity provider independent space to ISPs that lacked their own ASN and usually were not multi-homed because I had so many ISPs changing their upstream provider that it was causing us issues in both our engineering and call center teams. We provide network engineering (think re-IPing lots of ISP networks) and end user technical support (think lots of calls from upset customer who had to change their static IP) for many ISPs around the country. We certainly don't have a huge allocation, we have 209 /24s reassigned and 9 reallocated currently. We also pass along all of the usage and reporting requirements that ARIN requires of us. We also don't make money on the practice we charge a small amount on an annual basis for record keeping. As I said, we started this mainly to prevent network disruption and extra work _not_ as a profit center.
How a line might be drawn I don't know, but its important to understand that there are very legitimate reasons to reassign or reallocate space even if you are not providing connectivity for a given network.
It isn't at all clear to me how your business model is different from an ISP that chooses to connect their customer base to the Internet by buying multiple transit connections that happen to terminate very close to the customer's CPE. Or an ISP that has its own IP space but is letting their DSL aggregator announce it and provide the downstream DSL circuits to the ISP's customers. Seems perfectly legitimate to me. Matthew Kaufman
On Thu, 3 Feb 2011, John Curran wrote:
On Feb 3, 2011, at 11:32 AM, Jon Lewis wrote:
My point being, the leasing of IP space to non-connectivity customers is already well established, whether it's technically permitted by the [ir]relevant RIRs. I fully expect this to continue and spread. Eventually, holders of large legacy blocks will realize they can make good money acting as an LIR, leasing portions of their unused space to people who need it and can't get it, want it and don't qualify, etc.
These start-up LIRs won't be bound by RIR policies, both because in some cases they'll be legacy space holders with no RSA with their region's RIR, and because they won't be worried about eligibility for future RIR allocations of v4 space...because there won't be any.
For the ARIN region, it would be nice to know how you'd like ARIN perform in the presence of such activity ("leasing" IP addresses by ISP not providing connectivity). It's possible that such is perfectly reasonable and to simply be ignored, it's also possible that such should be considered a fraudulent transfer and the resources reclaimed. At the end of the day, the policy is set by this community, and clarity over ambiguity is very helpful.
I'm not saying that ARIN should. Even if I thought ARIN should, I suspect the policy process (to develop policies governing org to org IP space leases) would be a waste of everyone's time, because I seriously doubt any policy attempting to forbid or control such activity would be possible to enforce. I merely meant to point out that it's already happening, and IMO, will continue and spread. Additionally, I suspect any attempt by the RIRs to become the sole brokers or clearing houses for org to org IP space transactions within their regions will be futile. There may be some utility to the RIRs providing such a function, but I don't believe the RIRs will be able to control the markets and prevent ad-hoc LIRs from popping up and operating however they see fit. ---------------------------------------------------------------------- Jon Lewis, MCP :) | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
On Thu, Feb 03, 2011 at 04:54:42PM +0000, John Curran wrote:
On Feb 3, 2011, at 11:32 AM, Jon Lewis wrote:
My point being, the leasing of IP space to non-connectivity customers is already well established, whether it's technically permitted by the [ir]relevant RIRs. I fully expect this to continue and spread. Eventually, holders of large legacy blocks will realize they can make good money acting as an LIR, leasing portions of their unused space to people who need it and can't get it, want it and don't qualify, etc.
These start-up LIRs won't be bound by RIR policies, both because in some cases they'll be legacy space holders with no RSA with their region's RIR, and because they won't be worried about eligibility for future RIR allocations of v4 space...because there won't be any.
For the ARIN region, it would be nice to know how you'd like ARIN perform in the presence of such activity ("leasing" IP addresses by ISP not providing connectivity). It's possible that such is perfectly reasonable and to simply be ignored, it's also possible that such should be considered a fraudulent transfer and the resources reclaimed. At the end of the day, the policy is set by this community, and clarity over ambiguity is very helpful.
Policy proposal process: https://www.arin.net/policy/pdp.html
Thanks! /John
John Curran President and CEO ARIN
the practice predates ARIN by many years... FWIW... --bill
If you want to follow it up there's a pretty interesting thread ongoing in the ripe anti abuse working group All of the traffic from 2011 (only a few posts) .. http://ripe.net/ripe/maillists/archives/anti-abuse-wg/2011/ Start with this note here - http://ripe.net/ripe/maillists/archives/anti-abuse-wg/2011/msg00000.html - where (a few months late) I wrote in to protest Richard Cox's being removed as co-chair of the ripe anti abuse working group because he made much the same points. There was some argument that RIPE WG co-chairs are responsible to the RIPE chair / board etc and should be removed if they are overly critical of these, as richard admittedly was. Then go off far afield into various topics including whether that wg was really operational, and then the same question you asked .. what to do when the same entities acquiring /15s get themselves IPv6 netblocks? There seems to be a belief (in various posts in those threads) that v6 is so vast it just wont matter. Not sure that I share the belief but .. Anyway as this is about RIPE LIRs, those interested please join the abuse wg (link above) and chip in. --srs On Thu, Feb 3, 2011 at 10:02 PM, Jon Lewis <jlewis@lewis.org> wrote:
On Thu, 3 Feb 2011, Patrick W. Gilmore wrote:
On Feb 3, 2011, at 10:11 AM, Jon Lewis wrote:
The real fun's going to be over the next several years as the RIR's become irrelevant in the acquisition of scarce IPv4 resources...and things become less stable as lots of orgs rush to implement a strange new IP version.
Supposedly[*] transfers between private entities are still supposed to be justified to the local RIRs. (At least that's how it works in ARIN's area.)
I was going to say this when I walked up to the mic at the IPv4 runout talk yesterday morning, but sat down when they said "we're going to wrap this up now" and ended up going and talking to the RIPE people about it.
For a year or more, there have been RIPE region LIRs willing to lease relatively large amounts of IPv4 to anyone willing to pay. The ones I've been noticing have been "snowshoe spammers" who get their RIPE space and then announce it in datacenters in the US...presumably on rented dedicated servers from which they send spam.
My point being, the leasing of IP space to non-connectivity customers is already well established, whether it's technically permitted by the [ir]relevant RIRs. I fully expect this to continue and spread. Eventually, holders of large legacy blocks will realize they can make good money acting as an LIR, leasing portions of their unused space to people who need it and can't get it, want it and don't qualify, etc.
These start-up LIRs won't be bound by RIR policies, both because in some cases they'll be legacy space holders with no RSA with their region's RIR, and because they won't be worried about eligibility for future RIR allocations of v4 space...because there won't be any.
---------------------------------------------------------------------- Jon Lewis, MCP :) | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
-- Suresh Ramasubramanian (ops.lists@gmail.com)
(apologies to REM) On Feb 3, 2011, at 10:11 AM, Jon Lewis wrote:
The real fun's going to be over the next several years as the RIR's become irrelevant in the acquisition of scarce IPv4 resources...and things become less stable as lots of orgs rush to implement a strange new IP version.
There's clearly two things that need to be done: 1) Major infrastructure (ie: backhaul, corporate, ISP gateway) need to be upgraded/configured to support IPv6 2) Edge networks need to start to hand out IPv6 addresses and name servers. I think it would be great if providers started handing out IPv6 addressed name servers when an IPv4 client does a dhcp renew, etc. (eg: the NANOG conference lan gave my iPhone/iPad v6 nameservers..) #1 should be easy enough to do #2 is complicated as well by the lack of a single coherent edge technology that can deliver solutions - Jared (btw: has anyone configured IOS PPTP/VPDN to hand out IPv6 that would be willing to share config example with me)
On 2/3/11 7:36 AM, Jared Mauch wrote:
(apologies to REM)
On Feb 3, 2011, at 10:11 AM, Jon Lewis wrote:
The real fun's going to be over the next several years as the RIR's become irrelevant in the acquisition of scarce IPv4 resources...and things become less stable as lots of orgs rush to implement a strange new IP version.
There's clearly two things that need to be done:
1) Major infrastructure (ie: backhaul, corporate, ISP gateway) need to be upgraded/configured to support IPv6 2) Edge networks need to start to hand out IPv6 addresses and name servers. I think it would be great if providers started handing out IPv6 addressed name servers when an IPv4 client does a dhcp renew, etc.
Well, I'm doing my part by turning up native IPv6 at my parent's house this week or next. They are not technically inclined and I'm confident it won't be a problem. ;) ~Seth
Seth, What sort of ISP do your "not technically inclined" parents have that offers native ipv6? :-) -- Josh Smith KD8HRX email/jabber: juicewvu@gmail.com phone: 304.237.9369(c) On Thu, Feb 3, 2011 at 11:27 AM, Seth Mattinen <sethm@rollernet.us> wrote:
On 2/3/11 7:36 AM, Jared Mauch wrote:
(apologies to REM)
On Feb 3, 2011, at 10:11 AM, Jon Lewis wrote:
The real fun's going to be over the next several years as the RIR's become irrelevant in the acquisition of scarce IPv4 resources...and things become less stable as lots of orgs rush to implement a strange new IP version.
There's clearly two things that need to be done:
1) Major infrastructure (ie: backhaul, corporate, ISP gateway) need to be upgraded/configured to support IPv6 2) Edge networks need to start to hand out IPv6 addresses and name servers. I think it would be great if providers started handing out IPv6 addressed name servers when an IPv4 client does a dhcp renew, etc.
Well, I'm doing my part by turning up native IPv6 at my parent's house this week or next. They are not technically inclined and I'm confident it won't be a problem. ;)
~Seth
On 2/3/2011 08:38, Josh Smith wrote:
Seth, What sort of ISP do your "not technically inclined" parents have that offers native ipv6? :-)
I'm doing it via fixed wireless. They'll actually be my second access customer to get native IPv6. My parents are a good test case for the kind of user who doesn't care about the difference between IPv4 or IPv6 or the debates whether to /64 or not, only that the internet works. ~Seth
On 2/7/2011 1:17 PM, Seth Mattinen wrote:
On 2/3/2011 08:38, Josh Smith wrote:
Seth, What sort of ISP do your "not technically inclined" parents have that offers native ipv6? :-)
I'm doing it via fixed wireless. They'll actually be my second access customer to get native IPv6. My parents are a good test case for the kind of user who doesn't care about the difference between IPv4 or IPv6 or the debates whether to /64 or not, only that the internet works.
~Seth
Ahh, that makes them like 99.99% of all retail internet users. -- Scott Helms Vice President of Technology ISP Alliance, Inc. DBA ZCorum (678) 507-5000 -------------------------------- http://twitter.com/kscotthelms --------------------------------
In message <4D503E5E.5000300@ispalliance.net>, Scott Helms writes:
On 2/7/2011 1:17 PM, Seth Mattinen wrote:
On 2/3/2011 08:38, Josh Smith wrote:
Seth, What sort of ISP do your "not technically inclined" parents have that offers native ipv6? :-)
I'm doing it via fixed wireless. They'll actually be my second access customer to get native IPv6. My parents are a good test case for the kind of user who doesn't care about the difference between IPv4 or IPv6 or the debates whether to /64 or not, only that the internet works.
~Seth
Ahh, that makes them like 99.99% of all retail internet users.
But please have them daisy chain CPE devices so that they are in the X% that have more than one CPE devices connected today. I agree it should just work. I've seen more that one household of non geeks with multiple CPE devices. e.g. cable/adsl CPE wired CPE wireless Mark
-- Scott Helms Vice President of Technology ISP Alliance, Inc. DBA ZCorum (678) 507-5000 -------------------------------- http://twitter.com/kscotthelms --------------------------------
-- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
On Tue, Feb 08, 2011 at 10:26:16AM +1100, Mark Andrews wrote:
...
But please have them daisy chain CPE devices so that they are in the X% that have more than one CPE devices connected today. I agree it should just work. I've seen more that one household of non geeks with multiple CPE devices.
e.g. cable/adsl CPE wired CPE wireless
When I do that, I use a lan port on CPE2 rather than the wan port. Using CPE2 as just a switch rather than a router/natbox makes life much simpler. -- Barney Wolff I never met a computer I didn't like.
In message <20110207233627.GA64731@pit.databus.com>, Barney Wolff writes:
On Tue, Feb 08, 2011 at 10:26:16AM +1100, Mark Andrews wrote:
...
But please have them daisy chain CPE devices so that they are in the X% that have more than one CPE devices connected today. I agree it should just work. I've seen more that one household of non geeks with multiple CPE devices.
e.g. cable/adsl CPE wired CPE wireless
When I do that, I use a lan port on CPE2 rather than the wan port. Using CPE2 as just a switch rather than a router/natbox makes life much simpler.
Then you may as well have bought a access point.
-- Barney Wolff I never met a computer I didn't like.
-- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
On Feb 7, 2011, at 3:36 PM, Barney Wolff wrote:
On Tue, Feb 08, 2011 at 10:26:16AM +1100, Mark Andrews wrote:
...
But please have them daisy chain CPE devices so that they are in the X% that have more than one CPE devices connected today. I agree it should just work. I've seen more that one household of non geeks with multiple CPE devices.
e.g. cable/adsl CPE wired CPE wireless
When I do that, I use a lan port on CPE2 rather than the wan port. Using CPE2 as just a switch rather than a router/natbox makes life much simpler.
-- Barney Wolff I never met a computer I didn't like.
Unless you want to enforce policy between wired and wireless. As soon as you want that, you need to put the wired on the WAN port of the wireless. You also have to be careful about which boxes you purchase since many will hard-coded assume that the wireless is the internal trusted side of the equation. Owen
Still a few LEGACY in the status column ;-) -M On Thu, Feb 3, 2011 at 9:35 AM, Scott Howard <scott@doc.net.au> wrote:
102/8 AfriNIC 2011-02 whois.afrinic.net ALLOCATED 103/8 APNIC 2011-02 whois.apnic.net ALLOCATED 104/8 ARIN 2011-02 whois.arin.net ALLOCATED 179/8 LACNIC 2011-02 whois.lacnic.net ALLOCATED 185/8 RIPE NCC 2011-02 whois.ripe.net ALLOCATED
And we have yet to see what happens with backend transactions between private institutions that have large blocks laying around, and them realizing that they have a marketable and valuable thing. We may all say it won't happen, we may even say we don't want it to happen, or that it shouldn't be allowed - but I'm a realist.
From: Max Larson Henry [mailto:maxlarson.henry@transversal.ht]
Still a few LEGACY in the status column ;-)
-M
On Thu, Feb 3, 2011 at 9:35 AM, Scott Howard <scott@doc.net.au> wrote:
102/8 AfriNIC 2011-02 whois.afrinic.net ALLOCATED 103/8 APNIC 2011-02 whois.apnic.net ALLOCATED 104/8 ARIN 2011-02 whois.arin.net ALLOCATED 179/8 LACNIC 2011-02 whois.lacnic.net ALLOCATED 185/8 RIPE NCC 2011-02 whois.ripe.net ALLOCATED
On Thu, 3 Feb 2011, Alex Rubenstein wrote:
And we have yet to see what happens with backend transactions between private institutions that have large blocks laying around, and them realizing that they have a marketable and valuable thing. We may all say it won't happen, we may even say we don't want it to happen, or that it shouldn't be allowed - but I'm a realist.
Be a realist. A private market in IPv4 leasing is inevitable. The RIRs won't/can't prevent it. ---------------------------------------------------------------------- Jon Lewis, MCP :) | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
For all you folks mourning the demise of IPv4, could you PLEASE transfer those old, used, not useful to you anymore IPv4 blocks to me ... PLEASE? Pretty Please? just saying. --bill
On Thu, Feb 3, 2011 at 9:58 AM, Alex Rubenstein <alex@corp.nac.net> wrote:
And we have yet to see what happens with backend transactions between private institutions that have large blocks laying around, and them realizing that they have a marketable and valuable thing. We may all say it won't happen, we may even say we don't want it to happen, or that it shouldn't be allowed - but I'm a realist.
From: Max Larson Henry [mailto:maxlarson.henry@transversal.ht]
Still a few LEGACY in the status column ;-)
-M
On Thu, Feb 3, 2011 at 9:35 AM, Scott Howard <scott@doc.net.au> wrote:
102/8 AfriNIC 2011-02 whois.afrinic.net ALLOCATED 103/8 APNIC 2011-02 whois.apnic.net ALLOCATED 104/8 ARIN 2011-02 whois.arin.net ALLOCATED 179/8 LACNIC 2011-02 whois.lacnic.net ALLOCATED 185/8 RIPE NCC 2011-02 whois.ripe.net ALLOCATED
My theory is that IPv4 will continue to survive with companies becoming more and more conservative on the use of space. IPv6 adoption will happen more substantially as the cost of second hand IPv4 becomes more and more severe, approaching the apex of IPv4 cost vs. IPv6 adoption cost. -- Jeffrey Lyon, Leadership Team jeffrey.lyon@blacklotus.net | http://www.blacklotus.net Black Lotus Communications - AS32421 First and Leading in DDoS Protection Solutions
On 03/02/11 10:38 -0500, Jeffrey Lyon wrote:
On Thu, Feb 3, 2011 at 9:58 AM, Alex Rubenstein <alex@corp.nac.net> wrote:
And we have yet to see what happens with backend transactions between private institutions that have large blocks laying around, and them realizing that they have a marketable and valuable thing. We may all say it won't happen, we may even say we don't want it to happen, or that it shouldn't be allowed - but I'm a realist.
My theory is that IPv4 will continue to survive with companies becoming more and more conservative on the use of space. IPv6 adoption will happen more substantially as the cost of second hand IPv4 becomes more and more severe, approaching the apex of IPv4 cost vs. IPv6 adoption cost.
That makes sense in a 'market' kind of way, however I expect v6 adoption to be much less of a cost curve and more of a flood gate as vendors start rolling out better support, or any support for v6. It's difficult for me to imagine any kind of v4 address market extending the life of the public v4-only internet more than a few months, any more than 2 or 3 legacy /8s getting returned to the global pool would. There's just too much growth and too few networks that would get those addresses to be significant in the larger picture. I do agree that v4 will continue to survive for quite some time though, but not at the expense of v6 adoption. -- Dan White
On Feb 3, 2011, at 9:35 PM, Scott Howard wrote:
102/8 AfriNIC 2011-02 whois.afrinic.net ALLOCATED 103/8 APNIC 2011-02 whois.apnic.net ALLOCATED 104/8 ARIN 2011-02 whois.arin.net ALLOCATED 179/8 LACNIC 2011-02 whois.lacnic.net ALLOCATED 185/8 RIPE NCC 2011-02 whois.ripe.net ALLOCATED
<http://www.faqs.org/rfcs/rfc2468.html> ----------------------------------------------------------------------- Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
participants (39)
-
Alex Rubenstein -
Alexandre Snarskii -
Barney Wolff -
Benson Schliesser -
bmanning@vacation.karoshi.com -
Bryan Fields -
Dan White -
David Conrad -
david raistrick -
Dobbins, Roland -
Ernie Rubi -
George Herbert -
Jack Bates -
James P. Ashton -
Jared Mauch -
Jay Ashworth -
Jeffrey Lyon -
Jimmy Hess -
Joel Jaeggli -
John Curran -
Jon Lewis -
Josh Smith -
Kevin Stange -
Leo Bicknell -
Mark Andrews -
Marshall Eubanks -
Matthew Kaufman -
Max Larson Henry -
Owen DeLong -
Patrick W. Gilmore -
Robert Bonomi -
Ronald Bonica -
Rubens Kuhl -
Scott Helms -
Scott Howard -
Seth Mattinen -
Suresh Ramasubramanian -
Valdis.Kletnieks@vt.edu -
Wil Schultz