Would like to hear from anyone who purchased independent address space from ARIN, what issues you had (technical, or otherwise). -Dan -- [-] Omae no subete no kichi wa ore no mono da. [-]
Also Sprach Dan Hollis
Would like to hear from anyone who purchased independent address space from ARIN, what issues you had (technical, or otherwise).
Nothing other than the usually utter inability to apply any sort of critical thinking to address space allocations. Attitudes along the lines of, "We're doing what the policy says, even if the policy makes absolutely no sense given the facts of past allocations and the current allocation request." Common sense at ARIN is dead. -- Jeff McAdams Email: jeffm@iglou.com Head Network Administrator Voice: (502) 966-3848 IgLou Internet Services (800) 436-4456
Also Sprach Jeff McAdams
Also Sprach Dan Hollis
Would like to hear from anyone who purchased independent address space from ARIN, what issues you had (technical, or otherwise).
Nothing other than the usually utter inability to apply any sort of critical thinking to address space allocations. Attitudes along the lines of, "We're doing what the policy says, even if the policy makes absolutely no sense given the facts of past allocations and the current allocation request."
Common sense at ARIN is dead.
Following up to myself. :/ I should think more before sending... I guess I should also mention their complete lack of communication about the allocations and how they apply their policy. Some of you *might* remember a rant I posted here several years ago about getting our first allocation from ARIN...many here suggested that I call ARIN and get clarification on the allocation (ie, they gave me a /20 when I offered to renumber out of a /20 plus a smattering of other blocks...mathematically impossible, of course). So, when I called them back, they told me that renumbering out of our upstream provided space wasn't part of getting the allocation, and wasn't considered in the allocation process. So, now, when I go for them for the next allocation, stating that I *wanted* to renumber out of these blocks, what do I get? Another /20 (now even more mathematically impossible than ever). So, when I called emailed them for clarification, pointing out that I was actively looking to renumber out of upstream provided space and that a /20 wasn't enough space to do so...they told me that they weren't going to give me the space because the policy's wouldn't allow it (thus my first post), and that "You were going to renumber when you got your last allocation several years ago, and you didn't." (quote isn't exact, but captures the spirit of what was said). Needless to say...ARIN needs a big foam cluebat upside the head...alas, I don't see it happening. I've see the posts from people suggesting that people get involved in shaping policy at ARIN through the mailing lists and the like...but I don't go in much for futile efforts. :/ -- Jeff McAdams Email: jeffm@iglou.com Head Network Administrator Voice: (502) 966-3848 IgLou Internet Services (800) 436-4456
Some of you *might* remember a rant I posted here several years ago about getting our first allocation from ARIN...many here suggested that I call ARIN and get clarification on the allocation (ie, they gave me a /20 when I offered to renumber out of a /20 plus a smattering of other blocks...mathematically impossible, of course). So, when I called them back, they told me that renumbering out of our upstream provided space wasn't part of getting the allocation, and wasn't considered in the allocation process.
So, now, when I go for them for the next allocation, stating that I *wanted* to renumber out of these blocks, what do I get? Another /20 (now even more mathematically impossible than ever). So, when I called emailed them for clarification, pointing out that I was actively looking to renumber out of upstream provided space and that a /20 wasn't enough space to do so...they told me that they weren't going to give me the space because the policy's wouldn't allow it (thus my first post), and that "You were going to renumber when you got your last allocation several years ago, and you didn't." (quote isn't exact, but captures the spirit of what was said).
Needless to say...ARIN needs a big foam cluebat upside the head...alas, I don't see it happening.
So, you didn't renumber out of PA space into PI space and then upon hitting 80% utilization asking for additional PI space, which would have been justified at such point? Perhaps the cluebat might do more good on you?
Also Sprach bdragon@gweep.net
So, you didn't renumber out of PA space into PI space and then upon hitting 80% utilization asking for additional PI space, which would have been justified at such point?
I was *EXPLICITLY* told that renumbering wasn't an issue. Additionally, I only applied for space when we had utilized at 80% plus utilization of *all* of our previously allocated space (not just the previous allocation, as ARIN requires). I've gone above and beyond on the requirements.
Perhaps the cluebat might do more good on you?
Careful wielding the cluebat...you might drop it on your foot. -- Jeff McAdams Email: jeffm@iglou.com Head Network Administrator Voice: (502) 966-3848 IgLou Internet Services (800) 436-4456
Thus spake <bdragon@gweep.net>
So, you didn't renumber out of PA space into PI space and then upon hitting 80% utilization asking for additional PI space, which would have been justified at such point?
Perhaps the cluebat might do more good on you?
Please explain how somebody with more than 4096 hosts in PA space is supposed to renumber into a /20 of PI space. I fear you propose that he move the first 3276.8 hosts, request a second block, move another 3276.8 hosts, request a third block, etc. until he's got a dozen new allocations which can't be aggregated. Perhaps this explains the explosive growth in the routing tables since ARIN took over. S Stephen Sprunk "God does not play dice." --Albert Einstein CCIE #3723 "God is an inveterate gambler, and He throws the K5SSS dice at every possible opportunity." --Stephen Hawking
On Sun, 13 Apr 2003, Stephen Sprunk wrote:
Please explain how somebody with more than 4096 hosts in PA space is supposed to renumber into a /20 of PI space.
I fear you propose that he move the first 3276.8 hosts, request a second block, move another 3276.8 hosts, request a third block, etc. until he's got a dozen new allocations which can't be aggregated. Perhaps this explains the explosive growth in the routing tables since ARIN took over.
Perhaps the poster who mentioned they didn't get enough space to renumber should have started, filled the allocation, requested another, and finished the renumbering. In your request, did you mention any sort of projected timeline for renumbering into the block you requested? Maybe someone should write an update for rfc2050. Depending on which IP analyst your request is handled by, rfc2050 may be invoked, which states: Additional address allocations will provide enough address space to enable the ISP to assign addresses for three months without requesting additional address space from its parent registry. Please note that projected customer base has little impact on the address allocations made by the parent registries. I don't know anyone who's actually followed this, but I haven't communicated with many ARIN members about this sort of thing lately. Is this policy being enforced consistently now? I know in the past, ARIN has had their own policies (at least for initial and at one time for second allocations) that pretty much ignored this. Once upon a time, you could request a /20 from a reserved /19 as long as you were multi-homed and could justify a /21. Fill the first /20 in 18 months or less, and you get the other half, and have a /19. I think the rationale for this at the time was routing filters, as you were allowed to announce the /19 even before the second half of it was officially yours. Now, the ARIN tune seems to be "we only assign numbers, routability is your problem". I don't claim to have an easy solution for this. If every idiot with a business plan could request and receive a /16, there'd be an awful lot of wasted space. But if you've been around for most of the past decade and have continued to grow, should you really be issued new non-agregable blocks every several months? Somebody must have a better idea. ---------------------------------------------------------------------- Jon Lewis *jlewis@lewis.org*| I route System Administrator | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
On Sun, 13 Apr 2003 jlewis@lewis.org wrote:
On Sun, 13 Apr 2003, Stephen Sprunk wrote:
Please explain how somebody with more than 4096 hosts in PA space is supposed to renumber into a /20 of PI space.
I fear you propose that he move the first 3276.8 hosts, request a second block, move another 3276.8 hosts, request a third block, etc. until he's got a dozen new allocations which can't be aggregated. Perhaps this explains the explosive growth in the routing tables since ARIN took over.
Perhaps the poster who mentioned they didn't get enough space to renumber should have started, filled the allocation, requested another, and finished the renumbering. In your request, did you mention any sort of projected timeline for renumbering into the block you requested?
Maybe someone should write an update for rfc2050. Depending on which IP analyst your request is handled by, rfc2050 may be invoked, which states:
Additional address allocations will provide enough address space to enable the ISP to assign addresses for three months without requesting additional address space from its parent registry. Please note that projected customer base has little impact on the address allocations made by the parent registries.
I don't know anyone who's actually followed this, but I haven't communicated with many ARIN members about this sort of thing lately. Is this policy being enforced consistently now? I know in the past, ARIN has had their own policies (at least for initial and at one time for second allocations) that pretty much ignored this. Once upon a time, you could request a /20 from a reserved /19 as long as you were multi-homed and could justify a /21. Fill the first /20 in 18 months or less, and you get the other half, and have a /19. I think the rationale for this at the time was routing filters, as you were allowed to announce the /19 even before the second half of it was officially yours. Now, the ARIN tune seems to be "we only assign numbers, routability is your problem".
I don't claim to have an easy solution for this. If every idiot with a business plan could request and receive a /16, there'd be an awful lot of wasted space. But if you've been around for most of the past decade and have continued to grow, should you really be issued new non-agregable blocks every several months?
Somebody must have a better idea.
the way the registries handle it is better than rfc2050 tho surely? i mean they are encouraging folks to announce fewer routes by exceeding their requirement and its the routing table size we're more concerned about i thought the panic about wasted space had passed since people noticed we're only using a small chunk of the available space (post cidr) Steve
On Sun, 13 Apr 2003, Stephen J. Wilcox wrote:
the way the registries handle it is better than rfc2050 tho surely? i mean they are encouraging folks to announce fewer routes by exceeding their requirement and its the routing table size we're more concerned about
i thought the panic about wasted space had passed since people noticed we're only using a small chunk of the available space (post cidr)
Not at ARIN. Ask for "too much" space, and they will quote rfc2050 to you. ---------------------------------------------------------------------- Jon Lewis *jlewis@lewis.org*| I route System Administrator | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
Also Sprach jlewis@lewis.org
On Sun, 13 Apr 2003, Stephen Sprunk wrote:
Please explain how somebody with more than 4096 hosts in PA space is supposed to renumber into a /20 of PI space.
I fear you propose that he move the first 3276.8 hosts, request a second block, move another 3276.8 hosts, request a third block, etc. until he's got a dozen new allocations which can't be aggregated. Perhaps this explains the explosive growth in the routing tables since ARIN took over.
Perhaps the poster who mentioned they didn't get enough space to renumber should have started, filled the allocation, requested another, and finished the renumbering.
Ignoring, for the moment, that absolute absurdity of that type of procedure...you forget what I've now said twice...that ARIN said as clarification after I got the first block that renumbering wasn't a consideration, full stop. Either ARIN's policies are screwed up beyond even what I thought to begin with, or their communications with customers/ISPs/whatever is absolutely pitiful. Most likely, both.
In your request, did you mention any sort of projected timeline for renumbering into the block you requested?
During the first request, we proposed a timeline of 6 months to a year for renumber, if I remember correctly. And please don't even *think* of suggesting that we should have done it in 3 months...that's just laughable.
I don't know anyone who's actually followed this, but I haven't communicated with many ARIN members about this sort of thing lately. Is this policy being enforced consistently now? I know in the past, ARIN has had their own policies (at least for initial and at one time for second allocations) that pretty much ignored this. Once upon a time, you could request a /20 from a reserved /19 as long as you were multi-homed and could justify a /21. Fill the first /20 in 18 months or less, and you get the other half, and have a /19. I think the rationale for this at the time was routing filters, as you were allowed to announce the /19 even before the second half of it was officially yours. Now, the ARIN tune seems to be "we only assign numbers, routability is your problem".
FWIW, the second block that we got just a short time ago, was an extension of the previous /20, to make it a /19...not that this is relevant, in any way, to any of the issues raised. We still haven't never received from ARIN, a sufficiently large block to be able to renumber out of the currently utilized space as was offered for the first request, and strongly requested for the second; and the communications that we received after the first request was a flat out lie about the consideration of renumbering in allocations. There is no was for ARIN to get out of this one smelling like roses...they screwed up...probably twice, depending on your opinions about policies...but at least once in the lie about renumbering considerations.
I don't claim to have an easy solution for this. If every idiot with a business plan could request and receive a /16, there'd be an awful lot of wasted space.
FWIW, the first request we made was for a /19, which would have been the smallest single block that could have been allocated to us to allow us to renumber into; and the second request was for an /18, with the same reasoning. We got /20's both times (with the second /20 being the second half of the /19 of the first /20).
But if you've been around for most of the past decade and have continued to grow, should you really be issued new non-agregable blocks every several months?
IgLou has been in the Internet providing business for the better part of 15 years.
Somebody must have a better idea.
Here's a radical thought. Use some common sense and critical thinking skills in deciding what the allocation should be. It certainly seems to be lacking at the moment. -- Jeff McAdams Email: jeffm@iglou.com Head Network Administrator Voice: (502) 966-3848 IgLou Internet Services (800) 436-4456
On Sun, 13 Apr 2003, Jeff McAdams wrote:
Ignoring, for the moment, that absolute absurdity of that type of procedure...you forget what I've now said twice...that ARIN said as clarification after I got the first block that renumbering wasn't a consideration, full stop.
I don't see how that's at all absurd. You said you had a /20 and some additional blocks of PA space. What's wrong with doing a slow renumber of customers into your PI block? When you utilize 80% of the PI block, ask ARIN for more space to continue renumbering. Note: I'm not saying renumber into PI block-A, then ask for a bigger block and renumber out of A into bigger block-B...just an additional block that you can continue to use both for new customers and to continue renumbering customers who were using your PA space. Where's the crazy part here?
Either ARIN's policies are screwed up beyond even what I thought to begin with, or their communications with customers/ISPs/whatever is absolutely pitiful. Most likely, both.
ARIN's policies do change over time, which can be surprising and annoying (you get used to a policy or think you know their policy...time goes by, and then you find what you know is invalid). It's a pain, but it's life.
During the first request, we proposed a timeline of 6 months to a year for renumber, if I remember correctly. And please don't even *think* of suggesting that we should have done it in 3 months...that's just laughable.
It's alot of work, but laughable? Why? You're talking to someone who simultaneously moved an ISP's physical network from one building to another (across town), changed backbone providers, multihomed, did BGP for the first time, and renumbered from 2 /20's of PA space (we weren't using much of the second /20 and with inefficiencies cleaned up, really only needed most of a /20) into a /20 of a reserved /19 of PI space in about a week (all at the same time including moving customer T1's) while the old landlord was threatening lock us out, and the old backbone provider threatening to shut us off! It took alot of planning, a week of very long days, and alot of customer hand holding, but it can be done. But all that said, who said you should have to renumber inside of 3 months?
FWIW, the second block that we got just a short time ago, was an extension of the previous /20, to make it a /19...not that this is relevant, in any way, to any of the issues raised. We still haven't never received from ARIN, a sufficiently large block to be able to renumber out of the currently utilized space as was offered for the first request, and strongly requested for the second; and the communications that we received after the first request was a flat out lie about the consideration of renumbering in allocations.
Is there some reason you need to have 1 PI block big enough to handle renumbering out of all your PA blocks? Why can't you renumber some of the PA space into PI space, return the no longer used PA space to P, and get more PI blocks from ARIN to continue the renumbering?
There is no was for ARIN to get out of this one smelling like roses...they screwed up...probably twice, depending on your opinions about policies...but at least once in the lie about renumbering considerations.
I like to bash ARIN as much as the next member, but I just don't see it here. Either I'm not getting some part of your story, or you've got some really weird ideas about PI space and renumbering.
FWIW, the first request we made was for a /19, which would have been the smallest single block that could have been allocated to us to allow us to renumber into; and the second request was for an /18, with the same reasoning. We got /20's both times (with the second /20 being the second half of the /19 of the first /20).
If you're really using a /18 of PA space, and using it efficiently according to ARIN guidelines, I'd be really surprised if you filled out the application for space and said "here's how we're using a /18 worth of PA space, we'd like to renumber from it into PI space, and will do so over X months." and ARIN didn't allocate you a /18. If you've already tried this and failed, it may just be a matter of how you're filling out the form. ---------------------------------------------------------------------- Jon Lewis *jlewis@lewis.org*| I route System Administrator | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
On Mon, 14 Apr 2003, Jeff McAdams wrote:
OK...then why hasn't *any* of the relevant documentation (which is wrong, no matter which policy you're dealing with) changed?
Based on recent activity with www.arin.net, I think they're more concerned with the look & feel of their web site than the actual content. I'd say fire the graphic design person/people and use that money to simply keep the site up to date and functional or to pay more IP analysts.
ARIN's policies (at least as stated on their web pages...but we've already shown those to be fictional) indicate that the renumbering would have to happen before an additional block would be allocated, and that
There does seem to be either a lack of consistency or some conflicting policies depending on how many allocations you've gotten. You might get used to one policy and then find it no longer applies to you.
they only allocate blocks based on anticipated 3 month growth (which is also fictional...they actually base it on *past* growth, not anticipated future growth, based on what I was told after the last allocation, again...may be the truth, may not be, flip a coin)
I've run into this too...having ARIN point fingers at past growth and simultaneously quoting rfc2050 saying to only request 3 months worth. IMO, that policy sucks, which is why I suggested someone write an update for rfc2050. Actually, once you get used to dealing with ARIN, filling out the forms the way they want, and have your IP allocation data in a format that lends itself to easily filling in the blanks on the request form, getting more space isn't that big a deal, but it still is a pain to do, requires updating filters, router configs, routing registries, etc. and doing it several times a year just seems like a waste of time. Once a year would be more acceptable.
Suffice it to say, that would not have been practical in our case.
If that's the sort of detail you gave ARIN, it's no surprise you've not gotten what you want from them.
allocation...we just, again, wanted to renumber out of the PA (what does the "A" stand for, there, by the way?) space, with a /20+. And, no, I'm
PI = provider indepentent (you can take it with you if you change providers) PA = provider assigned (switch providers and you lose the space) or were you being rhetorical for some reason?
not going to renumber half my network then go back to ARIN again. That's absurd to have to do that.
Based on rfc2050 (if the IP analyst you get decides to invoke it), you're going to have to renumber in 3 months if you want all that renumbering to be into a single block. Like it or not, those appear to be the rules.
given the allocations (both PA and PI) that we have, and we're desiring (for business reasons as well as altruistic) to renumber out of PA space into fewer, but larger, PI blocks. ARIN has been a stumbling block to us accomplishing these things every step of the way.
Other than doing your part to slow routing table growth (and the obvious desire to get as much space as possible, as infrequently as possible from ARIN), why do you care how many IP blocks (and what sizes) you have? For traffic engineering purposes, there are actually advantages to more smaller blocks.
ARIN has failed to accomplish everything that it was created to do. Its whole purpose for existence has basically not been served.
It makes a big profit though :) Have you seen their financial reports?
Well...as someone else mentioned...apparently you can never fill out an ARIN form without ever being asked for clarification on a different form. Why don't they just have you fill out the second form in the first place?
Practice. My first few times, I had to clarify things, and they'd typically not ask for all clarifications at once, so you clarify something, then they ask for clarification on something else. This last time, I think they only asked once for clarifications on a couple of larger allocations, one of which was actually fully mentioned in the initial application, but they didn't put the info in 2 different parts of the application together. If you fill out the form properly and just assume that they'll want clarification on any /24 or larger assignment to a customer, you probably won't spend much time going back and forth on clarifications. If you have ISP customers, allocate (not assign) space to them so they can do their own swips, and tell them they have to do it.
And some people wonder why most of the world dreads dealing with ARIN.
Most of the world doesn't have to...just North America. ---------------------------------------------------------------------- Jon Lewis *jlewis@lewis.org*| I route System Administrator | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
Also Sprach jlewis@lewis.org
Based on recent activity with www.arin.net, I think they're more concerned with the look & feel of their web site than the actual content. I'd say fire the graphic design person/people and use that money to simply keep the site up to date and functional or to pay more IP analysts.
...
There does seem to be either a lack of consistency or some conflicting policies depending on how many allocations you've gotten. You might get used to one policy and then find it no longer applies to you.
...
I've run into this too...having ARIN point fingers at past growth and simultaneously quoting rfc2050 saying to only request 3 months worth. IMO, that policy sucks, which is why I suggested someone write an update for rfc2050. Actually, once you get used to dealing with ARIN, filling out the forms the way they want, and have your IP allocation data in a format that lends itself to easily filling in the blanks on the request form, getting more space isn't that big a deal, but it still is a pain to do, requires updating filters, router configs, routing registries, etc. and doing it several times a year just seems like a waste of time. Once a year would be more acceptable.
We're in agreement on these points... FWIW, our SWIP's are perfectly up to do. While they're not filed automatically by our billing/provisioning system, it does put in a ticket into our ticket tracking system to tell one of our technicians to do it...and our billing/provisioning system is *anal* about it, too. :)
Suffice it to say, that would not have been practical in our case.
If that's the sort of detail you gave ARIN, it's no surprise you've not gotten what you want from them.
No, I gave ARIN considerably more detail than that...I just don't care to share what could be considered internal, proprietary information about our network on a public mailing list. We don't have a great deal to hide, and we don't do things drastically differently than many other networks, but I'd rather not broadcast how we're set up far and wide, thanks.
allocation...we just, again, wanted to renumber out of the PA (what does the "A" stand for, there, by the way?) space, with a /20+. And, no, I'm
PI = provider indepentent (you can take it with you if you change providers) PA = provider assigned (switch providers and you lose the space) or were you being rhetorical for some reason?
No, I knew the concepts, I just couldn't figure out what the "A" expanded out to. Nothing more.
going to have to renumber in 3 months if you want all that renumbering to be into a single block. Like it or not, those appear to be the rules.
Yup, thus my comment(s) about common sense being dead.
given the allocations (both PA and PI) that we have, and we're desiring (for business reasons as well as altruistic) to renumber out of PA space into fewer, but larger, PI blocks. ARIN has been a stumbling block to us accomplishing these things every step of the way.
Other than doing your part to slow routing table growth (and the obvious desire to get as much space as possible, as infrequently as possible from ARIN), why do you care how many IP blocks (and what sizes) you have? For traffic engineering purposes, there are actually advantages to more smaller blocks.
Agreed...having smaller blocks allows finer grained control of traffic...but for the reasons you noted, there, we're trying to "Do the Right Thing", as I said. While we're a business, and are in it to make money, (and successfully do so), we still try to have something of a community minded approach to dealing with issues of commons (such as routing table size, ip address depletion, etc.). I know its rare to see an ISP actually care about things like that for other's benefit...but that's really, a large part of the reason that we try to do this. Of course, not having to go back to ARIN every 3 months is a benefit as well, so its not completely altruistic, but there is certainly an element of altruism (believe it or not) to it.
ARIN has failed to accomplish everything that it was created to do. Its whole purpose for existence has basically not been served.
It makes a big profit though :) Have you seen their financial reports?
I've been scared to look. I'm already cynical enough about ARIN.
Well...as someone else mentioned...apparently you can never fill out an ARIN form without ever being asked for clarification on a different form. Why don't they just have you fill out the second form in the first place?
Practice.
Well...that gives me hope for the future...and other than being annoying, wasn't really the crux of my issues with ARIN.
And some people wonder why most of the world dreads dealing with ARIN.
Most of the world doesn't have to...just North America.
True...but my point is still basically valid, if you ignore the ethnocentrism. -- Jeff McAdams Email: jeffm@iglou.com Head Network Administrator Voice: (502) 966-3848 IgLou Internet Services (800) 436-4456
JM> Date: Mon, 14 Apr 2003 09:10:44 -0400 JM> From: Jeff McAdams JM> They lied to me, full stop. Additionally, depending on your beliefs of JM> what's practical for renumbering policies...they screwed me over there JM> too by not giving me enough space (whether one block or more than one, I JM> don't give a crap...but this going back after renumbering half the JM> network is absurd). "Here's our current address utilization; details are attached. We require a /X for our immediate use." *time passes* "Here is your new PI block. Show at least 80% utilization before asking for more space." "Uh... this block you gave us? Utilization will be in excess of 100%, because it's not big enough to hold everything. We're renumbering out of the old space." "Here's a form. Please fill it out in detail, indicating how your address space is used." JM> ARIN has failed to accomplish everything that it was created to do. Its JM> whole purpose for existence has basically not been served. Hmmmm. 96/5 and AS4xxxx are hereby under the authority of AlteRIN. Rob, please add these to your list. ;-) Eddy -- Brotsman & Dreger, Inc. - EverQuick Internet Division Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 (785) 865-5885 Lawrence and [inter]national Phone: +1 (316) 794-8922 Wichita ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Date: Mon, 21 May 2001 11:23:58 +0000 (GMT) From: A Trap <blacklist@brics.com> To: blacklist@brics.com Subject: Please ignore this portion of my mail signature. These last few lines are a trap for address-harvesting spambots. Do NOT send mail to <blacklist@brics.com>, or you are likely to be blocked.
On Sun, Apr 13, 2003 at 08:58:09PM -0400, Jeff McAdams wrote:
Either ARIN's policies are screwed up beyond even what I thought to begin with, or their communications with customers/ISPs/whatever is absolutely pitiful. Most likely, both.
From what I've seen, 1% of the ARIN using population knows how ARIN works and how to get what they want, and 99% of the ARIN using population lives in either a) fear of dealing with ARIN for things that they technically qualify for, and/or b) utter loathing and hatred from past experiences.
Unfortunately, the people who are capable of changing things are the ones who fall into the 1% category, hence they never see the problem or need. The "public policy" forums like ARIN-PPML don't help matters either, as any form of common sense seems to be drowned out amongst the net kooks and other wackjobs. Meanwhile, the 99% category sits around wondering about things like: * Why does the ARIN email system takes an hour just to generate an auto-acknowledgment? * Why does it take days, and sometimes many days, to process a form and at the very least get a simple YAY or NAY on the syntax so you can continue submitting without finding out 99 forms later that your first form had a typo and invalidated all the rest. * Why does it seem like no human touches a form until after 4PM Eastern? * Why does the theoretically automated form processing for things like SWIPs still take over an hour to get a YAY or NAY email through. * Why does it take a week to process a payment? * Why have I NEVER been able to submit an ARIN request without receiving a response asking for information I included in the original request. * Why do we have to submit to the equivalent of an IP anal probe, and cough up extremely detailed documentation on network architectures and the use of every IP address. * Why any of this "police state" is necessary given that the shortage of IPv4 addresses seems to be artifically created. There are still tons of IP addresses that are either unallocated, unreasonably allocated (hey Merit, lets see your documentation on 35.0.0.0/8 :P), or long dead and never reclaimed. Only 32% of the available IPv4 space is being announced, where is the shortage? * Why do we have to pay very large sums of money ($2500+ per year at a minimum) for this wonderful IP policing service. Where in the heck does all that money go? * Why are we expected to continue the status quo of paying thousands of dollars for addresses in IPv6? Without the threat of an artifical shortage to "manage", what possible reason is there to justify ARIN's existance or fees? Why do we all get the feeling IPv6 isn't an end to the expenses, but rather a vast new market of registration and renewal fees? * http://www.arin.net/library/corp_docs/budget.html - Where does the $1M in "fringe benefits" go? Where does the extra $1.5M in revenue go? Why does ARIN need to spend so much in travel, etc? * Why does ARIN have no problem assigning large blocks of unallocated space (usually 2x or more) around a new "customer" to accomodate for future growth, but have policies preventing ISPs from doing the same (aka 80% utilization for more space). * Etc etc etc, not counting the problems that have already been mentioned. Yes, if you take the time to try and figure out what goes on inside the minds of ARIN, you'll find that some of the people actually do try to be useful human beings. But most of us don't have the time or desire to do that, we just want a system that works. I don't think the current system meets anyone's standard for useful, efficient, or cost effective. -- Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
On Mon, 14 Apr 2003, Richard A Steenbergen wrote: > Why are we expected to continue the status quo of paying thousands of > dollars for addresses in IPv6? Without the threat of an artifical > shortage to "manage", what possible reason is there to justify ARIN's > existance or fees? Why do we all get the feeling IPv6 isn't an end to > the expenses, but rather a vast new market of registration and renewal > fees? That's actually a really good question, and one you should do some thinking about, and talk with people about, before it starts coming time to make policy decisions. When the day arrives when people don't want new IPv4 addresses, or there aren't any to be had, and everybody who needs v6 addresses has them, how is the registry going to be paid for? -Bill
On Sun, Apr 13, 2003 at 11:28:08PM -0700, Bill Woodcock wrote:
That's actually a really good question, and one you should do some thinking about, and talk with people about, before it starts coming time to make policy decisions.
When the day arrives when people don't want new IPv4 addresses, or there aren't any to be had, and everybody who needs v6 addresses has them, how is the registry going to be paid for?
How is a commercial, for profit service, like, say, an ISP expected to justify spending thousands upon thousands to 'lease' IPv6 space that their customers (in most cases, at least in the US) won't pay them anything additional to use? When everyone's cutting costs, in many cases simply to survive in this market... why are they expected to fund a registry's operations? Charging for v6 allocations may make sense...in a few years. We're not there yet. And I doubt that v4 will cease being a moneymaker any time soon. --msa
Thus spake "Bill Woodcock" <woody@pch.net>
When the day arrives when people don't want new IPv4 addresses, or there aren't any to be had, and everybody who needs v6 addresses has them, how is the registry going to be paid for?
That's why RIRs lease addresses to you, not sell them -- they get to keep collecting money forever even if they do no additional work. S Stephen Sprunk "God does not play dice." --Albert Einstein CCIE #3723 "God is an inveterate gambler, and He throws the K5SSS dice at every possible opportunity." --Stephen Hawking
On Mon, 14 Apr 2003, Stephen Sprunk wrote: > That's why RIRs lease addresses to you, not sell them -- they get to keep > collecting money forever even if they do no additional work. RIRs _allocate_ addresses, meaning that they provide the _service_ of _registering uniqueness_. You pay a _membership fee_ to support the ongoing operation of the registry, and allow it to continue providing you with the _service of uniqueness_ for your addresses. You don't buy them, you don't lease them. You buy the service of the RIR's maintenance of a database which ensures unique allocations. -Bill
Thus spake "Bill Woodcock" <woody@pch.net>
On Mon, 14 Apr 2003, Stephen Sprunk wrote:
That's why RIRs lease addresses to you, not sell them -- they get to keep collecting money forever even if they do no additional work.
RIRs _allocate_ addresses, meaning that they provide the _service_ of _registering uniqueness_. You pay a _membership fee_ to support the ongoing operation of the registry, and allow it to continue providing you with the _service of uniqueness_ for your addresses.
You don't buy them, you don't lease them. You buy the service of the RIR's maintenance of a database which ensures unique allocations.
When I buy real estate, I don't have to pay yearly fees to the county clerk to keep my title "unique", nor does the clerk charge me a different fee based on the size of the parcel. They are solely concerned with the number of parcels I own and making sure nobody else claims them too. This is an accepted fee structure for a "service of uniqueness". If ARIN were truly a registry, they would charge by the prefix, not by the address, and said fees would only be incurred when a change was made. ARIN's fee structure clearly has far more in common with a landlord than with a title clerk. If it walks and talks like a duck, it's probably a duck. S Stephen Sprunk "God does not play dice." --Albert Einstein CCIE #3723 "God is an inveterate gambler, and He throws the K5SSS dice at every possible opportunity." --Stephen Hawking
Stephen Sprunk wrote:
If ARIN were truly a registry, they would charge by the prefix, not by the address, and said fees would only be incurred when a change was made. ARIN's fee structure clearly has far more in common with a landlord than with a title clerk. If it walks and talks like a duck, it's probably a duck.
We are having this issue with RIPE in the EU, where fees increased by 50% last year - with no justification other than 'we need it'. So, unlike the rest of the IT universe, making cut backs and economising, they are continuing to support their own gravy train in the hope that their membership doesn't notice. I think the 50% increase was noticed; now all we have to do is get to the (not co-located with any other practical meeting in an obscure location) AGM where budgets are voted on. Peter
At 01:18 PM 15-04-03 +0100, Peter Galbavy wrote:
Stephen Sprunk wrote:
If ARIN were truly a registry, they would charge by the prefix, not by the address, and said fees would only be incurred when a change was made. ARIN's fee structure clearly has far more in common with a landlord than with a title clerk. If it walks and talks like a duck, it's probably a duck.
We are having this issue with RIPE in the EU, where fees increased by 50% last year - with no justification other than 'we need it'. So, unlike the
Not fair. This discussion thread was already answered by Daniel Bovio to which you were a part of: http://www.ripe.net/ripe/mail-archives/lir-wg/2002/msg00288.html Stating "no justification" basically ignores Daniel's valid comments. -Hank
rest of the IT universe, making cut backs and economising, they are continuing to support their own gravy train in the hope that their membership doesn't notice. I think the 50% increase was noticed; now all we have to do is get to the (not co-located with any other practical meeting in an obscure location) AGM where budgets are voted on.
Peter
Hank Nussbacher wrote:
Not fair. This discussion thread was already answered by Daniel Bovio to which you were a part of: http://www.ripe.net/ripe/mail-archives/lir-wg/2002/msg00288.html
Stating "no justification" basically ignores Daniel's valid comments.
I still state 'no justification'. I will go further and say 'no HONEST justification'. All I got were excuses that boiled down to 'we need to keep everyone employed'. The downturn of the ISP business has resulted in everyone cutting costs - except the quangos like RIPE, and by the sound of it ARIN too. These organisation rely on their 'membership' being too busy with their own problems and most pulling in different directions to have any real threat to their comfortable and protected existence. I do not believe this is right in the RIPE case, and by the cound of it in the ARIN case either. I will try as hard as I can - given my own commercial and time pressures - to take some action at this years RIPE AGM. That is if it isn't held in a locked filing cabinet in a disused toilet marked 'Beware of the Leopard'. Again. Peter
Richard A Steenbergen wrote:
* Why have I NEVER been able to submit an ARIN request without receiving a response asking for information I included in the original request.
I would say it's because you need to explain yourself more clearly in your requests. You can never give them too much information, so bowl them over with all the detail you can possibly muster up. And if you find they're asking for similar information every time, perhaps including that information in the initial application would negate the need for a clarification. Bottom line - you have to type a lot. Sorry.
* Why do we have to submit to the equivalent of an IP anal probe, and cough up extremely detailed documentation on network architectures and the use of every IP address.
I think this goes without saying. How else can the Internet community be assurred of efficient address space utilization on both a local and global level ? If you can't justify the need for IP space, no soup for you. It's inconvenient, but it has to be done to ensure proper utilization.
* Why any of this "police state" is necessary given that the shortage of IPv4 addresses seems to be artifically created. There are still tons of IP addresses that are either unallocated, unreasonably allocated (hey Merit, lets see your documentation on 35.0.0.0/8 :P), or long dead and never reclaimed. Only 32% of the available IPv4 space is being announced, where is the shortage?
See above - if there wasn't the policing in place, you wouldn't be asking this question. The shortage isn't the reason for ARIN's policies. Ongoing scalability and sustainability from local accountability and adherence to good practice is.
* Why do we have to pay very large sums of money ($2500+ per year at a minimum) for this wonderful IP policing service. Where in the heck does all that money go?
The flaming pitchforks ? :)
* Why does ARIN have no problem assigning large blocks of unallocated space (usually 2x or more) around a new "customer" to accomodate for future growth, but have policies preventing ISPs from doing the same (aka 80% utilization for more space).
Because they need to give them something to start off with, then adjust future allocations based on their growth. Networks who have demonstrated the need for a certain size block will get that size block based on past usage. If their utilization increases, they may have to apply early. In doing so, they may demonstrate that a larger block is needed this time. How's that for a benefit.
* Etc etc etc, not counting the problems that have already been mentioned.
Yes, if you take the time to try and figure out what goes on inside the minds of ARIN, you'll find that some of the people actually do try to be useful human beings. But most of us don't have the time or desire to do that, we just want a system that works. I don't think the current system meets anyone's standard for useful, efficient, or cost effective.
There is no such thing as a shortage of time, only a shortage of priority. Giving ARIN what they want takes time and can be a pain in the nether regions, but it is a necessary evil. The system works if you take the time and attention to make it work for you. Andrea Abrahamsen Software Engineer, Intelligent Network Services Cisco Systems
I hate to pile on, but Andrea is right. I had absolutely no problem getting any of my ARIN numbers because I wrote an essay about my network. I though at the time that it was a waste of my time but have come to understand even more about my network than before. Even if you know your network and what you need like the back of your hand, ARIN doesn't. They don't even really want to. On an initial allocation they don't know "JACK" about you. You need to supply them with a reason to trust you and pouring out your network "guts" on the request usually does the trick. JMHO Brian Johnson Internet Operations Specialist Northern Valley Communications
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Andrea Abrahamsen Sent: Monday, April 14, 2003 1:01 PM To: Richard A Steenbergen; nanog@merit.edu Subject: Re: Independent space from ARIN
Richard A Steenbergen wrote:
* Why have I NEVER been able to submit an ARIN request
without receiving
a response asking for information I included in the original request.
I would say it's because you need to explain yourself more clearly in your requests. You can never give them too much information, so bowl them over with all the detail you can possibly muster up. And if you find they're asking for similar information every time, perhaps including that information in the initial application would negate the need for a clarification.
Bottom line - you have to type a lot. Sorry.
* Why do we have to submit to the equivalent of an IP anal
probe, and
cough up extremely detailed documentation on network architectures and the use of every IP address.
I think this goes without saying. How else can the Internet community be assurred of efficient address space utilization on both a local and global level ? If you can't justify the need for IP space, no soup for you. It's inconvenient, but it has to be done to ensure proper utilization.
* Why any of this "police state" is necessary given that
the shortage of
IPv4 addresses seems to be artifically created. There are still tons of IP addresses that are either unallocated, unreasonably allocated (hey Merit, lets see your documentation on 35.0.0.0/8 :P), or long dead and never reclaimed. Only 32% of the available IPv4 space is being announced, where is the shortage?
See above - if there wasn't the policing in place, you wouldn't be asking this question. The shortage isn't the reason for ARIN's policies. Ongoing scalability and sustainability from local accountability and adherence to good practice is.
* Why do we have to pay very large sums of money ($2500+
minimum) for this wonderful IP policing service. Where in
per year at a the heck does
all that money go?
The flaming pitchforks ? :)
* Why does ARIN have no problem assigning large blocks of unallocated space (usually 2x or more) around a new "customer" to accomodate for future growth, but have policies preventing ISPs from doing the same (aka 80% utilization for more space).
Because they need to give them something to start off with, then adjust future allocations based on their growth.
Networks who have demonstrated the need for a certain size block will get that size block based on past usage. If their utilization increases, they may have to apply early. In doing so, they may demonstrate that a larger block is needed this time. How's that for a benefit.
* Etc etc etc, not counting the problems that have already been mentioned.
Yes, if you take the time to try and figure out what goes on inside the minds of ARIN, you'll find that some of the people actually do try to be useful human beings. But most of us don't have the time or desire to do that, we just want a system that works. I don't think the current system meets anyone's standard for useful, efficient, or cost effective.
There is no such thing as a shortage of time, only a shortage of priority. Giving ARIN what they want takes time and can be a pain in the nether regions, but it is a necessary evil. The system works if you take the time and attention to make it work for you.
Andrea Abrahamsen Software Engineer, Intelligent Network Services Cisco Systems
On Mon, Apr 14, 2003 at 02:21:01AM -0400, Richard A Steenbergen wrote:
* Why do we have to pay very large sums of money ($2500+ per year at a minimum) for this wonderful IP policing service. Where in the heck does all that money go?
Out of the $7,861,700.00 they raked in last year: SALARIES $2,326,653.85 FRINGE BENEFITS $1,045,063.15 HIRING COSTS $75,000.00 TRAVEL AND CONFERENCE $631,732.40 COMMUNICATIONS $236,699.62 COMPUTER $118,941.75 DEPRECIATION $445,750.00 RENT & OCCUPANCY $461,287.00 GENERAL OFFICE $192,400.00 LEGAL FEES $100,000.00 Legal Defense Fund $200,000.00 ICANN SUPPORT $188,480.00 Other Internet Support - Merit & ISOC $100,000.00 LACNIC SUPPORT $66,000.00 CONSULTING $184,000.00 Total $6,372,007.76 In other words, they're milking the cash cow.
* Why are we expected to continue the status quo of paying thousands of dollars for addresses in IPv6? Without the threat of an artifical shortage to "manage", what possible reason is there to justify ARIN's existance or fees? Why do we all get the feeling IPv6 isn't an end to the expenses, but rather a vast new market of registration and renewal fees?
Because the owners of the cash cow don't want it to go away.
-- Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
-- Matthew S. Hallacy FUBAR, LART, BOFH Certified http://www.poptix.net GPG public key 0x01938203
I thought ARIN was a not-for-profit organization. Like a co-op. I want a cut as I am an ARIN member. :-) - Brian J. ----- Original Message ----- From: "Matthew S. Hallacy" <poptix@techmonkeys.org> To: "Richard A Steenbergen" <ras@e-gerbil.net>; <nanog@merit.edu> Sent: Monday, April 14, 2003 9:01 PM Subject: Re: Independent space from ARIN
On Mon, Apr 14, 2003 at 02:21:01AM -0400, Richard A Steenbergen wrote:
* Why do we have to pay very large sums of money ($2500+ per year at a minimum) for this wonderful IP policing service. Where in the heck
does
all that money go?
From http://www.arin.net/library/corp_docs/budget.html :
Out of the $7,861,700.00 they raked in last year:
SALARIES $2,326,653.85 FRINGE BENEFITS $1,045,063.15 HIRING COSTS $75,000.00 TRAVEL AND CONFERENCE $631,732.40 COMMUNICATIONS $236,699.62 COMPUTER $118,941.75 DEPRECIATION $445,750.00 RENT & OCCUPANCY $461,287.00 GENERAL OFFICE $192,400.00 LEGAL FEES $100,000.00 Legal Defense Fund $200,000.00 ICANN SUPPORT $188,480.00 Other Internet Support - Merit & ISOC $100,000.00 LACNIC SUPPORT $66,000.00 CONSULTING $184,000.00 Total $6,372,007.76
In other words, they're milking the cash cow.
* Why are we expected to continue the status quo of paying thousands of dollars for addresses in IPv6? Without the threat of an artifical shortage to "manage", what possible reason is there to justify ARIN's existance or fees? Why do we all get the feeling IPv6 isn't an end to the expenses, but rather a vast new market of registration and renewal fees?
Because the owners of the cash cow don't want it to go away.
-- Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
-- Matthew S. Hallacy FUBAR, LART, BOFH Certified http://www.poptix.net GPG public key 0x01938203
On Mon, 14 Apr 2003, Brian Johnson wrote: > I thought ARIN was a not-for-profit organization. Like a co-op. Yes, it is. You notice, there's no dividend or disbursement of profits in that budget. > I want a cut as I am an ARIN member. :-) Feel free to declare a special assessment on yourself and distribute it as you see fit. -Bill
Bill Woodcock wrote:
On Mon, 14 Apr 2003, Brian Johnson wrote: > I thought ARIN was a not-for-profit organization. Like a co-op.
Yes, it is. You notice, there's no dividend or disbursement of profits in that budget.
... that you will ever find. My feeling are based on experiences with RIPE. The status quo MUST be maintained at all costs. Peter
Thats not _that_ large a turnover, $6m, and $2.3m for salaries isnt that big. Altho I wonder what the $1m of fringe benefits are! Not for profit simply means the company keeps hold of any profits it makes and reinvests/reduces fees as a result. It doesnt stop you paying senior staff large salaries tho as thats wages overhead not profit... Steve On Mon, 14 Apr 2003, Brian Johnson wrote:
I thought ARIN was a not-for-profit organization. Like a co-op.
I want a cut as I am an ARIN member. :-)
- Brian J. ----- Original Message ----- From: "Matthew S. Hallacy" <poptix@techmonkeys.org> To: "Richard A Steenbergen" <ras@e-gerbil.net>; <nanog@merit.edu> Sent: Monday, April 14, 2003 9:01 PM Subject: Re: Independent space from ARIN
On Mon, Apr 14, 2003 at 02:21:01AM -0400, Richard A Steenbergen wrote:
* Why do we have to pay very large sums of money ($2500+ per year at a minimum) for this wonderful IP policing service. Where in the heck
does
all that money go?
From http://www.arin.net/library/corp_docs/budget.html :
Out of the $7,861,700.00 they raked in last year:
SALARIES $2,326,653.85 FRINGE BENEFITS $1,045,063.15 HIRING COSTS $75,000.00 TRAVEL AND CONFERENCE $631,732.40 COMMUNICATIONS $236,699.62 COMPUTER $118,941.75 DEPRECIATION $445,750.00 RENT & OCCUPANCY $461,287.00 GENERAL OFFICE $192,400.00 LEGAL FEES $100,000.00 Legal Defense Fund $200,000.00 ICANN SUPPORT $188,480.00 Other Internet Support - Merit & ISOC $100,000.00 LACNIC SUPPORT $66,000.00 CONSULTING $184,000.00 Total $6,372,007.76
In other words, they're milking the cash cow.
* Why are we expected to continue the status quo of paying thousands of dollars for addresses in IPv6? Without the threat of an artifical shortage to "manage", what possible reason is there to justify ARIN's existance or fees? Why do we all get the feeling IPv6 isn't an end to the expenses, but rather a vast new market of registration and renewal fees?
Because the owners of the cash cow don't want it to go away.
-- Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
-- Matthew S. Hallacy FUBAR, LART, BOFH Certified http://www.poptix.net GPG public key 0x01938203
SJW> Date: Tue, 15 Apr 2003 13:43:39 +0100 (BST) SJW> From: Stephen J. Wilcox SJW> Thats not _that_ large a turnover, $6m, and $2.3m for SJW> salaries isnt that big. Altho I wonder what the $1m of SJW> fringe benefits are! SJW> Not for profit simply means the company keeps hold of any SJW> profits it makes and reinvests/reduces fees as a result. It SJW> doesnt stop you paying senior staff large salaries tho as SJW> thats wages overhead not profit... How true... many not-for-profit and non-profit organizations have some very cherry financials, and are sitting much prettier than many for-profit entities. I have an idea: Perhaps ARIN needs to explain each dollar in/out with the same amount of detail and scrutiny involved with IP allocations. All money spent needs to be extremely well documented; summaries are insufficient. Show actual receipts, reports explaining the necessity of the expenditures, and proof that the expenditures were the most efficient choices. It seems many are curious about fringe benefits. That makes as good of a starting point as any. "ICANN support" and "other Internet support" also look interesting. Because ARIN is to serve the Internet community, perhaps it should be controlled by such, with Internet-community reps voting on each ARIN expenditure. One representative per ASN? Per netblock? Per IP address would be the worst approach, with those holding unjustified /8 blocks getting unfair voting clout. Domain registration service improved when a few competitors came to town. That also is a { uniqueness & authority delegation } service. Parallels? I think so... Eddy -- Brotsman & Dreger, Inc. - EverQuick Internet Division Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 (785) 865-5885 Lawrence and [inter]national Phone: +1 (316) 794-8922 Wichita ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Date: Mon, 21 May 2001 11:23:58 +0000 (GMT) From: A Trap <blacklist@brics.com> To: blacklist@brics.com Subject: Please ignore this portion of my mail signature. These last few lines are a trap for address-harvesting spambots. Do NOT send mail to <blacklist@brics.com>, or you are likely to be blocked.
On Tue, 15 Apr 2003, E.B. Dreger wrote:
SJW> Date: Tue, 15 Apr 2003 13:43:39 +0100 (BST) SJW> From: Stephen J. Wilcox
SJW> Thats not _that_ large a turnover, $6m, and $2.3m for SJW> salaries isnt that big. Altho I wonder what the $1m of SJW> fringe benefits are!
SJW> Not for profit simply means the company keeps hold of any SJW> profits it makes and reinvests/reduces fees as a result. It SJW> doesnt stop you paying senior staff large salaries tho as SJW> thats wages overhead not profit...
How true... many not-for-profit and non-profit organizations have some very cherry financials, and are sitting much prettier than many for-profit entities.
I have an idea:
Perhaps ARIN needs to explain each dollar in/out with the same amount of detail and scrutiny involved with IP allocations. All money spent needs to be extremely well documented; summaries are insufficient. Show actual receipts, reports explaining the necessity of the expenditures, and proof that the expenditures were the most efficient choices.
LOL, a "wages request template" that must be approved by members before you can have your months salary... "Sorry Mr ARIN-Employee, you must give us a detailed breakdown of exactly what you were doing for every minute of last month before we can approve this request. Its not our problem if yuo need this money to eat, you must follow procedures" ;) Steve
It seems many are curious about fringe benefits. That makes as good of a starting point as any. "ICANN support" and "other Internet support" also look interesting.
Because ARIN is to serve the Internet community, perhaps it should be controlled by such, with Internet-community reps voting on each ARIN expenditure. One representative per ASN? Per netblock? Per IP address would be the worst approach, with those holding unjustified /8 blocks getting unfair voting clout.
Domain registration service improved when a few competitors came to town. That also is a { uniqueness & authority delegation } service. Parallels? I think so...
Eddy -- Brotsman & Dreger, Inc. - EverQuick Internet Division Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 (785) 865-5885 Lawrence and [inter]national Phone: +1 (316) 794-8922 Wichita
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Date: Mon, 21 May 2001 11:23:58 +0000 (GMT) From: A Trap <blacklist@brics.com> To: blacklist@brics.com Subject: Please ignore this portion of my mail signature.
These last few lines are a trap for address-harvesting spambots. Do NOT send mail to <blacklist@brics.com>, or you are likely to be blocked.
On Tue, 15 Apr 2003 15:24:41 -0000, "E.B. Dreger" <eddy+public+spam@noc.everquick.net> said:
It seems many are curious about fringe benefits. That makes as good of a starting point as any. "ICANN support" and "other
I've seen places that have "salary" in one category, and "fringe benefits" is everything else - employer contributions to medical insurance, retirement plans, Social Security, workmen's comp insurance, and so on. How (or even whether) it adds up to 40% of salary I admit to not knowing.
From: Valdis.Kletnieks@vt.edu Date: Wed, 16 Apr 2003 05:16:59 -0400 Sender: owner-nanog@merit.edu
--==_Exmh_1712933459P Content-Type: text/plain; charset=us-ascii
On Tue, 15 Apr 2003 15:24:41 -0000, "E.B. Dreger" <eddy+public+spam@noc.everquick.net> said:
It seems many are curious about fringe benefits. That makes as good of a starting point as any. "ICANN support" and "other
I've seen places that have "salary" in one category, and "fringe benefits" is everything else - employer contributions to medical insurance, retirement plans, Social Security, workmen's comp insurance, and so on.
How (or even whether) it adds up to 40% of salary I admit to not knowing.
This is a nearly universal accounting practice. After all, benefits cost money and they have to be accounted for in any annual report. (The title, "Fringe Benefits", is probably not commonly used, though.) 40% is fairly light. I know that the standard benefits package for University of California employees is more than that. It includes medical insurance or at least a big part of it), non-industrial disability, dental, eye care, retirement, social security (for most employees), sick leave, annual leave, workers' compensation, unemployment insurance and many more small items. (Yes, UC has above average benefits.) I don't see anything inappropriate about the ARIN numbers. R. Kevin Oberman, Network Engineer E-mail: oberman@es.net Phone: +1 510 486-8634
Thus spake <Valdis.Kletnieks@vt.edu>
I've seen places that have "salary" in one category, and "fringe benefits" is everything else - employer contributions to medical insurance, retirement plans, Social Security, workmen's comp insurance, and so on.
How (or even whether) it adds up to 40% of salary I admit to not knowing.
It's commonly accepted among HR types that benefits for a full-time employee cost 30% to 60% of their salary, depending on how generous the benefits are and whether the company can get volume discounts. ARIN's numbers seem consistent with standard practice. S Stephen Sprunk "God does not play dice." --Albert Einstein CCIE #3723 "God is an inveterate gambler, and He throws the K5SSS dice at every possible opportunity." --Stephen Hawking
Thus spake <bdragon@gweep.net>
So, you didn't renumber out of PA space into PI space and then upon hitting 80% utilization asking for additional PI space, which would have been justified at such point?
Perhaps the cluebat might do more good on you?
Please explain how somebody with more than 4096 hosts in PA space is supposed to renumber into a /20 of PI space.
I fear you propose that he move the first 3276.8 hosts, request a second block, move another 3276.8 hosts, request a third block, etc. until he's got a dozen new allocations which can't be aggregated. Perhaps this explains the explosive growth in the routing tables since ARIN took over.
Well, the /20 is merely part of the initial allocation guidelines of ARIN. Yes, moving the smattering of other blocks into the /20, returning those to whichever provider from whence they came. Renumbering as much of the original /20 as possible, and then requesting additional space. In my experience, at having renumbered about a /17 of PA space into PI space, the process is fairly painless outside of customer interaction. You find areas of inefficiency that can be cleaned up, allowing you to fit more into a smaller space (renumber /30s into /31s, gee that lan with 3 boxes doesn't need a /24). You keep records of what you've done, and provide them in future allocation requests. On the whole, dealing with ARIN was pretty painless. His error was that he expected that ARIN would just give him more space than what he had in PA space. This would just be silly of ARIN for several reasons: 1) Many companies provide address space based upon policies other than justified use, such as based upon circuit size. 2) Many initial allocations are used very inefficiently, with lots of holes, networks larger than needed, etc.
Also Sprach bdragon@gweep.net
I fear you propose that he move the first 3276.8 hosts, request a second block, move another 3276.8 hosts, request a third block, etc. until he's got a dozen new allocations which can't be aggregated. Perhaps this explains the explosive growth in the routing tables since ARIN took over.
Well, the /20 is merely part of the initial allocation guidelines of ARIN.
Yes...following policy over common sense. Exactly as I feared.
Yes, moving the smattering of other blocks into the /20, returning those to whichever provider from whence they came. Renumbering as much of the original /20 as possible, and then requesting additional space.
In my experience, at having renumbered about a /17 of PA space into PI space, the process is fairly painless outside of customer interaction.
I'm not sure how much of your space renumbering required customer interaction, but my estimation is that fully 90% of the space in question here would have required customer interaction to renumber. While I wouldn't be surprised that many initial allocations are very inefficiently used, that wasn't the case here...and isn't that the whole *point* of the justification information that we have to give to ARIN to get more space? So that they can figure out for themselves how well utilized the space was? Again, we had greater than 80% utilization on *all* of our blocks...not just the most recently allocated one, and closer to 90% on most of them. The documentation that we gave to ARIN in support of our request showed this as well.
His error was that he expected that ARIN would just give him more space than what he had in PA space.
My "error" was that I expected ARIN would give me enough space to renumber out of my current space as their documentation on their website seems to indicate is necessary. Silly me.
This would just be silly of ARIN for several reasons:
Yeah, it would be silly of ARIN to actually abide by the documentation that they post on their website...so silly.
1) Many companies provide address space based upon policies other than justified use, such as based upon circuit size.
We cap the amount of address space based on circuit size, but always require justification. All of our policies are available on our website, and I would have been happy to share them with ARIN upon request...I wasn't asked.
2) Many initial allocations are used very inefficiently, with lots of holes, networks larger than needed, etc.
Which, as I said, is the whole point of the justification paperwork. We, actually, went back and re-engineered and re-numbered within the space that we had from upstream, for several years to increase our efficiency of our usage. Yes, we originally had some situations where we had 3 routers on a network with a /24...but by the time we made a request for space from ARIN, those inefficiencies were *LONG* gone. -- Jeff McAdams Email: jeffm@iglou.com Head Network Administrator Voice: (502) 966-3848 IgLou Internet Services (800) 436-4456
Also Sprach bdragon@gweep.net
I fear you propose that he move the first 3276.8 hosts, request a second block, move another 3276.8 hosts, request a third block, etc. until he's got a dozen new allocations which can't be aggregated. Perhaps this explains the explosive growth in the routing tables since ARIN took over.
Well, the /20 is merely part of the initial allocation guidelines of ARIN.
Yes...following policy over common sense. Exactly as I feared.
Or some would say that the policy _is_ common sense. Sometimes it makes things harder, you deal with it, or in your case, you whine about it on mailing lists.
Yes, moving the smattering of other blocks into the /20, returning those to whichever provider from whence they came. Renumbering as much of the original /20 as possible, and then requesting additional space.
In my experience, at having renumbered about a /17 of PA space into PI space, the process is fairly painless outside of customer interaction.
I'm not sure how much of your space renumbering required customer interacti= on, but my estimation is that fully 90% of the space in question here would have required customer interaction to renumber. While I wouldn't be surprised that many initial allocations are very inefficiently used, that wasn't the case here...and isn't that the whole *point* of the justification information that we have to give to ARIN to get more space? So that they can figure out for themselves how well utilized the space was?
A large portion of the space included customers or customer-facing services. You claimyou were efficiently utilizing the space, but of course ARIN can't defend themselves, so we are left to believe you. Even if you _are_ telling the truth, the number of folks on this list who have stated that they've advocated lying, or have helped people lie seems to tell me that ARIN shouldn't believe you.
Again, we had greater than 80% utilization on *all* of our blocks...not just the most recently allocated one, and closer to 90% on most of them. = =20 The documentation that we gave to ARIN in support of our request showed this as well.
So you say.
His error was that he expected that ARIN would just give him more space than what he had in PA space.
My "error" was that I expected ARIN would give me enough space to renumber out of my current space as their documentation on their website seems to indicate is necessary. Silly me.
So, you did absolutely nothing. This is a common problem with many on nanog. If I can't do something 100% my ay, I'ld rather do nothing.
This would just be silly of ARIN for several reasons:
Yeah, it would be silly of ARIN to actually abide by the documentation that they post on their website...so silly.
I've read their documentation. It sounds like they abided with their policies to me.
1) Many companies provide address space based upon policies other than justified use, such as based upon circuit size.
We cap the amount of address space based on circuit size, but always require justification. All of our policies are available on our website, and I would have been happy to share them with ARIN upon request...I wasn't asked.
Oof, so even _you_ translate circuit size into eligibility for address space? How stupid indeed, since circuit size has no bearing on need for addresses (either in support or against). If I were ARIN I'ld definately look at your documentation with a close eye.
2) Many initial allocations are used very inefficiently, with lots of holes, networks larger than needed, etc.
Which, as I said, is the whole point of the justification paperwork. We, actually, went back and re-engineered and re-numbered within the space that we had from upstream, for several years to increase our efficiency of our usage. Yes, we originally had some situations where we had 3 routers on a network with a /24...but by the time we made a request for space from ARIN, those inefficiencies were *LONG* gone.
Well, good for you. However, if you think you can do this once and be done, you are sorely misinformed. In any event, it all comes down to: you had the opportunity to begin readdressing. You failed to do so on anything but your own terms. Now you (presumably) still have not readdressed and are still whining about it. This thread has sapped too much of my time, and the brain cells of the community. Hopefully you'll just go and renumber and quit your bitching.
On Sat, 12 Apr 2003, Dan Hollis wrote:
Would like to hear from anyone who purchased independent address space from ARIN, what issues you had (technical, or otherwise).
What do you mean by "purchased" and "independent"? Do you just mean provider independent space, or is this some other use of independent? I think ARIN would argue that nobody purchases space from them...you basically pay (recurring fees) to use the space (more like a lease). ARIN is certainly a PITA to deal with. I've gone through the initial allocation for one company where we renumbered out of multiple provider assigned blocks, second and third allocations and a transfer from a smaller ISP we bought at my current employer (Atlantic.Net). IIRC (it has been quite a while) the initial allocation wasn't so bad. The biggest problem is just record keeping...keeping track of your IP assignments in a format that lends itself to easily filling out the ARIN IP request form (which keeps changing and getting more detailed). In my dealings with them, policy and RFC adherence have been inconsistent. When we got close to filling our initial allocation (a /18), it was expanded to a /17 even though our own projections said we'd only use a fraction of that additional space in the next few months. A couple years later, when we got close to running out of IPs again, I asked for another large block and was given a /19 (which I expect we'll burn through pretty quickly if we ever start using it...damn 69/8 filters) and told that we should only request/receive a few months supply of IPs at a time. I don't know about everyone else, but I've got better things to do than go through the IP request process every few months. We're a stable company that's been doing the ISP thing for 8 years. Why can't ARIN trust us to stick around and keep growing our IP utilization? Why shouldn't we keep getting largeish blocks every year or so and keep our number of announced routes down rather than a new little block a couple times a year? I'd much rather announce a few /17's or /16's than a whole bunch of /20's and /19's. I suspect people with BGP routers running short on memory feel the same way. Multiply this by a few thousand ARIN members, and it could make a real impact on routing table growth. Anyone who's bothered to clean up the ARIN records for IP blocks or ASN's for networks they've acquired probably knows what a pain that is. Ours took many months and some help from a 3rd party. Their latest trick, adding the requirement that IP requests come from a POC on your ORGID (even if your ORGID has no POCs), and then requiring requests to modify an ORGID come from a POC on the ORGID (even if your ORGID has no POCs) was a neat one. Getting that taken care of was made even more interesting by the fact that we've changed company names since our first allocation, and ARIN still knows us as our original name (changing that is another PITA that hasn't been worth tackling/paying for...we still own the old name, we just don't use it)...so when they wanted a fax on company letterhead (for a name that hasn't been used for several years) where do you think the letterhead came from? ARIN must be predominantly staffed by Vogons. ---------------------------------------------------------------------- Jon Lewis *jlewis@lewis.org*| I route System Administrator | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
On Sat, 12 Apr 2003, Dan Hollis wrote:
Would like to hear from anyone who purchased independent address space from ARIN, what issues you had (technical, or otherwise).
First, to satisfy those who care deeply about terminology, you don't "purchase" IP address space from ARIN. You have space allocated to you, and then pay ARIN dues. You can be the judge of whether that shift in terminology is of any practical consequence. I think it's not worth debating. There aren't really technical issues with this beyond what you'd have to deal with with normal IP space. If you're running BGP, you'll have to announce the space and get filters updated to allow it, but you have to do that with a block of IP space you get from a provider anyway. The political issues can be a little harder. You'll have to convince your upstream provder to let you use your own IP space. If you're dealing with any of the big backbones, this should be a standard request for them. If you're dealing with somebody who sells mostly to small offices, you may be asking for a significant departure from standard provisioning procedures. If you've got a sufficiently small or inexperienced ISP, you may find that they don't understand the concept. So, depending on who your upstreams are, this is something to ask about before you go to ARIN and apply for space. The process of dealing with ARIN seems to get a lot of people mad, but in my experience, if you follow the process rather than trying to go around it, it's pretty easy. You will have to follow the ARIN guidelines in allocating IP address space to your customers, and you will need to keep documentation of that. You should be doing this anyway. This data should be accurate. Most of the problems I've seen people who otherwise qualified have asking for address space have been a result of lying on their applications, and then not being able to keep the lies consistent in response to follow-up questions. The data should also be kept up to date regularly, not because that's actually enforced, but because it will cause you to have to do a lot less scrambling when you suddenly realize you're out of address space. And then, when you've used up 80% of the space you have, and have all the assignments SWIPped or in rwhois, you fill out the ARIN form to ask for more. You'll probably be asked for some clarification, and perhaps for some justification of the larger assignments you've made to your customers. Answer those questions truthfully, and if your records are good, you haven't been making assignments you shouldn't have, and your old block has more than 80% utilization, you should get your new space. A recent experience I had with a consulting client is a useful lesson. The client had been being quite careful about their use of IP space, but was dangerously close to running out. However, they paniced, decided ARIN would never believe their story about how the IP space was used, and instead submitted a form showing what they thought ARIN would want to see. This resulted in questions, followed by more questions, to the point where they were ready to give up and declare getting more address space before running out to be impossible. I then took over, explained the situation to people at ARIN, submitted an entirely new application showing exactly what they were using and nothing more. I made a phone call to clarify some points after getting a response from ARIN asking for more information, and had the new allocation just over 24 hours after applying for it. -Steve -- Steve Gibbard Steve Gibbard Consulting -- IP network consulting services Office: 510 528-1263 http://www.gibcons.com/
On Sat, 12 Apr 2003, Steve Gibbard wrote:
There aren't really technical issues with this beyond what you'd have to deal with with normal IP space. If you're running BGP, you'll have to announce the space and get filters updated to allow it, but you have to do that with a block of IP space you get from a provider anyway.
Has anyone run into problems with routing though? If you get space from a tier1, presumably they have agreements with those they peer with to aceept traffic from those netblocks. I'm concerned with independent space, that some providers may refuse to route/accept the traffic. Has anyone run into issues there? There's also the possibility being allocated space from some of the "new" netblocks that were previously bogon space (and being firewalled by providers who havent updated their filters yet)... -Dan -- [-] Omae no subete no kichi wa ore no mono da. [-]
Dan Hollis wrote:
Has anyone run into problems with routing though? If you get space from a tier1, presumably they have agreements with those they peer with to aceept traffic from those netblocks.
That's the SOA clause. In reality, most routes are accepted even at /24 lengths. The larger providers are usually not the problem. The problem lies in smaller providers and usually only in the case of misconfigurations (ie out of date BOGON).
I'm concerned with independent space, that some providers may refuse to route/accept the traffic. Has anyone run into issues there?
I advert a /24 that is run independant out of a /16. I've had no issues with routing concerning that particular advert (company owns their own /16 but has a fragmented network requiring smaller adverts). The only thing you will DEFINATELY have to watch out for is route supression. When you are using a large provider's address space, they announce the shorter prefix and have internal routing to you. When you flap too much and people supress your long prefix, the shorter one takes over and you're still good to go. When you have your own assignments, you no longer have this protection. In other words, flap too much and you go bye bye.
There's also the possibility being allocated space from some of the "new" netblocks that were previously bogon space (and being firewalled by providers who havent updated their filters yet)...
This is inevitable. However, it is improving as traffic is being passed to and from the newer networks. Current damage estimates are rather small, although sometimes a pain to troubleshoot. I recommend running backup MX servers and DNS servers outside of the new address space to limit the ammount of inbound problems. Jack Bates BrightNet Oklahoma
On Sat, 12 Apr 2003, Steve Gibbard wrote:
There aren't really technical issues with this beyond what you'd have to deal with with normal IP space. If you're running BGP, you'll have to announce the space and get filters updated to allow it, but you have to do that with a block of IP space you get from a provider anyway.
Has anyone run into problems with routing though? If you get space from a tier1, presumably they have agreements with those they peer with to aceept traffic from those netblocks.
I'm concerned with independent space, that some providers may refuse to route/accept the traffic. Has anyone run into issues there?
As long as you always advertise your largest aggregate, you are likely to be fine. You may need to (based upon your topology) advertise longer prefixes (hopefully tagged no-export) to those with whom you have a direct business relationship with, in order to address the requirements your topology imposes. The problem comes in when you do not advertise your largest aggregate. In such cases, you may find yourself filtered or dampened away. As I often explain to folks, by not advertising your largest aggregate you are self-limiting your reachability.
On Sat, 12 Apr 2003, Dan Hollis wrote:
Has anyone run into problems with routing though? If you get space from a tier1, presumably they have agreements with those they peer with to aceept traffic from those netblocks.
I'm concerned with independent space, that some providers may refuse to route/accept the traffic. Has anyone run into issues there?
As soon as you get the space, register it in altdb (whois.altdb.net). Some networks apparently filter based on the routing registries. Then there are the clueless/non-maintained networks that filter based on outdated info. See http://not69box.atlantic.net/ for more on that.
There's also the possibility being allocated space from some of the "new" netblocks that were previously bogon space (and being firewalled by providers who havent updated their filters yet)...
Not "the possibility"...the certainty. If you don't have "old PI space", you're screwed, because you're going to get tainted space. Until all the filters get fixed (i.e. likely never), it's probably a good idea to get a /24 from your provider(s) even if you get PI space, and use a few addresses from that 'old space', assuming your providers have some old space they can give you, for backup MX and NS records. It'll make switching providers a little trickier, but not nearly as bad as if you were entirely in their space. ---------------------------------------------------------------------- Jon Lewis *jlewis@lewis.org*| I route System Administrator | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
participants (20)
-
Andrea Abrahamsen
-
bdragon@gweep.net
-
Bill Woodcock
-
Brian Johnson
-
Dan Hollis
-
Doug Barton
-
E.B. Dreger
-
Hank Nussbacher
-
Jack Bates
-
Jeff McAdams
-
jlewis@lewis.org
-
Kevin Oberman
-
Majdi S. Abbas
-
Matthew S. Hallacy
-
Peter Galbavy
-
Richard A Steenbergen
-
Stephen J. Wilcox
-
Stephen Sprunk
-
Steve Gibbard
-
Valdis.Kletnieks@vt.edu