Dear colleagues serving as targets (e.g. IAB), a happy, successful and healthy new year to you all! A few comments on "Guidance in the Assignment of Internet Numbers" from a practitioner follow. First of all let me read back to you what I think you want to say: "The existence of private address space (RFC1597) shall not prevent any enterprise to obtain public address space according to the allocation criteria (currently RFC1466) if they wish to." I will work from the assumption that this is true. If there is any other specific and inportant point that you want to make I would be interested to hear it. Unfortunately in saying this more verbosely, you say some things that will make the registries' life in delegating and assigning address space efficiently and CIDRised more difficult than necessary. I would like you to realise this. It might be wise to reduce the number of words to something closer to the above. Detailed comments:
Abstract
The IAB suggest that while RFC 1597 establishes reserved IP address space for the use of private networks which are isolated and will remain isolated from the Internet, any enterprise which anticipates external connectivity to the Internet should apply for a globally unique address from an Internet registry, or a service provider.
This should read: ".... isolated from the Internet, any enterprise should obtain globally unique addresses for all those hosts which are anticipated to have direct network layer connectivity external to the enterprise." I also do not like the distinction between "Internet registry" and "service provider". We prefer to talk about Internet registries only. The RIPE NCC is a Regional Registry whereas service providers can become Local Registries if they wish. (Ceterum censeo: The InterNIC RS in my view is just another Regional Registry which also happens to do some administrative things for IANA. Regional Registries operate under the authority of IANA and not the InterNIC's.)
Regional Registries have agreed to comply with the guidelines established by RFC 1466 and therefore, if an organization meets the size requirement for the requested address(es) and submits an engineering plan, the organization has fulfilled the necessary requirments. The Regional Registry will make the allocation based on typo the established criteria.
Do you really want to say that the following qualifies for 512Cs: "Hi, I represent DFK MegaNetwork Ltd. etc. pp. We are going to implement an enterprise network with 508 subnetworks which we have conveniently divided among our 50 sites in 10 countries as follows: country a 0-99 site aa 0-9 site ab 10-19 site ac 20-29 ... country b 100-199 site ba 100-109 ... ... test lab 500-507 Each network has 0 hosts now and will have 20 hosts operational on it on average within 1 month from now. We are buying all those hosts at the moment. Some of the subnets will have close to 200 hosts on it. For technical reasons we cannot use VLSMs or subnetting. We need public address space because all of the hosts might have external connectivity in the future. We are starting implementation in 10 days and would appreciate an assignment of 512 class C network numbers before then. Kind Regards S.T. and A.R.D. Text Consultants" I would at least say that "... submits an engineering plan documenting reasonable attention to conservation of address space and a realistic deployment schedule." Also what is missing is that use of currently assigned address space should be documented. Otherwise they can do this twice a year. What this really shows is that RFC1466 needs a rework. I am still prepared to lay the groundwork to this, but it should be done by IANA and all Regional Registries *together*.
The preconditions defined in RFC 1466 are limited to number of hosts and subnets as well as an engineering plan if the request deviates from the standard criteria. There is no requirment that an applicant must have selected a network service provider prior to applying for an IP address. The lack of being the customer of a network service provider is insufficient reason for a Regional Registry to deny an applicant's request for an IP address. The Internet registries must honor an enterprise's request for a globally unique IP address provided that the request meets the other conditions used to deterimine the appropriate size of address block to allocate.
That is fine with me. As an undertone I hear an implication that this has happened. This is not good to leave in. Is the RIPE NCC accused of this? Of course there may be a charge associated with processing the request. The way I see it going in Europe is that free assignment of address space will rapidly go away. You will have to pay for the service. The standard way will be thru a Local Registry. These usually are service providers. They will have a choice to offer address space assignment service without IP serice associated with it. The NCC (Regional Registry) will also offer this service at a high cost to set a ceiling price and to prevent is from being innundated with small transactions. This is my personal vision. Consensus building is in progress.
RFC 1597 establishes reserved IP address space for the use of private networks which are isolated and will remain isolated from the Internet. Any enterprise which anticipates external connectivity to the Internet should apply for a globally unique address from an Internet registry, or a service provider.
See above (language about expected network layer connectivity).
RFC 1597 documents a way that private enterprises may assure that their networks will remain segregated from the Internet. The addresess designated in RFC 1597 will not be routed by the Internet.
The IP addresses of RFC 1597 are not meant to be used as temporary addresses for enterprises which plan to connect to the Internet at a later date when the enterprises have selected network service providers.
See above (language about expected network layer connectivity).
If an enterprise desires a unique IP address, the registries are instructed to assign such an address without conditions with regard to service provider selection.
Any organization which anticipates having external connectivity is encouraged to apply for a globally unique IP address. Whereas the
See above (language about expected network layer connectivity).
globally unique address is insufficient to guarantee global connectivity, globally unique addresses are necessary to differentiate between destinations on the Internet.
(Un)fortunately in a few hours I am leaving for two weeks of vacation to a place without telephone service. There is no Internet either in the whole country which is not large enough to appear on Larry's maps. It would be coloured green if it was. I am glad such places do still exist. ;-) I would apreciate if the draft was updated in the direction of my comments. I would certainly be disturbed if the RFC was published before February and the next RIPE meeting. Daniel
Daniel, Thanks for your detailed comments. I believe that we agree on the two goals of developping connectedness and using the address space reasonably. It may well be that the IAB praise connectedness above all, while down in the trenches you have fight off a number of unreasonable demands. There is one phrase in the example you give which rings a lot of alarm bells. "For technical reasons we cannot use VLSMs or subnetting." This is just unacceptable; the goal of connectedness cannot be achieved without supporting CIDR, i.e. both subnetting and supernetting. The reference to RFC 1466 in the draft already imply this technical requirement; it may be a good idea to explicitly restate it. Christian Huitema
Christian,
Thanks for your detailed comments. I believe that we agree on the two goals of developping connectedness and using the address space reasonably. It may well be that the IAB praise connectedness above all, while down in the trenches you have fight off a number of unreasonable demands.
In my opinion, it is not so much unreasonable demands, although APNIC receives many requests that would definitely fall within any definition of unreasonable, as the criteria which the registries must operate are very ill-defined and do not reflect the circumstances of today's Internet. Further, there appears to be at least two minds when it comes to the issues of conserving address space and CIDRization. I feel that the registries, being heavily involved with the group that is interested in conservation and aggregation, have become significantly more concerned with the reducing address space wastage and encouraging CIDR than the draft statement would indicate the IAB feels is appropriate.
There is one phrase in the example you give which rings a lot of alarm bells. "For technical reasons we cannot use VLSMs or subnetting." This is just unacceptable; the goal of connectedness cannot be achieved without supporting CIDR, i.e. both subnetting and supernetting.
Are you stating that it is acceptable for registries to decline to allocate space if an organization does not implement VLSMs?
The reference to RFC 1466 in the draft already imply this technical requirement;
Does it? Or are you indicating you feel RFC 1466 implies this technical requirement?
it may be a good idea to explicitly restate it.
I feel that it would be in the best interests of the entire Internet if many of the assumed policies, some of which are hinted at within the draft statement, are made explicit. The registries are in the unenviable position of playing judge and jury for most assignments and this role is performed with varying degrees of rigor globally. It would seem clear to me that at the very least, RFC 1466 should be revised before this draft statement is made into an RFC. Regards, -drc
Christian Huitema <Christian.Huitema@sophia.inria.fr> writes:
There is one phrase in the example you give which rings a lot of alarm bells. "For technical reasons we cannot use VLSMs or subnetting." This is just unacceptable; the goal of connectedness cannot be achieved without supporting CIDR, i.e. both subnetting and supernetting. The reference to RFC 1466 in the draft already imply this technical requirement; it may be a good idea to explicitly restate it.
1) If you read RFC1466 section 4.3 it can be (and freuqntly is) read to say the opposite. The draft can be read to say that just sending any odd engineering plan is sufficient. 2) To me it is more alarming that obviously in this case someone has made a nice, administratively convenient (note the powers of 10) addressing plan with a lot of room for growth. It is probably also more the product of planning (imagination) than reality. We receive a lot of those. While we do not have an executive arm to go investigate whether the plans are real, we can at least ask them for a deployment plan and then give them the address space they really need for two years realistically expected growth. Do you want us to continue doing that? If yes, give us the policy to be able to do it. If no, our assignment rate will increase by at least an order of magnitude. Ceterum censeo: RFC1466 esse rescribendam! Daniel
participants (3)
-
Christian Huitema -
Daniel Karrenberg -
David Conrad