From jlewis at lewis.org Fri Sep 1 00:00:26 2000 From: jlewis at lewis.org (jlewis at lewis.org) Date: Fri, 1 Sep 2000 00:00:26 -0400 (EDT) Subject: ARIN Policy on IP-based Web Hosting In-Reply-To: <39AF2506.977C97C5@hilander.com> Message-ID: On Thu, 31 Aug 2000, Alec H. Peterson wrote: > We're going in circles here. > > You don't like the policy. That's fine. Work to get it changed (which > you've already started doing). How can you say I don't like the policy? It's been established that the policy is undefined. Nobody knows what the rules relating to IP virtual hosting and ARIN allocations are now. What I don't like is ARIN announcing a new policy that could affect me the next time I request space that's so vague I can't foresee how it will affect the success/failure of my request. I can say, that if the rule is now that all IP virtual hosts that don't absolutely need to be IP based must be converted to name-based before our next request can be filled, I won't be a happy camper. I don't want to think about the man hours that would be required to do that or the ill will it will create among our ISP customers who will also have to reconfigure their servers and return IPs to us for reallocation/reassignment. If the rule is we can't request space intending to use it for IP virtual hosts that don't absolutely need to be IP based, and that we need to stop setting up IP based virtual hosts where possible, I can probably live with that. > And, in the future, follow the appropriate mailing lists so that we don't > end up creating policies that everybody doesn't like. Wonderful. Another mailing list to join. I'm on ppml now. ---------------------------------------------------------------------- Jon Lewis *jlewis at lewis.org*| I route System Administrator | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________ From cscott at gaslightmedia.com Fri Sep 1 00:07:31 2000 From: cscott at gaslightmedia.com (Charles Scott) Date: Fri, 1 Sep 2000 00:07:31 -0400 (EDT) Subject: ARIN Policy on IP-based Web Hosting In-Reply-To: <39AF2506.977C97C5@hilander.com> Message-ID: On Thu, 31 Aug 2000, Alec H. Peterson wrote: > > We're going in circles here. > > You don't like the policy. That's fine. Work to get it changed (which > you've already started doing). > > And, in the future, follow the appropriate mailing lists so that we don't > end up creating policies that everybody doesn't like. Alec: I believe I've been following the mailling lists and I've looked at the archives. I don't see any specific discussion on this topic until the last few days. Further, there was limited information regarding this associated with any announcements for the April meeting and both the listed presentation and minutes indicated to me that consideration was being made for excemptions, including the following quote. April 3, 2000 Using HTTP 1.1 | Presentation | Background Info ... A majority was in favor of grandfathering web-hosting allocations and providing for some exceptions. It was suggested to develop clear and concise documentation. I am all in favor of encouraging the use of name based virtual hosting where appropriate, but I don't think the resulting policy was as I would have expected from the reference above. Unfortuantely, I can't make it to the meetings. It would sure be nice if we could use these forums to provide greater access for those who can't attend. Chuck Scott Gaslight Media From ahp at hilander.com Fri Sep 1 00:29:12 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Thu, 31 Aug 2000 22:29:12 -0600 Subject: ARIN Policy on IP-based Web Hosting References: Message-ID: <39AF3098.39185FAF@hilander.com> jlewis at lewis.org wrote: > > I can say, that if the rule is now that all IP virtual hosts that don't > absolutely need to be IP based must be converted to name-based before our > next request can be filled, I won't be a happy camper. I don't want to > think about the man hours that would be required to do that or the ill > will it will create among our ISP customers who will also have to > reconfigure their servers and return IPs to us for > reallocation/reassignment. > > If the rule is we can't request space intending to use it for IP virtual > hosts that don't absolutely need to be IP based, and that we need to stop > setting up IP based virtual hosts where possible, I can probably live with > that. I don't believe any sort of migration strategy was discussed. It is certainly worth mentioning, I'll bring it up at the AC meeting we're scheduled to have on Sunday, October 1. We will share our discussion at the public policy meeting and hopefully get more feedback to formulate a policy change recommendation to the board. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From avb at korax.net Fri Sep 1 02:45:49 2000 From: avb at korax.net (avb at korax.net) Date: Fri, 1 Sep 2000 02:45:49 -0400 (EDT) Subject: A non-member's thoughts on the web hosting policy. Message-ID: It has been stated that ARIN pays attention to the public policy list and wants to see more input from non-members. I certainly hope so. Here is my input, as a non-member with an application for CIDR space currently before ARIN. We are a small-to-medium sized ISP/web hosting/colocation provider with a steadily growing customer base. From the very beginning, we have applied strict IP assignment policies, both to our downstream customers, and to our own internal network; always making the smallest subnet assignments possible, using NAT everywhere possible, and in general doing our utmost to squeeze every last IP address we could from the allocations we had been given by our upstream providers. We are multihomed. Not that it does us much good right now. In fact, it's pretty darn useless for anything other than rudimentary load-balancing our outgoing traffic. But we multihomed with the understanding that we will eventually qualify for portable space. For some time, we had been looking forward to the day when we would finally qualify for an allocation from ARIN. When ARIN lowered the minimum requirements for multi-homed sites, it was naturally welcome news for us. We have now finally reached the point where we can qualify for a /20, and given the amount of effort we put into efficiently managing our address space, we didn't anticipate having too much trouble getting an allocation. Now that we have been blind-sided with the new web hosting policy, I want ARIN to be aware that I am more than a little upset. I am, in fact, _extremely_ frustrated by this turn of events. Although I can fully appreciate why ARIN thought it necessary to introduce this policy, it is, in our view, _grossly_ premature. Firstly and foremost, we believe that it is utterly unconscionable of ARIN to dictate such a policy until a serious, concerted effort has been made to reclaim unused and underutilized address space from legacy holders. I have scoured the ARIN web site and I have yet to find any indication of an active effort in that direction. _That_ is the policy that is begging to be drafted, implemented, and enforced. It defies all logic to continue to maintain vast numbers of legacy class A, B and C allocations that are not utilized according to ARIN's own policies, and to maintain allocations to organizations that don't even exist anymore, while making it ever more difficult for newer organizations to obtain allocations. It is equally difficult to understand why ARIN decided that large providers which somehow find ways to burn through /14s in less than 3 months should qualify for even larger blocks of addresses. It seems to me those providers are the best candidates for implementing IP conservation measures. If ARIN is going to ask its members to be efficient with their address assignments, then ARIN has a duty and a responsibility to its members and to the Internet at large to do the same by reclaiming unused space and enforcing its policies in a uniform and equitable manner. Before bringing in new policies that further restrict how we are to run our networks and conduct business in general, ARIN should implement procedures to reclain unused space, and put them into practice. Not to do so would be nothing short of hypocritical. ARIN _must_ consider the real-world implications this broad, heavy-handed decision will have for its customers, and, perhaps even more importantly, for its yet-to-be customers. I understand it's not part of ARIN's mandate to consider business issues. But let's face it: most of us are running businesses. We have customers with expectations which do not change easily. We have time and money invested in established processes. And we have fiscal constraints to work within. None of this can change overnight. And more importantly, one does not expect an organization like ARIN to make a pronouncement which forces sudden and drastic change onto an already highly competitive and volatile marketplace. I *implore* ARIN to reconsider this policy. If it was done to conserve remaining address space, then the time for this has not come yet. The time for this will not come until the majority of dead address space has been reclaimed, returned to the available pool, and reassigned. If this absolutely must be done, a phased approach would be infinitely more preferable. Give us time to adapt. We suggest that organizations which would otherwise qualify for an allocation, without this policy, should receive at least one more allocation, with a notice that no further allocations for IP-based hosting will be made -- possibly ever, or possibly after a certain date. Similarly, organizations such as ours, which are applying for the first time, which qualify under the multi-homed policy and for whom receipt of their first portable address space is _vitally_ important, should be allowed at least one allocation, with no further allocations to be made for IP-based hosting. I think this is a reasonable compromise that will slow down the consumption of addresses without drastically changing our business realities overnight. -- Alex Bulan Network Administrator Korax Online Inc. From billd at cait.wustl.edu Fri Sep 1 10:26:16 2000 From: billd at cait.wustl.edu (Bill Darte) Date: Fri, 1 Sep 2000 09:26:16 -0500 Subject: ARIN Policy on IP-based Web Hosting Message-ID: I believe that a policy statement can use solid, known exceptions as illustrations, but that trying to identify each exception is a rat hole, given that some exception could have exceptions....ARIN is about making decisions based upon discussion with its members...Members have in several instances reinforced the notion that ARIN should have the flexibility to exercise 'good judgement' and if there is cause, then bring it to member's attention for discussion..... billd > -----Original Message----- > From: Kim Hubbard [mailto:kimh at arin.net] > Sent: Thursday, August 31, 2000 9:16 AM > To: jlewis at lewis.org; Richard Jimmerson > Cc: ppml at arin.net; nanog at merit.edu > Subject: Re: ARIN Policy on IP-based Web Hosting > > > ---- Original Message ----- > From: > To: Richard Jimmerson > Cc: ; > Sent: Thursday, August 31, 2000 1:15 AM > Subject: Re: ARIN Policy on IP-based Web Hosting > > > > > > On Wed, 30 Aug 2000, Richard Jimmerson wrote: > > > > > Please keep in mind this policy is a result of discussions > > > held at the ARIN public policy meeting in Calgary earlier > > > this year. > > > > So who actually goes to these things, and was the new policy a later > > result of discussions at the meeting, or was there actually > some sort of > > vote at the meeting? i.e. was the policy decision made by > one of the ARIN > > boards or by the ARIN members? Since ARIN subscription > customers are, by > > default, ARIN members, will we be given the opportunity to > vote or at > > least express an opinion on such issues via proxy in the > future, or do we > > have to send a representative in order for our voice to be heard? > > The proposal was posted to the ARIN discuss list prior to the > last meeting > but since then we have formalized the process a bit more to > include a couple > of weeks of discussion on the ppml mailing list of all proposed policy > changes which attendees of the public policy meeting reached > consensus on. > This will allow everyone who didn't make it to the meeting to > voice their > opinion on the proposal before the AC votes. > > > > > The policy does state ARIN will accept IP-based hosting > > > as justification for an allocation if an exception is > > > warranted. ARIN is looking to the community to define > > > these exceptions and finds the discussions being held > > > here to be very helpful. This information will be included > > > > Why would ARIN announce a new policy with completely vague > rules? Nobody > > knows what constitutes a valid exception. Apparently, even > ARIN doesn't > > know yet. If I were applying for an increased allocation > today, who would > > decide if the thousands of IPs that we and our customers > have used for IP > > based virtual hosts are a valid or wasteful use of > IPs?..the individual at > > ARIN processing our request? > > We thought it best not to include specific exceptions because > although we > were aware of several possible exceptions, we didn't want > people to feel > restricted to just those listed. There could've been some we > didn't know > about and we wanted to wait until we heard from some of the requesting > organizations so we could come up with a more comprehensive list of > exceptions. > > > > > These discussions may create changes to the current > > > policy, perhaps by clearly defining a list of exceptions, > > > or may even eliminate the new policy altogether. Your > > > feedback on this mailing list and at the upcoming public > > > policy meeting is important. > > > > So a policy was announced before it was fully fleshed out. > It may get > > fleshed...or it may get flushed. What was the point? Are > you just trying > > to rattle the cages of every ISP in NA to see how many > reactions you can > > get? > > No, our motivation, as stated above, was to try to give more > organizations > the benefit of the doubt. But I definitely see how you could have > interpreted it differently. We should've been clearer with > the policy so > allow me to apoligize to all of you for this. > > Kim Hubbard > ex-ARIN President :-) > > > > > ---------------------------------------------------------------------- > > Jon Lewis *jlewis at lewis.org*| I route > > System Administrator | therefore you are > > Atlantic Net | > > _________ http://www.lewis.org/~jlewis/pgp for PGP public > key_________ > > > > > From smarcus at genuity.com Fri Sep 1 10:54:04 2000 From: smarcus at genuity.com (J. Scott Marcus) Date: Fri, 01 Sep 2000 10:54:04 -0400 Subject: Name-based Hosting In-Reply-To: <200009010258.UAA31892@tcb.net> Message-ID: <3.0.5.32.20000901105404.03f6cc10@pobox3.genuity.com> Good thoughts, Danny. Even though the long thread on NANOG has been painful at times, I think it's also been a valuable exchange. At the same time, the NANOG list is not the right place to discuss ARIN public policy issues. What if, whenever we are launching a discussion of a particular topic on the PPML list, we were simply to post to NANOG as a routine practice an announcement that we are soliciting comments on topic thus-and-such on PPML? Ideally, that might bring in broader participation (and reduce the number of people who are surprised later), while still getting the policies discussed in the appropriate forum. Thoughts? Cheers, - Scott At 20:58 08/31/2000 -0600, Danny McPherson wrote: > >And I agree completely. If you're a member and it took >posting the messages for NANOG you to become aware, of >policy changes, well .. it's certianly no fault of ARIN's. > >-danny > >> note that this very discussion is a result of ARIN specifically >> requesting discussion on this list, not only about the web hosting >> policy but about a number of other things >> >> as Kim mentioned, ARIN is trying to more actively ensure that there >> is open discussion about policy issues and not just from members >> hense the use of this public policy list and scheduling disucssion >> at the public policy meeting >> >> ARIN is a member organization and member voting (on-line and in person) >> is important but so also is discussion by non-members and it is harder >> to have a vote in that case since it is not easy to define who would >> get to vote >> >> Scott > From memsvcs at arin.net Fri Sep 8 13:43:46 2000 From: memsvcs at arin.net (Member Services) Date: Fri, 8 Sep 2000 13:43:46 -0400 (EDT) Subject: Join the 100 Already Registered for the ARIN VI Meetings, October 2-4,2000 Message-ID: Don't miss this opportunity to add your voice in the discussion of current IP issues. Close to 100 attendees have signed up for the ARIN Public Policy and Member meetings, October 2-4 in Herndon, VA. For agenda and registration details see: http://www.arin.net/announcements/memmeet.html The hotel reservation block cut-off is next week, September 13th, so make your room reservations now. Fall in Northern Virginia is a busy time -- rooms may be in short supply if you wait too long. Remember, non-members of ARIN attending the Public Policy meetings will be eligible to vote on-site Monday, October 2nd in the ICANN ASO AC delegate election. (On-line voting for ARIN members opens September 22nd.) For details see: http://www.arin.net/aso/asonom.htm Please contact memsvcs at arin.net if you have any questions. We look forward to your participation. Regards, Susan Hamlin ARIN Member Services From ahp at hilander.com Mon Sep 11 22:29:11 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Mon, 11 Sep 2000 20:29:11 -0600 Subject: guideline for name-based web hosting justification References: Message-ID: <39BD94F7.DD143DBE@hilander.com> Mury wrote: > > Yikes! > > Have you ever tried to parse up to 1000 log files per system, with some of > them around 500MB in size. It's not nearly as easy as it sounds. It is if you change how you write and parse your logs. > > For some people it's feasable, but for most of us we *need* IP based > accounting. > > By the way, we are setup to do a large number of URL's pointed at a single > IP for some hosting applications, but for the majority of our sites, it is > not an option. Can't say that I have tried it. However at the same time I can think of quite a few ways to make the task far easier and faster. For example, don't do all of the parsing at once at the end of the day; modify the server to keep a running tally of a customer's usage and have it write that alone to a file on the disk every time it changes. Far more efficient. That's just off the top of my head, and probably not a really efficient way to do it. My point is that the Internet is made up of a lot of smart people who are more than capable of solving these issues if they feel like it. Whining about how today's methods of accounting won't work with tomorrow's methods of virtual hosting is a lot like complaining about how yesterday's chalk writes really poorly on today's white boards. If you don't want to be left behind you have to keep on evolving. After all, where would we be today if dial-up providers decided that it was too much work to use dynamically allocated IP addresses and kept on giving each user their own IP address? However, name-based virtual hosts aren't exactly a new thing. Many large web hosters have been using name-based virtual hosts for a while now, so would any of those companies mind sharing a little wisdom on how this can be done? Thanks, Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From ahp at hilander.com Tue Sep 12 10:50:05 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Tue, 12 Sep 2000 08:50:05 -0600 Subject: guideline for name-based web hosting justification References: Message-ID: <39BE429D.BF3CF8B4@hilander.com> Mury wrote: > > I also find it interesting that in your presentation to the 11th NANOG > meeting that you did with Avi Freedman (Isn't he working for Digital > Island now? Or one of the other distributed content providers) you are > supporting a technology that not only assigns an IP address to a web site > but assigns multiple IP addresses to a single site. Perhaps I didn't > decipher your presentation correctly, but it sure seems like you are > supporting performance/service level issues above and beyond IP > conservation. Ah, I hear it coming, that each distributed node can handle > multiple distributed sites off of a single IP. Very true. Do you know > what the ratio of managed sites to in-service systems is? How many > locations is Akamai in? I really don't know what the IP "waste" ratio is. > But the point is you are supporting performance at the expense of IP > addresses however large or small that may be. I hardly see what a single presentation I did with Avi several years ago has to do with the issue at hand. As it happens, I can count on one hand the number of conversations I've had with Avi this year. > > In addition, you even argue against yourself. You say, "For example, > don't do all of the parsing at once at the end of the day; modify the > server to keep a running tally of a customer's usage and have it write > that alone to a file on the disk every time it changes. Far more > efficient. That's just off the top of my head, and probably not a really > efficient way to do it." > > What?! How can it be *far more efficient* and then in the next line it's > *not a really efficient*" Can you see why I'm not very thrilled with your > off the cuff and seemingly inexperienced comments? I stand by what I said. There is 'far more efficient' which is (sometimes) quite different from 'optimally efficient'. The fact that I may not have experience with specifically parsing WWW log files by no means implies that I have no experience doing that sort of thing in other applications. See, standard WWW transfer logs have tons of data in them that does not relate to calculating bandwidth utilization. That extra data all has to be looked at before the bandwidth numbers can even be retrieved. Let's look at a line of a standard Apache transfer log: 128.220.221.16 - - [05/Mar/1998:18:20:32 -0500] "GET / HTTP/1.0" 200 1195 Now depending on how you count there are 6 fields on that one line of log file, and the number of bytes transfered number is the very last field. So that means that one way or another you need to look at each of the fields in the file and check if it's the right one before you can even get the appropriate data. I have to agree that parsing that logfile for bandwidth utilization is a major pain. But what if we changed the log file format to just look like this: 128.220.221.16 1195 Or perhaps an even better way would be to write over the same line in the file again and again every time, so your utilization program just has to look at the file once to see how much has been used. Granted you can't just use Apache's mod_log_config for that, but it isn't a lot more work than that. My second statement about it not being a 'really efficient way to do it' meant to say that the 30 seconds I spent thinking of how to make the parsing process more efficient was probably not sufficient to come up with the optimal solution. Perhaps I should have said 'probably not optimally efficient' instead. Sorry about that. > > By making light of some real issues that were brought up it sure seems > like your statements are hypocritical. Now like I said, I'm not the > smartest guy out here, so if I've badly misrepresented things I apologize > in advance. I didn't mean to say it was no big deal. Making the changes I proposed would certainly take some work. However, contrary to what some other people said, the problem is not insoluble. My point was that I can't stand excuses for doing 'the right thing', especially when people insist on working against an organization that is only trying to help. ARIN is not making these policy changes to make everybodys' lives more difficult. ARIN is making the changes because it has a responsibility to stretch IP space in its region of the world as far as possible. Also, as I tried to say before people on the 'net have come up with some truly brilliant ways to deal with the issues that face us when they need to. I really think it would be a far better use of our time here if we all put our heads together to try and figure out a feasible way for everybody to use name-based virutal hosts in as many applications as possible than arguing about how hard it is. Then, if we as a group find that it is truly not possible then we can state that (from experience, as opposed to just from theoretical conjecture) at the next ARIN meeting and recommend an appropriate policy change. > > Bottom line, for every one out there saying it's no big deal to do single > IP virtual hosting I would like to see a solution that does not sacrifice > reliability, accountability, quality of service, and functionality. I > hate it when people (even smart people) start voicing opinions on things > they don't understand. You may think that just because I don't run a web hosting outfit today I don't understand the issues, and you're welcome to think that. It is true that I don't know how every single web hosting outfit out there accounts for usage, but I daresay you probably don't know that either. You know how you do things, and that's all you need to know. This is the exact reason why I or you alone are not responsible for creating ARIN policies. It is done by member participation in ARIN. And the general idea is that ARIN and its members benefit from having a hand in shaping what happens to IP allocation policy. Speaking to your request for a solution to your accounting woes, I really don't think you want that from ARIN. See, if that happens then people will start screaming about how ARIN dictates the way people must do business, which gets into another rat-hole that we really don't want to go down. There are many ways to skin this cat. So I will say again, instead of arguing with me about how easy or not easy this problem is to deal with, why don't we try actually solving the issues? And if they are not solvable then we will know we have tried our best and we can report those findings at the next ARIN meeting in an effort to get the recently adopted policy changed. And FYI, demanding a solution to your specific problem without providing any suggestions of your own is not the best way to engage help from others. > > I'm also not stubborn. I'm not running things the way I do because it's > my way, but because they work, they are scalable, they are functionable, > and we have zero down time. I've tried Microsoft IIS. It doesn't work. > Well doh, of course it works, but not for a company that demands uptime > and security and a fast and simple database. I have to reboot co-located > IIS machines all the time. My BSDI/Apache/MySQL/Perl/PHP/Raven boxes have > had zero downtime in the last 3 years. That is not an invitation to hack > or DOS my network. But thanks for thinking about me. Not a bad setup. I don't really see what I said before would not apply to this setup. > > And like I said before, when appropriate we have assigned multiple sites > to a single IP. We actually do it by sending all requests into a CGI > script that grabs the HTTP_HOST env variable and creates the customized > web site on the fly with MySQL. So yes, we are trying to conserve IP > addresses, we are not greedy, whiny bastards trying to screw the Internet > up for everyone else. Nobody ever said you were, and I truly resent having words put into my mouth. Please refrain from doing so in the future. If you recall, I was addressing a specific post where a person was demanding specific solutions to every problem that this policy change would be causing. I, for one, don't respond well to demands for help. And as I also said, other people have solved these problems, and even think that the policy was a pretty good idea. In fact some of them operate some of the largest web farms in the world. So regardless of how little or much I may know about web hosting, there are people out there who know far more than both of us about it who have managed to make things work. > > Cool! Now we all know how to do name based hosting... er, wait... what > about all those HTTP/1.0 browsers!? You don't think they exist any > more? Check this out. In fairness I sampled all my virtual hosts off of > one server from a selective time period. All my logs files are in the > www.domain.com format. Here are my commands and results: > > webserver3: {17} % grep 'HTTP/1.1' www.*.com | wc -l > 400441 > webserver3: {18} % grep 'HTTP/1.0' www.*.com | wc -l > 375412 > > 48.4% of the browsers out there that accessed my customers' sites used > HTTP/1.0. For the uninitiated the 1.0 version of the HTTP protocol does > NOT support name based hosting. That's the first number I've seen on the subject that is greater that 2%, and I will confess it does concern me a great deal. Does anybody else have any numbers they'd like to share? > > Can I tell all my customers to call you when their online business drops > by almost 50%. By the way, can you use a shared IP for secure server > certificates? No, you can't, which is why there are exceptions to the policy. Granted there isn't a specific exception for SSL, which I think is one place where the group (myself included) erred in Calgary last March. > > I don't want to see any more comments that I should be doing things > smarter and better. I want to see explanations of how I can accomplish > the things that you say are so easy. Like I said I'm not stubborn... show > me the way. If you can't, then please refrain from making popular > political statements that don't affect YOUR business and your customers' > business. I never meant to trivialize the changes. I merely meant to point out to those who said they were not only non-trivial but were impossible that in fact it was not impossible. > > PS. If you are such an advocate for IP conservation why do you have a > whole block? I can't tell how many IPs you are wasting because your > provider has not swipped your block. But you have multiple web sites > running on multiple IPs! What's your excuse? > > Name: gw1.hilander.com > Address: 216.241.32.33 This is actually its own machine. > > Name: virthost.hilander.com > Address: 216.241.32.35 > > Name: ramirez.hilander.com > Address: 216.241.32.34 Hey, nobody's perfect. I'll have to look into changing that. Thanks for pointing it out. > > Pretty interesting web sites I might add. Thanks for looking around, I spent years writing it. Look, bottom line is that name-based virtual hosts have the ability to stretch our IP utilization even further (and the way IPv6 is looking means we'll really need to do this). Moreover, if you think the name-based virtual hosting policy should be changed or repealed, then by all means start participating in the process to make that happen. And finally, there may well be some websites out there that cannot be handled any way except for giving them their own IP address. I don't know this for sure, but I'd say it's a pretty good guess. Similarly, there are some dial-up users out there who insist on having a static IP address. ISPs are free to do that, _JUST AS LONG AS MOST OF THEIR LOW-END CLIENTS USE DYNAMIC IP ADDRESSES_. This can easily be extended to virtual hosting. And I agree that this should be stated specifically, but I really think ARIN's true intent was to change the default mom-and-pop hosting account from a dedicated IP address to a name-based virtual host. So perhaps the policy should be re-worded to state that for providers who sell 'cheap' web-hosting for domains that get relatively few hits per month they should use name-based virtual hosting for those clients? From what I recall from the discussion in Calgary those were the accounts the policy was targeted at... Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From ahp at hilander.com Tue Sep 12 10:55:18 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Tue, 12 Sep 2000 08:55:18 -0600 Subject: guideline for name-based web hosting justification References: <39BD94F7.DD143DBE@hilander.com> <20000912083604.E93972@Geeks.ORG> Message-ID: <39BE43D6.CE7FB798@hilander.com> Mike Horwath wrote: > > Thing is, 'tomorrows way of web hosting' really is tomorrow. > > Or don't you get it? I don't think I do, since I'm not sure what you're getting at. > > But why not put all dialups behind NAT, I mean, hell, fuck'em, they > don't need to play games on the 'net, do Netmeeting, ICQ and such, and > this would save me a couple thousand IPs and would save UUNET (and > other big boys) /14s and more of IP space. Your sarcasm notwithstanding, I think the issues of placing dialup (or any end-users for that matter) behind a NAT out-number the issues of using name-based virtual hosting for entry-level web accounts. > > Yep, it isn't new and many of us use name based virtual hosting > techniques when we can. > > Thing is, it doesn't work all the time. I agree with you 100% on that count. And I think the ARIN policy should be re-worded so that it is more flexible. See, the IP 'waste' that the membership was specifically concerned about when crafting this policy is the mom-and-pop shops that only get a few thousand hits per month and don't use SSL for their site. There are tens of thousands of those sites out there now (probably more) and there is no reason in the world why they shouldn't be on name-based virtual hosts. Then, there are some sites that are so huge that for a variety of reasons it is just unfeasible to put them on name-based virtual hosts. I think the policy should be re-crafted to objectively define that in some way. The point of my previous posts was to point out that there are ways to move the name-based/IP-based line in the sand further out so that we can get even better IP utilization. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From ahp at hilander.com Tue Sep 12 12:10:13 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Tue, 12 Sep 2000 10:10:13 -0600 Subject: guideline for name-based web hosting justification References: Message-ID: <39BE5565.2D8ECBCC@hilander.com> "John A. Tamplin" wrote: > > I suspect the rest of them would have similar results. > > We do high-volume (in terms of customers, not traffic) low-cost hosting > for small businesses under Cornerpost, where all of the pages are > generated dynamically out of a database using a custom web server. Only a > small number of customers have a domain name associated with it (the rest > get URLs like db.cornerpost.com/12567057007), and that all uses name-based > hosting. If an HTTP/1.0 request comes in without the identifier, they get > a "sorry, please upgrade your browser" message. When we started this, we > knew we were leaving out a large number of people with older browsers, but > this was the only way we could accomplish what we wanted in a scalable > fashion (people-wise as well as hardware). Fortunately, since relatively > few of these customers go to the trouble to get a domain name (although it is > increasing), it hasn't been an issue. Interesting numbers, although some other people have pointed out that some browsers that use HTTP/1.0 requests still send the Host: header as well. Is there an easy way to get numbers on that? > > For the more traditional hosting customers, we use IP-based hosting and > provide SMTP/POP/IMAP/FTP (including anonymous), and SSL if they pay for > that. It would require massive changes to our management tools, customer > setup, and business model to switch these to name-based hosting. No doubt; especially since today's methods of doing SSL require a unique IP. The policy allows for exceptions, and I hope we will be able to list some specific ones at the next meeting. If you don't mind sharing it, what percentage of your virtual hosts have these other services (SMTP/POP/IMAP/FTP/SSL)? I'm just curious (I'm curious what percentage of people want to pay for it). > In > addition, while if everyone did this it might spur those with older browsers > to upgrade (assuming they can -- some of them are using browsers on TV > set-top boxes, video game consoles, etc), if only some sites do this then > the customers will probably just go to other sites that still work. I doubt > customer paying for hosting want to lose even 10% of their customers, much > less 30-40%. Agreed, although if some of these older browsers are also sending Host: headers then it might not be as big an issue as it seems.... Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From jlewis at lewis.org Tue Sep 12 12:49:10 2000 From: jlewis at lewis.org (jlewis at lewis.org) Date: Tue, 12 Sep 2000 12:49:10 -0400 (EDT) Subject: guideline for name-based web hosting justification In-Reply-To: Message-ID: On Tue, 12 Sep 2000, Mury wrote: > Cool! Now we all know how to do name based hosting... er, wait... what > about all those HTTP/1.0 browsers!? You don't think they exist any > more? Check this out. In fairness I sampled all my virtual hosts off of > one server from a selective time period. All my logs files are in the > www.domain.com format. Here are my commands and results: > > webserver3: {17} % grep 'HTTP/1.1' www.*.com | wc -l > 400441 > webserver3: {18} % grep 'HTTP/1.0' www.*.com | wc -l > 375412 > > 48.4% of the browsers out there that accessed my customers' sites used > HTTP/1.0. For the uninitiated the 1.0 version of the HTTP protocol does > NOT support name based hosting. This is BS. My own personal domain is a name-based virtual host (not by choice, but due to necessity at the time it was setup), and 63% of the hits on it are logged at HTTP/1.0. They still get the right files. Many browsers that support name-based virtual hosting send requests as HTTP/1.0. Netscape 4.75 does. ---------------------------------------------------------------------- Jon Lewis *jlewis at lewis.org*| I route System Administrator | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________ From mury at goldengate.net Tue Sep 12 12:44:08 2000 From: mury at goldengate.net (Mury) Date: Tue, 12 Sep 2000 11:44:08 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: <200009120834.DAA64586@freeside.fc.net> Message-ID: On Tue, 12 Sep 2000, Jeremy Porter wrote: > > I don't think Alec has called anyone whiners. Jeremy, "Whining" was not my word. Please read his response to me more carefully, and I'll quote it here, so you don't have to scroll down: >> Whining about how today's methods of accounting won't work with >> tomorrow's methods of virtual hosting is a lot like complaining about It's pretty easy to disqualify someone's techincal issues by retorting with it's just whining. > The policy has been > discussed and as presented does not change the business climate for > for existing users of addresses. For new assignments I quote: > http://www.arin.net/announcements/policy_changes.html > Exceptions may be made for ISPs that provide justification for > requiring static addresses. ARIN will determine, on a case-by-case > basis, whether an exception is appropriate. > > If you are sure that your use of one IP per Host is justfiable, then > you should have no problem getting an exception approved. > Perhaps if you are complaining maybe you don't feel that your > use has technical merit? Here we go with just calling me a complainer again. Dear sir, do you know what an awful process it is to get more space from ARIN. I beleive the point is an exception should be a policy if in general you would have to grant more exceptions than not. If the hosting world is not quite ready for name based hosting why make most people fight to get exceptions? Shouldn't it be a policy? And don't get me wrong again, I can here it coming. I am concerned about wasted IP space. I'm not advocating wasting IP space just because it's an easier thing to do than conserve it. > "Back in the day" when I ran an ISP and Web hosting business for a living, > we used single IPs for WWW (http 1.1 didn't exist), assigned static > IPs to all customers, etc. When new technologies came about > and policies changed, we followed. We ended up renumber those static > customers and some significiant business cost, because it was the > right thing to do. It wasn't easy, the customers didn't like it, > it made accounting and access control harder. Of course, name one ISP that hasn't done that. I haven't run into any. > With that said, theses issues were discussed at the ARIN policy meeting, > and there weren't huge objections, so the conclusion was reached that > there were significant objectors. Luckily there is a meeting in > just a few weeks, where you are invited to discusse it more, and > perhaps better wording can be determined that would allow existing > operations to switch to more efficient technologies in a reasonable > time frame, while still encouraging better utilization of > IP addressing. Where is the meeting? Who shows up? Isn't emailing the group just as an acceptable way of communicating, or do I need to show up and be called a whiner in person? > I'm sure if several vocal www hosting business pushed for changed wording > that still encouraged better utilization, that it would be considered. > >From my recollection of the last ARIN meeting there was a significant > lack of input from WWW hosting companies, as there were only a handful > present. > > "Whining" (your words) Not my words. And I'm sick of being called a whiner. > about it on the mailing list might not be > enough. Also I'd think you find Alec would be more than willing > to help address any technical issues you might find, but telling him > "math is hard" isn't likely to win you much, and personal attacks, will > likely just be ignored, as he's been doing this long enough to not take > the "bait". Good lord, here's some more freakin bait. It's like you didn't even read my message. Mury GoldenGate Internet Services From mury at goldengate.net Tue Sep 12 13:02:56 2000 From: mury at goldengate.net (Mury) Date: Tue, 12 Sep 2000 12:02:56 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: <20000912080838.A32704@mail.vcnet.com> Message-ID: > You're bending the truth here, quite a bit actually. The HTTP 1.0 proto > may not support the Host: header, but browsers that are using HTTP 1.0 > may very well support he Host: header. Oh, i don't know, a smallish > browser called Netscape, v 2.0 or better, comes to mind. Grepping > through my access log for today I see over 65,000 1.0 requests. 98% of > those are to name-based virtual hosts (which is almost all i run > anymore), and they all worked. > > jon Good to know. Finally someone takes the time to correct me and not just call me a whiner. So, does anyone know a reliable source that keeps track of stats on browsers? If it isn't 50% that won't get to the web site, is it 10%? 5%? .0001%? Thanks. Mury GoldenGate Internet Services From mury at goldengate.net Tue Sep 12 14:01:47 2000 From: mury at goldengate.net (Mury) Date: Tue, 12 Sep 2000 13:01:47 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: <39BE429D.BF3CF8B4@hilander.com> Message-ID: > I hardly see what a single presentation I did with Avi several years ago has > to do with the issue at hand. As it happens, I can count on one hand the > number of conversations I've had with Avi this year. Ummm, it's what you are using one of our IPs for to promote. It's on one of your multiple web servers. If it's not important to you any more, perhaps you should do some cleaning up and return some IPs. > The fact that I may not have experience with specifically parsing WWW log > files by no means implies that I have no experience doing that sort of thing > in other applications. See, standard WWW transfer logs have tons of data in > them that does not relate to calculating bandwidth utilization. That extra > data all has to be looked at before the bandwidth numbers can even be > retrieved. Let's look at a line of a standard Apache transfer log: > > 128.220.221.16 - - [05/Mar/1998:18:20:32 -0500] "GET / HTTP/1.0" 200 1195 > > Now depending on how you count there are 6 fields on that one line of log > file, and the number of bytes transfered number is the very last field. So > that means that one way or another you need to look at each of the fields in > the file and check if it's the right one before you can even get the > appropriate data. I have to agree that parsing that logfile for bandwidth > utilization is a major pain. > > But what if we changed the log file format to just look like this: > > 128.220.221.16 1195 > > Or perhaps an even better way would be to write over the same line in the > file again and again every time, so your utilization program just has to > look at the file once to see how much has been used. Granted you can't just > use Apache's mod_log_config for that, but it isn't a lot more work than > that. You know I agree with you on most of what you are getting at, but I need to keep most of that log file anyway. Customers sometimes need to see where there traffic is coming from and what pages they are hitting, so if I need to log all that information it should go to the same file, so I don't double the amount of writes I need for each request. These days we spend almost the same amount of time explaining people's web statistics as we do configuring their modems. That information is important to them. > My second statement about it not being a 'really efficient way to do it' > meant to say that the 30 seconds I spent thinking of how to make the parsing > process more efficient was probably not sufficient to come up with the > optimal solution. Perhaps I should have said 'probably not optimally > efficient' instead. Sorry about that. Fair enough. I pulled out all the stops since you insinuated I was just whining. > I didn't mean to say it was no big deal. Making the changes I proposed > would certainly take some work. However, contrary to what some other people > said, the problem is not insoluble. > > My point was that I can't stand excuses for doing 'the right thing', > especially when people insist on working against an organization that is > only trying to help. ARIN is not making these policy changes to make > everybodys' lives more difficult. ARIN is making the changes because it has > a responsibility to stretch IP space in its region of the world as far as > possible. Hey, we try to do the right thing. I think this is where part of the problem lies. There seems to be this impression that ISPs are guilty before proven innocent, and not just during the long process of trying to get new IP space. We are not greedy, whiny, little pricks. Instead of putting the clamps on the ISPs why not focus on: 1) Reclaiming unused IP space to hold us out a little longer 2) Push a plan to get better client server technology out there, and once it is out there get people using it. As an rotten example, but feeling one is needed, what if the top 10 most popular sites had a message pop up that informed people if they were using an old browser and encouraged them to upgrade. I'm not bitching just to bitch. I'm looking out for my ecommerce customers. 90% of my revenue comes from businesses. If I don't watch out for their bottom line, they sure the hell aren't going to look out for mine. If I switch them to a name-based system, before the world is ready for it and they lose hits do to software incompatibilites, or don't notice that their traffic died, or they can't see how effective a commercial was by using real-time accounting stats, or one of my customers gets DOSed and I can't control the traffic at my core routers or at my upstream so I have to take everyone down because they all share an IP, they are going to host with someone who cheats the system and gets them an IP. > Also, as I tried to say before people on the 'net have come up with some > truly brilliant ways to deal with the issues that face us when they need > to. I really think it would be a far better use of our time here if we all > put our heads together to try and figure out a feasible way for everybody to > use name-based virutal hosts in as many applications as possible than > arguing about how hard it is. Then, if we as a group find that it is truly > not possible then we can state that (from experience, as opposed to just > from theoretical conjecture) at the next ARIN meeting and recommend an > appropriate policy change. Wonderful. I am with you 100% here. Like I said many times in my other post, I'm sure you and most of the others here are a lot smarter than I am. And I'm very willing to make changes that work, but no one seems to be pointing me in the right direction, so all I can do is point out the obvious nature of how things work as I understand them. > You may think that just because I don't run a web hosting outfit today I > don't understand the issues, and you're welcome to think that. It is true > that I don't know how every single web hosting outfit out there accounts for > usage, but I daresay you probably don't know that either. You know how you > do things, and that's all you need to know. This is the exact reason why I > or you alone are not responsible for creating ARIN policies. It is done by > member participation in ARIN. And the general idea is that ARIN and its > members benefit from having a hand in shaping what happens to IP allocation > policy. Obviously. And all I can do is let the group (ARIN) know that I for one have a problem with it. And from judging by the number of responses sent only to me last night, I'm not the only one. I'm not sure why most of these people have not responded to the group. Maybe they don't want to be labeled as a trouble maker and have even a tougher time getting IPs from ARIN next time. > Speaking to your request for a solution to your accounting woes, I really > don't think you want that from ARIN. See, if that happens then people will > start screaming about how ARIN dictates the way people must do business, > which gets into another rat-hole that we really don't want to go down. > There are many ways to skin this cat. > > So I will say again, instead of arguing with me about how easy or not easy > this problem is to deal with, why don't we try actually solving the issues? > And if they are not solvable then we will know we have tried our best and we > can report those findings at the next ARIN meeting in an effort to get the > recently adopted policy changed. > > And FYI, demanding a solution to your specific problem without providing any > suggestions of your own is not the best way to engage help from others. Maybe the some of the hosting world just isn't ready for this new policy. It's not like I've sat on my ass for the last 6 years without changing how I've done business. I wouldn't be around if I didn't evolve as you put it. I've watched just about everyone that has not sold their business, go out of business, and there are plenty of reasons for that, but primary it was due to a lack of adopting new technologies. The point being I have tested and adopted my own suggestions already. My suggestion to the core problem, is to reclaim unused IP space, push for IPv6, and make appropriate IP saving changes when it does not significantly hinder the ability to do business on the Internet. > Not a bad setup. I don't really see what I said before would not apply to > this setup. If eliminate multiple IPs I'm unsure how to: 1) Address the HTTP/1.0 issues in an acceptable clean fashion 2) Do real time web accounting. Remember we buy bandwidth by the Mbit, so we need to sell it by the Mbit 3) Provide controls against DOS attacks. No we don't host porn sites 4) Provide secure server certificates 5) Provide database support from server to server. I'm not a programmer any more so I don't know how big an issue it is, but my programmer told me it would be a mess Those are some of the issues that I don't know how to handle with single IP hosting. > > And like I said before, when appropriate we have assigned multiple sites > > to a single IP. We actually do it by sending all requests into a CGI > > script that grabs the HTTP_HOST env variable and creates the customized > > web site on the fly with MySQL. So yes, we are trying to conserve IP > > addresses, we are not greedy, whiny bastards trying to screw the Internet > > up for everyone else. > > Nobody ever said you were, and I truly resent having words put into my > mouth. Please refrain from doing so in the future. Miscommunication. I didn't mean to imply that you called me a greedy, whiny bastard. I was trying to emphasize the point that ISPs, at least mine, are trying to conserve IP space. ARIN's policy implies that ISPs are not doing enough to conserve the space. And like I said before there seems to be this mis-conception that ISPs are fighting change and IP conservation. Hell, our business depends on more people getting access. We of all people should be, and I beleive most are, promoting IP conservation. > If you recall, I was addressing a specific post where a person was demanding > specific solutions to every problem that this policy change would be > causing. I, for one, don't respond well to demands for help. Look. My point is I live this business. I realize I'm not the smartest guy out here, but I've been doing this a long time in Internet years. ARIN has come up with a policy that I think is premature. With the needs and tools I have, and I have do have a few, it's a bad policy. But if someone can show me how I'm mistaken, I will gladly listen and change my technologies. Actually I think the policy would make a wonderful "Guideline". It shouldn't affect IP allocation, but it should be encouraged at this time. > > Cool! Now we all know how to do name based hosting... er, wait... what > > about all those HTTP/1.0 browsers!? You don't think they exist any > > more? Check this out. In fairness I sampled all my virtual hosts off of > > one server from a selective time period. All my logs files are in the > > www.domain.com format. Here are my commands and results: > > > > webserver3: {17} % grep 'HTTP/1.1' www.*.com | wc -l > > 400441 > > webserver3: {18} % grep 'HTTP/1.0' www.*.com | wc -l > > 375412 > > > > 48.4% of the browsers out there that accessed my customers' sites used > > HTTP/1.0. For the uninitiated the 1.0 version of the HTTP protocol does > > NOT support name based hosting. > > That's the first number I've seen on the subject that is greater that 2%, > and I will confess it does concern me a great deal. > > Does anybody else have any numbers they'd like to share? As someone pointed out. Apparently HTTP/1.0 can support name based hosting. I was unaware of this. And if that truely is the case, I would like to see some numbers. I would have guessed ARIN would know this before instituting a policy. Perhaps they would like to share. > > Can I tell all my customers to call you when their online business drops > > by almost 50%. By the way, can you use a shared IP for secure server > > certificates? > > No, you can't, which is why there are exceptions to the policy. Granted > there isn't a specific exception for SSL, which I think is one place where > the group (myself included) erred in Calgary last March. That's an easy one. > Look, bottom line is that name-based virtual hosts have the ability to > stretch our IP utilization even further (and the way IPv6 is looking means > we'll really need to do this). Moreover, if you think the name-based > virtual hosting policy should be changed or repealed, then by all means > start participating in the process to make that happen. That's what I'm trying to do! Or is this not the right place to participate? > And finally, there may well be some websites out there that cannot be > handled any way except for giving them their own IP address. I don't know > this for sure, but I'd say it's a pretty good guess. > > Similarly, there are some dial-up users out there who insist on having a > static IP address. ISPs are free to do that, _JUST AS LONG AS MOST OF THEIR > LOW-END CLIENTS USE DYNAMIC IP ADDRESSES_. This can easily be extended to > virtual hosting. And I agree that this should be stated specifically, but I > really think ARIN's true intent was to change the default mom-and-pop > hosting account from a dedicated IP address to a name-based virtual host. > > So perhaps the policy should be re-worded to state that for providers who > sell 'cheap' web-hosting for domains that get relatively few hits per month > they should use name-based virtual hosting for those clients? From what I > recall from the discussion in Calgary those were the accounts the policy was > targeted at... Ah! Now we are getting somewhere. Where to draw the line though? That extra 5% business for a company whether they are doing $10,000 or a million or more is still pretty important, especially now with everyone's margins so low while the fight for market share appears to be paramount. Almost all my account are $50/month. Is this considered cheap? Do you have to be a IBM selling $2500 accounts to gain the exception? Or, are the $19.95 joints where the cutoff would be drawn? Just curious. Alec, I understand your and ARIN's points. However if a "policy" is going to be created and enforced I think we some of these issues need to be better addressed and defined so legit ISPs don't have to wait over a month to get new IP space and go through a process of defending web hosting IP space. As I read the policy I'm out of compliance, and I have issues with that. Mury GoldenGate Internet Services From mury at goldengate.net Tue Sep 12 14:10:13 2000 From: mury at goldengate.net (Mury) Date: Tue, 12 Sep 2000 13:10:13 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: Message-ID: If you can send that email to me, I'll forward it to the list. On Tue, 12 Sep 2000, Kim Scarborough wrote: > > So, does anyone know a reliable source that keeps track of stats on > > browsers? If it isn't 50% that won't get to the web site, is it > > 10%? 5%? .0001%? > > I sent a rather detailed e-mail on this to the list, but it didn't go > through, probably because I'm subscribed through a different list rather > than personally. Hopefully the maintainer will approve it and send it on > through. > From memsvcs at arin.net Tue Sep 12 14:14:16 2000 From: memsvcs at arin.net (Member Services) Date: Tue, 12 Sep 2000 14:14:16 -0400 (EDT) Subject: Reserve Your Hotel Room for ARIN VI Before September 18th! Message-ID: Just over one hundred individuals have registered for the October 2-4 ARIN VI meetings in Herndon, VA. If you have not yet booked your hotel room, please do so today as September 18th is the final room block cutoff and there is no guarantee space will be available after next Monday. For registration and hotel details see: http://www.arin.net/announcements/memmeet.html Please contact ARIN Member Services (memsvcs at arin.net) if you have any questions regarding the Public Policy and ARIN Member Meetings. Regards, Susan Hamlin ARIN Member Services From ahp at hilander.com Tue Sep 12 15:07:19 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Tue, 12 Sep 2000 13:07:19 -0600 Subject: guideline for name-based web hosting justification References: Message-ID: <39BE7EE7.F067161@hilander.com> Mury wrote: > > Ummm, it's what you are using one of our IPs for to promote. It's on one > of your multiple web servers. If it's not important to you any more, > perhaps you should do some cleaning up and return some IPs. Probably, although those machines are actually Johns Hopkins property, so I should probably get in touch with the folks back at the CNDS lab. > > You know I agree with you on most of what you are getting at, but I need > to keep most of that log file anyway. Customers sometimes need to see > where there traffic is coming from and what pages they are hitting, so if > I need to log all that information it should go to the same file, so I > don't double the amount of writes I need for each request. It's a matter of which one takes more time, writing two logs, or writing one big one and having to parse it for utilization data. I honestly don't know which is better... > > Hey, we try to do the right thing. I think this is where part of the > problem lies. There seems to be this impression that ISPs are guilty > before proven innocent, and not just during the long process of trying to > get new IP space. We are not greedy, whiny, little pricks. No, you aren't. And ARIN is not made up of a bunch of vindictive narrow-minded pencil pushers who are trying to concerve IP addresses like they're the last few molecules of oxygen in a sealed chamber. We're all working towards the same end; making the 'net function as well as possible. Having multiple sides to the discussion only helps the situation. > > Instead of putting the clamps on the ISPs why not focus on: > > 1) Reclaiming unused IP space to hold us out a little longer That's already being done, but there's a big problem. ARIN doesn't have authority over the major offenders (legacy /8s and /16s). The AC has had long, involved discussions about how is best to do this, and we're working on it. For example, our first goal is to re-claim address space of companies that have gone out of business. If you have some ideas on how we can do this we'd _love_ to hear them. > 2) Push a plan to get better client server technology out there, and once > it is out there get people using it. As an rotten example, but feeling > one is needed, what if the top 10 most popular sites had a message pop up > that informed people if they were using an old browser and encouraged them > to upgrade. Yuck! I mean, it's an idea, but I see where you're going... The idea is to get our members to try and help with this task as well... > > I'm not bitching just to bitch. I'm looking out for my ecommerce > customers. 90% of my revenue comes from businesses. If I don't watch out > for their bottom line, they sure the hell aren't going to look out for > mine. If I switch them to a name-based system, before the world is ready > for it and they lose hits do to software incompatibilites, or don't notice > that their traffic died, or they can't see how effective a commercial was > by using real-time accounting stats, or one of my customers gets DOSed and > I can't control the traffic at my core routers or at my upstream so I have > to take everyone down because they all share an IP, they are going to host > with someone who cheats the system and gets them an IP. Those are legitimate gripes. Can we come up with reasonable solutions to them? > > Obviously. And all I can do is let the group (ARIN) know that I for one > have a problem with it. And from judging by the number of responses sent > only to me last night, I'm not the only one. I'm not sure why most of > these people have not responded to the group. Maybe they don't want to be > labeled as a trouble maker and have even a tougher time getting IPs from > ARIN next time. No, you aren't the only one, but at the same time, there were a huge number of people at the last ARIN meeting who were in support of this policy, however most of them have been silent through most of this (perhaps because they feel they already made their feelings known at the last meeting). And as far as being labled a trouble-maker, I know plenty of people who have been far more vocal about ARIN policy than you and have had no problem getting address space. Please don't spread the mis-conception that ARIN is anything other than an objective organization. It isn't true and it makes everyone's life much more difficult in getting support for the organization. > > Maybe the some of the hosting world just isn't ready for this new policy. This may be true, but the longer we wait the more address space that's going to get used up, and the less we'll have to play with in the future... > > If eliminate multiple IPs I'm unsure how to: > > 1) Address the HTTP/1.0 issues in an acceptable clean fashion See other discussions; the issue of legacy browsers IMO is a red herring. It exists, but it's really small. > 2) Do real time web accounting. Remember we buy bandwidth by the Mbit, so > we need to sell it by the Mbit Doing bandwidth (as opposed to bytes transfered per period of time) billing is tough, although it sounds like more and more vendors are starting to sell equipment that handles this. > 3) Provide controls against DOS attacks. No we don't host porn sites But those are the money-makers! :-) Seriously, I understand the DOS issue all too well, and it does need to be addressed. Not sure how to at this point, except to say that this policy is really targeted towards the bottom-of-the-line web hosting accounts. If you have a customer who has a lot of traffic, pays you a lot of money and can't afford to be off the air then it makes perfect sense to have him on a dedicated IP (I think at least). > 4) Provide secure server certificates That qualifies as an exception. > 5) Provide database support from server to server. I'm not a programmer > any more so I don't know how big an issue it is, but my programmer told me > it would be a mess Not sure exactly what you're trying to do with server to server DB support (more to the point why it would be a problem). > > Miscommunication. I didn't mean to imply that you called me a greedy, > whiny bastard. I was trying to emphasize the point that ISPs, at least > mine, are trying to conserve IP space. ARIN's policy implies that ISPs > are not doing enough to conserve the space. And like I said before there > seems to be this mis-conception that ISPs are fighting change and IP > conservation. Hell, our business depends on more people getting > access. We of all people should be, and I beleive most are, promoting IP > conservation. Just because I don't water my lawn doesn't give me a right to suck up all of the water from the local well with some other application (like starting a car wash, for example). Perhaps that's a bad analogy, but my point is that ARIN recognizes ISPs have made great strides in conserving IP space. However, as more and more companies and users hook up to the 'net every month, we need to do as much as we can. > > Actually I think the policy would make a wonderful "Guideline". It > shouldn't affect IP allocation, but it should be encouraged at this time. That's actually been proposed on another list, although I'm really not sure if that would affect what people do. Anybody else have thoughts? > > As someone pointed out. Apparently HTTP/1.0 can support name based > hosting. I was unaware of this. > > And if that truely is the case, I would like to see some numbers. I would > have guessed ARIN would know this before instituting a policy. Perhaps > they would like to share. The numbers we got came from our members. I believe Gene had some extensive data. > > That's what I'm trying to do! Or is this not the right place to > participate? Well that's the tough part. Most of the member opinion polls take place at the in-person meetings. We do need to try and find a better way to get the pulse of the membership, I think. However, it needs to be stated that officially the Board is the only group that institutes new policy. To this date they have only done that with policies that the membership or AC have recommended. > > Ah! Now we are getting somewhere. Where to draw the line though? That > extra 5% business for a company whether they are doing $10,000 or a > million or more is still pretty important, especially now with everyone's > margins so low while the fight for market share appears to be paramount. True enough. > > Almost all my account are $50/month. Is this considered cheap? Do you > have to be a IBM selling $2500 accounts to gain the exception? Or, are > the $19.95 joints where the cutoff would be drawn? Just curious. That's a very good question, I'm not sure what the answer is. > > Alec, I understand your and ARIN's points. However if a "policy" is going > to be created and enforced I think we some of these issues need to be > better addressed and defined so legit ISPs don't have to wait over a > month to get new IP space and go through a process of defending web > hosting IP space. Which is why we really need more participation. Fortunately this policy change has brought more of it forward, but as I said above we need a better way to tally opinions in a fair manner... Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From ahp at hilander.com Tue Sep 12 15:08:57 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Tue, 12 Sep 2000 13:08:57 -0600 Subject: [Fwd: guideline for name-based web hosting justification] Message-ID: <39BE7F49.8A1ACA68@hilander.com> -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" -------------- next part -------------- An embedded message was scrubbed... From: Kim Scarborough Subject: Re: guideline for name-based web hosting justification Date: Tue, 12 Sep 2000 13:40:29 -0500 (CDT) Size: 1231 URL: From kjs at enteract.com Tue Sep 12 12:08:05 2000 From: kjs at enteract.com (Kim Scarborough) Date: Tue, 12 Sep 2000 11:08:05 -0500 (CDT) Subject: guideline for name-based web hosting justification Message-ID: > Cool! Now we all know how to do name based hosting... er, wait... what > about all those HTTP/1.0 browsers!? You don't think they exist any > more? Check this out. In fairness I sampled all my virtual hosts off of > one server from a selective time period. All my logs files are in the > www.domain.com format. Here are my commands and results: > > webserver3: {17} % grep 'HTTP/1.1' www.*.com | wc -l > 400441 > webserver3: {18} % grep 'HTTP/1.0' www.*.com | wc -l > 375412 > > 48.4% of the browsers out there that accessed my customers' sites used > HTTP/1.0. For the uninitiated the 1.0 version of the HTTP protocol does > NOT support name based hosting. > > Can I tell all my customers to call you when their online business drops > by almost 50%. Wait a minute. When you posted that, I was really surprised. I looked through my server logs and got similar percentages. Look at this: /weblogs> grep 'HTTP/1.1' access.log |wc -l 485 /weblogs> grep 'HTTP/1.0' access.log |wc -l 449 But guess what. That's a name-based site. It shares an IP with several sites I host. So obviously, that's not an accurate way to check if people will load the site--nearly half of this site's hits are from 1.0 requests, and yet it manages to get the site fine. I'm not sure how this works--perhaps the browsers are misidentifying the HTTP version in their requests?--but I can assure you, it does. I work for an ISP that has hundreds of name-based sites. We haven't got any complaints from any of our customers about *anybody* not being able to load their sites in over a year. Saying that 50% of the people out there can't view name-based sites is just absurd. In fact, let's dig a little deeper. Netscape 2.0 and above and IE 3 and above support name-based hosts. So, since IE 3 reports itself as Mozilla 2, IE 4 reports itself as Mozilla 3, etc., let's try this (on my main, IP-based site this time): /weblogs> egrep \(Mozilla/5\|Mozilla/4\|Mozilla/3\|Mozilla/2\) combined.log |wc -l 74210 /weblogs> egrep -v \(Mozilla/5\|Mozilla/4\|Mozilla/3\|Mozilla/2\) combined.log |wc -l 6456 So now we're down to 8%. But even that overstates the number of browsers that can't view name-based sites, because the second number includes search bots, less-used browsers like Lynx and Opera, and command-line fetchers like fetch and wget--all of which also support name-based hosts. I can prune it further upon request. But I would guess it's a fair assumption that just about the only browsers in use by almost anybody that can't get to name-based sites are stray copies of Netscape 1.x. So let's look for that: /weblogs> grep Mozilla/1 combined.log | wc -l 79 0.1% of all my hits this month. So while y'all have a point about the bandwidth accounting, you're on pretty thin ice when talking about browser incompatability. --------------73E596B1E8048DB4AD31BD1A-- From mury at goldengate.net Tue Sep 12 15:17:08 2000 From: mury at goldengate.net (Mury) Date: Tue, 12 Sep 2000 14:17:08 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: <001901c01cea$db5cf040$0f6c693f@fullport.com> Message-ID: Was there no "Unknown" browsers? My logging and analysis tools have a very high percentage that come back as "Unknown," which I'm inclined to beleive are older browsers. Mury On Tue, 12 Sep 2000, PSchroebel wrote: > Tracking browsers.... > Yes we did and we were amazed with the results. > In fact we still dont believe them.... > > Where is Netscape?...this is a sampling too!! > > Mozilla/4.0 (compatible; MSIE 5.0; AOL 5.0; Windows 98; > DigExt) 16605 (26.2%) 176388k (34.0%) > Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 4.0) 4288 > (6.8%) 8060k (1.6%) > Mozilla/4.0 (compatible; MSIE 5.0; AOL 5.0; Windows 95; > DigExt) 3675 (5.8%) 38714k (7.5%) > Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; DigExt) 3477 > (5.5%) 11312k (2.2%) > Mozilla/4.0 (compatible; MSIE 5.0; Windows 98; DigExt) 2500 > (3.9%) 13682k (2.6%) > Mozilla/4.0 (compatible; MSIE 5.01; AOL 5.0; Windows 98) > 2051 (3.2%) 21238k (4.1%) > Mozilla/4.0 (compatible; MSIE 5.0; AOL 4.0; Windows 98; > DigExt) 1906 (3.0%) 19527k (3.8%) > Mozilla/4.0 (compatible; MSIE 5.0; MSN 2.5; AOL 5.0; Windows > 98; DigExt) 1282 (2.0%) 13459k (2.6%) > Mozilla/4.0 (compatible; MSIE 4.01; Windows 95) 1146 (1.8%) > 6325k (1.2%) > Mozilla/4.0 (compatible; MSIE 4.01; Windows NT) 1009 (1.6%) > 5864k (1.1%) > Mozilla/4.0 (compatible; MSIE 5.5; AOL 5.0; Windows 98) 870 > (1.4%) 9029k (1.7%) > Mozilla/4.0 (compatible; MSIE 5.0; Windows 95; DigExt) 784 > (1.2%) 4484k (0.9%) > Mozilla/4.0 (compatible; MSIE 4.01; AOL 4.0; Windows 98) > 778 (1.2%) 7224k (1.4%) > Mozilla/4.0 (compatible; MSIE 5.0; Mac_PowerPC) 766 (1.2%) > 1076k (0.2%) > Mozilla/4.0 (compatible; MSIE 5.0; AOL 5.0; Windows 98; > Compaq; DigExt) 630 (1.0%) 8262k (1.6%) > Mozilla/4.0 (compatible; MSIE 5.01; Windows 98) 618 (1.0%) > 3459k (0.7%) > Mozilla/4.0 (compatible; MSIE 5.5; Windows 98) 586 (0.9%) > 3224k (0.6%) > Mozilla/4.0 (compatible; MSIE 4.01; Windows 98) 548 (0.9%) > 2893k (0.6%) > Mozilla/4.0 (compatible; MSIE 5.01; Windows NT) 534 (0.8%) > 3060k (0.6%) > Mozilla/4.0 (compatible; MSIE 4.01; AOL 4.0; Windows 95) > 486 (0.8%) 5205k (1.0%) > > Sincerely, > > > Peter Schroebel > > ----- Original Message ----- > From: "Mury" > To: "Jon Rust" > Cc: "Alec H. Peterson" ; "Matt Bailey" > ; ; > > Sent: Tuesday, September 12, 2000 1:02 PM > Subject: Re: guideline for name-based web hosting > justification > > > > > You're bending the truth here, quite a bit actually. The > HTTP 1.0 proto > > may not support the Host: header, but browsers that are > using HTTP 1.0 > > may very well support he Host: header. Oh, i don't know, a > smallish > > browser called Netscape, v 2.0 or better, comes to mind. > Grepping > > through my access log for today I see over 65,000 1.0 > requests. 98% of > > those are to name-based virtual hosts (which is almost all > i run > > anymore), and they all worked. > > > > jon > > > Good to know. Finally someone takes the time to correct me > and not just > call me a whiner. > > So, does anyone know a reliable source that keeps track of > stats on > browsers? If it isn't 50% that won't get to the web site, > is it > 10%? 5%? .0001%? > > Thanks. > > Mury > GoldenGate Internet Services > > From richardj at arin.net Tue Sep 12 16:42:40 2000 From: richardj at arin.net (Richard Jimmerson) Date: Tue, 12 Sep 2000 16:42:40 -0400 Subject: No subject In-Reply-To: Message-ID: <008a01c01cf9$ff1f2700$bdfc95c0@ARINNET> Hello Scott, Considering a large percentage of your customers use SSL there must have been a mistake or misunderstanding during the review of your request for additional IP address space. I will be contacting you personally (off-list) to discuss your request and bring it to a quick resolution. Best Regards, Richard Jimmerson American Registry for Internet Numbers (ARIN) -----Original Message----- From: owner-arin-discuss at arin.net [mailto:owner-arin-discuss at arin.net]On Behalf Of Host Master Sent: Tuesday, September 12, 2000 3:04 PM To: arin-discuss at arin.net; ppml at arin.net Subject: The exception is not true, we recently requested more IP space for web hosting and were denied because of the new policy. We had to valid reasons. 1. Search Engines blacklist by IP and account for submissions by IP, one of our biggest selling points is that we get great positioning in search engines. 2. Most of our clients have HTTP 1.0 browsers, and are unable to upgrade because of company policies for the offices they work with. 3. A large percentage of our clients use SSL, we work in the real estate / mortgage field and the customers are VERY paranoid. For all intents and purposes we have been cut off from around 40% of our client base. We have produced documentation to ARIN for both of these reasons and they still denied it citing "ARIN official policy is to deny IP base web hosting, no exceptions". We are being forced to request more address space from our upstream provider so that we can cover the sites that would like to be SSL. This is not acceptable. This forced change has cost us a large (in our terms, we are not the largest company) amount of business, and forced us to loose business to competitors that just host using space from upstream providers. The reason we went to ARIN issued space was for portability across our providers, in the long run it may hurt us more than the benefit it will give us. --- Scott Johnson Director Of Software Engineering Advanced Access (714) 685-5124 sjohnson at advancedaccess.com -----Original Message----- From: Jeremy Porter [mailto:jerry at fc.net] Sent: Tuesday, September 12, 2000 1:35 AM To: Mury Cc: Alec H. Peterson; Matt Bailey; arin-discuss at arin.net; ppml at arin.net Subject: Re: guideline for name-based web hosting justification I don't think Alec has called anyone whiners. The policy has been discussed and as presented does not change the business climate for for existing users of addresses. For new assignments I quote: http://www.arin.net/announcements/policy_changes.html Exceptions may be made for ISPs that provide justification for requiring static addresses. ARIN will determine, on a case-by-case basis, whether an exception is appropriate. If you are sure that your use of one IP per Host is justfiable, then you should have no problem getting an exception approved. Perhaps if you are complaining maybe you don't feel that your use has technical merit? "Back in the day" when I ran an ISP and Web hosting business for a living, we used single IPs for WWW (http 1.1 didn't exist), assigned static IPs to all customers, etc. When new technologies came about and policies changed, we followed. We ended up renumber those static customers and some significiant business cost, because it was the right thing to do. It wasn't easy, the customers didn't like it, it made accounting and access control harder. With that said, theses issues were discussed at the ARIN policy meeting, and there weren't huge objections, so the conclusion was reached that there were significant objectors. Luckily there is a meeting in just a few weeks, where you are invited to discusse it more, and perhaps better wording can be determined that would allow existing operations to switch to more efficient technologies in a reasonable time frame, while still encouraging better utilization of IP addressing. I'm sure if several vocal www hosting business pushed for changed wording that still encouraged better utilization, that it would be considered. From my recollection of the last ARIN meeting there was a significant lack of input from WWW hosting companies, as there were only a handful present. "Whining" (your words) about it on the mailing list might not be enough. Also I'd think you find Alec would be more than willing to help address any technical issues you might find, but telling him "math is hard" isn't likely to win you much, and personal attacks, will likely just be ignored, as he's been doing this long enough to not take the "bait". In message , Mury writes: > >Dear Alec, > >Since you basically called those of us pointing out some real issues >"whiners," I took the liberty of finding out a little bit more about >you. It looks like you are probably a fairly bright person, probably a >lot smarter than me. >From looking at your web site though and reading >your comments below I question how much you really understand what you are >talking about when you trivialize some of the issues that have been >brought up. > >I also find it interesting that in your presentation to the 11th NANOG >meeting that you did with Avi Freedman (Isn't he working for Digital >Island now? Or one of the other distributed content providers) you are >supporting a technology that not only assigns an IP address to a web site >but assigns multiple IP addresses to a single site. Perhaps I didn't >decipher your presentation correctly, but it sure seems like you are >supporting performance/service level issues above and beyond IP >conservation. Ah, I hear it coming, that each distributed node can handle >multiple distributed sites off of a single IP. Very true. Do you know >what the ratio of managed sites to in-service systems is? How many >locations is Akamai in? I really don't know what the IP "waste" ratio is. >But the point is you are supporting performance at the expense of IP >addresses however large or small that may be. > >In addition, you even argue against yourself. You say, "For example, >don't do all of the parsing at once at the end of the day; modify the >server to keep a running tally of a customer's usage and have it write >that alone to a file on the disk every time it changes. Far more >efficient. That's just off the top of my head, and probably not a really >efficient way to do it." > >What?! How can it be *far more efficient* and then in the next line it's >*not a really efficient*" Can you see why I'm not very thrilled with your >off the cuff and seemingly inexperienced comments? > >By making light of some real issues that were brought up it sure seems >like your statements are hypocritical. Now like I said, I'm not the >smartest guy out here, so if I've badly misrepresented things I apologize >in advance. > >Bottom line, for every one out there saying it's no big deal to do single >IP virtual hosting I would like to see a solution that does not sacrifice >reliability, accountability, quality of service, and functionality. I >hate it when people (even smart people) start voicing opinions on things >they don't understand. > >I'm also not stubborn. I'm not running things the way I do because it's >my way, but because they work, they are scalable, they are functionable, >and we have zero down time. I've tried Microsoft IIS. It doesn't work. >Well doh, of course it works, but not for a company that demands uptime >and security and a fast and simple database. I have to reboot co-located >IIS machines all the time. My BSDI/Apache/MySQL/Perl/PHP/Raven boxes have >had zero downtime in the last 3 years. That is not an invitation to hack >or DOS my network. But thanks for thinking about me. > >And like I said before, when appropriate we have assigned multiple sites >to a single IP. We actually do it by sending all requests into a CGI >script that grabs the HTTP_HOST env variable and creates the customized >web site on the fly with MySQL. So yes, we are trying to conserve IP >addresses, we are not greedy, whiny bastards trying to screw the Internet >up for everyone else. > >For those of you running Apache that want to know how to do it the right >way, go to: http://www.apache.org/docs/vhosts/name-based.html > >Cool! Now we all know how to do name based hosting... er, wait... what >about all those HTTP/1.0 browsers!? You don't think they exist any >more? Check this out. In fairness I sampled all my virtual hosts off of >one server from a selective time period. All my logs files are in the >www.domain.com format. Here are my commands and results: > >webserver3: {17} % grep 'HTTP/1.1' www.*.com | wc -l > 400441 >webserver3: {18} % grep 'HTTP/1.0' www.*.com | wc -l > 375412 > >48.4% of the browsers out there that accessed my customers' sites used >HTTP/1.0. For the uninitiated the 1.0 version of the HTTP protocol does >NOT support name based hosting. > >Can I tell all my customers to call you when their online business drops >by almost 50%. By the way, can you use a shared IP for secure server >certificates? > >Some more thoughts... > >Look at some of the new comers to the tech scene, Keynote, Akamai, >Speedera, Digital Island, etc. These company's success show how important >it is to the world to have fast, reliable, and secure web sites. Quality >of Service (in its broad definition) is paramount. And if you don't >believe that you can make a fortune by shorting the stock in those >companies. > >I don't want to see any more comments that I should be doing things >smarter and better. I want to see explanations of how I can accomplish >the things that you say are so easy. Like I said I'm not stubborn... show >me the way. If you can't, then please refrain from making popular >political statements that don't affect YOUR business and your customers' >business. > >There's my not so bright, whiny, long-winded $10 worth. > >Mury >GoldenGate Internet Services > >PS. If you are such an advocate for IP conservation why do you have a >whole block? I can't tell how many IPs you are wasting because your >provider has not swipped your block. But you have multiple web sites >running on multiple IPs! What's your excuse? > >Name: gw1.hilander.com >Address: 216.241.32.33 > >Name: virthost.hilander.com >Address: 216.241.32.35 > >Name: ramirez.hilander.com >Address: 216.241.32.34 > >Pretty interesting web sites I might add. > >If you are going to call someone a whiner you better have your own act >together. The hypocrisy is killing me. > >Like I said, I'm sure you are smarter than me, but stick to what you know. > > >On Mon, 11 Sep 2000, Alec H. Peterson wrote: > >> Mury wrote: >> > >> > Yikes! >> > >> > Have you ever tried to parse up to 1000 log files per system, with some of >> > them around 500MB in size. It's not nearly as easy as it sounds. >> >> It is if you change how you write and parse your logs. >> >> > >> > For some people it's feasable, but for most of us we *need* IP based >> > accounting. >> > >> > By the way, we are setup to do a large number of URL's pointed at a single >> > IP for some hosting applications, but for the majority of our sites, it is >> > not an option. >> >> Can't say that I have tried it. However at the same time I can think of >> quite a few ways to make the task far easier and faster. For example, don't >> do all of the parsing at once at the end of the day; modify the server to > keep a running tally of a customer's usage and have it write that alone to a >> file on the disk every time it changes. Far more efficient. >> >> That's just off the top of my head, and probably not a really efficient way >> to do it. My point is that the Internet is made up of a lot of smart people >> who are more than capable of solving these issues if they feel like it. >> Whining about how today's methods of accounting won't work with tomorrow's >> methods of virtual hosting is a lot like complaining about how yesterday's >> chalk writes really poorly on today's white boards. If you don't want to be >> left behind you have to keep on evolving. >> >> After all, where would we be today if dial-up providers decided that it was >> too much work to use dynamically allocated IP addresses and kept on giving >> each user their own IP address? >> >> However, name-based virtual hosts aren't exactly a new thing. Many large >> web hosters have been using name-based virtual hosts for a while now, so >> would any of those companies mind sharing a little wisdom on how this can be >> done? >> >> Thanks, >> >> Alec >> >> -- >> Alec H. Peterson - ahp at hilander.com >> Staff Scientist >> CenterGate Research Group - http://www.centergate.com >> "Technology so advanced, even _we_ don't understand it!" >> > > --- jerry at fc.net 512-519-6193 www.wayport.net 8303 Mopac Expressway Suite A300, Austin Tx. -------------- next part -------------- An HTML attachment was scrubbed... URL: From mury at goldengate.net Tue Sep 12 16:59:23 2000 From: mury at goldengate.net (Mury) Date: Tue, 12 Sep 2000 15:59:23 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: <39BE7EE7.F067161@hilander.com> Message-ID: > > Instead of putting the clamps on the ISPs why not focus on: > > > > 1) Reclaiming unused IP space to hold us out a little longer > > That's already being done, but there's a big problem. ARIN doesn't have > authority over the major offenders (legacy /8s and /16s). The AC has had > long, involved discussions about how is best to do this, and we're working > on it. For example, our first goal is to re-claim address space of > companies that have gone out of business. If you have some ideas on how we > can do this we'd _love_ to hear them. I'm not sure where ARIN gets it's authority. Maybe the father of the Internet wants to save his creation and support a law giving ARIN the authority. Seriously, where does ARIN receive it's authority from? Why hasn't it been given the authority to reclaim unused space from legacy allocations? Maybe ARIN would like to clearly publish a list of those offenders and send them a nice letter asking them to comply with current allocation policies. If they don't want to cooperate, I suppose we could call the media and/or Null route their IPs until they want to play by the same rules we all need to. > > 2) Push a plan to get better client server technology out there, and once > > it is out there get people using it. As an rotten example, but feeling > > one is needed, what if the top 10 most popular sites had a message pop up > > that informed people if they were using an old browser and encouraged them > > to upgrade. > > Yuck! > > I mean, it's an idea, but I see where you're going... Actually from the recent contributions to the list it appears as though the HTTP/1.0 issues are far less a problem than I first perceived. I would however like to see some real statistics. > > I'm not bitching just to bitch. I'm looking out for my ecommerce > > customers. 90% of my revenue comes from businesses. If I don't watch out > > for their bottom line, they sure the hell aren't going to look out for > > mine. If I switch them to a name-based system, before the world is ready > > for it and they lose hits do to software incompatibilites, or don't notice > > that their traffic died, or they can't see how effective a commercial was > > by using real-time accounting stats, or one of my customers gets DOSed and > > I can't control the traffic at my core routers or at my upstream so I have > > to take everyone down because they all share an IP, they are going to host > > with someone who cheats the system and gets them an IP. > > Those are legitimate gripes. > > Can we come up with reasonable solutions to them? Well, what is the realistic possibility of making that "policy" a "guideline?" Give ISPs 6 months to essentially self-comply. If web hosting IP usage drops a significant percentage, then we declare a success. If usage does not drop, have a policy ready with more details. What exactly constitutes an exception? Obviously secure servers are an exception, but what about bandwidth based accounting, or high bandwidth sites (and if so, where is the line drawn?) I realize I might be living in a dream world thinking most ISPs will rapidly change if not forced to, but it's not an impossible task to convince them either. It's actually easy to configure multiple sites to one IP than to multiple IPs. I really don't know. I'd personally rather spend my time and money trying to get back massive chunks of unused IPs from those knowingly or unknowingly abusing them, and wait for technologies to mature a little more before cracking down on web hosting IPs. > No, you aren't the only one, but at the same time, there were a huge number > of people at the last ARIN meeting who were in support of this policy, > however most of them have been silent through most of this (perhaps because > they feel they already made their feelings known at the last meeting). > > And as far as being labled a trouble-maker, I know plenty of people who have > been far more vocal about ARIN policy than you and have had no problem > getting address space. Please don't spread the mis-conception that ARIN is > anything other than an objective organization. It isn't true and it makes > everyone's life much more difficult in getting support for the organization. Oh, if I thought that were true, I wouldn't be writing this or previous emails. I obviously don't think ARIN is going to treat my allocations differently than the next person. I'm just guessing as to why others emailed only me and not the group. > > If eliminate multiple IPs I'm unsure how to: > > > > 1) Address the HTTP/1.0 issues in an acceptable clean fashion > > See other discussions; the issue of legacy browsers IMO is a red herring. > It exists, but it's really small. Is sure seems that way. I'd still like to see *real* statistics. > > 2) Do real time web accounting. Remember we buy bandwidth by the Mbit, so > > we need to sell it by the Mbit > > Doing bandwidth (as opposed to bytes transfered per period of time) billing > is tough, although it sounds like more and more vendors are starting to sell > equipment that handles this. > > > 3) Provide controls against DOS attacks. No we don't host porn sites > > But those are the money-makers! :-) > > Seriously, I understand the DOS issue all too well, and it does need to be > addressed. Not sure how to at this point, except to say that this policy is > really targeted towards the bottom-of-the-line web hosting accounts. If you > have a customer who has a lot of traffic, pays you a lot of money and can't > afford to be off the air then it makes perfect sense to have him on a > dedicated IP (I think at least). Well, that doesn't totally work. Because if someone on the main IP gets attacked I have to shut all sites down on that IP, so it's not just a matter of keeping my one big customer up, it's a matter of keeping 1000 sites up that only pay $50/month but adds up to $50,000.00/month in total. When everyone has their own IP, you can simply Null route their IP if trouble starts. In all fairness, I only have to do this a handful of times per year, but the times I have it has probably saved me hours if not days of down time. There is no way to predict if www.photos.com, www.ilikeredmeat.com, www.gotochurch.com is going to be the one that gets attacked. This issue is not a massive one. > > 4) Provide secure server certificates > > That qualifies as an exception. > > > 5) Provide database support from server to server. I'm not a programmer > > any more so I don't know how big an issue it is, but my programmer told me > > it would be a mess > > Not sure exactly what you're trying to do with server to server DB support > (more to the point why it would be a problem). If your backend hosting databases reside on different computers than your hosting does, you probably are going to have issues with name based hosting. However, I am far enough out of this arena personally to be able to explain why. Once again this is a relatively small issue, at least for us. Most of our databases do reside on the hosting server. > > Actually I think the policy would make a wonderful "Guideline". It > > shouldn't affect IP allocation, but it should be encouraged at this time. > > That's actually been proposed on another list, although I'm really not sure > if that would affect what people do. Anybody else have thoughts? > > > > > As someone pointed out. Apparently HTTP/1.0 can support name based > > hosting. I was unaware of this. > > > > And if that truely is the case, I would like to see some numbers. I would > > have guessed ARIN would know this before instituting a policy. Perhaps > > they would like to share. > > The numbers we got came from our members. I believe Gene had some extensive > data. Gene, do you want to share that data with the list? > > Alec, I understand your and ARIN's points. However if a "policy" is going > > to be created and enforced I think we some of these issues need to be > > better addressed and defined so legit ISPs don't have to wait over a > > month to get new IP space and go through a process of defending web > > hosting IP space. > > Which is why we really need more participation. Fortunately this policy > change has brought more of it forward, but as I said above we need a better > way to tally opinions in a fair manner... Someone sent me an email suggesting a poll on your web site using handles as an ID so only members could vote, and they could only vote once. As a side note, from the lack of participation in this list it appears that either: 1) Not many ISPs are subscribed to this list 2) They aren't receiving the messages 3) They are too busy to care, or 4) I'm one of only about 10-20 people that feel strongly about this policy Whatever the case is, I have a business to run, and I've said my peace. I can't stick up for the rest of them. For all the reasons I've stated I think this policy is both too undefined in that it lacks the explanations of exceptions (currently it looks like exceptions would be left up to the discretion of the individual staff person working on the account), and that it is premature. For the record, I tried to participate. Mury GoldenGate Internet Services From dan at netrail.net Tue Sep 12 23:12:57 2000 From: dan at netrail.net (dan at netrail.net) Date: Tue, 12 Sep 2000 23:12:57 -0400 (EDT) Subject: guideline for name-based web hosting justification In-Reply-To: Message-ID: Oh come on. ARIN has not actual legal authority of any kind. It operates across national borders, and is subject to no laws regulating it's powers. It's only true ability is to convince providers to route only those addresses it assigns. Given this, it has all the authority it needs to retrieve unused blocks. Daniel Golding Director of R&D "I'm not evil. I'm just drawn that way" NetRail, Inc. 1-888-NetRail On Tue, 12 Sep 2000, Mury wrote: > > > > Instead of putting the clamps on the ISPs why not focus on: > > > > > > 1) Reclaiming unused IP space to hold us out a little longer > > > > That's already being done, but there's a big problem. ARIN doesn't have > > authority over the major offenders (legacy /8s and /16s). The AC has had > > long, involved discussions about how is best to do this, and we're working > > on it. For example, our first goal is to re-claim address space of > > companies that have gone out of business. If you have some ideas on how we > > can do this we'd _love_ to hear them. > > I'm not sure where ARIN gets it's authority. Maybe the father of the > Internet wants to save his creation and support a law giving ARIN the > authority. Seriously, where does ARIN receive it's authority from? Why > hasn't it been given the authority to reclaim unused space from legacy > allocations? > > Maybe ARIN would like to clearly publish a list of those offenders and > send them a nice letter asking them to comply with current allocation > policies. If they don't want to cooperate, I suppose we could call the > media and/or Null route their IPs until they want to play by the same > rules we all need to. > > > > 2) Push a plan to get better client server technology out there, and once > > > it is out there get people using it. As an rotten example, but feeling > > > one is needed, what if the top 10 most popular sites had a message pop up > > > that informed people if they were using an old browser and encouraged them > > > to upgrade. > > > > Yuck! > > > > I mean, it's an idea, but I see where you're going... > > Actually from the recent contributions to the list it appears as though > the HTTP/1.0 issues are far less a problem than I first perceived. I > would however like to see some real statistics. > > > > I'm not bitching just to bitch. I'm looking out for my ecommerce > > > customers. 90% of my revenue comes from businesses. If I don't watch out > > > for their bottom line, they sure the hell aren't going to look out for > > > mine. If I switch them to a name-based system, before the world is ready > > > for it and they lose hits do to software incompatibilites, or don't notice > > > that their traffic died, or they can't see how effective a commercial was > > > by using real-time accounting stats, or one of my customers gets DOSed and > > > I can't control the traffic at my core routers or at my upstream so I have > > > to take everyone down because they all share an IP, they are going to host > > > with someone who cheats the system and gets them an IP. > > > > Those are legitimate gripes. > > > > Can we come up with reasonable solutions to them? > > Well, what is the realistic possibility of making that "policy" a > "guideline?" Give ISPs 6 months to essentially self-comply. If web > hosting IP usage drops a significant percentage, then we declare a > success. > > If usage does not drop, have a policy ready with more details. What > exactly constitutes an exception? Obviously secure servers are an > exception, but what about bandwidth based accounting, or high bandwidth > sites (and if so, where is the line drawn?) > > I realize I might be living in a dream world thinking most ISPs will > rapidly change if not forced to, but it's not an impossible task to > convince them either. It's actually easy to configure multiple sites to > one IP than to multiple IPs. > > I really don't know. I'd personally rather spend my time and money trying > to get back massive chunks of unused IPs from those knowingly or > unknowingly abusing them, and wait for technologies to mature a little > more before cracking down on web hosting IPs. > > > No, you aren't the only one, but at the same time, there were a huge number > > of people at the last ARIN meeting who were in support of this policy, > > however most of them have been silent through most of this (perhaps because > > they feel they already made their feelings known at the last meeting). > > > > And as far as being labled a trouble-maker, I know plenty of people who have > > been far more vocal about ARIN policy than you and have had no problem > > getting address space. Please don't spread the mis-conception that ARIN is > > anything other than an objective organization. It isn't true and it makes > > everyone's life much more difficult in getting support for the organization. > > Oh, if I thought that were true, I wouldn't be writing this or previous > emails. I obviously don't think ARIN is going to treat my allocations > differently than the next person. I'm just guessing as to why others > emailed only me and not the group. > > > > If eliminate multiple IPs I'm unsure how to: > > > > > > 1) Address the HTTP/1.0 issues in an acceptable clean fashion > > > > See other discussions; the issue of legacy browsers IMO is a red herring. > > It exists, but it's really small. > > Is sure seems that way. I'd still like to see *real* statistics. > > > > 2) Do real time web accounting. Remember we buy bandwidth by the Mbit, so > > > we need to sell it by the Mbit > > > > Doing bandwidth (as opposed to bytes transfered per period of time) billing > > is tough, although it sounds like more and more vendors are starting to sell > > equipment that handles this. > > > > > 3) Provide controls against DOS attacks. No we don't host porn sites > > > > But those are the money-makers! :-) > > > > Seriously, I understand the DOS issue all too well, and it does need to be > > addressed. Not sure how to at this point, except to say that this policy is > > really targeted towards the bottom-of-the-line web hosting accounts. If you > > have a customer who has a lot of traffic, pays you a lot of money and can't > > afford to be off the air then it makes perfect sense to have him on a > > dedicated IP (I think at least). > > Well, that doesn't totally work. Because if someone on the main IP gets > attacked I have to shut all sites down on that IP, so it's not just a > matter of keeping my one big customer up, it's a matter of keeping 1000 > sites up that only pay $50/month but adds up to $50,000.00/month in > total. When everyone has their own IP, you can simply Null route their IP > if trouble starts. > > In all fairness, I only have to do this a handful of times per year, but > the times I have it has probably saved me hours if not days of down time. > There is no way to predict if www.photos.com, www.ilikeredmeat.com, > www.gotochurch.com is going to be the one that gets attacked. > > This issue is not a massive one. > > > > 4) Provide secure server certificates > > > > That qualifies as an exception. > > > > > 5) Provide database support from server to server. I'm not a programmer > > > any more so I don't know how big an issue it is, but my programmer told me > > > it would be a mess > > > > Not sure exactly what you're trying to do with server to server DB support > > (more to the point why it would be a problem). > > If your backend hosting databases reside on different computers than your > hosting does, you probably are going to have issues with name based > hosting. However, I am far enough out of this arena personally to be able > to explain why. > > Once again this is a relatively small issue, at least for us. Most of our > databases do reside on the hosting server. > > > > Actually I think the policy would make a wonderful "Guideline". It > > > shouldn't affect IP allocation, but it should be encouraged at this time. > > > > That's actually been proposed on another list, although I'm really not sure > > if that would affect what people do. Anybody else have thoughts? > > > > > > > > As someone pointed out. Apparently HTTP/1.0 can support name based > > > hosting. I was unaware of this. > > > > > > And if that truely is the case, I would like to see some numbers. I would > > > have guessed ARIN would know this before instituting a policy. Perhaps > > > they would like to share. > > > > The numbers we got came from our members. I believe Gene had some extensive > > data. > > Gene, do you want to share that data with the list? > > > > Alec, I understand your and ARIN's points. However if a "policy" is going > > > to be created and enforced I think we some of these issues need to be > > > better addressed and defined so legit ISPs don't have to wait over a > > > month to get new IP space and go through a process of defending web > > > hosting IP space. > > > > Which is why we really need more participation. Fortunately this policy > > change has brought more of it forward, but as I said above we need a better > > way to tally opinions in a fair manner... > > Someone sent me an email suggesting a poll on your web site using handles > as an ID so only members could vote, and they could only vote once. > > As a side note, from the lack of participation in this list it appears > that either: > > 1) Not many ISPs are subscribed to this list > 2) They aren't receiving the messages > 3) They are too busy to care, or > 4) I'm one of only about 10-20 people that feel strongly about this policy > > Whatever the case is, I have a business to run, and I've said my > peace. I can't stick up for the rest of them. > > For all the reasons I've stated I think this policy is both too undefined > in that it lacks the explanations of exceptions (currently it looks like > exceptions would be left up to the discretion of the individual staff > person working on the account), and that it is premature. > > For the record, I tried to participate. > > Mury > GoldenGate Internet Services > From mury at goldengate.net Wed Sep 13 01:20:29 2000 From: mury at goldengate.net (Mury) Date: Wed, 13 Sep 2000 00:20:29 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: Message-ID: That's what I was subtly getting at. On Tue, 12 Sep 2000 dan at netrail.net wrote: > Oh come on. ARIN has not actual legal authority of any kind. It operates > across national borders, and is subject to no laws regulating it's powers. > It's only true ability is to convince providers to route only those > addresses it assigns. Given this, it has all the authority it needs to > retrieve unused blocks. > > > Daniel Golding > Director of R&D "I'm not evil. I'm just drawn that way" > NetRail, Inc. > 1-888-NetRail > > On Tue, 12 Sep 2000, Mury wrote: > > > > > > > Instead of putting the clamps on the ISPs why not focus on: > > > > > > > > 1) Reclaiming unused IP space to hold us out a little longer > > > > > > That's already being done, but there's a big problem. ARIN doesn't have > > > authority over the major offenders (legacy /8s and /16s). The AC has had > > > long, involved discussions about how is best to do this, and we're working > > > on it. For example, our first goal is to re-claim address space of > > > companies that have gone out of business. If you have some ideas on how we > > > can do this we'd _love_ to hear them. > > > > I'm not sure where ARIN gets it's authority. Maybe the father of the > > Internet wants to save his creation and support a law giving ARIN the > > authority. Seriously, where does ARIN receive it's authority from? Why > > hasn't it been given the authority to reclaim unused space from legacy > > allocations? > > > > Maybe ARIN would like to clearly publish a list of those offenders and > > send them a nice letter asking them to comply with current allocation > > policies. If they don't want to cooperate, I suppose we could call the > > media and/or Null route their IPs until they want to play by the same > > rules we all need to. > > > > > > 2) Push a plan to get better client server technology out there, and once > > > > it is out there get people using it. As an rotten example, but feeling > > > > one is needed, what if the top 10 most popular sites had a message pop up > > > > that informed people if they were using an old browser and encouraged them > > > > to upgrade. > > > > > > Yuck! > > > > > > I mean, it's an idea, but I see where you're going... > > > > Actually from the recent contributions to the list it appears as though > > the HTTP/1.0 issues are far less a problem than I first perceived. I > > would however like to see some real statistics. > > > > > > I'm not bitching just to bitch. I'm looking out for my ecommerce > > > > customers. 90% of my revenue comes from businesses. If I don't watch out > > > > for their bottom line, they sure the hell aren't going to look out for > > > > mine. If I switch them to a name-based system, before the world is ready > > > > for it and they lose hits do to software incompatibilites, or don't notice > > > > that their traffic died, or they can't see how effective a commercial was > > > > by using real-time accounting stats, or one of my customers gets DOSed and > > > > I can't control the traffic at my core routers or at my upstream so I have > > > > to take everyone down because they all share an IP, they are going to host > > > > with someone who cheats the system and gets them an IP. > > > > > > Those are legitimate gripes. > > > > > > Can we come up with reasonable solutions to them? > > > > Well, what is the realistic possibility of making that "policy" a > > "guideline?" Give ISPs 6 months to essentially self-comply. If web > > hosting IP usage drops a significant percentage, then we declare a > > success. > > > > If usage does not drop, have a policy ready with more details. What > > exactly constitutes an exception? Obviously secure servers are an > > exception, but what about bandwidth based accounting, or high bandwidth > > sites (and if so, where is the line drawn?) > > > > I realize I might be living in a dream world thinking most ISPs will > > rapidly change if not forced to, but it's not an impossible task to > > convince them either. It's actually easy to configure multiple sites to > > one IP than to multiple IPs. > > > > I really don't know. I'd personally rather spend my time and money trying > > to get back massive chunks of unused IPs from those knowingly or > > unknowingly abusing them, and wait for technologies to mature a little > > more before cracking down on web hosting IPs. > > > > > No, you aren't the only one, but at the same time, there were a huge number > > > of people at the last ARIN meeting who were in support of this policy, > > > however most of them have been silent through most of this (perhaps because > > > they feel they already made their feelings known at the last meeting). > > > > > > And as far as being labled a trouble-maker, I know plenty of people who have > > > been far more vocal about ARIN policy than you and have had no problem > > > getting address space. Please don't spread the mis-conception that ARIN is > > > anything other than an objective organization. It isn't true and it makes > > > everyone's life much more difficult in getting support for the organization. > > > > Oh, if I thought that were true, I wouldn't be writing this or previous > > emails. I obviously don't think ARIN is going to treat my allocations > > differently than the next person. I'm just guessing as to why others > > emailed only me and not the group. > > > > > > If eliminate multiple IPs I'm unsure how to: > > > > > > > > 1) Address the HTTP/1.0 issues in an acceptable clean fashion > > > > > > See other discussions; the issue of legacy browsers IMO is a red herring. > > > It exists, but it's really small. > > > > Is sure seems that way. I'd still like to see *real* statistics. > > > > > > 2) Do real time web accounting. Remember we buy bandwidth by the Mbit, so > > > > we need to sell it by the Mbit > > > > > > Doing bandwidth (as opposed to bytes transfered per period of time) billing > > > is tough, although it sounds like more and more vendors are starting to sell > > > equipment that handles this. > > > > > > > 3) Provide controls against DOS attacks. No we don't host porn sites > > > > > > But those are the money-makers! :-) > > > > > > Seriously, I understand the DOS issue all too well, and it does need to be > > > addressed. Not sure how to at this point, except to say that this policy is > > > really targeted towards the bottom-of-the-line web hosting accounts. If you > > > have a customer who has a lot of traffic, pays you a lot of money and can't > > > afford to be off the air then it makes perfect sense to have him on a > > > dedicated IP (I think at least). > > > > Well, that doesn't totally work. Because if someone on the main IP gets > > attacked I have to shut all sites down on that IP, so it's not just a > > matter of keeping my one big customer up, it's a matter of keeping 1000 > > sites up that only pay $50/month but adds up to $50,000.00/month in > > total. When everyone has their own IP, you can simply Null route their IP > > if trouble starts. > > > > In all fairness, I only have to do this a handful of times per year, but > > the times I have it has probably saved me hours if not days of down time. > > There is no way to predict if www.photos.com, www.ilikeredmeat.com, > > www.gotochurch.com is going to be the one that gets attacked. > > > > This issue is not a massive one. > > > > > > 4) Provide secure server certificates > > > > > > That qualifies as an exception. > > > > > > > 5) Provide database support from server to server. I'm not a programmer > > > > any more so I don't know how big an issue it is, but my programmer told me > > > > it would be a mess > > > > > > Not sure exactly what you're trying to do with server to server DB support > > > (more to the point why it would be a problem). > > > > If your backend hosting databases reside on different computers than your > > hosting does, you probably are going to have issues with name based > > hosting. However, I am far enough out of this arena personally to be able > > to explain why. > > > > Once again this is a relatively small issue, at least for us. Most of our > > databases do reside on the hosting server. > > > > > > Actually I think the policy would make a wonderful "Guideline". It > > > > shouldn't affect IP allocation, but it should be encouraged at this time. > > > > > > That's actually been proposed on another list, although I'm really not sure > > > if that would affect what people do. Anybody else have thoughts? > > > > > > > > > > > As someone pointed out. Apparently HTTP/1.0 can support name based > > > > hosting. I was unaware of this. > > > > > > > > And if that truely is the case, I would like to see some numbers. I would > > > > have guessed ARIN would know this before instituting a policy. Perhaps > > > > they would like to share. > > > > > > The numbers we got came from our members. I believe Gene had some extensive > > > data. > > > > Gene, do you want to share that data with the list? > > > > > > Alec, I understand your and ARIN's points. However if a "policy" is going > > > > to be created and enforced I think we some of these issues need to be > > > > better addressed and defined so legit ISPs don't have to wait over a > > > > month to get new IP space and go through a process of defending web > > > > hosting IP space. > > > > > > Which is why we really need more participation. Fortunately this policy > > > change has brought more of it forward, but as I said above we need a better > > > way to tally opinions in a fair manner... > > > > Someone sent me an email suggesting a poll on your web site using handles > > as an ID so only members could vote, and they could only vote once. > > > > As a side note, from the lack of participation in this list it appears > > that either: > > > > 1) Not many ISPs are subscribed to this list > > 2) They aren't receiving the messages > > 3) They are too busy to care, or > > 4) I'm one of only about 10-20 people that feel strongly about this policy > > > > Whatever the case is, I have a business to run, and I've said my > > peace. I can't stick up for the rest of them. > > > > For all the reasons I've stated I think this policy is both too undefined > > in that it lacks the explanations of exceptions (currently it looks like > > exceptions would be left up to the discretion of the individual staff > > person working on the account), and that it is premature. > > > > For the record, I tried to participate. > > > > Mury > > GoldenGate Internet Services > > > From shane at ripe.net Wed Sep 13 04:59:40 2000 From: shane at ripe.net (Shane Kerr) Date: Wed, 13 Sep 2000 10:59:40 +0200 Subject: guideline for name-based web hosting justification Message-ID: <200009130859.KAA24339@x17.ripe.net> > On Mon, Sep 11, 2000 at 05:24:34PM -0600, Alec H. Peterson wrote: > > Matt Bailey wrote: > > > > > > For those of us that do accounting via IP how do you expect us to us Name > > > Based Virtuals? Until there is a method for accounting all traffic to a > > > domain name without using IP I see this as totally unreasonable. We base all > > > of our security filters and traffic filters on a customers IP assigned to > > > them. We also have hardware that can not support name based virtuals and > > > thus has a NIC card for each site? Explain IN DETAIL the method used to > > > account for these in our requests. > > > > How about parsing access logs? > > Doesn't work if you are billing for bandwidth... I hate to stick my neck out here, and I recognise that the technology doesn't really exist, but creating an Apache mod to record the number of bits sent to/from a given virtual domain should be straightforward. Perhaps ARIN could fund the appropriate work at Apache for this (IIRC ARIN has plenty of money for this kind of work right now). I can't imagine it would cost in excess of $100k, and might help everybody concerned. It could even produce output that looks like MRTG. :) Shane From bet at rahul.net Wed Sep 13 08:50:38 2000 From: bet at rahul.net (Bennett Todd) Date: Wed, 13 Sep 2000 08:50:38 -0400 Subject: [Fwd: guideline for name-based web hosting justification] In-Reply-To: <39BE7F49.8A1ACA68@hilander.com>; from ahp@hilander.com on Tue, Sep 12, 2000 at 01:08:57PM -0600 References: <39BE7F49.8A1ACA68@hilander.com> Message-ID: <20000913085038.B558@oven.com> Kim Scarborough: > That's a name-based site. It shares an IP with several sites I > host. So obviously, that's not an accurate way to check if people > will load the site--nearly half of this site's hits are from 1.0 > requests, and yet it manages to get the site fine. I'm not sure > how this works--perhaps the browsers are misidentifying the HTTP > version in their requests?--but I can assure you, it does. It's not a matter of misidentifying the HTTP version. Rather, HTTP is a quite simple protocol with all kinds of forwards and backwards compatibility. HTTP/1.0 is the basic minimum needed for most things to work. HTTP/1.1 is a pretty richly enhanced superset of that functionality. The only thing required (AFAIK) for name virtual hosts to work is the Host: header, which all http clients send and have for years, since before HTTP/1.1 was frozen. Modern clients are still written that send queries calling themselves HTTP/1.0; that's the right thing to do if the client doesn't implement _all_ of HTTP/1.1. But they still send that Host: header. -Bennett -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available URL: From sson at veriohosting.com Wed Sep 13 09:44:12 2000 From: sson at veriohosting.com (Stacey D. Son) Date: Wed, 13 Sep 2000 07:44:12 -0600 Subject: guideline for name-based web hosting justification In-Reply-To: Your message of "Wed, 13 Sep 2000 10:59:40 +0200." <200009130859.KAA24339@x17.ripe.net> Message-ID: <200009131344.HAA48374@orca.orem.veriohosting.com> Shane Kerr said: > I hate to stick my neck out here, and I recognise that the technology > doesn't really exist, but creating an Apache mod to record the number > of bits sent to/from a given virtual domain should be straightforward. > Perhaps ARIN could fund the appropriate work at Apache for this (IIRC > ARIN has plenty of money for this kind of work right now). I can't > imagine it would cost in excess of $100k, and might help everybody > concerned. > > It could even produce output that looks like MRTG. :) > > Shane Please note that other protocols would need to be considered as well (e.g. FTP, IMAP/POP, SMTP, streaming, chat, etc.). In short, HTTP is only one of many protocols used by web hosters that require usage accounting. -stacey. From shane at ripe.net Wed Sep 13 10:02:46 2000 From: shane at ripe.net (Shane Kerr) Date: Wed, 13 Sep 2000 16:02:46 +0200 Subject: guideline for name-based web hosting justification In-Reply-To: Your message of Wed, 13 Sep 2000 07:44:12 MDT. <200009131344.HAA48374@orca.orem.veriohosting.com> References: <200009131344.HAA48374@orca.orem.veriohosting.com> Message-ID: <200009131402.QAA29977@x17.ripe.net> Stacey D. Son said: > Shane Kerr said: > > I hate to stick my neck out here, and I recognise that the technology > > doesn't really exist, but creating an Apache mod to record the number > > of bits sent to/from a given virtual domain should be straightforward. > > Perhaps ARIN could fund the appropriate work at Apache for this (IIRC > > ARIN has plenty of money for this kind of work right now). I can't > > imagine it would cost in excess of $100k, and might help everybody > > concerned. > > > > It could even produce output that looks like MRTG. :) > > Please note that other protocols would need to be considered as well > (e.g. FTP, IMAP/POP, SMTP, streaming, chat, etc.). In short, HTTP is > only one of many protocols used by web hosters that require usage > accounting. However, FTP, IMAP, and POP do not currently support virtual hosts (there may be extensions to these, but I don't think there are any standards). Perhaps you are correct, however, and a more general approach would be helpful. Something to consider when/if deciding scope and requirements. Shane From ahp at hilander.com Wed Sep 13 10:33:35 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Wed, 13 Sep 2000 08:33:35 -0600 Subject: guideline for name-based web hosting justification References: <39BE429D.BF3CF8B4@hilander.com> <20000913091532.B4436@Geeks.ORG> Message-ID: <39BF903F.5A62457A@hilander.com> Mike Horwath wrote: > > ARIN could help stretch IP space by running around the different net > blocks and finding the unused space and reclaiming it. > > Sure, there will be some pissed off people who have /16s that they are > using maybe a /22 out of, but so what? That is a lot of address space > that can be reassigned. ARIN should, but in reality that is IANA's job. This isn't ARIN trying to pass the buck, it's just due to the way the whole Internet governance structure has been setup. And it's a really tricky job at that. > > We pay ARIN a fee to 'manage' our IP space, I would like some of that > fee to go to reclaimation of wasted IP space by small colleges, small > companies, and individuals who have who have space they aren't using. See above. The AC has talked about how to reclaim space several times, but the fact remains that ARIN doesn't have the authority to just wrench space from any entity. > > The points are: > > dropping the bomb is not fun, this new decision, while made > with other ARIN members, was sudden in its announcement and > did not give anyone a chance to start the cleanup before the > punishment is handed out. That is certainly a valid point. We should re-think how we announce future policy changes in that case. > > there are a ton of IPs available on the 'net that are > allocated and underused - relaim those and these worries about > IP depletion can be put off for another couple of years. See above. > > random people with random comments about how my business is > supposed to be run is just not nice. You call it dictating how your business is supposed to run, and that's fine. One could argue that ARIN has been telling dialup ISPs how to run their business for years, but I haven't heard any complaints to that affect. Look, I want to see the policy changed so that all ARIN members feel their opinions have been represented. Here's what I'm going to do. Anybody who wants to see the policy changed in some SPECIFIC way AND is not going to make it to the meeting in Herndon send e-mail directly to me (ahp at hilander.com) with the subject ARIN WEB HOSTING. Please only put your suggestions for how to fix what you don't like about the policy in there, with some reasoning behind it so that I can pass that long to the membership at large at the meeting. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From HRyu at norlight.com Wed Sep 13 10:38:46 2000 From: HRyu at norlight.com (Hyunseog Ryu) Date: Wed, 13 Sep 2000 09:38:46 -0500 Subject: guideline for name-based web hosting justification Message-ID: Hi, everybody For this ARIN's policy, it's very vague procedure for ISP, and clear action for ARIN. It's not fair! For ISP, we need to assign IP address to customer right now, and ARIN will consider this justification at next IP allocation for exception warranty that it can not be guaranteed. In this case, I think ARIN need to make clear guideline for this. What is acceptable justification for web hosting? Thousand of webhosting to one IP address? And ARIN need to make clear guideline for Web hosting IP assignment for everybody to understand how it can be treated. We don't want to jeopardize our futuer IP allocation because of vague procedure for this. It will consume more time for justification, and at last we need to accept ARIN's unclear justification result because we need IP address right away. ARIN need to list acceptable exception list for this case, and give us standard ratio that we can use for customer justification. For example, 5 virtual domain for 1 IP address, or something like this. If ARIN doesn't give us clear procedure or guideline for this, maybe people will use some kind of tricky solution, and we need to follow their movement because we don't want to loose our business, and we need IP address for other customer. Maybe people buy low end PC - like P75 or P100 - , put ethernet card in those low-end PC, and run each web hosting in those low-end PCs that they feel they need static IP address. ARIN like slow-start procedure for IP allocation. Why aren't they apply slow-start to this policy? At least, this will be big movement of IP assignment and hosting service provider. I think ARIN need to give some kind of introductory period for this policy, and need to apply some kind of loose procedure for this. Something like this. Apply 2 virtual hosting to 1 IP address for 6 month, and apply 4 virtual hosting to 1 IP address. In this case, hosting provider will have some room for applying virtual hosting based name-based web hosting, and they will have some time for testing new environment. Nobody can change Internet environment suddenly. At least we need some time to adjust this new concept to real world. Basically I agree with basic idea of this new policy. Just I don't like the way ARIN enforce this to ISP or real world. Hyun ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Hyunseog Ryu / CCDA, MCSE Network Engineer/Applications Engineering Norlight Telecommunications, Inc. The Guardians of Data 275 North Corporate Drive Brookfield, WI 53045-5818 Tel. +1.262.792.7965 Fax. +1.262.792.7733 From grumple at zaphon.llamas.net Wed Sep 13 11:15:44 2000 From: grumple at zaphon.llamas.net (Greg Rumple) Date: Wed, 13 Sep 2000 08:15:44 -0700 Subject: guideline for name-based web hosting justification In-Reply-To: <200009131402.QAA29977@x17.ripe.net>; from shane@ripe.net on Wed, Sep 13, 2000 at 04:02:46PM +0200 References: <200009131344.HAA48374@orca.orem.veriohosting.com> <200009131402.QAA29977@x17.ripe.net> Message-ID: <20000913081544.I85381@zaphon.llamas.net> * Shane Kerr (shane at ripe.net) [000913 14:18]: > Stacey D. Son said: > > Shane Kerr said: > > > I hate to stick my neck out here, and I recognise that the technology > > > doesn't really exist, but creating an Apache mod to record the number > > > of bits sent to/from a given virtual domain should be straightforward. > > > Perhaps ARIN could fund the appropriate work at Apache for this (IIRC > > > ARIN has plenty of money for this kind of work right now). I can't > > > imagine it would cost in excess of $100k, and might help everybody > > > concerned. > > > > > > It could even produce output that looks like MRTG. :) > > > > Please note that other protocols would need to be considered as well > > (e.g. FTP, IMAP/POP, SMTP, streaming, chat, etc.). In short, HTTP is > > only one of many protocols used by web hosters that require usage > > accounting. > > However, FTP, IMAP, and POP do not currently support virtual hosts > (there may be extensions to these, but I don't think there are any > standards). Yup, and this is what will allow the BIGGER more established Web Hosters such as Verio Web Hosting (ex-Hiway (yeah I worked there)) to continue to gobble up space, and provide their users with IP based hosting. I have no clue what Verio's policys are on that now (as I haven't been there in two years), but a whole lot of the product offering was IP based (POP, SMTP relay, FTP, SSL, RealPlayer, etc..), and there is no immediate obvious answer on how to do this on a shared IP efficiently (the POP and SMTP stuff could be worked out, but not FTP, nor SSL). Now everyone realizes that not everyone requires SSL, but let's look at it from a large provider's standpoint. If a customer reachs the point that he needs SSL, and now you have to change his IP from a shared IP to a non-shared IP (most likely different machines), there is a transition time and cost involved (to do it smoothly), and this is why bigger providers already give them a non-shared IP. It removes the cost and transition time (as well as allows them to bundle all the value add services that they do). Just my $0.02 on the matter... Greg -- Greg Rumple grumple at zaphon.llamas.net From ahp at hilander.com Wed Sep 13 11:38:08 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Wed, 13 Sep 2000 09:38:08 -0600 Subject: guideline for name-based web hosting justification References: <39BE429D.BF3CF8B4@hilander.com> <20000913103725.C4436@Geeks.ORG> Message-ID: <39BF9F60.9F7074CF@hilander.com> Mike Horwath wrote: > > % gzcat * | wc > 13133659 236790086 2910981757 > % gzcat * | grep -c "HTTP/1.0" > 6478695 > > or 49.32% > > This is one set of logs from one machine in our cluster for one month. It appears that looking at the browser version itself would be far more revealing... Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From ahp at hilander.com Wed Sep 13 11:41:59 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Wed, 13 Sep 2000 09:41:59 -0600 Subject: guideline for name-based web hosting justification References: <39BD94F7.DD143DBE@hilander.com> <20000912083604.E93972@Geeks.ORG> <39BE43D6.CE7FB798@hilander.com> <20000913104016.D4436@Geeks.ORG> Message-ID: <39BFA047.F0158984@hilander.com> Mike Horwath wrote: > > There was no 'ramp up' period, this policy takes effect *now*. Ahh, now I do get it. As I think I said in a previous e-mail that's a valid beef (IMO of course). > > Ah, now it is entry level web accounts. > > We already put entry level web accounts online via named virtual > hosts, the thing is, we don't do all that many of those, we do much > larger items. > > Of course, the difinition of 'entry-level web accounts' could be > debated and probably will be. Absolutely. > > Going to be difficult to be objective, though. > > Very difficult. Yeah well, if it were going to be easy then we wouldn't have to bother with all of these fun discussions ;-) Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From mury at goldengate.net Wed Sep 13 15:01:21 2000 From: mury at goldengate.net (Mury) Date: Wed, 13 Sep 2000 14:01:21 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: <20000913113916.B6026@mfnx.net> Message-ID: > > I think you didn't read my whole message... > > You are in error. Looks like he didn't communicate his message well, or you didn't take the time to read it well. > > So...we should create dynamic addressing for virtual hosting? > > No, due to HTTP design that would be unworkable. Browsers would cache, > without using proper DNS caching semantics, ip addresses associated with > domain names wether or not that address is still 'in use' by the same > vhost. > > And besides, it would be far too complex, meaning it would introduce > instability. That's exactly his point, don't they use sarcasm in your part of the world? Since it looks like it has to be spelled out. He was making the point that you can't compare requiring dialup providers to use dynamic IPs to this policy of requiring hosting companies to do named based hosting. It is not comparing apples to apples. Using dynamic IPs for dialup users had very very little downside. It is a very legitimate, aggreable way to conserve IP space. And most of us readily used dynamic IPs for our dialup customers. Hell, I'm sure for most of us it was technologically possible before we even started our businesses. Named based hosting is not even close a being a similar situation. It's just plain stupid to go around spouting that name based hosting is as easy to accomplish (full scale) as it is to give a dialup user a dynamic IP or have lots of your users use NAT. Mury GoldenGate Internet Services From mury at goldengate.net Wed Sep 13 16:04:42 2000 From: mury at goldengate.net (Mury) Date: Wed, 13 Sep 2000 15:04:42 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: <20000913121748.G6026@mfnx.net> Message-ID: > > It's just plain stupid to go around spouting that name based hosting is as > > easy to accomplish (full scale) as it is to give a dialup user a dynamic > > IP or have lots of your users use NAT. > > I have to admit, that the metaphor does hold in my view if you are speaking > in terms of difficulty. The only difference in difficulty I see is in > introducing billing mechanisms that are obviously vacant in the case of > dial access systems. What about all the other issues people have raised? QOS, black-holed IPs, HTTP/1.0 (which seems to be minimal, but from more digging on my own it could be as high as 5%), real-time web performance monitoring, SSL (supposedly and exemption, but not stated any where, and from some posts, not being taken seriously), databases that communicate by IP address (don't ask me), etc. BTW, billing mechanisms are not obviously vacant in dial access systems. Dial access is loaded with different forms of monitoring and billing. Mury From jb at jbacher.com Wed Sep 13 16:47:13 2000 From: jb at jbacher.com (Jan Bacher) Date: Wed, 13 Sep 2000 15:47:13 -0500 Subject: guideline for name-based web hosting justification In-Reply-To: References: <20000913121748.G6026@mfnx.net> Message-ID: <4.2.2.20000913154213.00ae6100@mail.jbacher.com> >What about all the other issues people have raised? QOS, black-holed IPs, >HTTP/1.0 (which seems to be minimal, but from more digging on my own it >could be as high as 5%), real-time web performance monitoring, SSL >(supposedly and exemption, but not stated any where, and from some posts, >not being taken seriously), databases that communicate by IP address >(don't ask me), etc. So, to cut to the chase: 1) IP Address space conservation was implemented wrt to virtual domains without ensuring that appropriate solutions were available for the related services. and 2) ARIN members were not given sufficient time to apply the appropriate solutions that would satisfy all concerns prior to the formal broadcast notifying members that an existing policy would be enforced where it had previously been allowed in the justification process. That about sum it up? From mury at goldengate.net Wed Sep 13 17:57:50 2000 From: mury at goldengate.net (Mury) Date: Wed, 13 Sep 2000 16:57:50 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: <20000913135417.A6654@mfnx.net> Message-ID: It sure seems like I'm talking to a brick wall, David. How much business web hosting do you do? Mury On Wed, 13 Sep 2000, David W. Hankins wrote: > On Wed, Sep 13, 2000 at 03:04:42PM -0500, Mury wrote: > > What about all the other issues people have raised? QOS, black-holed IPs, > > HTTP/1.0 (which seems to be minimal, but from more digging on my own it > > could be as high as 5%), real-time web performance monitoring, SSL > > (supposedly and exemption, but not stated any where, and from some posts, > > not being taken seriously), databases that communicate by IP address > > (don't ask me), etc. > > I said it was 'as difficult', not 'dial access is the same as hosting.' > > I see nothing in your list that is not similarly present in dial access, > excepting that people have developed mechanisms to deal with them, or > have embraced alternatives. > > > BTW, billing mechanisms are not obviously vacant in dial access > > systems. Dial access is loaded with different forms of monitoring and > > billing. > > Generally, one does not bill dial access hosts by 95th percentile burst > activity. > > Exceptions are so small in number that it is not useful for a body like > ARIN to be concerned about them. > > So, their presence is still comparatively vacant to the needs of web > hosting, and makes transition more difficult. > > -- > David W. Hankins "If you don't do it right the first time, > Toolmaker you'll just have to do it again." > Blunt-Rocks and Scripts -- Jack T. Hankins > From smarcus at genuity.com Wed Sep 13 20:10:19 2000 From: smarcus at genuity.com (J. Scott Marcus) Date: Wed, 13 Sep 2000 20:10:19 -0400 Subject: guideline for name-based web hosting justification In-Reply-To: <20000913110331.J4436@Geeks.ORG> References: <39BE7EE7.F067161@hilander.com> <39BE7EE7.F067161@hilander.com> Message-ID: <3.0.5.32.20000913201019.03fc4210@pobox3.genuity.com> >> ... And as far as being labled a trouble-maker, I know plenty of people >> who have been far more vocal about ARIN policy than you and have had >> no problem getting address space. Please don't spread the >> mis-conception that ARIN is anything other than an objective >> organization. It isn't true and it makes everyone's life much more >> difficult in getting support for the organization. > >I'll save this email :) ... Please do. This ppml mailing list (and our public policy meetings) are exactly the right places to frankly and openly discuss issues like this. Moreover, we specifically solicited opinions from the community on these actions. ARIN _asked_ for this feedback. I personally prefer that the discussions be polite, civil, and in a tone of mutual respect, which has I think mostly been the case with this long thread. With that said, it is VERY important that people feel free to express their opinions candidly and directly. ARIN does not (and must not) penalize people for expressing their opinions. Cheers, -- Scott Marcus (who is a Trustee of ARIN, but speaking for himself here) From mury at goldengate.net Wed Sep 13 22:30:21 2000 From: mury at goldengate.net (Mury) Date: Wed, 13 Sep 2000 21:30:21 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: <20000913153343.C6654@mfnx.net> Message-ID: Wow, now it all makes sense. On Wed, 13 Sep 2000, David W. Hankins wrote: > On Wed, Sep 13, 2000 at 04:57:50PM -0500, Mury wrote: > > It sure seems like I'm talking to a brick wall, David. How much business > > web hosting do you do? > > I will not play your sophist games. > > I would win, but it could be at the expense of the truth. > > -- > David W. Hankins "If you don't do it right the first time, > Toolmaker you'll just have to do it again." > Blunt-Rocks and Scripts -- Jack T. Hankins > From tpavlic at netwalk.com Thu Sep 14 00:27:29 2000 From: tpavlic at netwalk.com (Ted Pavlic) Date: Thu, 14 Sep 2000 00:27:29 -0400 Subject: guideline for name-based web hosting justification References: Message-ID: <01f601c01e04$1c5e04c0$0301830a@tednet> > Since it looks like it has to be spelled out. He was making the point > that you can't compare requiring dialup providers to use dynamic IPs to > this policy of requiring hosting companies to do named based hosting. It > is not comparing apples to apples. Using dynamic IPs for dialup users had > very very little downside. It is a very legitimate, aggreable way to > conserve IP space. And most of us readily used dynamic IPs for our dialup > customers. Hell, I'm sure for most of us it was technologically possible > before we even started our businesses. > Named based hosting is not even close a being a similar situation. Just a note -- the technology needed to implement a completely name-based web just does not exist yet. The dynamic IP policy was implemented AFTER **ALL** of that technology existed. In ARIN's recent policy changes, they reference IETF drafts as possible name-based solutions to web providers... Every IETF draft has this paragraph in it: Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference mate- rial or to cite them other than as ``work in progress.'' It is just *NOT* appropriate to reference any technology mentioned in an IETF draft. The fact is the Internet just IS NOT ready for name-based hosting. Another example of name-based RESISTANT technology which causes problems for web hosting providers are the Microsoft FrontPage Server Extensions, a necessity for some webhosting clients. It is just clear that the proper research wasn't done before the policy changes. These changes could have been proposed for some form of vote... These sort of changes cause major factions to form on the Internet... things become political.... It seems like ARIN has decided to regulate an interest which is hardly as much of a threat to IP allocations as other interests as if ARIN has been influenced by deep-pocket ISPs. That just isn't right. > It's just plain stupid to go around spouting that name based hosting is as > easy to accomplish (full scale) as it is to give a dialup user a dynamic > IP or have lots of your users use NAT. I really see no downside to using NAT. Some might argue that it will cause problems with Internet gamers and such... but there are plenty of NAT algorithms which allow for the NATting of various different gaming protocols, just as there are plenty of NAT algorithms which allow for FTP to be NATted without any trouble (both passive and port)... All of these technologies *EXIST* currently, which is the big thing. And if NAT isn't good enough for a couple of users, then have them get a one-to-one NAT from their ISP specifically for them. As someone pointed out in ARIN policy, @Home, one of the biggest cable providers, has over 2.3 MILLION IP addresses. Verio, one of the biggest web providers, has only about 500 THOUSAND IP addresses. Even if @Home were to get rid of HALF of its IP addresses, that'd be a LOT more than Verio could do if it got rid of all of its IP addresses. I just don't think that non-webhosters have thought the whole thing through. All the best -- Ted Pavlic Systems Engineer NetWalk Communications CallTech Communications, LLC CPT Communications, Inc. tpavlic at netwalk.com From randy at psg.com Thu Sep 14 01:01:13 2000 From: randy at psg.com (Randy Bush) Date: Thu, 14 Sep 2000 07:01:13 +0200 Subject: guideline for name-based web hosting justification References: <20000913121748.G6026@mfnx.net> <4.2.2.20000913154213.00ae6100@mail.jbacher.com> Message-ID: > So, to cut to the chase: > > 1) IP Address space conservation was implemented wrt to virtual domains > without ensuring that appropriate solutions were available for the related > services. > > and > > 2) ARIN members were not given sufficient time to apply the appropriate > solutions that would satisfy all concerns prior to the formal broadcast > notifying members that an existing policy would be enforced where it had > previously been allowed in the justification process. > > That about sum it up? no. you missed the part about lack of public (i.e. on mailing lists) discussion well in advance, a la ripe or apnic. randy From tpavlic at netwalk.com Thu Sep 14 01:05:14 2000 From: tpavlic at netwalk.com (Ted Pavlic) Date: Thu, 14 Sep 2000 01:05:14 -0400 Subject: guideline for name-based web hosting justification References: Message-ID: <023d01c01e09$5ea84980$0301830a@tednet> Not sure if anyone has responded to this yet, but most larger providers I see say it's closer to 5% (tops). ----- Original Message ----- From: "Mury" To: "Jon Rust" Cc: "Alec H. Peterson" ; "Matt Bailey" ; ; Sent: Tuesday, September 12, 2000 1:02 PM Subject: Re: guideline for name-based web hosting justification > > > You're bending the truth here, quite a bit actually. The HTTP 1.0 proto > > may not support the Host: header, but browsers that are using HTTP 1.0 > > may very well support he Host: header. Oh, i don't know, a smallish > > browser called Netscape, v 2.0 or better, comes to mind. Grepping > > through my access log for today I see over 65,000 1.0 requests. 98% of > > those are to name-based virtual hosts (which is almost all i run > > anymore), and they all worked. > > > > jon > > > Good to know. Finally someone takes the time to correct me and not just > call me a whiner. > > So, does anyone know a reliable source that keeps track of stats on > browsers? If it isn't 50% that won't get to the web site, is it > 10%? 5%? .0001%? > > Thanks. > > Mury > GoldenGate Internet Services > > From jb at jbacher.com Thu Sep 14 07:54:57 2000 From: jb at jbacher.com (J Bacher) Date: Thu, 14 Sep 2000 06:54:57 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: Message-ID: > > So, to cut to the chase: > > > > 1) IP Address space conservation was implemented wrt to virtual domains > > without ensuring that appropriate solutions were available for the related > > services. > > > > and > > > > 2) ARIN members were not given sufficient time to apply the appropriate > > solutions that would satisfy all concerns prior to the formal broadcast > > notifying members that an existing policy would be enforced where it had > > previously been allowed in the justification process. > > > > That about sum it up? > > no. you missed the part about lack of public (i.e. on mailing lists) > discussion well in advance, a la ripe or apnic. Insufficient time covers that point. From jb at jbacher.com Thu Sep 14 09:33:58 2000 From: jb at jbacher.com (J Bacher) Date: Thu, 14 Sep 2000 08:33:58 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: <3.0.5.32.20000913201019.03fc4210@pobox3.genuity.com> Message-ID: On Wed, 13 Sep 2000, J. Scott Marcus wrote: > This ppml mailing list (and our public policy meetings) are exactly the > right places to frankly and openly discuss issues like this. Moreover, we > specifically solicited opinions from the community on these actions. ARIN > _asked_ for this feedback. Which segment of the community? I've not received any requests for feedback on this policy in the last couple of years. From smarcus at genuity.com Thu Sep 14 10:28:35 2000 From: smarcus at genuity.com (J. Scott Marcus) Date: Thu, 14 Sep 2000 10:28:35 -0400 Subject: guideline for name-based web hosting justification In-Reply-To: References: <3.0.5.32.20000913201019.03fc4210@pobox3.genuity.com> Message-ID: <3.0.5.32.20000914102835.03f8c070@pobox3.genuity.com> At 08:33 09/14/2000 -0500, J Bacher wrote: > > >On Wed, 13 Sep 2000, J. Scott Marcus wrote: > >> This ppml mailing list (and our public policy meetings) are exactly the >> right places to frankly and openly discuss issues like this. Moreover, we >> specifically solicited opinions from the community on these actions. ARIN >> _asked_ for this feedback. > >Which segment of the community? I've not received any requests for >feedback on this policy in the last couple of years. ARIN requested further discussion on this subject August 29, although the connection to the far-ranging discussions that ensued may not be clear. See below: >Date: Tue, 29 Aug 2000 14:46:37 -0400 (EDT) >From: Member Services >To: arin-announce at arin.net, ppml at arin.net >Subject: ARIN Web Hosting Policy >Sender: owner-ppml at arin.net > > >ARIN's new web hosting policy has recently been under discussion on the >ARIN IP allocations policy mailing list. >See http://www.arin.net/members/mailing.htm. > >The policy is described at > > http://www.arin.net/announcements/policy_changes.html > >Some individuals have expressed their disagreement with this new policy. >Should the ARIN web hosting policy be changed? > >ARIN would like your feedback on this issue. Please post your comments >and suggestions to the public policy mailing list (ppml at arin.net). Your >feedback will be included in the discussions at the upcoming public >policy meeting. > >Information about the meeting can be found at >http://www.arin.net/announcements/memmeet.html I have not checked, but it's possible that this policy had not been discussed on the list prior to the previous member meeting (as Randy notes). If so, that would seem to have been an oversight. I am also thinking that, while discussions like this should be HELD on ppml at arin.net, maybe they should be ANNOUNCED on some other relevant lists, such as nanog? Cheers, - Scott From jb at jbacher.com Thu Sep 14 10:41:03 2000 From: jb at jbacher.com (J Bacher) Date: Thu, 14 Sep 2000 09:41:03 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: <3.0.5.32.20000914102835.03f8c070@pobox3.genuity.com> Message-ID: > >> This ppml mailing list (and our public policy meetings) are exactly the > >> right places to frankly and openly discuss issues like this. Moreover, we > >> specifically solicited opinions from the community on these actions. ARIN > >> _asked_ for this feedback. > > > >Which segment of the community? I've not received any requests for > >feedback on this policy in the last couple of years. > > ARIN requested further discussion on this subject August 29, although the > connection to the far-ranging discussions that ensued may not be clear. > See below: >From what I can see, the policy was implemented and then discussion ensued. Am I the only one here that thinks it should have been the other way around? ------------------------------------ POLICY CHANGES RESULTING FROM ARIN V After consultation with industry groups, and in response to discussions held at ARIN's Public Policy and Members Meetings this past April, with the approval of the Advisory Council and Board of Trustees, ARIN has implemented the following policy changes and incorporated their descriptions in appropriate ARIN guidelines. ------------------------------------ From randy at psg.com Thu Sep 14 11:04:38 2000 From: randy at psg.com (Randy Bush) Date: Thu, 14 Sep 2000 17:04:38 +0200 Subject: guideline for name-based web hosting justification References: <3.0.5.32.20000913201019.03fc4210@pobox3.genuity.com> <3.0.5.32.20000914102835.03f8c070@pobox3.genuity.com> Message-ID: > ARIN requested further discussion on this subject August 29, although the > connection to the far-ranging discussions that ensued may not be clear. "further" to what previous mailing list discussion? randy From ahp at hilander.com Thu Sep 14 11:05:26 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Thu, 14 Sep 2000 09:05:26 -0600 Subject: guideline for name-based web hosting justification References: Message-ID: <39C0E936.938622EF@hilander.com> J Bacher wrote: > > From what I can see, the policy was implemented and then discussion > ensued. Am I the only one here that thinks it should have been the other > way around? There was a lot of discussion at the meeting about it. However you are correct that in the future discussion should be done in a more accessable forum before hand. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From jb at jbacher.com Thu Sep 14 11:29:51 2000 From: jb at jbacher.com (Jan Bacher) Date: Thu, 14 Sep 2000 10:29:51 -0500 Subject: guideline for name-based web hosting justification Message-ID: <4.2.2.20000914102929.00af68c0@mail.jbacher.com> At 09:05 AM 9/14/00 -0600, you wrote: >J Bacher wrote: > > > > From what I can see, the policy was implemented and then discussion > > ensued. Am I the only one here that thinks it should have been the other > > way around? > >There was a lot of discussion at the meeting about it. > >However you are correct that in the future discussion should be done in a >more accessable forum before hand. Absolutely. However, I do not recall seeing an agenda for the April meeting prior to that time. From mury at goldengate.net Thu Sep 14 13:38:09 2000 From: mury at goldengate.net (Mury) Date: Thu, 14 Sep 2000 12:38:09 -0500 (CDT) Subject: consistancy In-Reply-To: <200009141715.KAA16845@boreas.isi.edu> Message-ID: Someone give me the list. I'll do my part and spend a day calling. If they don't cooperate the community should not have to take no for an answer. I would think in most people's mind it's far worse to have unused blocks, than to have not so effectiently used blocks. Mury On Thu, 14 Sep 2000, Suzanne Woolf wrote: > > > > And how do you suggest they go about reclaiming IP blocks. > > > > Call'em up, drop'em email. > > Been there, done that. > > http://www.academ.com/nanog/feb1996/pier.ip.address.survey.html > (The slides are also available somewhere....) > > Interesting results include: > 1. Much of the contact data was simply unusable. > 2. The vast majority who did respond just said no. > > > I bet that many will be very cordial and will return the space that is > > unused. > > The folks who responded were mostly quite cordial, although a few > threatened to sue me for asking. Mostly, they were cordial about > saying "nope, we're keeping it." > > This was in 1996. I'm unconvinced the task would be easier now. > > > > > > Suzanne > > From mury at goldengate.net Thu Sep 14 15:02:37 2000 From: mury at goldengate.net (Mury) Date: Thu, 14 Sep 2000 14:02:37 -0500 (CDT) Subject: consistancy In-Reply-To: <200009141833.OAA00093@ns2.harpweek.com> Message-ID: On Thu, 14 Sep 2000, Mark Borchers wrote: > If you are not already capable of locating "the list", perhaps > you should not be thinking about acting as spokesman for > "the community." ;) Such a friendly group. I will word my offer a little more clearly for those who take everything literally. 1) I am making the point we should reclaim unused space. 2) I am willing to do my part in helping if ARIN doesn't have the resources or the "authority" to accomplish the task. Mury From kent at songbird.com Thu Sep 14 21:56:22 2000 From: kent at songbird.com (Kent Crispin) Date: Thu, 14 Sep 2000 18:56:22 -0700 Subject: guideline for name-based web hosting justification In-Reply-To: <39BE5565.2D8ECBCC@hilander.com>; from Alec H. Peterson on Tue, Sep 12, 2000 at 10:10:13AM -0600 References: <39BE5565.2D8ECBCC@hilander.com> Message-ID: <20000914185622.G15063@songbird.com> On Tue, Sep 12, 2000 at 10:10:13AM -0600, Alec H. Peterson wrote: > If you don't mind sharing it, what percentage of your virtual hosts have > these other services (SMTP/POP/IMAP/FTP/SSL)? I'm just curious (I'm curious > what percentage of people want to pay for it). My tiny business caters almost exclusively to small businesses; in my case all those services (with the exception of SSL), are part of the standard package. In other words, people don't pay anything at all extra for them. They pay $10/month to get it all. Frequently there are services that are part of the package that they don't use, at least not initially. A great many small ISPs offer essentially the same kind of a package -- it frequently includes database support, shell access, and a bunch of other stuff, for incredibly low prices. In my rudimentary marketing stuff, I refer to this as a "virtual host" site to emphasize that what the customer is getting is a package of services that look like their own host on the internet. Setting up a virtual host site for someone is mostly automated -- once the infrastructure is in place it doesn't cost appreciably more to set up someone with the above services than it does to just set up a web site. They fill out a form and the whole thing is set up from that. The biggest headache is dealing with the domain name -- if they don't have one they have to try to pick out a good one; if they do have one you have to deal with the various issues of effecting a transfer. By default, I assign an IP address to every such customer. To do otherwise would be simply stupid -- converting someone from a name-based web site to an IP based web site is not much work, but it is the same amount of work as setting up the site in the first place, and the real cost is the human intervention of making the change. What I think is fundamentally flawed with the new policy, from the point of view of a business like mine, is that it in fact takes the justification for use of an IP address down to the individual address level -- you have to look at the characteristics of how each virtual domain is used before you can decide whether it is justified to assign a separate IP address. This makes no economic sense -- the incremental monetary return for the use of the IP address is tiny -- less than the policing cost of scrutinizing the use the customers make of their address, or of maintaining. I may not be expressing this well, but to back up a level, it seems to me that this policy is reaching the point of diminishing returns -- we are becoming insanely penurious. We are like starving people fighting over crumbs. Indeed, we can talk about modifications to apache, and pop, and imap and ftp and everything else so we can conserve a few more precious addresses. But the deployment of those changes is a large project in itself, and that energy is ultimately wasted. In my opinion we would be better off to just run out of addresses, and thereby force changes at another level. -- Kent Crispin "Do good, and you'll be kent at songbird.com lonesome." -- Mark Twain From brian at meganet.net Thu Sep 14 21:58:41 2000 From: brian at meganet.net (Brian Wallingford) Date: Thu, 14 Sep 2000 21:58:41 -0400 (EDT) Subject: consistancy In-Reply-To: <20000914200445.B23272@Geeks.ORG> Message-ID: On Thu, 14 Sep 2000, Mike Horwath wrote: : But....you aren't ARIN, who does, as it stands, has authority to rip : the addressing out of place. : : Really, if they can dish out the IPs, they can take'em away. In a utopian world, yes. But.. : Yes, it would suck. But wastage is wastage and a site with a /16 : using a few hundred addresses is far more wasteful than any wastage I : would have by having IP based virtual hosts. This exact "argument" has been rehashed too many times (I don't doubt that, in one forum or another, I've initiated it in the past). ARIN does *not* have the authority to reclaim legacy space. Nobody has the authority to reclaim the terribly, irresponsibly underutilised space allocated many moons ago. The only (and unlikely) way to encourage the return of such space would be (as someone mentioned previously in this thread) to universally filter announcements from such space. Let's face it - that is a social problem, and the "solution" mentioned above will never happen, for many reasons. (Apathy of large organizations, poor communication among the very opinionated masses of smaller organizations, etc.) Legacy space may as well be written off as unusable. Saying that almost makes me physically ill, but it's a fact. We need to deal with the "here and now", and considering that, I would expect ARIN to offer some time-limited leeway wrt requesting additional allocations when unique-ip webhosting is involved. In the future, such policy changes which could dramatically affect the operations and bottom lines of many organizations, should be announced at least 12 months in advance of implementation, IMHO. That's all from here. Cheers, Brian From tpavlic at netwalk.com Thu Sep 14 23:51:04 2000 From: tpavlic at netwalk.com (Ted Pavlic) Date: Thu, 14 Sep 2000 23:51:04 -0400 Subject: guideline for name-based web hosting justification References: <39BE5565.2D8ECBCC@hilander.com> <20000914185622.G15063@songbird.com> Message-ID: <008401c01ec8$2c29c000$0301830a@tednet> > My tiny business caters almost exclusively to small businesses; in my > case all those services (with the exception of SSL), are part of the > standard package. In other words, people don't pay anything at all > extra for them. They pay $10/month to get it all. Frequently there are > services that are part of the package that they don't use, at least not > initially. I think many providers have very similar packages; many offer FrontPage Server Extension support to their users as well. FPSE requires more than a bit more extra work to get them to work with name-based hosts. > A great many small ISPs offer essentially the same kind of a package -- ... > own host on the internet. This is true... And large ISPs require a great deal of automation as well. In order for a large ISP to manage virtual hosts that are combinations of name-based and IP-based causes a lot of extra stress. Before I could create a database of virtual hosts and dump them to a configuration file regularly... Now some of my virtual hosts have to be IP based and, currently, those have been entered into a configuration file manually. I'll have to add extra logic to account for: * Those virtual hosts that do not require anything unique * Those virtual hosts which can be name-based, but cannot be mass virtual hosted * Those virtual hosts which have SSL or some other service which requires IP-based hosting While all of this can be done... It's a great deal of work to setup a clean system which works for everyone -- plus deal with converting FrontPage SE, a horrible package in general. The time it takes me to deal with this takes a great deal of time away from other projects which require my almost immediate attention. Now if all the technology was already in place, things would be a lot easier. Also note that even the largest ISPs aren't using close to one quarter of the IPs that the largest cable providers are. I really don't think it was a good idea to throw this on the ISPs first. It just seems like the big problem has been overlooked. > By default, I assign an IP address to every such customer. To do > otherwise would be simply stupid -- converting someone from a name-based > web site to an IP based web site is not much work, but it is the same > amount of work as setting up the site in the first place, and the real > cost is the human intervention of making the change. And changing from name-based to IP-based (or vice-versa) requires a certain amount of downtime. While all the DNS changes are easily made at the provider, all of the DNS servers on the Internet have to wait a certain time period in order for their records to timeout. A site has to be both IP-based and name-based during this (usually 24 hour) period or the site will be down for a good deal of the users. > What I think is fundamentally flawed with the new policy, from the point ... > address, or of maintaining. I have a problem with the policy regulating explicitly "webhosters." To me, the web is made up of a lot more than just HTTP. I think it would have been a better idea to regulate HTTP hosters... People who just provide simple HTTP services could make the easy change and not worry much about it. Regulating the entire web causes this great deal of argument about exactly what is an exception and what is not. It's ridiculous. > I may not be expressing this well, but to back up a level, it seems to ... > changes at another level. Personally, I would worry that these changes would decrease the QoS at each webhoster causing its clients to spread out among much smaller webhosters around the Internet that are still allowed to do IP-based webhosting because they have a /24 or less. Eventually, all of the IPs that were saved will just be allocated again -- just among a great deal more providers. To me a few things have to happen... *) The cable providers **NEED** to be regulated! @Home's 2.3 million IPs are ridiculous -- they do not need that many IPs. Even if they were to give back HALF of those IPs, that'd be TWICE the amount of IPs Verio has TOTAL. *) IP needs to be changed... Either IPv6 needs to be pushed into place (ha ha)... Or IPv4 needs to be changed. PERHAPS a decent idea would be to create a second set of 4 (or 6 even) byte addresses and a new name-server configuration. That is, all websites given to a particular webhost would lookup to one IP which would go to that webhost. Each browser would then lookup the name at another name registry that would give each specific webhost its own identifier. That identifier (some numeric value again -- 4 or 6 bytes) could be stored as another word in the IP header. Different servers could then use that information to route name-based sites to the appropriate place... This is just one idea off the top of my head -- perhaps it's not too viable -- but changes need to be put in place. Right now we have the ability to work with the amount of IPs we have, we just need the technology to actually do it. *) xDSL providers need to be looked at. Most of the DSL providers I know of are providing static IPs to each of their customers by default. *) ARIN (and IANA) needs to improve their communication. I really think that only certain interests were represented in this decision... (i.e. cable Internet providers) At least that's what I think, I could be wrong. All the best -- Ted From avb at korax.net Fri Sep 15 01:10:51 2000 From: avb at korax.net (avb at korax.net) Date: Fri, 15 Sep 2000 01:10:51 -0400 (EDT) Subject: consistancy In-Reply-To: Message-ID: On Thu, 14 Sep 2000, Brian Wallingford wrote: > This exact "argument" has been rehashed too many times (I don't doubt > that, in one forum or another, I've initiated it in the past). ARIN does > *not* have the authority to reclaim legacy space. Nobody has the > authority to reclaim the terribly, irresponsibly underutilised space > allocated many moons ago. What would have to happen for ARIN to get that authority? Why can't IANA or ICANN give it the authority to do this? > Legacy space may as well be written off as unusable. Saying that almost > makes me physically ill, but it's a fact. Oh, man, that is *very* difficult to accept. IP addresses are a shared public resource which is globally administered by IANA/ICANN. They aren't anyone's property and they never have been. If the biggest problem with reclaiming legacy space is political, then surely that can be addressed. ARIN may not have the authority to reclaim, but *somebody*, at some higher level, has this authority, no? I would imagine that somebody would be IANA. To quote RFC2050: The Internet Assigned Numbers Authority has authority over all number spaces used in the Internet. This includes Internet Address Space. It seems pretty clear-cut to me. What am I missing? These are all honest questions, btw. I'm very interested to know what the obstacles are, because I'm having a real tough time accepting the idea that this is an unfixable situation. Regards, -- Alex Bulan Network Administrator Korax Online Inc. From brian at meganet.net Fri Sep 15 06:37:56 2000 From: brian at meganet.net (Brian Wallingford) Date: Fri, 15 Sep 2000 06:37:56 -0400 (EDT) Subject: consistancy In-Reply-To: <200009150903.JAA26900@vacation.karoshi.com> Message-ID: : > : Really, if they can dish out the IPs, they can take'em away. : > : > In a utopian world, yes. But.. : : Actually ARIN can take away addresses -from the blocks it was : delegated-. Understood. Nothing new there. : > that, in one forum or another, I've initiated it in the past). ARIN does : > *not* have the authority to reclaim legacy space. Nobody has the : > authority to reclaim the terribly, irresponsibly underutilised space : > allocated many moons ago. : : Actually the IANA does. Thats how I manged to get 16% of : the total IPv4 space retruned to the freepool in 1995/1996. : Its doable, This I didn't know (and I stand corrected). I was under the impression that the IANA had been relegated to a figure-head position, viz. QE 2. So why do GE, MIT, and many colleges/universities, etc. still hold outrageously large blocks? Why wasn't this corrected long ago, before "newbies" like myself started bitching? :) Why are we faced with this artificial address shortage? -brian ps: Not being combative/belligerent - simply trying to understand. From tpavlic at netwalk.com Fri Sep 15 09:24:17 2000 From: tpavlic at netwalk.com (Ted Pavlic) Date: Fri, 15 Sep 2000 09:24:17 -0400 Subject: guideline for name-based web hosting justification References: Message-ID: <004e01c01f18$41f67180$8900810a@TEDDY> Unknown browsers might be spiders or other similar tools as well. ----- Original Message ----- From: "Mury" To: "PSchroebel" Cc: "Jon Rust" ; "Alec H. Peterson" ; "Matt Bailey" ; ; Sent: Tuesday, September 12, 2000 3:17 PM Subject: Re: guideline for name-based web hosting justification > > Was there no "Unknown" browsers? My logging and analysis tools have a > very high percentage that come back as "Unknown," which I'm inclined to > beleive are older browsers. > > Mury > > On Tue, 12 Sep 2000, PSchroebel wrote: > > > Tracking browsers.... > > Yes we did and we were amazed with the results. > > In fact we still dont believe them.... > > > > Where is Netscape?...this is a sampling too!! > > > > Mozilla/4.0 (compatible; MSIE 5.0; AOL 5.0; Windows 98; > > DigExt) 16605 (26.2%) 176388k (34.0%) > > Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 4.0) 4288 > > (6.8%) 8060k (1.6%) > > Mozilla/4.0 (compatible; MSIE 5.0; AOL 5.0; Windows 95; > > DigExt) 3675 (5.8%) 38714k (7.5%) > > Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; DigExt) 3477 > > (5.5%) 11312k (2.2%) > > Mozilla/4.0 (compatible; MSIE 5.0; Windows 98; DigExt) 2500 > > (3.9%) 13682k (2.6%) > > Mozilla/4.0 (compatible; MSIE 5.01; AOL 5.0; Windows 98) > > 2051 (3.2%) 21238k (4.1%) > > Mozilla/4.0 (compatible; MSIE 5.0; AOL 4.0; Windows 98; > > DigExt) 1906 (3.0%) 19527k (3.8%) > > Mozilla/4.0 (compatible; MSIE 5.0; MSN 2.5; AOL 5.0; Windows > > 98; DigExt) 1282 (2.0%) 13459k (2.6%) > > Mozilla/4.0 (compatible; MSIE 4.01; Windows 95) 1146 (1.8%) > > 6325k (1.2%) > > Mozilla/4.0 (compatible; MSIE 4.01; Windows NT) 1009 (1.6%) > > 5864k (1.1%) > > Mozilla/4.0 (compatible; MSIE 5.5; AOL 5.0; Windows 98) 870 > > (1.4%) 9029k (1.7%) > > Mozilla/4.0 (compatible; MSIE 5.0; Windows 95; DigExt) 784 > > (1.2%) 4484k (0.9%) > > Mozilla/4.0 (compatible; MSIE 4.01; AOL 4.0; Windows 98) > > 778 (1.2%) 7224k (1.4%) > > Mozilla/4.0 (compatible; MSIE 5.0; Mac_PowerPC) 766 (1.2%) > > 1076k (0.2%) > > Mozilla/4.0 (compatible; MSIE 5.0; AOL 5.0; Windows 98; > > Compaq; DigExt) 630 (1.0%) 8262k (1.6%) > > Mozilla/4.0 (compatible; MSIE 5.01; Windows 98) 618 (1.0%) > > 3459k (0.7%) > > Mozilla/4.0 (compatible; MSIE 5.5; Windows 98) 586 (0.9%) > > 3224k (0.6%) > > Mozilla/4.0 (compatible; MSIE 4.01; Windows 98) 548 (0.9%) > > 2893k (0.6%) > > Mozilla/4.0 (compatible; MSIE 5.01; Windows NT) 534 (0.8%) > > 3060k (0.6%) > > Mozilla/4.0 (compatible; MSIE 4.01; AOL 4.0; Windows 95) > > 486 (0.8%) 5205k (1.0%) > > > > Sincerely, > > > > > > Peter Schroebel > > > > ----- Original Message ----- > > From: "Mury" > > To: "Jon Rust" > > Cc: "Alec H. Peterson" ; "Matt Bailey" > > ; ; > > > > Sent: Tuesday, September 12, 2000 1:02 PM > > Subject: Re: guideline for name-based web hosting > > justification > > > > > > > > > You're bending the truth here, quite a bit actually. The > > HTTP 1.0 proto > > > may not support the Host: header, but browsers that are > > using HTTP 1.0 > > > may very well support he Host: header. Oh, i don't know, a > > smallish > > > browser called Netscape, v 2.0 or better, comes to mind. > > Grepping > > > through my access log for today I see over 65,000 1.0 > > requests. 98% of > > > those are to name-based virtual hosts (which is almost all > > i run > > > anymore), and they all worked. > > > > > > jon > > > > > > Good to know. Finally someone takes the time to correct me > > and not just > > call me a whiner. > > > > So, does anyone know a reliable source that keeps track of > > stats on > > browsers? If it isn't 50% that won't get to the web site, > > is it > > 10%? 5%? .0001%? > > > > Thanks. > > > > Mury > > GoldenGate Internet Services > > > > > > From brian at meganet.net Fri Sep 15 10:00:56 2000 From: brian at meganet.net (Brian Wallingford) Date: Fri, 15 Sep 2000 10:00:56 -0400 (EDT) Subject: consistancy In-Reply-To: Message-ID: : : Actually the IANA does. Thats how I manged to get 16% of : : the total IPv4 space retruned to the freepool in 1995/1996. : : Its doable, : : This I didn't know (and I stand corrected). I was under the impression : that the IANA had been relegated to a figure-head position, viz. QE 2. : : So why do GE, MIT, and many colleges/universities, etc. still hold s/GE/GM : outrageously large blocks? Why wasn't this corrected long ago, before : "newbies" like myself started bitching? :) Why are we faced with this : artificial address shortage? A clarification - I'm simply looking for insight. Does IANA have the *authority* to reclaim addresses, or is it simply a matter of negotiation and good will on the part of the blocks' administrators? tia, brian From HRyu at norlight.com Fri Sep 15 10:10:00 2000 From: HRyu at norlight.com (Hyunseog Ryu) Date: Fri, 15 Sep 2000 09:10:00 -0500 Subject: guideline for name-based web hosting justification Message-ID: On 09/14/2000 10:51:04 PM owner-ppml wrote: >> > My tiny business caters almost exclusively to small businesses; in my >> > case all those services (with the exception of SSL), are part of the >> > standard package. In other words, people don't pay anything at all >> > extra for them. They pay $10/month to get it all. Frequently there are >> > services that are part of the package that they don't use, at least not >> > initially. >> >> I think many providers have very similar packages; many offer FrontPage >> Server Extension support to their users as well. FPSE requires more than a >> bit more extra work to get them to work with name-based hosts. >> >> > A great many small ISPs offer essentially the same kind of a package -- >> ... >> > own host on the internet. >> >> This is true... And large ISPs require a great deal of automation as well. >> In order for a large ISP to manage virtual hosts that are combinations of >> name-based and IP-based causes a lot of extra stress. I think this kind of policy need some introductory time for everybody. Some ISP/ASP need to change their provisioning system to allow this happen. Customer need some time to accept name-based web hosting without any prejudice. And Application developer need some time to develop name-based service implementation in their application. Maybe ARIN consider this option. 1) Announce new policy to public. 2) Apply 2:1 ratio for Web hosting/IP address for 3 or 6 months after six months from announcement. 3) Apply 4:1 ratio for Web hosting/IP address for 3 or 6 months after applying 2) 4) During this period, ARIN make clear guideline for exceptional case for IP Based hosting, and procedure for justification query from ISP/ASP. We need to think about this. If hosting has some problem with customer because of IP address problem, maybe some customer will consider low bandwidth dedicated connection for web hosting from their site - So called in-house web hosting. In this case, we need to give at least 8 IP address (/29) to them. It can bo good for ISP because they can make more money. But how about IP address waste? Maybe this policy will lead ASP market to difficult situation. Especially for low/medium size hosting service provider in local area. >> >> >> Now if all the technology was already in place, things would be a lot >> easier. >> >> Also note that even the largest ISPs aren't using close to one quarter of >> the IPs that the largest cable providers are. I really don't think it was a >> good idea to throw this on the ISPs first. It just seems like the big >> problem has been overlooked. Maybe we can push IPv6 deployment from Cable provider and application developer like M$. >> >> >> I have a problem with the policy regulating explicitly "webhosters." To me, >> the web is made up of a lot more than just HTTP. I think it would have been >> a better idea to regulate HTTP hosters... People who just provide simple >> HTTP services could make the easy change and not worry much about it. >> Regulating the entire web causes this great deal of argument about exactly >> what is an exception and what is not. It's ridiculous. If ARIN want this happen really, they are supposed to be more seriously. They need to give some time for hosting service provider to make the change in their provisioning system, and give time for application developer to make name-based hosting happen. For webhoster, it one IP address is blocked by someone using filtering, that will be big problem for them from business model. We can not leave it down for 4 or 5 hours to contact with network engineer of filtering organization. you know what? Actually some country did this kind of filtering by government. The reason for this will be adult content or government political issue like communist things. In this case, government send the list of IP address to all oversea connection Internet provider. They have to block those IP address by regulation. In this case, every web hosting from specific IP address can be blocked. Don't consider this can be resolved by phone or letter. Sometimes local organization decide to block specific IP address because of content of Web. For example, K-12 school for adult site and how to make bomb sites. ;> In this case, other customers from same IP address is not happy with this. They will leave to other web hosting provider or make their own connection. >> >> To me a few things have to happen... >> >> *) The cable providers **NEED** to be regulated! @Home's 2.3 million IPs are >> ridiculous -- they do not need that many IPs. Even if they were to give back >> HALF of those IPs, that'd be TWICE the amount of IPs Verio has TOTAL. Are they consider IPv6? Is there any technical problem with IPv6 deployment? How about IPv6/IPv4 gateway? ARIN need to push IPv6 deployment with various method. ARIN really consider IPv6 as solution for IP address? >> >> >> *) xDSL providers need to be looked at. Most of the DSL providers I know of >> are providing static IPs to each of their customers by default. Maybe or maybe not. xDSL is supposed to be always-on connection. If this is a kind of dial-up connection type, maybe DHCP with dynamic IP address will reduce the number of IP address that xDSL provider needs. But if this is always-on connection, there is no difference from the number of IP address that is needed by xDSL provider. It's only issue with security and management. >> >> *) ARIN (and IANA) needs to improve their communication. I really think that >> only certain interests were represented in this decision... (i.e. cable >> Internet providers) I think big problem of this new policy is two. 1) Vague procedure/guideline, clear action It's not a secret mission. If ARIN need to push this policy, clear standard and justification procedure has to be followed by policy. It looks to me like this. ARIN made a policy for hosting provider, and pass all issue with this policy to ISP. ISP doesn't know how to do this with hosting provider. If ARIN think ISP do justification for hosting provider, they need to let ISP know what is the standard guideline for this. 2) No consideration for real world. If we make some IETF RFC draft, it will take a couple of year to deliver this to real world. And there is some choice from customer, also. In this case, ARIN make this happen so quickly, and there is no time for preparation from hosting provider - customer - , and application developer - vendor -. This is not a lab environment. There is a lot of different situation. Do we need to belive exception warranty without any knowledge of guideline? What happened if we don't get exception warranty that we assigned IP address to hosting provider? Does it affect to whole IP address allocation request that is for whole customer? Because of this trap - really -, we need to jeopardize the risk for our business? thanks. Hyun From jb at jbacher.com Fri Sep 15 10:24:46 2000 From: jb at jbacher.com (J Bacher) Date: Fri, 15 Sep 2000 09:24:46 -0500 (CDT) Subject: consistancy In-Reply-To: Message-ID: > Oh, man, that is *very* difficult to accept. IP addresses are a shared > public resource which is globally administered by IANA/ICANN. They aren't > anyone's property and they never have been. If the biggest problem with Have a bake sale and buy them back. Yes, I am being somewhat facetious but understand that the p&m won't fix the problem. There are options and all of them need to be considered. Outline the problem and lay out every possible solution. Identify each solution's feasibility and probability using a point system. Take the most viable solutions [with the hightest combined point rating] and attack them first. Actions speak louder than words. The trustees and advisories should be able to tell us the best way to tackle this [and other] issues. Where is the plan? From memsvcs at arin.net Fri Sep 15 15:03:09 2000 From: memsvcs at arin.net (Member Services) Date: Fri, 15 Sep 2000 15:03:09 -0400 (EDT) Subject: ARIN VI Mtg. Hotel Block Closes Sept. 18th; Registration on Sept 20th. Message-ID: Make your plans this weekend to attend the ARIN VI Public Policy and Member Meetings, Oct. 2-4, in Herndon, VA. Hotel reservations in the guaranteed block are available only through Monday, September 18th and ARIN general registration closes on Wednesday, September 20th. For details visit: http://www.arin.net/announcements/memmeet.html Please contact ARIN Member Services (memsvcs at arin.net) if you have questions or need assistance. Regards, Susan Hamlin ARIN Member Services From ahp at hilander.com Sat Sep 16 12:14:50 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Sat, 16 Sep 2000 10:14:50 -0600 Subject: consistancy References: Message-ID: <39C39C7A.CD6398A0@hilander.com> I agree that reclaiming address space is a good idea, and we are working on ways to do it. However, you all must accept the fact that reclaiming IP space and more efficient use of new IP allocations are not mutually exclusive. They are in fact separate discussions, and decisions on whether to do one will not affect the other. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From cscott at gaslightmedia.com Sat Sep 16 13:42:41 2000 From: cscott at gaslightmedia.com (Charles Scott) Date: Sat, 16 Sep 2000 13:42:41 -0400 (EDT) Subject: consistancy In-Reply-To: <39C39C7A.CD6398A0@hilander.com> Message-ID: On Sat, 16 Sep 2000, Alec H. Peterson wrote: > I agree that reclaiming address space is a good idea, and we are working on > ways to do it. > > However, you all must accept the fact that reclaiming IP space and more > efficient use of new IP allocations are not mutually exclusive. They are in > fact separate discussions, and decisions on whether to do one will not > affect the other. > > Alec Alec: Agreed. Reclaiming IP space and efficient use of new allocations are certainly not mutually exclusive, Similarly, the aggrigate preasure on IP address space affects both discussions and their outcome. Also, the outcome of both will affect the aggrigate preasure on IP address space. They are therefore intimately interwoven. I think however, that there is also a matter of balance. It appears that many in this discussion have a hard time accepting the idea that address space that's currently in productive use, however inefficiently, is more, or even equally, worth trying to reclaim than address space that is currently serving no usefull purpose whatsoever or is grossly in contrast with conservation. It is certainly the impression of this imbalance that is making it difficult for ARIN to deploy this policy. Until such time as all address space falls under the same level of scrutiny, it's unlikely that those providing Web hosting services, the very content of the Internet, will be convinced to expend considerable work and funds to essentially change the way they do business. Chuck Scott Gaslight Media From brian at meganet.net Sat Sep 16 15:34:33 2000 From: brian at meganet.net (Brian Wallingford) Date: Sat, 16 Sep 2000 15:34:33 -0400 (EDT) Subject: consistancy In-Reply-To: <200009161935.TAA28424@vacation.karoshi.com> Message-ID: On Sat, 16 Sep 2000 bmanning at vacation.karoshi.com wrote: : > I have a new school connecting to us early next week with a /16 for a : > campus of under 10K students. :( : > : > There has to be a way to reclaim them! : : There is. Check the fine RFC. : When there is a fundamental -technical- requirement to get : the space back, it can be reclaimed. THe current problem : is not technical but political. A perfect summary to this entire discussion. (Which RFC? Pardon my ignorance, I didn't realize there was one that addressed this.) I'm fairly certain that a technical argument to this (granted) political problem could be made in many cases, wrt legacy space. -brian From ahp at hilander.com Sat Sep 16 16:56:56 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Sat, 16 Sep 2000 14:56:56 -0600 Subject: consistancy References: Message-ID: <39C3DE98.B3D34246@hilander.com> Antonio Querubin wrote: > > Would you accept the fact that many of us on the receiving end of the > latter look on the lack of attention paid to the former as reducing ARIN > et al credibility and leadership? Lose that credibility and you'll have a > hard time convincing the rest of the membership to do anything else. First of all, ARIN is very interested in reclaiming IP space, where it can do so. The issue is far more complicated than you may think, primarily because of the fact that ARIN does not have the authority to revoke allocations that it did not make. This is the primary point people seem to be missing. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From ahp at hilander.com Sat Sep 16 16:58:42 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Sat, 16 Sep 2000 14:58:42 -0600 Subject: consistancy References: Message-ID: <39C3DF02.F282C87F@hilander.com> Charles Scott wrote: > > Alec: > Agreed. Reclaiming IP space and efficient use of new allocations are > certainly not mutually exclusive, Similarly, the aggrigate preasure on IP > address space affects both discussions and their outcome. Also, the > outcome of both will affect the aggrigate preasure on IP address space. > They are therefore intimately interwoven. > I think however, that there is also a matter of balance. It appears that > many in this discussion have a hard time accepting the idea that address > space that's currently in productive use, however inefficiently, is more, > or even equally, worth trying to reclaim than address space that is > currently serving no usefull purpose whatsoever or is grossly in contrast > with conservation. It is certainly the impression of this imbalance that > is making it difficult for ARIN to deploy this policy. Until such time as > all address space falls under the same level of scrutiny, it's unlikely > that those providing Web hosting services, the very content of the > Internet, will be convinced to expend considerable work and funds to > essentially change the way they do business. If you know of a way to make this happen, then by all means please share it with us. However, continuing to argue why ARIN is not reclaiming allocations is not productive, since the plain and simple fact is that ARIN does not have the authority to reclaim allocations that it did not make. If you think that ARIN should have this authority, then by all means start petitioning IANA/ICANN to that end. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From ahp at hilander.com Sat Sep 16 16:59:59 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Sat, 16 Sep 2000 14:59:59 -0600 Subject: consistancy References: <39C39C7A.CD6398A0@hilander.com> <20000916130637.A87352@Geeks.ORG> Message-ID: <39C3DF4F.BA4C9650@hilander.com> Mike Horwath wrote: > > I don't think anyone is arguing about not trying to be more efficient > at all and that these are completely exclusive of each other and can > be done in parallel. However people do seem to be using the fact that ARIN is not revoking allocations made before its time to various institutions as a reason for repealing the virtual hosting policy. Personally I think there are plenty of other objections about the virtual hosting policy, which is why I am confused as to why so many people are insisting ARIN do something it has no authority to do. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From mury at goldengate.net Sat Sep 16 18:06:19 2000 From: mury at goldengate.net (Mury) Date: Sat, 16 Sep 2000 17:06:19 -0500 (CDT) Subject: consistancy In-Reply-To: <39C3DF02.F282C87F@hilander.com> Message-ID: > If you know of a way to make this happen, then by all means please share it > with us. > > However, continuing to argue why ARIN is not reclaiming allocations is not > productive, since the plain and simple fact is that ARIN does not have the > authority to reclaim allocations that it did not make. If you think that > ARIN should have this authority, then by all means start petitioning > IANA/ICANN to that end. > > Alec Alec, No offense to you personally with these questions, but I've been told I am not qualified to act as any sort of "spokesperson" for the ARIN membership, and that I'm an idiot for asking for the list of legacy space contacts. So my questions are: Is it appropriate for me to "petition IANA/ICANN" essentially on behalf of ARIN? If so, is there a standard format and contact to whom I should be placing my suggestions? Mury From ahp at hilander.com Sat Sep 16 18:09:48 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Sat, 16 Sep 2000 16:09:48 -0600 Subject: consistancy References: Message-ID: <39C3EFAC.146AF3A2@hilander.com> Mury wrote: > > No offense to you personally with these questions, but I've been told I am > not qualified to act as any sort of "spokesperson" for the ARIN > membership, and that I'm an idiot for asking for the list of legacy space > contacts. > > So my questions are: > > Is it appropriate for me to "petition IANA/ICANN" essentially on behalf of > ARIN? No, but it would be appropriate for you to petition ICANN/IANA as a concerned user of address space (and perhaps an ARIN member, although I don't know offhand if you are) to either take it upon themselves to reclaim address space or delegate authority to do so appropriately (ie, to the RIRs). Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From brian at meganet.net Sat Sep 16 19:24:00 2000 From: brian at meganet.net (Brian Wallingford) Date: Sat, 16 Sep 2000 19:24:00 -0400 (EDT) Subject: consistancy In-Reply-To: <39C3E2BE.D9B3D9F0@ens.net> Message-ID: : Does any of this discussion even matter? By the time you people finish the : pathetic diatribe, IP telephony will just start to kick in. When this happens : (since both Cisco and Lucent have their products available, and BILLIONS of : dollars are being spent to make it happen...), the ONLY thing that will save us : is the conversion to IP6. THERE WILL BE NO MORE SPACE, NO MATTER HOW STINGY OR : STUPID YOU GET WITH THE IP4 SPACE. Lets all hope that real movement occures on : the IP6 definition.... FWIW, IP telephony in most current implementations does not require each end-station to have an IP address. Many use a network protocol-independent scheme beyond the gateway to the actual telephone/fax/etc. The eventual proliferation of telephony over IP networks probably won't impact ip usage much more than the simple growth of Internet use does, IMHO. If v4 space runs out as quickly as you're suggesting, the conversion to v6 will be so painstakingly slow and arduous (considering current vendor support, or lack thereof, and the short-term "hacks" that would be necessary for implementation) as to make such a conversion almost moot to this discussion. I _do_ agree that this discussion has more than run its useful course, and Bill Manning managed to clarify the "authority" issue viz. legacy block reclamation. I'm clear on the fact that it's not an ARIN issue. -brian From jb at jbacher.com Sat Sep 16 20:25:40 2000 From: jb at jbacher.com (J Bacher) Date: Sat, 16 Sep 2000 19:25:40 -0500 (CDT) Subject: consistancy In-Reply-To: Message-ID: > > However, you all must accept the fact that reclaiming IP space and more > > efficient use of new IP allocations are not mutually exclusive. They are in > > fact separate discussions, and decisions on whether to do one will not > > affect the other. > > > > Alec > > Alec: > Agreed. Reclaiming IP space and efficient use of new allocations are > certainly not mutually exclusive, Similarly, the aggrigate preasure on IP > address space affects both discussions and their outcome. Also, the > outcome of both will affect the aggrigate preasure on IP address space. > They are therefore intimately interwoven. Please. ARIN did not choose to enforce a virtual webserver model because it was either bored or there was no concern over available allocation. "Efficient use" was redefined for a reason. The only issue is whether reclaiming space is a viability and whether ARIN gave sufficient consideration to the ramifications of enforcing this new policy. From cscott at gaslightmedia.com Sat Sep 16 21:53:47 2000 From: cscott at gaslightmedia.com (Charles Scott) Date: Sat, 16 Sep 2000 21:53:47 -0400 (EDT) Subject: consistancy In-Reply-To: Message-ID: j: I dont' think anyone is accusing any party of being frivolous or arbitrary. And, I do think we'll all survive the current policy, even if it does result in significant extra work to achieve compliance or present a case for an exception. My point, however, was that you can no more isolate the perception of imbalance from the new policy than you can the need for conservation from the recognition that there are vast unused address blocks. And like it or not, I think that perception relevant. If the only result of this discussion is that there is a greater recognition of imbalance, then I think it's served the original purpose of those who started it. And if from that recognition there is resulting action to work the greater problem, then I think we've exceeded our expectations, even if that action can't necessarily take place within the confines of ARIN. Chuck Scott Gaslight Media On Sat, 16 Sep 2000, J Bacher wrote: > > > > > However, you all must accept the fact that reclaiming IP space and more > > > efficient use of new IP allocations are not mutually exclusive. They are in > > > fact separate discussions, and decisions on whether to do one will not > > > affect the other. > > > > > > Alec > > > > Alec: > > Agreed. Reclaiming IP space and efficient use of new allocations are > > certainly not mutually exclusive, Similarly, the aggrigate preasure on IP > > address space affects both discussions and their outcome. Also, the > > outcome of both will affect the aggrigate preasure on IP address space. > > They are therefore intimately interwoven. > > Please. ARIN did not choose to enforce a virtual webserver model because > it was either bored or there was no concern over available allocation. > > "Efficient use" was redefined for a reason. The only issue is whether > reclaiming space is a viability and whether ARIN gave sufficient > consideration to the ramifications of enforcing this new policy. > From jb at jbacher.com Sun Sep 17 11:11:28 2000 From: jb at jbacher.com (J Bacher) Date: Sun, 17 Sep 2000 10:11:28 -0500 (CDT) Subject: consistancy In-Reply-To: Message-ID: > I dont' think anyone is accusing any party of being frivolous or > arbitrary. Read my post again. You have misunderstood it. > My point, however, was that you can no more isolate the perception of > imbalance from the new policy than you can the need for conservation from > the recognition that there are vast unused address blocks. And like it or To say that one issue does not impact, directly or indirectly, the other issue would be incorrect. I really can't determine which post you are replying to since it does not address the one that I wrote. From ahp at hilander.com Sun Sep 17 11:30:51 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Sun, 17 Sep 2000 09:30:51 -0600 Subject: consistancy References: <39C39C7A.CD6398A0@hilander.com> <20000916130637.A87352@Geeks.ORG> <39C3DF4F.BA4C9650@hilander.com> <20000917102900.B25627@Geeks.ORG> Message-ID: <39C4E3AB.2A7EC7F8@hilander.com> Mike Horwath wrote: > > On Sat, Sep 16, 2000 at 02:59:59PM -0600, Alec H. Peterson wrote: > > Mike Horwath wrote: > > > > > > I don't think anyone is arguing about not trying to be more efficient > > > at all and that these are completely exclusive of each other and can > > > be done in parallel. > > > > However people do seem to be using the fact that ARIN is not > > revoking allocations made before its time to various institutions as > > a reason for repealing the virtual hosting policy. > > Who has done so? > > I'll spank'em. > > I do cry 'unfair', though. > > > Personally I think there are plenty of other objections about the > > virtual hosting policy, which is why I am confused as to why so many > > people are insisting ARIN do something it has no authority to do. > > Oh, but it does have some authority, this is a large difference of > opinion we seem to be having. Oh certainly, it does have some authority. It has authority over CURRENT allocation policy in its region of the world. One of the things the AC (and thus the membership later on) will be discussing is how ARIN can reclaim allocations that it has made in the past. That's a good first step towards reclamation of other allocations in the future (once some sort of standard has been established). We can't promise anything, but please know ARIN is concerned about it and is trying to help. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From ahp at hilander.com Sun Sep 17 11:32:48 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Sun, 17 Sep 2000 09:32:48 -0600 Subject: consistancy References: <39C3EFAC.146AF3A2@hilander.com> <20000917103100.C25627@Geeks.ORG> Message-ID: <39C4E420.8E0A9DB@hilander.com> Mike Horwath wrote: > > But, if you have space allocated at any time in the last few > years...doesn't that make you an ARIN member by default? > > Or is this a game, like the days of the old MRNet where the > 'customers' are members but are as powerless as customers? I'm not quite sure what you're getting at, but I'll tell you how membership works. Every year that an entity gets address space from ARIN they pay ARIN an allocation fee. That fee includes membership. So if an entity does not get address space in a given year, then they are not (automatically) a member. However they are free to pay the $500 per year fee to become a member. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From ahp at hilander.com Sun Sep 17 11:45:18 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Sun, 17 Sep 2000 09:45:18 -0600 Subject: consistancy References: <39C3EFAC.146AF3A2@hilander.com> <20000917103100.C25627@Geeks.ORG> <39C4E420.8E0A9DB@hilander.com> <20000917104317.E25627@Geeks.ORG> Message-ID: <39C4E70E.6E7E32F@hilander.com> Mike Horwath wrote: > > So...that fee I pay every year for said address space does not keep me > a member during the 'year' I don't get more address space? > > To quote: > > Membership with ARIN is open to any individual or entity and > is offered regardless of whether the entity receives address > space directly from ARIN. Subscription customers -- > i.e. Internet Service Providers (ISPs) that are allocated IP > addresses from ARIN -- are extended membership at no > additional cost to their subscription fee. Organizations that > are not subscription customers are invited to join ARIN and > are charged an annual membership fee of $500. > > So, the statement that Mury may not be a member would be wrong :) > > By default, any ISP with direct allocation from ARIN is a member > according to what I read above. Then perhaps I misunderstand how the fee schedule works, hopefully one of the ARIN staff can correct me. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From randy at psg.com Sun Sep 17 13:48:05 2000 From: randy at psg.com (Randy Bush) Date: Sun, 17 Sep 2000 10:48:05 -0700 Subject: consistancy References: <39C39C7A.CD6398A0@hilander.com> <20000916130637.A87352@Geeks.ORG> <39C3DF4F.BA4C9650@hilander.com> <20000917102900.B25627@Geeks.ORG> <39C4E3AB.2A7EC7F8@hilander.com> Message-ID: > One of the things the AC (and thus the membership later on) will be > discussing is that the arin version of the membership-driven bottom-up approach? randy From mury at goldengate.net Sun Sep 17 13:47:40 2000 From: mury at goldengate.net (Mury) Date: Sun, 17 Sep 2000 12:47:40 -0500 (CDT) Subject: consistancy In-Reply-To: <39C3EFAC.146AF3A2@hilander.com> Message-ID: This might sound like nit-picking, but I think it's an important issue to figure out before I "petition" IANA/ICANN with the below request. Does ARIN want to be given authority to oversee those blocks? I certainly don't want to ask for something to be given to ARIN that ARIN doesn't want. Perhaps if the AC, the membership, or whoever needs to, can decide on that first, then ARIN as well as concerned individuals can approach IANA/ICANN with the suggestion/request. If ARIN doesn't want the be given that authority, then as a concerned Internet citizen I'll ask them to do it themselves. While it seems that the RIRs are all setup to be able to deal with the process for accounting for legacy space, maybe a new ASO (Since it probably isn't regional) should be created for dealing with the unique issues that reclaiming will probably have. So, should ARIN (RIRs) have the authority and does it want it? Mury Side note: Can someone tell me how much of the legacy space would fall under ARIN's region? On Sat, 16 Sep 2000, Alec H. Peterson wrote: > Mury wrote: > > > > No offense to you personally with these questions, but I've been told I am > > not qualified to act as any sort of "spokesperson" for the ARIN > > membership, and that I'm an idiot for asking for the list of legacy space > > contacts. > > > > So my questions are: > > > > Is it appropriate for me to "petition IANA/ICANN" essentially on behalf of > > ARIN? > > No, but it would be appropriate for you to petition ICANN/IANA as a > concerned user of address space (and perhaps an ARIN member, although I > don't know offhand if you are) to either take it upon themselves to reclaim > address space or delegate authority to do so appropriately (ie, to the > RIRs). > > Alec > > -- > Alec H. Peterson - ahp at hilander.com > Staff Scientist > CenterGate Research Group - http://www.centergate.com > "Technology so advanced, even _we_ don't understand it!" > From ahp at hilander.com Sun Sep 17 13:54:27 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Sun, 17 Sep 2000 11:54:27 -0600 Subject: consistancy References: Message-ID: <39C50553.A48746D3@hilander.com> Mury wrote: > > This might sound like nit-picking, but I think it's an important issue to > figure out before I "petition" IANA/ICANN with the below request. Does > ARIN want to be given authority to oversee those blocks? I certainly > don't want to ask for something to be given to ARIN that ARIN doesn't > want. > > Perhaps if the AC, the membership, or whoever needs to, can decide on that > first, then ARIN as well as concerned individuals can approach IANA/ICANN > with the suggestion/request. > > If ARIN doesn't want the be given that authority, then as a concerned > Internet citizen I'll ask them to do it themselves. While it seems that > the RIRs are all setup to be able to deal with the process for accounting > for legacy space, maybe a new ASO (Since it probably isn't regional) > should be created for dealing with the unique issues that reclaiming will > probably have. > > So, should ARIN (RIRs) have the authority and does it want it? That's actually a very good question, and one that should certainly be discussed by various involved parties (membership, AC and the BoT), since it such reclamation will consume ARIN resources. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From sob at harvard.edu Sun Sep 17 13:55:30 2000 From: sob at harvard.edu (Scott Bradner) Date: Sun, 17 Sep 2000 13:55:30 -0400 (EDT) Subject: consistancy Message-ID: <200009171755.NAA13078@newdev.harvard.edu> > This might sound like nit-picking, but I think it's an important issue to > figure out before I "petition" IANA/ICANN with the below request. Does > ARIN want to be given authority to oversee those blocks? I certainly > don't want to ask for something to be given to ARIN that ARIN doesn't > want. note that not everyone agrees with Bill's characterization of the current state Scott From mury at goldengate.net Sun Sep 17 14:51:45 2000 From: mury at goldengate.net (Mury) Date: Sun, 17 Sep 2000 13:51:45 -0500 (CDT) Subject: consistancy In-Reply-To: Message-ID: Hold the fort! I've taken some time to try to understand the authority and the role of ARIN in relation to ICANN instead of taking some people's word for it. Here is a summary of what I found on ICANN's site. I have pasted the text from http://www.aso.icann.org/docs/aso-mou.html further down as a reference. 1) The ICANN bylaws assign to the ASO (which ARIN is) the responsibility for the development of global policies relating to the definition of global policies for the distribution and registration of Internet address space (currently IPv4 and IPv6); 2) Normally, proposals for global policies within the area of the ASO's responsibility will be developed within the RIRs and forwarded to the Address Council for their consideration. 3) In addition the Address Council may accept, for consideration, proposals for changes to global IP address policy from any interested individual or entity. Doesn't this sound like it is ARIN's responsibilty to develop policies and not ICANNs? It sure reads like ICANN has given ARIN not just the authority, but the responsibility to create *global* policies for registration of address space. There are no conditions listed, no exceptions. What am I not understanding? Unless I'm badly mistaken in my understanding of a RIR's role as defined by ICANN, I would like to suggest that ARIN and it's decision making bodies consider creating policies for reclaiming largely unused legacy address space. What I do not know is if this has already been done and rejected by ICANN. If so, I would like to see copies of the rejection so I can approach ICANN as a concerned citizen. Thank you. Mury GoldenGate Internet Services ------------------------------------------------------------------------- (4) Duties of the Address Council. (a) Advisory Role. The Address Council will advise the Board of ICANN on matters referred to the Address Council by the ICANN Board. (b) Policy Development. The ICANN bylaws assign to the ASO the responsibility for the development of global policies relating to the following areas: (i) Definition of global policies for the distribution and registration of Internet address space (currently IPv4 and IPv6); (ii) Definition of global policies for the distribution and registration of identifiers used in Internet inter-domain routing (currently BGP autonomous system numbers); and (iii) Definition of global policies concerning the part of the DNS name space which is derived from the Internet address space and the inter-domain routing identifiers (currently in-addr.arpa and ip6.int). Normally, proposals for global policies within the area of the ASO's responsibility will be developed within the RIRs and forwarded to the Address Council for their consideration. In special circumstances the ICANN board can forward a request to develop a new global policy or to review an existing global policy within the area of the ASO's responsibility to the Address Council. In addition the Address Council may accept, for consideration, proposals for changes to global IP address policy from any interested individual or entity. In all cases when the Address Council reviews a proposal for new global policies or a proposed modification to existing policies in this area it will first solicit the opinions of all of the RIR signatories of the MOU and of the public. The Address Council will weigh the results of these solicitations in its deliberations to determine if it will approve the proposal. At least two thirds of the members of the Address Council must support a proposal for the proposal to be accepted and forwarded to the ICANN board for its consideration. In any case where the ICANN board has requested that the Address Council develop a new policy within the area of the ASO's responsibility, the Address Council will forward that request to the RIR signatories of the MOU. The RIRs will then be given a reasonable time to propose policies to address the request from ICANN. Any resulting policy will be evaluated as described above. If an RIR decides, after reviewing the request, that the request is unreasonable, it can report that opinion to the Address Council. If the Address Council, after reviewing the responses, decides that the request is unreasonable or inadvisable, it can report that opinion to the ICANN board along with the reasons that the Address Council reached that conclusion. ------------------------------------------------------------------------- On Sun, 17 Sep 2000, Mury wrote: > > This might sound like nit-picking, but I think it's an important issue to > figure out before I "petition" IANA/ICANN with the below request. Does > ARIN want to be given authority to oversee those blocks? I certainly > don't want to ask for something to be given to ARIN that ARIN doesn't > want. > > Perhaps if the AC, the membership, or whoever needs to, can decide on that > first, then ARIN as well as concerned individuals can approach IANA/ICANN > with the suggestion/request. > > If ARIN doesn't want the be given that authority, then as a concerned > Internet citizen I'll ask them to do it themselves. While it seems that > the RIRs are all setup to be able to deal with the process for accounting > for legacy space, maybe a new ASO (Since it probably isn't regional) > should be created for dealing with the unique issues that reclaiming will > probably have. > > So, should ARIN (RIRs) have the authority and does it want it? > > Mury > > Side note: Can someone tell me how much of the legacy space would fall > under ARIN's region? > > > On Sat, 16 Sep 2000, Alec H. Peterson wrote: > > > Mury wrote: > > > > > > No offense to you personally with these questions, but I've been told I am > > > not qualified to act as any sort of "spokesperson" for the ARIN > > > membership, and that I'm an idiot for asking for the list of legacy space > > > contacts. > > > > > > So my questions are: > > > > > > Is it appropriate for me to "petition IANA/ICANN" essentially on behalf of > > > ARIN? > > > > No, but it would be appropriate for you to petition ICANN/IANA as a > > concerned user of address space (and perhaps an ARIN member, although I > > don't know offhand if you are) to either take it upon themselves to reclaim > > address space or delegate authority to do so appropriately (ie, to the > > RIRs). > > > > Alec > > > > -- > > Alec H. Peterson - ahp at hilander.com > > Staff Scientist > > CenterGate Research Group - http://www.centergate.com > > "Technology so advanced, even _we_ don't understand it!" > > > > From kent at songbird.com Sun Sep 17 16:29:40 2000 From: kent at songbird.com (Kent Crispin) Date: Sun, 17 Sep 2000 13:29:40 -0700 Subject: consistancy In-Reply-To: ; from Mury on Sun, Sep 17, 2000 at 01:51:45PM -0500 References: Message-ID: <20000917132940.T13416@songbird.com> On Sun, Sep 17, 2000 at 01:51:45PM -0500, Mury wrote: > > Hold the fort! > > I've taken some time to try to understand the authority and the role of > ARIN in relation to ICANN instead of taking some people's word for it. > > Here is a summary of what I found on ICANN's site. I have pasted the text > from http://www.aso.icann.org/docs/aso-mou.html further down as a > reference. > > 1) The ICANN bylaws assign to the ASO (which ARIN is) the responsibility You are confusing the ASO and ARIN. ARIN is not the ASO. The ASO is part of ICANN; ARIN is a member of the ASO. Not the only member. [...] > Doesn't this sound like it is ARIN's responsibilty to develop policies and > not ICANNs? No, it sounds like it is the ASO's responsibility. > It sure reads like ICANN has given ARIN not just the s/ARIN/ASO/ > authority, but the responsibility to create *global* policies for > registration of address space. There are no conditions listed, no > exceptions. > > What am I not understanding? ARIN is not the ASO. The ASO is a separate body that includes *all* the address registries. -- Kent Crispin "Do good, and you'll be kent at songbird.com lonesome." -- Mark Twain From mury at goldengate.net Sun Sep 17 20:00:55 2000 From: mury at goldengate.net (Mury) Date: Sun, 17 Sep 2000 19:00:55 -0500 (CDT) Subject: consistancy In-Reply-To: <20000917132940.T13416@songbird.com> Message-ID: How come you snipped #2, which said: 2) Normally, proposals for global policies within the area of the ASO's responsibility will be developed within the RIRs and forwarded to the Address Council for their consideration. Is ARIN not a RIR? I didn't see anywhere in the MOU that said policies should be delevoped at the ASO level, which seems very likely to be semantics anyway since the ASO is made up of ARIN, RIPE and APNIC. In either case whether you want to argue that it is the ASO and not ARIN, isn't my point that ICANN has given the RIRs or ASO the authority and the responsibility to delevop global policies? You are arguing against me, but making my point. Mury GoldenGate Internet Services On Sun, 17 Sep 2000, Kent Crispin wrote: > On Sun, Sep 17, 2000 at 01:51:45PM -0500, Mury wrote: > > > > Hold the fort! > > > > I've taken some time to try to understand the authority and the role of > > ARIN in relation to ICANN instead of taking some people's word for it. > > > > Here is a summary of what I found on ICANN's site. I have pasted the text > > from http://www.aso.icann.org/docs/aso-mou.html further down as a > > reference. > > > > 1) The ICANN bylaws assign to the ASO (which ARIN is) the responsibility > > You are confusing the ASO and ARIN. ARIN is not the ASO. The ASO is > part of ICANN; ARIN is a member of the ASO. Not the only member. > > [...] > > > Doesn't this sound like it is ARIN's responsibilty to develop policies and > > not ICANNs? > > No, it sounds like it is the ASO's responsibility. > > > It sure reads like ICANN has given ARIN not just the > > s/ARIN/ASO/ > > > authority, but the responsibility to create *global* policies for > > registration of address space. There are no conditions listed, no > > exceptions. > > > > What am I not understanding? > > ARIN is not the ASO. The ASO is a separate body that includes *all* > the address registries. > > -- > Kent Crispin "Do good, and you'll be > kent at songbird.com lonesome." -- Mark Twain > From kent at songbird.com Sun Sep 17 20:40:48 2000 From: kent at songbird.com (Kent Crispin) Date: Sun, 17 Sep 2000 17:40:48 -0700 Subject: consistancy In-Reply-To: ; from Mury on Sun, Sep 17, 2000 at 07:00:55PM -0500 References: <20000917132940.T13416@songbird.com> Message-ID: <20000917174048.C16900@songbird.com> On Sun, Sep 17, 2000 at 07:00:55PM -0500, Mury wrote: > > How come you snipped #2, which said: Because I was responding to the glaring inaccuracy in your message: >>> 1) The ICANN bylaws assign to the ASO (which ARIN is) the responsibility You were identifying ARIN and the ASO. ARIN is not the ASO. As a significant component of the ASO, of course ARIN has a large role in global policy development. ARIN can make proposals etc. But ARIN doesn't *decide global policies*; and it doesn't *make* global policies -- the other RIRs are equal players, and their interests don't always coincide with ARINs (though certainly all the registries have an interest in reclaiming space). [...] > In either case whether you want to argue that it is the ASO and not ARIN, > isn't my point that ICANN has given the RIRs or ASO the authority and the > responsibility to delevop global policies? > > You are arguing against me, but making my point. Actually, I'm not arguing for you or against you -- I'm just correcting an inaccuracy. -- Kent Crispin "Do good, and you'll be kent at songbird.com lonesome." -- Mark Twain From mury at goldengate.net Sun Sep 17 21:40:28 2000 From: mury at goldengate.net (Mury) Date: Sun, 17 Sep 2000 20:40:28 -0500 (CDT) Subject: consistancy In-Reply-To: <20000917174048.C16900@songbird.com> Message-ID: Yes, I made a mistake by wording "(which ARIN is)" instead of "(of which ARIN is a member)", which someone already pointed out to me. By pointing out an error in my wording you cannot throwout point #2 which states that policies in most cases should be created within the RIR. That's like an announcer screwing up and saying Sosa hit a double when he really hit a homer. It's still a homerun. And the ninth paragraph under the duties of the AC still state that normally policies within the area of the ASO's responsibility be developed within the RIR. And the third paragraph under the "Duties" state that responsibilty to be the "distribution and registration of address space." Thus the conclusion, ARIN has some authority and responsibility to develop global policies and "forward them to the AC for their consideration." If under policy development they didn't clarify some exceptions that they intended to that's another story. However, the way it is written leads one to believe that we are talking about all IPv4 and IPv6 address space: "(i) Definition of global policies for the distribution and registration of Internet address space (currently IPv4 and IPv6);" Mury GoldenGate Internet Services On Sun, 17 Sep 2000, Kent Crispin wrote: > On Sun, Sep 17, 2000 at 07:00:55PM -0500, Mury wrote: > > > > How come you snipped #2, which said: > > Because I was responding to the glaring inaccuracy in your message: > >>> 1) The ICANN bylaws assign to the ASO (which ARIN is) the responsibility > > You were identifying ARIN and the ASO. ARIN is not the ASO. As a > significant component of the ASO, of course ARIN has a large role in > global policy development. ARIN can make proposals etc. But ARIN > doesn't *decide global policies*; and it doesn't *make* global policies > -- the other RIRs are equal players, and their interests don't always > coincide with ARINs (though certainly all the registries have an > interest in reclaiming space). > > [...] > > > In either case whether you want to argue that it is the ASO and not ARIN, > > isn't my point that ICANN has given the RIRs or ASO the authority and the > > responsibility to delevop global policies? > > > > You are arguing against me, but making my point. > > Actually, I'm not arguing for you or against you -- I'm just correcting > an inaccuracy. > > -- > Kent Crispin "Do good, and you'll be > kent at songbird.com lonesome." -- Mark Twain > From brian at meganet.net Sun Sep 17 22:28:22 2000 From: brian at meganet.net (Brian Wallingford) Date: Sun, 17 Sep 2000 22:28:22 -0400 (EDT) Subject: consistancy In-Reply-To: <200009171755.NAA13078@newdev.harvard.edu> Message-ID: On Sun, 17 Sep 2000, Scott Bradner wrote: : > This might sound like nit-picking, but I think it's an important issue to : > figure out before I "petition" IANA/ICANN with the below request. Does : > ARIN want to be given authority to oversee those blocks? I certainly : > don't want to ask for something to be given to ARIN that ARIN doesn't : > want. : : note that not everyone agrees with Bill's characterization of the current : state For the uninitiated, details on such might be appropriate on-list. -brian From sob at harvard.edu Sun Sep 17 22:39:10 2000 From: sob at harvard.edu (Scott Bradner) Date: Sun, 17 Sep 2000 22:39:10 -0400 (EDT) Subject: consistancy Message-ID: <200009180239.WAA13866@newdev.harvard.edu> > For the uninitiated, details on such might be appropriate on-list. not everyone agrees that ARIN does not oversee the old assignments in teh ARIN region (and RIP in the RIPE region etc) Scott From richardj at arin.net Mon Sep 18 14:47:28 2000 From: richardj at arin.net (Richard Jimmerson) Date: Mon, 18 Sep 2000 14:47:28 -0400 Subject: consistancy In-Reply-To: <39C4E70E.6E7E32F@hilander.com> Message-ID: <002c01c021a0$e569e420$bdfc95c0@ARINNET> Hello Alec and Mike, Mike wrote: >> So...that fee I pay every year for said address space does not keep me >> a member during the 'year' I don't get more address space? >> By default, any ISP with direct allocation from ARIN is a member >> according to what I read above. Alec wrote: >Then perhaps I misunderstand how the fee schedule works, >hopefully one of the ARIN staff can correct me. Subscription customers are members of ARIN and continue to be, as long as their subscription fee is paid annually. It is not required that subscription customers receive an allocation every year to continue their membership. It is included with their annual registration/subscription fee. Non-subscribers may join the ARIN membership by paying an annual $500 fee. Regards, Richard Jimmerson American Registry for Internet Numbers (ARIN) >-----Original Message----- >From: owner-ppml at arin.net [mailto:owner-ppml at arin.net]On Behalf Of Alec >H. Peterson >Sent: Sunday, September 17, 2000 11:45 AM >To: Mike Horwath >Cc: Mury; Charles Scott; hostmaster at raha.com; arin-discuss at arin.net; >ppml at arin.net >Subject: Re: consistancy > > >Mike Horwath wrote: >> >> So...that fee I pay every year for said address space does >not keep me >> a member during the 'year' I don't get more address space? >> >> To quote: >> >> Membership with ARIN is open to any individual or entity and >> is offered regardless of whether the entity receives address >> space directly from ARIN. Subscription customers -- >> i.e. Internet Service Providers (ISPs) that are allocated IP >> addresses from ARIN -- are extended membership at no >> additional cost to their subscription fee. Organizations that >> are not subscription customers are invited to join ARIN and >> are charged an annual membership fee of $500. >> >> So, the statement that Mury may not be a member would be wrong :) >> >> By default, any ISP with direct allocation from ARIN is a member >> according to what I read above. > >Then perhaps I misunderstand how the fee schedule works, >hopefully one of >the ARIN staff can correct me. > >Alec > >-- >Alec H. Peterson - ahp at hilander.com >Staff Scientist >CenterGate Research Group - http://www.centergate.com >"Technology so advanced, even _we_ don't understand it!" From mury at goldengate.net Mon Sep 18 23:03:47 2000 From: mury at goldengate.net (Mury) Date: Mon, 18 Sep 2000 22:03:47 -0500 (CDT) Subject: consistancy In-Reply-To: <200009190213.TAA22525@pox.remarque.org> Message-ID: Cathy, Thank you very much. I obviously don't know all the details and issues involved with reclaiming legacy space, so I don't wish to submit any further comments other than it sure makes sense to utilize all the space available before forcing the little guy to make technological changes that he/she is ill equipted to do. Of course we should all make changes that make sense and that we can accomplish within reason. Pick up the $500 bills laying around before scaping for pennies. Even if the $500 bill belongs to the president. Thanks again. Mury GoldenGate Internet Services On Mon, 18 Sep 2000, Cathy Wittbrodt wrote: > > You have this slightly wrong. ARIN is not the ASO. The Address > Supporting Organization was formed by ICANN based on a MOU that was > written by the existing regional registries. You have included most > of the MOU below, but it seems that the part about the selecting the > council, etc, may be missing. Under that MOU the Address > Council was formed by folks nominated and elected by each of the > regions. I am on the ASO AC and I have just asked to have legacy space > reclaimation added to our agenda for our next meeting in October. > If you would like to submit comments or items for the address council > you can participate in the aso-policy list or any of the other lists > (http://www.aso.icann.org/lists/) Further you can contact me directly. > > Thanks, > ---CJ > > From: Mury > Subject: Re: consistancy > > Hold the fort! > > I've taken some time to try to understand the authority and the role of > ARIN in relation to ICANN instead of taking some people's word for it. > > Here is a summary of what I found on ICANN's site. I have pasted the text > from http://www.aso.icann.org/docs/aso-mou.html further down as a > reference. > > 1) The ICANN bylaws assign to the ASO (which ARIN is) the responsibility > for the development of global policies relating to the definition of > global policies for the distribution and registration of Internet address > space (currently IPv4 and IPv6); > > 2) Normally, proposals for global policies within the area of the ASO's > responsibility will be developed within the RIRs and forwarded to the > Address Council for their consideration. > > 3) In addition the Address Council may accept, for consideration, > proposals for changes to global IP address policy from any interested > individual or entity. > > Doesn't this sound like it is ARIN's responsibilty to develop policies and > not ICANNs? It sure reads like ICANN has given ARIN not just the > authority, but the responsibility to create *global* policies for > registration of address space. There are no conditions listed, no > exceptions. > > What am I not understanding? > > Unless I'm badly mistaken in my understanding of a RIR's role as defined > by ICANN, I would like to suggest that ARIN and it's decision making > bodies consider creating policies for reclaiming largely unused legacy > address space. > > What I do not know is if this has already been done and rejected by ICANN. > If so, I would like to see copies of the rejection so I can approach ICANN > as a concerned citizen. > > Thank you. > > Mury > GoldenGate Internet Services > > > ------------------------------------------------------------------------- > > (4) Duties of the Address Council. > > (a) Advisory Role. The Address Council will advise the Board of ICANN on > matters referred to the Address Council by the ICANN Board. > > (b) Policy Development. > > The ICANN bylaws assign to the ASO the responsibility for the > development of global policies relating to the following areas: > > (i) Definition of global policies for the distribution > and registration of > Internet address space (currently IPv4 and IPv6); > > (ii) Definition of global policies for the distribution > and registration of > identifiers used in Internet inter-domain routing > (currently BGP autonomous system numbers); and > > (iii) Definition of global policies concerning the part > of the DNS name > space which is derived from the Internet address space > and the > inter-domain routing identifiers (currently in-addr.arpa > and ip6.int). > > > > Normally, proposals for global policies within the area of the ASO's > responsibility will be developed within the RIRs and forwarded to the > Address Council for their consideration. In special circumstances the > ICANN board can forward a request to develop a new global policy or to > review an existing global policy within the area of the ASO's > responsibility to the Address Council. > > In addition the Address Council may accept, for consideration, proposals > for changes to global IP address policy from any interested individual or > entity. > > In all cases when the Address Council reviews a proposal for new global > policies or a proposed modification to existing policies in this area it > will first solicit the opinions of all of the RIR signatories of the MOU > and of the public. The Address Council will weigh the results of these > solicitations in its deliberations to determine if it will approve the > proposal. At least two thirds of the members of the Address Council must > support a proposal for the proposal to be accepted and forwarded to the > ICANN board for its consideration. > > In any case where the ICANN board has requested that the Address Council > develop a new policy within the area of the ASO's responsibility, the > Address Council will forward that request to the RIR signatories of the > MOU. The RIRs will then be given a reasonable time to propose policies to > address the request from ICANN. Any resulting policy will be evaluated as > described above. If an RIR decides, after reviewing the request, that the > request is unreasonable, it can report that opinion to the Address > Council. If the Address Council, after reviewing the responses, decides > that the request is unreasonable or inadvisable, it can report that > opinion to the ICANN board along with the reasons that the Address Council > reached that conclusion. > > ------------------------------------------------------------------------- > > > On Sun, 17 Sep 2000, Mury wrote: > > > > > This might sound like nit-picking, but I think it's an important issue to > > figure out before I "petition" IANA/ICANN with the below request. Does > > ARIN want to be given authority to oversee those blocks? I certainly > > don't want to ask for something to be given to ARIN that ARIN doesn't > > want. > > > > Perhaps if the AC, the membership, or whoever needs to, can decide on that > > first, then ARIN as well as concerned individuals can approach IANA/ICANN > > with the suggestion/request. > > > > If ARIN doesn't want the be given that authority, then as a concerned > > Internet citizen I'll ask them to do it themselves. While it seems that > > the RIRs are all setup to be able to deal with the process for accounting > > for legacy space, maybe a new ASO (Since it probably isn't regional) > > should be created for dealing with the unique issues that reclaiming will > > probably have. > > > > So, should ARIN (RIRs) have the authority and does it want it? > > > > Mury > > > > Side note: Can someone tell me how much of the legacy space would fall > > under ARIN's region? > > > > > > On Sat, 16 Sep 2000, Alec H. Peterson wrote: > > > > > Mury wrote: > > > > > > > > No offense to you personally with these questions, but I've been told I am > > > > not qualified to act as any sort of "spokesperson" for the ARIN > > > > membership, and that I'm an idiot for asking for the list of legacy space > > > > contacts. > > > > > > > > So my questions are: > > > > > > > > Is it appropriate for me to "petition IANA/ICANN" essentially on behalf of > > > > ARIN? > > > > > > No, but it would be appropriate for you to petition ICANN/IANA as a > > > concerned user of address space (and perhaps an ARIN member, although I > > > don't know offhand if you are) to either take it upon themselves to reclaim > > > address space or delegate authority to do so appropriately (ie, to the > > > RIRs). > > > > > > Alec > > > > > > -- > > > Alec H. Peterson - ahp at hilander.com > > > Staff Scientist > > > CenterGate Research Group - http://www.centergate.com > > > "Technology so advanced, even _we_ don't understand it!" > > > > > > > > > > From memsvcs at arin.net Tue Sep 19 08:30:20 2000 From: memsvcs at arin.net (Member Services) Date: Tue, 19 Sep 2000 08:30:20 -0400 (EDT) Subject: HOTEL BLOCK FOR ARIN VI THROUGH 5:00 PM EDT 9/20 - New Phone # Message-ID: For those registrants needing hotel rooms for the October 2-4 meetings, please be advised that you need to contact the Washington Dulles Airport Hilton directly to reserve your room at the ARIN rate. There was a problem with the toll free number yesterday and reservation requests were turned away. To reserve your room please call Jacqui Cox at (703) 478-2900 and ask for reservations for the ARIN meeting. THE ROOM BLOCK WILL BE HELD UNTIL 5:00 PM EDT WEDNESDAY - THE 20TH. THIS IS THE FINAL EXTENSION. We apologize for any inconvenience this has caused you. Please let me know if you experience any difficulties. Regards, Susan Hamlin ARIN Member Services