[ppml] IPv6 assignment - proposal for change to nrpm

[Ted Mittelstaedt]

>-----Original Message-----
>From: ppml-bounces at arin.net [mailto:ppml-bounces at arin.net]On Behalf Of
>michael.dillon at bt.com
>Sent: Tuesday, October 30, 2007 9:51 AM
>To: ppml at arin.net
>Subject: Re: [ppml] IPv6 assignment - proposal for change to nrpm
>
>
>>  In any case, you cannot hold someone 
>> to an NDA to cover up criminal actions, it's an illegal 
>> contract in that case.  A holder like SBC Global who is under 
>> RSA is arguably violating their contract with ARIN by 
>> assigning an overage of IP addresses to customers that the 
>> customers aren't asking for, in an effort to hoard IPs.
>
>Never attribute to malice that which can be adequately
>explained by stupidity.
><http://en.wikipedia.org/wiki/Hanlon's_razor>
>
>I could have assumed that you had evil intent in this
>slur against SBC and other list members, but instead
>I applied Hanlon's razor and assumed the other.
>

It's why I said "arguably" instead of just stating they
were deliberately violating their RSA.  I see your able to 
understand the meaning of a sentence from the context of
the message it's in - good show! Lots of people seem to
not be able to. :-)

>> You don't have any proof of threats doing anything because, 
>> as you say, ARIN hasn't used threats.  Therefore there is no 
>> data as to how wasteful holders would respond to a threat.
>
>There is plenty of data as to how humans react to threat.
>If ARIN did resort to threats regarding IPv4 addresses,
>many organizations would leave ARIN (flight) and many
>others would launch lawsuits (fight).

The RSA's main threat against
wastage is that ARIN can deny NEW assignments unless the
requestor meets utilization requirements that they already signed
a contract for saying they would meet.  Sure, in theory, ARIN
could yank an allocation on account of wastage - but unless
it really is something like a /8 that isn't used, I would think
that doing this wouldn't meet the cost/benefit hurdle of ARIN
making the threat in the first place, which I already explained
about.  The organization ARIN was making the threat against would, of
course, understand this and thus the threat would have no value.

Keep in mind we AREN'T talking aboout humans here, we are talking
about corporations.  There's probably no denying that some
corporate CEO's would react with a "I'll sue those bastards out
of business" when first encountering a denial by ARIN for new
numbers - but there's also probably no denying that the Chairman
of the Board would probably tell the CEO I'll be damned if your
going to spend my money just because your pride is wounded.

Incidentially, this is the main way that anti-trust regulations
in the US are enforcd.  Rarely are large companies broken up -
but it is routine for the US government to order divestiture of
pieces of monopolies when those monopolies acquire other companies.

There is long legal history of this sort of thing and the idea that
a corporation could field a winnable lawsuit against ARIN denying
it a NEW assignment based on failing to follow terms of an RSA
the corporation has already signed is patently absurd.

I'm not saying some fool somewhere wouldn't try filing such a lawsuit,
of course.

Thus, it is a very real threat to SBCGlobal that if and when
they eventually go to ARIN and request more IPv4, that ARIN
has the power to tell them they won't get more numbers until they
clean up what they have.

>Let's not bother
>with an experiment because it wouldn't improve the
>situation.
>

ARIN has denied IPv4 requests already, and sent the requestors
back to make changes, so we already have "bothered with an experiment"
IMHO.

>> I should hope that everyone reading, even those with feeble 
>> minds, would understand the fundamental basic that you get 
>> more flies with honey than vinegar.  In short, IF your going 
>> to launch a reclamation effort you START with the Mr. Nice 
>> Guy approach.  
>
>And you END with the Mr. Nice Guy approach because the law
>of diminishing returns tells you that vinegar ain't worth
>the trouble.

Why don't you try that logic the next time you get pulled
over for speeding and let us know if it works. ;-)

>And as for RAID, that is more likely to harm
>your health (and that of your kids) than to reduce the fly
>population. Good construction techniques and steel mesh
>window screens (not plastic) will keep out more flies than
>RAID can kill. 
>
>So what is the ARIN analogy of the window screen? Maybe the
>use of IPv6 addresses to ward off the need to deal with IPv4
>depletion issues.
>

That's actually an interesting response - ARIN merely tells
the requestor "sorry we aren't giving you more IPv4 because
your wasting it, but we will give you IPv6 instead"

>> By the time the law of diminishing returns acts on a 
>> reclamation effort, the wasteful holders still out there who 
>> have so far ignored the nice pleas aren't going to respond to 
>> anything other than a threat.
>
>It has already happened. Bill Manning started reclamation about
>10 years ago, and at this point, there isn't much left except for
>the Defense address ranges but even there, it takes a lot of effort
>to get a huge bureaucratic organization to agree to something that
>is not threat-related.
>
>> The current RSA contains a threat anyway - you don't pay your 
>> bill, you lose you addresses.  Shall we to remove that threat 
>> too in the interests of singing kumbiya around the campfire?
>
>Now there is an interesting comment. Because it implies that ARIN
>might get some significant aggregate results by mandating that 
>RSA signers all do internal audits and report back to ARIN.

I'm not sure how you get from "pay your bill or else" to
"audit your IP holdings or else" but let's run with it

>Right
>now the responsibility for IP addressing in most companies is spread
>out and scattered. There is no single point of authority in the senior
>management team (or thereabouts). If ARIN required RSA signers to do
>a serious addressing audit signed off by the CFO of the company, that
>would shake things up a bit.
>
>In fact, such an audit requirement would probably extend the lifetime
>of IPv4 at least a few more months by shaking loose a lot of available
>addresses within a company. 
>

Sounds good to me - since ARIN is comissioning us to do an audit, I'll
simply deduct the labor cost to do it from their annual payment. :-)

Ted