[arin-ppml] Application requests for IPv6?
I don't read this list enough to be fully informed on all the issues
regarding application requests for IPv6 end-user address space, so
please pardon me if my understanding is not correct. We have a
medium-sized end-user network and the number of IPs used will continue
to grow as more mobile devices support Wi-Fi and other devices connect
to the network (e.g. more game systems, printers, TVs, etc.) We have a
legacy address space (class B or /16). For historical reasons IPs are
assigned throughout the address space (sparsely populated) and it would
be quite a bit of work to condense this. We have not signed the legacy
I understand the advantage of conserving routing table space due to a
hierarchical addressing/routing structure. However, we would like to
obtain an IPv6 allocation from ARIN so that in the future we do not have
to go through the work of renumbering devices with static IPs (e.g.
servers) and reconfiguring security devices (e.g. firewalls) if we
decide to switch ISPs. Also, in the future it is likely that we will
want to be multihomed because so many of our important services are
moving to the cloud (e.g. Google Apps for Edu and Google Marketplace
applications). We are probably not alone in our thinking.
We started deploying IPv6 about two years ago after we obtained an
assignment from our ISP, OARnet (Ohio Academic Resources Network). We
have the important services ready (DNS, DHCP, routing, firewalls, NTP,
etc) and we have a token web server up (http://www.ipv6.oberlin.edu).
From my limited perspective it seems that a request for end-user IPv6
address space from ARIN is tied to IPv4 address space and that may be
hindering deployment. An end-user organization should be able to obtain
an IPv6 allocation independent of IPv4 allocations. It sounds like
2010-8 will decouple this and is a step in the right direction.
Director of Networking, Operations, and Systems
Center for Information Technology
148 West College Street
Oberlin, OH 44074
Barron.J.Hulver at oberlin.edu
NRPM 188.8.131.52 offers several ways for an end user organization to qualify
foran IPv6 assignment from ARIN. The criteria that most often applies
is when the organization can "qualify for an IPv4 assignment or
allocation from ARIN under the IPv4 policy currently in effect". There
is no requirement to have a signed RSA/LRSA under this criteria. An
organization can qualify for IPv6, regardless of whether they have
existing IPv4 space, as long as it can meet the criteria of ANY existing
IPv4 policy in effect. Once qualified, if they choose to proceed, they
are assigned the IPv6 resources under the standard RSA.
President and CEO
To qualify for a direct assignment, an organization must:
a. not be an IPv6 LIR; and
b. qualify for an IPv4 assignment or allocation from ARIN
under the IPv4 policy currently in effect, or demonstrate
efficient utilization of all direct IPv4 assignments and
allocations, each of which must be covered by any current
ARIN RSA, or be a qualifying Community Network as
defined in Section 2.8, with assignment criteria defined in
section 6.5.9. .
>From the NRPM:
To qualify for a direct assignment, an organization must:
not be an IPv6 LIR; and
qualify for an IPv4 assignment or allocation from ARIN under the IPv4
policy currently in effect, or demonstrate efficient utilization of all
direct IPv4 assignments and allocations, each of which must be covered
by any current ARIN RSA, or be a qualifying Community Network as defined
in Section 2.8, with assignment criteria defined in section 6.5.9.
So, if you're not already an IPv6 LIR (ISP) then you have to meet ONE of
the criteria from section b:
+ Qualify for IPv4 under existing policy currently in effect
or + demonstrate efficient utilization of all IPv4 assignments and
allocations with each being
covered by an RSA or LRSA.
or + Be a qualifying Community Network as defined in Section 2.8.
Note that the first one and third one do not require your IPv4 space to
be covered by RSA or
In addition to this, this policy will soon be superseded by 2010-8 which
will replace it with
the following text:
6.5.8. Direct assignments from ARIN to end-user organizations
184.108.40.206 Initial Assignment Criteria
Organizations may justify an initial assignment for addressing devices
directly attached to their own network infrastructure, with an intent
for the addresses to begin operational use within 12 months, by meeting
one of the following criteria:
a. Having a previously justified IPv4 end-user assignment from ARIN or
one of its predecessor registries, or;
b. Currently being IPv6 Multihomed or immediately becoming IPv6
Multihomed and using an assigned valid global AS number, or;
c. By having a network that makes active use of a minimum of 2000 IPv6
addresses within 12 months, or;
d. By having a network that makes active use of a minimum of 200 /64
subnets within 12 months, or;
e. By providing a reasonable technical justification indicating why IPv6
addresses from an ISP or other LIR are unsuitable.
Examples of justifications for why addresses from an ISP or other LIR
may be unsuitable include, but are not limited to:
? An organization that operates infrastructure critical to life safety
or the functioning of society can justify the need for an assignment
based on the fact that renumbering would have a broader than expected
impact than simply the number of hosts directly involved. These would
include: hospitals, fire fighting, police, emergency response, power or
energy distribution, water or waste treatment, traffic management and
? Regardless of the number of hosts directly involved, an organization
can justify the need for an assignment if renumbering would affect 2000
or more individuals either internal or external to the organization.
? An organization with a network not connected to the Internet can
justify the need for an assignment by documenting a need for guaranteed
uniqueness, beyond the statistical uniqueness provided by ULA (see RFC
? An organization with a network not connected to the Internet, such as
a VPN overlay network, can justify the need for an assignment if they
require authoritative delegation of reverse DNS.
This version will remove the requirement for RSA/LRSA on the IPv4 space