ARIN-PPML Message

[arin-ppml] Application requests for IPv6?

I don't read this list enough to be fully informed on all the issues 
regarding application requests for IPv6 end-user address space, so 
please pardon me if my understanding is not correct.  We have a 
medium-sized end-user network and the number of IPs used will continue 
to grow as more mobile devices support Wi-Fi and other devices connect 
to the network (e.g. more game systems, printers, TVs, etc.) We have a 
legacy address space (class B or /16).  For historical reasons IPs are 
assigned throughout the address space (sparsely populated) and it would 
be quite a bit of work to condense this.  We have not signed the legacy 
resources agreement.

I understand the advantage of conserving routing table space due to a 
hierarchical addressing/routing structure.  However, we would like to 
obtain an IPv6 allocation from ARIN so that in the future we do not have 
to go through the work of renumbering devices with static IPs (e.g. 
servers) and reconfiguring security devices (e.g. firewalls) if we 
decide to switch ISPs.  Also, in the future it is likely that we will 
want to be multihomed because so many of our important services are 
moving to the cloud (e.g. Google Apps for Edu and Google Marketplace 
applications).  We are probably not alone in our thinking.

We started deploying IPv6 about two years ago after we obtained an 
assignment from our ISP, OARnet (Ohio Academic Resources Network).  We 
have the important services ready (DNS, DHCP, routing, firewalls, NTP, 
etc) and we have a token web server up (http://www.ipv6.oberlin.edu).

 From my limited perspective it seems that a request for end-user IPv6 
address space from ARIN is tied to IPv4 address space and that may be 
hindering deployment.  An end-user organization should be able to obtain 
an IPv6 allocation independent of IPv4 allocations.  It sounds like 
2010-8 will decouple this and is a step in the right direction.


Barron

Barron Hulver
Director of Networking, Operations, and Systems
Center for Information Technology
Oberlin College
148 West College Street
Oberlin, OH  44074
440-775-8798
Barron.J.Hulver at oberlin.edu
http://www2.oberlin.edu/staff/bhulver/






NRPM 6.5.8.1 offers several ways for an end user organization to qualify 
foran IPv6 assignment from ARIN.  The criteria that most often applies 
is when the organization can "qualify for an IPv4 assignment or 
allocation from ARIN under the IPv4 policy currently in effect".  There 
is no requirement to have a signed RSA/LRSA under this criteria.  An 
organization can qualify for IPv6, regardless of whether they have 
existing IPv4 space, as long as it can meet the criteria of ANY existing 
IPv4 policy in effect.  Once qualified, if they choose to proceed, they 
are assigned the IPv6 resources under the standard RSA.

FYI,
/John

John Curran
President and CEO
ARIN


6.5.8.1. Criteria
To qualify for a direct assignment, an organization must:
a. not be an IPv6 LIR; and
b. qualify for an IPv4 assignment or allocation from ARIN
under the IPv4 policy currently in effect, or demonstrate
efficient utilization of all direct IPv4 assignments and
allocations, each of which must be covered by any current
ARIN RSA, or be a qualifying Community Network as
defined in Section 2.8, with assignment criteria defined in
section 6.5.9. .




 >From the NRPM:

6.5.8.1. Criteria
To qualify for a direct assignment, an organization must:
not be an IPv6 LIR; and
qualify for an IPv4 assignment or allocation from ARIN under the IPv4 
policy currently in effect, or demonstrate efficient utilization of all 
direct IPv4 assignments and allocations, each of which must be covered 
by any current ARIN RSA, or be a qualifying Community Network as defined 
in Section 2.8, with assignment criteria defined in section 6.5.9.


So, if you're not already an IPv6 LIR (ISP) then you have to meet ONE of 
the criteria from section b:

	+	Qualify for IPv4 under existing policy currently in effect
or	+	demonstrate efficient utilization of all IPv4 assignments and 
allocations with each being
		covered by an RSA or LRSA.
or	+	Be a qualifying Community Network as defined in Section 2.8.

Note that the first one and third one do not require your IPv4 space to 
be covered by RSA or
LRSA.

In addition to this, this policy will soon be superseded by 2010-8 which 
will replace it with
the following text:

6.5.8. Direct assignments from ARIN to end-user organizations

6.5.8.1 Initial Assignment Criteria

Organizations may justify an initial assignment for addressing devices
directly attached to their own network infrastructure, with an intent
for the addresses to begin operational use within 12 months, by meeting
one of the following criteria:

a. Having a previously justified IPv4 end-user assignment from ARIN or
one of its predecessor registries, or;

b. Currently being IPv6 Multihomed or immediately becoming IPv6
Multihomed and using an assigned valid global AS number, or;

c. By having a network that makes active use of a minimum of 2000 IPv6
addresses within 12 months, or;

d. By having a network that makes active use of a minimum of 200 /64
subnets within 12 months, or;

e. By providing a reasonable technical justification indicating why IPv6 
addresses from an ISP or other LIR are unsuitable.

Examples of justifications for why addresses from an ISP or other LIR
may be unsuitable include, but are not limited to:

? An organization that operates infrastructure critical to life safety
or the functioning of society can justify the need for an assignment
based on the fact that renumbering would have a broader than expected
impact than simply the number of hosts directly involved. These would
include: hospitals, fire fighting, police, emergency response, power or
energy distribution, water or waste treatment, traffic management and
control, etc?
? Regardless of the number of hosts directly involved, an organization
can justify the need for an assignment if renumbering would affect 2000
or more individuals either internal or external to the organization.
? An organization with a network not connected to the Internet can
justify the need for an assignment by documenting a need for guaranteed
uniqueness, beyond the statistical uniqueness provided by ULA (see RFC
4193).
? An organization with a network not connected to the Internet, such as
a VPN overlay network, can justify the need for an assignment if they
require authoritative delegation of reverse DNS.

This version will remove the requirement for RSA/LRSA on the IPv4 space
altogether.

Owen