From memsvcs at arin.net Tue Aug 1 13:59:34 2000 From: memsvcs at arin.net (Member Services) Date: Tue, 1 Aug 2000 13:59:34 -0400 (EDT) Subject: ASO AC NOMINATIONS CLOSE AUGUST 11th & ARIN VI MEETING REGISTRATION NOW OPEN Message-ID: Please note the following important dates: Open to all interested parties 1. August 11: Nominations for one ASO AC seat (for a 3 year term beginning January 1, 2001) close at midnight. Please see instructions for submitting nominations on the ARIN website at: http://www.arin.net/aso/asonom.htm. 2. September 13th: Closing date for hotel reservations for ARIN VI Public Policy and Members Meeting. 3. September 20th: Closing date for ARIN VI meeting registration. For meeting information see: http://www.arin.net/announcements/memmeet.html ARIN MEMBERS: IMPORTANT ARIN ELECTION NOMINATION DEADLINE 1. August 30th: Nomination period for Board of Trustees and Advisory Council seats closes at Midnight EST. See : http://www.arin.net/announcements/election.html Please contact member-services at arin.net if you have any questions concerning the above activities. Regards, Susan Hamlin ARIN Member Services From memsvcs at arin.net Tue Aug 29 14:19:21 2000 From: memsvcs at arin.net (Member Services) Date: Tue, 29 Aug 2000 14:19:21 -0400 (EDT) Subject: AS Number Registrations Message-ID: The number of AS numbers ARIN issues has increased steadily over the last three years. Members have expressed concern about this large increase in AS number registrations. Issued in 1998 -- 915 Issued in 1999 -- 1,685 Issued in 2000 -- 1,596 (through July) The vast majority of these AS numbers are issued to newly multi-homed sites. Is this increase in AS number registrations a concern to the community and should ARIN policies be changed, as a result? The ARIN AS number registration guidelines can be found at http://www.arin.net/regserv/asnguide.htm and on the request template at http://www.arin.net/regserv/templates/asntemplate.txt ARIN would like your feedback on this issue. Please post your comments and suggestions to the public policy mailing list (ppml at arin.net). Your feedback will be included in the discussions at the upcoming public policy meeting. Information about the meeting can be found at http://www.arin.net/announcements/memmeet.html Information on how to subscribe to the ppml can be found at http://www.arin.net/members/mailing/htm From memsvcs at arin.net Tue Aug 29 14:27:33 2000 From: memsvcs at arin.net (Member Services) Date: Tue, 29 Aug 2000 14:27:33 -0400 (EDT) Subject: ARIN Transfer Guidelines Message-ID: There has been recent discussion on the ARIN policy mailing list about the transfer guidelines found at http://www.arin.net/regserv/transfer.html Some individuals have expressed an interest in modifying these guidelines and feel they may discourage organizations from submitting their transfer requests. Should the ARIN transfer guidelines be changed? ARIN would like your feedback on this issue. Please post your comments and suggestions to the public policy mailing list (ppml at arin.net). Your feedback will be included in the discussions at the upcoming public policy meeting. Information about the meeting can be found at http://www.arin.net/announcements/memmeet.html Information on how to subscribe to the ppml can be found at http://www.arin.net/members/mailing.htm From memsvcs at arin.net Tue Aug 29 14:37:04 2000 From: memsvcs at arin.net (Member Services) Date: Tue, 29 Aug 2000 14:37:04 -0400 (EDT) Subject: ARIN IPv6 Registration Fees Message-ID: Since ARIN started registering IPv6 address space, an annual registration fee of $2,500 US has been charged to organizations approved for receiving the standard /35 initial IPv6 allocation. There has been an ongoing discussion about what ARIN should charge for IPv6 allocations. ARIN does not want to discourage registration of IPv6 or hinder the growth of IPv6 networks. It has been suggested that ARIN change its policy so that current IPv4 subscription holders are not charged for their initial IPv6 (/35) allocation for the first one or two years. This temporary fee change may allow more organizations to request IPv6 address space. Should ARIN make a change to its existing IPv6 fee structure? ARIN would like your feedback on this issue. Please post your comments and suggestions to the public policy mailing list (ppml at arin.net). Your feedback will be included in the discussions at the upcoming public policy meeting. Information about the meeting can be found at http://www.arin.net/announcements/memmeet.html Information on how to subscribe to the ppml can be found at http://www.arin.net/members/mailing.htm From memsvcs at arin.net Tue Aug 29 14:46:37 2000 From: memsvcs at arin.net (Member Services) Date: Tue, 29 Aug 2000 14:46:37 -0400 (EDT) Subject: ARIN Web Hosting Policy Message-ID: ARIN's new web hosting policy has recently been under discussion on the ARIN IP allocations policy mailing list. See http://www.arin.net/members/mailing.htm. The policy is described at http://www.arin.net/announcements/policy_changes.html Some individuals have expressed their disagreement with this new policy. Should the ARIN web hosting policy be changed? ARIN would like your feedback on this issue. Please post your comments and suggestions to the public policy mailing list (ppml at arin.net). Your feedback will be included in the discussions at the upcoming public policy meeting. Information about the meeting can be found at http://www.arin.net/announcements/memmeet.html From sigma at pair.com Tue Aug 29 16:07:34 2000 From: sigma at pair.com (sigma at pair.com) Date: Tue, 29 Aug 2000 16:07:34 -0400 (EDT) Subject: ARIN Web Hosting Policy (fwd) Message-ID: <20000829200734.8137.qmail@smx.pair.com> The policy to not accept IP-based hosting as justification for IP allocation is very poor and needs to be reversed. The following major technical limitations on name-based hosting services come to mind: 1) there are still browsers in use which do not work with name-based hosting, causing embarrassing problems for the host and the customer 2) other important related services such as FTP and mail retrieval cannot be virtualized except on a per-IP basis 3) if one customer site is blacklisted by a service such as ORBS, it affects all sites hosted by the host on that shared IP address 4) if one customer site is blacklisted by a filtering service, it affects all sites hosted by the host on that shared IP address 5) hosts that are forced to rely on name-based hosting are at a significant competitive disadvantage in the marketplace This policy change comes as a shock to those of us relying on the only competitive method of virtual Web hosting available to us. pair Networks, Inc has a strong vested interest in its technical approach and business model, and will take whatever steps necessary to protect both. We prefer to work within the system first. Kevin Martin sigma at pair.com ----- Forwarded message from Member Services ----- From memsvcs at arin.net Tue Aug 29 14:46:37 2000 From: memsvcs at arin.net (Member Services) Date: Tue, 29 Aug 2000 14:46:37 -0400 (EDT) Subject: ARIN Web Hosting Policy Message-ID: ARIN's new web hosting policy has recently been under discussion on the ARIN IP allocations policy mailing list. See http://www.arin.net/members/mailing.htm. The policy is described at http://www.arin.net/announcements/policy_changes.html Some individuals have expressed their disagreement with this new policy. Should the ARIN web hosting policy be changed? ARIN would like your feedback on this issue. Please post your comments and suggestions to the public policy mailing list (ppml at arin.net). Your feedback will be included in the discussions at the upcoming public policy meeting. Information about the meeting can be found at http://www.arin.net/announcements/memmeet.html ----- End of forwarded message from Member Services ----- From cscott at gaslightmedia.com Tue Aug 29 16:09:01 2000 From: cscott at gaslightmedia.com (Charles Scott) Date: Tue, 29 Aug 2000 16:09:01 -0400 (EDT) Subject: ARIN Web Hosting Policy In-Reply-To: Message-ID: In reply to Web Hosting Policy: While I agree that the overwhelming majority of browsers support name-based virtual hosting, and technically it shouldn't be a problem for either users or servers, this presents a significant problem for providers who want to do bandwith limitation by virtual server. If a Web hosting provider can no longer justify allocations based on IP-based virtual hosting, some providers will not be able to receive adequate address space to provide a bandwidth limited service. Since bandwidth limitation solutions require separate IP addresses, the new policy would severely impact those providers. Note that in general the Web server based limitation modules are not effective for a variety of reasons and can't be considered a solution. If such a poilcy were to be used, there should be exceptions where a bandwidth limited service is being provided. Chuck Scott, Pres. Gaslight Media cscott at gaslightmedia.com On Tue, 29 Aug 2000, Member Services wrote: > > ARIN's new web hosting policy has recently been under discussion on the > ARIN IP allocations policy mailing list. > See http://www.arin.net/members/mailing.htm. > > The policy is described at > > http://www.arin.net/announcements/policy_changes.html > > Some individuals have expressed their disagreement with this new policy. > Should the ARIN web hosting policy be changed? > > ARIN would like your feedback on this issue. Please post your comments > and suggestions to the public policy mailing list (ppml at arin.net). Your > feedback will be included in the discussions at the upcoming public > policy meeting. > > Information about the meeting can be found at > http://www.arin.net/announcements/memmeet.html > From andy at tigerteam.net Tue Aug 29 16:26:12 2000 From: andy at tigerteam.net (Andy Walden) Date: Tue, 29 Aug 2000 15:26:12 -0500 (CDT) Subject: ARIN Web Hosting Policy (fwd) In-Reply-To: <20000829200734.8137.qmail@smx.pair.com> Message-ID: > The following major technical limitations on name-based hosting services > come to mind: > > 1) there are still browsers in use which do not work with name-based > hosting, causing embarrassing problems for the host and the customer If a browser that doesn't support name-based vhosts, then it also can't see a huge amount of the content or hundreds of thousands of vhosts on the rest of the net either. This user is making a choice. > 2) other important related services such as FTP and mail retrieval > cannot be virtualized except on a per-IP basis There are plenty of technical solutions to do both of these. In > 3) if one customer site is blacklisted by a service such as ORBS, it > affects all sites hosted by the host on that shared IP address > 4) if one customer site is blacklisted by a filtering service, it affects > all sites hosted by the host on that shared IP address I can't imagine that circumventing rogue filtering services is justification for IP addresses. That situation would be between you and the filtering service. > 5) hosts that are forced to rely on name-based hosting are at a significant > competitive disadvantage in the marketplace I would imagine this statement comes as a shock to those of us that have been hosting thousands of sites on name-based vhosts for years without complaint. > This policy change comes as a shock to those of us relying on the only > competitive method of virtual Web hosting available to us. pair Networks, > Inc has a strong vested interest in its technical approach and business > model, and will take whatever steps necessary to protect both. We prefer > to work within the system first. I would be interested in seeing how you intend to circumvent the system. I don't see how you think a statement like this could gain you any sort of credibility for your arguments. > Kevin Martin > sigma at pair.com -andy From sson at veriohosting.com Tue Aug 29 17:15:29 2000 From: sson at veriohosting.com (Stacey D. Son) Date: Tue, 29 Aug 2000 15:15:29 -0600 Subject: ARIN Web Hosting Policy Message-ID: <200008292115.PAA70556@orca.orem.veriohosting.com> ARIN said: >Some individuals have expressed their disagreement with this new policy. >Should the ARIN web hosting policy be changed? > >ARIN would like your feedback on this issue. Please post your comments >and suggestions to the public policy mailing list (ppml at arin.net). Your >feedback will be included in the discussions at the upcoming public >policy meeting. In http://www.arin.net/announcements/policy_changes.html ARIN announced that "[they] will not accept IP-based webhosting as justification for an allocation". There are many practical issues that ARIN may have overlooked in drafting this policy. Name-based hosting has a number of implementation issues including: (1) Lack of support in SSL/TLS. Because the SSL/TLS session is created before HTTP is allowed to pass in current implementation any data it requires an unique IP address for dedicated certificates. If a shared certificate is used browers will report a possible security violation back to the user on the client side which makes it difficult to complete an on-line ecomerce transaction in most cases. While the IETF draft "Upgrading to TLS Within HTTP/1.1" (see http://www.ics.uci.edu/pub/ietf/http/draft-ietf-tls-http-upgrade-05.txt) proposes a solution to this problem this idea is still far from being implemented. Once it is implemented it may take years before a significant percent of the users upgrade their browsers. (The adoption of HTTP/1.1 support in browsers took years to reach 90%, for example). (2) Denial of Service (DoS) attacks on web servers have a much larger scope. Given the current state of IP it is possible for someone (even anonymously) to generate a DoS attack on a web server. Within the last few years distributed DoS (DDoS) attacks have appeared and their effects have been made public (see http://staff.washington.edu/dittrich/misc/ddos/). These attacks generated enough traffic to the point were large Internet sites' web servers could not response to respond to valid requests. There are lots of proposals to the DDoS problem but, in short, nothing really has been deployed or proven to work. In a shared web hosting environment a DoS attack can take down more than the target web site since multiple web sites are hosted on the same web server. This may take down hundreds or thousands of web sites in addition to the target web site. With IP-based web hosting the target web site that is under attack by a DoS can quickly be identified and dealt with. One common method of reducing the effects of the DoS attack is to add a host route to null at the broader routers. This way the router drops the traffic generated by DoS attack to the targeted site and the other web sites hosted on the same server will operate as normal while network engineers attempt to trace the source of the attack. Since name-based all the web sites share the same IP address a DoS attack the null routing method will take down all the hosted sites and not just the target site. In addition, it is much more difficult to identify the target of the attack since it can be any of the sites sharing the same IP address. This same problem can be applied generally to things like filter services. If one IP address gets blocked for some reason or another all the name-based web sites are blocked. (3) Current bandwidth shaping methods will not work. Most, if not all, web hosting companies use a kernel-based or switch-based bandwidth shaping. In order for this to work each web site must have its own IP address. (4) Performance issues in web server software. Popular web servers such as apache implement hashing on IP-based virtual hosts but not on name based hosts. Name based hosts are looked up by a linear search. This could have a significant impact on various web hosting business models since hosting density may need to be changed. (5) Lack of support in other protocols. HTTP is only one aspect of web hosting. Most, if not all, web hosting companies also offer POP3, SMTP, FTP, etc. None of these protocols have support for name-based virtual hosting and rely on the fact an unique IP address is used. While it would be possible to require the domain name in the authenication stage of the protocol many hosting companies have developed large amounts of software that is IP based. Verio Web Hosting feels that ARIN should rethink this policy and discussed it with representives of the web hosting community rather than just those who may not understand all the issues involved. (BTW, I did not see a companion policy from ARIN requiring the deployment of NAT devices. ;) I look forward to discussing this in person in October. Regards, -stacey. Stacey D. Son VP, Hosting Technology Verio Web Hosting "The World Leader in Web Hosting" From sigma at pair.com Tue Aug 29 17:15:49 2000 From: sigma at pair.com (sigma at pair.com) Date: Tue, 29 Aug 2000 17:15:49 -0400 (EDT) Subject: ARIN Web Hosting Policy (fwd) In-Reply-To: from Andy Walden at "Aug 29, 0 03:26:12 pm" Message-ID: <20000829211549.14228.qmail@smx.pair.com> > If a browser that doesn't support name-based vhosts, then it also can't > see a huge amount of the content or hundreds of thousands of vhosts on the > rest of the net either. This user is making a choice. I did not mean to imply this was a large percentage. > > 2) other important related services such as FTP and mail retrieval > > cannot be virtualized except on a per-IP basis > > There are plenty of technical solutions to do both of these. In Who are you or ARIN to dictate those? Within reason, perhaps. I am not aware of any suitable technical solution to virtualizing either service I mentioned. > I can't imagine that circumventing rogue filtering services is > justification for IP addresses. That situation would be between you and > the filtering service. In the real world, those are real problems. Right now it's a manageable problem. It becomes a severe problem under the proposed restriction. > > 5) hosts that are forced to rely on name-based hosting are at a significant > > competitive disadvantage in the marketplace > > I would imagine this statement comes as a shock to those of us that have > been hosting thousands of sites on name-based vhosts for years without > complaint. I'm sorry for you. I stand by my opinion. > > pair Networks, > > Inc has a strong vested interest in its technical approach and business > > model, and will take whatever steps necessary to protect both. We prefer > > to work within the system first. > > I would be interested in seeing how you intend to circumvent the > system. I don't see how you think a statement like this could gain > you any sort of credibility for your arguments. At no point whatsoever did I state any intent to circumvent the system. However, if ARIN changes an existing policy in a way that severely impacts our business model and technical approach, there are two reasonable ways to address it. One is by providing feedback and working within the system to improve the policy. Another is to litigate. I hate people who sue first, think later. Litigation is not the preferred answer, to say the least. But that option has to remain in consideration :( I haven't had time to participate in ARIN or a number of other organizations I'm interested in. Since it seems that ARIN may be making decisions that affect my business (and many others') without consulting them beforehand, I'll be taking part after all. If you are satisfied with your name-based services, why exactly are you concerned about the approach others take? Is it more likely to be purist concern for preserving IP space, or that you would like to see your competitors severely inconvenienced, to your own competitive advantage? Kevin Martin sigma at pair.com From darkshot at chudys.com Tue Aug 29 20:23:11 2000 From: darkshot at chudys.com (Darkshot) Date: Tue, 29 Aug 2000 17:23:11 -0700 Subject: Why IPv6 fees? Message-ID: <39AC53EF.57B5C64D@chudys.com> I understand the IPv4 fees- we were running out of address space. But if fees are charged for IPv6 space, holders of v4 space should be grandfathered in, at the very least. We certainly shouldn't pay the same amount or more.....kinda contrary to the laws of supply and demand, don't you think? In my opinion, of course. 'Shot From bryanh at communitech.net Tue Aug 29 18:12:27 2000 From: bryanh at communitech.net (Bryan Heitman) Date: Tue, 29 Aug 2000 17:12:27 -0500 Subject: ARIN Web Hosting Policy References: <200008292115.PAA70556@orca.orem.veriohosting.com> Message-ID: <046901c01206$382f46a0$1100a8c0@communitech.net> I think Stacey Son said it best with "There are many practical issues that ARIN may have overlooked in drafting this policy" We recently had to deal with this policy on a new allocation that we received a few weeks ago. At that time we drafted about a 3 page explanation as to why IP based hosting is needed. Many of the points in that document have already been stated by all of you in support of IP based hosting so I won't get into that. Our belief is that Name-based hosting should be used only when technically possible, however as most of everyone's platforms out there already rely on IP based hosting, ARIN should not deny the request for allocation. Doing so would have significant negative effects. Best, Bryan Heitman, Vice-President CommuniTech.Net, Inc. - (800) WEB-HOST ----- Original Message ----- From: "Stacey D. Son" To: Sent: Tuesday, August 29, 2000 4:15 PM Subject: Re: ARIN Web Hosting Policy > ARIN said: > >Some individuals have expressed their disagreement with this new policy. > >Should the ARIN web hosting policy be changed? > > > >ARIN would like your feedback on this issue. Please post your comments > >and suggestions to the public policy mailing list (ppml at arin.net). Your > >feedback will be included in the discussions at the upcoming public > >policy meeting. > > In http://www.arin.net/announcements/policy_changes.html ARIN > announced that "[they] will not accept IP-based webhosting as > justification for an allocation". There are many practical issues > that ARIN may have overlooked in drafting this policy. Name-based > hosting has a number of implementation issues including: > > (1) Lack of support in SSL/TLS. Because the SSL/TLS session is > created before HTTP is allowed to pass in current implementation any > data it requires an unique IP address for dedicated certificates. If > a shared certificate is used browers will report a possible security > violation back to the user on the client side which makes it difficult > to complete an on-line ecomerce transaction in most cases. While the > IETF draft "Upgrading to TLS Within HTTP/1.1" (see > http://www.ics.uci.edu/pub/ietf/http/draft-ietf-tls-http-upgrade-05.txt) > proposes a solution to this problem this idea is still far from being > implemented. Once it is implemented it may take years before a > significant percent of the users upgrade their browsers. (The > adoption of HTTP/1.1 support in browsers took years to reach 90%, for > example). > > (2) Denial of Service (DoS) attacks on web servers have a much larger > scope. Given the current state of IP it is possible for someone (even > anonymously) to generate a DoS attack on a web server. Within the > last few years distributed DoS (DDoS) attacks have appeared and their > effects have been made public (see > http://staff.washington.edu/dittrich/misc/ddos/). These attacks > generated enough traffic to the point were large Internet sites' web > servers could not response to respond to valid requests. There are > lots of proposals to the DDoS problem but, in short, nothing really > has been deployed or proven to work. > > In a shared web hosting environment a DoS attack can take down more > than the target web site since multiple web sites are hosted on the > same web server. This may take down hundreds or thousands of web > sites in addition to the target web site. > > With IP-based web hosting the target web site that is under attack by > a DoS can quickly be identified and dealt with. One common method of > reducing the effects of the DoS attack is to add a host route to null > at the broader routers. This way the router drops the traffic > generated by DoS attack to the targeted site and the other web sites > hosted on the same server will operate as normal while network > engineers attempt to trace the source of the attack. Since name-based > all the web sites share the same IP address a DoS attack the null > routing method will take down all the hosted sites and not just the > target site. In addition, it is much more difficult to identify the > target of the attack since it can be any of the sites sharing the same > IP address. > > This same problem can be applied generally to things like filter > services. If one IP address gets blocked for some reason or another > all the name-based web sites are blocked. > > (3) Current bandwidth shaping methods will not work. Most, if not > all, web hosting companies use a kernel-based or switch-based > bandwidth shaping. In order for this to work each web site must have > its own IP address. > > (4) Performance issues in web server software. Popular web servers > such as apache implement hashing on IP-based virtual hosts but not on > name based hosts. Name based hosts are looked up by a linear search. > This could have a significant impact on various web hosting business > models since hosting density may need to be changed. > > (5) Lack of support in other protocols. HTTP is only one aspect of > web hosting. Most, if not all, web hosting companies also offer POP3, > SMTP, FTP, etc. None of these protocols have support for name-based > virtual hosting and rely on the fact an unique IP address is used. > While it would be possible to require the domain name in the > authenication stage of the protocol many hosting companies have > developed large amounts of software that is IP based. > > Verio Web Hosting feels that ARIN should rethink this policy and > discussed it with representives of the web hosting community rather > than just those who may not understand all the issues involved. (BTW, > I did not see a companion policy from ARIN requiring the deployment of > NAT devices. ;) I look forward to discussing this in person in October. > > Regards, > > -stacey. > > Stacey D. Son > VP, Hosting Technology > Verio Web Hosting > "The World Leader in Web Hosting" > > > From sson at veriohosting.com Tue Aug 29 18:12:09 2000 From: sson at veriohosting.com (Stacey D. Son) Date: Tue, 29 Aug 2000 16:12:09 -0600 Subject: ARIN Web Hosting Policy (fwd) In-Reply-To: Your message of "Tue, 29 Aug 2000 15:26:12 CDT." Message-ID: <200008292212.QAA76023@orca.orem.veriohosting.com> Andy said: > > 2) other important related services such as FTP and mail retrieval > > cannot be virtualized except on a per-IP basis > > There are plenty of technical solutions to do both of these. In Yes, this usually involves passing the domain name in authentication stage of the protocol. There are various problems with doing this hack including: (1) Not all protocols require authentication. (2) Not all clients support long usernames (so the username can include the domain name to guarantee an unique name space). (3) Tech support issues. One of the top tech support questions is concerning client software configuration. This only compounds that problem. > > 3) if one customer site is blacklisted by a service such as ORBS, it > > affects all sites hosted by the host on that shared IP address > > 4) if one customer site is blacklisted by a filtering service, it affects > > all sites hosted by the host on that shared IP address > > I can't imagine that circumventing rogue filtering services is > justification for IP addresses. That situation would be between you and > the filtering service. I have seen a lot of K-12 schools (on limited budgets), for example, that use ACLs in the routers to block sites that are against the school policy or target their students. Blocking one IP address with name-based hosting blocks more than one site. (Also, see my comments about DDoS attacks.) > > 5) hosts that are forced to rely on name-based hosting are at a significant > > competitive disadvantage in the marketplace > > I would imagine this statement comes as a shock to those of us that have > been hosting thousands of sites on name-based vhosts for years without > complaint. I'm sorry but which web hosting company do you represent? Most sucessful hosting companies that I am familar with do IP-based hosting. > > This policy change comes as a shock to those of us relying on the only > > competitive method of virtual Web hosting available to us. pair Networks, > > Inc has a strong vested interest in its technical approach and business > > model, and will take whatever steps necessary to protect both. We prefer > > to work within the system first. > > I would be interested in seeing how you intend to circumvent the > system. I don't see how you think a statement like this could gain > you any sort of credibility for your arguments. It does not take much thinking to see ways to circumvent the system (e.g. black market for IP address space, companies buying companies just for their large unused address space, etc.) I am surprised that ARIN has thrown out a policy without considering the technical aspects and without talking to those that do a lot of hosting. I am also surprised that only hosting seems to be targeted so far. For example, I don't see an ARIN policy that requires the use of more NAT devices which has the potential of saving more IP addresses given there are far more users than web sites. Or why does ARIN encourage more IPv6 deployment in a policy by giving companies that have taken steps toward it credit? Regards, -stacey. From sigma at pair.com Tue Aug 29 18:18:23 2000 From: sigma at pair.com (sigma at pair.com) Date: Tue, 29 Aug 2000 18:18:23 -0400 (EDT) Subject: ARIN Web Hosting Policy (fwd) In-Reply-To: <200008292212.QAA76023@orca.orem.veriohosting.com> from "Stacey D. Son" at "Aug 29, 0 04:12:09 pm" Message-ID: <20000829221823.18287.qmail@smx.pair.com> > (1) Not all protocols require authentication. Including anonymous FTP sites which many of us provide for our customers. > It does not take much thinking to see ways to circumvent the system > (e.g. black market for IP address space, companies buying companies > just for their large unused address space, etc.) Again, for the record, I made no statement proposing to circumvent the system, nor implying that I would do so or condone doing so. > I am surprised that ARIN has thrown out a policy without considering > the technical aspects and without talking to those that do a lot of > hosting. I'm wondering how many representatives from hosting companies were present at ARIN V. I may not be the only person who has been too busy to participate, nor is the company I work for likely the only company too busy to send someone. Of course, when you don't imagine that ARIN is going to blindside you, it's not a problem. > I am also surprised that only hosting seems to be targeted > so far. For example, I don't see an ARIN policy that requires the use > of more NAT devices which has the potential of saving more IP > addresses given there are far more users than web sites. Or why does > ARIN encourage more IPv6 deployment in a policy by giving companies > that have taken steps toward it credit? Or reclamation of underutilized (or completely unused) blocks that have been allocated historically. Kevin From sson at veriohosting.com Tue Aug 29 18:44:08 2000 From: sson at veriohosting.com (Stacey D. Son) Date: Tue, 29 Aug 2000 16:44:08 -0600 Subject: ARIN Web Hosting Policy (fwd) In-Reply-To: Your message of "Tue, 29 Aug 2000 18:18:23 EDT." <20000829221823.18287.qmail@smx.pair.com> Message-ID: <200008292244.QAA78875@orca.orem.veriohosting.com> Kevin said: > > It does not take much thinking to see ways to circumvent the system > > (e.g. black market for IP address space, companies buying companies > > just for their large unused address space, etc.) > > Again, for the record, I made no statement proposing to circumvent the > system, nor implying that I would do so or condone doing so. Nor am I... I am just pointing out that it is very possible. :) > > I am also surprised that only hosting seems to be targeted > > so far. For example, I don't see an ARIN policy that requires the use > > of more NAT devices which has the potential of saving more IP > > addresses given there are far more users than web sites. Or why does > > ARIN encourage more IPv6 deployment in a policy by giving companies > > that have taken steps toward it credit? > > Or reclamation of underutilized (or completely unused) blocks that have > been allocated historically. I applaud the efforts of those like Stanford University that are working to free up and return their unused address (voluntarily). A lot of this has gone unrecognized in the most part. Regards, -stacey. From andy at tigerteam.net Tue Aug 29 18:37:19 2000 From: andy at tigerteam.net (Andy Walden) Date: Tue, 29 Aug 2000 17:37:19 -0500 (CDT) Subject: ARIN Web Hosting Policy (fwd) In-Reply-To: <20000829211549.14228.qmail@smx.pair.com> Message-ID: > > > 2) other important related services such as FTP and mail retrieval > > > cannot be virtualized except on a per-IP basis > > > > There are plenty of technical solutions to do both of these. In > > Who are you or ARIN to dictate those? Within reason, perhaps. I am not > aware of any suitable technical solution to virtualizing either service > I mentioned. Actually, the fact is, there are technical solutions, my opinion is, they should be utilized. I don't get to dictate anything though. There are pro's and con's to all technical solutions. If a technical solution exists that does not unreasonably waste IP addresses, then its use should be encouraged. If your specific solution doesn't support the features, pressure should be exerted on your vendors to meet your needs. Ones investment in a flawed technology does cannot qualify as a reason to sustain the technology. The same argument can be made for making as inefficient engines as you feel like, without EPA or conservations and arguing that your investment in the technology makes it ok. Its not for the good of the larger group. There are always exceptions though, SSL is certainly one of them. For specifics though, I realize that the FTP host header provision is still sitting in IETF land. It is certainly feasible to setup a chroot jail for the FTP users on a per server basis. As far as mail goes, Qmail supports a nice virtual user SQL addon, or if you like Intermail also keeps things seperate. It also defines on what you define as virtual hosting I suppose. Is it the banner one sees when connected to the tcp port? Is it a user management interface? Nonetheless, the note only mentioned HTTP that I saw. > > I can't imagine that circumventing rogue filtering services is > > justification for IP addresses. That situation would be between you and > > the filtering service. > > In the real world, those are real problems. Right now it's a manageable > problem. It becomes a severe problem under the proposed restriction. My opinion stands. Its not part of IP policy to work around your social filtering issues. > > > 5) hosts that are forced to rely on name-based hosting are at a significant > > > competitive disadvantage in the marketplace > > > > I would imagine this statement comes as a shock to those of us that have > > been hosting thousands of sites on name-based vhosts for years without > > complaint. > > I'm sorry for you. I stand by my opinion. Though you haven't provided anything to back it up. > > > pair Networks, > > > Inc has a strong vested interest in its technical approach and business > > > model, and will take whatever steps necessary to protect both. We prefer > > > to work within the system first. > > > > I would be interested in seeing how you intend to circumvent the > > system. I don't see how you think a statement like this could gain > > you any sort of credibility for your arguments. > > At no point whatsoever did I state any intent to circumvent the system. > However, if ARIN changes an existing policy in a way that severely impacts > our business model and technical approach, there are two reasonable ways to > address it. One is by providing feedback and working within the system to > improve the policy. Another is to litigate. I hate people who sue first, > think later. Litigation is not the preferred answer, to say the least. But > that option has to remain in consideration :( That would be interesting to see really. I don't know of anyone that has sued ARIN. I'm sure it has crossed lots of minds. > If you are satisfied with your name-based services, why exactly are you > concerned about the approach others take? Is it more likely to be purist > concern for preserving IP space, or that you would like to see your > competitors severely inconvenienced, to your own competitive advantage? Purist concern. Remember, I think the name-based stuff is fine, so I never intended to imply I wanted to inconvienence anyone. andy From andy at tigerteam.net Tue Aug 29 18:40:27 2000 From: andy at tigerteam.net (Andy Walden) Date: Tue, 29 Aug 2000 17:40:27 -0500 (CDT) Subject: ARIN Web Hosting Policy (fwd) In-Reply-To: <20000829221823.18287.qmail@smx.pair.com> Message-ID: > > Or reclamation of underutilized (or completely unused) blocks that have > been allocated historically. > > Kevin I'm all for this also. Its part of that purist thing I have going on. But shifting the focus towards one problem from another doesn't fix it unfortunatly. andy From sson at veriohosting.com Tue Aug 29 19:41:44 2000 From: sson at veriohosting.com (Stacey D. Son) Date: Tue, 29 Aug 2000 17:41:44 -0600 Subject: ARIN Web Hosting Policy (fwd) In-Reply-To: Your message of "Tue, 29 Aug 2000 17:37:19 CDT." Message-ID: <200008292341.RAA83815@orca.orem.veriohosting.com> Andy said: > Actually, the fact is, there are technical solutions, my opinion is, they > should be utilized. I don't get to dictate anything though. There are > pro's and con's to all technical solutions. If a technical solution exists > that does not unreasonably waste IP addresses, then its use should be > encouraged. If your specific solution doesn't support the features, > pressure should be exerted on your vendors to meet your needs. NAT, which has the potential of saving millions of IP addresses (instead of thousands), has been around long before Al Gore invented the Internet so why isn't its use been "encouraged" by ARIN? IPv6 has the potential of solving the problem altogether. Where is the "encouragement" on its deployment and use by ARIN? > Ones investment in a flawed technology does cannot qualify as a reason to > sustain the technology. The same argument can be made for making as > inefficient engines as you feel like, without EPA or conservations and > arguing that your investment in the technology makes it ok. Its not for > the good of the larger group. However, the EPA does not require Ford to change overnight. This new ARIN policy, on the other hand, requires it of web hosters. > There are always exceptions though, SSL is certainly one of them. I see no provisions in ARIN's policy for such. With the RSA patent expiring next month most major web hosting companies on the planet will most likely be offering SSL/TLS for free, IMO. If ARIN explicitly made an exception for SSL/TLS then I don't think we would be having this discusion. > For specifics though, I realize that the FTP host header provision is > still sitting in IETF land. It is certainly feasible to setup a chroot > jail for the FTP users on a per server basis. I am confused on how anonymous FTP works in this situation. How does the server "read the mind" of the client to know which chroot jail to put the user in? > As far as mail goes, Qmail supports a nice virtual user SQL addon, > or if you like Intermail also keeps things seperate. It also defines > on what you define as virtual hosting I suppose. Is it the banner > one sees when connected to the tcp port? Is it a user management > interface? Nonetheless, the note only mentioned HTTP that I saw. But do all these applications support bandwidth shaping, for example? By removing the unique IP address you push bandwidth shaping into user space. Support for this exist in routers, level 3 switches and kernels (all of which is IP based) but I know of little support in applications. Regards, -stacey. From bet at rahul.net Tue Aug 29 22:22:51 2000 From: bet at rahul.net (Bennett Todd) Date: Tue, 29 Aug 2000 22:22:51 -0400 Subject: ARIN Web Hosting Policy (fwd) In-Reply-To: ; from andy@tigerteam.net on Tue, Aug 29, 2000 at 05:37:19PM -0500 References: <20000829211549.14228.qmail@smx.pair.com> Message-ID: <20000829222251.C16883@oven.com> I think this new policy comes at an unfortunate time. HTTP works great with name virtual hosting only; it has for years now. Even though there remain HTTP clients that send requests claiming only HTTP/1.0, they still all send the Host: header; I have set up a great many name virtual hosts over the last few years and never heard any problems reported. Email works like a champ with virtual hosting, no special tricks are needed at all. FTP can't (with currently deployed clients anyway), but then that protocol stinks on ice, can't be retired quick enough. But oh so sadly, SSL can't work with name virtual hosts, and there's no immediate prospect of a better-designed alternative. And I expect it to get a _lot_ more widespread starting about a month from today. If ARIN had pushed this a couple of years back, perhaps they could have overcome the intertia of people who have figured out how to set up IP virtual hosts, and don't wish to attempt to learn anything better; and if people weren't so settled on IP virtual hosts, perhaps that would have provided some demand to get TLS engineered to support name virtual hosts. But this policy comes too late to catch the tide. -Bennett -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available URL: From info at avehost.com Tue Aug 29 23:24:42 2000 From: info at avehost.com (AveHost.com Staff) Date: Tue, 29 Aug 2000 23:24:42 -0400 Subject: SSL on Host Headers In-Reply-To: Message-ID: Justin: Thank you for the information, that's the same info I have received and researched ourselves. We have communicated this to ARIN's policy mailing list on our own but it is always good for a customer's viewpoint to be heard, thus I'll forward your email to the ARIN policy mailing list, but don't get your hopes up, they are pretty adamant about restricting IP's for hosting services at any cost to the customer. AveHost.com Staff AveHost.com, a service of RegSearch International 201-840-7311 -----Original Message----- From: Justin Clark [mailto:justinclark at mydesktophelp.com] Sent: Tuesday, August 29, 2000 9:17 PM To: support at avehost.com Subject: SSL on Host Headers I had talked to someone ealier this week about the new policy that arin has put into effect about not allowing hosting providers to give a dedicated IP to one site. We went on to talk about SSL on a machine running hosts headers. I was doing a little research on it tonight, trying to get it to work on a test webserver at my house. after a while of fighting with it i finally went to help, at the bottom of the page it said the following: Note You cannot use host headers when using Secure Sockets Layer (SSL) because HTTP requests using SSL are encrypted. Host headers are part of the encrypted request and cannot be interpreted and routed to the correct site. that was on IIS5.0 on a win2k advanced server. So in my mind, if there is no way to do it in IIS5.0, i dont think it is going to happen in IIS4.0 Has anyone presented this information to Arin?? Anyway, could someone please pass that along. thanks, Justin M. Clark JustinClark at MyDesktopHelp.Com -------------- next part -------------- An HTML attachment was scrubbed... URL: From sigma at pair.com Wed Aug 30 00:04:02 2000 From: sigma at pair.com (sigma at pair.com) Date: Wed, 30 Aug 2000 00:04:02 -0400 (EDT) Subject: ARIN Web Hosting Policy (fwd) In-Reply-To: from Andy Walden at "Aug 29, 0 05:37:19 pm" Message-ID: <20000830040402.29935.qmail@smx.pair.com> > If your specific solution doesn't support the features, > pressure should be exerted on your vendors to meet your needs. The problem isn't with vendors. In the real world, there are certain limitations caused by the technology already deployed for millions of end-users, quite beyond our control. > Ones investment in a flawed technology does cannot qualify as a reason to > sustain the technology. The technology is not flawed. It is very effective and practical, for a wide variety of services. You perceive it as flawed. > For specifics though, I realize that the FTP host header provision is > still sitting in IETF land. It is certainly feasible to setup a chroot > jail for the FTP users on a per server basis. There is no way for a FTP server to know which domain is being requested by the client. "chroot jails" don't even enter into it. > As far as mail goes, Qmail > supports a nice virtual user SQL addon, or if you like Intermail also > keeps things seperate. Sure, we use qmail. Same problem with the POP3 and IMAP services as with the FTP service. > It also defines on what you define as virtual > hosting I suppose. Is it the banner one sees when connected to the tcp > port? Is it a user management interface? Nonetheless, the note only > mentioned HTTP that I saw. You can't ignore the fact that most Web hosts provide a number of virtualized services bundled together. This isn't just about HTTP. > My opinion stands. Its not part of IP policy to work around your social > filtering issues. They aren't "my" issues. Read peacefire.org or any NANOG thread about ORBS. > > I'm sorry for you. I stand by my opinion. > > Though you haven't provided anything to back it up. That's your opinion. > That would be interesting to see really. I don't know of anyone that has > sued ARIN. I'm sure it has crossed lots of minds. Nor do I wish to do so. I'm not even a person who's quick to say "let's sue", by any means. But when you see a poorly thought out policy being brought out without consideration by the community it severely affects, protecting your business does cross your mind. > Purist concern. Remember, I think the name-based stuff is fine, so I never > intended to imply I wanted to inconvienence anyone. How do you distinguish between ftp://ftp.domain1.com/ and ftp://ftp.domain2.com/ ? Kevin From shane at ripe.net Wed Aug 30 04:23:04 2000 From: shane at ripe.net (Shane Kerr) Date: Wed, 30 Aug 2000 10:23:04 +0200 Subject: AS Number Registrations In-Reply-To: Your message of Tue, 29 Aug 2000 14:19:21 EDT. References: Message-ID: <200008300823.KAA21492@x17.ripe.net> > The number of AS numbers ARIN issues has increased steadily over the last > three years. Members have expressed concern about this large increase in > AS number registrations. > > Issued in 1998 -- 915 > Issued in 1999 -- 1,685 > Issued in 2000 -- 1,596 (through July) > > The vast majority of these AS numbers are issued to newly multi-homed > sites. Is this increase in AS number registrations a concern to the > community and should ARIN policies be changed, as a result? Note the current assignments on the IANA page: http://www.isi.edu/in-notes/iana/assignments/as-numbers At 3000 issued a year, the AS numbers will exhaust the "Held by IANA" in 4 years, and the "Reserved by IANA" in 15 or so. Given a modest 50% increase in number issued each year, they'll all be gone in 2004 or 2005. As was/is the case with IPv4, the options of dealing with number shortage are: 1. Change the amount of numbers (e.g. IPv6) I'm not aware of any planned BGP protocol that extends the space of AS numbers beyond 16-bits. Even should such a protocol exist, it getting it standardised and installed across the Internet before 2004 seems an ambitious goal. 2. Change the way numbers are used (e.g. NAT, CIDR) I think this is both the best approach, as well as being the only one that ARIN (or any other AS number assigning registry, i.e. RIPE NCC or APNIC) can actually implement. The IETF BCP document, AKA RFC 1930 (ug...think I need more TLA's?) describes the situations in when an AS is needed. As mentioned in ARIN's e-mail, the vast majority of new AS numbers are issued to newly multi-homed sites. This is described as a valid reason to need an AS number in this document. As a side note, I think it imperative that ARIN does nothing that might discourage sites from becoming multi-homed. Removing single points of failure is key to insuring reliability. I think the basic problem is that the BCP may not be 100% correct in stating that a site needs an AS number to be multi-homed. It is possible to advertise a route from multiple origin AS numbers. I suggest that this should be the recommendation of ARIN regarding multi-homed sites. A multi-homed customer with two (or more) upstream providers certainly needs to exchange routing information with the providers, but there is no reason from the customer point of view why this protocol needs to be BGP (or rather, why it can't be internal BGP or some other internal routing protocol). This protocol need not even be the same for all upstream providers! The potential drawback of this scenario is when the upstream providers inject the route into the Internet. What other sites on the Internet will see is a single route, originating from several AS numbers. I am fairly sure that this is not a problem with current Internet routers. Indeed, many networks are currently advertised in this fashion today. I have been told that there is resistance to the idea of advertising a route from multiple AS numbers, but I'm not sure what the concerns are. There may be other potential problems, e.g. with efficiency or with failure recovery time. Individuals with more routing expertise than me will need to address these issues. :( Shane From Imail at isocentric.com Wed Aug 30 09:18:31 2000 From: Imail at isocentric.com (Imail) Date: Wed, 30 Aug 2000 08:18:31 -0500 Subject: ARIN Web Hosting Policy (Please change it, We Don't Agree) Message-ID: As a previous customer and now provider of Web Hosting and Collocation services, I do not agree with your new policy on address assignment justifications. 1) SSL Sites require a unique IP Address in most cases. 2) FTP access requires a unique IP Address. 3) Security is more complicated and potentially compromised by this policy! 4) There are significant Service Level issues for providers. 5) How do I do log analysis now, measure Bandwidth, etc. 5) Customers Demand Unique IP Addresses! 6) How are you going to police this? As a past customer of Web Hosting services, I would never even consider a Hosting Provider that would not provide me a unique IP Address. Please note that I acknowledge that Host Headers do have a valid and useful place in providing Web Hosting services. However only on the low end of the spectrum, any significant site will demand unique IP addresses and they should. There are many other issues of more importance. For instance, why don't you reclaim unused IP address space from some of the early allocations. I know of at least one, if not many that use only fractions of their allocated IP address space. Take back those class B's! Frank Boyer CTO & co-founder Isocentric Networks Incorporated From smarcus at genuity.com Wed Aug 30 10:06:54 2000 From: smarcus at genuity.com (J. Scott Marcus) Date: Wed, 30 Aug 2000 10:06:54 -0400 Subject: AS Number Registrations In-Reply-To: <200008300823.KAA21492@x17.ripe.net> References: Message-ID: <3.0.5.32.20000830100654.03f67020@pobox3.genuity.com> At 10:23 08/30/2000 +0200, Shane Kerr wrote: >> The number of AS numbers ARIN issues has increased steadily over the last >> three years. Members have expressed concern about this large increase in >> AS number registrations. >> >> Issued in 1998 -- 915 >> Issued in 1999 -- 1,685 >> Issued in 2000 -- 1,596 (through July) >> >> The vast majority of these AS numbers are issued to newly multi-homed >> sites. Is this increase in AS number registrations a concern to the >> community and should ARIN policies be changed, as a result? > >Note the current assignments on the IANA page: > >http://www.isi.edu/in-notes/iana/assignments/as-numbers > >At 3000 issued a year, the AS numbers will exhaust the "Held by IANA" >in 4 years, and the "Reserved by IANA" in 15 or so. Given a modest 50% >increase in number issued each year, they'll all be gone in 2004 or 2005... Thanks, Shane. Interesting comments. My concern has been with the rate of increase. If you look at the numbers above, it appears that we are witnessing an increase of about 100% (_not_ 50%) per year in the number assigned. Exponential growth tends to be unsustainable in many real world situations (cf. Malthus), and this is no exception. If current trends imply the need for ARIN alone to assign 6,000 AS numbers in 2001, 12,000 in 2002, and 24,000 in 2003, we are in deep weeds indeed. In many cases, trends like these are self-limiting. Many exponential growth curves top out and go sigmoid (s-shaped) as they encounter natural limits. Perhaps this is not a problem -- perhaps we run out of networks to multi-home, for instance, long before this becomes a serious issue. But looking at the numbers above makes me nervous as heck. Cheers, - Scott From byans at ugo.com Wed Aug 30 10:55:51 2000 From: byans at ugo.com (Bryan Socha) Date: Wed, 30 Aug 2000 10:55:51 -0400 Subject: AS Number Registrations Message-ID: I think you also need to look at the industry. Its no longer just providers running bgp anymore. I know with my company we need to run bgp even though we don't exactly fit a "provider" model. Then again we are on 5 upstreams with 2 more in provisoning. The change in policy does worry me.. The number for the most part speak for themselves, but we would never be able to operate without bgp and since we have an ASN because we are multihomed, a policy change would not have allowed us to reach where we are now. We do offer some provider like services such as colocation and hosting but our model is a moderate sized collection of affiliated websites and those services are provided at a discount since we have an interest in their success and can watch instabilities on the internet better than they can from their home setups. I do agree that something needs to be done but if it does affect multihomed ASN owners only, I think it needs to be very defined as to when you are eligable for one. Just my thoughts, Bryan Socha -----Original Message----- From: J. Scott Marcus [mailto:smarcus at genuity.com] Sent: Wednesday, August 30, 2000 10:07 AM To: Shane Kerr Cc: ppml at arin.net Subject: Re: AS Number Registrations At 10:23 08/30/2000 +0200, Shane Kerr wrote: >> The number of AS numbers ARIN issues has increased steadily over the last >> three years. Members have expressed concern about this large increase in >> AS number registrations. >> >> Issued in 1998 -- 915 >> Issued in 1999 -- 1,685 >> Issued in 2000 -- 1,596 (through July) >> >> The vast majority of these AS numbers are issued to newly multi-homed >> sites. Is this increase in AS number registrations a concern to the >> community and should ARIN policies be changed, as a result? > >Note the current assignments on the IANA page: > >http://www.isi.edu/in-notes/iana/assignments/as-numbers > >At 3000 issued a year, the AS numbers will exhaust the "Held by IANA" >in 4 years, and the "Reserved by IANA" in 15 or so. Given a modest 50% >increase in number issued each year, they'll all be gone in 2004 or 2005... Thanks, Shane. Interesting comments. My concern has been with the rate of increase. If you look at the numbers above, it appears that we are witnessing an increase of about 100% (_not_ 50%) per year in the number assigned. Exponential growth tends to be unsustainable in many real world situations (cf. Malthus), and this is no exception. If current trends imply the need for ARIN alone to assign 6,000 AS numbers in 2001, 12,000 in 2002, and 24,000 in 2003, we are in deep weeds indeed. In many cases, trends like these are self-limiting. Many exponential growth curves top out and go sigmoid (s-shaped) as they encounter natural limits. Perhaps this is not a problem -- perhaps we run out of networks to multi-home, for instance, long before this becomes a serious issue. But looking at the numbers above makes me nervous as heck. Cheers, - Scott From smarcus at genuity.com Wed Aug 30 11:07:03 2000 From: smarcus at genuity.com (J. Scott Marcus) Date: Wed, 30 Aug 2000 11:07:03 -0400 Subject: AS Number Registrations In-Reply-To: Message-ID: <3.0.5.32.20000830110703.03f52ec0@pobox3.genuity.com> At 10:55 08/30/2000 -0400, Bryan Socha wrote: >... The change in policy does worry me.. The number for the most part speak for >themselves, but we would never be able to operate without bgp and since we >have an ASN because we are multihomed, a policy change would not have >allowed us to reach where we are now... To clarify, Bryan: ARIN has not itself proposed a specific change. ARIN is soliciting input. You are responding in your e-mail, I think, to a suggestion from one knowledgable individual. What ARIN asked was whether changes are necessary: > ... >The vast majority of these AS numbers are issued to newly multi-homed >sites. Is this increase in AS number registrations a concern to the >community and should ARIN policies be changed, as a result? ... Cheers, - Scott From jim at hostway.net Wed Aug 30 11:19:43 2000 From: jim at hostway.net (Jim Cusick) Date: Wed, 30 Aug 2000 10:19:43 -0500 Subject: ARIN Web Hosting Policy (fwd) References: Message-ID: <39AD260F.4EEACA9C@hostway.net> Instead of one group pointing fingers at another, let's maintain the focus here on the real problem. No one *wants* to waste IP space. If your business is built on name based virtual hosting than you don't have the issues that many of us face with the prospect of this policy being enforced. Consider yourself lucky, or clairvoyant or, as you say, pure. But the reality for many web hosting businesses includes a 1-to-1 relationship between customers and IP. This is partially historical, partially customer expectation, and partially technological. All of these can be changed. IP space conservation and movement towards technological solutions should be the focus here. I think the ARIN Web Hosting Policy served for many as a wake up call the things cannot go on as they have, but an overnight change in this policy is not acceptable to those member who rely on ARIN for management of a critical resource. >From the 1999 Annual Report: "ARIN officially opened for operation on December 22, 1997. Since that time, many changes in the industry have fostered an organization that is flexible in meeting the needs of the users in its region. ARIN remains at the forefront of the global network evolution, sometimes following, sometimes leading, and stays abreast of activities and technological advances that occur nearly every day." So I believe the policy as stated needs to be rewritten to encourage the technological and market changes required to preserve IP space while allowing businesses to retool as these changes take place. A big stick may be required to force these changes to come about but a big stick in the dark does not reflect an organization which "is flexible in meeting the needs of the users in its region." Jim Cusick Hostway Corporation Andy Walden wrote: > > > > > Or reclamation of underutilized (or completely unused) blocks that have > > been allocated historically. > > > > Kevin > > I'm all for this also. Its part of that purist thing I have going on. But > shifting the focus towards one problem from another doesn't fix it > unfortunatly. > > andy From bryanh at communitech.net Wed Aug 30 12:07:03 2000 From: bryanh at communitech.net (Bryan Heitman) Date: Wed, 30 Aug 2000 11:07:03 -0500 Subject: Fw: ARIN Web Hosting Policy (fwd) Message-ID: <011501c0129c$5693d160$1100a8c0@communitech.net> Ok I think it's time we hear from those who are still in favor of upholding the new ARIN policy. Unless I missed something, I have yet to read a post that is in 100% agreement with the new policy. Those of you out there, perhaps who attended the last public policy meeting, please give us some feedback on the recent posts. Thanks, Bryan Heitman, Vice-President CommuniTech.Net, Inc. - (800) WEB-HOST ----- Original Message ----- From: "Jim Cusick" To: Sent: Wednesday, August 30, 2000 10:19 AM Subject: Re: ARIN Web Hosting Policy (fwd) > > Instead of one group pointing fingers at another, let's maintain the > focus here on the real problem. > > No one *wants* to waste IP space. If your business is built on name > based virtual hosting than you don't have the issues that many of us > face with the prospect of this policy being enforced. Consider yourself > lucky, or clairvoyant or, as you say, pure. But the reality for many > web hosting businesses includes a 1-to-1 relationship between customers > and IP. This is partially historical, partially customer expectation, > and partially technological. All of these can be changed. > > IP space conservation and movement towards technological solutions > should be the focus here. I think the ARIN Web Hosting Policy served > for many as a wake up call the things cannot go on as they have, but an > overnight change in this policy is not acceptable to those member who > rely on ARIN for management of a critical resource. > > >From the 1999 Annual Report: > > "ARIN officially opened for operation on December 22, 1997. Since that > time, many changes in the industry have fostered an organization that is > flexible in meeting the needs of the users in its region. ARIN remains > at the forefront of the global network evolution, sometimes following, > sometimes leading, and stays abreast of activities and technological > advances that occur nearly every day." > > So I believe the policy as stated needs to be rewritten to encourage the > technological and market changes required to preserve IP space while > allowing businesses to retool as these changes take place. A big stick > may be required to force these changes to come about but a big stick in > the dark does not reflect an organization which "is flexible in meeting > the needs of the users in its region." > > Jim Cusick > Hostway Corporation > > > Andy Walden wrote: > > > > > > > > Or reclamation of underutilized (or completely unused) blocks that have > > > been allocated historically. > > > > > > Kevin > > > > I'm all for this also. Its part of that purist thing I have going on. But > > shifting the focus towards one problem from another doesn't fix it > > unfortunatly. > > > > andy > From randy at psg.com Wed Aug 30 12:18:30 2000 From: randy at psg.com (Randy Bush) Date: Wed, 30 Aug 2000 09:18:30 -0700 Subject: archive? References: <200008300823.KAA21492@x17.ripe.net> Message-ID: has anyone other than i noticed that http://arin.net/mailinglists/policy/index.html stops at 4 aug? randy From shane at ripe.net Wed Aug 30 12:23:56 2000 From: shane at ripe.net (Shane Kerr) Date: Wed, 30 Aug 2000 18:23:56 +0200 Subject: AS Number Registrations In-Reply-To: Your message of Wed, 30 Aug 2000 10:06:54 EDT. <3.0.5.32.20000830100654.03f67020@pobox3.genuity.com> References: <3.0.5.32.20000830100654.03f67020@pobox3.genuity.com> Message-ID: <200008301623.SAA23292@x17.ripe.net> > In many cases, trends like these are self-limiting. Many exponential > growth curves top out and go sigmoid (s-shaped) as they encounter natural > limits. Perhaps this is not a problem -- perhaps we run out of networks to > multi-home, for instance, long before this becomes a serious issue. But > looking at the numbers above makes me nervous as heck. If a business can get an ADSL line in addition to the T1 that it normally connects to the Internet for $150 a month or so, used primarily for redundancy, I can see 40000 businesses in America wanting such a thing. I'm sure there's 40000 readers of http://www.slashdot.org who would like to multi-home their toasters, or whatever (I'm sure they all sent ARIN e-mail complaining about their virtual hosting policy today). I agree that exponential growth tops out, if only because there's only 6 billion people on earth, but there's only 64000 or so AS numbers, and way more sites than that that want to have reliable Internet access. This is reasonable, and possible, if only because you don't really need an AS number issued to you to be multi-homed. I think. :) Shane From shane at ripe.net Wed Aug 30 12:41:06 2000 From: shane at ripe.net (Shane Kerr) Date: Wed, 30 Aug 2000 18:41:06 +0200 Subject: Fw: ARIN Web Hosting Policy (fwd) In-Reply-To: Your message of Wed, 30 Aug 2000 11:07:03 CDT. <011501c0129c$5693d160$1100a8c0@communitech.net> References: <011501c0129c$5693d160$1100a8c0@communitech.net> Message-ID: <200008301641.SAA23366@x17.ripe.net> > Ok I think it's time we hear from those who are still in favor of upholding > the new ARIN policy. > > Unless I missed something, I have yet to read a post that is in 100% > agreement with the new policy. > > Those of you out there, perhaps who attended the last public policy meeting, > please give us some feedback on the recent posts. First of all, let me say that I think the new policy is reasonable: "ARIN will no longer accept IP-based hosting as justification for an allocation unless an exception is warranted." So, if you are using the IP's for SSL, or FTP, or whatever, then clearly an exception is warranted (and you won't mind if ARIN checks this when you come back for more space). ARIN is for the most part extremely responsive and helpful to its customers. I don't have any reason to expect things would be different for this requirement. However, I did attend the last public policy meeting, and IIRC only about half of those present were in favour of changing the policy. I don't recall a strong desire on behalf of those present in general for a change. The minutes don't mention the member reaction to the change specifically, only that space be grand-fathered if granted under previous rules. *shrug* Shane From richardj at arin.net Wed Aug 30 13:53:56 2000 From: richardj at arin.net (Richard Jimmerson) Date: Wed, 30 Aug 2000 13:53:56 -0400 Subject: ARIN Policy on IP-based Web Hosting Message-ID: <009201c012ab$45471d90$bdfc95c0@ARINNET> Please keep in mind this policy is a result of discussions held at the ARIN public policy meeting in Calgary earlier this year. The policy does state ARIN will accept IP-based hosting as justification for an allocation if an exception is warranted. ARIN is looking to the community to define these exceptions and finds the discussions being held here to be very helpful. This information will be included in the policy discussion at the upcoming ARIN public policy meeting. These discussions may create changes to the current policy, perhaps by clearly defining a list of exceptions, or may even eliminate the new policy altogether. Your feedback on this mailing list and at the upcoming public policy meeting is important. Information about the upcoming public policy meeting can be found at: http://www.arin.net/announcements/memmeet.html Best Regards, American Registry for Internet Numbers (ARIN) From David.Conrad at nominum.com Wed Aug 30 13:55:29 2000 From: David.Conrad at nominum.com (David R. Conrad) Date: Wed, 30 Aug 2000 10:55:29 -0700 Subject: IPv6 allocatin (was Re: ARIN Policy on IP-based Web Hosting) References: <4.3.2.7.2.20000830103022.00e5fd70@mail.conti.nu> Message-ID: <39AD4A91.1288FB6B@nominum.com> Kai, Just want to highlight something here: > IPv6 allocation guidelines are pretty much ensuring that > only the biggest players with the most engineering resources actually > have a shot at IPv6 Presumably, you're talking about the ARIN IPv6 allocation guidelines found at http://www.arin.net/regserv/ipv6/ipv6guidelines.html. IPv6 uses CIDR. CIDR means provider based aggregation. Provider based aggregation means that the vast majority of allocations MUST be made by "transit service providers". In my experience, webhost providers are generally not considered transit providers. Webhosting providers (and other non-"transit" sites) should contact their upstream IPv6 (tunnel or otherwise) provider(s) for IPv6 address space. They should NOT be obtaining space from ARIN or other RIRs. Anything else will simply recreate the swamp. Rgds, -drc (speaking only for myself) From sson at veriohosting.com Wed Aug 30 13:56:06 2000 From: sson at veriohosting.com (Stacey D. Son) Date: Wed, 30 Aug 2000 11:56:06 -0600 Subject: Fw: ARIN Web Hosting Policy (fwd) In-Reply-To: Your message of "Wed, 30 Aug 2000 18:41:06 +0200." <200008301641.SAA23366@x17.ripe.net> Message-ID: <200008301756.LAA71374@orca.orem.veriohosting.com> Shane said: > First of all, let me say that I think the new policy is reasonable: > > "ARIN will no longer accept IP-based hosting as justification for an > allocation unless an exception is warranted." > > So, if you are using the IP's for SSL, or FTP, or whatever, then ^^^^ > clearly an exception is warranted (and you won't mind if ARIN checks > this when you come back for more space). ARIN is for the most part > extremely responsive and helpful to its customers. I don't have any > reason to expect things would be different for this requirement. I guess the policy is not that significant of issue given that ARIN clearly makes exceptions for FTP and such. Thank you for that clarification. Maybe ARIN would like to list these above mentioned exceptions in their posted, written policy to save bandwidth in the future. Just a suggestion... I would also suggest that ARIN look at other reasonable IP address saving policies such as requiring NAT devices for companies providing low end access (dial, ISDN, DSL, cable modems) to customers (i.e. one Intenet IP address per access customer). Regards, -stacey. From jim at hostway.net Wed Aug 30 14:32:39 2000 From: jim at hostway.net (Jim Cusick) Date: Wed, 30 Aug 2000 13:32:39 -0500 Subject: Fw: ARIN Web Hosting Policy (fwd) References: <200008301756.LAA71374@orca.orem.veriohosting.com> Message-ID: <39AD5347.C216CE08@hostway.net> Thinking about my own experiences and after talking with Richard Jimmerson I think the issues many had with the new policy were as follows: 1. They were surprised. New policies were being made that impact those who were not well represented. Yes, more participation is required. This was the wake up call. Did it come to late? Was that its intent? 2. Criteria for exceptions were unclear. If SSL, anon FTP, etc. were offered does this mean it doesn't apply? When requests were denied "based on a new policy" panic set it. I agree that the exceptions should be clearly spelled out but some other measures will be needed to encourage moveemt towards technological solutions for address conservation. -jim "Stacey D. Son" wrote: > > Shane said: > > First of all, let me say that I think the new policy is reasonable: > > > > "ARIN will no longer accept IP-based hosting as justification for an > > allocation unless an exception is warranted." > > > > So, if you are using the IP's for SSL, or FTP, or whatever, then > ^^^^ > > clearly an exception is warranted (and you won't mind if ARIN checks > > this when you come back for more space). ARIN is for the most part > > extremely responsive and helpful to its customers. I don't have any > > reason to expect things would be different for this requirement. > > I guess the policy is not that significant of issue given that ARIN > clearly makes exceptions for FTP and such. Thank you for that > clarification. Maybe ARIN would like to list these above mentioned > exceptions in their posted, written policy to save bandwidth in the > future. Just a suggestion... > > I would also suggest that ARIN look at other reasonable IP address > saving policies such as requiring NAT devices for companies providing > low end access (dial, ISDN, DSL, cable modems) to customers (i.e. one > Intenet IP address per access customer). > > Regards, > > -stacey. From tony at national-net.com Wed Aug 30 15:24:40 2000 From: tony at national-net.com (Tony) Date: Wed, 30 Aug 2000 15:24:40 -0400 Subject: ARIN Web Hosting Policy Message-ID: I would like to add my two cents to the IP policy debate, but I would like to add it as a Business Person who makes a living on the Internet (yes, I admit it, I am a "suit") :) Mostly you guys have talked about Technical Issues that I know very little about. I trust that you are the best in your fields, however, there is a side of this issue that has yet to be addressed. My case below is made with some assumptions that cannot be verified by me....One of you guys might be able to get an official statement from the parties involved, but thus far I, nor anyone that I know, has been able to get a straight answer. We arrived at this information by running tests that sometimes take months and months to draw a conclusion because of the shear amount of time that it takes to get listed on most Search Engines. As a business trying to be succesful on the Internet one must be succesful with the Search Engines. For those of you that do not know this, most Search Engines (Exite, Alta Vista, et al) that use algorithms to score a presence in a related search also intentionally BLOCK more than one domain per IP address. This policy started because of people spamming the Search Engines with multiple submissions by the same site, using Third Level Domains that all resolved to the same IP address, and free host accounts that Search Engine Spammers use to like to hide behind. To counter that, the engines (Inktomi, et al) instituted a system that says that only ONE site will be listed per IP address, so if I owned a Sporting Goods Store and had a #1 listing for "Baseball Gloves" and someone else on the same server (with same IP address) submits their Pokemon Hobby Site either their site will bump mine out, or theirs will get passed over without a listing. In many cases there may tens, hundreds, or possibly even thousands of domains on a single high end web server and only ONE of them will be listed on any particular Engine at a particular time. Once again, this is my understanding and NOT something that I have confirmed with any major Search Engine (not that I havent tried, but they are less than forthcoming with information about their algorithms...and with good cause I might add). We have run test after test and it keeps bringing up the same result, even though nobody will admit it on the record. Yahoo still does site submissions manually so I think they are exempt from this, as they list SITES not domains....but it can take up to 10 months to get a listing on Yahoo and only a few weeks on the automated ones. If this concern could be completely addressed then from the BUSINESS angle, I don't think we would have any problems with this measure.....all we care about is being able to make sales which keeps ALL of our jobs protected...we will always let the experts (you guys) figure out all of the stuff with acronyms. :) Thats just my $ .02 Tony From andy at tigerteam.net Wed Aug 30 15:55:28 2000 From: andy at tigerteam.net (Andy Walden) Date: Wed, 30 Aug 2000 14:55:28 -0500 (CDT) Subject: ARIN Web Hosting Policy In-Reply-To: Message-ID: I just tested this out on Lycos, Infoseek, Google, Hotbot, Yahoo, and Altavista and confirmed this was not the case for any of those. I also left a message for someone I know that works for Inktomi and knows the insides very well. If he says something different I will certainly pass that along. andy On Wed, 30 Aug 2000, Tony wrote: > I would like to add my two cents to the IP policy debate, but I would like > to add it as a Business Person who makes a living on the Internet (yes, I > admit it, I am a "suit") :) > > Mostly you guys have talked about Technical Issues that I know very little > about. I trust that you are the best in your fields, however, there is a > side of this issue that has yet to be addressed. > > My case below is made with some assumptions that cannot be verified by > me....One of you guys might be able to get an official statement from the > parties involved, but thus far I, nor anyone that I know, has been able to > get a straight answer. We arrived at this information by running tests that > sometimes take months and months to draw a conclusion because of the shear > amount of time that it takes to get listed on most Search Engines. > > As a business trying to be succesful on the Internet one must be succesful > with the Search Engines. For those of you that do not know this, most > Search Engines (Exite, Alta Vista, et al) that use algorithms to score a > presence in a related search also intentionally BLOCK more than one domain > per IP address. This policy started because of people spamming the Search > Engines with multiple submissions by the same site, using Third Level > Domains that all resolved to the same IP address, and free host accounts > that Search Engine Spammers use to like to hide behind. To counter that, the > engines (Inktomi, et al) instituted a system that says that only ONE site > will be listed per IP address, so if I owned a Sporting Goods Store and had > a #1 listing for "Baseball Gloves" and someone else on the same server (with > same IP address) submits their Pokemon Hobby Site either their site will > bump mine out, or theirs will get passed over without a listing. In many > cases there may tens, hundreds, or possibly even thousands of domains on a > single high end web server and only ONE of them will be listed on any > particular Engine at a particular time. > > Once again, this is my understanding and NOT something that I have confirmed > with any major Search Engine (not that I havent tried, but they are less > than forthcoming with information about their algorithms...and with good > cause I might add). We have run test after test and it keeps bringing up > the same result, even though nobody will admit it on the record. Yahoo > still does site submissions manually so I think they are exempt from this, > as they list SITES not domains....but it can take up to 10 months to get a > listing on Yahoo and only a few weeks on the automated ones. > > If this concern could be completely addressed then from the BUSINESS angle, > I don't think we would have any problems with this measure.....all we care > about is being able to make sales which keeps ALL of our jobs protected...we > will always let the experts (you guys) figure out all of the stuff with > acronyms. :) > > Thats just my $ .02 > > Tony > From andy at tigerteam.net Wed Aug 30 16:16:44 2000 From: andy at tigerteam.net (Andy Walden) Date: Wed, 30 Aug 2000 15:16:44 -0500 (CDT) Subject: ARIN Web Hosting Policy In-Reply-To: Message-ID: As a follow up my guy at Inktomi said that there wasn't any reference to IP addresses in the code. The only thing is if two domains point to the exact same content, then there are considerations for that. andy On Wed, 30 Aug 2000, Andy Walden wrote: > > I just tested this out on Lycos, Infoseek, Google, Hotbot, Yahoo, and > Altavista and confirmed this was not the case for any of those. I also > left a message for someone I know that works for Inktomi and knows the > insides very well. If he says something different I will certainly pass > that along. > > andy > > On Wed, 30 Aug 2000, Tony wrote: > > > I would like to add my two cents to the IP policy debate, but I would like > > to add it as a Business Person who makes a living on the Internet (yes, I > > admit it, I am a "suit") :) > > > > Mostly you guys have talked about Technical Issues that I know very little > > about. I trust that you are the best in your fields, however, there is a > > side of this issue that has yet to be addressed. > > > > My case below is made with some assumptions that cannot be verified by > > me....One of you guys might be able to get an official statement from the > > parties involved, but thus far I, nor anyone that I know, has been able to > > get a straight answer. We arrived at this information by running tests that > > sometimes take months and months to draw a conclusion because of the shear > > amount of time that it takes to get listed on most Search Engines. > > > > As a business trying to be succesful on the Internet one must be succesful > > with the Search Engines. For those of you that do not know this, most > > Search Engines (Exite, Alta Vista, et al) that use algorithms to score a > > presence in a related search also intentionally BLOCK more than one domain > > per IP address. This policy started because of people spamming the Search > > Engines with multiple submissions by the same site, using Third Level > > Domains that all resolved to the same IP address, and free host accounts > > that Search Engine Spammers use to like to hide behind. To counter that, the > > engines (Inktomi, et al) instituted a system that says that only ONE site > > will be listed per IP address, so if I owned a Sporting Goods Store and had > > a #1 listing for "Baseball Gloves" and someone else on the same server (with > > same IP address) submits their Pokemon Hobby Site either their site will > > bump mine out, or theirs will get passed over without a listing. In many > > cases there may tens, hundreds, or possibly even thousands of domains on a > > single high end web server and only ONE of them will be listed on any > > particular Engine at a particular time. > > > > Once again, this is my understanding and NOT something that I have confirmed > > with any major Search Engine (not that I havent tried, but they are less > > than forthcoming with information about their algorithms...and with good > > cause I might add). We have run test after test and it keeps bringing up > > the same result, even though nobody will admit it on the record. Yahoo > > still does site submissions manually so I think they are exempt from this, > > as they list SITES not domains....but it can take up to 10 months to get a > > listing on Yahoo and only a few weeks on the automated ones. > > > > If this concern could be completely addressed then from the BUSINESS angle, > > I don't think we would have any problems with this measure.....all we care > > about is being able to make sales which keeps ALL of our jobs protected...we > > will always let the experts (you guys) figure out all of the stuff with > > acronyms. :) > > > > Thats just my $ .02 > > > > Tony > > > From tony at national-net.com Wed Aug 30 17:08:12 2000 From: tony at national-net.com (Tony) Date: Wed, 30 Aug 2000 17:08:12 -0400 Subject: ARIN Web Hosting Policy In-Reply-To: Message-ID: Thanks for looking into this...however, in the interim I also quizzed a few people who explained to me that I was incorrect....HOWEVER....they explained that it was their understanding that while it, indeed, did not affect submissions that IP addresses would come into play when someone was banned from the Search Engine for spamming. In other words, if I happen to be sharing a web server with a spammer and he were to get banned by Inktomi (et al) then all of my pages would also disappear from the engine. Andy, if I am wrong (and I truly hope I am) please ask your friend at Inktomi to get an official statement released. I know of a bunch of people who are ADAMANT about this point when selecting a web host. Tony -----Original Message----- From: owner-ppml at arin.net [mailto:owner-ppml at arin.net]On Behalf Of Andy Walden Sent: Wednesday, August 30, 2000 4:17 PM To: Tony Cc: ppml at arin.net Subject: Re: ARIN Web Hosting Policy As a follow up my guy at Inktomi said that there wasn't any reference to IP addresses in the code. The only thing is if two domains point to the exact same content, then there are considerations for that. andy On Wed, 30 Aug 2000, Andy Walden wrote: > > I just tested this out on Lycos, Infoseek, Google, Hotbot, Yahoo, and > Altavista and confirmed this was not the case for any of those. I also > left a message for someone I know that works for Inktomi and knows the > insides very well. If he says something different I will certainly pass > that along. > > andy > > On Wed, 30 Aug 2000, Tony wrote: > > > I would like to add my two cents to the IP policy debate, but I would like > > to add it as a Business Person who makes a living on the Internet (yes, I > > admit it, I am a "suit") :) > > > > Mostly you guys have talked about Technical Issues that I know very little > > about. I trust that you are the best in your fields, however, there is a > > side of this issue that has yet to be addressed. > > > > My case below is made with some assumptions that cannot be verified by > > me....One of you guys might be able to get an official statement from the > > parties involved, but thus far I, nor anyone that I know, has been able to > > get a straight answer. We arrived at this information by running tests that > > sometimes take months and months to draw a conclusion because of the shear > > amount of time that it takes to get listed on most Search Engines. > > > > As a business trying to be succesful on the Internet one must be succesful > > with the Search Engines. For those of you that do not know this, most > > Search Engines (Exite, Alta Vista, et al) that use algorithms to score a > > presence in a related search also intentionally BLOCK more than one domain > > per IP address. This policy started because of people spamming the Search > > Engines with multiple submissions by the same site, using Third Level > > Domains that all resolved to the same IP address, and free host accounts > > that Search Engine Spammers use to like to hide behind. To counter that, the > > engines (Inktomi, et al) instituted a system that says that only ONE site > > will be listed per IP address, so if I owned a Sporting Goods Store and had > > a #1 listing for "Baseball Gloves" and someone else on the same server (with > > same IP address) submits their Pokemon Hobby Site either their site will > > bump mine out, or theirs will get passed over without a listing. In many > > cases there may tens, hundreds, or possibly even thousands of domains on a > > single high end web server and only ONE of them will be listed on any > > particular Engine at a particular time. > > > > Once again, this is my understanding and NOT something that I have confirmed > > with any major Search Engine (not that I havent tried, but they are less > > than forthcoming with information about their algorithms...and with good > > cause I might add). We have run test after test and it keeps bringing up > > the same result, even though nobody will admit it on the record. Yahoo > > still does site submissions manually so I think they are exempt from this, > > as they list SITES not domains....but it can take up to 10 months to get a > > listing on Yahoo and only a few weeks on the automated ones. > > > > If this concern could be completely addressed then from the BUSINESS angle, > > I don't think we would have any problems with this measure.....all we care > > about is being able to make sales which keeps ALL of our jobs protected...we > > will always let the experts (you guys) figure out all of the stuff with > > acronyms. :) > > > > Thats just my $ .02 > > > > Tony > > > From kimh at arin.net Thu Aug 31 10:15:40 2000 From: kimh at arin.net (Kim Hubbard) Date: Thu, 31 Aug 2000 10:15:40 -0400 Subject: ARIN Policy on IP-based Web Hosting References: Message-ID: <002b01c01355$f2cf6580$ccfc95c0@arin.net> ---- Original Message ----- From: To: Richard Jimmerson Cc: ; Sent: Thursday, August 31, 2000 1:15 AM Subject: Re: ARIN Policy on IP-based Web Hosting > > On Wed, 30 Aug 2000, Richard Jimmerson wrote: > > > Please keep in mind this policy is a result of discussions > > held at the ARIN public policy meeting in Calgary earlier > > this year. > > So who actually goes to these things, and was the new policy a later > result of discussions at the meeting, or was there actually some sort of > vote at the meeting? i.e. was the policy decision made by one of the ARIN > boards or by the ARIN members? Since ARIN subscription customers are, by > default, ARIN members, will we be given the opportunity to vote or at > least express an opinion on such issues via proxy in the future, or do we > have to send a representative in order for our voice to be heard? The proposal was posted to the ARIN discuss list prior to the last meeting but since then we have formalized the process a bit more to include a couple of weeks of discussion on the ppml mailing list of all proposed policy changes which attendees of the public policy meeting reached consensus on. This will allow everyone who didn't make it to the meeting to voice their opinion on the proposal before the AC votes. > > > The policy does state ARIN will accept IP-based hosting > > as justification for an allocation if an exception is > > warranted. ARIN is looking to the community to define > > these exceptions and finds the discussions being held > > here to be very helpful. This information will be included > > Why would ARIN announce a new policy with completely vague rules? Nobody > knows what constitutes a valid exception. Apparently, even ARIN doesn't > know yet. If I were applying for an increased allocation today, who would > decide if the thousands of IPs that we and our customers have used for IP > based virtual hosts are a valid or wasteful use of IPs?..the individual at > ARIN processing our request? We thought it best not to include specific exceptions because although we were aware of several possible exceptions, we didn't want people to feel restricted to just those listed. There could've been some we didn't know about and we wanted to wait until we heard from some of the requesting organizations so we could come up with a more comprehensive list of exceptions. > > > These discussions may create changes to the current > > policy, perhaps by clearly defining a list of exceptions, > > or may even eliminate the new policy altogether. Your > > feedback on this mailing list and at the upcoming public > > policy meeting is important. > > So a policy was announced before it was fully fleshed out. It may get > fleshed...or it may get flushed. What was the point? Are you just trying > to rattle the cages of every ISP in NA to see how many reactions you can > get? No, our motivation, as stated above, was to try to give more organizations the benefit of the doubt. But I definitely see how you could have interpreted it differently. We should've been clearer with the policy so allow me to apoligize to all of you for this. Kim Hubbard ex-ARIN President :-) > > ---------------------------------------------------------------------- > Jon Lewis *jlewis at lewis.org*| I route > System Administrator | therefore you are > Atlantic Net | > _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________ > > From smarcus at genuity.com Thu Aug 31 14:32:50 2000 From: smarcus at genuity.com (J. Scott Marcus) Date: Thu, 31 Aug 2000 14:32:50 -0400 Subject: ARIN Policy on IP-based Web Hosting In-Reply-To: <39AE996A.DFD50A06@hilander.com> References: Message-ID: <3.0.5.32.20000831143250.0401ca80@pobox3.genuity.com> At 11:44 08/31/2000 -0600, Alec H. Peterson wrote: > >jlewis at lewis.org wrote: >> >> So who actually goes to these things, and was the new policy a later >> result of discussions at the meeting, or was there actually some sort of >> vote at the meeting? > >There was a count-of-hands vote at either the member or public policy >meeeting (I don't remember which one offhand, as it was a while ago). The >issue had been discussed by the AC extensively, and we generally decided >that we needed to bring the issue to the members before we could decide what >the issue was. Interestingly enough the membership was more gung-ho on the >idea than the AC was... If memory serves, this show of hands took place in the ARIN Public Policy meeting, *NOT* in the member meeting. ARIN Public Policy meetings are intended to be open to the broader community -- they are not members-only affairs. See the announcement for the forthcoming ARIN VI meeting at http://www.arin.net/announcements/memmeet.html: >Public Policy Meeting >The first two days will consist of the PPM, an open forum for discussing issues >and addressing the needs of the IP community. All parties are invited to attend >this meeting. At last April's event, many policy and related technical issues >were endorsed. Cheers, - Scott (speaking for himself only) From richardj at arin.net Thu Aug 31 15:44:48 2000 From: richardj at arin.net (Richard Jimmerson) Date: Thu, 31 Aug 2000 15:44:48 -0400 Subject: archive? In-Reply-To: Message-ID: <005701c01383$ecc59870$bdfc95c0@ARINNET> Hello Randy, >has anyone other than i noticed that > > http://arin.net/mailinglists/policy/index.html > >stops at 4 aug? The above list is for the IP Allocation Policy Working Group. The last message to be posted to this mailing list is 4 aug. The ARIN mailing list archives are updated twice each day. The most recent discussions have taken place on the Public Policy mailing list: http://www.arin.net/mailinglists/ppml/index.html Best Regards, Richard Jimmerson American Registry for Internet Numbers (ARIN) >-----Original Message----- >From: owner-ppml at arin.net [mailto:owner-ppml at arin.net]On >Behalf Of Randy >Bush >Sent: Wednesday, August 30, 2000 12:19 PM >To: ppml at arin.net >Subject: archive? > > >has anyone other than i noticed that > > http://arin.net/mailinglists/policy/index.html > >stops at 4 aug? > >randy From randy at psg.com Thu Aug 31 18:29:17 2000 From: randy at psg.com (Randy Bush) Date: Fri, 01 Sep 2000 07:29:17 +0900 Subject: archive? References: <005701c01383$ecc59870$bdfc95c0@ARINNET> Message-ID: >>has anyone other than i noticed that >> http://arin.net/mailinglists/policy/index.html >>stops at 4 aug? > The above list is for the IP Allocation Policy Working Group. sorry. someone pointed out by stoopid a few days ago. forgot to apologize on list. sorry. randy From ahp at hilander.com Thu Aug 31 19:30:22 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Thu, 31 Aug 2000 17:30:22 -0600 Subject: ARIN Policy on IP-based Web Hosting References: Message-ID: <39AEEA8E.ED3C978E@hilander.com> Christian Kuhtz wrote: > > I second that notion. With all due respect, this voting business is a > ridiculous notion in this issue. Which is the primary reason that the ARIN AC exists; to represent the members' views through policy recommendations to the board. This specific issue came to a head at the AC meeting in Calgary, so it made sense to bring the issue to the attention of the membership at that time. The issue had been circulating for some time. Perhaps we need to develop a better process for getting feedback on policy recommendations. Perhaps a discussion period on the ppml at arin.net is called for? Hrm, this really doesn't have much to do with NANOG any more, and is better suited for ppml at arin.net. Anybody who wants to participate further should subscribe to that list, as I'm signing off of this thread on the NANOG list. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From kent at songbird.com Thu Aug 31 21:17:06 2000 From: kent at songbird.com (Kent Crispin) Date: Thu, 31 Aug 2000 18:17:06 -0700 Subject: ARIN Policy on IP-based Web Hosting In-Reply-To: <002b01c01355$f2cf6580$ccfc95c0@arin.net>; from Kim Hubbard on Thu, Aug 31, 2000 at 10:15:40AM -0400 References: <002b01c01355$f2cf6580$ccfc95c0@arin.net> Message-ID: <20000831181706.J31654@songbird.com> On Thu, Aug 31, 2000 at 10:15:40AM -0400, Kim Hubbard wrote: [...] > We thought it best not to include specific exceptions because although we > were aware of several possible exceptions, we didn't want people to feel > restricted to just those listed. That would have been easily solved by putting "including but not limited to" in front of the list of exceptions... -- Kent Crispin "Do good, and you'll be kent at songbird.com lonesome." -- Mark Twain From smarcus at genuity.com Thu Aug 31 21:37:16 2000 From: smarcus at genuity.com (J. Scott Marcus) Date: Thu, 31 Aug 2000 21:37:16 -0400 Subject: ARIN Policy on IP-based Web Hosting In-Reply-To: References: <39AEDC82.E8DB47F7@senie.com> Message-ID: <3.0.5.32.20000831213716.008a2770@pobox3.genuity.com> At 19:29 08/31/2000 -0400, dan at netrail.net wrote: >On Thu, 31 Aug 2000, Daniel Senie wrote: > >> dan at netrail.net wrote: >> > >> > In a democratic process, which ARIN is, refusal to participate in the >> > voting process, when eligible, usually removes one's standing to complain. >> >> Cough up your $500 as an individual and you can buy a vote. Sounds >> democratic... > >The vast majority of the participants here work for ARIN member companies. >They get a vote. It's democratic... Yup. :-) Furthermore, this measure was discussed (and other issues of interest to folks on the NANOG list are routinely discussed) at ARIN Public Policy meetings, which are _not_ restricted to ARIN members. The next one is in Washington, DC, which is convenient to many of you. (See http://www.arin.net/announcements/memmeet.html) Show up! Be heard! Furthermore, ARIN pays a great deal of attention to its public policy e-mail list, as was previously noted. That list is also open to the general public. Sign up at http://www.arin.net/members/mailing.htm ! There are a number of opportunities and mechanisms to democratically influence ARIN policies. It exists to serve its members and the Internet community. I for one would welcome seeing the broader community take more advantage of those mechanisms. Cheers, - Scott (speaking only for himself) From ahp at hilander.com Thu Aug 31 21:48:06 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Thu, 31 Aug 2000 19:48:06 -0600 Subject: ARIN Policy on IP-based Web Hosting References: <002b01c01355$f2cf6580$ccfc95c0@arin.net> <20000831181706.J31654@songbird.com> Message-ID: <39AF0AD6.7AD93D69@hilander.com> [nanog deleted from the CC list] Kent Crispin wrote: > > That would have been easily solved by putting "including but not > limited to" in front of the list of exceptions... Which to the intelligent mind should be effectively the same as the existing policy, unless you want to get truly pedantic. But this is just one person's opinion, I personally don't care either way. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From danny at tcb.net Thu Aug 31 22:01:00 2000 From: danny at tcb.net (Danny McPherson) Date: Thu, 31 Aug 2000 20:01:00 -0600 Subject: Name-based Hosting Message-ID: <200009010201.UAA31463@tcb.net> I think the new policy needs a bit of work. In addition to what's been discussed [primarily on NANOG] already, I have a general comment on the new policy: POLICY When an ISP submits a request for IP address space, ARIN will not accept IP-based webhosting as justification for an allocation, unless an exception is warranted. Along with the request, organizations must provide appropriate details demonstrating their virtual webhosting customer base. Exceptions may be made for ISPs that provide justification for requiring static addresses. ARIN will determine, on a case-by-case basis, whether an exception is appropriate. [] It would seem that the exception will frequently be the rule. That being the case, it would seem cleaner to specify it as such. Else I'd veture that more resources will be consumed handling exceptions, and that a near equivalent amount of address space will be allocated in long-term anyways. IMO, simply recommending and providing pointers to things like name-based virtual hosting, 31-bit masking, Virtual LAN/MAN IP aggregation, etc.. upon receiving requests that utilize a great deal of address space in these areas would be of benefit. Else everyone will just employ the exception policy and discard the optimized IP utilization stuff. Also, I believe perhaps entertaining the idea of an online member voting mechanism would alleviate a great deal of the concern -- and perhaps increase discussion on the mailing list(s). -danny From sob at harvard.edu Thu Aug 31 22:24:36 2000 From: sob at harvard.edu (Scott Bradner) Date: Thu, 31 Aug 2000 22:24:36 -0400 (EDT) Subject: Name-based Hosting Message-ID: <200009010224.WAA29334@newdev.harvard.edu> > Also, I believe perhaps entertaining the idea of an online > member voting mechanism would alleviate a great deal of the > concern -- and perhaps increase discussion on the mailing > list(s). note that this very discussion is a result of ARIN specifically requesting discussion on this list, not only about the web hosting policy but about a number of other things as Kim mentioned, ARIN is trying to more actively ensure that there is open discussion about policy issues and not just from members hense the use of this public policy list and scheduling disucssion at the public policy meeting ARIN is a member organization and member voting (on-line and in person) is important but so also is discussion by non-members and it is harder to have a vote in that case since it is not easy to define who would get to vote Scott From danny at tcb.net Thu Aug 31 22:58:20 2000 From: danny at tcb.net (Danny McPherson) Date: Thu, 31 Aug 2000 20:58:20 -0600 Subject: Name-based Hosting Message-ID: <200009010258.UAA31892@tcb.net> And I agree completely. If you're a member and it took posting the messages for NANOG you to become aware, of policy changes, well .. it's certianly no fault of ARIN's. -danny > note that this very discussion is a result of ARIN specifically > requesting discussion on this list, not only about the web hosting > policy but about a number of other things > > as Kim mentioned, ARIN is trying to more actively ensure that there > is open discussion about policy issues and not just from members > hense the use of this public policy list and scheduling disucssion > at the public policy meeting > > ARIN is a member organization and member voting (on-line and in person) > is important but so also is discussion by non-members and it is harder > to have a vote in that case since it is not easy to define who would > get to vote > > Scott From jlewis at lewis.org Thu Aug 31 23:08:05 2000 From: jlewis at lewis.org (jlewis at lewis.org) Date: Thu, 31 Aug 2000 23:08:05 -0400 (EDT) Subject: ARIN Policy on IP-based Web Hosting In-Reply-To: <002b01c01355$f2cf6580$ccfc95c0@arin.net> Message-ID: On Thu, 31 Aug 2000, Kim Hubbard wrote: > We thought it best not to include specific exceptions because although we > were aware of several possible exceptions, we didn't want people to feel > restricted to just those listed. There could've been some we didn't know > about and we wanted to wait until we heard from some of the requesting OTOH, the new policy could have said something like: Examples of exceptions to this new rule are (but are not limited to): A) websites using SSL (https://) B) virtual host anonymous FTP sites C) ... etc. Instead, we're all left guessing. Nobody has a clue what might constitute a valid exception. We waste lots of time whining and arguing about the new policy and create a huge message thread. The thread begins to wander and spawns sub-threads arguing about the validity of various protocols, file naming conventions, etc. ---------------------------------------------------------------------- Jon Lewis *jlewis at lewis.org*| I route System Administrator | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________ From ahp at hilander.com Thu Aug 31 23:17:19 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Thu, 31 Aug 2000 21:17:19 -0600 Subject: Name-based Hosting References: <200009010201.UAA31463@tcb.net> Message-ID: <39AF1FBF.98616417@hilander.com> Danny McPherson wrote: > > Also, I believe perhaps entertaining the idea of an online > member voting mechanism would alleviate a great deal of the > concern -- and perhaps increase discussion on the mailing > list(s). Although to be fair member votes are only officially tallied for elections. The board is free to act on whatever policy it wants to, however the typical path is for the AC to formulate a recommendation based on member input. So for this sort of stuff it would be nice if there were a mechanism to allow for straw polling to see what the members of the list really think. Naturally ballot stuffing will be an issue, but it's worth trying. However, I hope that will not keep people from participating on the mailing lists and at the meetings, since that's where the ARIN bodies get the information they need to formulate coherent policies. As far as the exception being the rule, I don't argue that that could potentially be the case. I doubt it will be possible for ARIN to create a policy that it will be impossible for someone with a mind to cheat the system to find a way around... Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From cscott at gaslightmedia.com Thu Aug 31 23:26:47 2000 From: cscott at gaslightmedia.com (Charles Scott) Date: Thu, 31 Aug 2000 23:26:47 -0400 (EDT) Subject: ARIN Policy on IP-based Web Hosting In-Reply-To: Message-ID: Also, If I'm not mistaken, providers are required to follow ARIN policy in fulfilling requests for the allocation of address space to their customers. Having been on the asking end of such requrests several times, I'm convinced that the new policy will result in additional and perhaps unreasonable difficulties for smaller Web providers making legitimate requests for address space to accomodate virutal SSL, bandwith profiling and other such "excempted" services. It would be nice if this policy could be clarified in such a way as that providers receiving ARIN allocations understand what's permissable for their customers. Chuck Scott Gaslight Media On Thu, 31 Aug 2000 jlewis at lewis.org wrote: > On Thu, 31 Aug 2000, Kim Hubbard wrote: > > > We thought it best not to include specific exceptions because although we > > were aware of several possible exceptions, we didn't want people to feel > > restricted to just those listed. There could've been some we didn't know > > about and we wanted to wait until we heard from some of the requesting > > OTOH, the new policy could have said something like: > > Examples of exceptions to this new rule are (but are not limited to): > A) websites using SSL (https://) > B) virtual host anonymous FTP sites > C) ... etc. > > Instead, we're all left guessing. Nobody has a clue what might constitute > a valid exception. We waste lots of time whining and arguing about the > new policy and create a huge message thread. The thread begins to wander > and spawns sub-threads arguing about the validity of various protocols, > file naming conventions, etc. > > > ---------------------------------------------------------------------- > Jon Lewis *jlewis at lewis.org*| I route > System Administrator | therefore you are > Atlantic Net | > _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________ > From ahp at hilander.com Thu Aug 31 23:39:50 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Thu, 31 Aug 2000 21:39:50 -0600 Subject: ARIN Policy on IP-based Web Hosting References: Message-ID: <39AF2506.977C97C5@hilander.com> jlewis at lewis.org wrote: > > OTOH, the new policy could have said something like: > > Examples of exceptions to this new rule are (but are not limited to): > A) websites using SSL (https://) > B) virtual host anonymous FTP sites > C) ... etc. > > Instead, we're all left guessing. Nobody has a clue what might constitute > a valid exception. We waste lots of time whining and arguing about the > new policy and create a huge message thread. The thread begins to wander > and spawns sub-threads arguing about the validity of various protocols, > file naming conventions, etc. We're going in circles here. You don't like the policy. That's fine. Work to get it changed (which you've already started doing). And, in the future, follow the appropriate mailing lists so that we don't end up creating policies that everybody doesn't like. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!"