From HRyu at norlight.com Mon Sep 11 12:29:03 2000 From: HRyu at norlight.com (Hyunseog Ryu) Date: Mon, 11 Sep 2000 11:29:03 -0500 Subject: guideline for name-based web hosting justification Message-ID: Dear Sir/Madam Good morning! I read new ARIN's policy regarding to web hosting. http://www.arin.net/announcements/policy_changes.html But what is the acceptable guideline - or ratio - for IP justification of web hosting? Currently we have heavy web hosting customer that they hosted more than 400 regular business web hosting customer, and more than 200 web hosting customer site to be live soon. According to me, it's not make sense to assign a couple of IP address to a couple of hundred web hosting. I think there is some standard measurement for this kind of name-based web hosting justification. Please let me know the standard ratio for name-based web hosting for IP justification. What is a ratio for IP justification for name-based web hosting justification that can be considered as acceptable justification? Everytime when we get additional IP address from web hosting service provider, do we need to contact with ARIN to get exceptiion warranty? Please make it easy to justify IP request. I think we need to have standard measurement for this. Thanks. Hyun ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Hyunseog Ryu / CCDA, MCSE Network Engineer/Applications Engineering Norlight Telecommunications, Inc. The Guardians of Data 275 North Corporate Drive Brookfield, WI 53045-5818 Tel. +1.262.792.7965 Fax. +1.262.792.7733 From mbailey at journey.net Mon Sep 11 13:32:07 2000 From: mbailey at journey.net (Matt Bailey) Date: Mon, 11 Sep 2000 13:32:07 -0400 Subject: guideline for name-based web hosting justification In-Reply-To: Message-ID: For those of us that do accounting via IP how do you expect us to us Name Based Virtuals? Until there is a method for accounting all traffic to a domain name without using IP I see this as totally unreasonable. We base all of our security filters and traffic filters on a customers IP assigned to them. We also have hardware that can not support name based virtuals and thus has a NIC card for each site? Explain IN DETAIL the method used to account for these in our requests. As example if I have 200,000 websites you want me to fit all of this into a /32 or even a /24 that is TOTALLY unreasonable. DETAILS please on how you are going to justify this? Also why not go through the aollocations and start retreiving numbers back from Companies and schools that have more than they need? All you are doing is slowing down the Internet's growth. Make web hosting companies get to the high %90 utils before allow more allocation. I would like some input on this as I am sure the rest of the planet would as well. Matthew S. Bailey -----Original Message----- From: owner-arin-discuss at arin.net [mailto:owner-arin-discuss at arin.net]On Behalf Of Hyunseog Ryu Sent: Monday, September 11, 2000 12:29 PM To: hostnamster at arin.net Cc: arin-discuss at arin.net Subject: guideline for name-based web hosting justification Dear Sir/Madam Good morning! I read new ARIN's policy regarding to web hosting. http://www.arin.net/announcements/policy_changes.html [SNIP] From mbailey at journey.net Mon Sep 11 16:06:38 2000 From: mbailey at journey.net (Matt Bailey) Date: Mon, 11 Sep 2000 16:06:38 -0400 Subject: guideline for name-based web hosting justification In-Reply-To: <01C01BFF.89A869A0.sburns@rackspace.com> Message-ID: Sounds like they are using a double edged sword to answer their own questions. Don't do that but its ok to continue if you want to. What is the point of the policy then? If that is the case the it should be stricken (SP?) fromt he records until better methods are found.. There might be Web hosting companies out there that do namebased virtuals.. But they already do that. If there were not other technical problems wih it everyone would have already switched. The fact they think we waste space on purpose is obsurd. So we can say 'I have more space that you' no we do this because our business need it.. --Matt -----Original Message----- From: sharon [mailto:sburns at rackspace.com] Sent: Monday, September 11, 2000 3:50 PM To: 'Matt Bailey'; arin-discuss at arin.net Subject: RE: guideline for name-based web hosting justification I have had several conversations with ARIN regarding this new policy. I was also told that(as asked earlier by Hyunseog Ryu), I have also been told that it is not necessary to forward each request for ARIN's approval or exception to the policy. I have been told that as long as it's not for IP based hosting it would be considered acceptable use. In fact this is the quote that was sent to me from ARIN: ".... Please continue to issue static IP addresses to your customers who state they are offering a service that is not technically complaint with name-based hosting...." Hope this helps to give some of you insite. Sharon Burns IP Administrator Rackspace Managed Hosting 112 East Pecan St. Ste. 600 San Antonio, TX 78240 210-892-4010 -----Original Message----- From: Matt Bailey [SMTP:mbailey at journey.net] Sent: Monday, September 11, 2000 12:32 PM To: arin-discuss at arin.net Subject: RE: guideline for name-based web hosting justification For those of us that do accounting via IP how do you expect us to us Name Based Virtuals? Until there is a method for accounting all traffic to a domain name without using IP I see this as totally unreasonable. We base all of our security filters and traffic filters on a customers IP assigned to them. We also have hardware that can not support name based virtuals and thus has a NIC card for each site? Explain IN DETAIL the method used to account for these in our requests. As example if I have 200,000 websites you want me to fit all of this into a /32 or even a /24 that is TOTALLY unreasonable. DETAILS please on how you are going to justify this? Also why not go through the aollocations and start retreiving numbers back from Companies and schools that have more than they need? All you are doing is slowing down the Internet's growth. Make web hosting companies get to the high %90 utils before allow more allocation. I would like some input on this as I am sure the rest of the planet would as well. Matthew S. Bailey -----Original Message----- From: owner-arin-discuss at arin.net [mailto:owner-arin-discuss at arin.net]On Behalf Of Hyunseog Ryu Sent: Monday, September 11, 2000 12:29 PM To: hostnamster at arin.net Cc: arin-discuss at arin.net Subject: guideline for name-based web hosting justification Dear Sir/Madam Good morning! I read new ARIN's policy regarding to web hosting. http://www.arin.net/announcements/policy_changes.html [SNIP] From brianj at nvc.net Mon Sep 11 16:39:32 2000 From: brianj at nvc.net (brianj) Date: Mon, 11 Sep 2000 15:39:32 -0500 Subject: guideline for name-based web hosting justification Message-ID: <2446420009111203932890@nvc.net> ---- Original Message ---- From: mbailey at journey.net To: arin-discuss at arin.net, Subject: RE: guideline for name-based web hosting justification Date: Mon, 11 Sep 2000 13:32:07 -0400 >For those of us that do accounting via IP how do you expect us to us >Name >Based Virtuals? Until there is a method for accounting all traffic >to a >domain name without using IP I see this as totally unreasonable. We >base all >of our security filters and traffic filters on a customers IP >assigned to >them. We also have hardware that can not support name based virtuals >and >thus has a NIC card for each site? Explain IN DETAIL the method used >to >account for these in our requests. If you currnetly use the web server's log files to account for traffic (which I'm sure is the standard method of throughput accounting for web-sites), you should easily be able to parse usage based on named sites. It shouldn't be significantly more difficult than parsing the logs for IP sites. > >As example if I have 200,000 websites you want me to fit all of this >into a >/32 or even a /24 that is TOTALLY unreasonable. DETAILS please on >how you >are going to justify this? You will always need at least a single IP address for each server, so this is not an issue, and will not be an issue with ARIN. > >Also why not go through the aollocations and start retreiving >numbers back >from Companies and schools that have more than they need? All you >are doing >is slowing down the Internet's growth. Make web hosting companies >get to the >high %90 utils before allow more allocation. > >I would like some input on this as I am sure the rest of the planet >would as >well. > >Matthew S. Bailey > > >-----Original Message----- >From: owner-arin-discuss at arin.net >[mailto:owner-arin-discuss at arin.net]On >Behalf Of Hyunseog Ryu >Sent: Monday, September 11, 2000 12:29 PM >To: hostnamster at arin.net >Cc: arin-discuss at arin.net >Subject: guideline for name-based web hosting justification > > >Dear Sir/Madam > >Good morning! >I read new ARIN's policy regarding to web hosting. >http://www.arin.net/announcements/policy_changes.html >[SNIP] > > From drechsau at geeks.org Mon Sep 11 18:59:40 2000 From: drechsau at geeks.org (Mike Horwath) Date: Mon, 11 Sep 2000 17:59:40 -0500 Subject: guideline for name-based web hosting justification In-Reply-To: ; from mbailey@journey.net on Mon, Sep 11, 2000 at 01:32:07PM -0400 References: Message-ID: <20000911175940.A89979@Geeks.ORG> On Mon, Sep 11, 2000 at 01:32:07PM -0400, Matt Bailey wrote: > For those of us that do accounting via IP how do you expect us to us > Name Based Virtuals? Until there is a method for accounting all > traffic to a domain name without using IP I see this as totally > unreasonable. We base all of our security filters and traffic > filters on a customers IP assigned to them. We also have hardware > that can not support name based virtuals and thus has a NIC card for > each site? Explain IN DETAIL the method used to account for these in > our requests. I concur! We bill via bandwidth and we need a way to track usage over a period of time so we can bill for peak usage. -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From ahp at hilander.com Mon Sep 11 19:24:34 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Mon, 11 Sep 2000 17:24:34 -0600 Subject: guideline for name-based web hosting justification References: Message-ID: <39BD69B2.A7615A77@hilander.com> Matt Bailey wrote: > > For those of us that do accounting via IP how do you expect us to us Name > Based Virtuals? Until there is a method for accounting all traffic to a > domain name without using IP I see this as totally unreasonable. We base all > of our security filters and traffic filters on a customers IP assigned to > them. We also have hardware that can not support name based virtuals and > thus has a NIC card for each site? Explain IN DETAIL the method used to > account for these in our requests. How about parsing access logs? Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From mbailey at journey.net Mon Sep 11 19:49:59 2000 From: mbailey at journey.net (Matt Bailey) Date: Mon, 11 Sep 2000 19:49:59 -0400 Subject: guideline for name-based web hosting justification In-Reply-To: <39BD69B2.A7615A77@hilander.com> Message-ID: We parse at the physical IP layer as we track traffic for FTP/SMTP/POP/HTTP etc for each customer.. -----Original Message----- From: Alec H. Peterson [mailto:ahp at hilander.com] Sent: Monday, September 11, 2000 7:25 PM To: Matt Bailey Cc: arin-discuss at arin.net Subject: Re: guideline for name-based web hosting justification Matt Bailey wrote: > > For those of us that do accounting via IP how do you expect us to us Name > Based Virtuals? Until there is a method for accounting all traffic to a > domain name without using IP I see this as totally unreasonable. We base all > of our security filters and traffic filters on a customers IP assigned to > them. We also have hardware that can not support name based virtuals and > thus has a NIC card for each site? Explain IN DETAIL the method used to > account for these in our requests. How about parsing access logs? Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From joe at INNERHOST.COM Mon Sep 11 19:56:36 2000 From: joe at INNERHOST.COM (Joe Gonzalez) Date: Mon, 11 Sep 2000 19:56:36 -0400 Subject: guideline for name-based web hosting justification Message-ID: <117FCA2AC143D4119B4800500411C0FFFD39@EXCHANGE.CORP.INNERHOST.COM> Taking the IP accounting information from server log files is inefficient and is impossible with a large amount of high traffic sites. The size of logs generated is incredible and can take days to import. Most large service providers take the IP accounting information from the routers using Netflow accounting. The only way I know of matching Netflow information to a site is by IP address. Sincerely, Joe Gonzalez Chief Technology Officer http://www.innerhost.com -----Original Message----- From: brianj [mailto:brianj at nvc.net] Sent: Monday, September 11, 2000 4:40 PM To: joe at exchange.innerhost.com; joe at home.innerhost.com Cc: arin-discuss at arin.net Subject: RE: guideline for name-based web hosting justification If you currnetly use the web server's log files to account for traffic (which I'm sure is the standard method of throughput accounting for web-sites), you should easily be able to parse usage based on named sites. It shouldn't be significantly more difficult than parsing the logs for IP sites. From ronh at INTERCOM.NET Mon Sep 11 20:27:16 2000 From: ronh at INTERCOM.NET (Ron Hensley) Date: Mon, 11 Sep 2000 20:27:16 -0400 Subject: guideline for name-based web hosting justification References: <20000911175940.A89979@Geeks.ORG> Message-ID: <010a01c01c50$35be4fc0$f96af0d8@cross> Couldn't this be implemented on the WWW server however? With NT's IIS for example, or Apache under any platform you can of course have 1000 WWW domain sites all sharing one IP Address bound to the NIC Card. While some monitoring software my only look at the ip addresses and thus cant differentiate, the WWW server itself sorts the connections based, not on the IP Address, but rather on the content in the packets. More to the point, on the URL being requested. Based on that, each WWW site generates its own unique log files for that site. Thus software can be written to total the byte counts of the hits to that WWW site. WebTrends comes to mind though it doesn't produce billing data of course. Also any machine sitting on the network, like a firewall, that's gathering statistics on bandwidth by IP Address could just as easily inspect the data payload and generate statistics based on that content of the given WWW site. Yes I realize that would be processor intensive, however firewalls do that now to look for attack signatures and the like. To make it short, it sounds like your asking to use 30,000 ip addresses for 30,000 WWW sites, when you only need one, because your software vendor has written bad billing software that doesn't support virtual WWW hosts sharing the same ip address. Yes it would be nice if every toaster, watch, refrigerator, and virtual domain could have its own ip address, however were running out of ip space to get actual peoples computers online. IPV6 will obviously help, but even then it seems a complete and utter waste to use more then one ip address per WWW server or even WWW Cluster, when its not necessary. End Rant---- -------------------------------------------------------------------------- Ron Hensley (ronh at intercom.net) CCNA #10082337 Network Administrator - ICNet Internet Services -------------------------------------------------------------------------- > I concur! > > We bill via bandwidth and we need a way to track usage over a period > of time so we can bill for peak usage. > > -- > Mike Horwath IRC: Drechsau drechsau at Geeks.ORG > Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 > Opinions stated in this message, or any message posted by myself > through my Geeks.ORG address, are mine and mine alone, period. > From mbailey at journey.net Mon Sep 11 20:50:53 2000 From: mbailey at journey.net (Matt Bailey) Date: Mon, 11 Sep 2000 20:50:53 -0400 Subject: guideline for name-based web hosting justification In-Reply-To: <010a01c01c50$35be4fc0$f96af0d8@cross> Message-ID: Your missing the point completely. I can create a Netflow based usuage in 30 seconds to parse one customers 40Gigabytes worth of logs would take days let alone the machine dedicated to processing it.. Your telling me I should save the traffic log for all the sites would could be 100ish gigs per month and parse them? Why? I can use Netflow based accounting on an IP address and cough up an answer in real time anytime I want it. Obviously you don;t have much web hosting.. I would like to hear comments from some of the web hosting big boys (concentric, etc..) on what they view of this.. What gets tricky is when you have one site scattered over several machines because part of it uses a database/Part of it needs SSL etc.. This just can not happen yet. SSL requires and IP.. So I put a customer into the system. Your telling me I have to rip them out and re-add them to my systems because now they need an IP.. That is total BS. Log files are archaic forms of gathering data. Most of us gather data in Real Time rather than parsing logs. My Customers can get a second by second count of how their website is doing. Ohhh yes and that one website owner who is a total asshole to AOL and you get your 30,000 site IIS box blackholed. Is that fair to the 29,999 other customers? Have you ever tried to get out of an AOL blacklist? I have over 40 IP's I can not use for anything other than office machines as they are blackholed and the customers are LONG GONE.. Of course since we issue an FTP site based on their virtual websites IP we get away with using 30,000 IP's since there is no header in FTP... And of course the virtual mail server on the other box which requires an IP Nope no headers yet there either.. Guess what I burn two for every customer, and guess what ARIN can not stop it cause technically I use FTP and MAIL which can not yet run under one IP. IP Based websites are nothing more than a HACK in the protocol. If the WWC was smart for 1.2 or 2.0 whatever they are working on they would pull virtual headers back out since 60% or so of the people still send http/1.0 requests. I could not tell 30,000 web clients that if someone wants to visit their site they have to upgrade from netscape 2.0 (yes we still have customers using win 3.1 and netscape 2.0 with the netscape dialer.. I cringe but they are the customer they are always right..) I think ARIN needs to rethink what they are suggesting those of us that can not change the way we host websites will work the loopholes. Which I don't agree with. ARIN should have asked the community what we can do to help limit the waste. Rather than forcing it upon us. I would guess if they Asked MIT or GE or some of the other companies out there to give back unused space that they would.. I try very hard to convince my dedicated customers to use NAT and overload IP's as much as they can. If they have an absolute need then we assign them space. This is only fair. OK lets check this out.. We have 200 dedicated dial-ups we can use 200 IP's for this. We have 200 dedicated web sites we can only use 1? Why does that work.. OK Now lets say ARIN says they will not assign you more than 1 IP per piece of modem gear because you can use NAT.. Don't bitch if you support this on Virtual Webhosting as these are the equiv. infact more will work via NAT than with Virtual web.. Someone at ARIN please please tell me why that wasn't added to the policy? This would free up 75% of the IP's on the internet if you require NAT... OK I am getting a headache.. Some people just don;t understand why this is a bad idea. From mury at goldengate.net Mon Sep 11 21:01:10 2000 From: mury at goldengate.net (Mury) Date: Mon, 11 Sep 2000 20:01:10 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: <39BD69B2.A7615A77@hilander.com> Message-ID: Yikes! Have you ever tried to parse up to 1000 log files per system, with some of them around 500MB in size. It's not nearly as easy as it sounds. For some people it's feasable, but for most of us we *need* IP based accounting. By the way, we are setup to do a large number of URL's pointed at a single IP for some hosting applications, but for the majority of our sites, it is not an option. Mury GoldenGate Internet Services On Mon, 11 Sep 2000, Alec H. Peterson wrote: > > How about parsing access logs? > > Alec > > -- > Alec H. Peterson - ahp at hilander.com > Staff Scientist > CenterGate Research Group - http://www.centergate.com > "Technology so advanced, even _we_ don't understand it!" > From rkatz at virtualis.com Mon Sep 11 21:38:43 2000 From: rkatz at virtualis.com (Randy Katz) Date: Mon, 11 Sep 2000 18:38:43 -0700 Subject: guideline for name-based web hosting justification In-Reply-To: References: <010a01c01c50$35be4fc0$f96af0d8@cross> Message-ID: <4.3.2.7.0.20000911183535.00b71f08@mail.ccsales.com> I am a major shareholder in a $7MM/year plus web hosting company, which I consider small, every word Matt says makes 100% sense. It seems there is this "wave" of biased opinions about web hosting stemming from the ISP vs. web host days and easy and relatively low cost to entry for the average web hosting business, but this is simply not an intellectual approach towards the problem and shows that while they might understand by now what an ISP does and the importance of it they are openly taking jabs at web hosting which show complete iqnorance in that area. Please answer the points. Thank you, Randy Katz At 08:50 PM 9/11/2000 -0400, Matt Bailey wrote: >Your missing the point completely. >I can create a Netflow based usuage in 30 seconds to parse one customers >40Gigabytes worth of logs would take days let alone the machine dedicated to >processing it.. Your telling me I should save the traffic log for all the >sites would could be 100ish gigs per month and parse them? Why? I can use >Netflow based accounting on an IP address and cough up an answer in real >time anytime I want it. > >Obviously you don;t have much web hosting.. I would like to hear comments >from some of the web hosting big boys (concentric, etc..) on what they view >of this.. What gets tricky is when you have one site scattered over several >machines because part of it uses a database/Part of it needs SSL etc.. This >just can not happen yet. > >SSL requires and IP.. So I put a customer into the system. Your telling me I >have to rip them out and re-add them to my systems because now they need an >IP.. That is total BS. > >Log files are archaic forms of gathering data. Most of us gather data in >Real Time rather than parsing logs. My Customers can get a second by second >count of how their website is doing. > >Ohhh yes and that one website owner who is a total asshole to AOL and you >get your 30,000 site IIS box blackholed. Is that fair to the 29,999 other >customers? Have you ever tried to get out of an AOL blacklist? I have over >40 IP's I can not use for anything other than office machines as they are >blackholed and the customers are LONG GONE.. > >Of course since we issue an FTP site based on their virtual websites IP we >get away with using 30,000 IP's since there is no header in FTP... >And of course the virtual mail server on the other box which requires an IP >Nope no headers yet there either.. Guess what I burn two for every customer, >and guess what ARIN can not stop it cause technically I use FTP and MAIL >which can not yet run under one IP. IP Based websites are nothing more than >a HACK in the protocol. If the WWC was smart for 1.2 or 2.0 whatever they >are working on they would pull virtual headers back out since 60% or so of >the people still send http/1.0 requests. I could not tell 30,000 web clients >that if someone wants to visit their site they have to upgrade from netscape >2.0 (yes we still have customers using win 3.1 and netscape 2.0 with the >netscape dialer.. I cringe but they are the customer they are always >right..) > >I think ARIN needs to rethink what they are suggesting those of us that can >not change the way we host websites will work the loopholes. Which I don't >agree with. ARIN should have asked the community what we can do to help >limit the waste. Rather than forcing it upon us. I would guess if they Asked >MIT or GE or some of the other companies out there to give back unused space >that they would.. I try very hard to convince my dedicated customers to use >NAT and overload IP's as much as they can. If they have an absolute need >then we assign them space. This is only fair. > >OK lets check this out.. We have 200 dedicated dial-ups we can use 200 IP's >for this. We have 200 dedicated web sites we can only use 1? >Why does that work.. OK Now lets say ARIN says they will not assign you more >than 1 IP per piece of modem gear because you can use NAT.. Don't bitch if >you support this on Virtual Webhosting as these are the equiv. infact more >will work via NAT than with Virtual web.. Someone at ARIN please please tell >me why that wasn't added to the policy? This would free up 75% of the IP's >on the internet if you require NAT... > >OK I am getting a headache.. Some people just don;t understand why this is a >bad idea. From ahp at hilander.com Mon Sep 11 22:29:11 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Mon, 11 Sep 2000 20:29:11 -0600 Subject: guideline for name-based web hosting justification References: Message-ID: <39BD94F7.DD143DBE@hilander.com> Mury wrote: > > Yikes! > > Have you ever tried to parse up to 1000 log files per system, with some of > them around 500MB in size. It's not nearly as easy as it sounds. It is if you change how you write and parse your logs. > > For some people it's feasable, but for most of us we *need* IP based > accounting. > > By the way, we are setup to do a large number of URL's pointed at a single > IP for some hosting applications, but for the majority of our sites, it is > not an option. Can't say that I have tried it. However at the same time I can think of quite a few ways to make the task far easier and faster. For example, don't do all of the parsing at once at the end of the day; modify the server to keep a running tally of a customer's usage and have it write that alone to a file on the disk every time it changes. Far more efficient. That's just off the top of my head, and probably not a really efficient way to do it. My point is that the Internet is made up of a lot of smart people who are more than capable of solving these issues if they feel like it. Whining about how today's methods of accounting won't work with tomorrow's methods of virtual hosting is a lot like complaining about how yesterday's chalk writes really poorly on today's white boards. If you don't want to be left behind you have to keep on evolving. After all, where would we be today if dial-up providers decided that it was too much work to use dynamically allocated IP addresses and kept on giving each user their own IP address? However, name-based virtual hosts aren't exactly a new thing. Many large web hosters have been using name-based virtual hosts for a while now, so would any of those companies mind sharing a little wisdom on how this can be done? Thanks, Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From ronh at INTERCOM.NET Mon Sep 11 22:36:48 2000 From: ronh at INTERCOM.NET (Ron Hensley) Date: Mon, 11 Sep 2000 22:36:48 -0400 Subject: guideline for name-based web hosting justification References: Message-ID: <011f01c01c62$4e72e820$f96af0d8@cross> I agree log files of those sorts of magnitudes would be too much to deal with and wasn't suggesting that's the end all solution. However the internet is running out of ips,. and without the guidelines ARIN has, even the ipv6 would get blown out in a decade. Netflow was mentioned alot. Its a dedicated device with all traffic passing through it, doing accounting, however only on ip address. So if Cisco or some other vendor simply adds the functionality to produce its logs based not only on the ip address, but also on the TCP Packets where an URL request for instance is seen, then those needing the virtuals accounted are taken care of, and 30,000 ips for this one example ISP/WWW Hosting Site are cleared up. Noones arguing that you need a solution. I am just arguing that there are other solutions possible beyond having to tag every accessed resource with an individual ip address. ----- Original Message ----- From: "Mury" To: "Alec H. Peterson" Cc: "Matt Bailey" ; Sent: Monday, September 11, 2000 9:01 PM Subject: Re: guideline for name-based web hosting justification > > Yikes! > > Have you ever tried to parse up to 1000 log files per system, with some of > them around 500MB in size. It's not nearly as easy as it sounds. > > For some people it's feasable, but for most of us we *need* IP based > accounting. > > By the way, we are setup to do a large number of URL's pointed at a single > IP for some hosting applications, but for the majority of our sites, it is > not an option. > > Mury > GoldenGate Internet Services > > On Mon, 11 Sep 2000, Alec H. Peterson wrote: > > > > > How about parsing access logs? > > > > Alec > > > > -- > > Alec H. Peterson - ahp at hilander.com > > Staff Scientist > > CenterGate Research Group - http://www.centergate.com > > "Technology so advanced, even _we_ don't understand it!" > > > > From mury at goldengate.net Tue Sep 12 02:52:36 2000 From: mury at goldengate.net (Mury) Date: Tue, 12 Sep 2000 01:52:36 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: <39BD94F7.DD143DBE@hilander.com> Message-ID: Dear Alec, Since you basically called those of us pointing out some real issues "whiners," I took the liberty of finding out a little bit more about you. It looks like you are probably a fairly bright person, probably a lot smarter than me. From looking at your web site though and reading your comments below I question how much you really understand what you are talking about when you trivialize some of the issues that have been brought up. I also find it interesting that in your presentation to the 11th NANOG meeting that you did with Avi Freedman (Isn't he working for Digital Island now? Or one of the other distributed content providers) you are supporting a technology that not only assigns an IP address to a web site but assigns multiple IP addresses to a single site. Perhaps I didn't decipher your presentation correctly, but it sure seems like you are supporting performance/service level issues above and beyond IP conservation. Ah, I hear it coming, that each distributed node can handle multiple distributed sites off of a single IP. Very true. Do you know what the ratio of managed sites to in-service systems is? How many locations is Akamai in? I really don't know what the IP "waste" ratio is. But the point is you are supporting performance at the expense of IP addresses however large or small that may be. In addition, you even argue against yourself. You say, "For example, don't do all of the parsing at once at the end of the day; modify the server to keep a running tally of a customer's usage and have it write that alone to a file on the disk every time it changes. Far more efficient. That's just off the top of my head, and probably not a really efficient way to do it." What?! How can it be *far more efficient* and then in the next line it's *not a really efficient*" Can you see why I'm not very thrilled with your off the cuff and seemingly inexperienced comments? By making light of some real issues that were brought up it sure seems like your statements are hypocritical. Now like I said, I'm not the smartest guy out here, so if I've badly misrepresented things I apologize in advance. Bottom line, for every one out there saying it's no big deal to do single IP virtual hosting I would like to see a solution that does not sacrifice reliability, accountability, quality of service, and functionality. I hate it when people (even smart people) start voicing opinions on things they don't understand. I'm also not stubborn. I'm not running things the way I do because it's my way, but because they work, they are scalable, they are functionable, and we have zero down time. I've tried Microsoft IIS. It doesn't work. Well doh, of course it works, but not for a company that demands uptime and security and a fast and simple database. I have to reboot co-located IIS machines all the time. My BSDI/Apache/MySQL/Perl/PHP/Raven boxes have had zero downtime in the last 3 years. That is not an invitation to hack or DOS my network. But thanks for thinking about me. And like I said before, when appropriate we have assigned multiple sites to a single IP. We actually do it by sending all requests into a CGI script that grabs the HTTP_HOST env variable and creates the customized web site on the fly with MySQL. So yes, we are trying to conserve IP addresses, we are not greedy, whiny bastards trying to screw the Internet up for everyone else. For those of you running Apache that want to know how to do it the right way, go to: http://www.apache.org/docs/vhosts/name-based.html Cool! Now we all know how to do name based hosting... er, wait... what about all those HTTP/1.0 browsers!? You don't think they exist any more? Check this out. In fairness I sampled all my virtual hosts off of one server from a selective time period. All my logs files are in the www.domain.com format. Here are my commands and results: webserver3: {17} % grep 'HTTP/1.1' www.*.com | wc -l 400441 webserver3: {18} % grep 'HTTP/1.0' www.*.com | wc -l 375412 48.4% of the browsers out there that accessed my customers' sites used HTTP/1.0. For the uninitiated the 1.0 version of the HTTP protocol does NOT support name based hosting. Can I tell all my customers to call you when their online business drops by almost 50%. By the way, can you use a shared IP for secure server certificates? Some more thoughts... Look at some of the new comers to the tech scene, Keynote, Akamai, Speedera, Digital Island, etc. These company's success show how important it is to the world to have fast, reliable, and secure web sites. Quality of Service (in its broad definition) is paramount. And if you don't believe that you can make a fortune by shorting the stock in those companies. I don't want to see any more comments that I should be doing things smarter and better. I want to see explanations of how I can accomplish the things that you say are so easy. Like I said I'm not stubborn... show me the way. If you can't, then please refrain from making popular political statements that don't affect YOUR business and your customers' business. There's my not so bright, whiny, long-winded $10 worth. Mury GoldenGate Internet Services PS. If you are such an advocate for IP conservation why do you have a whole block? I can't tell how many IPs you are wasting because your provider has not swipped your block. But you have multiple web sites running on multiple IPs! What's your excuse? Name: gw1.hilander.com Address: 216.241.32.33 Name: virthost.hilander.com Address: 216.241.32.35 Name: ramirez.hilander.com Address: 216.241.32.34 Pretty interesting web sites I might add. If you are going to call someone a whiner you better have your own act together. The hypocrisy is killing me. Like I said, I'm sure you are smarter than me, but stick to what you know. On Mon, 11 Sep 2000, Alec H. Peterson wrote: > Mury wrote: > > > > Yikes! > > > > Have you ever tried to parse up to 1000 log files per system, with some of > > them around 500MB in size. It's not nearly as easy as it sounds. > > It is if you change how you write and parse your logs. > > > > > For some people it's feasable, but for most of us we *need* IP based > > accounting. > > > > By the way, we are setup to do a large number of URL's pointed at a single > > IP for some hosting applications, but for the majority of our sites, it is > > not an option. > > Can't say that I have tried it. However at the same time I can think of > quite a few ways to make the task far easier and faster. For example, don't > do all of the parsing at once at the end of the day; modify the server to > keep a running tally of a customer's usage and have it write that alone to a > file on the disk every time it changes. Far more efficient. > > That's just off the top of my head, and probably not a really efficient way > to do it. My point is that the Internet is made up of a lot of smart people > who are more than capable of solving these issues if they feel like it. > Whining about how today's methods of accounting won't work with tomorrow's > methods of virtual hosting is a lot like complaining about how yesterday's > chalk writes really poorly on today's white boards. If you don't want to be > left behind you have to keep on evolving. > > After all, where would we be today if dial-up providers decided that it was > too much work to use dynamically allocated IP addresses and kept on giving > each user their own IP address? > > However, name-based virtual hosts aren't exactly a new thing. Many large > web hosters have been using name-based virtual hosts for a while now, so > would any of those companies mind sharing a little wisdom on how this can be > done? > > Thanks, > > Alec > > -- > Alec H. Peterson - ahp at hilander.com > Staff Scientist > CenterGate Research Group - http://www.centergate.com > "Technology so advanced, even _we_ don't understand it!" > From jerry at fc.net Tue Sep 12 04:34:57 2000 From: jerry at fc.net (Jeremy Porter) Date: Tue, 12 Sep 2000 03:34:57 -0500 Subject: guideline for name-based web hosting justification In-Reply-To: Your message of "Tue, 12 Sep 2000 01:52:36 CDT." Message-ID: <200009120834.DAA64586@freeside.fc.net> I don't think Alec has called anyone whiners. The policy has been discussed and as presented does not change the business climate for for existing users of addresses. For new assignments I quote: http://www.arin.net/announcements/policy_changes.html Exceptions may be made for ISPs that provide justification for requiring static addresses. ARIN will determine, on a case-by-case basis, whether an exception is appropriate. If you are sure that your use of one IP per Host is justfiable, then you should have no problem getting an exception approved. Perhaps if you are complaining maybe you don't feel that your use has technical merit? "Back in the day" when I ran an ISP and Web hosting business for a living, we used single IPs for WWW (http 1.1 didn't exist), assigned static IPs to all customers, etc. When new technologies came about and policies changed, we followed. We ended up renumber those static customers and some significiant business cost, because it was the right thing to do. It wasn't easy, the customers didn't like it, it made accounting and access control harder. With that said, theses issues were discussed at the ARIN policy meeting, and there weren't huge objections, so the conclusion was reached that there were significant objectors. Luckily there is a meeting in just a few weeks, where you are invited to discusse it more, and perhaps better wording can be determined that would allow existing operations to switch to more efficient technologies in a reasonable time frame, while still encouraging better utilization of IP addressing. I'm sure if several vocal www hosting business pushed for changed wording that still encouraged better utilization, that it would be considered. >From my recollection of the last ARIN meeting there was a significant lack of input from WWW hosting companies, as there were only a handful present. "Whining" (your words) about it on the mailing list might not be enough. Also I'd think you find Alec would be more than willing to help address any technical issues you might find, but telling him "math is hard" isn't likely to win you much, and personal attacks, will likely just be ignored, as he's been doing this long enough to not take the "bait". In message , Mury writes: > >Dear Alec, > >Since you basically called those of us pointing out some real issues >"whiners," I took the liberty of finding out a little bit more about >you. It looks like you are probably a fairly bright person, probably a >lot smarter than me. From looking at your web site though and reading >your comments below I question how much you really understand what you are >talking about when you trivialize some of the issues that have been >brought up. > >I also find it interesting that in your presentation to the 11th NANOG >meeting that you did with Avi Freedman (Isn't he working for Digital >Island now? Or one of the other distributed content providers) you are >supporting a technology that not only assigns an IP address to a web site >but assigns multiple IP addresses to a single site. Perhaps I didn't >decipher your presentation correctly, but it sure seems like you are >supporting performance/service level issues above and beyond IP >conservation. Ah, I hear it coming, that each distributed node can handle >multiple distributed sites off of a single IP. Very true. Do you know >what the ratio of managed sites to in-service systems is? How many >locations is Akamai in? I really don't know what the IP "waste" ratio is. >But the point is you are supporting performance at the expense of IP >addresses however large or small that may be. > >In addition, you even argue against yourself. You say, "For example, >don't do all of the parsing at once at the end of the day; modify the >server to keep a running tally of a customer's usage and have it write >that alone to a file on the disk every time it changes. Far more >efficient. That's just off the top of my head, and probably not a really >efficient way to do it." > >What?! How can it be *far more efficient* and then in the next line it's >*not a really efficient*" Can you see why I'm not very thrilled with your >off the cuff and seemingly inexperienced comments? > >By making light of some real issues that were brought up it sure seems >like your statements are hypocritical. Now like I said, I'm not the >smartest guy out here, so if I've badly misrepresented things I apologize >in advance. > >Bottom line, for every one out there saying it's no big deal to do single >IP virtual hosting I would like to see a solution that does not sacrifice >reliability, accountability, quality of service, and functionality. I >hate it when people (even smart people) start voicing opinions on things >they don't understand. > >I'm also not stubborn. I'm not running things the way I do because it's >my way, but because they work, they are scalable, they are functionable, >and we have zero down time. I've tried Microsoft IIS. It doesn't work. >Well doh, of course it works, but not for a company that demands uptime >and security and a fast and simple database. I have to reboot co-located >IIS machines all the time. My BSDI/Apache/MySQL/Perl/PHP/Raven boxes have >had zero downtime in the last 3 years. That is not an invitation to hack >or DOS my network. But thanks for thinking about me. > >And like I said before, when appropriate we have assigned multiple sites >to a single IP. We actually do it by sending all requests into a CGI >script that grabs the HTTP_HOST env variable and creates the customized >web site on the fly with MySQL. So yes, we are trying to conserve IP >addresses, we are not greedy, whiny bastards trying to screw the Internet >up for everyone else. > >For those of you running Apache that want to know how to do it the right >way, go to: http://www.apache.org/docs/vhosts/name-based.html > >Cool! Now we all know how to do name based hosting... er, wait... what >about all those HTTP/1.0 browsers!? You don't think they exist any >more? Check this out. In fairness I sampled all my virtual hosts off of >one server from a selective time period. All my logs files are in the >www.domain.com format. Here are my commands and results: > >webserver3: {17} % grep 'HTTP/1.1' www.*.com | wc -l > 400441 >webserver3: {18} % grep 'HTTP/1.0' www.*.com | wc -l > 375412 > >48.4% of the browsers out there that accessed my customers' sites used >HTTP/1.0. For the uninitiated the 1.0 version of the HTTP protocol does >NOT support name based hosting. > >Can I tell all my customers to call you when their online business drops >by almost 50%. By the way, can you use a shared IP for secure server >certificates? > >Some more thoughts... > >Look at some of the new comers to the tech scene, Keynote, Akamai, >Speedera, Digital Island, etc. These company's success show how important >it is to the world to have fast, reliable, and secure web sites. Quality >of Service (in its broad definition) is paramount. And if you don't >believe that you can make a fortune by shorting the stock in those >companies. > >I don't want to see any more comments that I should be doing things >smarter and better. I want to see explanations of how I can accomplish >the things that you say are so easy. Like I said I'm not stubborn... show >me the way. If you can't, then please refrain from making popular >political statements that don't affect YOUR business and your customers' >business. > >There's my not so bright, whiny, long-winded $10 worth. > >Mury >GoldenGate Internet Services > >PS. If you are such an advocate for IP conservation why do you have a >whole block? I can't tell how many IPs you are wasting because your >provider has not swipped your block. But you have multiple web sites >running on multiple IPs! What's your excuse? > >Name: gw1.hilander.com >Address: 216.241.32.33 > >Name: virthost.hilander.com >Address: 216.241.32.35 > >Name: ramirez.hilander.com >Address: 216.241.32.34 > >Pretty interesting web sites I might add. > >If you are going to call someone a whiner you better have your own act >together. The hypocrisy is killing me. > >Like I said, I'm sure you are smarter than me, but stick to what you know. > > >On Mon, 11 Sep 2000, Alec H. Peterson wrote: > >> Mury wrote: >> > >> > Yikes! >> > >> > Have you ever tried to parse up to 1000 log files per system, with some of >> > them around 500MB in size. It's not nearly as easy as it sounds. >> >> It is if you change how you write and parse your logs. >> >> > >> > For some people it's feasable, but for most of us we *need* IP based >> > accounting. >> > >> > By the way, we are setup to do a large number of URL's pointed at a single >> > IP for some hosting applications, but for the majority of our sites, it is >> > not an option. >> >> Can't say that I have tried it. However at the same time I can think of >> quite a few ways to make the task far easier and faster. For example, don't >> do all of the parsing at once at the end of the day; modify the server to > keep a running tally of a customer's usage and have it write that alone to a >> file on the disk every time it changes. Far more efficient. >> >> That's just off the top of my head, and probably not a really efficient way >> to do it. My point is that the Internet is made up of a lot of smart people >> who are more than capable of solving these issues if they feel like it. >> Whining about how today's methods of accounting won't work with tomorrow's >> methods of virtual hosting is a lot like complaining about how yesterday's >> chalk writes really poorly on today's white boards. If you don't want to be >> left behind you have to keep on evolving. >> >> After all, where would we be today if dial-up providers decided that it was >> too much work to use dynamically allocated IP addresses and kept on giving >> each user their own IP address? >> >> However, name-based virtual hosts aren't exactly a new thing. Many large >> web hosters have been using name-based virtual hosts for a while now, so >> would any of those companies mind sharing a little wisdom on how this can be >> done? >> >> Thanks, >> >> Alec >> >> -- >> Alec H. Peterson - ahp at hilander.com >> Staff Scientist >> CenterGate Research Group - http://www.centergate.com >> "Technology so advanced, even _we_ don't understand it!" >> > > --- jerry at fc.net 512-519-6193 www.wayport.net 8303 Mopac Expressway Suite A300, Austin Tx. From drechsau at geeks.org Tue Sep 12 09:20:08 2000 From: drechsau at geeks.org (Mike Horwath) Date: Tue, 12 Sep 2000 08:20:08 -0500 Subject: guideline for name-based web hosting justification In-Reply-To: <39BD69B2.A7615A77@hilander.com>; from ahp@hilander.com on Mon, Sep 11, 2000 at 05:24:34PM -0600 References: <39BD69B2.A7615A77@hilander.com> Message-ID: <20000912082008.A93972@Geeks.ORG> On Mon, Sep 11, 2000 at 05:24:34PM -0600, Alec H. Peterson wrote: > Matt Bailey wrote: > > > > For those of us that do accounting via IP how do you expect us to us Name > > Based Virtuals? Until there is a method for accounting all traffic to a > > domain name without using IP I see this as totally unreasonable. We base all > > of our security filters and traffic filters on a customers IP assigned to > > them. We also have hardware that can not support name based virtuals and > > thus has a NIC card for each site? Explain IN DETAIL the method used to > > account for these in our requests. > > How about parsing access logs? Doesn't work if you are billing for bandwidth... -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From drechsau at geeks.org Tue Sep 12 09:25:54 2000 From: drechsau at geeks.org (Mike Horwath) Date: Tue, 12 Sep 2000 08:25:54 -0500 Subject: guideline for name-based web hosting justification In-Reply-To: <010a01c01c50$35be4fc0$f96af0d8@cross>; from ronh@INTERCOM.NET on Mon, Sep 11, 2000 at 08:27:16PM -0400 References: <20000911175940.A89979@Geeks.ORG> <010a01c01c50$35be4fc0$f96af0d8@cross> Message-ID: <20000912082554.B93972@Geeks.ORG> On Mon, Sep 11, 2000 at 08:27:16PM -0400, Ron Hensley wrote: > Couldn't this be implemented on the WWW server however? With NT's IIS for > example, or Apache > under any platform you can of course have 1000 WWW domain sites all sharing > one IP Address > bound to the NIC Card. While some monitoring software my only look at the ip > addresses and thus cant differentiate, > the WWW server itself sorts the connections based, not on the IP Address, > but rather on the content in the packets. > More to the point, on the URL being requested. > > Based on that, each WWW site generates its own unique log files for that > site. > Thus software can be written to total the byte counts of the hits to that > WWW site. WebTrends comes > to mind though it doesn't produce billing data of course. > > Also any machine sitting on the network, like a firewall, that's gathering > statistics on bandwidth by IP Address > could just as easily inspect the data payload and generate statistics based > on that content of the given WWW site. > Yes I realize that would be processor intensive, however firewalls do that > now to look for attack signatures and the like. > > To make it short, it sounds like your asking to use 30,000 ip addresses for > 30,000 WWW sites, when you only > need one, because your software vendor has written bad billing software that > doesn't support virtual WWW hosts > sharing the same ip address. Oh my god, this has gotta be one of the worst things you could ask someone to do. Go and buy all this gear (many thousands of dollars) just so you can do the billing you have been doing that costs pennies per year to do. It would be cheaper to put each web site on its own server (or hell, put each on its own interface card) than to purchase the kinds of hardware needed to do what we already do with current hardware and software. With PC hardare going for a couple hundred bux, I could put each web site on its own server. Sure, I would run out of equipment room space someday, but that day isn't for some time. The days of running out of IP addresses is basically over. Yes, there is still a crunch, but with IPv6 around the corner (haha), this issue will be moot in the foreseeable future. This is an absolutely silly rule that penalizes ANYONE that bills for actual bandwidth used and not for number of bytes transferred. -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From drechsau at geeks.org Tue Sep 12 09:27:47 2000 From: drechsau at geeks.org (Mike Horwath) Date: Tue, 12 Sep 2000 08:27:47 -0500 Subject: guideline for name-based web hosting justification In-Reply-To: <02fe01c01c51$6fa22580$e421340a@mgc.com>; from dwaters@MPowercom.net on Mon, Sep 11, 2000 at 05:35:59PM -0700 References: <20000911175940.A89979@Geeks.ORG> <02fe01c01c51$6fa22580$e421340a@mgc.com> Message-ID: <20000912082747.C93972@Geeks.ORG> On Mon, Sep 11, 2000 at 05:35:59PM -0700, Dean Waters wrote: > Why not get your bandwidth numbers from your access logs? Because that counts bytes transferred. Tell me how easy it would be to write code to take the access logs and correlate to bandwidth used over a month, then tell me what it would take to produce this data (which is required for billing) so that it looks like MRTG (so our customers can see their utilization), and can do it for 1500 web sites at over 8GB a day of logs, and be done doing that in a reasonable time (like the same day, or better yet, real time). And do it without having to purchase any other hardware. > Email: dwaters at MPowercom.net > Phone: 702-310-4206 > ----- Original Message ----- > From: "Mike Horwath" > To: "Matt Bailey" > Cc: > Sent: Monday, September 11, 2000 3:59 PM > Subject: Re: guideline for name-based web hosting justification > > > > On Mon, Sep 11, 2000 at 01:32:07PM -0400, Matt Bailey wrote: > > > For those of us that do accounting via IP how do you expect us to us > > > Name Based Virtuals? Until there is a method for accounting all > > > traffic to a domain name without using IP I see this as totally > > > unreasonable. We base all of our security filters and traffic > > > filters on a customers IP assigned to them. We also have hardware > > > that can not support name based virtuals and thus has a NIC card for > > > each site? Explain IN DETAIL the method used to account for these in > > > our requests. > > > > I concur! > > > > We bill via bandwidth and we need a way to track usage over a period > > of time so we can bill for peak usage. > > > > -- > > Mike Horwath IRC: Drechsau drechsau at Geeks.ORG > > Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 > > Opinions stated in this message, or any message posted by myself > > through my Geeks.ORG address, are mine and mine alone, period. > > > > > > -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From drechsau at geeks.org Tue Sep 12 09:32:05 2000 From: drechsau at geeks.org (Mike Horwath) Date: Tue, 12 Sep 2000 08:32:05 -0500 Subject: guideline for name-based web hosting justification In-Reply-To: ; from mury@goldengate.net on Mon, Sep 11, 2000 at 08:01:10PM -0500 References: <39BD69B2.A7615A77@hilander.com> Message-ID: <20000912083205.D93972@Geeks.ORG> On Mon, Sep 11, 2000 at 08:01:10PM -0500, Mury wrote: > > Yikes! > > Have you ever tried to parse up to 1000 log files per system, with some of > them around 500MB in size. It's not nearly as easy as it sounds. > > For some people it's feasable, but for most of us we *need* IP based > accounting. > > By the way, we are setup to do a large number of URL's pointed at a single > IP for some hosting applications, but for the majority of our sites, it is > not an option. Same here. Where we could get away with header parsing, we have. Where we can not, we must use an IP, and if we need to, we will put up a bunch of other shit as well since 99.9% of the customers we do web hosting for also get all of their email from us, we can just run virtual servers for them for their mail on their 'dedicated IP'. No biggie, the mail cluster is going in behind loadbalancers with the web boxes, this will be easy. > On Mon, 11 Sep 2000, Alec H. Peterson wrote: > > > > > How about parsing access logs? > > > > Alec > > > > -- > > Alec H. Peterson - ahp at hilander.com > > Staff Scientist > > CenterGate Research Group - http://www.centergate.com > > "Technology so advanced, even _we_ don't understand it!" > > > > -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From drechsau at geeks.org Tue Sep 12 09:36:04 2000 From: drechsau at geeks.org (Mike Horwath) Date: Tue, 12 Sep 2000 08:36:04 -0500 Subject: guideline for name-based web hosting justification In-Reply-To: <39BD94F7.DD143DBE@hilander.com>; from ahp@hilander.com on Mon, Sep 11, 2000 at 08:29:11PM -0600 References: <39BD94F7.DD143DBE@hilander.com> Message-ID: <20000912083604.E93972@Geeks.ORG> On Mon, Sep 11, 2000 at 08:29:11PM -0600, Alec H. Peterson wrote: > Mury wrote: > > > > Yikes! > > > > Have you ever tried to parse up to 1000 log files per system, with some of > > them around 500MB in size. It's not nearly as easy as it sounds. > > It is if you change how you write and parse your logs. Well, up his numbers by a full factor and you will see it is again not feasible. > > For some people it's feasable, but for most of us we *need* IP based > > accounting. > > > > By the way, we are setup to do a large number of URL's pointed at a single > > IP for some hosting applications, but for the majority of our sites, it is > > not an option. > > Can't say that I have tried it. However at the same time I can > think of quite a few ways to make the task far easier and faster. > For example, don't do all of the parsing at once at the end of the > day; modify the server to keep a running tally of a customer's usage > and have it write that alone to a file on the disk every time it > changes. Far more efficient. And requires even more hacking and more CPU power to manage, continue. > That's just off the top of my head, and probably not a really > efficient way to do it. My point is that the Internet is made up of > a lot of smart people who are more than capable of solving these > issues if they feel like it. Whining about how today's methods of > accounting won't work with tomorrow's methods of virtual hosting is > a lot like complaining about how yesterday's chalk writes really > poorly on today's white boards. If you don't want to be left behind > you have to keep on evolving. Thing is, 'tomorrows way of web hosting' really is tomorrow. Or don't you get it? > After all, where would we be today if dial-up providers decided that > it was too much work to use dynamically allocated IP addresses and > kept on giving each user their own IP address? But why not put all dialups behind NAT, I mean, hell, fuck'em, they don't need to play games on the 'net, do Netmeeting, ICQ and such, and this would save me a couple thousand IPs and would save UUNET (and other big boys) /14s and more of IP space. > However, name-based virtual hosts aren't exactly a new thing. Many > large web hosters have been using name-based virtual hosts for a > while now, so would any of those companies mind sharing a little > wisdom on how this can be done? Yep, it isn't new and many of us use name based virtual hosting techniques when we can. Thing is, it doesn't work all the time. -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From drechsau at geeks.org Tue Sep 12 09:59:35 2000 From: drechsau at geeks.org (Mike Horwath) Date: Tue, 12 Sep 2000 08:59:35 -0500 Subject: guideline for name-based web hosting justification In-Reply-To: <200009120834.DAA64586@freeside.fc.net>; from jerry@fc.net on Tue, Sep 12, 2000 at 03:34:57AM -0500 References: <200009120834.DAA64586@freeside.fc.net> Message-ID: <20000912085935.F93972@Geeks.ORG> On Tue, Sep 12, 2000 at 03:34:57AM -0500, Jeremy Porter wrote: > > I don't think Alec has called anyone whiners. ...Whining about how today's methods of accounting won't work with tomorrow's methods of virtual hosting is a lot like complaining about how yesterday's... Yah, we are whining I guess. > The policy has been discussed and as presented does not change the > business climate for for existing users of addresses. For new > assignments I quote: But I am an existing user of addresses but I now mush change going forward. Yah, that sounds fun, inefficient, timeconsuming, and expensive. Not everyone runs domains for parents for their children to show off their pictures of their vacation. Some of us actually host some of the sites you yourself are visiting on a regular basis that generate logs that are unparsable using current CPUs of today. These same sites are also cylic in their usage of bandwidth (and we all pay for bandwidth right?), so we much charge them accordingly for their peak utilization (or thereabouts). Writing code to do this would be a bitch, would tear apart todays CPUs, and would require us to purchase, at this rate, multiple computers per web site just to do log parsing. > If you are sure that your use of one IP per Host is justfiable, then > you should have no problem getting an exception approved. When was the last time you got IP addresses? We had a /16 and a /17, I went to request space (after we were down to under 5 /24s left) and it took almost 2 weeks (by which time we had burned all but 1 /24 out of that space). And the issue wasn't SWIPing at all, we were down with that... So, I submit for more addressing, which already takes 2 weeks at a minimum but now we must get 'approval' for on a case by case basis, this could take 2-6 weeks at a minimum. Which would cause us to find ways around this policy decision, ways that are 100% legit. 75-80% of our customers already use NAT and DMZs, we have been stingy with address space and we are very very accountable for that space. This new ruling doesn't help us or the 'net one bit and in fact causes hording to happen all over again. I have customers with a very large blocks assigned to them, yet their utilization of these blocks is under 10%. These IP blocks were assigned to them by the old interNIC back when you could get a /20 just by asking. If there is worry about addressing, why not write code to ping IP addresses and start investigating where the hell they all are. Isn't that why we pay ARIN for space? So that it can be managed? Manage the fucking IP space, find the wasters out there and get IP space back. Get off the backs of providers and overall general good 'netizens who are doing what they can to both conserve IP wastage and still be a business on the 'net. > "Back in the day" when I ran an ISP and Web hosting business for a living, > we used single IPs for WWW (http 1.1 didn't exist), assigned static > IPs to all customers, etc. When new technologies came about > and policies changed, we followed. We ended up renumber those static > customers and some significiant business cost, because it was the > right thing to do. It wasn't easy, the customers didn't like it, > it made accounting and access control harder. It has been shown that HTTP/1.0 requests account for over 45% of the requests. If needed, I'll grep my logs as well. It isn't just 'cost of change', it is just cost for the sake of cost. Review my statements above - ARIN should be reclaiming wasted IP space from the 'old users' of the 'net who have large blocks but aren't using them. > With that said, theses issues were discussed at the ARIN policy > meeting, and there weren't huge objections, so the conclusion was > reached that there were significant objectors. Luckily there is a > meeting in just a few weeks, where you are invited to discusse it > more, and perhaps better wording can be determined that would allow > existing operations to switch to more efficient technologies in a > reasonable time frame, while still encouraging better utilization of > IP addressing. Or start gathering IP space from the wasters while coming up with a plan that will force the 'net in general to change to 100% HTTP/1.1 requests. If everyone can agree on this, then hell, I'll convert every one of my sites today, buy the few hundred thousand in CPU I will need to do billing, and shut the hell up. But while I see this hypocracy continue I can't be on the side of you or ARIN for this decision. As far as going to yet another meeting... YUCK. Might be time to hire someone whose sole job at my company is to go to meetings and fight on the side of common sense. > I'm sure if several vocal www hosting business pushed for changed > wording that still encouraged better utilization, that it would be > considered. And how many of those web hosting businesses actually get space from ARIN and not their provider? > From my recollection of the last ARIN meeting there was a > significant lack of input from WWW hosting companies, as there were > only a handful present. You are making my point. > "Whining" (your words) about it on the mailing list might not be > enough. Also I'd think you find Alec would be more than willing to > help address any technical issues you might find, but telling him > "math is hard" isn't likely to win you much, and personal attacks, > will likely just be ignored, as he's been doing this long enough to > not take the "bait". You took the bait.. :) -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From ahp at hilander.com Tue Sep 12 10:50:05 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Tue, 12 Sep 2000 08:50:05 -0600 Subject: guideline for name-based web hosting justification References: Message-ID: <39BE429D.BF3CF8B4@hilander.com> Mury wrote: > > I also find it interesting that in your presentation to the 11th NANOG > meeting that you did with Avi Freedman (Isn't he working for Digital > Island now? Or one of the other distributed content providers) you are > supporting a technology that not only assigns an IP address to a web site > but assigns multiple IP addresses to a single site. Perhaps I didn't > decipher your presentation correctly, but it sure seems like you are > supporting performance/service level issues above and beyond IP > conservation. Ah, I hear it coming, that each distributed node can handle > multiple distributed sites off of a single IP. Very true. Do you know > what the ratio of managed sites to in-service systems is? How many > locations is Akamai in? I really don't know what the IP "waste" ratio is. > But the point is you are supporting performance at the expense of IP > addresses however large or small that may be. I hardly see what a single presentation I did with Avi several years ago has to do with the issue at hand. As it happens, I can count on one hand the number of conversations I've had with Avi this year. > > In addition, you even argue against yourself. You say, "For example, > don't do all of the parsing at once at the end of the day; modify the > server to keep a running tally of a customer's usage and have it write > that alone to a file on the disk every time it changes. Far more > efficient. That's just off the top of my head, and probably not a really > efficient way to do it." > > What?! How can it be *far more efficient* and then in the next line it's > *not a really efficient*" Can you see why I'm not very thrilled with your > off the cuff and seemingly inexperienced comments? I stand by what I said. There is 'far more efficient' which is (sometimes) quite different from 'optimally efficient'. The fact that I may not have experience with specifically parsing WWW log files by no means implies that I have no experience doing that sort of thing in other applications. See, standard WWW transfer logs have tons of data in them that does not relate to calculating bandwidth utilization. That extra data all has to be looked at before the bandwidth numbers can even be retrieved. Let's look at a line of a standard Apache transfer log: 128.220.221.16 - - [05/Mar/1998:18:20:32 -0500] "GET / HTTP/1.0" 200 1195 Now depending on how you count there are 6 fields on that one line of log file, and the number of bytes transfered number is the very last field. So that means that one way or another you need to look at each of the fields in the file and check if it's the right one before you can even get the appropriate data. I have to agree that parsing that logfile for bandwidth utilization is a major pain. But what if we changed the log file format to just look like this: 128.220.221.16 1195 Or perhaps an even better way would be to write over the same line in the file again and again every time, so your utilization program just has to look at the file once to see how much has been used. Granted you can't just use Apache's mod_log_config for that, but it isn't a lot more work than that. My second statement about it not being a 'really efficient way to do it' meant to say that the 30 seconds I spent thinking of how to make the parsing process more efficient was probably not sufficient to come up with the optimal solution. Perhaps I should have said 'probably not optimally efficient' instead. Sorry about that. > > By making light of some real issues that were brought up it sure seems > like your statements are hypocritical. Now like I said, I'm not the > smartest guy out here, so if I've badly misrepresented things I apologize > in advance. I didn't mean to say it was no big deal. Making the changes I proposed would certainly take some work. However, contrary to what some other people said, the problem is not insoluble. My point was that I can't stand excuses for doing 'the right thing', especially when people insist on working against an organization that is only trying to help. ARIN is not making these policy changes to make everybodys' lives more difficult. ARIN is making the changes because it has a responsibility to stretch IP space in its region of the world as far as possible. Also, as I tried to say before people on the 'net have come up with some truly brilliant ways to deal with the issues that face us when they need to. I really think it would be a far better use of our time here if we all put our heads together to try and figure out a feasible way for everybody to use name-based virutal hosts in as many applications as possible than arguing about how hard it is. Then, if we as a group find that it is truly not possible then we can state that (from experience, as opposed to just from theoretical conjecture) at the next ARIN meeting and recommend an appropriate policy change. > > Bottom line, for every one out there saying it's no big deal to do single > IP virtual hosting I would like to see a solution that does not sacrifice > reliability, accountability, quality of service, and functionality. I > hate it when people (even smart people) start voicing opinions on things > they don't understand. You may think that just because I don't run a web hosting outfit today I don't understand the issues, and you're welcome to think that. It is true that I don't know how every single web hosting outfit out there accounts for usage, but I daresay you probably don't know that either. You know how you do things, and that's all you need to know. This is the exact reason why I or you alone are not responsible for creating ARIN policies. It is done by member participation in ARIN. And the general idea is that ARIN and its members benefit from having a hand in shaping what happens to IP allocation policy. Speaking to your request for a solution to your accounting woes, I really don't think you want that from ARIN. See, if that happens then people will start screaming about how ARIN dictates the way people must do business, which gets into another rat-hole that we really don't want to go down. There are many ways to skin this cat. So I will say again, instead of arguing with me about how easy or not easy this problem is to deal with, why don't we try actually solving the issues? And if they are not solvable then we will know we have tried our best and we can report those findings at the next ARIN meeting in an effort to get the recently adopted policy changed. And FYI, demanding a solution to your specific problem without providing any suggestions of your own is not the best way to engage help from others. > > I'm also not stubborn. I'm not running things the way I do because it's > my way, but because they work, they are scalable, they are functionable, > and we have zero down time. I've tried Microsoft IIS. It doesn't work. > Well doh, of course it works, but not for a company that demands uptime > and security and a fast and simple database. I have to reboot co-located > IIS machines all the time. My BSDI/Apache/MySQL/Perl/PHP/Raven boxes have > had zero downtime in the last 3 years. That is not an invitation to hack > or DOS my network. But thanks for thinking about me. Not a bad setup. I don't really see what I said before would not apply to this setup. > > And like I said before, when appropriate we have assigned multiple sites > to a single IP. We actually do it by sending all requests into a CGI > script that grabs the HTTP_HOST env variable and creates the customized > web site on the fly with MySQL. So yes, we are trying to conserve IP > addresses, we are not greedy, whiny bastards trying to screw the Internet > up for everyone else. Nobody ever said you were, and I truly resent having words put into my mouth. Please refrain from doing so in the future. If you recall, I was addressing a specific post where a person was demanding specific solutions to every problem that this policy change would be causing. I, for one, don't respond well to demands for help. And as I also said, other people have solved these problems, and even think that the policy was a pretty good idea. In fact some of them operate some of the largest web farms in the world. So regardless of how little or much I may know about web hosting, there are people out there who know far more than both of us about it who have managed to make things work. > > Cool! Now we all know how to do name based hosting... er, wait... what > about all those HTTP/1.0 browsers!? You don't think they exist any > more? Check this out. In fairness I sampled all my virtual hosts off of > one server from a selective time period. All my logs files are in the > www.domain.com format. Here are my commands and results: > > webserver3: {17} % grep 'HTTP/1.1' www.*.com | wc -l > 400441 > webserver3: {18} % grep 'HTTP/1.0' www.*.com | wc -l > 375412 > > 48.4% of the browsers out there that accessed my customers' sites used > HTTP/1.0. For the uninitiated the 1.0 version of the HTTP protocol does > NOT support name based hosting. That's the first number I've seen on the subject that is greater that 2%, and I will confess it does concern me a great deal. Does anybody else have any numbers they'd like to share? > > Can I tell all my customers to call you when their online business drops > by almost 50%. By the way, can you use a shared IP for secure server > certificates? No, you can't, which is why there are exceptions to the policy. Granted there isn't a specific exception for SSL, which I think is one place where the group (myself included) erred in Calgary last March. > > I don't want to see any more comments that I should be doing things > smarter and better. I want to see explanations of how I can accomplish > the things that you say are so easy. Like I said I'm not stubborn... show > me the way. If you can't, then please refrain from making popular > political statements that don't affect YOUR business and your customers' > business. I never meant to trivialize the changes. I merely meant to point out to those who said they were not only non-trivial but were impossible that in fact it was not impossible. > > PS. If you are such an advocate for IP conservation why do you have a > whole block? I can't tell how many IPs you are wasting because your > provider has not swipped your block. But you have multiple web sites > running on multiple IPs! What's your excuse? > > Name: gw1.hilander.com > Address: 216.241.32.33 This is actually its own machine. > > Name: virthost.hilander.com > Address: 216.241.32.35 > > Name: ramirez.hilander.com > Address: 216.241.32.34 Hey, nobody's perfect. I'll have to look into changing that. Thanks for pointing it out. > > Pretty interesting web sites I might add. Thanks for looking around, I spent years writing it. Look, bottom line is that name-based virtual hosts have the ability to stretch our IP utilization even further (and the way IPv6 is looking means we'll really need to do this). Moreover, if you think the name-based virtual hosting policy should be changed or repealed, then by all means start participating in the process to make that happen. And finally, there may well be some websites out there that cannot be handled any way except for giving them their own IP address. I don't know this for sure, but I'd say it's a pretty good guess. Similarly, there are some dial-up users out there who insist on having a static IP address. ISPs are free to do that, _JUST AS LONG AS MOST OF THEIR LOW-END CLIENTS USE DYNAMIC IP ADDRESSES_. This can easily be extended to virtual hosting. And I agree that this should be stated specifically, but I really think ARIN's true intent was to change the default mom-and-pop hosting account from a dedicated IP address to a name-based virtual host. So perhaps the policy should be re-worded to state that for providers who sell 'cheap' web-hosting for domains that get relatively few hits per month they should use name-based virtual hosting for those clients? From what I recall from the discussion in Calgary those were the accounts the policy was targeted at... Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From ahp at hilander.com Tue Sep 12 10:55:18 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Tue, 12 Sep 2000 08:55:18 -0600 Subject: guideline for name-based web hosting justification References: <39BD94F7.DD143DBE@hilander.com> <20000912083604.E93972@Geeks.ORG> Message-ID: <39BE43D6.CE7FB798@hilander.com> Mike Horwath wrote: > > Thing is, 'tomorrows way of web hosting' really is tomorrow. > > Or don't you get it? I don't think I do, since I'm not sure what you're getting at. > > But why not put all dialups behind NAT, I mean, hell, fuck'em, they > don't need to play games on the 'net, do Netmeeting, ICQ and such, and > this would save me a couple thousand IPs and would save UUNET (and > other big boys) /14s and more of IP space. Your sarcasm notwithstanding, I think the issues of placing dialup (or any end-users for that matter) behind a NAT out-number the issues of using name-based virtual hosting for entry-level web accounts. > > Yep, it isn't new and many of us use name based virtual hosting > techniques when we can. > > Thing is, it doesn't work all the time. I agree with you 100% on that count. And I think the ARIN policy should be re-worded so that it is more flexible. See, the IP 'waste' that the membership was specifically concerned about when crafting this policy is the mom-and-pop shops that only get a few thousand hits per month and don't use SSL for their site. There are tens of thousands of those sites out there now (probably more) and there is no reason in the world why they shouldn't be on name-based virtual hosts. Then, there are some sites that are so huge that for a variety of reasons it is just unfeasible to put them on name-based virtual hosts. I think the policy should be re-crafted to objectively define that in some way. The point of my previous posts was to point out that there are ways to move the name-based/IP-based line in the sand further out so that we can get even better IP utilization. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From ahp at hilander.com Tue Sep 12 10:57:24 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Tue, 12 Sep 2000 08:57:24 -0600 Subject: guideline for name-based web hosting justification References: <39BD69B2.A7615A77@hilander.com> <20000912083205.D93972@Geeks.ORG> Message-ID: <39BE4454.EEB897A5@hilander.com> Mike Horwath wrote: > > Same here. > > Where we could get away with header parsing, we have. > > Where we can not, we must use an IP, and if we need to, we will put up > a bunch of other shit as well since 99.9% of the customers we do web > hosting for also get all of their email from us, we can just run > virtual servers for them for their mail on their 'dedicated IP'. No > biggie, the mail cluster is going in behind loadbalancers with the web > boxes, this will be easy. And I think that's a great setup. Just out of curiosity, would you mind sharing how large a website you can put on a name-based virtual host before you have to move it elsewhere? Also, for e-mail, have you tried giving users longer POP usernames? (like user at domain.com?) I know it isn't a perfect solution, but I've seen lots of places doing that and it seems to work perfectly well. I do seem to recall some older versions of Eudora over-load the @ operator as a delimiter, but I think they've fixed that... Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From ahp at hilander.com Tue Sep 12 10:55:18 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Tue, 12 Sep 2000 08:55:18 -0600 Subject: guideline for name-based web hosting justification References: <39BD94F7.DD143DBE@hilander.com> <20000912083604.E93972@Geeks.ORG> Message-ID: <39BE43D6.CE7FB798@hilander.com> Mike Horwath wrote: > > Thing is, 'tomorrows way of web hosting' really is tomorrow. > > Or don't you get it? I don't think I do, since I'm not sure what you're getting at. > > But why not put all dialups behind NAT, I mean, hell, fuck'em, they > don't need to play games on the 'net, do Netmeeting, ICQ and such, and > this would save me a couple thousand IPs and would save UUNET (and > other big boys) /14s and more of IP space. Your sarcasm notwithstanding, I think the issues of placing dialup (or any end-users for that matter) behind a NAT out-number the issues of using name-based virtual hosting for entry-level web accounts. > > Yep, it isn't new and many of us use name based virtual hosting > techniques when we can. > > Thing is, it doesn't work all the time. I agree with you 100% on that count. And I think the ARIN policy should be re-worded so that it is more flexible. See, the IP 'waste' that the membership was specifically concerned about when crafting this policy is the mom-and-pop shops that only get a few thousand hits per month and don't use SSL for their site. There are tens of thousands of those sites out there now (probably more) and there is no reason in the world why they shouldn't be on name-based virtual hosts. Then, there are some sites that are so huge that for a variety of reasons it is just unfeasible to put them on name-based virtual hosts. I think the policy should be re-crafted to objectively define that in some way. The point of my previous posts was to point out that there are ways to move the name-based/IP-based line in the sand further out so that we can get even better IP utilization. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From ahp at hilander.com Tue Sep 12 10:58:37 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Tue, 12 Sep 2000 08:58:37 -0600 Subject: guideline for name-based web hosting justification References: <39BD69B2.A7615A77@hilander.com> <20000912082008.A93972@Geeks.ORG> Message-ID: <39BE449D.429682AB@hilander.com> Mike Horwath wrote: > > Doesn't work if you are billing for bandwidth... Hrm, I can see your point there (if you're billing based on 95th percentile as opposed to number of bytes transfered over a month). Does anybody know of any network devices that will operate on a flow basis and take apart the application layer headers to see what name-based host a user is going to? Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From hostmaster at vcnet.com Tue Sep 12 11:08:38 2000 From: hostmaster at vcnet.com (Jon Rust) Date: Tue, 12 Sep 2000 08:08:38 -0700 Subject: guideline for name-based web hosting justification In-Reply-To: ; from mury@goldengate.net on Tue, Sep 12, 2000 at 01:52:36AM -0500 References: <39BD94F7.DD143DBE@hilander.com> Message-ID: <20000912080838.A32704@mail.vcnet.com> On Tue, Sep 12, 2000 at 01:52:36AM -0500, Mury wrote: > > Cool! Now we all know how to do name based hosting... er, wait... what > about all those HTTP/1.0 browsers!? You don't think they exist any > more? Check this out. In fairness I sampled all my virtual hosts off of > one server from a selective time period. All my logs files are in the > www.domain.com format. Here are my commands and results: > > webserver3: {17} % grep 'HTTP/1.1' www.*.com | wc -l > 400441 > webserver3: {18} % grep 'HTTP/1.0' www.*.com | wc -l > 375412 > > 48.4% of the browsers out there that accessed my customers' sites used > HTTP/1.0. For the uninitiated the 1.0 version of the HTTP protocol does > NOT support name based hosting. You're bending the truth here, quite a bit actually. The HTTP 1.0 proto may not support the Host: header, but browsers that are using HTTP 1.0 may very well support he Host: header. Oh, i don't know, a smallish browser called Netscape, v 2.0 or better, comes to mind. Grepping through my access log for today I see over 65,000 1.0 requests. 98% of those are to name-based virtual hosts (which is almost all i run anymore), and they all worked. jon From ahp at hilander.com Tue Sep 12 12:10:13 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Tue, 12 Sep 2000 10:10:13 -0600 Subject: guideline for name-based web hosting justification References: Message-ID: <39BE5565.2D8ECBCC@hilander.com> "John A. Tamplin" wrote: > > I suspect the rest of them would have similar results. > > We do high-volume (in terms of customers, not traffic) low-cost hosting > for small businesses under Cornerpost, where all of the pages are > generated dynamically out of a database using a custom web server. Only a > small number of customers have a domain name associated with it (the rest > get URLs like db.cornerpost.com/12567057007), and that all uses name-based > hosting. If an HTTP/1.0 request comes in without the identifier, they get > a "sorry, please upgrade your browser" message. When we started this, we > knew we were leaving out a large number of people with older browsers, but > this was the only way we could accomplish what we wanted in a scalable > fashion (people-wise as well as hardware). Fortunately, since relatively > few of these customers go to the trouble to get a domain name (although it is > increasing), it hasn't been an issue. Interesting numbers, although some other people have pointed out that some browsers that use HTTP/1.0 requests still send the Host: header as well. Is there an easy way to get numbers on that? > > For the more traditional hosting customers, we use IP-based hosting and > provide SMTP/POP/IMAP/FTP (including anonymous), and SSL if they pay for > that. It would require massive changes to our management tools, customer > setup, and business model to switch these to name-based hosting. No doubt; especially since today's methods of doing SSL require a unique IP. The policy allows for exceptions, and I hope we will be able to list some specific ones at the next meeting. If you don't mind sharing it, what percentage of your virtual hosts have these other services (SMTP/POP/IMAP/FTP/SSL)? I'm just curious (I'm curious what percentage of people want to pay for it). > In > addition, while if everyone did this it might spur those with older browsers > to upgrade (assuming they can -- some of them are using browsers on TV > set-top boxes, video game consoles, etc), if only some sites do this then > the customers will probably just go to other sites that still work. I doubt > customer paying for hosting want to lose even 10% of their customers, much > less 30-40%. Agreed, although if some of these older browsers are also sending Host: headers then it might not be as big an issue as it seems.... Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From jlewis at lewis.org Tue Sep 12 12:49:10 2000 From: jlewis at lewis.org (jlewis at lewis.org) Date: Tue, 12 Sep 2000 12:49:10 -0400 (EDT) Subject: guideline for name-based web hosting justification In-Reply-To: Message-ID: On Tue, 12 Sep 2000, Mury wrote: > Cool! Now we all know how to do name based hosting... er, wait... what > about all those HTTP/1.0 browsers!? You don't think they exist any > more? Check this out. In fairness I sampled all my virtual hosts off of > one server from a selective time period. All my logs files are in the > www.domain.com format. Here are my commands and results: > > webserver3: {17} % grep 'HTTP/1.1' www.*.com | wc -l > 400441 > webserver3: {18} % grep 'HTTP/1.0' www.*.com | wc -l > 375412 > > 48.4% of the browsers out there that accessed my customers' sites used > HTTP/1.0. For the uninitiated the 1.0 version of the HTTP protocol does > NOT support name based hosting. This is BS. My own personal domain is a name-based virtual host (not by choice, but due to necessity at the time it was setup), and 63% of the hits on it are logged at HTTP/1.0. They still get the right files. Many browsers that support name-based virtual hosting send requests as HTTP/1.0. Netscape 4.75 does. ---------------------------------------------------------------------- Jon Lewis *jlewis at lewis.org*| I route System Administrator | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________ From paschroebel at erols.com Tue Sep 12 12:25:25 2000 From: paschroebel at erols.com (PSchroebel) Date: Tue, 12 Sep 2000 12:25:25 -0400 Subject: guideline for name-based web hosting justification References: <20000911175940.A89979@Geeks.ORG> <010a01c01c50$35be4fc0$f96af0d8@cross> <20000912082554.B93972@Geeks.ORG> Message-ID: <003201c01cd6$0e9070a0$0f6c693f@fullport.com> The key to Name based web hosting is using the nameservers that reside on that host. Whereas, a host is actually a machine not a www, ftp or pop or smtp sub-server. Therein, you are only limited to the number of virtual hosts by the host (machine's) ability. Apache uses 500 as a limit however we have over 1000 on one Linux box that has 4 cpu's and gig of ram. This is addressed in BIND VERSION 8.0 and it works. The inherent name servers do the parsing and it works just fine. In fact the newer rack mount web servers come ready for v-hosting. You only need to assign an IP when the customer needs a SSL or some other IP related point to point connection. Which usually invokes co-location and is another matter all together. The IIS with NT is a IP Hog and we have had disastrous problems with v-hosting on NT Servers. We push clients to Unix, Sun and Linux that support Microsoft's extensions. We have had problems with Cold Fusion's database and apps but, we are working on it. Of course there will always be an issue that a www site should have it own IP as this is what the customers expect. This will be the real challenge to over come. And here is their reason: If the dns fails then how do they get their site? On a v-host named based-you wont get their. If they have an IP mapped they will get to their site provide that the host has not failed. Another, issue that we see is the webhost customers with alarms on their sites. So let those Nameservers blink for an update and the phone ring off of the hook. Slave to the Machines....... Sincerely, Peter Schroebel paschroebel at erols.com pschroebel at fullport.com ----- Original Message ----- From: "Mike Horwath" To: "Ron Hensley" Cc: "Mike Horwath" ; "Matt Bailey" ; Sent: Tuesday, September 12, 2000 9:25 AM Subject: Re: guideline for name-based web hosting justification On Mon, Sep 11, 2000 at 08:27:16PM -0400, Ron Hensley wrote: > Couldn't this be implemented on the WWW server however? With NT's IIS for > example, or Apache > under any platform you can of course have 1000 WWW domain sites all sharing > one IP Address > bound to the NIC Card. While some monitoring software my only look at the ip > addresses and thus cant differentiate, > the WWW server itself sorts the connections based, not on the IP Address, > but rather on the content in the packets. > More to the point, on the URL being requested. > > Based on that, each WWW site generates its own unique log files for that > site. > Thus software can be written to total the byte counts of the hits to that > WWW site. WebTrends comes > to mind though it doesn't produce billing data of course. > > Also any machine sitting on the network, like a firewall, that's gathering > statistics on bandwidth by IP Address > could just as easily inspect the data payload and generate statistics based > on that content of the given WWW site. > Yes I realize that would be processor intensive, however firewalls do that > now to look for attack signatures and the like. > > To make it short, it sounds like your asking to use 30,000 ip addresses for > 30,000 WWW sites, when you only > need one, because your software vendor has written bad billing software that > doesn't support virtual WWW hosts > sharing the same ip address. Oh my god, this has gotta be one of the worst things you could ask someone to do. Go and buy all this gear (many thousands of dollars) just so you can do the billing you have been doing that costs pennies per year to do. It would be cheaper to put each web site on its own server (or hell, put each on its own interface card) than to purchase the kinds of hardware needed to do what we already do with current hardware and software. With PC hardare going for a couple hundred bux, I could put each web site on its own server. Sure, I would run out of equipment room space someday, but that day isn't for some time. The days of running out of IP addresses is basically over. Yes, there is still a crunch, but with IPv6 around the corner (haha), this issue will be moot in the foreseeable future. This is an absolutely silly rule that penalizes ANYONE that bills for actual bandwidth used and not for number of bytes transferred. -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From mury at goldengate.net Tue Sep 12 12:44:08 2000 From: mury at goldengate.net (Mury) Date: Tue, 12 Sep 2000 11:44:08 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: <200009120834.DAA64586@freeside.fc.net> Message-ID: On Tue, 12 Sep 2000, Jeremy Porter wrote: > > I don't think Alec has called anyone whiners. Jeremy, "Whining" was not my word. Please read his response to me more carefully, and I'll quote it here, so you don't have to scroll down: >> Whining about how today's methods of accounting won't work with >> tomorrow's methods of virtual hosting is a lot like complaining about It's pretty easy to disqualify someone's techincal issues by retorting with it's just whining. > The policy has been > discussed and as presented does not change the business climate for > for existing users of addresses. For new assignments I quote: > http://www.arin.net/announcements/policy_changes.html > Exceptions may be made for ISPs that provide justification for > requiring static addresses. ARIN will determine, on a case-by-case > basis, whether an exception is appropriate. > > If you are sure that your use of one IP per Host is justfiable, then > you should have no problem getting an exception approved. > Perhaps if you are complaining maybe you don't feel that your > use has technical merit? Here we go with just calling me a complainer again. Dear sir, do you know what an awful process it is to get more space from ARIN. I beleive the point is an exception should be a policy if in general you would have to grant more exceptions than not. If the hosting world is not quite ready for name based hosting why make most people fight to get exceptions? Shouldn't it be a policy? And don't get me wrong again, I can here it coming. I am concerned about wasted IP space. I'm not advocating wasting IP space just because it's an easier thing to do than conserve it. > "Back in the day" when I ran an ISP and Web hosting business for a living, > we used single IPs for WWW (http 1.1 didn't exist), assigned static > IPs to all customers, etc. When new technologies came about > and policies changed, we followed. We ended up renumber those static > customers and some significiant business cost, because it was the > right thing to do. It wasn't easy, the customers didn't like it, > it made accounting and access control harder. Of course, name one ISP that hasn't done that. I haven't run into any. > With that said, theses issues were discussed at the ARIN policy meeting, > and there weren't huge objections, so the conclusion was reached that > there were significant objectors. Luckily there is a meeting in > just a few weeks, where you are invited to discusse it more, and > perhaps better wording can be determined that would allow existing > operations to switch to more efficient technologies in a reasonable > time frame, while still encouraging better utilization of > IP addressing. Where is the meeting? Who shows up? Isn't emailing the group just as an acceptable way of communicating, or do I need to show up and be called a whiner in person? > I'm sure if several vocal www hosting business pushed for changed wording > that still encouraged better utilization, that it would be considered. > >From my recollection of the last ARIN meeting there was a significant > lack of input from WWW hosting companies, as there were only a handful > present. > > "Whining" (your words) Not my words. And I'm sick of being called a whiner. > about it on the mailing list might not be > enough. Also I'd think you find Alec would be more than willing > to help address any technical issues you might find, but telling him > "math is hard" isn't likely to win you much, and personal attacks, will > likely just be ignored, as he's been doing this long enough to not take > the "bait". Good lord, here's some more freakin bait. It's like you didn't even read my message. Mury GoldenGate Internet Services From mury at goldengate.net Tue Sep 12 13:02:56 2000 From: mury at goldengate.net (Mury) Date: Tue, 12 Sep 2000 12:02:56 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: <20000912080838.A32704@mail.vcnet.com> Message-ID: > You're bending the truth here, quite a bit actually. The HTTP 1.0 proto > may not support the Host: header, but browsers that are using HTTP 1.0 > may very well support he Host: header. Oh, i don't know, a smallish > browser called Netscape, v 2.0 or better, comes to mind. Grepping > through my access log for today I see over 65,000 1.0 requests. 98% of > those are to name-based virtual hosts (which is almost all i run > anymore), and they all worked. > > jon Good to know. Finally someone takes the time to correct me and not just call me a whiner. So, does anyone know a reliable source that keeps track of stats on browsers? If it isn't 50% that won't get to the web site, is it 10%? 5%? .0001%? Thanks. Mury GoldenGate Internet Services From ahp at hilander.com Tue Sep 12 13:48:42 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Tue, 12 Sep 2000 11:48:42 -0600 Subject: guideline for name-based web hosting justification References: Message-ID: <39BE6C7A.9C38B5D0@hilander.com> Brandon Knicely wrote: > > Take a look at Alteon(aton). Their newest code was supposed to scale much > better than some of the other implementations that are implemented in > software counters such as Xedia/Lucent. Their space is as an ethernet > server front end along with features such as http transparent redirection, > etc. Very interesting, I'll have to check that out. I hope more vendors start doing that sort of thing... Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From mury at goldengate.net Tue Sep 12 14:01:47 2000 From: mury at goldengate.net (Mury) Date: Tue, 12 Sep 2000 13:01:47 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: <39BE429D.BF3CF8B4@hilander.com> Message-ID: > I hardly see what a single presentation I did with Avi several years ago has > to do with the issue at hand. As it happens, I can count on one hand the > number of conversations I've had with Avi this year. Ummm, it's what you are using one of our IPs for to promote. It's on one of your multiple web servers. If it's not important to you any more, perhaps you should do some cleaning up and return some IPs. > The fact that I may not have experience with specifically parsing WWW log > files by no means implies that I have no experience doing that sort of thing > in other applications. See, standard WWW transfer logs have tons of data in > them that does not relate to calculating bandwidth utilization. That extra > data all has to be looked at before the bandwidth numbers can even be > retrieved. Let's look at a line of a standard Apache transfer log: > > 128.220.221.16 - - [05/Mar/1998:18:20:32 -0500] "GET / HTTP/1.0" 200 1195 > > Now depending on how you count there are 6 fields on that one line of log > file, and the number of bytes transfered number is the very last field. So > that means that one way or another you need to look at each of the fields in > the file and check if it's the right one before you can even get the > appropriate data. I have to agree that parsing that logfile for bandwidth > utilization is a major pain. > > But what if we changed the log file format to just look like this: > > 128.220.221.16 1195 > > Or perhaps an even better way would be to write over the same line in the > file again and again every time, so your utilization program just has to > look at the file once to see how much has been used. Granted you can't just > use Apache's mod_log_config for that, but it isn't a lot more work than > that. You know I agree with you on most of what you are getting at, but I need to keep most of that log file anyway. Customers sometimes need to see where there traffic is coming from and what pages they are hitting, so if I need to log all that information it should go to the same file, so I don't double the amount of writes I need for each request. These days we spend almost the same amount of time explaining people's web statistics as we do configuring their modems. That information is important to them. > My second statement about it not being a 'really efficient way to do it' > meant to say that the 30 seconds I spent thinking of how to make the parsing > process more efficient was probably not sufficient to come up with the > optimal solution. Perhaps I should have said 'probably not optimally > efficient' instead. Sorry about that. Fair enough. I pulled out all the stops since you insinuated I was just whining. > I didn't mean to say it was no big deal. Making the changes I proposed > would certainly take some work. However, contrary to what some other people > said, the problem is not insoluble. > > My point was that I can't stand excuses for doing 'the right thing', > especially when people insist on working against an organization that is > only trying to help. ARIN is not making these policy changes to make > everybodys' lives more difficult. ARIN is making the changes because it has > a responsibility to stretch IP space in its region of the world as far as > possible. Hey, we try to do the right thing. I think this is where part of the problem lies. There seems to be this impression that ISPs are guilty before proven innocent, and not just during the long process of trying to get new IP space. We are not greedy, whiny, little pricks. Instead of putting the clamps on the ISPs why not focus on: 1) Reclaiming unused IP space to hold us out a little longer 2) Push a plan to get better client server technology out there, and once it is out there get people using it. As an rotten example, but feeling one is needed, what if the top 10 most popular sites had a message pop up that informed people if they were using an old browser and encouraged them to upgrade. I'm not bitching just to bitch. I'm looking out for my ecommerce customers. 90% of my revenue comes from businesses. If I don't watch out for their bottom line, they sure the hell aren't going to look out for mine. If I switch them to a name-based system, before the world is ready for it and they lose hits do to software incompatibilites, or don't notice that their traffic died, or they can't see how effective a commercial was by using real-time accounting stats, or one of my customers gets DOSed and I can't control the traffic at my core routers or at my upstream so I have to take everyone down because they all share an IP, they are going to host with someone who cheats the system and gets them an IP. > Also, as I tried to say before people on the 'net have come up with some > truly brilliant ways to deal with the issues that face us when they need > to. I really think it would be a far better use of our time here if we all > put our heads together to try and figure out a feasible way for everybody to > use name-based virutal hosts in as many applications as possible than > arguing about how hard it is. Then, if we as a group find that it is truly > not possible then we can state that (from experience, as opposed to just > from theoretical conjecture) at the next ARIN meeting and recommend an > appropriate policy change. Wonderful. I am with you 100% here. Like I said many times in my other post, I'm sure you and most of the others here are a lot smarter than I am. And I'm very willing to make changes that work, but no one seems to be pointing me in the right direction, so all I can do is point out the obvious nature of how things work as I understand them. > You may think that just because I don't run a web hosting outfit today I > don't understand the issues, and you're welcome to think that. It is true > that I don't know how every single web hosting outfit out there accounts for > usage, but I daresay you probably don't know that either. You know how you > do things, and that's all you need to know. This is the exact reason why I > or you alone are not responsible for creating ARIN policies. It is done by > member participation in ARIN. And the general idea is that ARIN and its > members benefit from having a hand in shaping what happens to IP allocation > policy. Obviously. And all I can do is let the group (ARIN) know that I for one have a problem with it. And from judging by the number of responses sent only to me last night, I'm not the only one. I'm not sure why most of these people have not responded to the group. Maybe they don't want to be labeled as a trouble maker and have even a tougher time getting IPs from ARIN next time. > Speaking to your request for a solution to your accounting woes, I really > don't think you want that from ARIN. See, if that happens then people will > start screaming about how ARIN dictates the way people must do business, > which gets into another rat-hole that we really don't want to go down. > There are many ways to skin this cat. > > So I will say again, instead of arguing with me about how easy or not easy > this problem is to deal with, why don't we try actually solving the issues? > And if they are not solvable then we will know we have tried our best and we > can report those findings at the next ARIN meeting in an effort to get the > recently adopted policy changed. > > And FYI, demanding a solution to your specific problem without providing any > suggestions of your own is not the best way to engage help from others. Maybe the some of the hosting world just isn't ready for this new policy. It's not like I've sat on my ass for the last 6 years without changing how I've done business. I wouldn't be around if I didn't evolve as you put it. I've watched just about everyone that has not sold their business, go out of business, and there are plenty of reasons for that, but primary it was due to a lack of adopting new technologies. The point being I have tested and adopted my own suggestions already. My suggestion to the core problem, is to reclaim unused IP space, push for IPv6, and make appropriate IP saving changes when it does not significantly hinder the ability to do business on the Internet. > Not a bad setup. I don't really see what I said before would not apply to > this setup. If eliminate multiple IPs I'm unsure how to: 1) Address the HTTP/1.0 issues in an acceptable clean fashion 2) Do real time web accounting. Remember we buy bandwidth by the Mbit, so we need to sell it by the Mbit 3) Provide controls against DOS attacks. No we don't host porn sites 4) Provide secure server certificates 5) Provide database support from server to server. I'm not a programmer any more so I don't know how big an issue it is, but my programmer told me it would be a mess Those are some of the issues that I don't know how to handle with single IP hosting. > > And like I said before, when appropriate we have assigned multiple sites > > to a single IP. We actually do it by sending all requests into a CGI > > script that grabs the HTTP_HOST env variable and creates the customized > > web site on the fly with MySQL. So yes, we are trying to conserve IP > > addresses, we are not greedy, whiny bastards trying to screw the Internet > > up for everyone else. > > Nobody ever said you were, and I truly resent having words put into my > mouth. Please refrain from doing so in the future. Miscommunication. I didn't mean to imply that you called me a greedy, whiny bastard. I was trying to emphasize the point that ISPs, at least mine, are trying to conserve IP space. ARIN's policy implies that ISPs are not doing enough to conserve the space. And like I said before there seems to be this mis-conception that ISPs are fighting change and IP conservation. Hell, our business depends on more people getting access. We of all people should be, and I beleive most are, promoting IP conservation. > If you recall, I was addressing a specific post where a person was demanding > specific solutions to every problem that this policy change would be > causing. I, for one, don't respond well to demands for help. Look. My point is I live this business. I realize I'm not the smartest guy out here, but I've been doing this a long time in Internet years. ARIN has come up with a policy that I think is premature. With the needs and tools I have, and I have do have a few, it's a bad policy. But if someone can show me how I'm mistaken, I will gladly listen and change my technologies. Actually I think the policy would make a wonderful "Guideline". It shouldn't affect IP allocation, but it should be encouraged at this time. > > Cool! Now we all know how to do name based hosting... er, wait... what > > about all those HTTP/1.0 browsers!? You don't think they exist any > > more? Check this out. In fairness I sampled all my virtual hosts off of > > one server from a selective time period. All my logs files are in the > > www.domain.com format. Here are my commands and results: > > > > webserver3: {17} % grep 'HTTP/1.1' www.*.com | wc -l > > 400441 > > webserver3: {18} % grep 'HTTP/1.0' www.*.com | wc -l > > 375412 > > > > 48.4% of the browsers out there that accessed my customers' sites used > > HTTP/1.0. For the uninitiated the 1.0 version of the HTTP protocol does > > NOT support name based hosting. > > That's the first number I've seen on the subject that is greater that 2%, > and I will confess it does concern me a great deal. > > Does anybody else have any numbers they'd like to share? As someone pointed out. Apparently HTTP/1.0 can support name based hosting. I was unaware of this. And if that truely is the case, I would like to see some numbers. I would have guessed ARIN would know this before instituting a policy. Perhaps they would like to share. > > Can I tell all my customers to call you when their online business drops > > by almost 50%. By the way, can you use a shared IP for secure server > > certificates? > > No, you can't, which is why there are exceptions to the policy. Granted > there isn't a specific exception for SSL, which I think is one place where > the group (myself included) erred in Calgary last March. That's an easy one. > Look, bottom line is that name-based virtual hosts have the ability to > stretch our IP utilization even further (and the way IPv6 is looking means > we'll really need to do this). Moreover, if you think the name-based > virtual hosting policy should be changed or repealed, then by all means > start participating in the process to make that happen. That's what I'm trying to do! Or is this not the right place to participate? > And finally, there may well be some websites out there that cannot be > handled any way except for giving them their own IP address. I don't know > this for sure, but I'd say it's a pretty good guess. > > Similarly, there are some dial-up users out there who insist on having a > static IP address. ISPs are free to do that, _JUST AS LONG AS MOST OF THEIR > LOW-END CLIENTS USE DYNAMIC IP ADDRESSES_. This can easily be extended to > virtual hosting. And I agree that this should be stated specifically, but I > really think ARIN's true intent was to change the default mom-and-pop > hosting account from a dedicated IP address to a name-based virtual host. > > So perhaps the policy should be re-worded to state that for providers who > sell 'cheap' web-hosting for domains that get relatively few hits per month > they should use name-based virtual hosting for those clients? From what I > recall from the discussion in Calgary those were the accounts the policy was > targeted at... Ah! Now we are getting somewhere. Where to draw the line though? That extra 5% business for a company whether they are doing $10,000 or a million or more is still pretty important, especially now with everyone's margins so low while the fight for market share appears to be paramount. Almost all my account are $50/month. Is this considered cheap? Do you have to be a IBM selling $2500 accounts to gain the exception? Or, are the $19.95 joints where the cutoff would be drawn? Just curious. Alec, I understand your and ARIN's points. However if a "policy" is going to be created and enforced I think we some of these issues need to be better addressed and defined so legit ISPs don't have to wait over a month to get new IP space and go through a process of defending web hosting IP space. As I read the policy I'm out of compliance, and I have issues with that. Mury GoldenGate Internet Services From jerry at fc.net Tue Sep 12 14:47:45 2000 From: jerry at fc.net (Jeremy Porter) Date: Tue, 12 Sep 2000 13:47:45 -0500 Subject: guideline for name-based web hosting justification In-Reply-To: Your message of "Tue, 12 Sep 2000 11:44:08 CDT." Message-ID: <200009121847.NAA39476@freeside.fc.net> In message , Mury writes: > >On Tue, 12 Sep 2000, Jeremy Porter wrote: >> I don't think Alec has called anyone whiners. > >Jeremy, > >"Whining" was not my word. Please read his response to me more >carefully, and I'll quote it here, so you don't have to scroll down: You can believe what you want, but I'm going to drop this. >> The policy has been >> discussed and as presented does not change the business climate for >> for existing users of addresses. For new assignments I quote: >> http://www.arin.net/announcements/policy_changes.html >> Exceptions may be made for ISPs that provide justification for >> requiring static addresses. ARIN will determine, on a case-by-case >> basis, whether an exception is appropriate. >> >> If you are sure that your use of one IP per Host is justifiable, then >> you should have no problem getting an exception approved. >> Perhaps if you are complaining maybe you don't feel that your >> use has technical merit? > >Here we go with just calling me a complainer again. Dear sir, do you know >what an awful process it is to get more space from ARIN. I beleive the >point is an exception should be a policy if in general you would have to >grant more exceptions than not. If the hosting world is not quite ready >for name based hosting why make most people fight to get exceptions? >Shouldn't it be a policy? Ok, let me try again, If you are sure that your use of one IP per Host is justifiable, then you should have no problem getting an exception approved. If you do not feel that your use has technical merit, then your complaint with the policy, is that it is "inconvenient". If in fact "most" hosting services need exceptions, then a policy change would probably be in order. Nothing in the existing policy indicates that it will be difficult to get exceptions. This is your suggestion that it will be hard, without even testing the waters. Neither Alec nor I have said that policy change should be considered, and I am specificly asking you for suggestions. >And don't get me wrong again, I can here it coming. I am concerned about >wasted IP space. I'm not advocating wasting IP space just because it's an >easier thing to do than conserve it. Ok lets come up with some suggested wording. >> With that said, theses issues were discussed at the ARIN policy meeting, >> and there weren't huge objections, so the conclusion was reached that >> there were significant objectors. Luckily there is a meeting in >> just a few weeks, where you are invited to discuss it more, and >> perhaps better wording can be determined that would allow existing >> operations to switch to more efficient technologies in a reasonable >> time frame, while still encouraging better utilization of >> IP addressing. > >Where is the meeting? Who shows up? Isn't emailing the group just as >an acceptable way of communicating, or do I need to show up and be called >a whiner in person? The ARIN meetings are listed on the WWW site, in fairly large letters even. Emailing is fine, but if this is important to you, you will probably find that if you show up in person, it is quicker and easier to explain your point of view, and it is much less of a problem to reach consensus on issues. Posting to the list back in march would have been better, as your input would have been heard before the agenda items was reached. Now I don't even remember exactly when all the lists got setup and finalized, so if you didn't have the information that it was going to be discussed at the meeting, well obviously we can't fix that now. However since there is a meeting coming up and obviously interest, I'm sure that this will be covered. Policy making requires some level of meetings, as at least, for IP addressing, mailing list discussions are not sufficient. >> I'm sure if several vocal www hosting business pushed for changed wording >> that still encouraged better utilization, that it would be considered. >> >From my recollection of the last ARIN meeting there was a significant >> lack of input from WWW hosting companies, as there were only a handful >> present. >> >> "Whining" (your words) > >Not my words. And I'm sick of being called a whiner. ... Here you ignore my point, you have the chance to help fix what you perceive as a problem. Wouldn't it make sense to do so. The ARIN AC is listening to your suggestions. >Mury >GoldenGate Internet Services > --- jerry at fc.net 512-519-6193 www.wayport.net 8303 Mopac Expressway Suite A300, Austin Tx. From ahp at hilander.com Tue Sep 12 15:07:19 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Tue, 12 Sep 2000 13:07:19 -0600 Subject: guideline for name-based web hosting justification References: Message-ID: <39BE7EE7.F067161@hilander.com> Mury wrote: > > Ummm, it's what you are using one of our IPs for to promote. It's on one > of your multiple web servers. If it's not important to you any more, > perhaps you should do some cleaning up and return some IPs. Probably, although those machines are actually Johns Hopkins property, so I should probably get in touch with the folks back at the CNDS lab. > > You know I agree with you on most of what you are getting at, but I need > to keep most of that log file anyway. Customers sometimes need to see > where there traffic is coming from and what pages they are hitting, so if > I need to log all that information it should go to the same file, so I > don't double the amount of writes I need for each request. It's a matter of which one takes more time, writing two logs, or writing one big one and having to parse it for utilization data. I honestly don't know which is better... > > Hey, we try to do the right thing. I think this is where part of the > problem lies. There seems to be this impression that ISPs are guilty > before proven innocent, and not just during the long process of trying to > get new IP space. We are not greedy, whiny, little pricks. No, you aren't. And ARIN is not made up of a bunch of vindictive narrow-minded pencil pushers who are trying to concerve IP addresses like they're the last few molecules of oxygen in a sealed chamber. We're all working towards the same end; making the 'net function as well as possible. Having multiple sides to the discussion only helps the situation. > > Instead of putting the clamps on the ISPs why not focus on: > > 1) Reclaiming unused IP space to hold us out a little longer That's already being done, but there's a big problem. ARIN doesn't have authority over the major offenders (legacy /8s and /16s). The AC has had long, involved discussions about how is best to do this, and we're working on it. For example, our first goal is to re-claim address space of companies that have gone out of business. If you have some ideas on how we can do this we'd _love_ to hear them. > 2) Push a plan to get better client server technology out there, and once > it is out there get people using it. As an rotten example, but feeling > one is needed, what if the top 10 most popular sites had a message pop up > that informed people if they were using an old browser and encouraged them > to upgrade. Yuck! I mean, it's an idea, but I see where you're going... The idea is to get our members to try and help with this task as well... > > I'm not bitching just to bitch. I'm looking out for my ecommerce > customers. 90% of my revenue comes from businesses. If I don't watch out > for their bottom line, they sure the hell aren't going to look out for > mine. If I switch them to a name-based system, before the world is ready > for it and they lose hits do to software incompatibilites, or don't notice > that their traffic died, or they can't see how effective a commercial was > by using real-time accounting stats, or one of my customers gets DOSed and > I can't control the traffic at my core routers or at my upstream so I have > to take everyone down because they all share an IP, they are going to host > with someone who cheats the system and gets them an IP. Those are legitimate gripes. Can we come up with reasonable solutions to them? > > Obviously. And all I can do is let the group (ARIN) know that I for one > have a problem with it. And from judging by the number of responses sent > only to me last night, I'm not the only one. I'm not sure why most of > these people have not responded to the group. Maybe they don't want to be > labeled as a trouble maker and have even a tougher time getting IPs from > ARIN next time. No, you aren't the only one, but at the same time, there were a huge number of people at the last ARIN meeting who were in support of this policy, however most of them have been silent through most of this (perhaps because they feel they already made their feelings known at the last meeting). And as far as being labled a trouble-maker, I know plenty of people who have been far more vocal about ARIN policy than you and have had no problem getting address space. Please don't spread the mis-conception that ARIN is anything other than an objective organization. It isn't true and it makes everyone's life much more difficult in getting support for the organization. > > Maybe the some of the hosting world just isn't ready for this new policy. This may be true, but the longer we wait the more address space that's going to get used up, and the less we'll have to play with in the future... > > If eliminate multiple IPs I'm unsure how to: > > 1) Address the HTTP/1.0 issues in an acceptable clean fashion See other discussions; the issue of legacy browsers IMO is a red herring. It exists, but it's really small. > 2) Do real time web accounting. Remember we buy bandwidth by the Mbit, so > we need to sell it by the Mbit Doing bandwidth (as opposed to bytes transfered per period of time) billing is tough, although it sounds like more and more vendors are starting to sell equipment that handles this. > 3) Provide controls against DOS attacks. No we don't host porn sites But those are the money-makers! :-) Seriously, I understand the DOS issue all too well, and it does need to be addressed. Not sure how to at this point, except to say that this policy is really targeted towards the bottom-of-the-line web hosting accounts. If you have a customer who has a lot of traffic, pays you a lot of money and can't afford to be off the air then it makes perfect sense to have him on a dedicated IP (I think at least). > 4) Provide secure server certificates That qualifies as an exception. > 5) Provide database support from server to server. I'm not a programmer > any more so I don't know how big an issue it is, but my programmer told me > it would be a mess Not sure exactly what you're trying to do with server to server DB support (more to the point why it would be a problem). > > Miscommunication. I didn't mean to imply that you called me a greedy, > whiny bastard. I was trying to emphasize the point that ISPs, at least > mine, are trying to conserve IP space. ARIN's policy implies that ISPs > are not doing enough to conserve the space. And like I said before there > seems to be this mis-conception that ISPs are fighting change and IP > conservation. Hell, our business depends on more people getting > access. We of all people should be, and I beleive most are, promoting IP > conservation. Just because I don't water my lawn doesn't give me a right to suck up all of the water from the local well with some other application (like starting a car wash, for example). Perhaps that's a bad analogy, but my point is that ARIN recognizes ISPs have made great strides in conserving IP space. However, as more and more companies and users hook up to the 'net every month, we need to do as much as we can. > > Actually I think the policy would make a wonderful "Guideline". It > shouldn't affect IP allocation, but it should be encouraged at this time. That's actually been proposed on another list, although I'm really not sure if that would affect what people do. Anybody else have thoughts? > > As someone pointed out. Apparently HTTP/1.0 can support name based > hosting. I was unaware of this. > > And if that truely is the case, I would like to see some numbers. I would > have guessed ARIN would know this before instituting a policy. Perhaps > they would like to share. The numbers we got came from our members. I believe Gene had some extensive data. > > That's what I'm trying to do! Or is this not the right place to > participate? Well that's the tough part. Most of the member opinion polls take place at the in-person meetings. We do need to try and find a better way to get the pulse of the membership, I think. However, it needs to be stated that officially the Board is the only group that institutes new policy. To this date they have only done that with policies that the membership or AC have recommended. > > Ah! Now we are getting somewhere. Where to draw the line though? That > extra 5% business for a company whether they are doing $10,000 or a > million or more is still pretty important, especially now with everyone's > margins so low while the fight for market share appears to be paramount. True enough. > > Almost all my account are $50/month. Is this considered cheap? Do you > have to be a IBM selling $2500 accounts to gain the exception? Or, are > the $19.95 joints where the cutoff would be drawn? Just curious. That's a very good question, I'm not sure what the answer is. > > Alec, I understand your and ARIN's points. However if a "policy" is going > to be created and enforced I think we some of these issues need to be > better addressed and defined so legit ISPs don't have to wait over a > month to get new IP space and go through a process of defending web > hosting IP space. Which is why we really need more participation. Fortunately this policy change has brought more of it forward, but as I said above we need a better way to tally opinions in a fair manner... Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From HostMaster at advancedaccess.com Tue Sep 12 15:03:35 2000 From: HostMaster at advancedaccess.com (Host Master) Date: Tue, 12 Sep 2000 12:03:35 -0700 Subject: No subject Message-ID: The exception is not true, we recently requested more IP space for web hosting and were denied because of the new policy. We had to valid reasons. 1. Search Engines blacklist by IP and account for submissions by IP, one of our biggest selling points is that we get great positioning in search engines. 2. Most of our clients have HTTP 1.0 browsers, and are unable to upgrade because of company policies for the offices they work with. 3. A large percentage of our clients use SSL, we work in the real estate / mortgage field and the customers are VERY paranoid. For all intents and purposes we have been cut off from around 40% of our client base. We have produced documentation to ARIN for both of these reasons and they still denied it citing "ARIN official policy is to deny IP base web hosting, no exceptions". We are being forced to request more address space from our upstream provider so that we can cover the sites that would like to be SSL. This is not acceptable. This forced change has cost us a large (in our terms, we are not the largest company) amount of business, and forced us to loose business to competitors that just host using space from upstream providers. The reason we went to ARIN issued space was for portability across our providers, in the long run it may hurt us more than the benefit it will give us. --- Scott Johnson Director Of Software Engineering Advanced Access (714) 685-5124 sjohnson at advancedaccess.com -----Original Message----- From: Jeremy Porter [mailto:jerry at fc.net] Sent: Tuesday, September 12, 2000 1:35 AM To: Mury Cc: Alec H. Peterson; Matt Bailey; arin-discuss at arin.net; ppml at arin.net Subject: Re: guideline for name-based web hosting justification I don't think Alec has called anyone whiners. The policy has been discussed and as presented does not change the business climate for for existing users of addresses. For new assignments I quote: http://www.arin.net/announcements/policy_changes.html Exceptions may be made for ISPs that provide justification for requiring static addresses. ARIN will determine, on a case-by-case basis, whether an exception is appropriate. If you are sure that your use of one IP per Host is justfiable, then you should have no problem getting an exception approved. Perhaps if you are complaining maybe you don't feel that your use has technical merit? "Back in the day" when I ran an ISP and Web hosting business for a living, we used single IPs for WWW (http 1.1 didn't exist), assigned static IPs to all customers, etc. When new technologies came about and policies changed, we followed. We ended up renumber those static customers and some significiant business cost, because it was the right thing to do. It wasn't easy, the customers didn't like it, it made accounting and access control harder. With that said, theses issues were discussed at the ARIN policy meeting, and there weren't huge objections, so the conclusion was reached that there were significant objectors. Luckily there is a meeting in just a few weeks, where you are invited to discusse it more, and perhaps better wording can be determined that would allow existing operations to switch to more efficient technologies in a reasonable time frame, while still encouraging better utilization of IP addressing. I'm sure if several vocal www hosting business pushed for changed wording that still encouraged better utilization, that it would be considered. >From my recollection of the last ARIN meeting there was a significant lack of input from WWW hosting companies, as there were only a handful present. "Whining" (your words) about it on the mailing list might not be enough. Also I'd think you find Alec would be more than willing to help address any technical issues you might find, but telling him "math is hard" isn't likely to win you much, and personal attacks, will likely just be ignored, as he's been doing this long enough to not take the "bait". In message , Mury writes: > >Dear Alec, > >Since you basically called those of us pointing out some real issues >"whiners," I took the liberty of finding out a little bit more about >you. It looks like you are probably a fairly bright person, probably a >lot smarter than me. From looking at your web site though and reading >your comments below I question how much you really understand what you are >talking about when you trivialize some of the issues that have been >brought up. > >I also find it interesting that in your presentation to the 11th NANOG >meeting that you did with Avi Freedman (Isn't he working for Digital >Island now? Or one of the other distributed content providers) you are >supporting a technology that not only assigns an IP address to a web site >but assigns multiple IP addresses to a single site. Perhaps I didn't >decipher your presentation correctly, but it sure seems like you are >supporting performance/service level issues above and beyond IP >conservation. Ah, I hear it coming, that each distributed node can handle >multiple distributed sites off of a single IP. Very true. Do you know >what the ratio of managed sites to in-service systems is? How many >locations is Akamai in? I really don't know what the IP "waste" ratio is. >But the point is you are supporting performance at the expense of IP >addresses however large or small that may be. > >In addition, you even argue against yourself. You say, "For example, >don't do all of the parsing at once at the end of the day; modify the >server to keep a running tally of a customer's usage and have it write >that alone to a file on the disk every time it changes. Far more >efficient. That's just off the top of my head, and probably not a really >efficient way to do it." > >What?! How can it be *far more efficient* and then in the next line it's >*not a really efficient*" Can you see why I'm not very thrilled with your >off the cuff and seemingly inexperienced comments? > >By making light of some real issues that were brought up it sure seems >like your statements are hypocritical. Now like I said, I'm not the >smartest guy out here, so if I've badly misrepresented things I apologize >in advance. > >Bottom line, for every one out there saying it's no big deal to do single >IP virtual hosting I would like to see a solution that does not sacrifice >reliability, accountability, quality of service, and functionality. I >hate it when people (even smart people) start voicing opinions on things >they don't understand. > >I'm also not stubborn. I'm not running things the way I do because it's >my way, but because they work, they are scalable, they are functionable, >and we have zero down time. I've tried Microsoft IIS. It doesn't work. >Well doh, of course it works, but not for a company that demands uptime >and security and a fast and simple database. I have to reboot co-located >IIS machines all the time. My BSDI/Apache/MySQL/Perl/PHP/Raven boxes have >had zero downtime in the last 3 years. That is not an invitation to hack >or DOS my network. But thanks for thinking about me. > >And like I said before, when appropriate we have assigned multiple sites >to a single IP. We actually do it by sending all requests into a CGI >script that grabs the HTTP_HOST env variable and creates the customized >web site on the fly with MySQL. So yes, we are trying to conserve IP >addresses, we are not greedy, whiny bastards trying to screw the Internet >up for everyone else. > >For those of you running Apache that want to know how to do it the right >way, go to: http://www.apache.org/docs/vhosts/name-based.html > >Cool! Now we all know how to do name based hosting... er, wait... what >about all those HTTP/1.0 browsers!? You don't think they exist any >more? Check this out. In fairness I sampled all my virtual hosts off of >one server from a selective time period. All my logs files are in the >www.domain.com format. Here are my commands and results: > >webserver3: {17} % grep 'HTTP/1.1' www.*.com | wc -l > 400441 >webserver3: {18} % grep 'HTTP/1.0' www.*.com | wc -l > 375412 > >48.4% of the browsers out there that accessed my customers' sites used >HTTP/1.0. For the uninitiated the 1.0 version of the HTTP protocol does >NOT support name based hosting. > >Can I tell all my customers to call you when their online business drops >by almost 50%. By the way, can you use a shared IP for secure server >certificates? > >Some more thoughts... > >Look at some of the new comers to the tech scene, Keynote, Akamai, >Speedera, Digital Island, etc. These company's success show how important >it is to the world to have fast, reliable, and secure web sites. Quality >of Service (in its broad definition) is paramount. And if you don't >believe that you can make a fortune by shorting the stock in those >companies. > >I don't want to see any more comments that I should be doing things >smarter and better. I want to see explanations of how I can accomplish >the things that you say are so easy. Like I said I'm not stubborn... show >me the way. If you can't, then please refrain from making popular >political statements that don't affect YOUR business and your customers' >business. > >There's my not so bright, whiny, long-winded $10 worth. > >Mury >GoldenGate Internet Services > >PS. If you are such an advocate for IP conservation why do you have a >whole block? I can't tell how many IPs you are wasting because your >provider has not swipped your block. But you have multiple web sites >running on multiple IPs! What's your excuse? > >Name: gw1.hilander.com >Address: 216.241.32.33 > >Name: virthost.hilander.com >Address: 216.241.32.35 > >Name: ramirez.hilander.com >Address: 216.241.32.34 > >Pretty interesting web sites I might add. > >If you are going to call someone a whiner you better have your own act >together. The hypocrisy is killing me. > >Like I said, I'm sure you are smarter than me, but stick to what you know. > > >On Mon, 11 Sep 2000, Alec H. Peterson wrote: > >> Mury wrote: >> > >> > Yikes! >> > >> > Have you ever tried to parse up to 1000 log files per system, with some of >> > them around 500MB in size. It's not nearly as easy as it sounds. >> >> It is if you change how you write and parse your logs. >> >> > >> > For some people it's feasable, but for most of us we *need* IP based >> > accounting. >> > >> > By the way, we are setup to do a large number of URL's pointed at a single >> > IP for some hosting applications, but for the majority of our sites, it is >> > not an option. >> >> Can't say that I have tried it. However at the same time I can think of >> quite a few ways to make the task far easier and faster. For example, don't >> do all of the parsing at once at the end of the day; modify the server to > keep a running tally of a customer's usage and have it write that alone to a >> file on the disk every time it changes. Far more efficient. >> >> That's just off the top of my head, and probably not a really efficient way >> to do it. My point is that the Internet is made up of a lot of smart people >> who are more than capable of solving these issues if they feel like it. >> Whining about how today's methods of accounting won't work with tomorrow's >> methods of virtual hosting is a lot like complaining about how yesterday's >> chalk writes really poorly on today's white boards. If you don't want to be >> left behind you have to keep on evolving. >> >> After all, where would we be today if dial-up providers decided that it was >> too much work to use dynamically allocated IP addresses and kept on giving >> each user their own IP address? >> >> However, name-based virtual hosts aren't exactly a new thing. Many large >> web hosters have been using name-based virtual hosts for a while now, so >> would any of those companies mind sharing a little wisdom on how this can be >> done? >> >> Thanks, >> >> Alec >> >> -- >> Alec H. Peterson - ahp at hilander.com >> Staff Scientist >> CenterGate Research Group - http://www.centergate.com >> "Technology so advanced, even _we_ don't understand it!" >> > > --- jerry at fc.net 512-519-6193 www.wayport.net 8303 Mopac Expressway Suite A300, Austin Tx. -------------- next part -------------- An HTML attachment was scrubbed... URL: From paschroebel at erols.com Tue Sep 12 14:54:19 2000 From: paschroebel at erols.com (PSchroebel) Date: Tue, 12 Sep 2000 14:54:19 -0400 Subject: guideline for name-based web hosting justification References: Message-ID: <001901c01cea$db5cf040$0f6c693f@fullport.com> Tracking browsers.... Yes we did and we were amazed with the results. In fact we still dont believe them.... Where is Netscape?...this is a sampling too!! Mozilla/4.0 (compatible; MSIE 5.0; AOL 5.0; Windows 98; DigExt) 16605 (26.2%) 176388k (34.0%) Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 4.0) 4288 (6.8%) 8060k (1.6%) Mozilla/4.0 (compatible; MSIE 5.0; AOL 5.0; Windows 95; DigExt) 3675 (5.8%) 38714k (7.5%) Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; DigExt) 3477 (5.5%) 11312k (2.2%) Mozilla/4.0 (compatible; MSIE 5.0; Windows 98; DigExt) 2500 (3.9%) 13682k (2.6%) Mozilla/4.0 (compatible; MSIE 5.01; AOL 5.0; Windows 98) 2051 (3.2%) 21238k (4.1%) Mozilla/4.0 (compatible; MSIE 5.0; AOL 4.0; Windows 98; DigExt) 1906 (3.0%) 19527k (3.8%) Mozilla/4.0 (compatible; MSIE 5.0; MSN 2.5; AOL 5.0; Windows 98; DigExt) 1282 (2.0%) 13459k (2.6%) Mozilla/4.0 (compatible; MSIE 4.01; Windows 95) 1146 (1.8%) 6325k (1.2%) Mozilla/4.0 (compatible; MSIE 4.01; Windows NT) 1009 (1.6%) 5864k (1.1%) Mozilla/4.0 (compatible; MSIE 5.5; AOL 5.0; Windows 98) 870 (1.4%) 9029k (1.7%) Mozilla/4.0 (compatible; MSIE 5.0; Windows 95; DigExt) 784 (1.2%) 4484k (0.9%) Mozilla/4.0 (compatible; MSIE 4.01; AOL 4.0; Windows 98) 778 (1.2%) 7224k (1.4%) Mozilla/4.0 (compatible; MSIE 5.0; Mac_PowerPC) 766 (1.2%) 1076k (0.2%) Mozilla/4.0 (compatible; MSIE 5.0; AOL 5.0; Windows 98; Compaq; DigExt) 630 (1.0%) 8262k (1.6%) Mozilla/4.0 (compatible; MSIE 5.01; Windows 98) 618 (1.0%) 3459k (0.7%) Mozilla/4.0 (compatible; MSIE 5.5; Windows 98) 586 (0.9%) 3224k (0.6%) Mozilla/4.0 (compatible; MSIE 4.01; Windows 98) 548 (0.9%) 2893k (0.6%) Mozilla/4.0 (compatible; MSIE 5.01; Windows NT) 534 (0.8%) 3060k (0.6%) Mozilla/4.0 (compatible; MSIE 4.01; AOL 4.0; Windows 95) 486 (0.8%) 5205k (1.0%) Sincerely, Peter Schroebel ----- Original Message ----- From: "Mury" To: "Jon Rust" Cc: "Alec H. Peterson" ; "Matt Bailey" ; ; Sent: Tuesday, September 12, 2000 1:02 PM Subject: Re: guideline for name-based web hosting justification > You're bending the truth here, quite a bit actually. The HTTP 1.0 proto > may not support the Host: header, but browsers that are using HTTP 1.0 > may very well support he Host: header. Oh, i don't know, a smallish > browser called Netscape, v 2.0 or better, comes to mind. Grepping > through my access log for today I see over 65,000 1.0 requests. 98% of > those are to name-based virtual hosts (which is almost all i run > anymore), and they all worked. > > jon Good to know. Finally someone takes the time to correct me and not just call me a whiner. So, does anyone know a reliable source that keeps track of stats on browsers? If it isn't 50% that won't get to the web site, is it 10%? 5%? .0001%? Thanks. Mury GoldenGate Internet Services From mury at goldengate.net Tue Sep 12 15:17:08 2000 From: mury at goldengate.net (Mury) Date: Tue, 12 Sep 2000 14:17:08 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: <001901c01cea$db5cf040$0f6c693f@fullport.com> Message-ID: Was there no "Unknown" browsers? My logging and analysis tools have a very high percentage that come back as "Unknown," which I'm inclined to beleive are older browsers. Mury On Tue, 12 Sep 2000, PSchroebel wrote: > Tracking browsers.... > Yes we did and we were amazed with the results. > In fact we still dont believe them.... > > Where is Netscape?...this is a sampling too!! > > Mozilla/4.0 (compatible; MSIE 5.0; AOL 5.0; Windows 98; > DigExt) 16605 (26.2%) 176388k (34.0%) > Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 4.0) 4288 > (6.8%) 8060k (1.6%) > Mozilla/4.0 (compatible; MSIE 5.0; AOL 5.0; Windows 95; > DigExt) 3675 (5.8%) 38714k (7.5%) > Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; DigExt) 3477 > (5.5%) 11312k (2.2%) > Mozilla/4.0 (compatible; MSIE 5.0; Windows 98; DigExt) 2500 > (3.9%) 13682k (2.6%) > Mozilla/4.0 (compatible; MSIE 5.01; AOL 5.0; Windows 98) > 2051 (3.2%) 21238k (4.1%) > Mozilla/4.0 (compatible; MSIE 5.0; AOL 4.0; Windows 98; > DigExt) 1906 (3.0%) 19527k (3.8%) > Mozilla/4.0 (compatible; MSIE 5.0; MSN 2.5; AOL 5.0; Windows > 98; DigExt) 1282 (2.0%) 13459k (2.6%) > Mozilla/4.0 (compatible; MSIE 4.01; Windows 95) 1146 (1.8%) > 6325k (1.2%) > Mozilla/4.0 (compatible; MSIE 4.01; Windows NT) 1009 (1.6%) > 5864k (1.1%) > Mozilla/4.0 (compatible; MSIE 5.5; AOL 5.0; Windows 98) 870 > (1.4%) 9029k (1.7%) > Mozilla/4.0 (compatible; MSIE 5.0; Windows 95; DigExt) 784 > (1.2%) 4484k (0.9%) > Mozilla/4.0 (compatible; MSIE 4.01; AOL 4.0; Windows 98) > 778 (1.2%) 7224k (1.4%) > Mozilla/4.0 (compatible; MSIE 5.0; Mac_PowerPC) 766 (1.2%) > 1076k (0.2%) > Mozilla/4.0 (compatible; MSIE 5.0; AOL 5.0; Windows 98; > Compaq; DigExt) 630 (1.0%) 8262k (1.6%) > Mozilla/4.0 (compatible; MSIE 5.01; Windows 98) 618 (1.0%) > 3459k (0.7%) > Mozilla/4.0 (compatible; MSIE 5.5; Windows 98) 586 (0.9%) > 3224k (0.6%) > Mozilla/4.0 (compatible; MSIE 4.01; Windows 98) 548 (0.9%) > 2893k (0.6%) > Mozilla/4.0 (compatible; MSIE 5.01; Windows NT) 534 (0.8%) > 3060k (0.6%) > Mozilla/4.0 (compatible; MSIE 4.01; AOL 4.0; Windows 95) > 486 (0.8%) 5205k (1.0%) > > Sincerely, > > > Peter Schroebel > > ----- Original Message ----- > From: "Mury" > To: "Jon Rust" > Cc: "Alec H. Peterson" ; "Matt Bailey" > ; ; > > Sent: Tuesday, September 12, 2000 1:02 PM > Subject: Re: guideline for name-based web hosting > justification > > > > > You're bending the truth here, quite a bit actually. The > HTTP 1.0 proto > > may not support the Host: header, but browsers that are > using HTTP 1.0 > > may very well support he Host: header. Oh, i don't know, a > smallish > > browser called Netscape, v 2.0 or better, comes to mind. > Grepping > > through my access log for today I see over 65,000 1.0 > requests. 98% of > > those are to name-based virtual hosts (which is almost all > i run > > anymore), and they all worked. > > > > jon > > > Good to know. Finally someone takes the time to correct me > and not just > call me a whiner. > > So, does anyone know a reliable source that keeps track of > stats on > browsers? If it isn't 50% that won't get to the web site, > is it > 10%? 5%? .0001%? > > Thanks. > > Mury > GoldenGate Internet Services > > From cwinter at communicationnation.com Tue Sep 12 16:09:51 2000 From: cwinter at communicationnation.com (Charles Winter) Date: Tue, 12 Sep 2000 13:09:51 -0700 Subject: guideline for name-based web hosting justification References: Message-ID: <00e301c01cf5$69c75410$4d1dc9cf@javamail.com> Mury, We started running HTTP1.1 web servers about 2 and a half years ago, using the IBM "Go Webserver" - now under the Lotus name .... as it was one of the only servers supporting the HTTP1.1 protocol at that time. The server also has very nice logging, in any case we saw alot of Netscape 2.0 generation browser hits - all going through just fine. I don't think we ever got a customer complaint about not being able to access a site. Charles Winter Communication Nation, Inc. ----- Original Message ----- From: Mury To: Jon Rust Cc: Alec H. Peterson ; Matt Bailey ; ; Sent: Tuesday, September 12, 2000 10:02 AM Subject: Re: guideline for name-based web hosting justification > > > You're bending the truth here, quite a bit actually. The HTTP 1.0 proto > > may not support the Host: header, but browsers that are using HTTP 1.0 > > may very well support he Host: header. Oh, i don't know, a smallish > > browser called Netscape, v 2.0 or better, comes to mind. Grepping > > through my access log for today I see over 65,000 1.0 requests. 98% of > > those are to name-based virtual hosts (which is almost all i run > > anymore), and they all worked. > > > > jon > > > Good to know. Finally someone takes the time to correct me and not just > call me a whiner. > > So, does anyone know a reliable source that keeps track of stats on > browsers? If it isn't 50% that won't get to the web site, is it > 10%? 5%? .0001%? > > Thanks. > > Mury > GoldenGate Internet Services > From richardj at arin.net Tue Sep 12 16:42:40 2000 From: richardj at arin.net (Richard Jimmerson) Date: Tue, 12 Sep 2000 16:42:40 -0400 Subject: No subject In-Reply-To: Message-ID: <008a01c01cf9$ff1f2700$bdfc95c0@ARINNET> Hello Scott, Considering a large percentage of your customers use SSL there must have been a mistake or misunderstanding during the review of your request for additional IP address space. I will be contacting you personally (off-list) to discuss your request and bring it to a quick resolution. Best Regards, Richard Jimmerson American Registry for Internet Numbers (ARIN) -----Original Message----- From: owner-arin-discuss at arin.net [mailto:owner-arin-discuss at arin.net]On Behalf Of Host Master Sent: Tuesday, September 12, 2000 3:04 PM To: arin-discuss at arin.net; ppml at arin.net Subject: The exception is not true, we recently requested more IP space for web hosting and were denied because of the new policy. We had to valid reasons. 1. Search Engines blacklist by IP and account for submissions by IP, one of our biggest selling points is that we get great positioning in search engines. 2. Most of our clients have HTTP 1.0 browsers, and are unable to upgrade because of company policies for the offices they work with. 3. A large percentage of our clients use SSL, we work in the real estate / mortgage field and the customers are VERY paranoid. For all intents and purposes we have been cut off from around 40% of our client base. We have produced documentation to ARIN for both of these reasons and they still denied it citing "ARIN official policy is to deny IP base web hosting, no exceptions". We are being forced to request more address space from our upstream provider so that we can cover the sites that would like to be SSL. This is not acceptable. This forced change has cost us a large (in our terms, we are not the largest company) amount of business, and forced us to loose business to competitors that just host using space from upstream providers. The reason we went to ARIN issued space was for portability across our providers, in the long run it may hurt us more than the benefit it will give us. --- Scott Johnson Director Of Software Engineering Advanced Access (714) 685-5124 sjohnson at advancedaccess.com -----Original Message----- From: Jeremy Porter [mailto:jerry at fc.net] Sent: Tuesday, September 12, 2000 1:35 AM To: Mury Cc: Alec H. Peterson; Matt Bailey; arin-discuss at arin.net; ppml at arin.net Subject: Re: guideline for name-based web hosting justification I don't think Alec has called anyone whiners. The policy has been discussed and as presented does not change the business climate for for existing users of addresses. For new assignments I quote: http://www.arin.net/announcements/policy_changes.html Exceptions may be made for ISPs that provide justification for requiring static addresses. ARIN will determine, on a case-by-case basis, whether an exception is appropriate. If you are sure that your use of one IP per Host is justfiable, then you should have no problem getting an exception approved. Perhaps if you are complaining maybe you don't feel that your use has technical merit? "Back in the day" when I ran an ISP and Web hosting business for a living, we used single IPs for WWW (http 1.1 didn't exist), assigned static IPs to all customers, etc. When new technologies came about and policies changed, we followed. We ended up renumber those static customers and some significiant business cost, because it was the right thing to do. It wasn't easy, the customers didn't like it, it made accounting and access control harder. With that said, theses issues were discussed at the ARIN policy meeting, and there weren't huge objections, so the conclusion was reached that there were significant objectors. Luckily there is a meeting in just a few weeks, where you are invited to discusse it more, and perhaps better wording can be determined that would allow existing operations to switch to more efficient technologies in a reasonable time frame, while still encouraging better utilization of IP addressing. I'm sure if several vocal www hosting business pushed for changed wording that still encouraged better utilization, that it would be considered. From my recollection of the last ARIN meeting there was a significant lack of input from WWW hosting companies, as there were only a handful present. "Whining" (your words) about it on the mailing list might not be enough. Also I'd think you find Alec would be more than willing to help address any technical issues you might find, but telling him "math is hard" isn't likely to win you much, and personal attacks, will likely just be ignored, as he's been doing this long enough to not take the "bait". In message , Mury writes: > >Dear Alec, > >Since you basically called those of us pointing out some real issues >"whiners," I took the liberty of finding out a little bit more about >you. It looks like you are probably a fairly bright person, probably a >lot smarter than me. >From looking at your web site though and reading >your comments below I question how much you really understand what you are >talking about when you trivialize some of the issues that have been >brought up. > >I also find it interesting that in your presentation to the 11th NANOG >meeting that you did with Avi Freedman (Isn't he working for Digital >Island now? Or one of the other distributed content providers) you are >supporting a technology that not only assigns an IP address to a web site >but assigns multiple IP addresses to a single site. Perhaps I didn't >decipher your presentation correctly, but it sure seems like you are >supporting performance/service level issues above and beyond IP >conservation. Ah, I hear it coming, that each distributed node can handle >multiple distributed sites off of a single IP. Very true. Do you know >what the ratio of managed sites to in-service systems is? How many >locations is Akamai in? I really don't know what the IP "waste" ratio is. >But the point is you are supporting performance at the expense of IP >addresses however large or small that may be. > >In addition, you even argue against yourself. You say, "For example, >don't do all of the parsing at once at the end of the day; modify the >server to keep a running tally of a customer's usage and have it write >that alone to a file on the disk every time it changes. Far more >efficient. That's just off the top of my head, and probably not a really >efficient way to do it." > >What?! How can it be *far more efficient* and then in the next line it's >*not a really efficient*" Can you see why I'm not very thrilled with your >off the cuff and seemingly inexperienced comments? > >By making light of some real issues that were brought up it sure seems >like your statements are hypocritical. Now like I said, I'm not the >smartest guy out here, so if I've badly misrepresented things I apologize >in advance. > >Bottom line, for every one out there saying it's no big deal to do single >IP virtual hosting I would like to see a solution that does not sacrifice >reliability, accountability, quality of service, and functionality. I >hate it when people (even smart people) start voicing opinions on things >they don't understand. > >I'm also not stubborn. I'm not running things the way I do because it's >my way, but because they work, they are scalable, they are functionable, >and we have zero down time. I've tried Microsoft IIS. It doesn't work. >Well doh, of course it works, but not for a company that demands uptime >and security and a fast and simple database. I have to reboot co-located >IIS machines all the time. My BSDI/Apache/MySQL/Perl/PHP/Raven boxes have >had zero downtime in the last 3 years. That is not an invitation to hack >or DOS my network. But thanks for thinking about me. > >And like I said before, when appropriate we have assigned multiple sites >to a single IP. We actually do it by sending all requests into a CGI >script that grabs the HTTP_HOST env variable and creates the customized >web site on the fly with MySQL. So yes, we are trying to conserve IP >addresses, we are not greedy, whiny bastards trying to screw the Internet >up for everyone else. > >For those of you running Apache that want to know how to do it the right >way, go to: http://www.apache.org/docs/vhosts/name-based.html > >Cool! Now we all know how to do name based hosting... er, wait... what >about all those HTTP/1.0 browsers!? You don't think they exist any >more? Check this out. In fairness I sampled all my virtual hosts off of >one server from a selective time period. All my logs files are in the >www.domain.com format. Here are my commands and results: > >webserver3: {17} % grep 'HTTP/1.1' www.*.com | wc -l > 400441 >webserver3: {18} % grep 'HTTP/1.0' www.*.com | wc -l > 375412 > >48.4% of the browsers out there that accessed my customers' sites used >HTTP/1.0. For the uninitiated the 1.0 version of the HTTP protocol does >NOT support name based hosting. > >Can I tell all my customers to call you when their online business drops >by almost 50%. By the way, can you use a shared IP for secure server >certificates? > >Some more thoughts... > >Look at some of the new comers to the tech scene, Keynote, Akamai, >Speedera, Digital Island, etc. These company's success show how important >it is to the world to have fast, reliable, and secure web sites. Quality >of Service (in its broad definition) is paramount. And if you don't >believe that you can make a fortune by shorting the stock in those >companies. > >I don't want to see any more comments that I should be doing things >smarter and better. I want to see explanations of how I can accomplish >the things that you say are so easy. Like I said I'm not stubborn... show >me the way. If you can't, then please refrain from making popular >political statements that don't affect YOUR business and your customers' >business. > >There's my not so bright, whiny, long-winded $10 worth. > >Mury >GoldenGate Internet Services > >PS. If you are such an advocate for IP conservation why do you have a >whole block? I can't tell how many IPs you are wasting because your >provider has not swipped your block. But you have multiple web sites >running on multiple IPs! What's your excuse? > >Name: gw1.hilander.com >Address: 216.241.32.33 > >Name: virthost.hilander.com >Address: 216.241.32.35 > >Name: ramirez.hilander.com >Address: 216.241.32.34 > >Pretty interesting web sites I might add. > >If you are going to call someone a whiner you better have your own act >together. The hypocrisy is killing me. > >Like I said, I'm sure you are smarter than me, but stick to what you know. > > >On Mon, 11 Sep 2000, Alec H. Peterson wrote: > >> Mury wrote: >> > >> > Yikes! >> > >> > Have you ever tried to parse up to 1000 log files per system, with some of >> > them around 500MB in size. It's not nearly as easy as it sounds. >> >> It is if you change how you write and parse your logs. >> >> > >> > For some people it's feasable, but for most of us we *need* IP based >> > accounting. >> > >> > By the way, we are setup to do a large number of URL's pointed at a single >> > IP for some hosting applications, but for the majority of our sites, it is >> > not an option. >> >> Can't say that I have tried it. However at the same time I can think of >> quite a few ways to make the task far easier and faster. For example, don't >> do all of the parsing at once at the end of the day; modify the server to > keep a running tally of a customer's usage and have it write that alone to a >> file on the disk every time it changes. Far more efficient. >> >> That's just off the top of my head, and probably not a really efficient way >> to do it. My point is that the Internet is made up of a lot of smart people >> who are more than capable of solving these issues if they feel like it. >> Whining about how today's methods of accounting won't work with tomorrow's >> methods of virtual hosting is a lot like complaining about how yesterday's >> chalk writes really poorly on today's white boards. If you don't want to be >> left behind you have to keep on evolving. >> >> After all, where would we be today if dial-up providers decided that it was >> too much work to use dynamically allocated IP addresses and kept on giving >> each user their own IP address? >> >> However, name-based virtual hosts aren't exactly a new thing. Many large >> web hosters have been using name-based virtual hosts for a while now, so >> would any of those companies mind sharing a little wisdom on how this can be >> done? >> >> Thanks, >> >> Alec >> >> -- >> Alec H. Peterson - ahp at hilander.com >> Staff Scientist >> CenterGate Research Group - http://www.centergate.com >> "Technology so advanced, even _we_ don't understand it!" >> > > --- jerry at fc.net 512-519-6193 www.wayport.net 8303 Mopac Expressway Suite A300, Austin Tx. -------------- next part -------------- An HTML attachment was scrubbed... URL: From mury at goldengate.net Tue Sep 12 16:59:23 2000 From: mury at goldengate.net (Mury) Date: Tue, 12 Sep 2000 15:59:23 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: <39BE7EE7.F067161@hilander.com> Message-ID: > > Instead of putting the clamps on the ISPs why not focus on: > > > > 1) Reclaiming unused IP space to hold us out a little longer > > That's already being done, but there's a big problem. ARIN doesn't have > authority over the major offenders (legacy /8s and /16s). The AC has had > long, involved discussions about how is best to do this, and we're working > on it. For example, our first goal is to re-claim address space of > companies that have gone out of business. If you have some ideas on how we > can do this we'd _love_ to hear them. I'm not sure where ARIN gets it's authority. Maybe the father of the Internet wants to save his creation and support a law giving ARIN the authority. Seriously, where does ARIN receive it's authority from? Why hasn't it been given the authority to reclaim unused space from legacy allocations? Maybe ARIN would like to clearly publish a list of those offenders and send them a nice letter asking them to comply with current allocation policies. If they don't want to cooperate, I suppose we could call the media and/or Null route their IPs until they want to play by the same rules we all need to. > > 2) Push a plan to get better client server technology out there, and once > > it is out there get people using it. As an rotten example, but feeling > > one is needed, what if the top 10 most popular sites had a message pop up > > that informed people if they were using an old browser and encouraged them > > to upgrade. > > Yuck! > > I mean, it's an idea, but I see where you're going... Actually from the recent contributions to the list it appears as though the HTTP/1.0 issues are far less a problem than I first perceived. I would however like to see some real statistics. > > I'm not bitching just to bitch. I'm looking out for my ecommerce > > customers. 90% of my revenue comes from businesses. If I don't watch out > > for their bottom line, they sure the hell aren't going to look out for > > mine. If I switch them to a name-based system, before the world is ready > > for it and they lose hits do to software incompatibilites, or don't notice > > that their traffic died, or they can't see how effective a commercial was > > by using real-time accounting stats, or one of my customers gets DOSed and > > I can't control the traffic at my core routers or at my upstream so I have > > to take everyone down because they all share an IP, they are going to host > > with someone who cheats the system and gets them an IP. > > Those are legitimate gripes. > > Can we come up with reasonable solutions to them? Well, what is the realistic possibility of making that "policy" a "guideline?" Give ISPs 6 months to essentially self-comply. If web hosting IP usage drops a significant percentage, then we declare a success. If usage does not drop, have a policy ready with more details. What exactly constitutes an exception? Obviously secure servers are an exception, but what about bandwidth based accounting, or high bandwidth sites (and if so, where is the line drawn?) I realize I might be living in a dream world thinking most ISPs will rapidly change if not forced to, but it's not an impossible task to convince them either. It's actually easy to configure multiple sites to one IP than to multiple IPs. I really don't know. I'd personally rather spend my time and money trying to get back massive chunks of unused IPs from those knowingly or unknowingly abusing them, and wait for technologies to mature a little more before cracking down on web hosting IPs. > No, you aren't the only one, but at the same time, there were a huge number > of people at the last ARIN meeting who were in support of this policy, > however most of them have been silent through most of this (perhaps because > they feel they already made their feelings known at the last meeting). > > And as far as being labled a trouble-maker, I know plenty of people who have > been far more vocal about ARIN policy than you and have had no problem > getting address space. Please don't spread the mis-conception that ARIN is > anything other than an objective organization. It isn't true and it makes > everyone's life much more difficult in getting support for the organization. Oh, if I thought that were true, I wouldn't be writing this or previous emails. I obviously don't think ARIN is going to treat my allocations differently than the next person. I'm just guessing as to why others emailed only me and not the group. > > If eliminate multiple IPs I'm unsure how to: > > > > 1) Address the HTTP/1.0 issues in an acceptable clean fashion > > See other discussions; the issue of legacy browsers IMO is a red herring. > It exists, but it's really small. Is sure seems that way. I'd still like to see *real* statistics. > > 2) Do real time web accounting. Remember we buy bandwidth by the Mbit, so > > we need to sell it by the Mbit > > Doing bandwidth (as opposed to bytes transfered per period of time) billing > is tough, although it sounds like more and more vendors are starting to sell > equipment that handles this. > > > 3) Provide controls against DOS attacks. No we don't host porn sites > > But those are the money-makers! :-) > > Seriously, I understand the DOS issue all too well, and it does need to be > addressed. Not sure how to at this point, except to say that this policy is > really targeted towards the bottom-of-the-line web hosting accounts. If you > have a customer who has a lot of traffic, pays you a lot of money and can't > afford to be off the air then it makes perfect sense to have him on a > dedicated IP (I think at least). Well, that doesn't totally work. Because if someone on the main IP gets attacked I have to shut all sites down on that IP, so it's not just a matter of keeping my one big customer up, it's a matter of keeping 1000 sites up that only pay $50/month but adds up to $50,000.00/month in total. When everyone has their own IP, you can simply Null route their IP if trouble starts. In all fairness, I only have to do this a handful of times per year, but the times I have it has probably saved me hours if not days of down time. There is no way to predict if www.photos.com, www.ilikeredmeat.com, www.gotochurch.com is going to be the one that gets attacked. This issue is not a massive one. > > 4) Provide secure server certificates > > That qualifies as an exception. > > > 5) Provide database support from server to server. I'm not a programmer > > any more so I don't know how big an issue it is, but my programmer told me > > it would be a mess > > Not sure exactly what you're trying to do with server to server DB support > (more to the point why it would be a problem). If your backend hosting databases reside on different computers than your hosting does, you probably are going to have issues with name based hosting. However, I am far enough out of this arena personally to be able to explain why. Once again this is a relatively small issue, at least for us. Most of our databases do reside on the hosting server. > > Actually I think the policy would make a wonderful "Guideline". It > > shouldn't affect IP allocation, but it should be encouraged at this time. > > That's actually been proposed on another list, although I'm really not sure > if that would affect what people do. Anybody else have thoughts? > > > > > As someone pointed out. Apparently HTTP/1.0 can support name based > > hosting. I was unaware of this. > > > > And if that truely is the case, I would like to see some numbers. I would > > have guessed ARIN would know this before instituting a policy. Perhaps > > they would like to share. > > The numbers we got came from our members. I believe Gene had some extensive > data. Gene, do you want to share that data with the list? > > Alec, I understand your and ARIN's points. However if a "policy" is going > > to be created and enforced I think we some of these issues need to be > > better addressed and defined so legit ISPs don't have to wait over a > > month to get new IP space and go through a process of defending web > > hosting IP space. > > Which is why we really need more participation. Fortunately this policy > change has brought more of it forward, but as I said above we need a better > way to tally opinions in a fair manner... Someone sent me an email suggesting a poll on your web site using handles as an ID so only members could vote, and they could only vote once. As a side note, from the lack of participation in this list it appears that either: 1) Not many ISPs are subscribed to this list 2) They aren't receiving the messages 3) They are too busy to care, or 4) I'm one of only about 10-20 people that feel strongly about this policy Whatever the case is, I have a business to run, and I've said my peace. I can't stick up for the rest of them. For all the reasons I've stated I think this policy is both too undefined in that it lacks the explanations of exceptions (currently it looks like exceptions would be left up to the discretion of the individual staff person working on the account), and that it is premature. For the record, I tried to participate. Mury GoldenGate Internet Services From mury at goldengate.net Tue Sep 12 16:59:23 2000 From: mury at goldengate.net (Mury) Date: Tue, 12 Sep 2000 15:59:23 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: <39BE7EE7.F067161@hilander.com> Message-ID: > > Instead of putting the clamps on the ISPs why not focus on: > > > > 1) Reclaiming unused IP space to hold us out a little longer > > That's already being done, but there's a big problem. ARIN doesn't have > authority over the major offenders (legacy /8s and /16s). The AC has had > long, involved discussions about how is best to do this, and we're working > on it. For example, our first goal is to re-claim address space of > companies that have gone out of business. If you have some ideas on how we > can do this we'd _love_ to hear them. I'm not sure where ARIN gets it's authority. Maybe the father of the Internet wants to save his creation and support a law giving ARIN the authority. Seriously, where does ARIN receive it's authority from? Why hasn't it been given the authority to reclaim unused space from legacy allocations? Maybe ARIN would like to clearly publish a list of those offenders and send them a nice letter asking them to comply with current allocation policies. If they don't want to cooperate, I suppose we could call the media and/or Null route their IPs until they want to play by the same rules we all need to. > > 2) Push a plan to get better client server technology out there, and once > > it is out there get people using it. As an rotten example, but feeling > > one is needed, what if the top 10 most popular sites had a message pop up > > that informed people if they were using an old browser and encouraged them > > to upgrade. > > Yuck! > > I mean, it's an idea, but I see where you're going... Actually from the recent contributions to the list it appears as though the HTTP/1.0 issues are far less a problem than I first perceived. I would however like to see some real statistics. > > I'm not bitching just to bitch. I'm looking out for my ecommerce > > customers. 90% of my revenue comes from businesses. If I don't watch out > > for their bottom line, they sure the hell aren't going to look out for > > mine. If I switch them to a name-based system, before the world is ready > > for it and they lose hits do to software incompatibilites, or don't notice > > that their traffic died, or they can't see how effective a commercial was > > by using real-time accounting stats, or one of my customers gets DOSed and > > I can't control the traffic at my core routers or at my upstream so I have > > to take everyone down because they all share an IP, they are going to host > > with someone who cheats the system and gets them an IP. > > Those are legitimate gripes. > > Can we come up with reasonable solutions to them? Well, what is the realistic possibility of making that "policy" a "guideline?" Give ISPs 6 months to essentially self-comply. If web hosting IP usage drops a significant percentage, then we declare a success. If usage does not drop, have a policy ready with more details. What exactly constitutes an exception? Obviously secure servers are an exception, but what about bandwidth based accounting, or high bandwidth sites (and if so, where is the line drawn?) I realize I might be living in a dream world thinking most ISPs will rapidly change if not forced to, but it's not an impossible task to convince them either. It's actually easy to configure multiple sites to one IP than to multiple IPs. I really don't know. I'd personally rather spend my time and money trying to get back massive chunks of unused IPs from those knowingly or unknowingly abusing them, and wait for technologies to mature a little more before cracking down on web hosting IPs. > No, you aren't the only one, but at the same time, there were a huge number > of people at the last ARIN meeting who were in support of this policy, > however most of them have been silent through most of this (perhaps because > they feel they already made their feelings known at the last meeting). > > And as far as being labled a trouble-maker, I know plenty of people who have > been far more vocal about ARIN policy than you and have had no problem > getting address space. Please don't spread the mis-conception that ARIN is > anything other than an objective organization. It isn't true and it makes > everyone's life much more difficult in getting support for the organization. Oh, if I thought that were true, I wouldn't be writing this or previous emails. I obviously don't think ARIN is going to treat my allocations differently than the next person. I'm just guessing as to why others emailed only me and not the group. > > If eliminate multiple IPs I'm unsure how to: > > > > 1) Address the HTTP/1.0 issues in an acceptable clean fashion > > See other discussions; the issue of legacy browsers IMO is a red herring. > It exists, but it's really small. Is sure seems that way. I'd still like to see *real* statistics. > > 2) Do real time web accounting. Remember we buy bandwidth by the Mbit, so > > we need to sell it by the Mbit > > Doing bandwidth (as opposed to bytes transfered per period of time) billing > is tough, although it sounds like more and more vendors are starting to sell > equipment that handles this. > > > 3) Provide controls against DOS attacks. No we don't host porn sites > > But those are the money-makers! :-) > > Seriously, I understand the DOS issue all too well, and it does need to be > addressed. Not sure how to at this point, except to say that this policy is > really targeted towards the bottom-of-the-line web hosting accounts. If you > have a customer who has a lot of traffic, pays you a lot of money and can't > afford to be off the air then it makes perfect sense to have him on a > dedicated IP (I think at least). Well, that doesn't totally work. Because if someone on the main IP gets attacked I have to shut all sites down on that IP, so it's not just a matter of keeping my one big customer up, it's a matter of keeping 1000 sites up that only pay $50/month but adds up to $50,000.00/month in total. When everyone has their own IP, you can simply Null route their IP if trouble starts. In all fairness, I only have to do this a handful of times per year, but the times I have it has probably saved me hours if not days of down time. There is no way to predict if www.photos.com, www.ilikeredmeat.com, www.gotochurch.com is going to be the one that gets attacked. This issue is not a massive one. > > 4) Provide secure server certificates > > That qualifies as an exception. > > > 5) Provide database support from server to server. I'm not a programmer > > any more so I don't know how big an issue it is, but my programmer told me > > it would be a mess > > Not sure exactly what you're trying to do with server to server DB support > (more to the point why it would be a problem). If your backend hosting databases reside on different computers than your hosting does, you probably are going to have issues with name based hosting. However, I am far enough out of this arena personally to be able to explain why. Once again this is a relatively small issue, at least for us. Most of our databases do reside on the hosting server. > > Actually I think the policy would make a wonderful "Guideline". It > > shouldn't affect IP allocation, but it should be encouraged at this time. > > That's actually been proposed on another list, although I'm really not sure > if that would affect what people do. Anybody else have thoughts? > > > > > As someone pointed out. Apparently HTTP/1.0 can support name based > > hosting. I was unaware of this. > > > > And if that truely is the case, I would like to see some numbers. I would > > have guessed ARIN would know this before instituting a policy. Perhaps > > they would like to share. > > The numbers we got came from our members. I believe Gene had some extensive > data. Gene, do you want to share that data with the list? > > Alec, I understand your and ARIN's points. However if a "policy" is going > > to be created and enforced I think we some of these issues need to be > > better addressed and defined so legit ISPs don't have to wait over a > > month to get new IP space and go through a process of defending web > > hosting IP space. > > Which is why we really need more participation. Fortunately this policy > change has brought more of it forward, but as I said above we need a better > way to tally opinions in a fair manner... Someone sent me an email suggesting a poll on your web site using handles as an ID so only members could vote, and they could only vote once. As a side note, from the lack of participation in this list it appears that either: 1) Not many ISPs are subscribed to this list 2) They aren't receiving the messages 3) They are too busy to care, or 4) I'm one of only about 10-20 people that feel strongly about this policy Whatever the case is, I have a business to run, and I've said my peace. I can't stick up for the rest of them. For all the reasons I've stated I think this policy is both too undefined in that it lacks the explanations of exceptions (currently it looks like exceptions would be left up to the discretion of the individual staff person working on the account), and that it is premature. For the record, I tried to participate. Mury GoldenGate Internet Services From dan at netrail.net Tue Sep 12 23:12:57 2000 From: dan at netrail.net (dan at netrail.net) Date: Tue, 12 Sep 2000 23:12:57 -0400 (EDT) Subject: guideline for name-based web hosting justification In-Reply-To: Message-ID: Oh come on. ARIN has not actual legal authority of any kind. It operates across national borders, and is subject to no laws regulating it's powers. It's only true ability is to convince providers to route only those addresses it assigns. Given this, it has all the authority it needs to retrieve unused blocks. Daniel Golding Director of R&D "I'm not evil. I'm just drawn that way" NetRail, Inc. 1-888-NetRail On Tue, 12 Sep 2000, Mury wrote: > > > > Instead of putting the clamps on the ISPs why not focus on: > > > > > > 1) Reclaiming unused IP space to hold us out a little longer > > > > That's already being done, but there's a big problem. ARIN doesn't have > > authority over the major offenders (legacy /8s and /16s). The AC has had > > long, involved discussions about how is best to do this, and we're working > > on it. For example, our first goal is to re-claim address space of > > companies that have gone out of business. If you have some ideas on how we > > can do this we'd _love_ to hear them. > > I'm not sure where ARIN gets it's authority. Maybe the father of the > Internet wants to save his creation and support a law giving ARIN the > authority. Seriously, where does ARIN receive it's authority from? Why > hasn't it been given the authority to reclaim unused space from legacy > allocations? > > Maybe ARIN would like to clearly publish a list of those offenders and > send them a nice letter asking them to comply with current allocation > policies. If they don't want to cooperate, I suppose we could call the > media and/or Null route their IPs until they want to play by the same > rules we all need to. > > > > 2) Push a plan to get better client server technology out there, and once > > > it is out there get people using it. As an rotten example, but feeling > > > one is needed, what if the top 10 most popular sites had a message pop up > > > that informed people if they were using an old browser and encouraged them > > > to upgrade. > > > > Yuck! > > > > I mean, it's an idea, but I see where you're going... > > Actually from the recent contributions to the list it appears as though > the HTTP/1.0 issues are far less a problem than I first perceived. I > would however like to see some real statistics. > > > > I'm not bitching just to bitch. I'm looking out for my ecommerce > > > customers. 90% of my revenue comes from businesses. If I don't watch out > > > for their bottom line, they sure the hell aren't going to look out for > > > mine. If I switch them to a name-based system, before the world is ready > > > for it and they lose hits do to software incompatibilites, or don't notice > > > that their traffic died, or they can't see how effective a commercial was > > > by using real-time accounting stats, or one of my customers gets DOSed and > > > I can't control the traffic at my core routers or at my upstream so I have > > > to take everyone down because they all share an IP, they are going to host > > > with someone who cheats the system and gets them an IP. > > > > Those are legitimate gripes. > > > > Can we come up with reasonable solutions to them? > > Well, what is the realistic possibility of making that "policy" a > "guideline?" Give ISPs 6 months to essentially self-comply. If web > hosting IP usage drops a significant percentage, then we declare a > success. > > If usage does not drop, have a policy ready with more details. What > exactly constitutes an exception? Obviously secure servers are an > exception, but what about bandwidth based accounting, or high bandwidth > sites (and if so, where is the line drawn?) > > I realize I might be living in a dream world thinking most ISPs will > rapidly change if not forced to, but it's not an impossible task to > convince them either. It's actually easy to configure multiple sites to > one IP than to multiple IPs. > > I really don't know. I'd personally rather spend my time and money trying > to get back massive chunks of unused IPs from those knowingly or > unknowingly abusing them, and wait for technologies to mature a little > more before cracking down on web hosting IPs. > > > No, you aren't the only one, but at the same time, there were a huge number > > of people at the last ARIN meeting who were in support of this policy, > > however most of them have been silent through most of this (perhaps because > > they feel they already made their feelings known at the last meeting). > > > > And as far as being labled a trouble-maker, I know plenty of people who have > > been far more vocal about ARIN policy than you and have had no problem > > getting address space. Please don't spread the mis-conception that ARIN is > > anything other than an objective organization. It isn't true and it makes > > everyone's life much more difficult in getting support for the organization. > > Oh, if I thought that were true, I wouldn't be writing this or previous > emails. I obviously don't think ARIN is going to treat my allocations > differently than the next person. I'm just guessing as to why others > emailed only me and not the group. > > > > If eliminate multiple IPs I'm unsure how to: > > > > > > 1) Address the HTTP/1.0 issues in an acceptable clean fashion > > > > See other discussions; the issue of legacy browsers IMO is a red herring. > > It exists, but it's really small. > > Is sure seems that way. I'd still like to see *real* statistics. > > > > 2) Do real time web accounting. Remember we buy bandwidth by the Mbit, so > > > we need to sell it by the Mbit > > > > Doing bandwidth (as opposed to bytes transfered per period of time) billing > > is tough, although it sounds like more and more vendors are starting to sell > > equipment that handles this. > > > > > 3) Provide controls against DOS attacks. No we don't host porn sites > > > > But those are the money-makers! :-) > > > > Seriously, I understand the DOS issue all too well, and it does need to be > > addressed. Not sure how to at this point, except to say that this policy is > > really targeted towards the bottom-of-the-line web hosting accounts. If you > > have a customer who has a lot of traffic, pays you a lot of money and can't > > afford to be off the air then it makes perfect sense to have him on a > > dedicated IP (I think at least). > > Well, that doesn't totally work. Because if someone on the main IP gets > attacked I have to shut all sites down on that IP, so it's not just a > matter of keeping my one big customer up, it's a matter of keeping 1000 > sites up that only pay $50/month but adds up to $50,000.00/month in > total. When everyone has their own IP, you can simply Null route their IP > if trouble starts. > > In all fairness, I only have to do this a handful of times per year, but > the times I have it has probably saved me hours if not days of down time. > There is no way to predict if www.photos.com, www.ilikeredmeat.com, > www.gotochurch.com is going to be the one that gets attacked. > > This issue is not a massive one. > > > > 4) Provide secure server certificates > > > > That qualifies as an exception. > > > > > 5) Provide database support from server to server. I'm not a programmer > > > any more so I don't know how big an issue it is, but my programmer told me > > > it would be a mess > > > > Not sure exactly what you're trying to do with server to server DB support > > (more to the point why it would be a problem). > > If your backend hosting databases reside on different computers than your > hosting does, you probably are going to have issues with name based > hosting. However, I am far enough out of this arena personally to be able > to explain why. > > Once again this is a relatively small issue, at least for us. Most of our > databases do reside on the hosting server. > > > > Actually I think the policy would make a wonderful "Guideline". It > > > shouldn't affect IP allocation, but it should be encouraged at this time. > > > > That's actually been proposed on another list, although I'm really not sure > > if that would affect what people do. Anybody else have thoughts? > > > > > > > > As someone pointed out. Apparently HTTP/1.0 can support name based > > > hosting. I was unaware of this. > > > > > > And if that truely is the case, I would like to see some numbers. I would > > > have guessed ARIN would know this before instituting a policy. Perhaps > > > they would like to share. > > > > The numbers we got came from our members. I believe Gene had some extensive > > data. > > Gene, do you want to share that data with the list? > > > > Alec, I understand your and ARIN's points. However if a "policy" is going > > > to be created and enforced I think we some of these issues need to be > > > better addressed and defined so legit ISPs don't have to wait over a > > > month to get new IP space and go through a process of defending web > > > hosting IP space. > > > > Which is why we really need more participation. Fortunately this policy > > change has brought more of it forward, but as I said above we need a better > > way to tally opinions in a fair manner... > > Someone sent me an email suggesting a poll on your web site using handles > as an ID so only members could vote, and they could only vote once. > > As a side note, from the lack of participation in this list it appears > that either: > > 1) Not many ISPs are subscribed to this list > 2) They aren't receiving the messages > 3) They are too busy to care, or > 4) I'm one of only about 10-20 people that feel strongly about this policy > > Whatever the case is, I have a business to run, and I've said my > peace. I can't stick up for the rest of them. > > For all the reasons I've stated I think this policy is both too undefined > in that it lacks the explanations of exceptions (currently it looks like > exceptions would be left up to the discretion of the individual staff > person working on the account), and that it is premature. > > For the record, I tried to participate. > > Mury > GoldenGate Internet Services > From mury at goldengate.net Wed Sep 13 01:20:29 2000 From: mury at goldengate.net (Mury) Date: Wed, 13 Sep 2000 00:20:29 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: Message-ID: That's what I was subtly getting at. On Tue, 12 Sep 2000 dan at netrail.net wrote: > Oh come on. ARIN has not actual legal authority of any kind. It operates > across national borders, and is subject to no laws regulating it's powers. > It's only true ability is to convince providers to route only those > addresses it assigns. Given this, it has all the authority it needs to > retrieve unused blocks. > > > Daniel Golding > Director of R&D "I'm not evil. I'm just drawn that way" > NetRail, Inc. > 1-888-NetRail > > On Tue, 12 Sep 2000, Mury wrote: > > > > > > > Instead of putting the clamps on the ISPs why not focus on: > > > > > > > > 1) Reclaiming unused IP space to hold us out a little longer > > > > > > That's already being done, but there's a big problem. ARIN doesn't have > > > authority over the major offenders (legacy /8s and /16s). The AC has had > > > long, involved discussions about how is best to do this, and we're working > > > on it. For example, our first goal is to re-claim address space of > > > companies that have gone out of business. If you have some ideas on how we > > > can do this we'd _love_ to hear them. > > > > I'm not sure where ARIN gets it's authority. Maybe the father of the > > Internet wants to save his creation and support a law giving ARIN the > > authority. Seriously, where does ARIN receive it's authority from? Why > > hasn't it been given the authority to reclaim unused space from legacy > > allocations? > > > > Maybe ARIN would like to clearly publish a list of those offenders and > > send them a nice letter asking them to comply with current allocation > > policies. If they don't want to cooperate, I suppose we could call the > > media and/or Null route their IPs until they want to play by the same > > rules we all need to. > > > > > > 2) Push a plan to get better client server technology out there, and once > > > > it is out there get people using it. As an rotten example, but feeling > > > > one is needed, what if the top 10 most popular sites had a message pop up > > > > that informed people if they were using an old browser and encouraged them > > > > to upgrade. > > > > > > Yuck! > > > > > > I mean, it's an idea, but I see where you're going... > > > > Actually from the recent contributions to the list it appears as though > > the HTTP/1.0 issues are far less a problem than I first perceived. I > > would however like to see some real statistics. > > > > > > I'm not bitching just to bitch. I'm looking out for my ecommerce > > > > customers. 90% of my revenue comes from businesses. If I don't watch out > > > > for their bottom line, they sure the hell aren't going to look out for > > > > mine. If I switch them to a name-based system, before the world is ready > > > > for it and they lose hits do to software incompatibilites, or don't notice > > > > that their traffic died, or they can't see how effective a commercial was > > > > by using real-time accounting stats, or one of my customers gets DOSed and > > > > I can't control the traffic at my core routers or at my upstream so I have > > > > to take everyone down because they all share an IP, they are going to host > > > > with someone who cheats the system and gets them an IP. > > > > > > Those are legitimate gripes. > > > > > > Can we come up with reasonable solutions to them? > > > > Well, what is the realistic possibility of making that "policy" a > > "guideline?" Give ISPs 6 months to essentially self-comply. If web > > hosting IP usage drops a significant percentage, then we declare a > > success. > > > > If usage does not drop, have a policy ready with more details. What > > exactly constitutes an exception? Obviously secure servers are an > > exception, but what about bandwidth based accounting, or high bandwidth > > sites (and if so, where is the line drawn?) > > > > I realize I might be living in a dream world thinking most ISPs will > > rapidly change if not forced to, but it's not an impossible task to > > convince them either. It's actually easy to configure multiple sites to > > one IP than to multiple IPs. > > > > I really don't know. I'd personally rather spend my time and money trying > > to get back massive chunks of unused IPs from those knowingly or > > unknowingly abusing them, and wait for technologies to mature a little > > more before cracking down on web hosting IPs. > > > > > No, you aren't the only one, but at the same time, there were a huge number > > > of people at the last ARIN meeting who were in support of this policy, > > > however most of them have been silent through most of this (perhaps because > > > they feel they already made their feelings known at the last meeting). > > > > > > And as far as being labled a trouble-maker, I know plenty of people who have > > > been far more vocal about ARIN policy than you and have had no problem > > > getting address space. Please don't spread the mis-conception that ARIN is > > > anything other than an objective organization. It isn't true and it makes > > > everyone's life much more difficult in getting support for the organization. > > > > Oh, if I thought that were true, I wouldn't be writing this or previous > > emails. I obviously don't think ARIN is going to treat my allocations > > differently than the next person. I'm just guessing as to why others > > emailed only me and not the group. > > > > > > If eliminate multiple IPs I'm unsure how to: > > > > > > > > 1) Address the HTTP/1.0 issues in an acceptable clean fashion > > > > > > See other discussions; the issue of legacy browsers IMO is a red herring. > > > It exists, but it's really small. > > > > Is sure seems that way. I'd still like to see *real* statistics. > > > > > > 2) Do real time web accounting. Remember we buy bandwidth by the Mbit, so > > > > we need to sell it by the Mbit > > > > > > Doing bandwidth (as opposed to bytes transfered per period of time) billing > > > is tough, although it sounds like more and more vendors are starting to sell > > > equipment that handles this. > > > > > > > 3) Provide controls against DOS attacks. No we don't host porn sites > > > > > > But those are the money-makers! :-) > > > > > > Seriously, I understand the DOS issue all too well, and it does need to be > > > addressed. Not sure how to at this point, except to say that this policy is > > > really targeted towards the bottom-of-the-line web hosting accounts. If you > > > have a customer who has a lot of traffic, pays you a lot of money and can't > > > afford to be off the air then it makes perfect sense to have him on a > > > dedicated IP (I think at least). > > > > Well, that doesn't totally work. Because if someone on the main IP gets > > attacked I have to shut all sites down on that IP, so it's not just a > > matter of keeping my one big customer up, it's a matter of keeping 1000 > > sites up that only pay $50/month but adds up to $50,000.00/month in > > total. When everyone has their own IP, you can simply Null route their IP > > if trouble starts. > > > > In all fairness, I only have to do this a handful of times per year, but > > the times I have it has probably saved me hours if not days of down time. > > There is no way to predict if www.photos.com, www.ilikeredmeat.com, > > www.gotochurch.com is going to be the one that gets attacked. > > > > This issue is not a massive one. > > > > > > 4) Provide secure server certificates > > > > > > That qualifies as an exception. > > > > > > > 5) Provide database support from server to server. I'm not a programmer > > > > any more so I don't know how big an issue it is, but my programmer told me > > > > it would be a mess > > > > > > Not sure exactly what you're trying to do with server to server DB support > > > (more to the point why it would be a problem). > > > > If your backend hosting databases reside on different computers than your > > hosting does, you probably are going to have issues with name based > > hosting. However, I am far enough out of this arena personally to be able > > to explain why. > > > > Once again this is a relatively small issue, at least for us. Most of our > > databases do reside on the hosting server. > > > > > > Actually I think the policy would make a wonderful "Guideline". It > > > > shouldn't affect IP allocation, but it should be encouraged at this time. > > > > > > That's actually been proposed on another list, although I'm really not sure > > > if that would affect what people do. Anybody else have thoughts? > > > > > > > > > > > As someone pointed out. Apparently HTTP/1.0 can support name based > > > > hosting. I was unaware of this. > > > > > > > > And if that truely is the case, I would like to see some numbers. I would > > > > have guessed ARIN would know this before instituting a policy. Perhaps > > > > they would like to share. > > > > > > The numbers we got came from our members. I believe Gene had some extensive > > > data. > > > > Gene, do you want to share that data with the list? > > > > > > Alec, I understand your and ARIN's points. However if a "policy" is going > > > > to be created and enforced I think we some of these issues need to be > > > > better addressed and defined so legit ISPs don't have to wait over a > > > > month to get new IP space and go through a process of defending web > > > > hosting IP space. > > > > > > Which is why we really need more participation. Fortunately this policy > > > change has brought more of it forward, but as I said above we need a better > > > way to tally opinions in a fair manner... > > > > Someone sent me an email suggesting a poll on your web site using handles > > as an ID so only members could vote, and they could only vote once. > > > > As a side note, from the lack of participation in this list it appears > > that either: > > > > 1) Not many ISPs are subscribed to this list > > 2) They aren't receiving the messages > > 3) They are too busy to care, or > > 4) I'm one of only about 10-20 people that feel strongly about this policy > > > > Whatever the case is, I have a business to run, and I've said my > > peace. I can't stick up for the rest of them. > > > > For all the reasons I've stated I think this policy is both too undefined > > in that it lacks the explanations of exceptions (currently it looks like > > exceptions would be left up to the discretion of the individual staff > > person working on the account), and that it is premature. > > > > For the record, I tried to participate. > > > > Mury > > GoldenGate Internet Services > > > From drechsau at geeks.org Wed Sep 13 10:09:37 2000 From: drechsau at geeks.org (Mike Horwath) Date: Wed, 13 Sep 2000 09:09:37 -0500 Subject: guideline for name-based web hosting justification In-Reply-To: <39BE429D.BF3CF8B4@hilander.com>; from ahp@hilander.com on Tue, Sep 12, 2000 at 08:50:05AM -0600 References: <39BE429D.BF3CF8B4@hilander.com> Message-ID: <20000913090937.A4436@Geeks.ORG> On Tue, Sep 12, 2000 at 08:50:05AM -0600, Alec H. Peterson wrote: > Speaking to your request for a solution to your accounting woes, I really > don't think you want that from ARIN. See, if that happens then people will > start screaming about how ARIN dictates the way people must do business, > which gets into another rat-hole that we really don't want to go down. > There are many ways to skin this cat. But with this policy, ARIN is now dictating business. :) -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From drechsau at geeks.org Wed Sep 13 10:15:32 2000 From: drechsau at geeks.org (Mike Horwath) Date: Wed, 13 Sep 2000 09:15:32 -0500 Subject: guideline for name-based web hosting justification In-Reply-To: <39BE429D.BF3CF8B4@hilander.com>; from ahp@hilander.com on Tue, Sep 12, 2000 at 08:50:05AM -0600 References: <39BE429D.BF3CF8B4@hilander.com> Message-ID: <20000913091532.B4436@Geeks.ORG> On Tue, Sep 12, 2000 at 08:50:05AM -0600, Alec H. Peterson wrote: > My point was that I can't stand excuses for doing 'the right thing', > especially when people insist on working against an organization that is > only trying to help. ARIN is not making these policy changes to make > everybodys' lives more difficult. ARIN is making the changes because it has > a responsibility to stretch IP space in its region of the world as far as > possible. ARIN could help stretch IP space by running around the different net blocks and finding the unused space and reclaiming it. Sure, there will be some pissed off people who have /16s that they are using maybe a /22 out of, but so what? That is a lot of address space that can be reassigned. We pay ARIN a fee to 'manage' our IP space, I would like some of that fee to go to reclaimation of wasted IP space by small colleges, small companies, and individuals who have who have space they aren't using. This name-based virtual hosting item is something that is going to take time to recover from, period, and when I go to ARIN in a couple of weeks there is no way in hell I will be able to convert current customers to it, nor can I convert 70% of them and I will need to figure out how to resolve that issue. The points are: dropping the bomb is not fun, this new decision, while made with other ARIN members, was sudden in its announcement and did not give anyone a chance to start the cleanup before the punishment is handed out. there are a ton of IPs available on the 'net that are allocated and underused - relaim those and these worries about IP depletion can be put off for another couple of years. random people with random comments about how my business is supposed to be run is just not nice. -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From ahp at hilander.com Wed Sep 13 10:33:35 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Wed, 13 Sep 2000 08:33:35 -0600 Subject: guideline for name-based web hosting justification References: <39BE429D.BF3CF8B4@hilander.com> <20000913091532.B4436@Geeks.ORG> Message-ID: <39BF903F.5A62457A@hilander.com> Mike Horwath wrote: > > ARIN could help stretch IP space by running around the different net > blocks and finding the unused space and reclaiming it. > > Sure, there will be some pissed off people who have /16s that they are > using maybe a /22 out of, but so what? That is a lot of address space > that can be reassigned. ARIN should, but in reality that is IANA's job. This isn't ARIN trying to pass the buck, it's just due to the way the whole Internet governance structure has been setup. And it's a really tricky job at that. > > We pay ARIN a fee to 'manage' our IP space, I would like some of that > fee to go to reclaimation of wasted IP space by small colleges, small > companies, and individuals who have who have space they aren't using. See above. The AC has talked about how to reclaim space several times, but the fact remains that ARIN doesn't have the authority to just wrench space from any entity. > > The points are: > > dropping the bomb is not fun, this new decision, while made > with other ARIN members, was sudden in its announcement and > did not give anyone a chance to start the cleanup before the > punishment is handed out. That is certainly a valid point. We should re-think how we announce future policy changes in that case. > > there are a ton of IPs available on the 'net that are > allocated and underused - relaim those and these worries about > IP depletion can be put off for another couple of years. See above. > > random people with random comments about how my business is > supposed to be run is just not nice. You call it dictating how your business is supposed to run, and that's fine. One could argue that ARIN has been telling dialup ISPs how to run their business for years, but I haven't heard any complaints to that affect. Look, I want to see the policy changed so that all ARIN members feel their opinions have been represented. Here's what I'm going to do. Anybody who wants to see the policy changed in some SPECIFIC way AND is not going to make it to the meeting in Herndon send e-mail directly to me (ahp at hilander.com) with the subject ARIN WEB HOSTING. Please only put your suggestions for how to fix what you don't like about the policy in there, with some reasoning behind it so that I can pass that long to the membership at large at the meeting. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From drechsau at geeks.org Wed Sep 13 11:37:25 2000 From: drechsau at geeks.org (Mike Horwath) Date: Wed, 13 Sep 2000 10:37:25 -0500 Subject: guideline for name-based web hosting justification In-Reply-To: <39BE429D.BF3CF8B4@hilander.com>; from ahp@hilander.com on Tue, Sep 12, 2000 at 08:50:05AM -0600 References: <39BE429D.BF3CF8B4@hilander.com> Message-ID: <20000913103725.C4436@Geeks.ORG> On Tue, Sep 12, 2000 at 08:50:05AM -0600, Alec H. Peterson wrote: > Mury wrote: > > Cool! Now we all know how to do name based hosting... er, wait... what > > about all those HTTP/1.0 browsers!? You don't think they exist any > > more? Check this out. In fairness I sampled all my virtual hosts off of > > one server from a selective time period. All my logs files are in the > > www.domain.com format. Here are my commands and results: > > > > webserver3: {17} % grep 'HTTP/1.1' www.*.com | wc -l > > 400441 > > webserver3: {18} % grep 'HTTP/1.0' www.*.com | wc -l > > 375412 > > > > 48.4% of the browsers out there that accessed my customers' sites used > > HTTP/1.0. For the uninitiated the 1.0 version of the HTTP protocol does > > NOT support name based hosting. > > That's the first number I've seen on the subject that is greater that 2%, > and I will confess it does concern me a great deal. > > Does anybody else have any numbers they'd like to share? % gzcat * | wc 13133659 236790086 2910981757 % gzcat * | grep -c "HTTP/1.0" 6478695 or 49.32% This is one set of logs from one machine in our cluster for one month. -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From ahp at hilander.com Wed Sep 13 11:38:08 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Wed, 13 Sep 2000 09:38:08 -0600 Subject: guideline for name-based web hosting justification References: <39BE429D.BF3CF8B4@hilander.com> <20000913103725.C4436@Geeks.ORG> Message-ID: <39BF9F60.9F7074CF@hilander.com> Mike Horwath wrote: > > % gzcat * | wc > 13133659 236790086 2910981757 > % gzcat * | grep -c "HTTP/1.0" > 6478695 > > or 49.32% > > This is one set of logs from one machine in our cluster for one month. It appears that looking at the browser version itself would be far more revealing... Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From drechsau at geeks.org Wed Sep 13 11:40:16 2000 From: drechsau at geeks.org (Mike Horwath) Date: Wed, 13 Sep 2000 10:40:16 -0500 Subject: guideline for name-based web hosting justification In-Reply-To: <39BE43D6.CE7FB798@hilander.com>; from ahp@hilander.com on Tue, Sep 12, 2000 at 08:55:18AM -0600 References: <39BD94F7.DD143DBE@hilander.com> <20000912083604.E93972@Geeks.ORG> <39BE43D6.CE7FB798@hilander.com> Message-ID: <20000913104016.D4436@Geeks.ORG> On Tue, Sep 12, 2000 at 08:55:18AM -0600, Alec H. Peterson wrote: > Mike Horwath wrote: > > > > Thing is, 'tomorrows way of web hosting' really is tomorrow. > > > > Or don't you get it? > > I don't think I do, since I'm not sure what you're getting at. There was no 'ramp up' period, this policy takes effect *now*. > > But why not put all dialups behind NAT, I mean, hell, fuck'em, they > > don't need to play games on the 'net, do Netmeeting, ICQ and such, and > > this would save me a couple thousand IPs and would save UUNET (and > > other big boys) /14s and more of IP space. > > Your sarcasm notwithstanding, I think the issues of placing dialup > (or any end-users for that matter) behind a NAT out-number the > issues of using name-based virtual hosting for entry-level web > accounts. Ah, now it is entry level web accounts. We already put entry level web accounts online via named virtual hosts, the thing is, we don't do all that many of those, we do much larger items. Of course, the difinition of 'entry-level web accounts' could be debated and probably will be. > > Yep, it isn't new and many of us use name based virtual hosting > > techniques when we can. > > > > Thing is, it doesn't work all the time. > > I agree with you 100% on that count. > > And I think the ARIN policy should be re-worded so that it is more > flexible. Ah, some agreement, kick ass! > See, the IP 'waste' that the membership was specifically concerned > about when crafting this policy is the mom-and-pop shops that only > get a few thousand hits per month and don't use SSL for their site. > There are tens of thousands of those sites out there now (probably > more) and there is no reason in the world why they shouldn't be on > name-based virtual hosts. I agree! > Then, there are some sites that are so huge that for a variety of > reasons it is just unfeasible to put them on name-based virtual > hosts. I think the policy should be re-crafted to objectively > define that in some way. Going to be difficult to be objective, though. Very difficult. -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From drechsau at geeks.org Wed Sep 13 11:42:22 2000 From: drechsau at geeks.org (Mike Horwath) Date: Wed, 13 Sep 2000 10:42:22 -0500 Subject: guideline for name-based web hosting justification In-Reply-To: <39BE4454.EEB897A5@hilander.com>; from ahp@hilander.com on Tue, Sep 12, 2000 at 08:57:24AM -0600 References: <39BD69B2.A7615A77@hilander.com> <20000912083205.D93972@Geeks.ORG> <39BE4454.EEB897A5@hilander.com> Message-ID: <20000913104222.E4436@Geeks.ORG> On Tue, Sep 12, 2000 at 08:57:24AM -0600, Alec H. Peterson wrote: > Mike Horwath wrote: > > > > Same here. > > > > Where we could get away with header parsing, we have. > > > > Where we can not, we must use an IP, and if we need to, we will put up > > a bunch of other shit as well since 99.9% of the customers we do web > > hosting for also get all of their email from us, we can just run > > virtual servers for them for their mail on their 'dedicated IP'. No > > biggie, the mail cluster is going in behind loadbalancers with the web > > boxes, this will be easy. > > And I think that's a great setup. > > Just out of curiosity, would you mind sharing how large a website > you can put on a name-based virtual host before you have to move it > elsewhere? That is a good question. We don't allow sites larger than 100MB/month transferred onto the smaller systems. > Also, for e-mail, have you tried giving users longer POP usernames? > (like user at domain.com?) I know it isn't a perfect solution, but > I've seen lots of places doing that and it seems to work perfectly > well. I do seem to recall some older versions of Eudora over-load > the @ operator as a delimiter, but I think they've fixed that... The new cluster will do this, the old system does not. -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From awhite at dca.net Wed Sep 13 11:41:24 2000 From: awhite at dca.net (Andrew White) Date: Wed, 13 Sep 2000 11:41:24 -0400 (EDT) Subject: guideline for name-based web hosting justification In-Reply-To: <20000913090937.A4436@Geeks.ORG> Message-ID: I have to agree with Mike Horwath. We are looking at what's required to move from IP- to name-based virtual hosts, and we find that name-based virtual hosts are really a different product than IP based virtual hosts -- and along with name-based vhosts comes a whole host of headaches for us (log processing/IP accounting) and our customers (incompatability with older browsers). I hope that ARIN reconsiders this policy. -Andrew White DCANet On Wed, 13 Sep 2000, Mike Horwath wrote: > On Tue, Sep 12, 2000 at 08:50:05AM -0600, Alec H. Peterson wrote: > > Speaking to your request for a solution to your accounting woes, I really > > don't think you want that from ARIN. See, if that happens then people will > > start screaming about how ARIN dictates the way people must do business, > > which gets into another rat-hole that we really don't want to go down. > > There are many ways to skin this cat. > > But with this policy, ARIN is now dictating business. > > :) > > -- Andrew White DCANet / Consult Dynamics, Inc. ------------------------------- Philadelphia: 215-440-1500 x160 Wilmington: 302-654-1019 x111 Facsimile: 215-440-1505 From ahp at hilander.com Wed Sep 13 11:41:59 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Wed, 13 Sep 2000 09:41:59 -0600 Subject: guideline for name-based web hosting justification References: <39BD94F7.DD143DBE@hilander.com> <20000912083604.E93972@Geeks.ORG> <39BE43D6.CE7FB798@hilander.com> <20000913104016.D4436@Geeks.ORG> Message-ID: <39BFA047.F0158984@hilander.com> Mike Horwath wrote: > > There was no 'ramp up' period, this policy takes effect *now*. Ahh, now I do get it. As I think I said in a previous e-mail that's a valid beef (IMO of course). > > Ah, now it is entry level web accounts. > > We already put entry level web accounts online via named virtual > hosts, the thing is, we don't do all that many of those, we do much > larger items. > > Of course, the difinition of 'entry-level web accounts' could be > debated and probably will be. Absolutely. > > Going to be difficult to be objective, though. > > Very difficult. Yeah well, if it were going to be easy then we wouldn't have to bother with all of these fun discussions ;-) Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From drechsau at geeks.org Wed Sep 13 11:47:11 2000 From: drechsau at geeks.org (Mike Horwath) Date: Wed, 13 Sep 2000 10:47:11 -0500 Subject: guideline for name-based web hosting justification In-Reply-To: <20000912080838.A32704@mail.vcnet.com>; from hostmaster@vcnet.com on Tue, Sep 12, 2000 at 08:08:38AM -0700 References: <39BD94F7.DD143DBE@hilander.com> <20000912080838.A32704@mail.vcnet.com> Message-ID: <20000913104711.G4436@Geeks.ORG> On Tue, Sep 12, 2000 at 08:08:38AM -0700, Jon Rust wrote: > You're bending the truth here, quite a bit actually. The HTTP 1.0 proto > may not support the Host: header, but browsers that are using HTTP 1.0 > may very well support he Host: header. Oh, i don't know, a smallish > browser called Netscape, v 2.0 or better, comes to mind. Grepping > through my access log for today I see over 65,000 1.0 requests. 98% of > those are to name-based virtual hosts (which is almost all i run > anymore), and they all worked. That is an excellent point. One that isn't lost upon any of us I don't think. But my counter would be: If you have a site doing 1/4 million hits a day via named virtual hosts, and it takes .01 of a second...that is 2500 seconds of CPU. Now, match that up with 10 more sites on the same cluster of that caliber plus add in a couple more thousand sites of varying size. Ouch. -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From drechsau at geeks.org Wed Sep 13 12:03:31 2000 From: drechsau at geeks.org (Mike Horwath) Date: Wed, 13 Sep 2000 11:03:31 -0500 Subject: guideline for name-based web hosting justification In-Reply-To: <39BE7EE7.F067161@hilander.com>; from ahp@hilander.com on Tue, Sep 12, 2000 at 01:07:19PM -0600 References: <39BE7EE7.F067161@hilander.com> Message-ID: <20000913110331.J4436@Geeks.ORG> On Tue, Sep 12, 2000 at 01:07:19PM -0600, Alec H. Peterson wrote: > Mury wrote: > > Instead of putting the clamps on the ISPs why not focus on: > > > > 1) Reclaiming unused IP space to hold us out a little longer > > That's already being done, but there's a big problem. ARIN doesn't > have authority over the major offenders (legacy /8s and /16s). The > AC has had long, involved discussions about how is best to do this, > and we're working on it. For example, our first goal is to re-claim > address space of companies that have gone out of business. If you > have some ideas on how we can do this we'd _love_ to hear them. Push the guidelines. Give them a warning explaining that their usage doesn't fit guidelines (which we have all lived by for a long time), give'em time to fix it, then yank the space if they don't do anything. Like I said, I have customers with decent sized blocks assigned but they don't use'em all by any means. I am sure I am not alone. > > I'm not bitching just to bitch. I'm looking out for my ecommerce > > customers. 90% of my revenue comes from businesses. If I don't watch out > > for their bottom line, they sure the hell aren't going to look out for > > mine. If I switch them to a name-based system, before the world is ready > > for it and they lose hits do to software incompatibilites, or don't notice > > that their traffic died, or they can't see how effective a commercial was > > by using real-time accounting stats, or one of my customers gets DOSed and > > I can't control the traffic at my core routers or at my upstream so I have > > to take everyone down because they all share an IP, they are going to host > > with someone who cheats the system and gets them an IP. > > Those are legitimate gripes. > > Can we come up with reasonable solutions to them? I am hoping so. > And as far as being labled a trouble-maker, I know plenty of people > who have been far more vocal about ARIN policy than you and have had > no problem getting address space. Please don't spread the > mis-conception that ARIN is anything other than an objective > organization. It isn't true and it makes everyone's life much more > difficult in getting support for the organization. I'll save this email :) > > 2) Do real time web accounting. Remember we buy bandwidth by the Mbit, so > > we need to sell it by the Mbit > > Doing bandwidth (as opposed to bytes transfered per period of time) > billing is tough, although it sounds like more and more vendors are > starting to sell equipment that handles this. Perhaps. But from what I have seen of the Alteon and Foundry systems, you can't get statistics on the VIP in a fasion that works for bandwidth billing (and I would *love* to be corrected). By doing it via multiple IPs...we can. > > 3) Provide controls against DOS attacks. No we don't host porn sites > > But those are the money-makers! :-) > > Seriously, I understand the DOS issue all too well, and it does need > to be addressed. Not sure how to at this point, except to say that > this policy is really targeted towards the bottom-of-the-line web > hosting accounts. If you have a customer who has a lot of traffic, > pays you a lot of money and can't afford to be off the air then it > makes perfect sense to have him on a dedicated IP (I think at > least). But who decides where that line will be drawn? > Perhaps that's a bad analogy, but my point is that ARIN recognizes > ISPs have made great strides in conserving IP space. However, as > more and more companies and users hook up to the 'net every month, > we need to do as much as we can. Reclaim!!!! > > Almost all my account are $50/month. Is this considered cheap? Do you > > have to be a IBM selling $2500 accounts to gain the exception? Or, are > > the $19.95 joints where the cutoff would be drawn? Just curious. > > That's a very good question, I'm not sure what the answer is. I agree. > > Alec, I understand your and ARIN's points. However if a "policy" is going > > to be created and enforced I think we some of these issues need to be > > better addressed and defined so legit ISPs don't have to wait over a > > month to get new IP space and go through a process of defending web > > hosting IP space. > > Which is why we really need more participation. Fortunately this > policy change has brought more of it forward, but as I said above we > need a better way to tally opinions in a fair manner... Well, at least we are now participating, at least that is something positive. -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From drechsau at geeks.org Wed Sep 13 12:05:21 2000 From: drechsau at geeks.org (Mike Horwath) Date: Wed, 13 Sep 2000 11:05:21 -0500 Subject: guideline for name-based web hosting justification In-Reply-To: <20000912135712.F5296@mfnx.net>; from dhankins@mfnx.net on Tue, Sep 12, 2000 at 01:57:12PM -0700 References: <39BD94F7.DD143DBE@hilander.com> <20000912083604.E93972@Geeks.ORG> <20000912135712.F5296@mfnx.net> Message-ID: <20000913110521.K4436@Geeks.ORG> On Tue, Sep 12, 2000 at 01:57:12PM -0700, David W. Hankins wrote: > On Tue, Sep 12, 2000 at 08:36:04AM -0500, Mike Horwath wrote: > > Well, up his numbers by a full factor and you will see it is again not > > feasible. > > Any well designed system would be O(n) where n=number of named-vhosts. > > Presumably, you already use a linear scaling function sourced in the > number of customers you have. I think you didn't read my whole message... > > And requires even more hacking and more CPU power to manage, continue. > > Apache already has a log module that permits user definable format. > > It can be easily modifed to operate as Alec suggests without the negative > impacts you fortell. Already modded but we need more data than what Alec suggested. > > But why not put all dialups behind NAT, I mean, hell, fuck'em, they > > don't need to play games on the 'net, do Netmeeting, ICQ and such, and > > this would save me a couple thousand IPs and would save UUNET (and > > other big boys) /14s and more of IP space. > > No, that would be clearly wrong. > > But on the other hand, dynamic addressing on dialup isn't. So...we should create dynamic addressing for virtual hosting? -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From drechsau at geeks.org Wed Sep 13 12:21:21 2000 From: drechsau at geeks.org (Mike Horwath) Date: Wed, 13 Sep 2000 11:21:21 -0500 Subject: guideline for name-based web hosting justification In-Reply-To: <20000912141617.G5296@mfnx.net>; from dhankins@mfnx.net on Tue, Sep 12, 2000 at 02:16:17PM -0700 References: <20000911175940.A89979@Geeks.ORG> <02fe01c01c51$6fa22580$e421340a@mgc.com> <20000912082747.C93972@Geeks.ORG> <20000912141617.G5296@mfnx.net> Message-ID: <20000913112121.L4436@Geeks.ORG> On Tue, Sep 12, 2000 at 02:16:17PM -0700, David W. Hankins wrote: > On Tue, Sep 12, 2000 at 08:27:47AM -0500, Mike Horwath wrote: > > On Mon, Sep 11, 2000 at 05:35:59PM -0700, Dean Waters wrote: > > > Why not get your bandwidth numbers from your access logs? > > Because that counts bytes transferred. > > Isn't the amount of overhead in protocol and tcp congestion control > over some large aggregation interval linearly related to the number > of bytes transferred? Some percent? > > This suggests you would want to charge a proportionally higher price > for a measurement that results in smaller numbers. > > Unless what you are suggesting is that you still want to be able to > charge your customers for any intervals during which your network > access is decreased due to DOS attacks flung against them. Nope. We graph our customers usage of their T1s, colocation, DS3s, and virtual web hosting and we charge for their usage based on a formula that is on our web site. (we don't charge for the top 95th but we also don't charge for average utilization either) We do this because we need to charge people for their usage and number of bytes transferred a month doesn't count right. ie: 64Kbps 24x7 for 30 days i 20,736,000,000 bytes in a month. If a customer of ours sustained 64Kbps 24x7x365 I would not care as that isn't much bandwidth. But many sites don't do all that much and then spike (like any business site!), we need to charge for bandwidth over a certain level (we chose 64Kbps :) to cover usage for these 'peak' periods since we need to always have bandwidth for the peak usage of *all* of our customers. Make sense? > > Tell me how easy it would be to write code to take the access logs and > > correlate to bandwidth used over a month, then tell me what it would > > take to produce this data (which is required for billing) so that it > > looks like MRTG (so our customers can see their utilization), and can > > do it for 1500 web sites at over 8GB a day of logs, and be done doing > > that in a reasonable time (like the same day, or better yet, real > > time). > > Trivial. Really? > I should think any system that can not do it for 30,000 high volume > web sites on reasonably modern hardware is improperly designed. Really? A challenge to yourself to write? -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From drechsau at geeks.org Wed Sep 13 12:23:47 2000 From: drechsau at geeks.org (Mike Horwath) Date: Wed, 13 Sep 2000 11:23:47 -0500 Subject: guideline for name-based web hosting justification In-Reply-To: <39BF903F.5A62457A@hilander.com>; from ahp@hilander.com on Wed, Sep 13, 2000 at 08:33:35AM -0600 References: <39BE429D.BF3CF8B4@hilander.com> <20000913091532.B4436@Geeks.ORG> <39BF903F.5A62457A@hilander.com> Message-ID: <20000913112347.M4436@Geeks.ORG> On Wed, Sep 13, 2000 at 08:33:35AM -0600, Alec H. Peterson wrote: > Here's what I'm going to do. Anybody who wants to see the policy > changed in some SPECIFIC way AND is not going to make it to the > meeting in Herndon send e-mail directly to me (ahp at hilander.com) > with the subject ARIN WEB HOSTING. Please only put your suggestions > for how to fix what you don't like about the policy in there, with > some reasoning behind it so that I can pass that long to the > membership at large at the meeting. Very generous, thank you. -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From drechsau at geeks.org Wed Sep 13 12:24:23 2000 From: drechsau at geeks.org (Mike Horwath) Date: Wed, 13 Sep 2000 11:24:23 -0500 Subject: guideline for name-based web hosting justification In-Reply-To: <39BF9F60.9F7074CF@hilander.com>; from ahp@hilander.com on Wed, Sep 13, 2000 at 09:38:08AM -0600 References: <39BE429D.BF3CF8B4@hilander.com> <20000913103725.C4436@Geeks.ORG> <39BF9F60.9F7074CF@hilander.com> Message-ID: <20000913112423.N4436@Geeks.ORG> On Wed, Sep 13, 2000 at 09:38:08AM -0600, Alec H. Peterson wrote: > Mike Horwath wrote: > > > > % gzcat * | wc > > 13133659 236790086 2910981757 > > % gzcat * | grep -c "HTTP/1.0" > > 6478695 > > > > or 49.32% > > > > This is one set of logs from one machine in our cluster for one month. > > It appears that looking at the browser version itself would be far more > revealing... Already working on correlating that data :) -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From kjs at enteract.com Wed Sep 13 12:28:26 2000 From: kjs at enteract.com (Kim Scarborough) Date: Wed, 13 Sep 2000 11:28:26 -0500 (CDT) Subject: guideline for name-based web hosting justification (fwd) Message-ID: I sent this yesterday, but it never went through. I'll try again. ---------- Forwarded message ---------- Date: Tue, 12 Sep 2000 11:08:05 -0500 (CDT) From: Kim Scarborough To: arin-discuss at arin.net Subject: Re: guideline for name-based web hosting justification > Cool! Now we all know how to do name based hosting... er, wait... what > about all those HTTP/1.0 browsers!? You don't think they exist any > more? Check this out. In fairness I sampled all my virtual hosts off of > one server from a selective time period. All my logs files are in the > www.domain.com format. Here are my commands and results: > > webserver3: {17} % grep 'HTTP/1.1' www.*.com | wc -l > 400441 > webserver3: {18} % grep 'HTTP/1.0' www.*.com | wc -l > 375412 > > 48.4% of the browsers out there that accessed my customers' sites used > HTTP/1.0. For the uninitiated the 1.0 version of the HTTP protocol does > NOT support name based hosting. > > Can I tell all my customers to call you when their online business drops > by almost 50%. Wait a minute. When you posted that, I was really surprised. I looked through my server logs and got similar percentages. Look at this: /weblogs> grep 'HTTP/1.1' access.log |wc -l 485 /weblogs> grep 'HTTP/1.0' access.log |wc -l 449 But guess what. That's a name-based site. It shares an IP with several sites I host. So obviously, that's not an accurate way to check if people will load the site--nearly half of this site's hits are from 1.0 requests, and yet it manages to get the site fine. I'm not sure how this works--perhaps the browsers are misidentifying the request?--but I can assure you, it does. I work for an ISP that has hundreds of name-based sites. We haven't got any complaints from any of our customers about *anybody* not being able to load their sites in over a year. Saying that 50% of the people out there can't view name-based sites is just absurd. In fact, let's dig a little deeper. Netscape 2.0 and above and IE 3 and above support name-based hosts. So, since IE 3 reports itself as Mozilla 2, IE 4 reports itself as Mozilla 3, etc., let's try this (on my main, IP-based site this time): /weblogs> egrep \(Mozilla/5\|Mozilla/4\|Mozilla/3\|Mozilla/2\) combined.log |wc -l 74210 /weblogs> egrep -v \(Mozilla/5\|Mozilla/4\|Mozilla/3\|Mozilla/2\) combined.log |wc -l 6456 So now we're down to 8%. But even that overstates the number of browsers that can't view name-based sites, because the second number includes search bots, less-used browsers like Lynx and Opera, and command-line fetchers like fetch and wget--all of which also support name-based hosts. I can prune it further upon request. But I would guess it's a fair assumption that just about the only browsers in use by almost anybody that can't get to name-based sites are stray copies of Netscape 1.x. So let's look for that: /weblogs> grep Mozilla/1 combined.log | wc -l 79 0.1% of all my hits this month. So while y'all have a point about the bandwidth accounting, you're on pretty thin ice when talking about browser incompatability. From drechsau at geeks.org Wed Sep 13 12:29:21 2000 From: drechsau at geeks.org (Mike Horwath) Date: Wed, 13 Sep 2000 11:29:21 -0500 Subject: guideline for name-based web hosting justification In-Reply-To: <4.2.2.20000913090702.00bf9640@mail.newmodels.com>; from jorg_b@cwo.com on Wed, Sep 13, 2000 at 09:14:31AM -0700 References: <39BE429D.BF3CF8B4@hilander.com> <39BE429D.BF3CF8B4@hilander.com> <20000913091532.B4436@Geeks.ORG> <4.2.2.20000913090702.00bf9640@mail.newmodels.com> Message-ID: <20000913112921.O4436@Geeks.ORG> On Wed, Sep 13, 2000 at 09:14:31AM -0700, Jorg B. wrote: > I totally agree with Mike's e-mail.... Let's take a look at all the Schools > and ask for justification why they don't implement NAT to connect their > classrooms to the net. The same applies to some Government > Organizations.... Not to long ago we talked to a Organization that was > assigned a Class B in the old days and now they use less than one /24 of > that Class B but haven't turned any unused space back to ARIN. > Lets get this under control first before telling ISP's to completely > reorganize their business. WHOOP! UofMn - a ton of IP space...for a total of 60K students in the metro area, and only about another 30K students in the affiliate schools. Yet, if I remember right, they have something like 5 /16s and are getting more address space. wowzers Let's go look... * i128.101.0.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i * i131.212.0.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i * i134.84.0.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i * i146.57.0.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i * i160.94.0.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i * i192.102.236.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i * i198.174.65.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i * i198.174.66.0/23 165.117.59.14 4294967294 100 0 3561 3908 57 217 i * i198.174.67.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i * i198.174.68.0/22 165.117.59.14 4294967294 100 0 3561 3908 57 217 i * i198.174.72.0/21 165.117.59.14 4294967294 100 0 3561 3908 57 217 i * i198.174.80.0/20 165.117.59.14 4294967294 100 0 3561 3908 57 217 i * i204.220.39.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i Eeek. Maybe, just maybe, 100K students total. (don't get me wrong, I like the UofM just fine, but this is an example of things that need to be fixed...) -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From mbailey at journey.net Wed Sep 13 13:19:42 2000 From: mbailey at journey.net (mbailey) Date: Wed, 13 Sep 2000 13:19:42 -0400 (EDT) Subject: guideline for name-based web hosting justification In-Reply-To: <20000913112921.O4436@Geeks.ORG> Message-ID: If you are referring to University of Michigan. They would actually be using those IP's they have Thousands of Dialups in the State. I would assume they are one in the Same as Merit... I can tell you look at their modems just once that floor to ceiling PM3's on 25 racks.. That was just for the Flint area of michigan.. They have more of those all over.. Here in the town I am at they have 1000 modems. If they are not part of the Merit Pool then UofM does NOT need them if they are partly merits then they do.. However of all the areas that will eventually grow into their space the schools are the ones.. Corp entities are moving the oposite way with NAT and Firewalls.. On Wed, 13 Sep 2000, Mike Horwath wrote: > owner-arin-discuss at arin.net > Precedence: bulk > Status: O > X-Status: > X-Keywords: > X-UID: 18769 > > On Wed, Sep 13, 2000 at 09:14:31AM -0700, Jorg B. wrote: > > I totally agree with Mike's e-mail.... Let's take a look at all the Schools > > and ask for justification why they don't implement NAT to connect their > > classrooms to the net. The same applies to some Government > > Organizations.... Not to long ago we talked to a Organization that was > > assigned a Class B in the old days and now they use less than one /24 of > > that Class B but haven't turned any unused space back to ARIN. > > Lets get this under control first before telling ISP's to completely > > reorganize their business. > > WHOOP! > > UofMn - a ton of IP space...for a total of 60K students in the metro > area, and only about another 30K students in the affiliate schools. > > Yet, if I remember right, they have something like 5 /16s and are > getting more address space. > > wowzers > > Let's go look... > > * i128.101.0.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > * i131.212.0.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > * i134.84.0.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > * i146.57.0.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > * i160.94.0.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > * i192.102.236.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > * i198.174.65.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > * i198.174.66.0/23 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > * i198.174.67.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > * i198.174.68.0/22 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > * i198.174.72.0/21 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > * i198.174.80.0/20 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > * i204.220.39.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > > Eeek. > > Maybe, just maybe, 100K students total. > > (don't get me wrong, I like the UofM just fine, but this is an example > of things that need to be fixed...) > > -- > Mike Horwath IRC: Drechsau drechsau at Geeks.ORG > Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 > Opinions stated in this message From mury at goldengate.net Wed Sep 13 15:01:21 2000 From: mury at goldengate.net (Mury) Date: Wed, 13 Sep 2000 14:01:21 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: <20000913113916.B6026@mfnx.net> Message-ID: > > I think you didn't read my whole message... > > You are in error. Looks like he didn't communicate his message well, or you didn't take the time to read it well. > > So...we should create dynamic addressing for virtual hosting? > > No, due to HTTP design that would be unworkable. Browsers would cache, > without using proper DNS caching semantics, ip addresses associated with > domain names wether or not that address is still 'in use' by the same > vhost. > > And besides, it would be far too complex, meaning it would introduce > instability. That's exactly his point, don't they use sarcasm in your part of the world? Since it looks like it has to be spelled out. He was making the point that you can't compare requiring dialup providers to use dynamic IPs to this policy of requiring hosting companies to do named based hosting. It is not comparing apples to apples. Using dynamic IPs for dialup users had very very little downside. It is a very legitimate, aggreable way to conserve IP space. And most of us readily used dynamic IPs for our dialup customers. Hell, I'm sure for most of us it was technologically possible before we even started our businesses. Named based hosting is not even close a being a similar situation. It's just plain stupid to go around spouting that name based hosting is as easy to accomplish (full scale) as it is to give a dialup user a dynamic IP or have lots of your users use NAT. Mury GoldenGate Internet Services From mury at goldengate.net Wed Sep 13 15:08:24 2000 From: mury at goldengate.net (Mury) Date: Wed, 13 Sep 2000 14:08:24 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: Message-ID: I'm pretty sure he meant the University of Minnesota. On Wed, 13 Sep 2000, mbailey wrote: > If you are referring to University of Michigan. They would actually be > using those IP's they have Thousands of Dialups in the State. I would > assume they are one in the Same as Merit... > > I can tell you look at their modems just once that floor to ceiling PM3's > on 25 racks.. That was just for the Flint area of michigan.. They have > more of those all over.. Here in the town I am at they have 1000 modems. > > If they are not part of the Merit Pool then UofM does NOT need them if > they are partly merits then they do.. However of all the areas that will > eventually grow into their space the schools are the ones.. Corp entities > are moving the oposite way with NAT and Firewalls.. > > > On Wed, 13 Sep 2000, Mike Horwath wrote: > > > owner-arin-discuss at arin.net > > Precedence: bulk > > Status: O > > X-Status: > > X-Keywords: > > X-UID: 18769 > > > > On Wed, Sep 13, 2000 at 09:14:31AM -0700, Jorg B. wrote: > > > I totally agree with Mike's e-mail.... Let's take a look at all the Schools > > > and ask for justification why they don't implement NAT to connect their > > > classrooms to the net. The same applies to some Government > > > Organizations.... Not to long ago we talked to a Organization that was > > > assigned a Class B in the old days and now they use less than one /24 of > > > that Class B but haven't turned any unused space back to ARIN. > > > Lets get this under control first before telling ISP's to completely > > > reorganize their business. > > > > WHOOP! > > > > UofMn - a ton of IP space...for a total of 60K students in the metro > > area, and only about another 30K students in the affiliate schools. > > > > Yet, if I remember right, they have something like 5 /16s and are > > getting more address space. > > > > wowzers > > > > Let's go look... > > > > * i128.101.0.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > > * i131.212.0.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > > * i134.84.0.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > > * i146.57.0.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > > * i160.94.0.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > > * i192.102.236.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > > * i198.174.65.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > > * i198.174.66.0/23 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > > * i198.174.67.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > > * i198.174.68.0/22 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > > * i198.174.72.0/21 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > > * i198.174.80.0/20 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > > * i204.220.39.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i > > > > Eeek. > > > > Maybe, just maybe, 100K students total. > > > > (don't get me wrong, I like the UofM just fine, but this is an example > > of things that need to be fixed...) > > > > -- > > Mike Horwath IRC: Drechsau drechsau at Geeks.ORG > > Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 > > Opinions stated in this message > From mury at goldengate.net Wed Sep 13 16:04:42 2000 From: mury at goldengate.net (Mury) Date: Wed, 13 Sep 2000 15:04:42 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: <20000913121748.G6026@mfnx.net> Message-ID: > > It's just plain stupid to go around spouting that name based hosting is as > > easy to accomplish (full scale) as it is to give a dialup user a dynamic > > IP or have lots of your users use NAT. > > I have to admit, that the metaphor does hold in my view if you are speaking > in terms of difficulty. The only difference in difficulty I see is in > introducing billing mechanisms that are obviously vacant in the case of > dial access systems. What about all the other issues people have raised? QOS, black-holed IPs, HTTP/1.0 (which seems to be minimal, but from more digging on my own it could be as high as 5%), real-time web performance monitoring, SSL (supposedly and exemption, but not stated any where, and from some posts, not being taken seriously), databases that communicate by IP address (don't ask me), etc. BTW, billing mechanisms are not obviously vacant in dial access systems. Dial access is loaded with different forms of monitoring and billing. Mury From paschroebel at erols.com Wed Sep 13 17:42:53 2000 From: paschroebel at erols.com (PSchroebel) Date: Wed, 13 Sep 2000 17:42:53 -0400 Subject: guideline for name-based web hosting justification References: Message-ID: <001801c01dcb$92817c60$0f6c693f@fullport.com> Lets Not get the NAT's in the www servers....please. What if? We look at this for a moment use the : NIC Mac's for the allocation of IP numbers where SSL's and apps require IP space. Here a machine that can handle numerous NIC could use multiple IP's and be quite useful and it does work well. There is a trick to making NT work with multi NIC's but it works. If you are hosting with merchants that require SSL's you co-locate them and rack them up or put them on the multi-nic machines. Free webhosting with IP's must go but that's my opinion any how. Free virtual hosting is just fine! We have limited resources IP wise and IPV6 is not there yet.. and who knows where we will be in a year or so. Remember that the NAT saved us from the last IP crunch. Just a thought.. :) Peter Schroebel ----- Original Message ----- From: "Mury" To: "David W. Hankins" Cc: "Mike Horwath" ; "Alec H. Peterson" ; "Matt Bailey" ; ; Sent: Wednesday, September 13, 2000 4:04 PM Subject: Re: guideline for name-based web hosting justification > > It's just plain stupid to go around spouting that name based hosting is as > > easy to accomplish (full scale) as it is to give a dialup user a dynamic > > IP or have lots of your users use NAT. > > I have to admit, that the metaphor does hold in my view if you are speaking > in terms of difficulty. The only difference in difficulty I see is in > introducing billing mechanisms that are obviously vacant in the case of > dial access systems. What about all the other issues people have raised? QOS, black-holed IPs, HTTP/1.0 (which seems to be minimal, but from more digging on my own it could be as high as 5%), real-time web performance monitoring, SSL (supposedly and exemption, but not stated any where, and from some posts, not being taken seriously), databases that communicate by IP address (don't ask me), etc. BTW, billing mechanisms are not obviously vacant in dial access systems. Dial access is loaded with different forms of monitoring and billing. Mury From mury at goldengate.net Wed Sep 13 17:57:50 2000 From: mury at goldengate.net (Mury) Date: Wed, 13 Sep 2000 16:57:50 -0500 (CDT) Subject: guideline for name-based web hosting justification In-Reply-To: <20000913135417.A6654@mfnx.net> Message-ID: It sure seems like I'm talking to a brick wall, David. How much business web hosting do you do? Mury On Wed, 13 Sep 2000, David W. Hankins wrote: > On Wed, Sep 13, 2000 at 03:04:42PM -0500, Mury wrote: > > What about all the other issues people have raised? QOS, black-holed IPs, > > HTTP/1.0 (which seems to be minimal, but from more digging on my own it > > could be as high as 5%), real-time web performance monitoring, SSL > > (supposedly and exemption, but not stated any where, and from some posts, > > not being taken seriously), databases that communicate by IP address > > (don't ask me), etc. > > I said it was 'as difficult', not 'dial access is the same as hosting.' > > I see nothing in your list that is not similarly present in dial access, > excepting that people have developed mechanisms to deal with them, or > have embraced alternatives. > > > BTW, billing mechanisms are not obviously vacant in dial access > > systems. Dial access is loaded with different forms of monitoring and > > billing. > > Generally, one does not bill dial access hosts by 95th percentile burst > activity. > > Exceptions are so small in number that it is not useful for a body like > ARIN to be concerned about them. > > So, their presence is still comparatively vacant to the needs of web > hosting, and makes transition more difficult. > > -- > David W. Hankins "If you don't do it right the first time, > Toolmaker you'll just have to do it again." > Blunt-Rocks and Scripts -- Jack T. Hankins > From drechsau at geeks.org Wed Sep 13 18:01:16 2000 From: drechsau at geeks.org (Mike Horwath) Date: Wed, 13 Sep 2000 17:01:16 -0500 Subject: guideline for name-based web hosting justification In-Reply-To: ; from mbailey@journey.net on Wed, Sep 13, 2000 at 01:19:42PM -0400 References: <20000913112921.O4436@Geeks.ORG> Message-ID: <20000913170116.A11328@Geeks.ORG> On Wed, Sep 13, 2000 at 01:19:42PM -0400, mbailey wrote: > If you are referring to University of Michigan. They would actually be > using those IP's they have Thousands of Dialups in the State. I would > assume they are one in the Same as Merit... I didn't realize that UofMn is Michigan. :) -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From smarcus at genuity.com Wed Sep 13 20:10:19 2000 From: smarcus at genuity.com (J. Scott Marcus) Date: Wed, 13 Sep 2000 20:10:19 -0400 Subject: guideline for name-based web hosting justification In-Reply-To: <20000913110331.J4436@Geeks.ORG> References: <39BE7EE7.F067161@hilander.com> <39BE7EE7.F067161@hilander.com> Message-ID: <3.0.5.32.20000913201019.03fc4210@pobox3.genuity.com> >> ... And as far as being labled a trouble-maker, I know plenty of people >> who have been far more vocal about ARIN policy than you and have had >> no problem getting address space. Please don't spread the >> mis-conception that ARIN is anything other than an objective >> organization. It isn't true and it makes everyone's life much more >> difficult in getting support for the organization. > >I'll save this email :) ... Please do. This ppml mailing list (and our public policy meetings) are exactly the right places to frankly and openly discuss issues like this. Moreover, we specifically solicited opinions from the community on these actions. ARIN _asked_ for this feedback. I personally prefer that the discussions be polite, civil, and in a tone of mutual respect, which has I think mostly been the case with this long thread. With that said, it is VERY important that people feel free to express their opinions candidly and directly. ARIN does not (and must not) penalize people for expressing their opinions. Cheers, -- Scott Marcus (who is a Trustee of ARIN, but speaking for himself here) From bmanning at vacation.karoshi.com Thu Sep 14 03:21:34 2000 From: bmanning at vacation.karoshi.com (bmanning at vacation.karoshi.com) Date: Thu, 14 Sep 2000 07:21:34 +0000 (UCT) Subject: consistancy In-Reply-To: <20000913091532.B4436@Geeks.ORG> from "Mike Horwath" at Sep 13, 2000 09:15:32 AM Message-ID: <200009140721.HAA25535@vacation.karoshi.com> > The points are: > > there are a ton of IPs available on the 'net that are > allocated and underused - relaim those and these worries about > IP depletion can be put off for another couple of years. > > random people with random comments about how my business is > supposed to be run is just not nice. > > -- > Mike Horwath IRC: Drechsau drechsau at Geeks.ORG > Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 These two statements are inconsistant. "reclaiming" space may affect the business of the parties that have been delegated space. To quote Mike Horwath; "...is just not nice..." --bill From dbs at hom.net Thu Sep 14 08:37:48 2000 From: dbs at hom.net (Dave Stewart) Date: Thu, 14 Sep 2000 08:37:48 -0400 Subject: Correcting the mistake Message-ID: <5.0.0.25.2.20000914083739.00aedcf8@mail.ntrnet.net> I've been watching the debate here, and I'm not interested in rehashing what's already been said from both sides - I think browser compatibility is a non-issue, and I realize there are valid issues regarding bandwidth monitoring/billing. But those aren't my point - I've taken Alec up on his offer to present solutions to the meeting in Herndon - I won't be able to make it, so I passed these things on to him (and I appreciate his offer to present these for those who can't be there): 1) Retract the policy regarding justification based on IP-based virtual hosts. Re-announce the policy, with an effective date 90 or 120 days later. Personally, I'd be ok with 90 days, but some may not be, they may need a little more time to convert. 2) Future policy changes should be announced with effective dates *no sooner* than 90 days after announcement. 3) A summary of reasons for the policy change - in other words, have ARIN justify its policies to the membership, just as we must justify our requests for address space. Some you will certainly say that even 120 days isn't sufficient time. However, before you get out the flame thrower, take a couple of deep breaths, and think about this.... You don't have to have everything converted in 120 days - only if you're going to be applying for additional space after that. You would only need to have it converted before applying for another block. The truth is, if we all did IP-based only where we needed it (yes, I know that for some of your companies, *all* your domains are billed on traffic, etc, so you need it for all domains), we could each stretch our own allocations further. I know that as I convert those sites that don't absolutely have to have it, I'm going to be reclaiming a /24. It seems to me that if your business model is built around billing for bandwidth/utilization, that should be sufficient justification, as well. Certainly it's all a big PITA. Converting web sites takes time, reconfiguring things takes time - and none of us has enough time in a day/week/month/whatever to get done with with what we already have stacked up to do. Anyway - maybe my suggestions will be seen favorably by a majority - maybe not. I simply advance them for consideration. From drechsau at geeks.org Thu Sep 14 10:01:53 2000 From: drechsau at geeks.org (Mike Horwath) Date: Thu, 14 Sep 2000 09:01:53 -0500 Subject: consistancy In-Reply-To: <200009140721.HAA25535@vacation.karoshi.com>; from bmanning@vacation.karoshi.com on Thu, Sep 14, 2000 at 07:21:34AM +0000 References: <20000913091532.B4436@Geeks.ORG> <200009140721.HAA25535@vacation.karoshi.com> Message-ID: <20000914090153.B18385@Geeks.ORG> On Thu, Sep 14, 2000 at 07:21:34AM +0000, bmanning at vacation.karoshi.com wrote: > > The points are: > > > > there are a ton of IPs available on the 'net that are > > allocated and underused - relaim those and these worries about > > IP depletion can be put off for another couple of years. > > > > random people with random comments about how my business is > > supposed to be run is just not nice. > > These two statements are inconsistant. "reclaiming" space > may affect the business of the parties that have been delegated > space. To quote Mike Horwath; "...is just not nice..." The issue we are discussing, the forced policy on named virtual hosting, has a basis of 'we are running out of IPs, here is another way to conserve'. I say cool, let's conserve *where we can*. In return I want ARIN to go to the people who were given allocations before the big IP scare of the mid nineties that should have never ever been given out and relaim said space to ease this issue of 'we are running out of IPs'. I have brought up one example of wasted IP space with detail. There is enough excess space within that one schools allocations to handle my ISP needs for 12-18 months (perhaps even longer!) *without* doing any IP reclamation myself via named based virtual hosting. Reclaim, Reuse, Recycle. Reclaim blocks whose allocations are woefully wrong. Reuse IPs as best as possible, like in the case of dynamic IPs for modems, DSL services, etc. Recycle - SWIP your damn blocks, be stingy with said blocks, execute fast turnaround on blocks as customers change. Also, give back what is now waste. -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From jb at JBACHER.COM Thu Sep 14 10:27:35 2000 From: jb at JBACHER.COM (J Bacher) Date: Thu, 14 Sep 2000 09:27:35 -0500 (CDT) Subject: Correcting the mistake In-Reply-To: <5.0.0.25.2.20000914083739.00aedcf8@mail.ntrnet.net> Message-ID: > 1) Retract the policy regarding justification based on IP-based virtual > hosts. Re-announce the policy, with an effective date 90 or 120 days > later. Personally, I'd be ok with 90 days, but some may not be, they may > need a little more time to convert. With our without effective solutions to implement? > 3) A summary of reasons for the policy change - in other words, have ARIN > justify its policies to the membership, just as we must justify our > requests for address space. What justification process do you see being implemented that prioritizes one type of allocation [dial-up, dedicated] over another [webservers]? Non-bias and consistency in the application of IP address provisioning should be part of policy. >From the arguments that I've seen, pro and con this change, this appears to be no more than a band-aid to the real problem. Unless major web hosting companies migrate a large percentage of their respective IP addressed based webservers to virtuals, I can't see that, overall, we've saved much IP address space. From bmanning at vacation.karoshi.com Thu Sep 14 10:45:14 2000 From: bmanning at vacation.karoshi.com (bmanning at vacation.karoshi.com) Date: Thu, 14 Sep 2000 14:45:14 +0000 (UCT) Subject: consistancy In-Reply-To: <20000914090153.B18385@Geeks.ORG> from "Mike Horwath" at Sep 14, 2000 09:01:53 AM Message-ID: <200009141445.OAA25937@vacation.karoshi.com> > > These two statements are inconsistant. "reclaiming" space > > may affect the business of the parties that have been delegated > > space. To quote Mike Horwath; "...is just not nice..." > > I say cool, let's conserve *where we can*. In return I want ARIN to > go to the people who were given allocations before the big IP scare of > the mid nineties that should have never ever been given out and relaim > said space to ease this issue of 'we are running out of IPs'. > "... should have never ever been given out..." Hindsight is 20/20. These delegation predate CIDR and the addressing "scare" of the mid-90's. And several of the "egregious" delegations predate the existance of the A/B/C formats and the address "scare" of the mid-80's. You are correct in some things though. We must conserve where we can; e.g. manage the assets that each of us, individually, have been delegated. But it "... is just not nice..." to tell others how to manage their assets. Remember, the scarce resource is -NOT- the IP address, its the routing table slots that hold the prefixes. --bill From drechsau at geeks.org Thu Sep 14 11:05:56 2000 From: drechsau at geeks.org (Mike Horwath) Date: Thu, 14 Sep 2000 10:05:56 -0500 Subject: consistancy In-Reply-To: ; from steveng@is.co.za on Thu, Sep 14, 2000 at 04:40:09PM +0200 References: Message-ID: <20000914100556.A19048@Geeks.ORG> On Thu, Sep 14, 2000 at 04:40:09PM +0200, Steven Green wrote: > And how do you suggest they go about reclaiming IP blocks. Call'em up, drop'em email. I bet that many will be very cordial and will return the space that is unused. Many will fight...and that is gonna suck for both parties. > What about IP blocks that have been broken up and delegated to > several clients. They can't(well it wouldn;t be practical of > them)to just all of a sudden reclaim the entire block due to a > "mistake" that was made 6 years ago?? The examples I have presented should not have this issue. They aren't ISPs wasting space... > Not gunning you down just don;t think that would be a very logical > way of doing things. Well, you just did try to shoot me down :) -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From drechsau at geeks.org Thu Sep 14 11:41:18 2000 From: drechsau at geeks.org (Mike Horwath) Date: Thu, 14 Sep 2000 10:41:18 -0500 Subject: consistancy In-Reply-To: <200009141445.OAA25937@vacation.karoshi.com>; from bmanning@vacation.karoshi.com on Thu, Sep 14, 2000 at 02:45:14PM +0000 References: <20000914090153.B18385@Geeks.ORG> <200009141445.OAA25937@vacation.karoshi.com> Message-ID: <20000914104118.B19048@Geeks.ORG> On Thu, Sep 14, 2000 at 02:45:14PM +0000, bmanning at vacation.karoshi.com wrote: > > > These two statements are inconsistant. "reclaiming" space > > > may affect the business of the parties that have been delegated > > > space. To quote Mike Horwath; "...is just not nice..." > > > > I say cool, let's conserve *where we can*. In return I want ARIN to > > go to the people who were given allocations before the big IP scare of > > the mid nineties that should have never ever been given out and relaim > > said space to ease this issue of 'we are running out of IPs'. > > "... should have never ever been given out..." > Hindsight is 20/20. These delegation predate CIDR > and the addressing "scare" of the mid-90's. And > several of the "egregious" delegations predate the > existance of the A/B/C formats and the address "scare" > of the mid-80's. I agree that hindsight is 20/20 and I know about when these delegations were made. > You are correct in some things though. We must conserve > where we can; e.g. manage the assets that each of us, > individually, have been delegated. But it "... is just not > nice..." to tell others how to manage their assets. They are no longer assets. At one time it was a big deal to get addressing, now adays it is a fight. > Remember, the scarce resource is -NOT- the IP address, its > the routing table slots that hold the prefixes. Yep, I know. Can address space be 'given' to someone else yet? I am due for another allocation, I have a customer with a large block. Is it okay for me to trade them a /22 in return for their /16? -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From dbs at hom.net Thu Sep 14 11:47:13 2000 From: dbs at hom.net (Dave Stewart) Date: Thu, 14 Sep 2000 11:47:13 -0400 Subject: Correcting the mistake In-Reply-To: References: <5.0.0.25.2.20000914083739.00aedcf8@mail.ntrnet.net> Message-ID: <5.0.0.25.2.20000914113555.00a17b80@pop.hom.net> At 09:27 AM 9/14/00 -0500, J Bacher wrote: > > 1) Retract the policy regarding justification based on IP-based virtual > > hosts. Re-announce the policy, with an effective date 90 or 120 days > > later. Personally, I'd be ok with 90 days, but some may not be, they may > > need a little more time to convert. > >With our without effective solutions to implement? I don't think it's ARIN's mission to be sure that effective solutions are implemented. If you insist that ARIN, or any oversight group, wait to make changes in any policy until someone else does something or another, it becomes a simple matter to stop the policy change - just don't create a solution. C'mon... we're all pretty bright folks. We can find an effective, efficient solution to these problems - if we're willing to try. Part of the solution, in my opinion, is to continue to allow justification based on IP-based virtual hosts. If that's your business model, how you've built an entire company or even part of a company, then in my mind, that justifies the allocation. Or, we can just let our fear of change rule our lives and our businesses. > > 3) A summary of reasons for the policy change - in other words, have ARIN > > justify its policies to the membership, just as we must justify our > > requests for address space. > >What justification process do you see being implemented that prioritizes >one type of allocation [dial-up, dedicated] over another >[webservers]? Non-bias and consistency in the application of IP address >provisioning should be part of policy. I don't mean to propose changes to justification for address space. I simply mean for ARIN to disclose to the membership, in a concise summary, the reasons behind a policy change. By this I don't mean something like "We're going to disallow justification based on IP-based virtual hosts because we need to conserve address space." I'm fairly sure most of you will agree that we'd like to see more of the thought process behind policy changes. Should web hosting take precedence over dialup users? Frankly, no. No one application should take priority over another. Basically, the policy should be that if you aren't wasting space - such as static IPs for every dialup customer - then you should get an allocation sufficient to cover your projected needs for the next year or so. > >From the arguments that I've seen, pro and con this change, this appears >to be no more than a band-aid to the real problem. Unless major web >hosting companies migrate a large percentage of their respective IP >addressed based webservers to virtuals, I can't see that, overall, we've >saved much IP address space. ARIN doesn't have the authority to put more than a band-aid on it. From jb at JBACHER.COM Thu Sep 14 12:16:44 2000 From: jb at JBACHER.COM (Jan Bacher) Date: Thu, 14 Sep 2000 11:16:44 -0500 Subject: Correcting the mistake In-Reply-To: <5.0.0.25.2.20000914113555.00a17b80@pop.hom.net> References: <5.0.0.25.2.20000914083739.00aedcf8@mail.ntrnet.net> Message-ID: <4.2.2.20000914111532.00ae2170@mail.jbacher.com> At 11:47 AM 9/14/00 -0400, you wrote: >At 09:27 AM 9/14/00 -0500, J Bacher wrote: > >> > 1) Retract the policy regarding justification based on IP-based virtual >> > hosts. Re-announce the policy, with an effective date 90 or 120 days >> > later. Personally, I'd be ok with 90 days, but some may not be, they may >> > need a little more time to convert. >> >>With our without effective solutions to implement? > >I don't think it's ARIN's mission to be sure that effective solutions are >implemented. That's not what I said. From mury at goldengate.net Thu Sep 14 12:33:47 2000 From: mury at goldengate.net (Mury) Date: Thu, 14 Sep 2000 11:33:47 -0500 (CDT) Subject: Correcting the mistake In-Reply-To: <5.0.0.25.2.20000914113555.00a17b80@pop.hom.net> Message-ID: > I don't think it's ARIN's mission to be sure that effective solutions are > implemented. If you insist that ARIN, or any oversight group, wait to make > changes in any policy until someone else does something or another, it > becomes a simple matter to stop the policy change - just don't create a > solution. > > C'mon... we're all pretty bright folks. We can find an effective, > efficient solution to these problems - if we're willing to try. Absolutely we can find a solution. Today? Next week? In an ideal world ARIN could institute a policy and we could all make it work tomorrow. It's just not reality. Some things are more difficult than others to make work. Maybe web based hosting is more difficult to technologically achieve than other things. What if ARIN said every organization gets 1 IP. Just 1. Even if you are an ISP. Even if you have customers. They only get 1. Of course we could all make this work. Every organization would have to get their *IP* from ARIN. Every organization would have to use NAT. Our routers would have to be magnitudes more powerful to handle the routing, but it could be done. Everything can be done, some things are more difficult than others. Some things we *can't* do today, even though we are close. I for one do not have the time, intelligence, or money to create the necessary hardware to make web based hosting work as IP based hosting does. This policy is premature. > Part of the solution, in my opinion, is to continue to allow justification > based on IP-based virtual hosts. If that's your business model, how you've > built an entire company or even part of a company, then in my mind, that > justifies the allocation. That would be great, if ARIN would spell that out in the policy. It cannot be left up for debate between ARIN staff and a person requesting space. > Or, we can just let our fear of change rule our lives and our businesses. I hate these comments. ISPs be nature are always changing or they wouldn't be ISPs. None of us got here by sitting on our asses. > I don't mean to propose changes to justification for address space. I > simply mean for ARIN to disclose to the membership, in a concise summary, > the reasons behind a policy change. > > By this I don't mean something like "We're going to disallow justification > based on IP-based virtual hosts because we need to conserve address space." > > I'm fairly sure most of you will agree that we'd like to see more of the > thought process behind policy changes. That sure sounds good ;) > ARIN doesn't have the authority to put more than a band-aid on it. Well, then the system is flawed. Instead of spending this precious time talking about one of ARIN policies, perhaps we should be figuring out how to find a real solution. Please, please someone say that IPv6 is the answer or some other form of technology is "on the way," because that is my whole point. Somethings are on the way, it can't be done over night, you can't tell one man that he should figure out the solution himself. Web based hosting is not ready to be mandated. Of course for the sake of the community every company who sells web hosting products that would run fine on web based hosting should do it. Mury GoldenGate Internet Services From hostmaster at raha.com Thu Sep 14 13:09:24 2000 From: hostmaster at raha.com (Hostmaster) Date: Thu, 14 Sep 2000 20:09:24 +0300 Subject: Correcting the mistake In-Reply-To: <5.0.0.25.2.20000914113555.00a17b80@pop.hom.net> Message-ID: > ARIN doesn't have the authority to put more than a band-aid on it. Alright already, I've heard enough... I've sat on the sidelines watching the to-and-fro with interest, much of the same arguments going back and forth... it's like watching a tennis match. But this 'authority' stuff keeps rearing it's ugly head and I don't like the way it's heading... ARIN has the authority to affect MY business by telling me I must switch to virtual hosting if I want any more IPs. Forget about the costs - thousands of man-hours, new software, even new hardware, and changes involved in doing so. "Afraid of change"? Afraid of change for no valid reason, better damn well believe it. Out of 4.something BILLION addresses, everyone is up in arms about wastage by people not doing virtual hosting? Who on God's green earth has the 'authority' to decide that it's more wasteful than not switching all the dial-up to NAT? Or a host (no pun intended) of other areas where IP could be 'saved'. No, I digress. It's this sitting on the sidelines with hands raised bemoaning 'authority' that really pisses me off. ARIN think they have the "authority" to tell me IP which is actually BEING USED is being used inefficiently? For every bureaucrat who thinks this policy is sensible, I'll bet there are ten people living in the real world who will disagree... ARIN wants 'authority' - then TAKE authority. Grow some damn teeth instead of gumming your way through easy targets. No one else is going to do it, why can't ARIN take the initiative? You want people to hand back their unused /8's? STOP ROUTING the bloody things that'll get their attention. Who says we've not got the authority to do so? I'd drop their routes from my BGP in a heartbeat if everyone else agreed to do the same - what are they going to do, sue 'the world' it's up to ME what goes in and out of my network I don't need to accept their traffic! Get those damn woolen mitts off and get down to reclaiming some real wastage. IMHO, what pisses me off most is the 1000's of manhours, and MY FEES, wasted on 'policy' like this which could have been MUCH more productively spent. Yes, okay... I worked all night and I should know better than to sit and try to read mails... Regards Bob From mury at goldengate.net Thu Sep 14 13:38:09 2000 From: mury at goldengate.net (Mury) Date: Thu, 14 Sep 2000 12:38:09 -0500 (CDT) Subject: consistancy In-Reply-To: <200009141715.KAA16845@boreas.isi.edu> Message-ID: Someone give me the list. I'll do my part and spend a day calling. If they don't cooperate the community should not have to take no for an answer. I would think in most people's mind it's far worse to have unused blocks, than to have not so effectiently used blocks. Mury On Thu, 14 Sep 2000, Suzanne Woolf wrote: > > > > And how do you suggest they go about reclaiming IP blocks. > > > > Call'em up, drop'em email. > > Been there, done that. > > http://www.academ.com/nanog/feb1996/pier.ip.address.survey.html > (The slides are also available somewhere....) > > Interesting results include: > 1. Much of the contact data was simply unusable. > 2. The vast majority who did respond just said no. > > > I bet that many will be very cordial and will return the space that is > > unused. > > The folks who responded were mostly quite cordial, although a few > threatened to sue me for asking. Mostly, they were cordial about > saying "nope, we're keeping it." > > This was in 1996. I'm unconvinced the task would be easier now. > > > > > > Suzanne > > From dbs at hom.net Thu Sep 14 13:49:28 2000 From: dbs at hom.net (Dave Stewart) Date: Thu, 14 Sep 2000 13:49:28 -0400 Subject: Correcting the mistake In-Reply-To: <4.2.2.20000914111532.00ae2170@mail.jbacher.com> References: <5.0.0.25.2.20000914113555.00a17b80@pop.hom.net> <5.0.0.25.2.20000914083739.00aedcf8@mail.ntrnet.net> Message-ID: <5.0.0.25.2.20000914134224.00a18a50@pop.hom.net> At 11:16 AM 9/14/00 -0500, Jan Bacher wrote: >At 11:47 AM 9/14/00 -0400, you wrote: >>At 09:27 AM 9/14/00 -0500, J Bacher wrote: >> >>> > 1) Retract the policy regarding justification based on IP-based virtual >>> > hosts. Re-announce the policy, with an effective date 90 or 120 days >>> > later. Personally, I'd be ok with 90 days, but some may not be, >>> they may >>> > need a little more time to convert. >>> >>>With our without effective solutions to implement? >> >>I don't think it's ARIN's mission to be sure that effective solutions are >>implemented. > >That's not what I said. Then I misunderstood - my apologies. No matter what time frame is placed on it, there will come a time when the policy does take effect (that's taking the position that we can get them to retract it now). Will effective solutions be in place by then? I don't know. I'm not sure any of us could say when those solutions would be in place. We could suggest a one year wait - or two years. We still don't know what effective measures, if any, would be developed by then. My point really was that just creating a policy and making it effective immediately is bad for everyone. There needs to be time to look at all sides, most importantly the technical aspects of the change, whatever it may be. In some cases, technical solutions might be readily available. In others, perhaps the solutions would have to be developed. But I do think ARIN should announce the policy change - and give us all time to handle whatever changes would be necessary. In the case at hand now, perhaps 120 days is not enough. Maybe 180 is a more realistic goal. From HJass at hopone.net Thu Sep 14 14:11:36 2000 From: HJass at hopone.net (Haralds Jass) Date: Thu, 14 Sep 2000 11:11:36 -0700 Subject: guideline for name-based web hosting justification Message-ID: <200009141800.LAA04988@master1.yvr1.superb.net> This doesn't seem to have went through yesterday, so I'll try to send it through again... ------- Forwarded Message Follows ------- From: Self To: arin-discuss at arin.net Subject: Re: guideline for name-based web hosting justification Cc: ppml at arin.net Reply-to: HJass at SUPERB.NET Date: Wed, 13 Sep 2000 20:47:02 -0700 I have been following this thread quite closely and I'd like to throw in my comments, first arising from this thread specifically, and secondly about the bigger issue at stake here. It's been no surprise that those who don't really know web hosting agree with the policy completely and talk of trivial solutions to real problems and issues. Of course, it's always easier to talk than to actually do something (and isn't it those who talk and can't do that come up with hopelessly vague policies in the first place?). There have been a number of valid issues brought up to show the many needs for which there is no practical alternative to using unique IPs for virtual sites. I feel that this side has been discussed fairly and there have been no unbased needs put forth. Now then, going to the specifics, there's a number of things fundamentally wrong with the policy. It seems to be arising from the fact that no one at ARIN really knows web hosting. Before this policy was in effect, ARIN effectively had no notion of the existence of such a thing as web hosting. At least, that's the impression I got, as every person at ARIN would come up with totally different, inconsistent, requirements for address usage proof to allocate IPs - the rules were trivially made up on the spot. I know it's not just me, as even before the policy was created, I was asked by the organizers of the Web Host Expo (I'm on its board of advisors), regarding this issue and I was told that most other hosting companies feel the same way - that ARIN *should* develop some sort of clear policy for this, effectively "recognizing" web hosting as a valid need of IPs. Well, ARIN did indeed come up with a policy, however, one that shows total lack of understanding of what web hosting is and what IPs are needed for. Now, I'm a firm believer in effective IP address usage on a per-need basis, only. We have always, since we started back in the summer of 1996, required our dedicated service customers to provide full justification for IPs, including why can't what they need to do be done using name based hosting instead, and closely following up on IP usage and revoking allocated IPs where they are not used, or used with no true justification. Also, we were one of the first (to the best of my knowledge, the first) IPPs to provide full service name-based hosting, compatible with *all* browsers (yes, HTTP/1.0 too). That was back in late 1996 or early 1997 if I recall correctly. Now most of our virtual hosting, as well as that of our hosting company customers, is done using name-based sites. The split is about 8:1 -eight name based virtual sites for every one IP-based one. The thing to keep in mind here is that HTTP/1.0 browsers can still get to name based sites no problem. All it takes is a simple shell script that'll grab the HTTP_REFERRER and based on that (simple if...then) redirect customer to the proper URL (say: namesite.com/namesite/) that has been setup as a link specifically for the old browsers. (Funny how ARIN's "instructions for using name-based virtual hosting" are utterly useless and only provide links to some generic URLs giving no solutions to the real problems, such as backward browser compatibility, among many others.) So this is one issue that should be of no concern, basic site functionality in stone-age browsers. (99.8%+ of web traffic now is fully name-based compliant anyhow from our observations) Before I outline the practical situations where name based hosting is the best and is justified, let me first list clearly all the limitations of it - all the reasons why IP based hosting is required for some sites (why our name:IP ratio is 8:1 and not 80:1). - SSL - virtual FTP - virtual POP - a number of issues for large/complex sites, such as database connectivity, proprietary application implementation, clustering, accounting for bandwidth and not traffic, QoS, etc. Now, these are service-related issues. There are other usability related issues which are present for all name-based sites: - search engine indexing - a real problem for some spiders, still, to index name-based sites (way to overcome it: use http://www.namesite.com/namesite/ URL, where the /namesite/ is a symlink to the actual site public_html and works via HTTP/1.0. Of course, not a favoured solution in customers' eyes as the URL doesn't look as "respectable," but, it works.) - IP blocking - a valid issue which there is no way to overcome (for sure, no one can do any porn site hosting on a name-based basis, as if one IP is blocked from spamming search engines, or from AOL, then all customers are in trouble; solution: hosting 'controversial' and 'high-risk' sites must be an exception until blocking mechanisms at the powers that be are setup using names and not IPs, specifically for HTTP and not all-out per IP) Also, Virtual DNS (to the best of my knowledge we were the first company offering this service back in late 1996). A separate issue, but one to kept in mind - a very valid use of IPs, as every nameserver must have a unique IP, so if a customer has ns1 & ns2.theirdomain.com setup on the nameserver, two unique IPs must be used. All in all, this creates quite a few exceptions to the ARIN rules. A lot of protocols used to provide services other than plain web hosting are solely based on IPs, with no possible way - for now - to go on to name-based basis instead. Knowing the web hosting industry by being an active and innovative (we like to think so) part of it for the last 5 years, I am sure that there are going to be more exceptions - many, many more - than compliance to the rules. ARIN needs to do its homework and come up with rules that actually take into account the needs of the web hosting industry, clearly outlined, and define what it means by "web hosting," too. The way the policy stand now, it's not any better than before when there were no rules, it'll just make it even harder to get IPs for perfectly legitimate uses (such as SSL-based sites, as we have already seen in this thread - ARIN refusing IPs despite the very valid e'xceptionary' justification being that sites are using SSL). I don't think it's that complicated and hard to come up with a more workable and clearly defined policy. Some key points to consider, what I would put in there -- - Essentially, a simple "use name-based hosting unless IP-based hosting is required" policy. Some hosting companies, such as us, have been following that on their own initiative. Others will need to change. No other choice here, though. Better sooner than later, it may be painful, but it'll hurt less now than later (a policy on web hosting IP allocation is some 3-4 years overdue already, where were the ARIN policy makers for the last few years?). - More specifically, define and differentiate "mid to high-range hosting" and "low-end" hosting, whereby low-end is small, simple web sites with no SSL, virtual FTP, or any custom applications, nor need for real-time bandwidth measuring, QoS, and other high end services. Require (or request) all mass-market web hosts to offer such a low-end solution, so that users who do not need IPs are not automatically given hosting that is IP-based (i.e. a offering an IP and services a customer doesn't need 'forcibly' by there being no alternative does not create grounds for exception). Allow web hosts to use "mid" or "high-range" hosting services as justification for IPs, and perhaps request to elaborate on that (specific features that need IPs). There are simply much too many needs for IPs where there is NO clear alternative, so unless ARIN can tell us how to use SSL, or virtual FTP, or virtual POP, or create a unique nameserver (VDNS), or use one of the many other many IP-dependant services on a name-based site, those are all exceptions. - The exceptions are so many, that the basic principles of those should be clearly defined and the process made less cumbersome by allowing IPs for mid to high-end sites that need them for proper functionality. Also, keep in mind the black-listing of IPs. To that issue there is no solution, but, that alone can not be enough grounds for using a unique IP for every site. However, ARIN could take the high ground on this and try to request the vendors of the relevant software to implement name-based HTTP-only blocking (of course, not as easy as it sounds, but than sooner the effort starts, than better). - Also, why not write up and publish a checklist that web hosts must follow when allocating IPs to their dedicated clients, going by which they can determine whether the IP request is justified, or not. I've seen some companies get confused and say that all their customer IP requests must be approved by ARIN; obviously ARIN wants to avoid that, so why not write up IP allocation guidelines and a checklist for web hosts offering dedicated service? I think that about sums it up. It's clear that ARIN didn't do its homework, by creating this vague, unclear, policy. It is indeed very much needed to push web hosts to use IPs effectively; however, a policy can not be formed without first understanding the underlying issues. Hopefully ARIN will listen to the many valid comments and suggestions submitted in this thread and act accordingly in improving this policy. By taking some time to develop reasonable, logical, policies on web host IP allocation, ARIN could save itself, and the hosting companies, a lot of headaches and wasted time. As a final remark, it is also interesting how there have been very few, virtually no, hosting companies participating in this discussion. The general industry attitude I've seen on this is that there will be always a way to get around the new rules, due to the wide open exceptions allowance (or, even more so, just the same old tactics - corresponding with ARIN until it gets sick and tired of you and gives you the IPs you need, still not understanding what and how they are used for). It would do everyone much good if the rules were more clear, as then they could be also more firm. The new policy has not hit the hosting industry nearly as strongly as it should have. Perhaps because it is laughably vague and illogical, effectively changing nothing. At least, that was my reaction when I first read it. Most seem to think they can continue doing what they do, as opposed to improving their IP usage efficiency, and just ride on ARIN's lack of understanding of hosting. A clear policy with differentiated hosting levels and IP justification criteria defined would change that. I hope that someone at ARIN is listening... -- Haralds Jass Superb Internet - "Ahead of the Rest." http://www.superb.net "I am easily satisfied by the very best" - Winston Churchill From dbs at hom.net Thu Sep 14 14:01:54 2000 From: dbs at hom.net (Dave Stewart) Date: Thu, 14 Sep 2000 14:01:54 -0400 Subject: Correcting the mistake In-Reply-To: References: <5.0.0.25.2.20000914113555.00a17b80@pop.hom.net> Message-ID: <5.0.0.25.2.20000914134936.00a36110@pop.hom.net> At 11:33 AM 9/14/00 -0500, Mury wrote: >Absolutely we can find a solution. Today? Next week? In an ideal world >ARIN could institute a policy and we could all make it work >tomorrow. It's just not reality. Some things are more difficult than >others to make work. Maybe web based hosting is more difficult to >technologically achieve than other things. It's not more difficult to achieve. Certainly it can be done. And easily. The problems revolve around the ways to be able to track and bill for bandwidth utilization. Even control utilization. And I acknowledge that it's a problem. Right now, it would be expensive to implement. >Everything can be done, some things are more difficult than others. Some >things we *can't* do today, even though we are close. I for one do not >have the time, intelligence, or money to create the necessary hardware to >make web based hosting work as IP based hosting does. This policy is >premature. No question. That's why I suggested retracting it, and re-announcing it with an effective date in the future. As I said in a previous post, it doesn't *have* to be 90 or 120 days - maybe 6 months is doable - maybe not. I don't know. > > Part of the solution, in my opinion, is to continue to allow justification > > based on IP-based virtual hosts. If that's your business model, how > you've > > built an entire company or even part of a company, then in my mind, that > > justifies the allocation. > >That would be great, if ARIN would spell that out in the policy. It >cannot be left up for debate between ARIN staff and a person requesting >space. I agree. Proper justifications do need to be spelled out. But there also has to be room for special cases that either a) didn't exist when the policy was written or b) nobody thought to include in the policy. > > Or, we can just let our fear of change rule our lives and our businesses. > >I hate these comments. ISPs be nature are always changing or they >wouldn't be ISPs. None of us got here by sitting on our asses. Many do change - some do not. But you know as well as anyone that there's resistance to almost any change. Particularly a change mandated by someone else. None of us has a problem with change - when we initiate it, because by the time we do initiate it, we're comfortable with it. There's nothing inherently wrong with the fear of change. I just have a problem when people are obstinate for no other reason than that fear. > > I'm fairly sure most of you will agree that we'd like to see more of the > > thought process behind policy changes. > >That sure sounds good ;) Then we need to make sure it becomes the practice at ARIN. > > ARIN doesn't have the authority to put more than a band-aid on it. > >Well, then the system is flawed. Instead of spending this precious time >talking about one of ARIN policies, perhaps we should be figuring out how >to find a real solution. I really didn't intend to get into a debate about right/wrong. Of course the system is flawed, and the game is rigged. But don't let that stop you (badly paraphrasing Heinlein) from playing. All I meant to do was suggest a few ways that we can keep from being blindsided quite so badly by policy changes from on high. I think they're workable. Whether anyone "in power" at ARIN agrees is another matter. >Of course for the sake of the community every company who sells web >hosting products that would run fine on web based hosting should do it. Yes. A thought for those of you who do IP based hosting... why not put new clients/sites on name-based hosting as they come in, if possible. If they need SSL, it isn't.. if they're paying per mb of transfer, it may or may not be. It's just a thought. From markb at infi.net Thu Sep 14 14:22:34 2000 From: markb at infi.net (Mark Borchers) Date: Thu, 14 Sep 2000 13:22:34 -0500 Subject: Correcting the mistake In-Reply-To: References: <5.0.0.25.2.20000914113555.00a17b80@pop.hom.net> Message-ID: <200009141824.OAA00277@ns2.harpweek.com> On 14 Sep 00, at 20:09, Hostmaster wrote: > No, I digress. It's this sitting on the sidelines with hands raised > bemoaning 'authority' that really pisses me off. ARIN think they have the > "authority" to tell me IP which is actually BEING USED is being used > inefficiently? For every bureaucrat who thinks this policy is sensible, I'll > bet there are ten people living in the real world who will disagree... Well, as a resident of the real world, I must say that yes, as a registry under IANA, in a position of stewardship over IP number resources, ARIN has the authority to make and implement allocation policy, thank goodness. Perhaps you forget that just a few years ago, responsible organizations took address conservation seriously enough that CIDR became globally implemented. THAT cost money, too. THAT impacted businesses, too. But it was the right thing to do. From markb at infi.net Thu Sep 14 14:31:31 2000 From: markb at infi.net (Mark Borchers) Date: Thu, 14 Sep 2000 13:31:31 -0500 Subject: consistancy In-Reply-To: References: <200009141715.KAA16845@boreas.isi.edu> Message-ID: <200009141833.OAA00093@ns2.harpweek.com> If you are not already capable of locating "the list", perhaps you should not be thinking about acting as spokesman for "the community." On 14 Sep 00, at 12:38, Mury wrote: > Someone give me the list. I'll do my part and spend a day calling. If > they don't cooperate the community should not have to take no for an > answer. > > I would think in most people's mind it's far worse to have unused blocks, > than to have not so effectiently used blocks. > > Mury From jb at JBACHER.COM Thu Sep 14 14:58:33 2000 From: jb at JBACHER.COM (Jan Bacher) Date: Thu, 14 Sep 2000 13:58:33 -0500 Subject: Correcting the mistake In-Reply-To: <5.0.0.25.2.20000914134224.00a18a50@pop.hom.net> References: <4.2.2.20000914111532.00ae2170@mail.jbacher.com> <5.0.0.25.2.20000914113555.00a17b80@pop.hom.net> <5.0.0.25.2.20000914083739.00aedcf8@mail.ntrnet.net> Message-ID: <4.2.2.20000914134349.00aee680@mail.jbacher.com> >My point really was that just creating a policy and making it effective >immediately is bad for everyone. There needs to be time to look at all >sides, most importantly the technical aspects of the change, whatever it >may be. In some cases, technical solutions might be readily >available. In others, perhaps the solutions would have to be developed. > >But I do think ARIN should announce the policy change - and give us all >time to handle whatever changes would be necessary. > >In the case at hand now, perhaps 120 days is not enough. Maybe 180 is a >more realistic goal. Again: With our without effective solutions to implement? What matters is that effective solutions are available for implementation prior to the decision to change policy. It doesn't matter what designated date is determined if there is no universal solution and no consideration is given to determine the need for one. Do you make the policy and then determine the viability of the policy or do you first evaluate the viability? That's the real underlying problem here. The former occurred instead of the latter. This policy needs to be put on hold until such an evaluation has occurred and ARIN members have a realistic time frame in which to change procedure. From mury at goldengate.net Thu Sep 14 15:02:37 2000 From: mury at goldengate.net (Mury) Date: Thu, 14 Sep 2000 14:02:37 -0500 (CDT) Subject: consistancy In-Reply-To: <200009141833.OAA00093@ns2.harpweek.com> Message-ID: On Thu, 14 Sep 2000, Mark Borchers wrote: > If you are not already capable of locating "the list", perhaps > you should not be thinking about acting as spokesman for > "the community." ;) Such a friendly group. I will word my offer a little more clearly for those who take everything literally. 1) I am making the point we should reclaim unused space. 2) I am willing to do my part in helping if ARIN doesn't have the resources or the "authority" to accomplish the task. Mury From HJass at hopone.net Thu Sep 14 15:35:03 2000 From: HJass at hopone.net (Haralds Jass) Date: Thu, 14 Sep 2000 12:35:03 -0700 Subject: guideline for name-based web hosting justification In-Reply-To: <200009141910.PAA00257@ns2.harpweek.com> References: <200009141800.LAA04988@master1.yvr1.superb.net> Message-ID: <200009141923.MAA06906@master1.yvr1.superb.net> Yes, agreed completely. That is why as I pointed out, we do have a ratio of roughly 8:1 for name-based:IP-based virtual hosting. It could and would be more, IF features such as SSL, virtual FTP, etc. worked on a name (header) as opposed to IP basis. When (I really do think when, not if) further improvements to the various protocols based on TCP/IP are made, then IPs can be used even less for such virtual applications. I think it's important to keep in mind that while there are a lot of hosting companies out there "wasting" IPs (it's a matter of prestige having more IPs than the next guy - "mine [IP allocation] is bigger than yours," and many will use IPs where there is no clear need for them), there are also many who are conserving IPs as much as they can. This is why a clearly defined policy on this would go a long way - outling what typical uses of IPs are justified *for now* (until improvements to protocols are made), where there is no other way, and simultaneously pushing for conservation of IPs by not allowing arbitrary usage of "an IP per site," as so many hosting companies do, just to appear bigger. This is very, very common in industry. Some even use "one IP for web site, one for SMTP for the site, another for POP for it, etc." - trying to use as many IPs as possible. Now this has to stop!! ARIN should focus first on eliminating arbitrary use of IPs for virtual hosting where not needed. Then as a second step, why doesn't ARIN form some lobbying part of it that pushes the powers that be (software developers et al) to implement name-based recognition features in SSL, FTP, etc.? Otherwise, now saying that IPs can't be used for virtual hosting at all is equivalant to saying that real IPs can't be used for dial-up (dynamically) at all, except that there is no NAT - no alternative of any sort. ARIN would never do that for dial-up, even though there is NAT. Yet to web hosting it's not only saying not to use IPs, it's doing so despite there being no alternatives to using IP for many common applications. This just makes no sense and it does seem like ARIN is heavily biased towards dial-up providers and against web hosts...or, more likely, it's just the lack of understanding I was referring to earlier. Solution? Just a few steps Step 1: write up clear, educated, guidelines based on feedback from web hosts Step 2: [work towards] eliminat[ing] the truly arbitrary usage present now - an important part of that is providing guidelines for web hosts to follow in allocating IPs to their resellers, as those are the people with "mine is bigger than yours" complex and inisist on sitting lots of IPs they don't use, or use for an arbitrary purpose at best Step 3 (the holy grail): push for protocol improvements to aid further IP conservation Step 4: essentially no IPs for virtual hosting allowed ARIN has went straigh to Step 4, yet there is no foundation for it that Steps 1 - 3 need to provide for it to work. On 14 Sep 00 at 14:08, Mark Borchers wrote: > Your post is certainly well-reasoned and well-written. I would just > like to make one comment. That is, that the lack of knowledge cuts > both ways in this issue. > > I think the web-hosting folks are asking that we perpetuate > what is essentially a networking hack in order to maintain > the status quo in the virtual hosting world. IP addresses > are fundamentally an entity for routing traffic to and > from a network device. To require a single device to be > provisioned with an (IMHO) extravagant number of addresses > from this finite pool is hard to swallow for a network > engineer, when it would seem like other means would serve. > > On 14 Sep 00, at 11:11, Haralds Jass wrote: > > > I have been following this thread quite closely and I'd like to throw > > in my comments, first arising from this thread specifically, and > > secondly about the bigger issue at stake here. > > > > It's been no surprise that those who don't really know web hosting > > agree with the policy completely and talk of trivial solutions to real > > problems and issues. Of course, it's always easier to talk than to > > actually do something (and isn't it those who talk and can't do that > > come up with hopelessly vague policies in the first place?). There > > have been a number of valid issues brought up to show the many needs > > for which there is no practical alternative to using unique IPs for > > virtual sites. I feel that this side has been discussed fairly and > > there have been no unbased needs put forth. > > > > Now then, going to the specifics, there's a number of things > > fundamentally wrong with the policy. It seems to be arising from the > > fact that no one at ARIN really knows web hosting. Before this policy > > was in effect, ARIN effectively had no notion of the existence of such > > a thing as web hosting. At least, that's the impression I got, as > > every person at ARIN would come up with totally different, > > inconsistent, requirements for address usage proof to allocate IPs - > > the rules were trivially made up on the spot. I know it's not just me, > > as even before the policy was created, I was asked by the organizers > > of the Web Host Expo (I'm on its board of advisors), regarding this > > issue and I was told that most other hosting companies feel the same > > way - that ARIN *should* develop some sort of clear policy for this, > > effectively "recognizing" web hosting as a valid need of IPs. Well, > > ARIN did indeed come up with a policy, however, one that shows total > > lack of understanding of what web hosting is and what IPs are needed > > for. > > > > Now, I'm a firm believer in effective IP address usage on a per-need > > basis, only. We have always, since we started back in the summer of > > 1996, required our dedicated service customers to provide full > > justification for IPs, including why can't what they need to do be > > done using name based hosting instead, and closely following up on IP > > usage and revoking allocated IPs where they are not used, or used with > > no true justification. Also, we were one of the first (to the best of > > my knowledge, the first) IPPs to provide full service name-based > > hosting, compatible with *all* browsers (yes, HTTP/1.0 too). That was > > back in late 1996 or early 1997 if I recall correctly. Now most of our > > virtual hosting, as well as that of our hosting company customers, is > > done using name-based sites. The split is about 8:1 -eight name based > > virtual sites for every one IP-based one. > > > > The thing to keep in mind here is that HTTP/1.0 browsers can still get > > to name based sites no problem. All it takes is a simple shell script > > that'll grab the HTTP_REFERRER and based on that (simple if...then) > > redirect customer to the proper URL (say: namesite.com/namesite/) that > > has been setup as a link specifically for the old browsers. (Funny how > > ARIN's "instructions for using name-based virtual hosting" are utterly > > useless and only provide links to some generic URLs giving no > > solutions to the real problems, such as backward browser > > compatibility, among many others.) So this is one issue that should be > > of no concern, basic site functionality in stone-age browsers. (99.8%+ > > of web traffic now is fully name-based compliant anyhow from our > > observations) > > > > Before I outline the practical situations where name based hosting is > > the best and is justified, let me first list clearly all the > > limitations of it - all the reasons why IP based hosting is required > > for some sites (why our name:IP ratio is 8:1 and not 80:1). > > > > - SSL > > > > - virtual FTP > > > > - virtual POP > > > > - a number of issues for large/complex sites, such as database > > connectivity, proprietary application implementation, clustering, > > accounting for bandwidth and not traffic, QoS, etc. > > > > Now, these are service-related issues. There are other usability > > related issues which are present for all name-based sites: > > > > - search engine indexing - a real problem for some spiders, still, to > > index name-based sites (way to overcome it: use > > http://www.namesite.com/namesite/ URL, where the /namesite/ is a > > symlink to the actual site public_html and works via HTTP/1.0. Of > > course, not a favoured solution in customers' eyes as the URL doesn't > > look as "respectable," but, it works.) > > > > - IP blocking - a valid issue which there is no way to overcome (for > > sure, no one can do any porn site hosting on a name-based basis, as if > > one IP is blocked from spamming search engines, or from AOL, then all > > customers are in trouble; solution: hosting 'controversial' and > > 'high-risk' sites must be an exception until blocking mechanisms at > > the powers that be are setup using names and not IPs, specifically for > > HTTP and not all-out per IP) > > > > Also, Virtual DNS (to the best of my knowledge we were the first > > company offering this service back in late 1996). A separate issue, > > but one to kept in mind - a very valid use of IPs, as every nameserver > > must have a unique IP, so if a customer has ns1 & ns2.theirdomain.com > > setup on the nameserver, two unique IPs must be used. > > > > All in all, this creates quite a few exceptions to the ARIN rules. A > > lot of protocols used to provide services other than plain web hosting > > are solely based on IPs, with no possible way - for now - to go on to > > name-based basis instead. Knowing the web hosting industry by being an > > active and innovative (we like to think so) part of it for the last 5 > > years, I am sure that there are going to be more exceptions - many, > > many more - than compliance to the rules. ARIN needs to do its > > homework and come up with rules that actually take into account the > > needs of the web hosting industry, clearly outlined, and define what > > it means by "web hosting," too. The way the policy stand now, it's not > > any better than before when there were no rules, it'll just make it > > even harder to get IPs for perfectly legitimate uses (such as > > SSL-based sites, as we have already seen in this thread - ARIN > > refusing IPs despite the very valid e'xceptionary' justification being > > that sites are using SSL). > > > > I don't think it's that complicated and hard to come up with a more > > workable and clearly defined policy. Some key points to consider, what > > I would put in there -- > > > > - Essentially, a simple "use name-based hosting unless IP-based > > hosting is required" policy. Some hosting companies, such as us, have > > been following that on their own initiative. Others will need to > > change. No other choice here, though. Better sooner than later, it may > > be painful, but it'll hurt less now than later (a policy on web > > hosting IP allocation is some 3-4 years overdue already, where were > > the ARIN policy makers for the last few years?). > > > > - More specifically, define and differentiate "mid to high-range > > hosting" and "low-end" hosting, whereby low-end is small, simple web > > sites with no SSL, virtual FTP, or any custom applications, nor need > > for real-time bandwidth measuring, QoS, and other high end services. > > Require (or request) all mass-market web hosts to offer such a low-end > > solution, so that users who do not need IPs are not automatically > > given hosting that is IP-based (i.e. a offering an IP and services a > > customer doesn't need 'forcibly' by there being no alternative does > > not create grounds for exception). Allow web hosts to use "mid" or > > "high-range" hosting services as justification for IPs, and perhaps > > request to elaborate on that (specific features that need IPs). There > > are simply much too many needs for IPs where there is NO clear > > alternative, so unless ARIN can tell us how to use SSL, or virtual > > FTP, or virtual POP, or create a unique nameserver (VDNS), or use one > > of the many other many IP-dependant services on a name-based site, > > those are all exceptions. > > > > - The exceptions are so many, that the basic principles of those > > should be clearly defined and the process made less cumbersome by > > allowing IPs for mid to high-end sites that need them for proper > > functionality. Also, keep in mind the black-listing of IPs. To that > > issue there is no solution, but, that alone can not be enough grounds > > for using a unique IP for every site. However, ARIN could take the > > high ground on this and try to request the vendors of the relevant > > software to implement name-based HTTP-only blocking (of course, not as > > easy as it sounds, but than sooner the effort starts, than better). > > > > - Also, why not write up and publish a checklist that web hosts must > > follow when allocating IPs to their dedicated clients, going by which > > they can determine whether the IP request is justified, or not. I've > > seen some companies get confused and say that all their customer IP > > requests must be approved by ARIN; obviously ARIN wants to avoid that, > > so why not write up IP allocation guidelines and a checklist for web > > hosts offering dedicated service? > > > > I think that about sums it up. It's clear that ARIN didn't do its > > homework, by creating this vague, unclear, policy. It is indeed very > > much needed to push web hosts to use IPs effectively; however, a > > policy can not be formed without first understanding the underlying > > issues. Hopefully ARIN will listen to the many valid comments and > > suggestions submitted in this thread and act accordingly in improving > > this policy. By taking some time to develop reasonable, logical, > > policies on web host IP allocation, ARIN could save itself, and the > > hosting companies, a lot of headaches and wasted time. > > > > As a final remark, it is also interesting how there have been very > > few, virtually no, hosting companies participating in this discussion. > > The general industry attitude I've seen on this is that there will be > > always a way to get around the new rules, due to the wide open > > exceptions allowance (or, even more so, just the same old tactics - > > corresponding with ARIN until it gets sick and tired of you and gives > > you the IPs you need, still not understanding what and how they are > > used for). It would do everyone much good if the rules were more > > clear, as then they could be also more firm. The new policy has not > > hit the hosting industry nearly as strongly as it should have. Perhaps > > because it is laughably vague and illogical, effectively changing > > nothing. At least, that was my reaction when I first read it. Most > > seem to think they can continue doing what they do, as opposed to > > improving their IP usage efficiency, and just ride on ARIN's lack of > > understanding of hosting. A clear policy with differentiated hosting > > levels and IP justification criteria defined would change that. > > > > I hope that someone at ARIN is listening... > > > > > > -- > > Haralds Jass > > Superb Internet - "Ahead of the Rest." > > http://www.superb.net > > > > "I am easily satisfied by the very best" > > - Winston Churchill > -- Haralds Jass Superb Internet - "Ahead of the Rest." http://www.superb.net "I am easily satisfied by the very best" - Winston Churchill From hostmaster at LAVA.NET Thu Sep 14 15:38:12 2000 From: hostmaster at LAVA.NET (hostmaster at LAVA.NET) Date: Thu, 14 Sep 2000 09:38:12 -1000 Subject: Correcting the mistake In-Reply-To: <5.0.0.25.2.20000914134936.00a36110@pop.hom.net>; from dbs@hom.net on Thu, Sep 14, 2000 at 02:01:54PM -0400 References: <5.0.0.25.2.20000914113555.00a17b80@pop.hom.net> <5.0.0.25.2.20000914134936.00a36110@pop.hom.net> Message-ID: <20000914093810.F19329@lava.net> On Thu, Sep 14, 2000 at 02:01:54PM -0400, Dave Stewart wrote: > At 11:33 AM 9/14/00 -0500, Mury wrote: > >Absolutely we can find a solution. Today? Next week? In an ideal world > >ARIN could institute a policy and we could all make it work > >tomorrow. It's just not reality. Some things are more difficult than > >others to make work. Maybe web based hosting is more difficult to > >technologically achieve than other things. > > It's not more difficult to achieve. Certainly it can be done. And easily. > > The problems revolve around the ways to be able to track and bill for > bandwidth utilization. Even control utilization. Actually, I think tracking and billing bandwidth utilization, for one large class of web-hosters - those running a moderately recent Apache release on UNIX boxes - might prove feasible. "All it would take" (quotes intended!) is an Apache plug-in log module to log hits on a particular host into an RRDtool (=round-robin database) file (like Cricket uses for logging router data, and which MRTG is converting to.) This wouldn't replace the existing Apache logs, but would supplement them with the same data web hosters are getting off the Netflow type IP-based logging. You can pop updates into an RRD pretty much as they happen and have them averaged into your defined time interval, as long as you "stroke" it every so often (add a 0 on 5 minute intervals, e.g.) to let it know it's still being updated with valid data. Then you can make pretty MRTG-style graphs off of it, analyse it later for peaks/ averages/95%, etc. This does require a moderate amount of code to be developed, but it has the potential to actually be a better tool than the current mechanism people are using. It would be efficient because the RRD code is tuned to operate efficiently with floating-point math and update its files in place, and it could be executed directly from within the Apache process without having to write huge logs and post-process them later. Comments on this idea? In general, this discussion has been quite helpful to me, because it has pointed out that we've been misinterpreting some of the data we'd collected here about feasibility of name-based hosting. (The HTTP 1.0 vs. HTTP 1.1 issue.) If ARIN made one of its focuses ISP education - creating some web resources on how to exploit the existing features of common software, how to interpret your Browser header info to measure your real percentage of hits that could be served by name-based hosts - and also focused on coordinating development of new software, where needed, to better serve a more efficient use of address space, then I think all parties (and the Internet at large) would be better served than with the current style of interaction. I am seeing from the response by ARIN participants here that ARIN does not mean to be arbitrary and punitive, but when you're a small ISP applying for desperately needed address space, ARIN really does seem that way frequently. -- Clifton -- Clifton Royston -- LavaNet Systems Architect -- cliftonr at lava.net The named which can be named is not the Eternal named. From HJass at hopone.net Thu Sep 14 16:34:41 2000 From: HJass at hopone.net (Haralds Jass) Date: Thu, 14 Sep 2000 13:34:41 -0700 Subject: guideline for name-based web hosting justification In-Reply-To: <200009141910.PAA00257@ns2.harpweek.com> References: <200009141800.LAA04988@master1.yvr1.superb.net> Message-ID: <200009142023.NAA08485@master1.yvr1.superb.net> To add a bit more on the lack of understanding by hosting companies of ARIN, where I meant to write more in my last message... It's a very good point indeed. It's important to keep in mind that the way most hosting companies (wrongly) view ARIN is as some old-world institution that has no impact on them. A lot of web hosts really do see themselves as "holier than thou," and having such a hopessly vague policy is...well, hopeless for ARIN. I am certain that if this policy stays and ARIN refuses IP allocation to some mid-size and large web hosts (even if they have no valid exceptions), they'll get their lawyers and not their systems engineers on the case. A "better," detailed and issue-based, policy would avoid a lot (but for sure not all) such potential problems for ARIN. Also then most hosting companies would take it seriously; now most have just looked at it, had a good laugh, and forgotten about it. When a real policy is worked out, ARIN should actively promote it and explain it to all involved, keeping in mind that a lot of hosting companies do not have their own IPs from ARIN but rather colocate and get their IPs elsewhere (this means it's very important to have the colo providers, those who get IPs from ARIN, to have policies consistent with those of ARIN in IP allocation, and spread the word on that to their customers). Now a lot web hosts simply think they'll still get IPs as they used to from their colo provider, thus bypassing the ARIN rules. This is what ARIN needs to get around, by (1) ensuring that the colo providers spread the word to their customers and ensure that they do the needful changes to their hosting server setups, and (2) possibly also contacting some of the larger hosting companies directly, though they do not deal with ARIN directly. -- Haralds Jass Superb Internet - "Ahead of the Rest." http://www.superb.net "I am easily satisfied by the very best" - Winston Churchill From smarcus at genuity.com Thu Sep 14 18:19:38 2000 From: smarcus at genuity.com (J. Scott Marcus) Date: Thu, 14 Sep 2000 18:19:38 -0400 Subject: Correcting the mistake In-Reply-To: <20000914093810.F19329@lava.net> References: <5.0.0.25.2.20000914134936.00a36110@pop.hom.net> <5.0.0.25.2.20000914113555.00a17b80@pop.hom.net> <5.0.0.25.2.20000914134936.00a36110@pop.hom.net> Message-ID: <3.0.5.32.20000914181938.04153ec0@pobox3.genuity.com> At 09:38 09/14/2000 -1000, hostmaster at LAVA.NET wrote: > ... If ARIN made one of its focuses ISP education - creating some web >resources on how to exploit the existing features of common software, >how to interpret your Browser header info to measure your real >percentage of hits that could be served by name-based hosts - and also >focused on coordinating development of new software, where needed, to >better serve a more efficient use of address space, then I think all >parties (and the Internet at large) would be better served than with >the current style of interaction... This is an interesting thought. My sense is that ARIN has done somewhat less of this kind of education than has, for instance, RIPE. Perhaps there is indeed an opportunity for ARIN to do much more ... > I am seeing from the response by ARIN participants here that ARIN >does not mean to be arbitrary and punitive, but when you're a small ISP >applying for desperately needed address space, ARIN really does seem >that way frequently. ARIN's a not-for-profit membership organization, just trying to do the right thing for the Internet community... And, man! It can be tough. If there's one thing that this whole exchange has brought home (to me, at least), it's the need for ARIN to solicit and obtain more input (and earlier) from a broader community of interest. Thanks to all for taking the time to educate us... Cheers, - Scott (ARIN board member, but speaking for himself only) From drechsau at geeks.org Thu Sep 14 21:04:45 2000 From: drechsau at geeks.org (Mike Horwath) Date: Thu, 14 Sep 2000 20:04:45 -0500 Subject: consistancy In-Reply-To: <200009141715.KAA16845@boreas.isi.edu>; from woolf@ISI.EDU on Thu, Sep 14, 2000 at 10:15:57AM -0700 References: <20000914100556.A19048@Geeks.ORG> <200009141715.KAA16845@boreas.isi.edu> Message-ID: <20000914200445.B23272@Geeks.ORG> On Thu, Sep 14, 2000 at 10:15:57AM -0700, Suzanne Woolf wrote: > > > > And how do you suggest they go about reclaiming IP blocks. > > > > Call'em up, drop'em email. > > Been there, done that. > > http://www.academ.com/nanog/feb1996/pier.ip.address.survey.html > (The slides are also available somewhere....) > > Interesting results include: > 1. Much of the contact data was simply unusable. > 2. The vast majority who did respond just said no. > > > I bet that many will be very cordial and will return the space that is > > unused. > > The folks who responded were mostly quite cordial, although a few > threatened to sue me for asking. Mostly, they were cordial about > saying "nope, we're keeping it." > > This was in 1996. I'm unconvinced the task would be easier now. But....you aren't ARIN, who does, as it stands, has authority to rip the addressing out of place. Really, if they can dish out the IPs, they can take'em away. Yes, it would suck. But wastage is wastage and a site with a /16 using a few hundred addresses is far more wasteful than any wastage I would have by having IP based virtual hosts. -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From drechsau at geeks.org Thu Sep 14 21:05:33 2000 From: drechsau at geeks.org (Mike Horwath) Date: Thu, 14 Sep 2000 20:05:33 -0500 Subject: consistancy In-Reply-To: <200009141833.OAA00093@ns2.harpweek.com>; from markb@infi.net on Thu, Sep 14, 2000 at 01:31:31PM -0500 References: <200009141715.KAA16845@boreas.isi.edu> <200009141833.OAA00093@ns2.harpweek.com> Message-ID: <20000914200533.C23272@Geeks.ORG> On Thu, Sep 14, 2000 at 01:31:31PM -0500, Mark Borchers wrote: > If you are not already capable of locating "the list", perhaps > you should not be thinking about acting as spokesman for > "the community." Hmm...kind of rude. And I like rude. Mury, I can help. > On 14 Sep 00, at 12:38, Mury wrote: > > > Someone give me the list. I'll do my part and spend a day calling. If > > they don't cooperate the community should not have to take no for an > > answer. > > > > I would think in most people's mind it's far worse to have unused blocks, > > than to have not so effectiently used blocks. > > > > Mury -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From avb at korax.net Fri Sep 15 01:10:51 2000 From: avb at korax.net (avb at korax.net) Date: Fri, 15 Sep 2000 01:10:51 -0400 (EDT) Subject: consistancy In-Reply-To: Message-ID: On Thu, 14 Sep 2000, Brian Wallingford wrote: > This exact "argument" has been rehashed too many times (I don't doubt > that, in one forum or another, I've initiated it in the past). ARIN does > *not* have the authority to reclaim legacy space. Nobody has the > authority to reclaim the terribly, irresponsibly underutilised space > allocated many moons ago. What would have to happen for ARIN to get that authority? Why can't IANA or ICANN give it the authority to do this? > Legacy space may as well be written off as unusable. Saying that almost > makes me physically ill, but it's a fact. Oh, man, that is *very* difficult to accept. IP addresses are a shared public resource which is globally administered by IANA/ICANN. They aren't anyone's property and they never have been. If the biggest problem with reclaiming legacy space is political, then surely that can be addressed. ARIN may not have the authority to reclaim, but *somebody*, at some higher level, has this authority, no? I would imagine that somebody would be IANA. To quote RFC2050: The Internet Assigned Numbers Authority has authority over all number spaces used in the Internet. This includes Internet Address Space. It seems pretty clear-cut to me. What am I missing? These are all honest questions, btw. I'm very interested to know what the obstacles are, because I'm having a real tough time accepting the idea that this is an unfixable situation. Regards, -- Alex Bulan Network Administrator Korax Online Inc. From stephen.griffin at rcn.com Fri Sep 15 03:00:28 2000 From: stephen.griffin at rcn.com (Stephen Griffin) Date: Fri, 15 Sep 2000 03:00:28 -0400 (EDT) Subject: consistancy In-Reply-To: <20000914200445.B23272@Geeks.ORG> from Mike Horwath at "Sep 14, 2000 08:04:45 pm" Message-ID: <200009150700.DAA15714@elektra.ultra.net> [CC-list cleaned up, since it was getting messy...] In the referenced message, Mike Horwath said: > But....you aren't ARIN, who does, as it stands, has authority to rip > the addressing out of place. > > Really, if they can dish out the IPs, they can take'em away. > > Yes, it would suck. But wastage is wastage and a site with a /16 > using a few hundred addresses is far more wasteful than any wastage I > would have by having IP based virtual hosts. It seems that most people fail to understand what ARIN is. ARIN is one of 3 RIRs (Regional Internet Registries). The other 2 being RIPE and APNIC. They are overseen by ICANN. ARIN has absolute authority over the address space they have been dictated to manage by ICANN, which does not include the majority of the space everyone is complaining about. I think ARIN (or any of the RIRs) would be ecstatic to have jurisdiction over this space, and would be happy to clean it up, but that is something to take up with ICANN. The biggest confusion is who actually does have authority, since these first allocations were made very early on. As it is, I was under the impression RIPE-NCC already had a policy such as this (re: web-hosting). They always seem to be right on top of things. Anyways, people have been claiming that ARIN doesn't understand web-hosting. I say they understand web-hosting at least as well as most of the people complaining understand ARIN. Speaking on my own behalf, Stephen A. Griffin Registrar - UltraNet Communications -- Stephen A. Griffin RCN Senior Development Engineer Internet Planning & Design stephen.griffin at rcn.com Network Deployment & Management From bmanning at vacation.karoshi.com Fri Sep 15 04:59:21 2000 From: bmanning at vacation.karoshi.com (bmanning at vacation.karoshi.com) Date: Fri, 15 Sep 2000 08:59:21 +0000 (UCT) Subject: consistancy In-Reply-To: from "Mury" at Sep 14, 2000 02:02:37 PM Message-ID: <200009150859.IAA26884@vacation.karoshi.com> > Such a friendly group. I will word my offer a little more clearly for > those who take everything literally. > > 1) I am making the point we should reclaim unused space. > 2) I am willing to do my part in helping if ARIN doesn't have the > resources or the "authority" to accomplish the task. > > Mury |First off, start with your own "unused" space. |Second, would you appreciate a random call from someone you've never heard of asking you to give up your IP space? Suzanne helped me in one of my reclaimation efforts in years past. Those efforts were sactioned by the IANA. Offers to assit ARIN have fallen of deaf ears and so little has been done recently. Still, there has been some forward progress. Stanford finally returned net 36 to the IANA after nearly a decade. So reclaimation is working, but perhaps not quite at the speed you would like. --bill From bmanning at vacation.karoshi.com Fri Sep 15 05:03:07 2000 From: bmanning at vacation.karoshi.com (bmanning at vacation.karoshi.com) Date: Fri, 15 Sep 2000 09:03:07 +0000 (UCT) Subject: consistancy In-Reply-To: from "Brian Wallingford" at Sep 14, 2000 09:58:41 PM Message-ID: <200009150903.JAA26900@vacation.karoshi.com> > : Really, if they can dish out the IPs, they can take'em away. > > In a utopian world, yes. But.. Actually ARIN can take away addresses -from the blocks it was delegated-. > that, in one forum or another, I've initiated it in the past). ARIN does > *not* have the authority to reclaim legacy space. Nobody has the > authority to reclaim the terribly, irresponsibly underutilised space > allocated many moons ago. Actually the IANA does. Thats how I manged to get 16% of the total IPv4 space retruned to the freepool in 1995/1996. Its doable, --bill From jtk at TITANIA.NET Fri Sep 15 09:27:28 2000 From: jtk at TITANIA.NET (Joseph T. Klein) Date: Fri, 15 Sep 2000 09:27:28 -0400 Subject: consistancy References: <200009150859.IAA26884@vacation.karoshi.com> Message-ID: <39C223C0.E77B9256@titania.net> Bill et al. Why not just up the anti a notch and require that all legacy address space have working in-addr records by January 1, 2001 or that space shall be deemed inactive and returned to the public pool. IANA can delegate enforcement to the registries using the address as registered. i.e. If the address is in the ARIN region, ARIN enforces the deallocation. Due to the history of the Internet this is primarily a North American issue. Small organizations requiring multi-homing could then hopefully get space from the legacy "swamp" allocations retrieved from this effort. This would avoid de-aggrigation of the larger CIDR blocks. The de-aggrigation issue almost caused a riot at the Montreal NANOG when Above.net advocated it for improved MED savvy routing. I would hope re-using the swamp space can be a workable compromise. New core router technology has reduced many of the ill effects of limited de-aggrigation. I suspect large portions of the early allocations belong to defunct organizations or have been forgotten by the rightful owners. bmanning at vacation.karoshi.com wrote: > > > Such a friendly group. I will word my offer a little more clearly for > > those who take everything literally. > > > > 1) I am making the point we should reclaim unused space. > > 2) I am willing to do my part in helping if ARIN doesn't have the > > resources or the "authority" to accomplish the task. > > > > Mury > > |First off, start with your own "unused" space. > |Second, would you appreciate a random call from > someone you've never heard of asking you to give up > your IP space? > > Suzanne helped me in one of my reclaimation efforts > in years past. Those efforts were sactioned by the IANA. > Offers to assit ARIN have fallen of deaf ears and so > little has been done recently. Still, there has been > some forward progress. Stanford finally returned net > 36 to the IANA after nearly a decade. So reclaimation is working, > but perhaps not quite at the speed you would like. > > --bill -- Joseph T. Klein jtk at titania.net Cogent Communications jklein at cogentco.com +1 202 295 4217 +1 414 915 7489 From jb at JBACHER.COM Fri Sep 15 10:24:46 2000 From: jb at JBACHER.COM (J Bacher) Date: Fri, 15 Sep 2000 09:24:46 -0500 (CDT) Subject: consistancy In-Reply-To: Message-ID: > Oh, man, that is *very* difficult to accept. IP addresses are a shared > public resource which is globally administered by IANA/ICANN. They aren't > anyone's property and they never have been. If the biggest problem with Have a bake sale and buy them back. Yes, I am being somewhat facetious but understand that the p&m won't fix the problem. There are options and all of them need to be considered. Outline the problem and lay out every possible solution. Identify each solution's feasibility and probability using a point system. Take the most viable solutions [with the hightest combined point rating] and attack them first. Actions speak louder than words. The trustees and advisories should be able to tell us the best way to tackle this [and other] issues. Where is the plan? From gjh at KEYCONNECT.COM Fri Sep 15 10:53:47 2000 From: gjh at KEYCONNECT.COM (Greg Hiscott) Date: Fri, 15 Sep 2000 07:53:47 -0700 Subject: consistancy References: Message-ID: <39C237FB.5735284E@keyconnect.com> It It is very difficult to accept. That is one of the reasons I am devoting my time to try to do something about this. The big corporations and exisiting telecomm companies are using this situation to leverage against newcomers to the business. They cannot even sell fast enough to use the IP space they have but they are able to withold it from others. avb at korax.net wrote: > > On Thu, 14 Sep 2000, Brian Wallingford wrote: > > > This exact "argument" has been rehashed too many times (I don't doubt > > that, in one forum or another, I've initiated it in the past). ARIN does > > *not* have the authority to reclaim legacy space. Nobody has the > > authority to reclaim the terribly, irresponsibly underutilised space > > allocated many moons ago. > > What would have to happen for ARIN to get that authority? Why can't IANA > or ICANN give it the authority to do this? > > > Legacy space may as well be written off as unusable. Saying that almost > > makes me physically ill, but it's a fact. > > Oh, man, that is *very* difficult to accept. IP addresses are a shared > public resource which is globally administered by IANA/ICANN. They aren't > anyone's property and they never have been. If the biggest problem with > reclaiming legacy space is political, then surely that can be addressed. > ARIN may not have the authority to reclaim, but *somebody*, at some higher > level, has this authority, no? I would imagine that somebody would be > IANA. To quote RFC2050: > > The Internet Assigned Numbers Authority has authority over all > number spaces used in the Internet. This includes Internet > Address Space. > > It seems pretty clear-cut to me. What am I missing? > > These are all honest questions, btw. I'm very interested to know what the > obstacles are, because I'm having a real tough time accepting the idea > that this is an unfixable situation. > > Regards, > -- > Alex Bulan > Network Administrator > Korax Online Inc. -- http://keyconnect.com V:818.552.4455 F:818.545.0633 From drechsau at geeks.org Sat Sep 16 11:21:20 2000 From: drechsau at geeks.org (Mike Horwath) Date: Sat, 16 Sep 2000 10:21:20 -0500 Subject: consistancy In-Reply-To: <200009150700.DAA15714@elektra.ultra.net>; from stephen.griffin@rcn.com on Fri, Sep 15, 2000 at 03:00:28AM -0400 References: <20000914200445.B23272@Geeks.ORG> <200009150700.DAA15714@elektra.ultra.net> Message-ID: <20000916102120.A40875@Geeks.ORG> On Fri, Sep 15, 2000 at 03:00:28AM -0400, Stephen Griffin wrote: > It seems that most people fail to understand what ARIN is. ARIN is one of > 3 RIRs (Regional Internet Registries). The other 2 being RIPE and APNIC. > They are overseen by ICANN. ARIN has absolute authority over the > address space they have been dictated to manage by ICANN, which does not > include the majority of the space everyone is complaining about. I think > ARIN (or any of the RIRs) would be ecstatic to have jurisdiction over > this space, and would be happy to clean it up, but that is something to > take up with ICANN. The biggest confusion is who actually does have > authority, since these first allocations were made very early on. * i128.101.0.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i * i131.212.0.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i * i134.84.0.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i * i146.57.0.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i * i160.94.0.0 165.117.59.14 4294967294 100 0 3561 3908 57 217 i Now, if the database at ARIN supported a field saying when these blocks were allocated, I would bet that some of them were allocated *after* CIDR was put into place and interNIC started asking for justification. (gawd, I hate picking on the UofM, I really do, but it is an example of wastage that is purty horrible) I have a new school connecting to us early next week with a /16 for a campus of under 10K students. :( There has to be a way to reclaim them! -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From hostmaster at raha.com Sat Sep 16 12:00:28 2000 From: hostmaster at raha.com (Hostmaster) Date: Sat, 16 Sep 2000 19:00:28 +0300 Subject: consistancy In-Reply-To: <20000916102120.A40875@Geeks.ORG> Message-ID: > > It seems that most people fail to understand what ARIN is. ARIN > is one of > > 3 RIRs (Regional Internet Registries). The other 2 being RIPE and APNIC. > > They are overseen by ICANN. ARIN has absolute authority over the > > address space they have been dictated to manage by ICANN, which does not > > include the majority of the space everyone is complaining about. I think > > ARIN (or any of the RIRs) would be ecstatic to have jurisdiction over > > this space, and would be happy to clean it up, but that is something to > > take up with ICANN. The biggest confusion is who actually does have > > authority, since these first allocations were made very early on. Who cares? If the boundaries of authority are so unclear, make then clear. How hard is that. Don't ICANN, RIPE, APNIC and ARIN communicate, or cooperate? I agree, between APNIC, ARIN, RIPE and ICANN there's way too much confusion regarding who's responsible for what - but surely it's up to YOU guys to sit together and come up with a solution. At the end of the day those four bodies should be working towards a common goal, not shoulder shrugging and passing the baby to one another regarding 'authority'. It's clear that NO-ONE has, or is willing to accept, authority over the legacy space - this is where the main problem lies, so how about we fix it. Who all is scared to tell IBM "sort out your /8 or we stop routing it" ? > (gawd, I hate picking on the UofM, I really do, but it is an example > of wastage that is purty horrible) > > I have a new school connecting to us early next week with a /16 for a > campus of under 10K students. :( > > There has to be a way to reclaim them! A classic example. Find another three the same, persuade them to cooperate, and give them a /20 each. Voila - you got back roughly 1/4Million addresses from only 4 universities. More, I'll bet, than a YEAR of scraping around having people change from dedicated hosting to virtual hosting. A university with 10k students would have difficulty justifying even a /20 but if they can, and they need more - okay give them more I have no problem with that, does anyone? The first few are the hardest ones, the rest would follow by example, I'm sure. If not, establishment of exactly who has authority for the space in question is the only way to go - because those that refuse to fall into line could simply be blackholed with the additional cooperation of a few core backbone providers. Regards Bob From ahp at hilander.com Sat Sep 16 12:14:50 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Sat, 16 Sep 2000 10:14:50 -0600 Subject: consistancy References: Message-ID: <39C39C7A.CD6398A0@hilander.com> I agree that reclaiming address space is a good idea, and we are working on ways to do it. However, you all must accept the fact that reclaiming IP space and more efficient use of new IP allocations are not mutually exclusive. They are in fact separate discussions, and decisions on whether to do one will not affect the other. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From cscott at gaslightmedia.com Sat Sep 16 13:42:41 2000 From: cscott at gaslightmedia.com (Charles Scott) Date: Sat, 16 Sep 2000 13:42:41 -0400 (EDT) Subject: consistancy In-Reply-To: <39C39C7A.CD6398A0@hilander.com> Message-ID: On Sat, 16 Sep 2000, Alec H. Peterson wrote: > I agree that reclaiming address space is a good idea, and we are working on > ways to do it. > > However, you all must accept the fact that reclaiming IP space and more > efficient use of new IP allocations are not mutually exclusive. They are in > fact separate discussions, and decisions on whether to do one will not > affect the other. > > Alec Alec: Agreed. Reclaiming IP space and efficient use of new allocations are certainly not mutually exclusive, Similarly, the aggrigate preasure on IP address space affects both discussions and their outcome. Also, the outcome of both will affect the aggrigate preasure on IP address space. They are therefore intimately interwoven. I think however, that there is also a matter of balance. It appears that many in this discussion have a hard time accepting the idea that address space that's currently in productive use, however inefficiently, is more, or even equally, worth trying to reclaim than address space that is currently serving no usefull purpose whatsoever or is grossly in contrast with conservation. It is certainly the impression of this imbalance that is making it difficult for ARIN to deploy this policy. Until such time as all address space falls under the same level of scrutiny, it's unlikely that those providing Web hosting services, the very content of the Internet, will be convinced to expend considerable work and funds to essentially change the way they do business. Chuck Scott Gaslight Media From drechsau at geeks.org Sat Sep 16 14:06:37 2000 From: drechsau at geeks.org (Mike Horwath) Date: Sat, 16 Sep 2000 13:06:37 -0500 Subject: consistancy In-Reply-To: <39C39C7A.CD6398A0@hilander.com>; from ahp@hilander.com on Sat, Sep 16, 2000 at 10:14:50AM -0600 References: <39C39C7A.CD6398A0@hilander.com> Message-ID: <20000916130637.A87352@Geeks.ORG> On Sat, Sep 16, 2000 at 10:14:50AM -0600, Alec H. Peterson wrote: > However, you all must accept the fact that reclaiming IP space and > more efficient use of new IP allocations are not mutually exclusive. > They are in fact separate discussions, and decisions on whether to > do one will not affect the other. I don't think anyone is arguing about not trying to be more efficient at all and that these are completely exclusive of each other and can be done in parallel. -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From bmanning at vacation.karoshi.com Sat Sep 16 15:29:04 2000 From: bmanning at vacation.karoshi.com (bmanning at vacation.karoshi.com) Date: Sat, 16 Sep 2000 19:29:04 +0000 (UCT) Subject: consistancy In-Reply-To: <39C223C0.E77B9256@titania.net> from "Joseph T. Klein" at Sep 15, 2000 09:27:28 AM Message-ID: <200009161929.TAA28386@vacation.karoshi.com> > > Bill et al. > > Why not just up the anti a notch and require that all legacy address > space have working in-addr records by January 1, 2001 or that space shall > be deemed inactive and returned to the public pool. Its not quite that easy. Stanford refused transfers as does MIT (to pick on Universities), making it hard to verify. > > IANA can delegate enforcement to the registries using the address as registered. > i.e. If the address is in the ARIN region, ARIN enforces the deallocation. IANA might do many things. They have had a tough time ramping up and may not be ready to take this on quite yet. Something to do w/ recent activities on the Open Membership front and a change in board membership seems to be taking some time. Still, given the current nature of ICANN, I expect that the only inputs they will take are from the RIRs themselves. Since these are legecy delegations, I suspect that forcing folks to a predetermined registry might open the discussion space, esp. since all registries are now charging fees. I expect that the legecy delegates are going to be screwed since they were never part of the RIR process and ICANN via the ASO agreements excludes these folks. > Due to the history of the Internet this is primarily a North American issue. Not really. There is significant European presence. > Small organizations requiring multi-homing could then hopefully get space from > the legacy "swamp" allocations retrieved from this effort. Two key words here. "Hopefully" and a buck will get you coffee at Starbucks. "Swamp" - based on previous reclaimation data and the dns delegation data the "swamp" is in the 207 and 209 prefix range. Most small route injections are coming from those ranges. > I suspect large portions of the early allocations belong to defunct organizations > or have been forgotten by the rightful owners. Not really. The hardest part has been the egregious update policies in getting whois data updates. --bill From bmanning at vacation.karoshi.com Sat Sep 16 15:32:24 2000 From: bmanning at vacation.karoshi.com (bmanning at vacation.karoshi.com) Date: Sat, 16 Sep 2000 19:32:24 +0000 (UCT) Subject: consistancy In-Reply-To: from "Brian Wallingford" at Sep 15, 2000 10:00:56 AM Message-ID: <200009161932.TAA28400@vacation.karoshi.com> > : outrageously large blocks? Why wasn't this corrected long ago, before > : "newbies" like myself started bitching? :) Why are we faced with this > : artificial address shortage? > > A clarification - I'm simply looking for insight. Does IANA have the > *authority* to reclaim addresses, or is it simply a matter of negotiation > and good will on the part of the blocks' administrators? > > tia, > brian IMHO, IANA is the only body w/ that authority. RIRs derive their authority from IANA. LIRs and ISP derive their management authoritity/responsibilities from the RIRs that delegate them address space. --bill From bmanning at vacation.karoshi.com Sat Sep 16 15:35:54 2000 From: bmanning at vacation.karoshi.com (bmanning at vacation.karoshi.com) Date: Sat, 16 Sep 2000 19:35:54 +0000 (UCT) Subject: consistancy In-Reply-To: <20000916102120.A40875@Geeks.ORG> from "Mike Horwath" at Sep 16, 2000 10:21:20 AM Message-ID: <200009161935.TAA28424@vacation.karoshi.com> > I have a new school connecting to us early next week with a /16 for a > campus of under 10K students. :( > > There has to be a way to reclaim them! There is. Check the fine RFC. When there is a fundamental -technical- requirement to get the space back, it can be reclaimed. THe current problem is not technical but political. > Mike Horwath IRC: Drechsau drechsau at Geeks.ORG --bill From ahp at hilander.com Sat Sep 16 16:56:56 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Sat, 16 Sep 2000 14:56:56 -0600 Subject: consistancy References: Message-ID: <39C3DE98.B3D34246@hilander.com> Antonio Querubin wrote: > > Would you accept the fact that many of us on the receiving end of the > latter look on the lack of attention paid to the former as reducing ARIN > et al credibility and leadership? Lose that credibility and you'll have a > hard time convincing the rest of the membership to do anything else. First of all, ARIN is very interested in reclaiming IP space, where it can do so. The issue is far more complicated than you may think, primarily because of the fact that ARIN does not have the authority to revoke allocations that it did not make. This is the primary point people seem to be missing. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From ahp at hilander.com Sat Sep 16 16:58:42 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Sat, 16 Sep 2000 14:58:42 -0600 Subject: consistancy References: Message-ID: <39C3DF02.F282C87F@hilander.com> Charles Scott wrote: > > Alec: > Agreed. Reclaiming IP space and efficient use of new allocations are > certainly not mutually exclusive, Similarly, the aggrigate preasure on IP > address space affects both discussions and their outcome. Also, the > outcome of both will affect the aggrigate preasure on IP address space. > They are therefore intimately interwoven. > I think however, that there is also a matter of balance. It appears that > many in this discussion have a hard time accepting the idea that address > space that's currently in productive use, however inefficiently, is more, > or even equally, worth trying to reclaim than address space that is > currently serving no usefull purpose whatsoever or is grossly in contrast > with conservation. It is certainly the impression of this imbalance that > is making it difficult for ARIN to deploy this policy. Until such time as > all address space falls under the same level of scrutiny, it's unlikely > that those providing Web hosting services, the very content of the > Internet, will be convinced to expend considerable work and funds to > essentially change the way they do business. If you know of a way to make this happen, then by all means please share it with us. However, continuing to argue why ARIN is not reclaiming allocations is not productive, since the plain and simple fact is that ARIN does not have the authority to reclaim allocations that it did not make. If you think that ARIN should have this authority, then by all means start petitioning IANA/ICANN to that end. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From ahp at hilander.com Sat Sep 16 16:59:59 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Sat, 16 Sep 2000 14:59:59 -0600 Subject: consistancy References: <39C39C7A.CD6398A0@hilander.com> <20000916130637.A87352@Geeks.ORG> Message-ID: <39C3DF4F.BA4C9650@hilander.com> Mike Horwath wrote: > > I don't think anyone is arguing about not trying to be more efficient > at all and that these are completely exclusive of each other and can > be done in parallel. However people do seem to be using the fact that ARIN is not revoking allocations made before its time to various institutions as a reason for repealing the virtual hosting policy. Personally I think there are plenty of other objections about the virtual hosting policy, which is why I am confused as to why so many people are insisting ARIN do something it has no authority to do. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From steve at ens.net Sat Sep 16 17:14:38 2000 From: steve at ens.net (Steve Larson) Date: Sat, 16 Sep 2000 16:14:38 -0500 Subject: consistancy References: <39C3DE98.B3D34246@hilander.com> Message-ID: <39C3E2BE.D9B3D9F0@ens.net> Does any of this discussion even matter? By the time you people finish the pathetic diatribe, IP telephony will just start to kick in. When this happens (since both Cisco and Lucent have their products available, and BILLIONS of dollars are being spent to make it happen...), the ONLY thing that will save us is the conversion to IP6. THERE WILL BE NO MORE SPACE, NO MATTER HOW STINGY OR STUPID YOU GET WITH THE IP4 SPACE. Lets all hope that real movement occures on the IP6 definition.... Steve "Alec H. Peterson" wrote: > Antonio Querubin wrote: > > > > Would you accept the fact that many of us on the receiving end of the > > latter look on the lack of attention paid to the former as reducing ARIN > > et al credibility and leadership? Lose that credibility and you'll have a > > hard time convincing the rest of the membership to do anything else. > > First of all, ARIN is very interested in reclaiming IP space, where it can > do so. The issue is far more complicated than you may think, primarily > because of the fact that ARIN does not have the authority to revoke > allocations that it did not make. This is the primary point people seem to > be missing. > > Alec > > -- > Alec H. Peterson - ahp at hilander.com > Staff Scientist > CenterGate Research Group - http://www.centergate.com > "Technology so advanced, even _we_ don't understand it!" From danny at tcb.net Sat Sep 16 18:06:15 2000 From: danny at tcb.net (Danny McPherson) Date: Sat, 16 Sep 2000 16:06:15 -0600 Subject: draft-mcpherson-vlan-ipagg-00.txt Message-ID: <200009162206.QAA06132@tcb.net> This should be posted to the IETF ID sometime next week. It's still in pretty rough form but comments are welcome. http://www.tcb.net/tcb/draft-mcpherson-vlan-ipagg-00.txt Thanks! -danny From mury at goldengate.net Sat Sep 16 18:06:19 2000 From: mury at goldengate.net (Mury) Date: Sat, 16 Sep 2000 17:06:19 -0500 (CDT) Subject: consistancy In-Reply-To: <39C3DF02.F282C87F@hilander.com> Message-ID: > If you know of a way to make this happen, then by all means please share it > with us. > > However, continuing to argue why ARIN is not reclaiming allocations is not > productive, since the plain and simple fact is that ARIN does not have the > authority to reclaim allocations that it did not make. If you think that > ARIN should have this authority, then by all means start petitioning > IANA/ICANN to that end. > > Alec Alec, No offense to you personally with these questions, but I've been told I am not qualified to act as any sort of "spokesperson" for the ARIN membership, and that I'm an idiot for asking for the list of legacy space contacts. So my questions are: Is it appropriate for me to "petition IANA/ICANN" essentially on behalf of ARIN? If so, is there a standard format and contact to whom I should be placing my suggestions? Mury From ahp at hilander.com Sat Sep 16 18:09:48 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Sat, 16 Sep 2000 16:09:48 -0600 Subject: consistancy References: Message-ID: <39C3EFAC.146AF3A2@hilander.com> Mury wrote: > > No offense to you personally with these questions, but I've been told I am > not qualified to act as any sort of "spokesperson" for the ARIN > membership, and that I'm an idiot for asking for the list of legacy space > contacts. > > So my questions are: > > Is it appropriate for me to "petition IANA/ICANN" essentially on behalf of > ARIN? No, but it would be appropriate for you to petition ICANN/IANA as a concerned user of address space (and perhaps an ARIN member, although I don't know offhand if you are) to either take it upon themselves to reclaim address space or delegate authority to do so appropriately (ie, to the RIRs). Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From jb at JBACHER.COM Sat Sep 16 20:25:40 2000 From: jb at JBACHER.COM (J Bacher) Date: Sat, 16 Sep 2000 19:25:40 -0500 (CDT) Subject: consistancy In-Reply-To: Message-ID: > > However, you all must accept the fact that reclaiming IP space and more > > efficient use of new IP allocations are not mutually exclusive. They are in > > fact separate discussions, and decisions on whether to do one will not > > affect the other. > > > > Alec > > Alec: > Agreed. Reclaiming IP space and efficient use of new allocations are > certainly not mutually exclusive, Similarly, the aggrigate preasure on IP > address space affects both discussions and their outcome. Also, the > outcome of both will affect the aggrigate preasure on IP address space. > They are therefore intimately interwoven. Please. ARIN did not choose to enforce a virtual webserver model because it was either bored or there was no concern over available allocation. "Efficient use" was redefined for a reason. The only issue is whether reclaiming space is a viability and whether ARIN gave sufficient consideration to the ramifications of enforcing this new policy. From cscott at gaslightmedia.com Sat Sep 16 21:53:47 2000 From: cscott at gaslightmedia.com (Charles Scott) Date: Sat, 16 Sep 2000 21:53:47 -0400 (EDT) Subject: consistancy In-Reply-To: Message-ID: j: I dont' think anyone is accusing any party of being frivolous or arbitrary. And, I do think we'll all survive the current policy, even if it does result in significant extra work to achieve compliance or present a case for an exception. My point, however, was that you can no more isolate the perception of imbalance from the new policy than you can the need for conservation from the recognition that there are vast unused address blocks. And like it or not, I think that perception relevant. If the only result of this discussion is that there is a greater recognition of imbalance, then I think it's served the original purpose of those who started it. And if from that recognition there is resulting action to work the greater problem, then I think we've exceeded our expectations, even if that action can't necessarily take place within the confines of ARIN. Chuck Scott Gaslight Media On Sat, 16 Sep 2000, J Bacher wrote: > > > > > However, you all must accept the fact that reclaiming IP space and more > > > efficient use of new IP allocations are not mutually exclusive. They are in > > > fact separate discussions, and decisions on whether to do one will not > > > affect the other. > > > > > > Alec > > > > Alec: > > Agreed. Reclaiming IP space and efficient use of new allocations are > > certainly not mutually exclusive, Similarly, the aggrigate preasure on IP > > address space affects both discussions and their outcome. Also, the > > outcome of both will affect the aggrigate preasure on IP address space. > > They are therefore intimately interwoven. > > Please. ARIN did not choose to enforce a virtual webserver model because > it was either bored or there was no concern over available allocation. > > "Efficient use" was redefined for a reason. The only issue is whether > reclaiming space is a viability and whether ARIN gave sufficient > consideration to the ramifications of enforcing this new policy. > From jb at JBACHER.COM Sun Sep 17 11:11:28 2000 From: jb at JBACHER.COM (J Bacher) Date: Sun, 17 Sep 2000 10:11:28 -0500 (CDT) Subject: consistancy In-Reply-To: Message-ID: > I dont' think anyone is accusing any party of being frivolous or > arbitrary. Read my post again. You have misunderstood it. > My point, however, was that you can no more isolate the perception of > imbalance from the new policy than you can the need for conservation from > the recognition that there are vast unused address blocks. And like it or To say that one issue does not impact, directly or indirectly, the other issue would be incorrect. I really can't determine which post you are replying to since it does not address the one that I wrote. From drechsau at geeks.org Sun Sep 17 11:26:31 2000 From: drechsau at geeks.org (Mike Horwath) Date: Sun, 17 Sep 2000 10:26:31 -0500 Subject: consistancy In-Reply-To: <200009161929.TAA28386@vacation.karoshi.com>; from bmanning@vacation.karoshi.com on Sat, Sep 16, 2000 at 07:29:04PM +0000 References: <39C223C0.E77B9256@titania.net> <200009161929.TAA28386@vacation.karoshi.com> Message-ID: <20000917102631.A25627@Geeks.ORG> On Sat, Sep 16, 2000 at 07:29:04PM +0000, bmanning at vacation.karoshi.com wrote: > "Swamp" - based on previous reclaimation data and the > dns delegation data > the "swamp" is in the 207 and 209 prefix range. Most small > route injections are coming from those ranges. I don't see any proof in that URL or any of the links at the end that show that 207 and 209 prefixes are more swampy than the old swamp. -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From drechsau at geeks.org Sun Sep 17 11:29:00 2000 From: drechsau at geeks.org (Mike Horwath) Date: Sun, 17 Sep 2000 10:29:00 -0500 Subject: consistancy In-Reply-To: <39C3DF4F.BA4C9650@hilander.com>; from ahp@hilander.com on Sat, Sep 16, 2000 at 02:59:59PM -0600 References: <39C39C7A.CD6398A0@hilander.com> <20000916130637.A87352@Geeks.ORG> <39C3DF4F.BA4C9650@hilander.com> Message-ID: <20000917102900.B25627@Geeks.ORG> On Sat, Sep 16, 2000 at 02:59:59PM -0600, Alec H. Peterson wrote: > Mike Horwath wrote: > > > > I don't think anyone is arguing about not trying to be more efficient > > at all and that these are completely exclusive of each other and can > > be done in parallel. > > However people do seem to be using the fact that ARIN is not > revoking allocations made before its time to various institutions as > a reason for repealing the virtual hosting policy. Who has done so? I'll spank'em. I do cry 'unfair', though. > Personally I think there are plenty of other objections about the > virtual hosting policy, which is why I am confused as to why so many > people are insisting ARIN do something it has no authority to do. Oh, but it does have some authority, this is a large difference of opinion we seem to be having. -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From drechsau at geeks.org Sun Sep 17 11:31:00 2000 From: drechsau at geeks.org (Mike Horwath) Date: Sun, 17 Sep 2000 10:31:00 -0500 Subject: consistancy In-Reply-To: <39C3EFAC.146AF3A2@hilander.com>; from ahp@hilander.com on Sat, Sep 16, 2000 at 04:09:48PM -0600 References: <39C3EFAC.146AF3A2@hilander.com> Message-ID: <20000917103100.C25627@Geeks.ORG> On Sat, Sep 16, 2000 at 04:09:48PM -0600, Alec H. Peterson wrote: > No, but it would be appropriate for you to petition ICANN/IANA as a > concerned user of address space (and perhaps an ARIN member, although I > don't know offhand if you are) to either take it upon themselves to reclaim > address space or delegate authority to do so appropriately (ie, to the > RIRs). But, if you have space allocated at any time in the last few years...doesn't that make you an ARIN member by default? Or is this a game, like the days of the old MRNet where the 'customers' are members but are as powerless as customers? -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From ahp at hilander.com Sun Sep 17 11:30:51 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Sun, 17 Sep 2000 09:30:51 -0600 Subject: consistancy References: <39C39C7A.CD6398A0@hilander.com> <20000916130637.A87352@Geeks.ORG> <39C3DF4F.BA4C9650@hilander.com> <20000917102900.B25627@Geeks.ORG> Message-ID: <39C4E3AB.2A7EC7F8@hilander.com> Mike Horwath wrote: > > On Sat, Sep 16, 2000 at 02:59:59PM -0600, Alec H. Peterson wrote: > > Mike Horwath wrote: > > > > > > I don't think anyone is arguing about not trying to be more efficient > > > at all and that these are completely exclusive of each other and can > > > be done in parallel. > > > > However people do seem to be using the fact that ARIN is not > > revoking allocations made before its time to various institutions as > > a reason for repealing the virtual hosting policy. > > Who has done so? > > I'll spank'em. > > I do cry 'unfair', though. > > > Personally I think there are plenty of other objections about the > > virtual hosting policy, which is why I am confused as to why so many > > people are insisting ARIN do something it has no authority to do. > > Oh, but it does have some authority, this is a large difference of > opinion we seem to be having. Oh certainly, it does have some authority. It has authority over CURRENT allocation policy in its region of the world. One of the things the AC (and thus the membership later on) will be discussing is how ARIN can reclaim allocations that it has made in the past. That's a good first step towards reclamation of other allocations in the future (once some sort of standard has been established). We can't promise anything, but please know ARIN is concerned about it and is trying to help. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From ahp at hilander.com Sun Sep 17 11:32:48 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Sun, 17 Sep 2000 09:32:48 -0600 Subject: consistancy References: <39C3EFAC.146AF3A2@hilander.com> <20000917103100.C25627@Geeks.ORG> Message-ID: <39C4E420.8E0A9DB@hilander.com> Mike Horwath wrote: > > But, if you have space allocated at any time in the last few > years...doesn't that make you an ARIN member by default? > > Or is this a game, like the days of the old MRNet where the > 'customers' are members but are as powerless as customers? I'm not quite sure what you're getting at, but I'll tell you how membership works. Every year that an entity gets address space from ARIN they pay ARIN an allocation fee. That fee includes membership. So if an entity does not get address space in a given year, then they are not (automatically) a member. However they are free to pay the $500 per year fee to become a member. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From drechsau at geeks.org Sun Sep 17 11:36:52 2000 From: drechsau at geeks.org (Mike Horwath) Date: Sun, 17 Sep 2000 10:36:52 -0500 Subject: consistancy In-Reply-To: <39C4E3AB.2A7EC7F8@hilander.com>; from ahp@hilander.com on Sun, Sep 17, 2000 at 09:30:51AM -0600 References: <39C39C7A.CD6398A0@hilander.com> <20000916130637.A87352@Geeks.ORG> <39C3DF4F.BA4C9650@hilander.com> <20000917102900.B25627@Geeks.ORG> <39C4E3AB.2A7EC7F8@hilander.com> Message-ID: <20000917103652.D25627@Geeks.ORG> On Sun, Sep 17, 2000 at 09:30:51AM -0600, Alec H. Peterson wrote: > One of the things the AC (and thus the membership later on) will be > discussing is how ARIN can reclaim allocations that it has made in > the past. That's a good first step towards reclamation of other > allocations in the future (once some sort of standard has been > established). We can't promise anything, but please know ARIN is > concerned about it and is trying to help. As a 'member' (and I damn well had better be one for the amount of money I pay to 'manage' my IP space!), I suggest that ARIN spend more time reclaiming IP addresses from classical allocation wastage than spending time on how to change policies to further efficiency without doing such. Does that make sense? The problem of IP wastage in the classical allocations is a far bigger problem than some companies using IPs for virtual hosting. I think that more effort should be put into reclamation of such. No more policies on how to be more efficient until there is a way to start reclaiming the old space as from my point of view (and the point of view of many others who have started posting) - this is unfair to have different standards applied. And that is all :) -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From dswartz at druber.com Sun Sep 17 11:42:44 2000 From: dswartz at druber.com (Dan Swartzendruber) Date: Sun, 17 Sep 2000 11:42:44 -0400 Subject: consistancy In-Reply-To: <20000917103652.D25627@Geeks.ORG> References: <39C4E3AB.2A7EC7F8@hilander.com> <39C39C7A.CD6398A0@hilander.com> <20000916130637.A87352@Geeks.ORG> <39C3DF4F.BA4C9650@hilander.com> <20000917102900.B25627@Geeks.ORG> <39C4E3AB.2A7EC7F8@hilander.com> Message-ID: <4.3.2.7.2.20000917114138.00b275b0@216.129.139.99> At 10:36 AM 9/17/00 -0500, Mike Horwath wrote: >No more policies on how to be more efficient until there is a way to >start reclaiming the old space as from my point of view (and the point >of view of many others who have started posting) - this is unfair to >have different standards applied. I agree. And even if ARIN doesn't have authoritiy over some of the biggest offenders, as someone else hinted at earlier upthread, if everyone else starts blackholing their routes, I bet that might get some cooperation. From drechsau at geeks.org Sun Sep 17 11:43:17 2000 From: drechsau at geeks.org (Mike Horwath) Date: Sun, 17 Sep 2000 10:43:17 -0500 Subject: consistancy In-Reply-To: <39C4E420.8E0A9DB@hilander.com>; from ahp@hilander.com on Sun, Sep 17, 2000 at 09:32:48AM -0600 References: <39C3EFAC.146AF3A2@hilander.com> <20000917103100.C25627@Geeks.ORG> <39C4E420.8E0A9DB@hilander.com> Message-ID: <20000917104317.E25627@Geeks.ORG> On Sun, Sep 17, 2000 at 09:32:48AM -0600, Alec H. Peterson wrote: > Every year that an entity gets address space from ARIN they pay ARIN > an allocation fee. That fee includes membership. So if an entity > does not get address space in a given year, then they are not > (automatically) a member. However they are free to pay the $500 per > year fee to become a member. So...that fee I pay every year for said address space does not keep me a member during the 'year' I don't get more address space? To quote: Membership with ARIN is open to any individual or entity and is offered regardless of whether the entity receives address space directly from ARIN. Subscription customers -- i.e. Internet Service Providers (ISPs) that are allocated IP addresses from ARIN -- are extended membership at no additional cost to their subscription fee. Organizations that are not subscription customers are invited to join ARIN and are charged an annual membership fee of $500. So, the statement that Mury may not be a member would be wrong :) By default, any ISP with direct allocation from ARIN is a member according to what I read above. -- Mike Horwath IRC: Drechsau drechsau at Geeks.ORG Home: 763-540-6815 1901 Sumter Ave N, Golden Valley, MN 55427 Opinions stated in this message, or any message posted by myself through my Geeks.ORG address, are mine and mine alone, period. From ahp at hilander.com Sun Sep 17 11:45:18 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Sun, 17 Sep 2000 09:45:18 -0600 Subject: consistancy References: <39C3EFAC.146AF3A2@hilander.com> <20000917103100.C25627@Geeks.ORG> <39C4E420.8E0A9DB@hilander.com> <20000917104317.E25627@Geeks.ORG> Message-ID: <39C4E70E.6E7E32F@hilander.com> Mike Horwath wrote: > > So...that fee I pay every year for said address space does not keep me > a member during the 'year' I don't get more address space? > > To quote: > > Membership with ARIN is open to any individual or entity and > is offered regardless of whether the entity receives address > space directly from ARIN. Subscription customers -- > i.e. Internet Service Providers (ISPs) that are allocated IP > addresses from ARIN -- are extended membership at no > additional cost to their subscription fee. Organizations that > are not subscription customers are invited to join ARIN and > are charged an annual membership fee of $500. > > So, the statement that Mury may not be a member would be wrong :) > > By default, any ISP with direct allocation from ARIN is a member > according to what I read above. Then perhaps I misunderstand how the fee schedule works, hopefully one of the ARIN staff can correct me. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From mury at goldengate.net Sun Sep 17 13:47:40 2000 From: mury at goldengate.net (Mury) Date: Sun, 17 Sep 2000 12:47:40 -0500 (CDT) Subject: consistancy In-Reply-To: <39C3EFAC.146AF3A2@hilander.com> Message-ID: This might sound like nit-picking, but I think it's an important issue to figure out before I "petition" IANA/ICANN with the below request. Does ARIN want to be given authority to oversee those blocks? I certainly don't want to ask for something to be given to ARIN that ARIN doesn't want. Perhaps if the AC, the membership, or whoever needs to, can decide on that first, then ARIN as well as concerned individuals can approach IANA/ICANN with the suggestion/request. If ARIN doesn't want the be given that authority, then as a concerned Internet citizen I'll ask them to do it themselves. While it seems that the RIRs are all setup to be able to deal with the process for accounting for legacy space, maybe a new ASO (Since it probably isn't regional) should be created for dealing with the unique issues that reclaiming will probably have. So, should ARIN (RIRs) have the authority and does it want it? Mury Side note: Can someone tell me how much of the legacy space would fall under ARIN's region? On Sat, 16 Sep 2000, Alec H. Peterson wrote: > Mury wrote: > > > > No offense to you personally with these questions, but I've been told I am > > not qualified to act as any sort of "spokesperson" for the ARIN > > membership, and that I'm an idiot for asking for the list of legacy space > > contacts. > > > > So my questions are: > > > > Is it appropriate for me to "petition IANA/ICANN" essentially on behalf of > > ARIN? > > No, but it would be appropriate for you to petition ICANN/IANA as a > concerned user of address space (and perhaps an ARIN member, although I > don't know offhand if you are) to either take it upon themselves to reclaim > address space or delegate authority to do so appropriately (ie, to the > RIRs). > > Alec > > -- > Alec H. Peterson - ahp at hilander.com > Staff Scientist > CenterGate Research Group - http://www.centergate.com > "Technology so advanced, even _we_ don't understand it!" > From sob at harvard.edu Sun Sep 17 13:55:30 2000 From: sob at harvard.edu (Scott Bradner) Date: Sun, 17 Sep 2000 13:55:30 -0400 (EDT) Subject: consistancy Message-ID: <200009171755.NAA13078@newdev.harvard.edu> > This might sound like nit-picking, but I think it's an important issue to > figure out before I "petition" IANA/ICANN with the below request. Does > ARIN want to be given authority to oversee those blocks? I certainly > don't want to ask for something to be given to ARIN that ARIN doesn't > want. note that not everyone agrees with Bill's characterization of the current state Scott From ahp at hilander.com Sun Sep 17 13:54:27 2000 From: ahp at hilander.com (Alec H. Peterson) Date: Sun, 17 Sep 2000 11:54:27 -0600 Subject: consistancy References: Message-ID: <39C50553.A48746D3@hilander.com> Mury wrote: > > This might sound like nit-picking, but I think it's an important issue to > figure out before I "petition" IANA/ICANN with the below request. Does > ARIN want to be given authority to oversee those blocks? I certainly > don't want to ask for something to be given to ARIN that ARIN doesn't > want. > > Perhaps if the AC, the membership, or whoever needs to, can decide on that > first, then ARIN as well as concerned individuals can approach IANA/ICANN > with the suggestion/request. > > If ARIN doesn't want the be given that authority, then as a concerned > Internet citizen I'll ask them to do it themselves. While it seems that > the RIRs are all setup to be able to deal with the process for accounting > for legacy space, maybe a new ASO (Since it probably isn't regional) > should be created for dealing with the unique issues that reclaiming will > probably have. > > So, should ARIN (RIRs) have the authority and does it want it? That's actually a very good question, and one that should certainly be discussed by various involved parties (membership, AC and the BoT), since it such reclamation will consume ARIN resources. Alec -- Alec H. Peterson - ahp at hilander.com Staff Scientist CenterGate Research Group - http://www.centergate.com "Technology so advanced, even _we_ don't understand it!" From hostmaster at raha.com Sun Sep 17 14:03:30 2000 From: hostmaster at raha.com (Hostmaster) Date: Sun, 17 Sep 2000 21:03:30 +0300 Subject: consistancy In-Reply-To: Message-ID: My goodness... guys, this is getting silly... Now we're getting duplicate and triplicate copies of everything because of all these blasted cc's... I know, I know... I just made it worse by doing the same... but... Since the thread started on arin-discuss and the discussions are not private, can I respectfully suggest we refrain from hitting 'reply to all' and post only on the discuss list for a while... regards Bob > -----Original Message----- > From: Brian Wallingford [mailto:brian at meganet.net] > Sent: Sunday, September 17, 2000 2:24 AM > To: Steve Larson > Cc: Alec H. Peterson; Antonio Querubin; hostmaster at raha.com; > arin-discuss at arin.net; ppml at arin.net > Subject: Re: consistancy From mury at goldengate.net Sun Sep 17 14:51:45 2000 From: mury at goldengate.net (Mury) Date: Sun, 17 Sep 2000 13:51:45 -0500 (CDT) Subject: consistancy In-Reply-To: Message-ID: Hold the fort! I've taken some time to try to understand the authority and the role of ARIN in relation to ICANN instead of taking some people's word for it. Here is a summary of what I found on ICANN's site. I have pasted the text from http://www.aso.icann.org/docs/aso-mou.html further down as a reference. 1) The ICANN bylaws assign to the ASO (which ARIN is) the responsibility for the development of global policies relating to the definition of global policies for the distribution and registration of Internet address space (currently IPv4 and IPv6); 2) Normally, proposals for global policies within the area of the ASO's responsibility will be developed within the RIRs and forwarded to the Address Council for their consideration. 3) In addition the Address Council may accept, for consideration, proposals for changes to global IP address policy from any interested individual or entity. Doesn't this sound like it is ARIN's responsibilty to develop policies and not ICANNs? It sure reads like ICANN has given ARIN not just the authority, but the responsibility to create *global* policies for registration of address space. There are no conditions listed, no exceptions. What am I not understanding? Unless I'm badly mistaken in my understanding of a RIR's role as defined by ICANN, I would like to suggest that ARIN and it's decision making bodies consider creating policies for reclaiming largely unused legacy address space. What I do not know is if this has already been done and rejected by ICANN. If so, I would like to see copies of the rejection so I can approach ICANN as a concerned citizen. Thank you. Mury GoldenGate Internet Services ------------------------------------------------------------------------- (4) Duties of the Address Council. (a) Advisory Role. The Address Council will advise the Board of ICANN on matters referred to the Address Council by the ICANN Board. (b) Policy Development. The ICANN bylaws assign to the ASO the responsibility for the development of global policies relating to the following areas: (i) Definition of global policies for the distribution and registration of Internet address space (currently IPv4 and IPv6); (ii) Definition of global policies for the distribution and registration of identifiers used in Internet inter-domain routing (currently BGP autonomous system numbers); and (iii) Definition of global policies concerning the part of the DNS name space which is derived from the Internet address space and the inter-domain routing identifiers (currently in-addr.arpa and ip6.int). Normally, proposals for global policies within the area of the ASO's responsibility will be developed within the RIRs and forwarded to the Address Council for their consideration. In special circumstances the ICANN board can forward a request to develop a new global policy or to review an existing global policy within the area of the ASO's responsibility to the Address Council. In addition the Address Council may accept, for consideration, proposals for changes to global IP address policy from any interested individual or entity. In all cases when the Address Council reviews a proposal for new global policies or a proposed modification to existing policies in this area it will first solicit the opinions of all of the RIR signatories of the MOU and of the public. The Address Council will weigh the results of these solicitations in its deliberations to determine if it will approve the proposal. At least two thirds of the members of the Address Council must support a proposal for the proposal to be accepted and forwarded to the ICANN board for its consideration. In any case where the ICANN board has requested that the Address Council develop a new policy within the area of the ASO's responsibility, the Address Council will forward that request to the RIR signatories of the MOU. The RIRs will then be given a reasonable time to propose policies to address the request from ICANN. Any resulting policy will be evaluated as described above. If an RIR decides, after reviewing the request, that the request is unreasonable, it can report that opinion to the Address Council. If the Address Council, after reviewing the responses, decides that the request is unreasonable or inadvisable, it can report that opinion to the ICANN board along with the reasons that the Address Council reached that conclusion. ------------------------------------------------------------------------- On Sun, 17 Sep 2000, Mury wrote: > > This might sound like nit-picking, but I think it's an important issue to > figure out before I "petition" IANA/ICANN with the below request. Does > ARIN want to be given authority to oversee those blocks? I certainly > don't want to ask for something to be given to ARIN that ARIN doesn't > want. > > Perhaps if the AC, the membership, or whoever needs to, can decide on that > first, then ARIN as well as concerned individuals can approach IANA/ICANN > with the suggestion/request. > > If ARIN doesn't want the be given that authority, then as a concerned > Internet citizen I'll ask them to do it themselves. While it seems that > the RIRs are all setup to be able to deal with the process for accounting > for legacy space, maybe a new ASO (Since it probably isn't regional) > should be created for dealing with the unique issues that reclaiming will > probably have. > > So, should ARIN (RIRs) have the authority and does it want it? > > Mury > > Side note: Can someone tell me how much of the legacy space would fall > under ARIN's region? > > > On Sat, 16 Sep 2000, Alec H. Peterson wrote: > > > Mury wrote: > > > > > > No offense to you personally with these questions, but I've been told I am > > > not qualified to act as any sort of "spokesperson" for the ARIN > > > membership, and that I'm an idiot for asking for the list of legacy space > > > contacts. > > > > > > So my questions are: > > > > > > Is it appropriate for me to "petition IANA/ICANN" essentially on behalf of > > > ARIN? > > > > No, but it would be appropriate for you to petition ICANN/IANA as a > > concerned user of address space (and perhaps an ARIN member, although I > > don't know offhand if you are) to either take it upon themselves to reclaim > > address space or delegate authority to do so appropriately (ie, to the > > RIRs). > > > > Alec > > > > -- > > Alec H. Peterson - ahp at hilander.com > > Staff Scientist > > CenterGate Research Group - http://www.centergate.com > > "Technology so advanced, even _we_ don't understand it!" > > > > From vaden at texoma.net Mon Sep 18 00:05:00 2000 From: vaden at texoma.net (Larry Vaden) Date: Sun, 17 Sep 2000 23:05:00 -0500 Subject: consistancy In-Reply-To: <39C3DF4F.BA4C9650@hilander.com> References: <39C39C7A.CD6398A0@hilander.com> <20000916130637.A87352@Geeks.ORG> Message-ID: <5.0.0.25.2.20000917225101.02602158@mail.texoma.net> At 02:59 PM 9/16/2000 -0600, Alec H. Peterson wrote: >However people do seem to be using the fact that ARIN is not revoking >allocations made before its time to various institutions as a reason for >repealing the virtual hosting policy. > >Personally I think there are plenty of other objections about the virtual >hosting policy, which is why I am confused as to why so many people are >insisting ARIN do something it has no authority to do. Q: It seems to me that ARIN is stepping over a dollar to pick up a dime; regardless, won't the policy result in all domains on a given IP being unreachable if someone blocks, as a result of perceived or real abuse, the single IP associated with the abusing domain, thus _at least temporarily_ denying service to legitimate customers on that same IP? I admit to ignorance about any blocking techniques which may be available for http 1.1. From cjw at remarque.org Mon Sep 18 22:13:26 2000 From: cjw at remarque.org (Cathy Wittbrodt) Date: Mon, 18 Sep 2000 19:13:26 -0700 Subject: consistancy In-Reply-To: Message from Mury of "Sun, 17 Sep 2000 13:51:45 CDT." Message-ID: <200009190213.TAA22525@pox.remarque.org> You have this slightly wrong. ARIN is not the ASO. The Address Supporting Organization was formed by ICANN based on a MOU that was written by the existing regional registries. You have included most of the MOU below, but it seems that the part about the selecting the council, etc, may be missing. Under that MOU the Address Council was formed by folks nominated and elected by each of the regions. I am on the ASO AC and I have just asked to have legacy space reclaimation added to our agenda for our next meeting in October. If you would like to submit comments or items for the address council you can participate in the aso-policy list or any of the other lists (http://www.aso.icann.org/lists/) Further you can contact me directly. Thanks, ---CJ From: Mury Subject: Re: consistancy Hold the fort! I've taken some time to try to understand the authority and the role of ARIN in relation to ICANN instead of taking some people's word for it. Here is a summary of what I found on ICANN's site. I have pasted the text from http://www.aso.icann.org/docs/aso-mou.html further down as a reference. 1) The ICANN bylaws assign to the ASO (which ARIN is) the responsibility for the development of global policies relating to the definition of global policies for the distribution and registration of Internet address space (currently IPv4 and IPv6); 2) Normally, proposals for global policies within the area of the ASO's responsibility will be developed within the RIRs and forwarded to the Address Council for their consideration. 3) In addition the Address Council may accept, for consideration, proposals for changes to global IP address policy from any interested individual or entity. Doesn't this sound like it is ARIN's responsibilty to develop policies and not ICANNs? It sure reads like ICANN has given ARIN not just the authority, but the responsibility to create *global* policies for registration of address space. There are no conditions listed, no exceptions. What am I not understanding? Unless I'm badly mistaken in my understanding of a RIR's role as defined by ICANN, I would like to suggest that ARIN and it's decision making bodies consider creating policies for reclaiming largely unused legacy address space. What I do not know is if this has already been done and rejected by ICANN. If so, I would like to see copies of the rejection so I can approach ICANN as a concerned citizen. Thank you. Mury GoldenGate Internet Services ------------------------------------------------------------------------- (4) Duties of the Address Council. (a) Advisory Role. The Address Council will advise the Board of ICANN on matters referred to the Address Council by the ICANN Board. (b) Policy Development. The ICANN bylaws assign to the ASO the responsibility for the development of global policies relating to the following areas: (i) Definition of global policies for the distribution and registration of Internet address space (currently IPv4 and IPv6); (ii) Definition of global policies for the distribution and registration of identifiers used in Internet inter-domain routing (currently BGP autonomous system numbers); and (iii) Definition of global policies concerning the part of the DNS name space which is derived from the Internet address space and the inter-domain routing identifiers (currently in-addr.arpa and ip6.int). Normally, proposals for global policies within the area of the ASO's responsibility will be developed within the RIRs and forwarded to the Address Council for their consideration. In special circumstances the ICANN board can forward a request to develop a new global policy or to review an existing global policy within the area of the ASO's responsibility to the Address Council. In addition the Address Council may accept, for consideration, proposals for changes to global IP address policy from any interested individual or entity. In all cases when the Address Council reviews a proposal for new global policies or a proposed modification to existing policies in this area it will first solicit the opinions of all of the RIR signatories of the MOU and of the public. The Address Council will weigh the results of these solicitations in its deliberations to determine if it will approve the proposal. At least two thirds of the members of the Address Council must support a proposal for the proposal to be accepted and forwarded to the ICANN board for its consideration. In any case where the ICANN board has requested that the Address Council develop a new policy within the area of the ASO's responsibility, the Address Council will forward that request to the RIR signatories of the MOU. The RIRs will then be given a reasonable time to propose policies to address the request from ICANN. Any resulting policy will be evaluated as described above. If an RIR decides, after reviewing the request, that the request is unreasonable, it can report that opinion to the Address Council. If the Address Council, after reviewing the responses, decides that the request is unreasonable or inadvisable, it can report that opinion to the ICANN board along with the reasons that the Address Council reached that conclusion. ------------------------------------------------------------------------- On Sun, 17 Sep 2000, Mury wrote: > > This might sound like nit-picking, but I think it's an important issue to > figure out before I "petition" IANA/ICANN with the below request. Does > ARIN want to be given authority to oversee those blocks? I certainly > don't want to ask for something to be given to ARIN that ARIN doesn't > want. > > Perhaps if the AC, the membership, or whoever needs to, can decide on that > first, then ARIN as well as concerned individuals can approach IANA/ICANN > with the suggestion/request. > > If ARIN doesn't want the be given that authority, then as a concerned > Internet citizen I'll ask them to do it themselves. While it seems that > the RIRs are all setup to be able to deal with the process for accounting > for legacy space, maybe a new ASO (Since it probably isn't regional) > should be created for dealing with the unique issues that reclaiming will > probably have. > > So, should ARIN (RIRs) have the authority and does it want it? > > Mury > > Side note: Can someone tell me how much of the legacy space would fall > under ARIN's region? > > > On Sat, 16 Sep 2000, Alec H. Peterson wrote: > > > Mury wrote: > > > > > > No offense to you personally with these questions, but I've been told I am > > > not qualified to act as any sort of "spokesperson" for the ARIN > > > membership, and that I'm an idiot for asking for the list of legacy space > > > contacts. > > > > > > So my questions are: > > > > > > Is it appropriate for me to "petition IANA/ICANN" essentially on behalf of > > > ARIN? > > > > No, but it would be appropriate for you to petition ICANN/IANA as a > > concerned user of address space (and perhaps an ARIN member, although I > > don't know offhand if you are) to either take it upon themselves to reclaim > > address space or delegate authority to do so appropriately (ie, to the > > RIRs). > > > > Alec > > > > -- > > Alec H. Peterson - ahp at hilander.com > > Staff Scientist > > CenterGate Research Group - http://www.centergate.com > > "Technology so advanced, even _we_ don't understand it!" > > > > From mury at goldengate.net Mon Sep 18 23:03:47 2000 From: mury at goldengate.net (Mury) Date: Mon, 18 Sep 2000 22:03:47 -0500 (CDT) Subject: consistancy In-Reply-To: <200009190213.TAA22525@pox.remarque.org> Message-ID: Cathy, Thank you very much. I obviously don't know all the details and issues involved with reclaiming legacy space, so I don't wish to submit any further comments other than it sure makes sense to utilize all the space available before forcing the little guy to make technological changes that he/she is ill equipted to do. Of course we should all make changes that make sense and that we can accomplish within reason. Pick up the $500 bills laying around before scaping for pennies. Even if the $500 bill belongs to the president. Thanks again. Mury GoldenGate Internet Services On Mon, 18 Sep 2000, Cathy Wittbrodt wrote: > > You have this slightly wrong. ARIN is not the ASO. The Address > Supporting Organization was formed by ICANN based on a MOU that was > written by the existing regional registries. You have included most > of the MOU below, but it seems that the part about the selecting the > council, etc, may be missing. Under that MOU the Address > Council was formed by folks nominated and elected by each of the > regions. I am on the ASO AC and I have just asked to have legacy space > reclaimation added to our agenda for our next meeting in October. > If you would like to submit comments or items for the address council > you can participate in the aso-policy list or any of the other lists > (http://www.aso.icann.org/lists/) Further you can contact me directly. > > Thanks, > ---CJ > > From: Mury > Subject: Re: consistancy > > Hold the fort! > > I've taken some time to try to understand the authority and the role of > ARIN in relation to ICANN instead of taking some people's word for it. > > Here is a summary of what I found on ICANN's site. I have pasted the text > from http://www.aso.icann.org/docs/aso-mou.html further down as a > reference. > > 1) The ICANN bylaws assign to the ASO (which ARIN is) the responsibility > for the development of global policies relating to the definition of > global policies for the distribution and registration of Internet address > space (currently IPv4 and IPv6); > > 2) Normally, proposals for global policies within the area of the ASO's > responsibility will be developed within the RIRs and forwarded to the > Address Council for their consideration. > > 3) In addition the Address Council may accept, for consideration, > proposals for changes to global IP address policy from any interested > individual or entity. > > Doesn't this sound like it is ARIN's responsibilty to develop policies and > not ICANNs? It sure reads like ICANN has given ARIN not just the > authority, but the responsibility to create *global* policies for > registration of address space. There are no conditions listed, no > exceptions. > > What am I not understanding? > > Unless I'm badly mistaken in my understanding of a RIR's role as defined > by ICANN, I would like to suggest that ARIN and it's decision making > bodies consider creating policies for reclaiming largely unused legacy > address space. > > What I do not know is if this has already been done and rejected by ICANN. > If so, I would like to see copies of the rejection so I can approach ICANN > as a concerned citizen. > > Thank you. > > Mury > GoldenGate Internet Services > > > ------------------------------------------------------------------------- > > (4) Duties of the Address Council. > > (a) Advisory Role. The Address Council will advise the Board of ICANN on > matters referred to the Address Council by the ICANN Board. > > (b) Policy Development. > > The ICANN bylaws assign to the ASO the responsibility for the > development of global policies relating to the following areas: > > (i) Definition of global policies for the distribution > and registration of > Internet address space (currently IPv4 and IPv6); > > (ii) Definition of global policies for the distribution > and registration of > identifiers used in Internet inter-domain routing > (currently BGP autonomous system numbers); and > > (iii) Definition of global policies concerning the part > of the DNS name > space which is derived from the Internet address space > and the > inter-domain routing identifiers (currently in-addr.arpa > and ip6.int). > > > > Normally, proposals for global policies within the area of the ASO's > responsibility will be developed within the RIRs and forwarded to the > Address Council for their consideration. In special circumstances the > ICANN board can forward a request to develop a new global policy or to > review an existing global policy within the area of the ASO's > responsibility to the Address Council. > > In addition the Address Council may accept, for consideration, proposals > for changes to global IP address policy from any interested individual or > entity. > > In all cases when the Address Council reviews a proposal for new global > policies or a proposed modification to existing policies in this area it > will first solicit the opinions of all of the RIR signatories of the MOU > and of the public. The Address Council will weigh the results of these > solicitations in its deliberations to determine if it will approve the > proposal. At least two thirds of the members of the Address Council must > support a proposal for the proposal to be accepted and forwarded to the > ICANN board for its consideration. > > In any case where the ICANN board has requested that the Address Council > develop a new policy within the area of the ASO's responsibility, the > Address Council will forward that request to the RIR signatories of the > MOU. The RIRs will then be given a reasonable time to propose policies to > address the request from ICANN. Any resulting policy will be evaluated as > described above. If an RIR decides, after reviewing the request, that the > request is unreasonable, it can report that opinion to the Address > Council. If the Address Council, after reviewing the responses, decides > that the request is unreasonable or inadvisable, it can report that > opinion to the ICANN board along with the reasons that the Address Council > reached that conclusion. > > ------------------------------------------------------------------------- > > > On Sun, 17 Sep 2000, Mury wrote: > > > > > This might sound like nit-picking, but I think it's an important issue to > > figure out before I "petition" IANA/ICANN with the below request. Does > > ARIN want to be given authority to oversee those blocks? I certainly > > don't want to ask for something to be given to ARIN that ARIN doesn't > > want. > > > > Perhaps if the AC, the membership, or whoever needs to, can decide on that > > first, then ARIN as well as concerned individuals can approach IANA/ICANN > > with the suggestion/request. > > > > If ARIN doesn't want the be given that authority, then as a concerned > > Internet citizen I'll ask them to do it themselves. While it seems that > > the RIRs are all setup to be able to deal with the process for accounting > > for legacy space, maybe a new ASO (Since it probably isn't regional) > > should be created for dealing with the unique issues that reclaiming will > > probably have. > > > > So, should ARIN (RIRs) have the authority and does it want it? > > > > Mury > > > > Side note: Can someone tell me how much of the legacy space would fall > > under ARIN's region? > > > > > > On Sat, 16 Sep 2000, Alec H. Peterson wrote: > > > > > Mury wrote: > > > > > > > > No offense to you personally with these questions, but I've been told I am > > > > not qualified to act as any sort of "spokesperson" for the ARIN > > > > membership, and that I'm an idiot for asking for the list of legacy space > > > > contacts. > > > > > > > > So my questions are: > > > > > > > > Is it appropriate for me to "petition IANA/ICANN" essentially on behalf of > > > > ARIN? > > > > > > No, but it would be appropriate for you to petition ICANN/IANA as a > > > concerned user of address space (and perhaps an ARIN member, although I > > > don't know offhand if you are) to either take it upon themselves to reclaim > > > address space or delegate authority to do so appropriately (ie, to the > > > RIRs). > > > > > > Alec > > > > > > -- > > > Alec H. Peterson - ahp at hilander.com > > > Staff Scientist > > > CenterGate Research Group - http://www.centergate.com > > > "Technology so advanced, even _we_ don't understand it!" > > > > > > > > > >