[ppml] Proposed Policy: PI assignments for V6
marcelo bagnulo braun
marcelo at it.uc3m.es
Tue Dec 7 05:49:05 EST 2004
Hi Owen,
El 06/12/2004, a las 21:23, Owen DeLong escribió:
[...]
>> In any case, as you may well notice, any multihoming solution
>> compatible
>> with PA addressing will require that:
>> - multiple PA prefixes configured in the multihomed sites (instead of
>> one)
>> - it won't provide PI addressing (so a multihomed site will still
>> have to
>> renumber if it changes providers)
>> This two reasons make it a priori an inferior solution to obtaining PI
>> addressing on the eyes of the multihomed site, even though it is a
>> much
>> superior solution in the eyes of the community since it preserves
>> global
>> routing system scalability.
>
> I think you have a different perception of the community than many on
> this
> list. The community includes the multihomed organizations as well as
> the
> providers.
Ok. First of all, imho we should separate providers from end-sites.
Providers imho should be able to get their own PA address block, since
they will aggregate their customers blocks.
As you may know in some regions any ISP can get their own PA block
(IPv4) just paying the fee. imho that's good
OTOH, imho end-sites should not, by default, be able to get their own
IPv6 PI block, yet, until we explore other options.
(just a terminology nit, if we are assigning address block to a
provider, and this provider will assign it to their customers, it is by
definition PA, right. OTOH, if we assign it directly to end-sites, this
is really PI. So i am not sure that the terminology applied in the
proposed policy really applies to isps, but in any case this is not the
main issue here)
> The reality is that PI as implemented in V6 currently provides
> yet another path for provider-lockin through the difficulty of
> renumbering
> and many organizations do not consider that a palatable situation.
OK, this is a very good point
So we are not talking about using PI addressing to achieve multihoming
here, but PI as a goal in itself, to obtain provider independence. OK,
conceptually i very much subscribe to your p.o.v. that provider
independence is a very important thing.
However, i have have some concerns/questions:
First, if provider independence is a value in itself, then why do you
associate it it with multihoming? i mean, as i read the policy, the way
for an end site to obtain a PI block is basically to be multihomed, why
do you want to provide such privilege to multihomed users? i mean
provider independence is a value for any user, multihomed or not.
Moreover, if a multihomed user is using PA addressing from his
upstreams, then i would argue that he is more independent from his isps
than a single homed user. This is because he has two (or more) address
blocks, so if he decides to change one of his providers, he still has
the addresses from the other providers stable. In the case of a single
homed user, when he decides to change his only provider, he has no
stable addresses. So i would conclude that it would be better to
provide a PI assignment policy that doesn't really depends on whether
the user is multihomed or not.
Second, are there any other options that would provide the benefits of
pi without actually assigning pi blocks? i mean renumbering procedures
in ipv6 are suppose to address some part of this problem, are there
any operational experience that they are not good enough? ULAs are
supposed to provide stable internal addressing without the problems
caused by ambiguity, are there any operational experience that there
are problems with this? are you aware of other features provided by PI
addressing that should be addressed? (besides multihoming, i mean :-)
Third, do we know that we can make PI addressing work/scale? or, to be
fair, do we know that it doesn't work? from what i heard, some experts
consider that this is a huge problem, but you may have heard
different...
> If v6
> ever delivers a solution that solves the various issues (multihoming in
> various forms is but one of the issues) related to PA space, then, we
> can
> revisit and possibly repeal the policy. Unlike the v4 swamp, there's
> no
> address space in v6 that isn't subject to renewal by the registry. As
> such,
> policy changes can, in the v6 world, correct past allocation policies
> in
> the long run.
Ok, i don't really buy this stuff
I don't think we can easily correct mistakes, see v4 swamp now, see the
% of the IPv4 address space that was assigned before CIDR.
>
>> In any case, if a PI assignment policy is adopted, the PA compatible
>> multihoming solution won't get any chance to get deployed i guess,
>> since
>> i guess that multihomed sites will have the following choices:
>> - A PA compatible solution which: doesn't provides provider
>> independence,
>> requires multiple prefixes and it is new i.e. no experience, no
>> products,
>> no previous knowledge
>> - a PI multihoming solution: everything works as you already know
>> What do you think multihomed sites will choose?
>>
> Or translated:
>
> You want to see PA multihoming get adopted even though you know it will
> be perceived as an inferior solution by a significant portion of the
> community. Therefore, you think ARIN should block the solution which
> is
> perceived as superior in order to support the other one.
>
YES, this is whole point since this is the only way we know to prevent
the tragedy of the commons or public goods problem.
Trust and enforcement.
From the perception of each individual, the solution that preserves the
public goods is an inferior solution, and it is probably more
expensive/difficult for him. (in our case, a PA compatible multihoming
solution will impose managing multiple prefixes, gaining new experience
and so on)
However, from the community p.o.v. this is the only solution in the log
run. So how do solve this problem?
You cannot expect that those who would get the benefit refrain
themselves because they know that is the best thing to do for the
community.
So, the community as a whole has to preclude the behaviours that
hinder/abuse from the public goods in benefiting a few ones (in our
case public good=global routing table, the few ones that are benefited=
multihomed users)
So we should build policies that protect the community. Please note
that trust is another fundamental factor, since the preservation of the
public good only makes sense if everybody preserves it. So if trust is
broken i.e. a behaviour that allows individual to benefit from the
public good is permitted, then the trust is broken and you cannot
expect anyone else to preserve the resource. (in other words, imho this
is global problem, not local to a region, that is why i am here, so far
from home :-)
So i would indeed expect the community to prevent solutions that are
perceived as superior by the individuals but are perceived as inferior
by the community as a whole
> Provider independence is a BIG IMPORTANT factor to a lot of
> organizations
> in the community.
as i said before i very much agree with this point, but i would like to
explore alternatives to achieve the same goal. In particular, i would
like that people could give a chance to the PA compatible multihoming
solution, and to IPv6 renumbering mechanisms, and ULAs and so on...
>
>> My proposal is to wait until a PA compatible solution for multihoming
>> is
>> developed and some experience is gained with it. Then we can see if
>> it is
>> useful and especially who is useful for. Probably it won't be good
>> enough
>> for some sites, and probably then we will need a PI asignment policy
>> to
>> satisfy the need of those sites.
>> But we shouldn't do it now, that the multihoming solution is not yet
>> here, and we would be killing it before it comes.
>>
> If it's truly beneficial
i guess that by now, it is clear that the key question is: beneficial
for who?
for the community, of course. For the user, probably less beneficial
that the PI based one (just because its experience with the existing
solution)
> when it comes, we can look at repealing this policy
> or providing incentives for it.
this means that we would be accepting a solution that we have serious
hypothesis that doesn't scale without giving a chance to exploring
other solutions that may work. i am not sure is like this approach
> However, many organizations have real networks
> to run in the meantime. We shouldn't abandon this policy just because
> it
> might interfere with the adoption rate of some future proposal that
> may or
> may not meet the desires of the community.
i guess this is a key issue here. are current running networks have a
desperate need for this PI assignment that we cannot wait to explore
alternative solutions?
Regards, marcelo
>
> Owen
>
> --
> If it wasn't crypto-signed, it probably didn't come from me.
More information about the ARIN-PPML
mailing list