[ppml] Policy Proposal 2006-4: IPv6 Direct PI Assignments forEnd Sites - revised text

Tue Apr 4 12:57:27 EDT 2006

Thus spake <Michael.Dillon at btradianz.com>
> It would be really helpful if the IAB would comment on the original
> thinking behind the IPv6 /48. There is far more uncertainty about
> this issue than there should be at this late date.

We've been 'round and 'round on this before; the definition of "end site" is 
obviously inadequate.

I don't think the IAB (or IETF) is the right group to ask; with all due 
respect to the v6 architects, decade-old misguided intent is irrelevant.  I 
think it'd be more instructive to see how ARIN itself has been interpreting 
the term to date, for both IPv4 and IPv6.  If there's consensus that they're 
wrong, we can clarify the policy.

...
> So, in conclusion, I believe that it is more in tune with
> IPv6 policy to say that an OFFICE of an organization is
> considered to be an end-site. Remoteness is not an issue.
> The issue is more one of discrete locations. If the office
> is in a multi-story office tower, then it gets its own /48.
> If the office is in a multi-block campus, then it shares
> a single /48 with the rest of the campus. If this latter
> seems unfair for a large university or Microsoft in Seattle,
> let's not forget http://www.arin.net/policy/nrpm.html#six9
> which explicitly, in 6.9, notes that very large subscribers
> are an exception to the /48 rule.

I'd propose that a single network with private connectivity between 
locations should count as a single "site".  This roughly correlates with who 
qualifies for an ASN.  If the number of locations/subnets within that AS 
justifies it, they would qualify for a larger prefix than /48.

Consider that if such an org were to get PA space from one or more LIRs, 
they would get _at most_ one prefix per connection.  They would not get a 
/48 per internal location.  Why should PI policy be different?

Also, is there a compelling reason for IPv6 policy to be different in this 
respect from IPv4 policy?  I don't think IPv4 policy is currently 
interpreted the way you're proposing.  Not that they need to be the same, 
but I'd like to see solid reasons (with consensus) on why they should be 
different.

> Large organizations are not monolithic creatures. They are
> composed of multiple legal entities and they operate multiple
> functions out of many different locations, often grouping
> certain functions into certain locations. They regularly
> dissect themselves and trade pieces around, i.e. merger and
> aquisition. To force such organizations to live inside a single
> /48 means to force them to undertake a tremendous amount
> of renumbering churn that individual Internet users are not
> subjected to.

M&A activity involves a lot more than one company buying X locations that 
previously belonged to another.  While some undoubtedly happen that way, it 
usually involves a subset of users and equipment at several locations, so an 
entirely new subnet scheme is needed (and/or new locations).  Even if an 
entire location is bought, it will eventually need renumbering anyways to 
fit with the buyer's internal aggregation when it's rehomed to the new WAN.

In short, having a PI /48 per location may allow some network admins to 
delay the inevitable, but at what cost?

> However, assigning a single /48 to each physical location (discrete
> street address) will allow such organizations to carry out a large
> percentage of M&A activity without absolutely requiring renumbering.

For varying values of "large" and "absolutely".

If the M&A targets are sufficiently independent to have their own ASN and 
own private network, I'd agree with that statement -- but at that point, 
they should qualify as a separate org for the purpose of PI policy and could 
get their own /48 (or more).  No renumbering either way.  Giving each 
location a /48 burns lots of routing slots for little real benefit.

> They may still need to do pure NAT where their Internet connectivity
> is centralised or switches providers, but the network architecture
> designed around an interchangeable /48 network size, will minimize
> the changes.

The fundamental problem with your model is it creates a situation where, 
after a few years of M&A, large companies will be advertising hundreds, if 
not thousands, of unaggregatable /48s per ASN.  This _will_ create routing 
table problems and lead to wholesale filtering of PI space.

The goal should be one PI prefix per ASN.  Your model starts with that on 
day one, but it will invariably get worse over time.

S

Stephen Sprunk        "Stupid people surround themselves with smart
CCIE #3723           people.  Smart people surround themselves with
K5SSS         smart people who disagree with them."  --Aaron Sorkin 