[ppml] 2005-1 status

George Kuzmowycz George.Kuzmowycz at aipso.com
Tue Jan 31 13:42:35 EST 2006 

>>> Kevin Loch <kloch at hotnic.net> 01/30/2006 11:42:56 PM >>>
Stephen Sprunk wrote:
> Thus spake "Kevin Loch" <kloch at hotnic.net>
>> My memory of the last meeting is a bit foggy but I distinctly
remember
>> that as a suggestion by several people.  I think it came out of the
>> "one size does not fit all", and "host counts are stupid, why not
>> count subnets or locations" train of thought.
> 
> I agree that one size doesn't fit all, but I think it's more relevant
to 
> count the number of subnets than the number of street addresses (or
hosts).

Here is an alternative version that starts with default assignment of 
/48 and allows for more with justification for the extra subnets.
I'm not sure if "justify need for additional subnets" is clear enough.
What justifies the use of a subnet?

Add new subsection in section 6.5 of the NRPM:

   6.5.8. Direct assignments to large/complex end sites
>>>

Please forgive me if I'm not doing this "correctly", but even though
I've lurked on this list for a while I have never participated in any
policy development processes.

What I see distinctly under-represented here is the
corporate/enterprise IT view, and as a result I think the vagueness of
the "large/complex" will lead to problems. In my view, the direction
this policy is taking will lead to even a lower rate of corporate IPv6
adoption than the pessimists here think. In today's environment, an
organization does not have to be particularly "large" or "complex" to
have legitimate need for PI space and real multi-provider multi-homing.
A policy which makes that more difficult than it is today is doomed.

Keep in mind, please, that network architecture decisions in the real
world are increasingly not being made on the basis of technical (i.e.
protocol-level or routing-policy-level) factors. Network architecture
decisions are being driven by what can be justified to compliance
officers, internal auditors, third-party review (audit or otherwise),
data security officers, etc. These may be people who know just enough
about networking to pass a CISSP or CISA or CIA exam but have no idea
what BGP is. There are many, many organizations that are large enough to
have an IT staff and an internal audit or compliance staff but not large
enough or old enough to have a legacy /16. Many of these organizations,
publicly, maybe are only a couple of /30's, but behind that could easily
be a /20's or a /19's worth of devices. Under current policy, the only
way to get PI space for such an organization is to renumber to non-1918
space or to stretch the truth with ARIN (which seems to be the
nudge-nudge-wink-wink sort of advice that one occasionally gets). Yet to
an IT Director or above, who asks why we can have telephone number
portability but not IP address portability, what's the answer?

I saw this come up on the list a bit around a week ago, but have the
feeling that the provider community, which dominates this process, isn't
listening. Policies which are predicated on providers' statements (as
I've seen here) of what an AS "needs" without listening to what those
ASes want and why don't make for a sustainable business model, IMO. It's
not that we (the customers) don't trust you, it's that in today's
regulatory/business environment we no longer are permitted to trust you.
If I don't have a solid plan for what to do quickly and painlessly to
switch ISP's, I lose my job or our customers or both. For better or for
worse, PI space and multi-homing are the answer du jour.

Off to don my Nomex.

More information about the ARIN-PPML mailing list