[ppml] Proposed Policy: IPv4 Countdown

Stephen Sprunk stephen at sprunk.org
Thu Mar 15 15:15:01 EDT 2007 

Thus spake "Ted Mittelstaedt" <tedm at ipinc.net>
>>Microsoft peers with lots of networks (especially via 8075).
>>They do appear to use 3356 transit for certain prefixes but
>>that may not be out of necessity, and even those prefixes are seen
>>by many peers directly.
>>
>>They also have much more than just a single /16.
>
> Yes, I know.
>
>>Much of it is assignments made by ARIN under modern policies
>>(including justification requirements).
>
> Ah, yes.  Now, please explain how exactly ARIN continues to make
> sure that these requirements are met?
>
> We got space allocated from ARIN a number of years ago.
> Never once since then have we ever gotten a phone call from
> ARIN asking to re-up our justification.  Nor has anyone that I have
> ever heard with space allocated.  As long as you pay your bill
> every year they don't talk to you.

They verify the requirements are met before another assignment is made. 
There is an unstated assumption that nobody's requirements will ever go down 
substantially.  That's obviously wrong, but one must balance the cost of 
fixing it vs the cost of not fixing it.

> Perhaps one part of a "address reclamation" proposal might be
> that the number registries are required to contact the address
> holders once a year and get a new justification.

Similar things have been proposed in the past, but it never seems to go 
anywhere since it's assumed most of the waste is in the pre-ARIN space and 
there's still no definitive answer whether ARIN has any right to revoke such 
assignments/allocations, nor do we have anyone paying fees on such blocks 
which indicates at least a minimal interest in keeping them.

>>They may ask for additional space in the
>>future.  I have no doubts that their space is efficiently utilized.
>
> And there be the problem.  From the Internet's point of view, if a
> company like MS gets a /19 allocated and puts it ENTIRELY
> behind it's own firewalls, with no access in to those addresses
> from the outside, then what use is that to the Internet?  Not a
> damn bit.

That's within policy.  They're encouraged to use private space, but if they 
claim they can't, they can get public space.  If you don't like it, and 
don't agree that addressing uniqueness is a Good Thing(tm), then put up a 
policy proposal to eliminate that policy provision and see how many people 
agree.

Also, don't think that "behind the firewalls" means that no other company 
sees it.  I've worked with several customers that NAT to the public network, 
but their private connectivity to business partners uses the real 
(non-RFC1918) addresses.  For a company the size of Microsoft, that's a 
significant possibility.

> If a situation develops in 5 years where ARIN is telling people they
> cannot allocate any IPv4 space, while at the same time you have
> large organizations like Microsoft sitting on hundreds of
> thousands of IPv4 numbers that are unreachable from a
> traceroute on the public Internet, I forsee a huge political outcry
> that will basically destroy ARIN's authority to allocate numbers.

Hardly.  Someone will float a policy that reflects the new reality, and it 
either gets accepted or not.  If not, ARIN simply won't have any numbers to 
allocate regardless of its authority.  I think that'll be sufficient 
motivation to get such a policy passed when that day arrives -- but I'm not 
holding my breath that it'll be done before collapse is truly imminent (and 
by that I mean 4-5 years from now).

S

Stephen Sprunk      "Those people who think they know everything
CCIE #3723         are a great annoyance to those of us who do."
K5SSS                                             --Isaac Asimov

More information about the ARIN-PPML mailing list