[ppml] IPv6 assignment - proposal for change to nrpm
stephen at sprunk.org
Tue Oct 30 13:57:04 EDT 2007
Thus spake "Ted Mittelstaedt" <tedm at ipinc.net>
>>If you want to talk about waste, look at the folks with a /8 (or two) who
>>could likely fit into a handful of /16s, or the folks with dozens of /16s
>>who only use a single /24 outside of 10/8.
> I'll look - but nobody has named names, so I have to assume that
> these /8's that are supposedly out there are more a matter of myth
> than fact.
They are not myth; I've done consulting work for companies in those exact
>>I've seen plenty of horrifying examples, though NDAs prevent me
>>from naming names.
> Please don't say stuff like that, it is just a bunch of straw men. We
> do not sign NDAs with any customers we do service work for,
> (none have asked)
Lucky you. I'm under NDA to that (past) employer, and that employer is
under NDA to those customers; my NDA bound me to their NDAs. I've asked,
and I'm not even allowed to say who those customers are, and certainly not
details of their internal networks. Even on my own, I've never done
consulting work for any company that _didn't_ demand an NDA, nor have I been
employed by a company that didn't since I was worked retail as a teenager.
So, you can either accept what little I'm able to say, or you can call me a
liar. You have no more ability to prove the latter than I do to disprove
it, but I'll let the audience sort out who they choose to believe.
> and all of these address assignments are a matter of public record
> in whois.
The assignments are; the utilizations thereof are not.
For that matter, a substantial fraction of legacy assignments are to defense
contractors, who have parts of their network that are not only under NDA but
classified. ARIN can't get details about those networks, since AFAIK they
have no staff with the appropriate clearances, and no court can order
disclosure. Even employees in the "white" parts of those companies often
have no clue what the "black" parts look like.
> In any case, you cannot hold someone to an NDA to cover up
> criminal actions, it's an illegal contract in that case.
Now you're alleging criminal actions? All I've seen so far is a _potential_
breach of contract, which is a civil matter.
> A holder like SBC Global who is under RSA is arguably violating
> their contract with ARIN by assigning an overage of IP addresses
> to customers that the customers aren't asking for, in an effort to
> hoard IPs.
That's a matter for ARIN's counsel and/or staff, not us. For that matter,
since the details are almost assuredly under NDA, we have no clue if staff
has reviewed the practice and whether or not they've found it acceptable for
reasons we're not privvy to.
> In any case, without names of actual consumers this discussion
> is merely an idea of what someone thinks is the reality, it is not
> the actual reality.
I know the reality (at least at a specific time in the past) of the networks
where I was the one to design or approve the IP addressing plan -- and that
includes nearly a dozen Fortune 100 companies.
>>However, I know better than to think that all, or even the majority
>>of, legacy holders deserved to be tarred with that brush;
> I was not tarring legacy holders - the block I brought up as an
> example is not legacy.
The company you were referring to is a legacy holder, two /8s in fact. If
they also have non-legacy blocks, then we can presume ARIN staff is on top
of the matter -- or will be next time they come back for more.
>>many have been quite willing to voluntarily return space they don't
>>need. So far, just asking politely has netted ARIN quite a number
>>of returned blocks -- and threats have, so far, netted the
>>community nothing but a bunch of animosity and/or fear.
> You don't have any proof of threats doing anything because, as
> you say, ARIN hasn't used threats. Therefore there is no data as
> to how wasteful holders would respond to a threat.
ARIN staff has not, no, but there have been a large number of discussions
here about sticks which show certain participants are out to get legacy
holders and certain other large companies. We've also heard from legacy
holders that they perceive these to be threats by "ARIN", by which they mean
the community and not the corporation.
Note that this isn't just "wasteful" holders that feel threatened; it also
includes those that are completely within policy.
> I should hope that everyone reading, even those with feeble
> minds, would understand the fundamental basic that you get
> more flies with honey than vinegar. In short, IF your going to
> launch a reclamation effort you START with the Mr. Nice Guy
If you truly believe that, then the only point we disagree on must be
whether we should discuss threats before we exhaust politeness. I find that
distasteful and unnecessarily harmful to public perception.
> By the time the law of diminishing returns acts on a reclamation
> effort, the wasteful holders still out there who have so far ignored
> the nice pleas aren't going to respond to anything other than
> a threat.
If they have ignored the "nice pleas", of course they won't respond to
anything other than a threat. That doesn't mean we need to start working
out what that threat may eventually be, or if we'll even use one, before we
see how well the "nice pleas" work.
> At that time it becomes a cost/benefit decision. Making a threat
> costs money because you have to back it up with lawyers and
> the willingness to use them and those cost money. Thus, nobody is
> going to be daft enough to make a threat over a single wasted /29.
> But, I would hope that the will exists in the numbering authority to
> make a threat over a wasted /8, if the nice guy appeal fails.
OTOH, I bet we could recover 64k /24s for less in legal fees than a single
/8; the folks with /8s have hundreds of lawyers each at their disposal with
nothing better to do than sue annoyances like ARIN out of existance. And if
we go after one, the rest will counterattack to prevent a precedent being
established that they don't like.
As you said, it's a cost/benefit decision.
> Thus, I do not agree with your insistence that we have to close
> the door on threats.
I never said we should "close the door" on them, just that it's premature to
discuss them now. I believe it would be much more productive to spend all
this effort figuring out what sort of outreach we need to do, what carrots
we can offer, etc. If/when that fails, we will have a much more solid idea
of exactly who is left, what they have to offer, what it'll take to get it,
and whether it's worth the effort.
> You get more cooperation with a 2x4 and a nice word, then with
> just a nice word.
With the first guy, yes. The second guy will be watching and find his own
2x4 -- and a bunch of friends to back him up.
Stephen Sprunk "God does not play dice." --Albert Einstein
CCIE #3723 "God is an inveterate gambler, and He throws the
K5SSS dice at every possible opportunity." --Stephen Hawking
More information about the ARIN-PPML