[arin-ppml] IPV4 allocations

Jon Radel jradel at vantage.com
Sun Jan 4 11:43:18 EST 2009

Artur (eBoundHost) wrote:
>> What is a "shared block" in this context?  
> In the hosting industry, we have an option.  We can allocate an ip addr for each website or we can host thousands of websites from a single 'shared' ip.  A Unique IP is handed out to customers who have special needs such as anonymous ftp and ssl certs. There is a small premium to cover the extra management and arin fees ($2 per month). 
> This is a model that works well my industry and I wonder why its not implemented with ISPs. 
At the technology level, where the bits and protocols have to actually
work, using NAT and having an HTTP server which implements the (now
ancient) HTTP 1.1 extensions to allow using Host: to indicate which of
multiple web sites should be served have essentially nothing to do with
each other.  This despite having the same goal:  conservation of IP

> The vast majority of customers would have no idea about NAT and it would have no effect on their experience. And those that would genuinely need a publicly visible or static ip should be able to request an allocation. 
Do you have a reference for that statement?  Numbers?  Studies? 
Evidence of any sort, even if blatantly anecdotal?  If not, I'm afraid
that I'll be going with the folks who have reported on the results of
actual experiments or have enumerated some of the many widely used
protocols which would break.
> Understand where I'm coming from, I'm not trying to make policy that nobody wants but trying to understand it. 
Understanding the technology also has its uses.

BTW, giving your customers dedicated IP addresses just because they use
SSL certs is a terrible waste of addresses.  There are several
mechanisms for using certs on virtual hosts that share an address.  Of
course, none of them actually have universal support among widely
deployed browsers and CAs, but why worry about support headaches and
unhappy customers when you can save an IP address?  ;-)   (See
http://wiki.cacert.org/wiki/VhostTaskForce for a light-hearted overview.)

--Jon Radel
jradel at vantage.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3303 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20090104/b4158e17/attachment.bin>

More information about the ARIN-PPML mailing list