[arin-ppml] What is a subnet?

michael.dillon at bt.com michael.dillon at bt.com
Tue Jun 2 12:10:30 EDT 2009

> Indeed, asking how many hosts someone has really makes no sense.
> We'd like to make policy that says something like:
> If you need 0-64 subnets you should get a /56.
> If you need 65-32768 subnets you should get a /48 If you need ....

By doing that, you lose the property of one-size-fits-all 
which facilitates standardisation of network architecture
and that standardisation is a real benefit to end user
customers. We already have allowed the assignment of 
/56 to residential customers, which doesn't really lose
this property assuming that everyone understands that
any application or equipment targeting residential 
customers needs to fit within a /56. It is very, very 
unusual for a residential customer to change to a 
business, and vice versa.

> But that sort of policy will require ARIN staff to know how 
> to evaluate a "subnet".  Which of the properties above 
> counts?  Which of these "justifications" is acceptable?
>     - I believe more than 256 hosts in a broadcast domain is 
> a bad idea,
>       and I'm a university with 40,000 hosts, so I justify 
> 157 subnets.

If you actually implemented it that way and can show the
hardware receipts then it is justified. But people
don't design networks like that. First of all, there are
other reasons why one might assign a /64 per floor, aggregated
into a /56 per building with perhaps another level of
aggregation separating admin and educational facilities.
The dorms are a whole separate story because you can just
assign a /56 per room, and not worry about any other levels
of hierarchy.

>     - Every department needs to be a subnet so I can filter 
> them separately.

Departments would not be handled at the /64 level but at 
a higher level of aggregation, assuming that your addressing
hierarchy tracks the university's org structure.

>     - Every floor of the building needs a subnet because that 
> is how we
>       have always done it and it's easy to manage.

And you can go on adding devices ad infinitum without ever running
out of that /64. You'll need to allocate dynamic addresses to all
those people wearing computers who wander on and off the floor.

> Indeed, it's easy to see folks trying to game the system, 
> taken to its extreme: We put every host in its own VLAN for 
> security reasons, and have 40,000 hosts, so we need 40,000 subnets.

This is ridiculous technical design. It is hard to see a motive
for gaming the system. The means for gaming it involve unnatural
technical designs. Without means and motive, what does it matter
that there is an opportunity? It's like all those shop windows
in the street. Every pedestrian has an opportunity to smash
one of those windows, but they rarely do so. That's because bricks
and stones are in short supply, and there's generally no good
reason to smash a window.

> What's the work item here?


> Answer one simple
> question: What is an IPv6 subnet to you?

It's not just a /64 but also any number of /64s that are aggregated
under one prefix, whether /62 or /59 or whatever. In essence, it is
a section of the network that I would like to refer to with one
address, namely the prefix/mask. It could be one or more LANs, one
or more VLANs, or just some geographic area (building, campus).

--Michael Dillon

More information about the ARIN-PPML mailing list