[arin-ppml] Continuation: Policy Change Request: IP Address Assignment to Educational and Non-Commercial Organizations

James Hess mysidia at gmail.com
Sat Nov 28 21:22:37 EST 2009

On Sat, Nov 28, 2009 at 6:00 PM, Christopher Mettin
<cmettin at gqbc-online.com> wrote:
> We just need maybe 2 or 3 blocks containing up to 255 hosts (of IP v4
> addresses).

If you need blocks of global IP addresses, ask your upstream ISP for
the blocks to be assigned to the networks first. ISPs  receive blocks
of IP addresses  for the sole purpose of delegating to customer
networks. Provided the customer network has a  documented justifiable
need for the amount of IPs.

ARIN does not sell IP addresses.   IP addresses are not for sale,
although, there are fees  involved in obtaining IPs from ARIN,  the
main criteria, is you first must have a justifiable need  for  the
minimum sized block,  that is

You only go to ARIN if you need an allocation of least a /20 (4096
ips), or  are multi-homed with 2 or more ISPs and  need at least a /22
(1024 ips),  and can get the documentation to show that you will meet
the utilization criteria.
This is all described in the  Number Resources Policy Manual:

If your ISP won't assign needed IPs to you, it might be time to switch
ISPs or get a renegotiation of the contract with your ISP, including
provisioning of  IP addresses that you have documented need for.

If the ISP is not willing to work with you to get the IPs you need...
then what good is it to get IPs delegated from ARIN  or from someone

Only for your ISP to then tell you they aren't willing to announce the
IP addresses for you,   or  to grant you a BGP feed  for announcing
the space.

Unless an ISP of yours does extra work to provide the connectivity,
you'll have no means to actually use those newly acquired IPs:  it's
not possible to simply assign one to your router and be done with it.

Your ISP has to designate a static IP that your router can use.
Your newly acquired IP block needs to get announced by some ISP
connect to your  sites,  who is willing to forward traffic addressed
to those IPs to your sites.

> change every 24 hours. Static IP addresses allow us to allow a connection
> establishment without allowing people other than our students to join. But
> having dynamic IP addresses only, we are forced to allow access by the
> entire ISP subnet which could mean a potential harm to our network.

For such an application  I would suggest utilizing  PRIVATE IPs and  a
VPN application,  for example you could subscribe to a service such as
 Hamachi  (for example)  to  create connections between locations.

Only allow users to "share"  resources when connected to the VPN service.

Or  get your ISPs to provide each location at least 1 static IP for a
VPN router:
in that case, with a large number of schools, there is a good chance
some would be already utilizing PRIVATE IPs,  and  some could be
utilizing overlapping ranges.

One might look  into  applying for   IP addresses for that
non-connected  network,  then,  to avoid  conflicts with 10/8
172.16/12 and 192.168/16  addresses  already in use.


More information about the ARIN-PPML mailing list