[arin-ppml] 2009.10.20 ARIN open policy hour notes

[Matthew Petach]

Just in case people remotely were curious, I took notes during today's
open policy hour.  I'm sure I missed some people's names and notes,
but hopefully this will be of help for people not in the room.  ^_^;

Matt



OK, back down to Grand ballroom for the ARIN
open policy hour.

They fire it off at 1805 hours Pacific time.

Preview of draft policies on agenda

policy experience report will get moved to Thursday

Policy Proposal BoF
 your time
 recent list discussions

Leslie Nobile, a few items from PPML list, NANOG
list, and other places, and will solicit some
feedback from the room on those.

Anything that we want to bring to the mics?
Nothing from anyone so far.

Preview first, then BoF proper.

Draft policy review
5 on agenda for this week.
not for discussion at this BoF
 please read them, if you haven't already
 have staff and legal review
 draft policies have been on public list
 will be presented at full meeting.
Don't talk about them tonight, save it for the
 list or tomorrow!

Policy development process, flow chart are in it
as well.

2009-3: Global proposal
 allocation of IPv4 blocks to RIRs
been submitted to all 5 RIRs; must be accepted
by all 5 RIRs, and then ICANN board will review
and adopt.
All 5 RIRs have it; this is the ARIN version.
Right now, RIR can go to IANA, show what they
use, and they get get more, usually 1 or 2 /8s.
Once there's no more IANA /8s in free pool.
At that point, RIRs return IPv4 space to IANA
when they get it back to build new free pool
Once every 6 months, RIR can ask for 1/10th of
free pool as allocation.


2009-5: multiple discrete networks
allow IPv6 initial and subsequent requests for discrete,
 independent networks
/32 for ISPs, /48s for end users (and larger)

2009-6: Global: IANA policy for allocation of ASN blocks
 to RIRs.
Right now, 2 pools; 16bit and 32bit
as one pool gets lower, they can go to IANA and request
more of that type.
After Jan 1, 2010, all RIRs will be locked into same
pool; will have to show usage of all ASNs before
getting more.
This would extend ability to get ASNs of each type
 for one more year.
 Submitted to all 5 RIRs.


2009-7: Open access to IPv6
 removes to rules for initial allocation
 removes requirement to advertise single aggregate
 allocation
 remove requirement to be a known ISP in ARIN region
 or to have plane to make 200 assignments in 5 years.

2009-8: equitable IPv4 runout
slows distribution of IPv4 space
ISPs that come to ARIN, and that have been members for
 a year, can request a 12 month supply.
This would reduce supply period based on how many
available /8s IANA has left.
At 20 /8s, goes down to 6 months supply.
At 10 /8s, everyone stuck with 3 month need.

Sets maximium prefix size based on ARINs free pool;
 1/4 of ARIN's free pool, rounded down.

Read the summaries, draft policies, staff assessments,
etc, come to meetings prepared to discuss them.


Now, on to Policy BoF

Informal setting
 presentation of ideas
 discussion and feedback
(5 minutes total)

No committments at this time!

Going forward
your choice:
 do nothing
 continue discussions informally
 take the discussion to PPML
 submit a policy proposal.


So...that's the rules--who has something to talk about?

Remote participation is allowed too...but nobody's
in the room.

Lee Howard, TWC, ARIN board of trustees, the trustees
not allowed to propose, so he's just breaking the ice.

Some discussion during NANOG portion of week;
routing considerations around ARIN policies.
Should ARIN policies take into consideration any
routing considerations?


Dani from PeakWeb
The precedent from IPv4 side is that ARIN doesn't
guarantee routing; it just does registration
services.
That's really where it needs to be.
We're smarter now, we need to take the language
out.
Not enough of us were really watching when the
2bit to 4bit ASNs transition happened; we need
to start getting involved sooner, and speak up
earlier in the process.
We need to focus on proper sizing of allocations,
and let business determine usage.
In IPv4 world, we were trying to deaggregate
class Bs...it eventually worked its way out
in IPv4 world, it'll be able to work its way
out in IPv6 if we let it.

Jason Schiller, Verizon; ARIN is chartered to
shape policy; and policies will shape routing
decisions.  If ARIN starts allocating /30s,
they may not guarantee routability, but once
ARIN starts giving them out, and one ISP
routes them, the pressure will be there for
everyone to route them.
It's useful to be able to take ARIN policy back
to help sell best practices inside your company.

Jon, Internet society
If we're walking in the space of a policy that
will be discussed later...the transfer policy
was difficult for the panelists to understand;
they had to call in lawyers to try to interpret
it.
That kind of feedback from NANOG panelists doesn't
fit with the 3 goals of ARIN.
Clear, technically sound, and useful.

The routing policy question--obligation of ARIN
and other RIRs that they not just conserve scarce
resource, but conserve slots in the routing table
which is a shared commons, globally.  There will
be more discussion of economics during the week.
The tragedy of the commons is well known, and is
well documented; there's economic incentive for
each, but if it happens unbounded, the commons
get destroyed, and they all die.
The global routing table is a global commons;
adding to it will be in the interests of every
individual network access provider.
There is an obligation to preserve slots in the
global routing table...

Aggregation is a goal in the number resource
model, but it's not a criteria.

Cathy Aaronson--irony of statement.
The aggregate part in statement was to preserve
global routing table slots.  That was the intent
at the time.

John Curran, president, CEO of ARIN.
The incorporation and bylaws are wide-reaching,
and talk about technical coordination, which is
very vast.  There are things tied to number allocation
which are in NRPM, but talk about visibility of
information in whois.
the ability to abide by NRPM can be used to decide if
people get new resources, or get to keep existing
resources.
If this group wants to govern what goes into the
routing table, it can go in.
But the community needs to decide if that's a space
we get involved in adding and enforcing via the NRPM.
We can put constraints on routing in NRPM, like we
do with whois visibility.  It's up to us.

Ed Kern--he'd love to have it in the policy to make
Jason to route all the /30s.  :D  The v6 allocation
was BCP in the policy strategy.  It should be taken
out now, and moved to a BCP status.  IETF and ITU
aren't the right forums for this.

Leo Bicknell, ARIN advisory council
we have the discussions repeatedly.  The numbers
agency and network operators exist in symbiotic
relationship; the numbers are needed for routing,
and without routing, there's no need for number
resource registration.
As with any symbiotic relationship, both parties
need to understand the other's needs; both sides
need to keep the other healthy.
ARIN community needs to understand the limitations
of routers and policies that operators are using.
It is not useful for ARIN community to dictate to
operators how to configure their devices...in
general.
Operators need to understand implications of
policy on a 50 year span, not just next year.
Provide useful information on when routers are
likely to fall over back to policy team.
More information sharing, and less dictating
needs to happen.

Dave Farmer, ARIN AC.
Everyone needs to chill out just a little bit.
It's your routers, your policies, yes.
But you have to let ARIN know what policies
make routing policies possible.
It wouldn't be possible to be able to take /48s
for critical infrastructure if it didn't come
from one little corner.
"For this piece of stuff, this is what you can do"
ARIN needs to assign numbers in a reasonable fashion
to allow operators to make decisions around the
numbers.
The ability we have to write policies stems from
ARIN's allocations of addresses in a coherent fashion.

Cathy again.
She's super-excited that people noticed the IPv6
allocation policy, since it's been there for 10
years!  finally, people are looking!
When they went from /19 to /20, they put notes
in saying they were going to look at routing
tables, and retract if it caused too much pain.

Lee Howard--delighted with feedback to that
topic of conversation.  People need to send
email indicating the words to arin.ppml at arin.net;
if you don't know how to write the words, they
will help you write the words.  Their job is
to help you write clear, concise, useful words.
And vote for him on Friday!


New topic from Cathy
Something for ARIN to answer; with v6 allocations, they
are not being sparsely allocated, they are consecutively
being allocated.  Is this on purpose?

A: yes, it's on purpose.  No sparse allocation in v6.
Only 1 RIR is doing sparse, that's APNIC.
They do need to discuss it, John is nodding, they
will discuss it but have not done it yet.


Doni again
Question about if ARIN wants to move from consecutive
to sparse, is that policy based, or can ARIN just
move to do that internally?
A: ARIN can do that internally; Dave Conrad notes that
the initial goal was to use sparse allocation, so it
is a goal, but also a work in progress.

Leah Roberts, ARIN AC
Increment between them could be bumped up before moving
to sparse allocations; could it be moved up a few bits
to a nibble boundry at least?  /29 doesn't map very
well.

Anything else from community members, policy-wise?

Martin Hannigan
Recovery; should we revisit it today?
it's becoming aparent there will be 2 internets out
there; you'll need both addresses for quite some
time.  There will be a market for v4 addresses;
it would be better to see it be rational and fair.
There's operators, policy, and there are shareholders
as well.  Some want to be good, but others have to
keep the economy going, and get our paycheck.
We'll probably see /28s on the internet so v4 can still
'grow' while the move to v6 trundles along.
How do we manage /8s locally, not just under global
policy.

Scott Liebrand
There have been several policies to take baby steps
along the path--what suggestions does he have for
moving in that direction?

Martin replies:
Bite off the low hanging fruit--just define what it
is.  Stragglers, things out there that aren't in
routing table, no valid contacts, etc.
We've had a mishmash, but no coherent plan.
This needs to not be tied into other policies.
Needs to strictly be about reclamation.  Start
low, and then move to high stuff.

Lee Howard
you said recovery a few times; do you mean recovery
of IPv4 unused or underused space?
Unused is very different from underused.
We don't have any policy about underuse of space;
you need to have minimal use to get *more* space.

NRPR section 12--John Curran notes that you should
read the manual; he looks at it many times, and
comes away shaking.  Policy provides ARIN the
necessary tool to do a few things:
it's up to ARIN staff organization to use that
policy; they use it now for addresses that are
not legitimately held by anyone at all.
They can prevent unheld resources from being held
by a party.
If that's low hanging fruit, as it is brought
to ARIN, ARIN is attempting to make sure they don't
get legitimized by ARIN updating records.  But that's
reactive based on suspicious requests coming in.
Other case is resources that aren't being used,
but are legitimately held, even if it's not being
used, never routed, etc.
Those unused or heavily underutilized resources
are *not* being touched right now.  They have a
legacy RSA agreement, that once signed, prevents
ARIN from ever doing anything with that block.

So, no legitimate holder they can catch.   But
the ones with legitimate holders, they cannnot
both offer a legacy RSA, and simultaneously
move against those resources.

To move against resources, we need to resolve that
against legacy RSA agreements.

300 RSA signers, but that covers more than 25% of
the legacy space; so there's more and more coverage
of that space; once signed, they're part of the
system, and by contract, they is no method to
do reclamation on that space.

If we're going to change the legacy RSA, he needs
to know now!

Chris Grundeman, TWC
There was a policy after last meeting, 2008-7, enacted
after last meeting, the intention was to help identify
the fallow space.  The tool will be there to help
identify it for reclamation.

Owen DeLong, HE.net
section 12 para 5 attempts to reconcile issues;
ARIN can reclaim space allocated by ARIN for
under use when legacy RSA is signed.

Leo Bicknell--the legacy space is mired in issues.
non-legacy space, RSA states that if ARIN believes
the space is not being used for the original purpose,
you may need to re-justify it, and if it cannot be
justified, ARIN may reclaim it.

John: they go after such resources *when* they come
to ARIN and attention is drawn to them.  They have
reviewed and revoked resources based on that, but
they are not going out and looking for space that
would fall under those terms.
Most reporting to ARIN is under fraud reporting
process.  It only is used if people feel that
fraudulent claims are made to ARIN in the application
process; any other legal issues are *not* moved on.

John, ISOC
Low hanging fruit may still be on tree because it is
rotten.  APNIC talks about audit trails for space that
is recovered.  If you reallocate it to someone, and it
turns it is ACL'd off or blacklisted for places they
need to reach, they are not better off for getting
the space.
When space is recovered, can its history go with the
block, so that potential recipients know what they
are getting.

Leslie Nobile notes that space reclaimed through various
means is held for 1 full year, and they use RBLs, checking
140 RBLs and lists, and noting that it has been fallow
for a year; they attempt to ensure they are issuing
clean space as much as possible.  they are very aware
of this, it's not a policy, but it's an internal
proceedure.

Martin
policies and procedures are great, perhaps if ARIN
could wave the flag and let us know, that would be
great.

There's some low-hanging fruit that isn't caught
by the policies; if you're the POC, and the company
went bankrupt, it's really easy for POC to just hold
onto the space.
He thinks there's some low hanging fruit we may be
stepped on.

Also, legacy /8s getting returned need a local, non
global policy to handle them.

XXX from Jamaica, covers issues around ICT,
learning a lot at ARIN meeting.
Reading mission statement up on wall, a question
to the staff and community.
How do you draw line between a watchdog or deal
with issues, when one main activity is to facilitate
the advancement of Internet while outreach and
education is a primary goal.
It seems the Internet is such a huge monster, it
needs this broad-based consensus at all times.
The issues are overwhelming, the v4 to v6 migration
needs even more education and outreach around it.
She's learning a lot, and hopes ARIN can help
educate even more about how these issues can be
addressed and handled in the Carribean region.

We're out of time; it's a few minutes after seven.

Beer and pizza party up in rotunda, first elevator
on the left, runs from 7pm to 9pm.

Thanks to everyone who brought questions to the
microphone today!!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20091020/4fbad6ee/attachment.htm>