[arin-ppml] Set aside round deux

Roger Marquis marquis at roble.com
Wed Jul 28 22:18:40 EDT 2010 

>> If you are worried about vast tracts of IPs ripe for the plucking,
>> then let's write policy to find and recover those tracts - Or at least
>> to stop Orgs with those unused/underused resources from getting more.
>> Size, type, industry are not the issues here; efficient utilization
>> is.
>
> Find and recover is a non-starter because it costs too much money
> for ARIN to do this kind of detailed audit.

One FTE is too much money for ARIN?  Considering the ROI I have to
disagree.

> Efficient utilization is unknown without audits.

Agreed, however, this sort of audit is not only feasible it is actually
pretty straightforward.  It would have to be done in two phases, the
first automated ie., collecting statistics, the second manual and
personal.  Phase two would be much like what we think of as "management
by walking around" requiring face time, on-site visits, meetings, and a
fair bit of travel by the auditor.  There's just too much detailed
understanding and communication required to leave anything other than a
small percent of this job to emails, phone calls, or anything other than
face to face discussion.

Tech audits are never easy, however, these would be different in some
respects.  One difference would be with regards to stonewalling.  Every
auditor and project manager has to deal with stonewalling, but in this
scenario the case for treating such responses as strong indications of
hoarding and waste would be compelling, and should result in raising the
profile of that particular org's audit and also raising its requirements
for keeping old and requesting new addresses.

As with any audit this one should be based on pre-defined policies to the
extent possible.  Those policies would have to insure confidentiality,
indemnification (for auditors and whistle-blowers), and strong
disincentives for failing to facilitate the auditor's task at a minimum.

I can think of a number of individuals on this list would would excel
at such an audit, and I'd love to do it myself (for the right
compensation).  It would also be a great way around many of the
disagreements and misunderstanding we continually deal with on this list
which are solely due to the limitations of email.

> P.S. Fairness is irrelevant. Any set aside policy is unfair. Doing nothing
> is unfair. Life is unfair. We aren't here to change the world, just to
> reduce the chaos and disorder of the IPv6 transition.

That's probably not a productive motivation for an IPv4 audit.  An
auditor would have to be equally aware of both the need for an IPv6
transition and the real-world barriers to that transition.  Agendas like
some (including myself) have expressed with regards to IPv6, NAT, GUA,
etc. would have to take a back seat to understanding and appreciation of
day-to-day operational realities and, most importantly, organizational
budgeting and politics.

If my experience working at orgs who have and continue to hoard /8s and
/16s is representative, the amount of recoverable address space using
this methodology would be upwards of 20% of all IPv4 addresses.

IMO,
Roger Marquis

More information about the ARIN-PPML mailing list