[arin-ppml] ARIN-prop-127: Shared Transition Space for IPv4Address Extension

Aaron Hughes aaronh at bind.com
Fri Jan 21 19:20:17 EST 2011 

Jimmy,

Many providers actually need far more than a /10 of space for NAT444. However, since an /8 or more was too much for the community to handle, the compromise is for these providers to use the same /10 in many places within their own network. This space then becomes regional NAT444 space. e.g. East coast will use the same /10 as mid-west and east-coast. 

This is going to be a challenge for providers already. They are going to have to track reporting, authentication, combination of address and port combination paired with time stamp and even potentially real src/dst information as well as which region within their own network the space was used in. The model you are describing simply will not work.

This is not shared space to be cut up. This is a new layer of 1918 space to be used over and over again at times within the same provider and at times less than a /10 in a single provider. It will be used as new 1918 space customers / end users do not know about so there is no conflict with their CPE 1918 space.

Again, large quantities of space will be required for NAT444. NAT444 is going to happen. The space used to accomplish this should be coming from a global policy, however, we are out of time for this to work. If we don't do something soon, people will use space inappropriately. This proposal gets providers to use a known /10 we can filter on and implement it correctly / legitimately, the first time. Please give it support.

Cheers,
Aaron

On Fri, Jan 21, 2011 at 06:07:29PM -0600, Jimmy Hess wrote:
> There is a way, but it might be costly.   What do you think of this model?
> 
> Model:
> Don't   designate the entire /10 for _anyone_ org use any portion of
> at their own will for any purpose;
> e.g.  don't tell ISPs to pick some random /24 in the /10  like they
> would be allowed with RFC1918
> space; indicate they must register,  so every ISP sharing space  has
> to first get a registration of some
> allocation within the reserved /10,  they have to say how they will
> use the space
> (why they need shared IPs),  and every different organization is
> assigned  from that  big /10
> in the same order,  some allocation ranging from  /24 to /20   from
> the reserved /10.
> 
> And there is no commitment that the entire /10 is reserved or will
> always be available for the purpose.
> In other words: no user of the shared space picks for themselves which
> addresses
> in the range they will be allowed to use, but it is assigned to each
> registrant in an order
> that will improve the chances that some of the /10 can be free in the future.
> 
> E.g.
> Don't make it a free-for-all like RFC1918. Don't make it a direct
> permanent assignment from ARIN
> for a purpose;  make it a permanent assignment to a maintainer of this
> reserved address space who
> will dole it out,  and maintain records + contact info  about who is
> using what portion, to applicants in all regions.
> 
> Allow ARIN to choose whether an entire /10 is reserved, or a /10
> equivalent is reserved.
> Require the WHOIS listing to show assignment from ARIN to a  "Shared
> IP Registry"   ORG handle.
> 
> Possibly allow another actual organization or division to be created,
> and require
> the outside organization through agreement with ARIN to apply for and
> obtain space from this /10,
> and administer the space in an appropriate way.
> 
> They will be making non globally distinctive assignments;  meaning
> every new assignment made will overlap to the extent possible,
> with every other assignment (to a different organization), so that at
> all times, the minimum amount of the /10  required is  to be used.
> 
> Require a return of any shared space no longer needed.
> In other words: a  new global IP registry.
> 
> 
> I suggest NRPM policy be sorted so that any  "internal use address
> space"  [private space] utilized for NAT  cannot be used
> to justify global IP allocations,  and should have to be made from the
> shared registry instead;  since this address space can be
> shared space,  it becomes a waste to provide global allocations for
> this private usage.  Any user of NAT444  should
> be required to justify  NAT public IPs  for users  based on a formula
> that takes into account the reduced requirements for IP address space
> that NAT allows.
> 
> IOW:  mitigate IP exhaustion by making  the shared space mandatory
> for designs  that involve NAT444,
> and make it clear a proposed NAT'ed configuration with 60000 users
> behind it does not justify a public /16  (for example).
> 
> Require a return of any address space no longer justified due to
> implementation of NAT, or migration to IPv6 only.
> 
> 
> Then the only way the entire /10  for NAT444 private IPs is "locked",
> is  if  at least one registrant needs the entire /10 for their
> purposes.
> 
> And it only stays that way, while they continue to have that need.
> 
> 
> Require ISPs needing any shared space from the /10  to register,  with
> that new global IP registry, much like a standard  LIR IP
> subdelegation;  with the VERY special stipulation, that the
> subdelegation is non-exclusive,  and the addresses
> are not to have RDNS service and not to be announced,  there will be
> no WHOIS service either.
> Only allocate the portion of the /10  that the ISP needs.
> 
> Impose an annual fee,  just as with unique globally routable IPs,
> based on cost of the "shared registry" existing,
> and that could help sustain ARIN as well,  in the face of few new IP
> allocations; however with no WHOIS or RDNS
> service to maintain,  I would anticipate cost to be minimal  per
> registrant.    When all ISPs that registered to use
> shared space from the /10  are no longer  registered,  or have
> returned their 'shared space' delegations,
> the entire /10 can be returned to ARIN.
> 
> 
> If  no  ISP requires an entire /10  at any point in time,   portions
> of the /10  could then be released in the future.
> 
> or If at any time after the end of year 2012, the  'shared GIR'  does
> not require at least 80% of the /10, then
> the excess portion must be returned to ARIN  for use with future assignments.
> 
> 
> If the shared registry require more than a /10,  then they have to
> justify it,  with the slight variation that additional address space
> requirements are based on the _largest_  necessary subdelegation,
> and   cannot be based on an applicant wanting non-overlapping/
> non-dulicate assignments.
> 
> -- 
> -JH
> -- 
> PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.

-- 

Aaron Hughes 
aaronh at bind.com
+1-831-824-4161
Key fingerprint = AD 67 37 60 7D 73 C5 B7 33 18 3F 36 C3 1C C6 B8
http://www.bind.com/

More information about the ARIN-PPML mailing list