[arin-ppml] 2600::/12 LOA

Matthew Kaufman matthew at matthew.at
Sat Mar 29 20:23:24 EDT 2014


On 3/29/2014 5:58 AM, John Curran wrote:
> On Mar 28, 2014, at 11:56 AM, David Farmer <farmer at umn.edu> wrote:
>
>> On 3/28/14, 11:32 , David Huberman wrote:
>>> David:
>>>
>>> That summary of the issue helps a lot, thank you!
>>>
>>> The question on my mind is:
>>> 	Did ARIN provide a written LOA to Merit to announce 2600::/12 ?
>> I have no direct knowledge one way or the other, I have to defer to ARIN staff to answer that question.  Paging John Curran please. :)
>>
>> However, In addition to what CJ referenced, the presentation given at RIPE 66 (slide 7) implies that ARIN and the other RIRs did provide an LOA, doesn't say "written" but again I think that is implied as well.
> Yes, ARIN provided the referenced LOA, which is a bit of a surprise to
> me as well.


Here's what surprises me: that it is ARIN's business at all to provide 
an LOA allowing someone to announce a BGP route. I could have sworn that 
I have read hundreds of times that ARIN is *only* in the business of 
running a database in which they maintain unique registrations, and that 
routing policy is of no concern to ARIN.

Either ARIN added a database entry assigning 2600::/12 to Merit, in 
which case I am confused for several reasons, starting with it not being 
a unique assignment...

Or ARIN didn't add a database entry assigning 2600::/12 to Merit, in 
which case what could the letter possibly have said?


>   I'm looking into the details on this now, but here's the
> short version of what I know at this point -
>
> ARIN has often cooperated with Merit on darknet research activities, and
> this includes providing authorization to enable looking into latent traffic
> on space not yet issued by ARIN.  Some typical examples that come to mind
> include new /8's just received from IANA and the /10 for shared transition
> space.
>
> We were asked to cooperate with Merit on darknet research on ARIN's IPv6
> 2600::/12 space and I authorized the effort.  Apparently, the effort also
> included the routing an overall covering prefix and I missed that aspect
> of the project.  Aside from the technical concerns outlined here, there
> is also a very valid question of whether ARIN should ever be involved in
> routing authorization covering already issued space, since presumably the
> same dialogue and consensus in the operator community (that should be a
> prerequisite for such an experiment) should also suffice as the approval
> with ISPs when it comes to researchers actually inserting the necessary
> routes.

I think there's a valid question of whether ARIN should ever be involved 
in routing authorization. Full stop.

>
> Going forward, ARIN will not issue routing authorization that covers any
> address space issued to others without community-developed policy that
> specifically directs us to do so.

I would hope that in the absence of both community-developed policy 
*and* a change in ARIN's chartered mission, ARIN would not issue routing 
authorization that covers any address space, with the possible exception 
of the addresses assigned to ARIN itself for its own servers.

Matthew Kaufman




More information about the ARIN-PPML mailing list