[arin-ppml] Update: 2014-1 Out of Region Use

Jay Moran (AOL) jay-ARIN at tp.org
Fri Mar 28 16:06:25 EDT 2014


Fully agree with David Huberman's comments.

Jay Moran
AOL and ATDN

--
Jay Moran
http://tp.org/jay


On Fri, Mar 28, 2014 at 1:55 PM, David Huberman <
David.Huberman at microsoft.com> wrote:

> Support in principle, strongly opposed as written.
>
> ARIN is a registry, not a regulator.  Networks with global reach should
> not have regulatory rules placed on them by ARIN whose job is primarily to
> record number assignments, not make rules which affect network topology.
> Thus I support the idea that numbers should not be bound to arbitrary
> political boundaries.
>
> I oppose this draft as written, however, because it adds hundreds of words
> to NRPM where only a few are needed to address the stated goal.  The
> problem statement indicates: " The next logical option is to discuss a
> proposal that clearly permits out of region use without limits".  Well ok.
>  If you wanted to do that explicitly in policy, how about:
>
>         Section 1.x -  ARIN-issued number resources may be used on
> equipment located anywhere.
>
> All the rest of the text that I see in this draft come down to, "if you
> have resources in other RIRs, we'll audit them to ensure you aren't double
> dipping." Policy already allows that:
>
>         "ISPs must have efficiently utilized all previous allocations and
> at least 80% of their most recent allocation
>          in order to receive additional space."
>
>         " In order to justify an additional assignment, end-users must
> have efficiently utilized at least 80% of all
>         previous assignments, and must provide ARIN with utilization
> details"
>
> We need to simplify NRPM and start peeling back a lot of this
> over-regulatory policy.  To do so, let's write clearer and more concise
> policy proposals, please.
>
> David R Huberman
> Microsoft Corporation
> Senior IT/OPS Program Manager (GFS)
>
>
> From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On
> Behalf Of David Farmer
> Sent: Friday, March 28, 2014 10:23 AM
> To: ARIN PPML
> Subject: [arin-ppml] Update: 2014-1 Out of Region Use
>
> Based on the discussion at the PPC in Atlanta (link below), the following
> changes are proposed.
>
>
> https://www.arin.net/participate/meetings/reports/ppc_nanog60/webcast/2014-1.mov
>
> There is a summary of the changes and a red-lined version of the policy
> text with new and deleted text highlighted following the complete Draft
> Policy.
>
> ----
>
> Draft Policy ARIN-2014-1
> Out of Region Use
>
> Date: 28 March 2014
>
> Problem statement:
>
> Current policy neither clearly forbids nor clearly permits out or region
> use of ARIN registered resources. This has created confusion and
> controversy within the ARIN community for some time. Earlier work on this
> issue has explored several options to restrict or otherwise limit out of
> region use. None of these options have gained consensus within the
> community. The next logical option is to discuss a proposal that clearly
> permits out of region use without limits, beyond those already existing in
> policy.
>
> Permitting out of region use, however, poses issues that have to be
> addressed by policy and adjustments to operational practice. Out of region
> use needs a clear definition and any operational practices based on that
> definition must not be unnecessarily burdensome. It is significantly more
> difficult and costly for ARIN Staff to independently verify the
> justification and utilization of resources that are reassigned or otherwise
> used outside of the ARIN service region. There needs to be recognition of
> this difference in policy and associated operational practices, especially
> the cost differential when there is more than an incidental amount of out
> of region use.
>
> Policy statement:
>
> Create new Section X;
>
> X. Out of Region Use
>
> ARIN registered resources may be used outside the ARIN service region and
> such use is valid justification for new or additional resources. Resources
> are considered to be used outside the region if the user or customer
> service address or the technical infrastructure address, such as the point
> of presence (POP), data center, or other similar location, are outside the
> ARIN service region.
>
> There is a general presumption that requesting resources from ARIN for use
> within another RIR's service region duplicates any resources held by the
> organization with that other RIR.  Therefore, the organization should, not
> hold any resources with the other RIR, or demonstrate that all such
> resources held are utilized based on ARIN policy requirements, or provide
> an operational justification clarifying how the resources from ARIN will
> not duplicate any underutilized resources held with the other RIR.
>
> Only the utilization rate of ARIN registered resources or immediate need
> may be use to determine a valid request size beyond the applicable minimum
> allocation size.  The utilization rate of resources received from another
> RIR is not applicable in determining a valid request size.
>
> X.1 Verification of Out of Region Use
>
> The utilization of all ARIN registered resources must be verified when
> evaluating a request for additional resources or during a resource review,
> including any resources used outside the ARIN service region. All ARIN
> registered resources used outside the region must be verified to no less
> than an equivalent standard as resources used within the ARIN region. To
> this end ARIN, in its sole discretion, may engage independent external
> entities to assist it in the verification of information related to any
> resources used outside the region.
>
> X.2 Reporting Resources Held with other RIRs
>
> Except to the extent that incidental use, multi-instance use, or the
> critical infrastructure criteria described below apply, when out of region
> need is used to justify a request for resources from ARIN; The requesting
> organization will also report to ARIN the utilization status, based on
> applicable ARIN policy, of all resources it holds with the RIRs who's
> service regions the need justifying a request to ARIN is within, and any
> additional supporting documentation requested by ARIN regarding these
> reported resource.
>
> X.3 Incidental Use
>
> Out of region use of ARIN registered resources by an organization that
> totals less than an equivalent of a /20 of IPv4, a /36 of IPv6, and two (2)
> ASNs within each of the other RIR's service regions are considered
> incidental use and as such are accounted for as if used within the ARIN
> service region.
>
> X.4 Multi-Instance Use
>
> Any resources used simultaneously in multiple locations, such as an
> anycast prefix or ASN, are considered as used within the ARIN service
> region, provided at least one instance is located within the region,
> regardless of how many other instances are located outside the region.
>
> X.5 Critical Infrastructure
>
> Resources justified through ARIN critical infrastructure policies are
> accounted for as if used within the ARIN service region, regardless of
> their actual location of use.
>
> Comments:
> a. Timetable for implementation: Immediate
>
> b. Anything else
>
> Current policy is ambiguous on the issue of out of region use of ARIN
> registered resources. The only guidance on the issue in current policy is
> in Section 2.2, that defines the term RIR; "... The primary role of RIRs is
> to manage and distribute public Internet address space within their
> respective regions." Some in the community believe this means out of region
> use should be at least limited or restricted while others believe this is
> only intended to focus efforts within the region and not define where
> resources may be used.
>
> Several other policy proposals have explored restricting or otherwise
> limiting out of region use. None of these proposals gained consensus within
> the ARIN community. During the latest of these proposals, ARIN-2013-6,
> several standards were explored, a majority of use within region, a
> plurality of use within region, and some discussion of a minimum of 20
> percent use within region. It was felt that each of these standards would
> interfered, to one extent or another, with the legitimate operations of
> multi- or trans-regional networks.
>
> Section 2.2 tells us, the primary purpose of the RIRs are to manage and
> distribute resources within their regions. None the less, there have always
> been networks that don't neatly fit within the regions created by the RIR
> system. These legitimate trans-regional networks are operated by
> international businesses or global service providers, many of which are
> based within the ARIN region. Prior to IPv4 run-out, many of these
> trans-regional networks requested resources from ARIN for use both inside
> or outside the region, as long as the requests were justified by need.
>
> As a result of IPv4 run-out, many in the community want to restrict out of
> region use to prevent ARIN resources from going to networks without a real
> technical presence in the ARIN region. However, any attempt to limit or
> restrict such out of region use inevitably will affect these legitimate
> trans-regional networks. Further, even the most restrictive regional use
> requirements will not significantly prolong the availability of IPv4
> resources within the ARIN region. Therefore, attempting to restrict or
> limit out of region use of resources, even if it were for IPv4 only, is
> ineffective, inefficient, and overly burdensome to important elements of
> the global Internet.
>
> The major concept behind this proposal is to allow out of region use
> without any limits, other than those already in policy, but bring an
> economic and reporting factors to play on the issue. It requires ARIN to
> verify out of region use of ARIN registered resources to no less than an
> equivalent standard as in region use, and enables ARIN to engage external
> entities to assist in this verification. It is expected ARIN will have
> agreements with all such external entities to ensure the confidentiality of
> all supporting documentation is preserved.
>
> ARIN engaging external entities to assist in verification of out of region
> use is mostly an ARIN business issue, and not primarily a policy issue.
> However, today there is a general assumption that such verification for in
> region use is done almost exclusively in house at ARIN. Making this issue
> clear in policy follows a principle of least surprise, as the use of such
> external entities is likely to be frequently necessary to verify out of
> region use, especially in parts of the world where English is not the
> primary language. Or put another way, use of an external entity when
> verifying out of region use is more likely to be the rule rather than an
> exception.
>
> When resources are requested for out of region use an organization also
> needs to report the utilization status of all resources it holds with the
> RIRs for the regions that the requested need is within.  This is to ensure
> there are not underutilized resources held with another RIR that would
> contradict the justified need for resources from ARIN.
>
> There are additional expenses and complexity involved in verifying out of
> region use, as a result of language and logistical barriers that the
> regionality of the RIR system was originally conceived to mitigate.
> In addition, evaluating the reported information about resources held with
> other RIRs, needed to ensure ARIN resources are not duplicating resources
> held with outer RIRs, increase staff's burden related to out of region use.
> Furthermore, section 2.2 is clear that providing resources for out of
> region use is, at best, only a secondary role for ARIN. As a result, out of
> region use should not significantly burden the primary role of providing
> resources for use within the region. These factors justify a recommendation
> to the Board of Trusties to create a separate fee structure for out of
> region use, creating the aforementioned economic factor.
>
> This economic factor and the recommendation for a separate fee structure,
> are again mostly ARIN business issues, and not part of policy in general.
> However, this is one of those instances where policies and fees are
> intertwined.
>
> It seems reasonable that this economic factor should be applied only to
> those that make substantial use of ARIN registered resources outside the
> region, and not to those that primarily use resources within the region.
> This proposal defines incidental out of region use, to ensure that trivial,
> insignificant or otherwise incidental use are exempt from the discussed
> economic factor, the reporting of resources help with other RIRs as well,
> and are accounted for as if used within the region.
>
> Some amount of out of region use should be considered normal even for a
> network primarily based within the ARIN region. For example, numbering a
> global backbone that provides global access necessary for in region
> customers. Also, the other RIRs have minimum requirements to justify an
> initial allocation or assignment, similar to ARIN. These and other examples
> and issues, justify allowing some minimal amount of out of region use to be
> accounted for as if it were in region use. The currently proposed policy
> statement, X.3, defines incidental use in terms of an absolute thresholds
> for each type of resource.
>
> Another option would be a percentage based threshold, say 20%. However, a
> percentage based threshold has the disadvantage that even a minimal change
> in usage can cause the ratio between in region and out of region use to
> change, potentially causing an oscillation around this threshold. This
> creates significant uncertainty for organizations as to if the discussed
> economic factor will apply to them, or not. Where as once an absolute
> threshold has been crossed by a significant amount, it is highly unlikely
> that any additional changes in usage will cause an oscillation around the
> threshold, providing much more certainty for most organizations.
>
> Additionally, the proposal deals with a couple special cases in X.4 and
> X.5. Due to the relatively small resource impact and high importance to
> overall Internet stability; resources for critical infrastructure are
> accounted for as if used within the region. Anycast prefixes, and other
> resources used simultaneously in multiple locations, are considered as used
> outside the region only when they are exclusively used outside the region.
> Or put another way, as long as at least one instance is located within the
> region, they are considered used within the region, regardless of how many
> other instances are located outside the region. Both of these special cases
> have an overall positive impact on the Internet and should not be
> discouraged in anyway by this policy, lumping them in with general out of
> region use could be a disservice to the Internet and unnecessarily
> burdensome.
>
> The intent of allowing an operational justification to clarify how
> resources received from ARIN will not duplicate any underutilized resources
> held with another RIR is to account for situations like; It may be
> necessary to use resources from another RIR to meet legal or regulatory
> requirements, or prevailing operational expectations, in some economies
> around the world. In such cases it is justified to also receive minimal
> resources from another RIR for use only in those economies. And using
> resources received from ARIN for the rest of a global network.
>
> In summary, this proposal ensures that global organizations or global
> service providers base within the ARIN region may receive resources to
> operate their global network solely from ARIN, if they wish to do so. As
> long as the utilization of the out of region resources are verified to no
> less than an equivalent standard as in region resources and any additional
> reporting requirements are also meet. This is particularly important for
> IPv6; requiring organizations get IPv6 resources from multiple RIRs, or
> even making it appear that they should, will result in additional unique
> non-aggregatable prefixes within the IPv6 route table, rather than
> minimizing them, which one of the policy objectives for IPv6.
>
> Finally, a separate but somewhat related issue; regardless of where ARIN
> registered resources are used, inside or outside of the ARIN service
> region, organizations must first qualify to receive resources from ARIN.
> ARIN's current operational practice is that an organization must be formed
> within the ARIN service region in order to qualify to receive any resources
> from ARIN. The issue of who should be eligible to receive resources was
> commingled with out of region use in ARIN-2013-6. It was felt these issues
> should be considered separately. Therefore, the issue of who should be
> eligible to receive resources is purposefully not dealt with by this
> proposal, and if any changes are necessary there should be separate policy
> proposals to deal with this issue independently.
>
> ----
>
> Summary of Changes;
>
> - Clarified out of region use is valid justification for both new or
> additional resources.
>
> - Eliminated "user or customer billing address" from definition for out of
> region use, and change the items left to sentence from, instead of list
> form.
>
> - Added that there is a general presumption that requesting resources from
> ARIN for use within another RIR's service region duplicates any resources
> held by the organization with that other RIR.
>
> - Made it clear that only the utilization rate of ARIN resources or
> immediate need are used to determine the valid request size.
>
> - New sections X.2 "Reporting Resources Held with other RIRs," this new
> section is intended to have organizations report the utilization of their
> resources, based on ARIN Policy, for the other RIRs where they are
> requesting ARIN resources for.  Except to the extent incidental use,
> multi-instance use, or critical infrastructure clauses apply.
>
> - Changed incidental use to be on a per other RIR region basis to simplify
> the determination of if the Reporting Resources Held with other RIRs
> applies.
>
> - Changed multi-instance use to use "at least one instance is located
> within the region" language.
>
> - Updated the comments section to account for the above changes.
>
> ----
> Here is an annotated version of the policy text
>
> Deleted Text
> New Text
> Retained Text
> X. Out of Region Use
>
> ARIN registered resources may be used outside the ARIN service region and
> such use is valid justification for new or additional resources. Resources
> are considered to be used outside the region if any of the following are
> located outside the region. A. The user or customer billing address B. the
> user or customer service address or C. the technical infrastructure
> address, such as the point of presence (POP), data center, or other similar
> location, are outside the ARIN service region.
>
> There is a general presumption that requesting resources from ARIN for use
> within another RIR's service region duplicates any resources held by the
> organization with that other RIR.  Therefore, the organization should, not
> hold any resources with the other RIR, or demonstrate that all such
> resources held are utilized based on ARIN policy requirements, or provide
> an operational justification clarifying how the resources from ARIN will
> not duplicate any underutilized resources held with the other RIR.
>
> Only the utilization rate of ARIN registered resources or immediate need
> may be use to determine a valid request size beyond the applicable minimum
> allocation size.  The utilization rate of resources received from another
> RIR is not applicable in determining a valid request size.
>
> X.1 Verification of Out of Region Use
>
> The utilization of all ARIN registered resources must be verified when
> evaluating a request for additional resources or during a resource review,
> including any resources used outside the ARIN service region. All ARIN
> registered resources used outside the region must be verified to no less
> than an equivalent standard as resources used within the ARIN region. To
> this end ARIN, in its sole discretion, may engage independent external
> entities to assist it in the verification of information related to any
> resources used outside the region.
>
> X.2 Reporting Resources Held with other RIRs
>
> Except to the extent that incidental use, multi-instance use, or the
> critical infrastructure criteria described below apply, when out of region
> need is used to justify a request for resources from ARIN; The requesting
> organization will also report to ARIN the utilization status, based on
> applicable ARIN policy, of all resources it holds with the RIRs who's
> service regions the need justifying a request to ARIN is within, and any
> additional supporting documentation requested by ARIN regarding these
> reported resource.
>
> X.23 Incidental Use
>
> Out of region use of ARIN registered resources by an organization that
> totals less than an equivalent of a /20 of IPv4, a /36 of IPv6, and two (2)
> 10 ASNs within each of the other RIR's service regions are considered
> incidental use and as such are accounted for as if used within the ARIN
> service region.
>
> X.4 Multi-Instance Use
>
> Any resources used simultaneously in multiple locations, such as an
> anycast prefix or ASN, are accounted for as used outside the region, only
> if they are exclusively used outside the region.considered as used within
> the ARIN service region, provided at least one instance is located within
> the region, regardless of how many other instances are located outside the
> region.
>
> X.35 Critical Infrastructure
>
> Resources justified through ARIN critical infrastructure policies are
> accounted for as if used within the ARIN service region, regardless of
> their actual location of use.
>
>
>
> --
> ================================================
> David Farmer               Email: farmer at umn.edu
> Office of Information Technology
> University of Minnesota
> 2218 University Ave SE     Phone: 1-612-626-0815
> Minneapolis, MN 55414-3029  Cell: 1-612-812-9952
> ================================================
> _______________________________________________
> PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20140328/520477e9/attachment-0001.html>


More information about the ARIN-PPML mailing list