[arin-ppml] 2014-19 and evidence of deployment

Leslie Nobile leslien at arin.net
Tue Nov 11 18:02:57 EST 2014


Hi David and Jason-

In the scenario Jason describes in his email below when an Org goes from 4 MDNs to 5 MDNs, the 5th MDN would be considered to be a new site.  In accordance with NRPM 4.5 (7), the organization would receive the minimum allocation size unless they were able to justify more under the immediate need policy.

Regards,
Leslie


From: David Huberman <David.Huberman at microsoft.com<mailto:David.Huberman at microsoft.com>>
Date: Tuesday, November 11, 2014 10:56 AM
To: Jason Schiller <jschiller at google.com<mailto:jschiller at google.com>>
Cc: "arin-ppml at arin.net<mailto:arin-ppml at arin.net>" <arin-ppml at arin.net<mailto:arin-ppml at arin.net>>
Subject: Re: [arin-ppml] 2014-19 and evidence of deployment

Jason,

That's not what I said :-)  I addressed what I thought you were presenting - a special case where a network takes one discrete site and splits it.

In the regular case, described in your email just now, the new site is new.  Slow start applies, minus any immediate need justification.  It should get whatever prefix between a /24 and a /20 meets the three month need.  It has no customers (or it does and immediate need applies) so why should it get more?

This is how it always worked and it generally worked well.  It's so easy to get more space for a new discrete site, after all.

David R Huberman
Microsoft Corporation
Principal, Global IP Addressing
________________________________
From: Jason Schiller <jschiller at google.com<mailto:jschiller at google.com>>
Sent: Tuesday, November 11, 2014 7:48:20 AM
To: David Huberman
Cc: arin-ppml at arin.net<mailto:arin-ppml at arin.net>
Subject: Re: [arin-ppml] 2014-19 and evidence of deployment

David,

That would suffice if when an org goes from 4 MDNs to 5 MDNs that ARIN does not treat the newly added region as anew MDN, but my understanding that this is not the case.

Leslie, can you comment on this practice as well?  It was my understanding from the policy experience report that this is not the case.

Thanks,

__Jason

On Tue, Nov 11, 2014 at 8:38 AM, David Huberman <David.Huberman at microsoft.com<mailto:David.Huberman at microsoft.com>> wrote:
You split one site into two sites.  The existing addresses go wherever you put them.  Your network, your rules.

Once a site is 80% and the other condition (50% overall or no /24 free) is met, you ask for more space for that site.  That site is not a new. The customers (ISP) or equipment (EU) already existed and the address space already existed. No rule explicitly says staff MUST classify the split sites as new, so staff are free to apply reasoable interpretation to fit the unique situation.

Staff should apply regular additional alloc rules for any requests from the split sites.

Please note this is beyond a fringe case. We enjoy a fantastic staff who should be free to apply reasonable rules to such a situation, set the new rule as a procedure, and apply consistently as best they are able.

Just my opinion.

David R Huberman
Microsoft Corporation
Principal, Global IP Addressing
________________________________
From: Jason Schiller <jschiller at google.com<mailto:jschiller at google.com>>
Sent: Tuesday, November 11, 2014 5:18:46 AM
To: David Huberman
Cc: arin-ppml at arin.net<mailto:arin-ppml at arin.net>

Subject: Re: [arin-ppml] 2014-19 and evidence of deployment

David,

I would love to hear from Leslie on your question, maybe we are trying to solve a non-problem.

In the mean time I do have one concern about what you wrote WRT an existing MDN site splitting and being fulfilled under immediate need.

Imagine you have MDN1 which grew from nothing to a /16 over the last year.  You have just crossed 80% utilization, and want to grow into a new /18 which is a 3 month supply.  But the region has gotten too big.  So you split it into MDN1 and MDN6.  Have the pre-existing customers are in MDN1 and half in MDN6, and half the future looking growth is in MDN1 and half in MDN6.   Can you move half your addresses to MDN6, have both MDN1 and MDN6 over 80% utilized, and get a /19 for MDN1 and a /19 for MDN6?

1. MDN6 does not have immediate need.  The customers moved there kept the former MDN1 addressing.  So you would have to start fresh with a /21, and ramp up to a /19.

2. If you were renumbering the customers in MDN6, you would only qualify for as many as you could address in 30 days (this many not be an issue for ISPs because when you re-allocate or assign the addresses they are in use, but for end-users they actually have to be in service I have personally had an issue qualifying for IPs for an end-user under immediate need when I was asking for as many IPs as I had things to number, but couldn't actually complete numbering them in 30 days).

So no in two cases I don't think immediate need (which has an intentionally high bar [to be used in exceptional circumstances] )does not work.

__Jason








On Tue, Nov 11, 2014 at 7:59 AM, David Huberman <David.Huberman at microsoft.com<mailto:David.Huberman at microsoft.com>> wrote:
Something isn't right here.

MDN (in basically the 2013 form) existed for 12 years without much of a problem.  The language was tinkered a bit for subsequent alloc math, but new sites text wasn't.  A new site opening was given:

- a /22 or a /20 - dealer's choice since those were the minimums after 2005. Many were issued /20s except for smaller deployments who were happy to take /22s.

- more if immediate need justified it.

Slow start applies to section 4 requests. So under standard slow start math, you took the /22 or /20, and grow the NEW site with it.  Just like an initial alloc to a new ISP.  If the site wasn't really new, you could use existing customer counts and apply immediate need.   Nothing was broken.  A special case like a site split into two is easily handled under the above considerations, isn't it?

So ... Either the community has misunderstood Leslie's policy experience report, the report is wrong, or I'm wrong.

I stand by my suggestion.  Section 7 is unnecessary and, to Marty's point, heavy handed.

Now would be a great time for Leslie to jump in :-)   Or if you don't accept my experiences in this as helpful, feel free to move on with the thread.  Frankly, other than the heavy handedness of paragraph 7, I see no brokenness beyond fringe cases.

David R Huberman
Microsoft Corporation
Principal, Global IP Addressing
________________________________
From: Jason Schiller <jschiller at google.com<mailto:jschiller at google.com>>
Sent: Tuesday, November 11, 2014 4:43:34 AM

To: David Huberman
Cc: Martin Hannigan; John Santos; arin-ppml at arin.net<mailto:arin-ppml at arin.net>
Subject: Re: [arin-ppml] 2014-19 and evidence of deployment

David,

In the 06/2014 NRPM <https://www.arin.net/policy/archive/nrpm_20140626.pdf>  we had exactly the current policy minus paragraph 7.

At that time, we had a policy experience report<https://www.arin.net/participate/meetings/reports/ARIN_32/PDF/thursday/nobile-policy.pdf> where ARIN staff explained 4.5 has criteria for getting additional addresses for an existing MDN but no criteria for getting addresses for a new MDN.  ARIN staff communicated that they were using only the Immediate Need 4.2.1.6 for allocations to new MDNs

We needed 2014-18 to encourage ARIN to open up the criteria for NEW MDNs to include the minimum.

I am suggesting further 2014-19 to extend it to also consider a 3 month supply if there is an applicable supporting 1 year use history.

I suspect if we struck paragraph 7, ARIN would go back to their previous practice of only applying immediate need, and looking for connectivity agreements, and giving a /21 or enough to meet 30 day need.

If you want to completely remove the proof of deployment, I think you would still need to keep the second half of paragraph 7...

"7. When an organization declares they are adding a new discrete network site,  the new networks shall be allocated:

- the minimum allocation size under section 4.2.1.5
-  more than the minimum allocation size if the organization can demonstrate additional need using the immediate need criteria (4.2.1.6)
- a 3-month supply of address space may be requested if the new MDN can show an applicable demonstrated one-year utilization history."

Is that in line with what you are proposing?

I assume you would conclude that most organization that declare they have a new MDN are not committing fraud, and will be using the address within 3 months, and if not in 3 months or more, ARIN is free to reclaim (if they believe the organization is not working in good faith)  under section 12.

Is that about right?

__Jason


On Tue, Nov 11, 2014 at 7:11 AM, David Huberman <David.Huberman at microsoft.com<mailto:David.Huberman at microsoft.com>> wrote:
J-

What if paragraph 7 were struck entirely from existing 4.5 text? Wouldn't that leave the staff able to issue blocks to new MDNs under the same rules as everyone else in section 4, while at the same time removing the documentation requirement?

Thinking out loud.

David R Huberman
Microsoft Corporation
Principal, Global IP Addressing
________________________________
From: Jason Schiller <jschiller at google.com<mailto:jschiller at google.com>>
Sent: Tuesday, November 11, 2014 3:46:18 AM
To: David Huberman
Cc: Martin Hannigan; John Santos; arin-ppml at arin.net<mailto:arin-ppml at arin.net>

Subject: Re: [arin-ppml] 2014-19 and evidence of deployment

While I appreciate this discussion, I believe there is a real need to change policy.

Previously a new MDN could only qualify under and get an initial allocation sized block.

This was extended to include more than the initial allocation sized block under immediate need.

I believe there is another case (besides immediate need) where more than the initial allocation sized block is justified.  That is when there is a demonstrated past 1 year growth history that supports a future looking 3 month growth of a new MDN.  Such is the case when an existing MDN is split.  Hence 2014-19.

I don't want to get hung up on the proof of deployment text that already exists.

Those of you that think this should be changed, please provide suitable text, and we can run the two policy proposals in parallel.

If you think this is unnecessary tinkering, then I would expect we will not rat hole on the pre-existing "proof of deployment" text when discussion 2014-19 as we did in the previous meeting.

Thank you.


__Jason


On Tue, Nov 11, 2014 at 12:08 AM, David Huberman <David.Huberman at microsoft.com<mailto:David.Huberman at microsoft.com>> wrote:
In my world view, policy should never assume the requestor is lying.  The same should hold true for ARIN staff.

No one ever mandated ARIN with stopping the scammers.  I believe it was Rob Seastrom who posted here a long time ago and basically said that ARIN staff are entrusted to do the best job they can in running the registry, but the community shouldn't have expectations that ARIN staff can figure out who's lying and who's not.

But because ARIN got burned by large-scale hijacking in the early 2000s, it has operated under "trust but verify" ever since.  And this fosters the antagonism towards the registry which I think is wholly avoidable.  "Trust but verify" is a bad way to run an RIR, in my experience.

I hope we can focus on policy language which always assumes a request is bona fide, and let's stop worrying about the 1% of requestors who are lying.  That way, network engineers can spend less time dealing with ARIN, and more time running their networks.

David R Huberman
Microsoft Corporation
Principal, Global IP Addressing

-----Original Message-----
From: arin-ppml-bounces at arin.net<mailto:arin-ppml-bounces at arin.net> [mailto:arin-ppml-bounces at arin.net<mailto:arin-ppml-bounces at arin.net>] On Behalf Of Martin Hannigan
Sent: Monday, November 10, 2014 8:55 PM
To: John Santos
Cc: arin-ppml at arin.net<mailto:arin-ppml at arin.net>
Subject: Re: [arin-ppml] 2014-19 and evidence of deployment

On Mon, Nov 10, 2014 at 6:17 PM, John Santos <JOHN at egh.com<mailto:JOHN at egh.com>> wrote:
> On Mon, 10 Nov 2014, Martin Hannigan wrote:
>
>> >
>> > "7. Upon verification that the organization has shown evidence of
>> > deployment of the new discrete network site, [such as, but not
>> > limited to the
>> > following: a network design showing existing and new discreet
>> > networks and supporting documentation that the proposed design in
>> > in progress such as contracts for new space or power, new equipment
>> > orders, publicly available marketing material describing the
>> > offering in a new location, or some other significant capital
>> > investment in the project,] the new networks shall be
>> > allocated:
>> >
>>
>> Let's go back to the original point I made in the last two PPC and
>> ARIN meetings. How can a company contract for real estate, energy or
>> network without knowing if they had IP addresses to operate their
>> business (in this current environment of v4 scarcity and policy
>> wonkery?)?
>
> Any company with a business plan is taking risks and has to have a
> fall back plan (even if the plan is "pack it in") for any conceivable
> eventuality.  You want ARIN to guarantee that they can get IPv4 before
> they've found a site, bought any equipment, signed any contracts with
> suppliers or customers, or even made any public announcements of their
> plans to establish a new site?

Let me get this straight. So one should have a business plans that accounts for spending money that may not actually get to generate any revenue? ARIN has been assigning addresses without this requirement for a decade plus. The ability to forward look (guarantee) has been shrunk and now ARIN is targeting MDN for discriminatory policies and removing any ability to forward look, a normal practice in "business".
The risk of not getting addresses because ARIN is using clueless requirements is very high, not average. This isn't a simple excercise of "win some lose some". There are real dollars at stake (whether you operate a single rack or 1000 racks regardless of how much "power" you
use) and real risks.

This proposal is best summed up as 'wasteful tinkering'.

Best,

-M<
_______________________________________________
PPML
You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net<mailto:ARIN-PPML at arin.net>).
Unsubscribe or manage your mailing list subscription at:
http://lists.arin.net/mailman/listinfo/arin-ppml
Please contact info at arin.net<mailto:info at arin.net> if you experience any issues.
_______________________________________________
PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List (ARIN-PPML at arin.net<mailto:ARIN-PPML at arin.net>).
Unsubscribe or manage your mailing list subscription at:
http://lists.arin.net/mailman/listinfo/arin-ppml
Please contact info at arin.net<mailto:info at arin.net> if you experience any issues.



--
_______________________________________________________
Jason Schiller|NetOps|jschiller at google.com<mailto:jschiller at google.com>|571-266-0006<tel:571-266-0006>




--
_______________________________________________________
Jason Schiller|NetOps|jschiller at google.com<mailto:jschiller at google.com>|571-266-0006<tel:571-266-0006>




--
_______________________________________________________
Jason Schiller|NetOps|jschiller at google.com<mailto:jschiller at google.com>|571-266-0006<tel:571-266-0006>




--
_______________________________________________________
Jason Schiller|NetOps|jschiller at google.com<mailto:jschiller at google.com>|571-266-0006

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20141111/29715b62/attachment.htm>


More information about the ARIN-PPML mailing list