[arin-ppml] 2014-1 (Out of region use)

Jon Lewis jlewis at lewis.org
Tue Apr 14 14:16:51 EDT 2015


On Tue, 14 Apr 2015, Andrew Dul wrote:

> Here is a suggested addition to the draft policy's first paragraph in an 
> attempt to alleviate some of the issues raised by the staff & legal 
> assessment by increasing the nexus requirement slightly.
>
>
> Out of region use of IPv4, IPv6, or ASNs are valid justification for 
> additional number resources if the applicant is currently using at least the 
> equivalent of a /22 of IPv4, /44 of IPv6, or 1 ASN within the ARIN service 
> region, respectively.  At least 10% of the additional resource request or 20% 
> of all an organizations resources must be used in the ARIN service region.

I wouldn't object to this (now that it's been tempered with the "or 
20%..."), but I don't think this will be effective in preventing the sort 
of fraudulent or "RIR shopping" requests people seem to be worried about.

As was just mentioned at the meeting, a major concern some seem to have 
with 2014-1 is a question of security:

"How do we allow ARIN members to use ARIN space globally without 
restrictions, but prevent out of region organizations from becoming ARIN 
members for the purpose of acquiring ARIN resources to be used entirely
outside the ARIN region?"

I don't have a good answer for that question, but I do wonder if the 
question is relevant?  As has previously been mentioned on PPML, an 
organization can setup a "dummy" network using as little as some in-region 
cloud computing resources to "fake out" the nexus requirement.  What's to 
stop them from doing the same thing to hide that their request is for 
resources to be used out of region?  If an org is going to commit fraud to 
obtain ARIN resources, I don't see that 2014-1 opening additional 
fraudulent routes to obtaining ARIN resources is the huge problem some 
seem to think it is.

----------------------------------------------------------------------
  Jon Lewis, MCP :)           |  I route
                              |  therefore you are
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________



More information about the ARIN-PPML mailing list