[arin-ppml] IPv6 End-User Initial Assignment Policy (or: Please don't me make do ULA + NAT66)

Tue Feb 17 10:36:59 EST 2015

PPML,

I'd like to discuss what I perceive as a gap in the IPv6 End User policy.

Under the NRPM Section 4.3, there are virtually no requirements for an
initial IPv4 assignment to end users, other than the minimum allocation size
is a /24 and a 50% (128 addresses) within one year.  Under the analogous
IPv6 section (6.5.8), an End User can only quality for a direct assignment
from ARIN if they meet one of the following criteria:

a.    Having a previously justified IPv4 end-user assignment from ARIN or
one of its predecessor registries, or;

b.   Currently being IPv6 Multihomed or immediately becoming IPv6 Multihomed
and using an assigned valid global AS number, or;

c.    By having a network that makes active use of a minimum of 2000 IPv6
addresses within 12 months, or;

d.   By having a network that makes active use of a minimum of 200 /64
subnets within 12 months, or;

e.   By providing a reasonable technical justification indicating why IPv6
addresses from an ISP or other LIR are unsuitable.

The IPv4 policy has no multihoming requirement, and a vastly lower minimum
host count. While the IPv6 policy does try to address some of the economic
pain of renumbering, I don't think it goes far enough.

Real life scenario:

1)      Customer with 50 locations (IPVPN) spread across the
country/continent

2)      10 staff per location (average; 500 total)

3)      20 devices per location (average; 1000 total)

4)      2 subnets (voice & data) per location (average, 100 total)

5)      Not multihomed

6)      Currently using RFC1918 IPv4 space + NAT

You may think my example is contrived, but is actually my typical customer.
Based on my reading of the NRPM, this customer does not qualify for a direct
allocation from ARIN. I'd argue, however that the economic costs to this
customer renumbering are far greater than another customer who has 2000
staff or 200 subnets located within a few locations in the same metro area. 

Now I suppose the simple answer is for my customer is to go get an IPv4 /24
(which would automatically qualify them for an IPv6 allocation under 6.5.8.1
(a)), but I think that's a waste of time and resources when:

a)      We've accepted NAT in the IPv4 world is a fact of life, but in IPv6
it's the exception rather than the norm

b)      IPv4 is the constrained resource, yet it seems to be more readily
available to end users

c)       We're hinging IPv6 deployments on IPv4 deployments, which seems
counter-intuitive to me (we should be making IPv6 more accessible than IPv4
to encourage adoption, rather than the other way around)

I'm actively engaged in convincing my customers to adopt IPv6 (rather than
waiting for them to ask for it), but it's a tough sell already without the
problem of them having to renumber their entire network should they no
longer be my customer. The only alternative left to me is ULA addressing
(which still doesn't guarantee uniqueness) + NAT66 (which is still very
poorly supported in applications - meaning a poor user experience). I
believe it is commonly held  amongst this community that IPv6 is supposed to
restore the end-to-end principle of the Internet (that is my belief as
well), but IPv6 won't get deployed in this fashion if it's going to be too
painful to deploy or move.

So here's my proposed solution: Make direct assignments available to any end
user who qualifies for at least a /40 (13+ sites).  I think this addresses
most problems with routing table growth (by not handing out a direct /48 to
every mom and pop shop out there), addresses most of my customers' concerns
with having to renumber dozens of sites, and doesn't force customers to get
IPv4 /24's just to get the IPv6 resources they need.

Thoughts/criticisms/questions/concerns?

GTG

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20150217/ad33f527/attachment.htm>