[arin-ppml] Recommended Draft Policy ARIN-2015-1: Modification to Criteria for IPv6 Initial End-User Assignments

ARIN info at arin.net
Tue Jun 23 16:07:00 EDT 2015 

Recommended Draft Policy ARIN-2015-1
Modification to Criteria for IPv6 Initial End-User Assignments

On 18 June 2015 the ARIN Advisory Council (AC) recommended
ARIN-2015-1 for adoption, making it a Recommended Draft Policy.

ARIN-2015-1 is below and can be found at:
https://www.arin.net/policy/proposals/2015_1.html

You are encouraged to discuss Draft Policy 2015-1 on the PPML prior to
the ARIN Public Policy Consultation at ARIN 36 in Montreal in October 
2015. Both the discussion on the list and at the meeting will be used by 
the ARIN Advisory Council to determine the community consensus for 
adopting this as policy.

The ARIN Policy Development Process can be found at:
https://www.arin.net/policy/pdp.html

Draft Policies and Proposals under discussion can be found at:
https://www.arin.net/policy/proposals/index.html

Regards,

Communications and Member Services
American Registry for Internet Numbers (ARIN)


## * ##


Recommended Draft Policy ARIN-2015-1
Modification to Criteria for IPv6 Initial End-User Assignments

Date: 23 June 2015

AC's assessment of conformance with the Principles of Internet Number 
Resource Policy:

ARIN-2015-1 enables fair and impartial number resource administration by 
providing a concrete threshold (13 active sites) under which end-user 
organizations who have a large number of potentially geographically 
dispersed sites, or sites with low subnet and/or user counts, can be 
reasonably assured of receiving IPv6 address space from ARIN. This 
proposal is technically sound, in that it retains reasonable thresholds 
on obtaining IPv6 assignments from ARIN in order to support the 
aggregation of Internet number resources in a hierarchical manner to the 
extent feasible. It has been well supported by the community on PPML and 
at the ARIN PPC at NANOG in San Francisco, where nearly everyone agreed 
that this was a step in the right direction. To the extent that some in 
the community desire even more relaxed IPv6 assignment policy, the AC 
encourages those community members to discuss on PPML and/or submit as 
additional policy proposals any further changes they would like to see.

Problem Statement:

Current policy for assignment to end users excludes a class of users 
whose costs to renumber would far exceed what current policy is designed 
to mitigate.

Current measures designed to minimize the economic cost of renumbering 
per NRPM 6.5.8.1 (Initial Assignment Criteria) are:

c. By having a network that makes active use of a minimum of 2000 IPv6 
addresses within 12 months, or;
d. By having a network that makes active use of a minimum of 200 /64 
subnets within 12 months, or;

These two measures fail to take into account end users who have a large 
number of potentially geographically dispersed sites, or sites with low 
subnet and/or user counts. The economic costs for this class of end user 
would likely far exceed the costs that 6.5.8.1 c. and d. are designed to 
mitigate.

While an end user could possibly apply (and receive an assignment) under 
6.5.8.1 e. ("By providing a reasonable technical justification 
indicating why IPv6 addresses from an ISP or other
LIR are unsuitable"), it fails to provide a concrete threshold under 
which this class of end-user can be reasonably assured of receiving 
address space.

Without having the reasonable assurance of IPv6 address number resource 
continuity that a direct assignment allows, many smaller enterprises are 
unlikely to adopt IPv6 (currently perceived as
an already tenuous proposition for most users given current 
cost/benefit); or are likely to adopt technical measures (such as using 
ULA addressing + NAT66) that are widely held to be damaging to the IPv6 
Internet.

Policy Statement:

Replace the contents of NRPM 6.5.8.1 with:

6.5.8.1. Initial Assignment Criteria

Organizations may justify an initial assignment for addressing devices 
directly attached to their own network infrastructure, with an intent 
for the addresses to begin operational use within 12 months, by meeting 
one of the following criteria:

a. Having a previously justified IPv4 end-user assignment from ARIN or 
one of its predecessor registries, or;
b. Currently being IPv6 Multihomed or immediately becoming IPv6 
Multihomed and using an assigned valid global AS number, or;
c. By having a network that makes active use of a minimum of 2000 IPv6 
addresses within 12 months, or;
d. By having a network that makes active use of a minimum of 200 /64 
subnets within 12 months, or;
e. By having a contiguous network that has a minimum of 13 active sites 
within 12 months, or;
f. By providing a reasonable technical justification indicating why IPv6 
addresses from an ISP or other LIR are unsuitable.

Examples of justifications for why addresses from an ISP or other LIR 
may be unsuitable include, but are not limited to:

> An organization that operates infrastructure critical to life safety
or the functioning of society can justify the need for an assignment 
based on the fact that renumbering would have a broader than expected 
impact than simply the number of hosts directly involved. These would 
include: hospitals, fire fighting, police, emergency response, power or 
energy distribution, water or waste treatment, traffic management and 
control, etc.
> Regardless of the number of hosts directly involved, an organization
can justify the need for an assignment if renumbering would affect 2000 
or more individuals either internal or external to the organization.
> An organization with a network not connected to the Internet can
justify the need for an assignment by documenting a need for guaranteed 
uniqueness, beyond the statistical uniqueness provided by ULA (see RFC 
4193).
> An organization with a network not connected to the Internet, such as
a VPN overlay network, can justify the need for an assignment if they 
require authoritative delegation of reverse DNS.

Comments:
a. Timetable for implementation: Immediate
b. General Comments:

- Changes to NRPM 6.5.8.1 are to renumber subsection e. to f. and and 
insert a new subsection e. with the following text:

"By having a contiguous network that has a minimum of 13 active sites 
within 12 months, or;

- The threshold of 13 sites was chosen based on NRPM 6.5.8.2, which 
specifies 13 sites as the minimum number of sites required to receive a 
/40 initial assignment, to attempt to provide a balance
between the costs of carrying the prefix vs. the costs to the end-user 
in renumbering.

- Further constraints were added in that the sites must be in a 
contiguous network, to further attempt to reduce the costs of carrying 
the prefix

- By introducing this new threshold, we attempt to restore equivalency 
of number resources for those end-users whose economic costs to renumber 
are equal to that of other end-users who would qualify
for a direct assignment under 6.5.8.1 c. and d.

c. Example:

Example of an end-user who would not qualify under 6.5.8.2 c. or d.:

- 50 locations (IPVPN) spread across the country/continent
- 10 staff per location (average; 500 total)
- 20 devices per location (average; 1000 total)
- 2 subnets (voice & data) per location (average, 100 total)
- Not multihomed
- Currently using RFC1918 IPv4 space + NAT

This end-user only benefits minimally from IPv6 multihoming as they are 
using an IPVPN, and multihoming provides benefit only for Internet 
transit, not within their IPVPN. As such requiring the end-user to 
multihome under NRPM 6.5.8.2 b. is wasteful.

This end user currently uses RFC1918 IPv4 address space + a relatively 
small amount of IPv4 GUA + NAT (currently accepted industry practice for 
IPv4). Changing providers involves only renumbering the small amount of 
IPv4 GUA. Forcing the end-user to acquire an IPv4 direct assignment 
under NRPM 6.5.8.2 a. in order to be able to get a direct IPv6 
assignment is incredibly wasteful of a valuable and limited number 
resource. It also forces the customer occupy more routing table space, 
as now an IPv4 PI prefix must be routed in addition to an IPv6 PI 
prefix, instead of using IPv4 PA + IPv6 PI (where only space for an IPv6 
PI prefix is required).

#####

ARIN STAFF ASSESSMENT

Draft Policy ARIN-2015-1
Modification to Criteria for IPv6 Initial End-User Assignments
https://www.arin.net/policy/proposals/2015_1.html

Date of Assessment: June 11, 2015

___
1. Summary (Staff Understanding)
This proposal would add a criteria item to 6.5.8.1 (Initial Assignment 
Criteria). Because each of the existing criteria items in that section 
can independently qualify an organization for IPv6 address space from 
ARIN, this new criteria item adds an additional qualification criteria. 
It makes it easier for some organizations to qualify, and does not make 
it more difficult for anyone. In particular, it creates a new criteria 
point that allows any end-user organization large enough to have 13 
sites to immediately qualify for IPv6 address space from ARIN.

___
2. Comments
A. ARIN Staff Comments
This proposal can be implemented as written. Minimal staff training and 
preparation would be needed to implement this if it were to become 
policy. We see no negative impacts.

B. ARIN General Counsel – Legal Assessment
Counsel sees no material legal issues in this policy.

___
3. Resource Impact
This policy would require minimal staff training and preparation. We see 
no negative impacts.

___
4. Proposal / Draft Policy Text Assessed

Draft Policy ARIN-2015-1
Modification to Criteria for IPv6 Initial End-User Assignments

Date: 24 March 2015

Problem Statement:
Current policy for assignment to end users excludes a class of users 
whose costs to renumber would far exceed what current policy is designed 
to mitigate.

Current measures designed to minimize the economic cost of renumbering 
per NRPM 6.5.8.1 (Initial Assignment Criteria) are:

c. By having a network that makes active use of a minimum of 2000 IPv6 
addresses within 12 months, or;
d. By having a network that makes active use of a minimum of 200 /64 
subnets within 12 months, or;

These two measures fail to take into account end users who have a large 
number of potentially geographically dispersed sites, or sites with low 
subnet and/or user counts. The economic costs for this class of end user 
would likely far exceed the costs that 6.5.8.1 c. and d. are designed to 
mitigate.

While an end user could possibly apply (and receive an assignment) under 
6.5.8.1 e. ("By providing a reasonable technical justification 
indicating why IPv6 addresses from an ISP or other
LIR are unsuitable"), it fails to provide a concrete threshold under 
which this class of end-user can be reasonably assured of receiving 
address space.

Without having the reasonable assurance of IPv6 address number resource 
continuity that a direct assignment allows, many smaller enterprises are 
unlikely to adopt IPv6 (currently perceived as
an already tenuous proposition for most users given current 
cost/benefit); or are likely to adopt technical measures (such as using 
ULA addressing + NAT66) that are widely held to be damaging to the IPv6 
Internet.

Policy Statement:

Replace the contents of NRPM 6.5.8.1 with:

6.5.8.1. Initial Assignment Criteria

Organizations may justify an initial assignment for addressing devices 
directly attached to their own network infrastructure, with an intent 
for the addresses to begin operational use within 12 months, by meeting 
one of the following criteria:

a. Having a previously justified IPv4 end-user assignment from ARIN or 
one of its predecessor registries, or;
b. Currently being IPv6 Multihomed or immediately becoming IPv6 
Multihomed and using an assigned valid global AS number, or;
c. By having a network that makes active use of a minimum of 2000 IPv6 
addresses within 12 months, or;
d. By having a network that makes active use of a minimum of 200 /64 
subnets within 12 months, or;
e. By having a contiguous network that has a minimum of 13 active sites 
within 12 months, or;
f. By providing a reasonable technical justification indicating why IPv6 
addresses from an ISP or other LIR are unsuitable.

Examples of justifications for why addresses from an ISP or other LIR 
may be unsuitable include, but are not limited to:

> An organization that operates infrastructure critical to life safety
or the functioning of society can justify the need for an assignment 
based on the fact that renumbering would have a broader than expected 
impact than simply the number of hosts directly involved. These would 
include: hospitals, fire fighting, police, emergency response, power or 
energy distribution, water or waste treatment, traffic management and 
control, etc.
> Regardless of the number of hosts directly involved, an organization
can justify the need for an assignment if renumbering would affect 2000 
or more individuals either internal or external to the organization.
> An organization with a network not connected to the Internet can
justify the need for an assignment by documenting a need for guaranteed 
uniqueness, beyond the statistical uniqueness provided by ULA (see RFC 
4193).
> An organization with a network not connected to the Internet, such as
a VPN overlay network, can justify the need for an assignment if they 
require authoritative delegation of reverse DNS.

Comments:
a. Timetable for implementation: Immediate
b. General Comments:

- Changes to NRPM 6.5.8.1 are to renumber subsection e. to f. and and 
insert a new subsection e. with the following text:

"By having a contiguous network that has a minimum of 13 active sites 
within 12 months, or;

- The threshold of 13 sites was chosen based on NRPM 6.5.8.2, which 
specifies 13 sites as the minimum number of sites required to receive a 
/40 initial assignment, to attempt to provide a balance
between the costs of carrying the prefix vs. the costs to the end-user 
in renumbering.

- Further constraints were added in that the sites must be in a 
contiguous network, to further attempt to reduce the costs of carrying 
the prefix

- By introducing this new threshold, we attempt to restore equivalency 
of number resources for those end-users whose economic costs to renumber 
are equal to that of other end-users who would qualify
for a direct assignment under 6.5.8.1 c. and d.

c. Example:

Example of an end-user who would not qualify under 6.5.8.2 c. or d.:

- 50 locations (IPVPN) spread across the country/continent
- 10 staff per location (average; 500 total)
- 20 devices per location (average; 1000 total)
- 2 subnets (voice & data) per location (average, 100 total)
- Not multihomed
- Currently using RFC1918 IPv4 space + NAT

This end-user only benefits minimally from IPv6 multihoming as they are 
using an IPVPN, and multihoming provides benefit only for Internet 
transit, not within their IPVPN. As such requiring the end-user to 
multihome under NRPM 6.5.8.2 b. is wasteful.

This end user currently uses RFC1918 IPv4 address space + a relatively 
small amount of IPv4 GUA + NAT (currently accepted industry practice for 
IPv4). Changing providers involves only renumbering the small amount of 
IPv4 GUA. Forcing the end-user to acquire an IPv4 direct assignment 
under NRPM 6.5.8.2 a. in order to be able to get a direct IPv6 
assignment is incredibly wasteful of a valuable and limited number 
resource. It also forces the customer occupy more routing table space, 
as now an IPv4 PI prefix must be routed in addition to an IPv6 PI 
prefix, instead of using IPv4 PA + IPv6 PI (where only space for an IPv6 
PI prefix is required).

More information about the ARIN-PPML mailing list