[arin-ppml] Draft Policy ARIN-2019-2: Waiting List Block Size Restriction

[hostmaster at uneedus.com]

I think that changing the waiting list limit to a /22 has merit, even when 
NOT considering those gaming the system and support the proposal.

I think of the waiting list process is more for the benefit of the smaller 
player, and making the limit a /22 is consistent with this.

Those that are larger and seeking larger blocks can more aptly afford to 
hire a broker, or exert internal resources to finding IPv4 space.

I was looking thru the recent transaction list, and I can see that 
people/brokers have been quite creative in finding space.  I found a 
couple of instances of smaller colleges who received a class B who have 
decided to sell off the top half of that space. Since they were likely 
already behind NAT with the student network and may have never actually 
used that upper block of numbers, this allows them to make some needed 
cash for other needs.  Even some of the class A networks like the US 
Postal Service do not seem to have exposed to the internet anything except 
the lowest ranges of their allocation, and I guess once the "Price is 
Right" some of this space may move as well.

Since it has been over 8 years since the official exhaust of IPv4 at the 
meeting in Miami, I believe that new actors should be instead of using the 
transfer list to get space should be using the IPv6 deployment block. 
Since every major OS already has IPv6 support baked in for many years, 
those setting up new are fools not to be using IPv6 as well. ARIN should 
do all it can in its policies to promote IPv6.

Setting the waiting list to a /22 is a good start to eventually putting 
all returns into the IPv6 deployment block.  I also think that the time is 
soon near to REQUIRE the receiver of transfered IPv4 space to have IPv6 
in place as a condition of receiving space.

When we were talking about the use of passive theft detectors like at 
supermarkets, I think ARIN has a very good one which is questioning why 
those who just received numbers a year ago suddenly want to get rid of 
them.  This is such an unusual condition and should automatically trigger 
a number review.  As long as this is being done, we may not need to do 
these other things to prevent abuse.

The market is still bringing out IPv4 numbers to their highest and best 
use, but eventually this will not be enough.  Not starting to move toward 
IPv6 is foolish in todays world, where most commercial circuits will 
include it without extra charge, and the need for tunnel brokers have 
therefore been greatly reduced.  I have been doing IPv6 for 12 years, due 
to a 2008 US Federal Government requirement, and it really is not that 
hard.  Even this mailing list is nearly always dispatched to me over IPv6 
protocol without any issue.  Same with Gmail and other large email 
providers.  I do think we are close to the tipping point for IPv6. After 
that point, the value of IPv4 numbers will began to drop.

Albert Erdmann
Network Administrator
Paradise On Line Inc.

On Fri, 1 Mar 2019, Robert Clarke wrote:

> Hi Tom,
>
> I agree with your point that the transfer market has been an excellent vehicle for moving space around the ARIN community. If people want to lose 15% of their money to a broker vs. finding a buyer themselves, that is up to them. I don’t think this constitutes bad behavior to any parties involved and I am definitely for brokerage services operating in the space.
>
>> Furthermore, even within the waiting list, the problem appears with only a small percentage of recipients (25 re-transfers out of 682 total), although this does impact a high percentage of the waiting list block space since the abusers are almost entirely doing this with larger blocks.
>
>
>> Yes, itÂ’s possible there is abuse with the small blocks off the waiting list as well, but so far we arenÂ’t seeing it (only 3% of smaller blocks have been re-transferred vs. 42% of the larger blocks).  Now, perhaps if we restrict the waiting list block size to a /22 these bad actors will start playing the same game with /22s, but we donÂ’t have any evidence that will occur.
>
>
> As I have mentioned on at least 2 occasions in the past few days; the re-transfers statistics are not an indication of the actual scale of the fraud problem we have here in the community. It is in ARIN’s policies that re-transfers are under careful supervision, and I’m sure any smart criminal wouldn’t think to transfer it out immediately but rather sub-lease the space in the meantime. Why are you clinging to the re-transfer stats and not acknowledging the basic misalignment of incentives with the current system?
>
> Best Regards,
>
> Robert Clarke
> CubeMotion LLC
> robert at cubemotion.com
> M: +1 (844) 244-8140 ex. 512
> 300 Lenora Street #454, Seattle, WA, 98121
>
>> On Mar 1, 2019, at 10:26 AM, Tom Fantacone <tom at iptrading.com> wrote:
>>
>> Hi Bill,
>>
>> At 06:35 PM 2/28/2019, William Herrin wrote:
>>> On Tue, Feb 26, 2019 at 9:49 AM ARIN <info at arin.net> wrote:
>>>> A significant percentage of organizations that receive blocks
>>>> from the waiting list subsequently issue these blocks to other
>>>> organizations via 8.3 or 8.4 transfers shortly after the one year
>>>> waiting period required before engaging in such outbound transfers.
>>>
>>> I'm shocked to learn that people are playing arbitrage with the
>>> transfer process. Oh wait, no I'm not. I may have even expressed my
>>> expectation that we'd see this sort of behavior back when we debated
>>> the transfer policies. If I had the time, I might dig out my old
>>> emails just so I could say I told you so.
>>
>> While we have a problem with the waiting list that we’re trying to address here, I think it's important to point out that the transfer market as a whole has proven an excellent vehicle for moving number resources from those who no longer need them to those who do.  This “gaming of the system” is restricted to a subset of the waiting list, and the number of blocks issued on the waiting list is less than 10% of the blocks transferred in the ARIN region during the same time period.  (682 blocks have been issued via the waiting list, and a quick look at ARIN’s transfer stats indicates roughly 8,000 blocks transferred in the same time frame since 2015 if I’m reading it correctly).  If we look at the ratio in terms of total address space, I suspect the waiting list comprises an even smaller percentage, though I can’t readily find those figures.
>>
>> Furthermore, even within the waiting list, the problem appears with only a small percentage of recipients (25 re-transfers out of 682 total), although this does impact a high percentage of the waiting list block space since the abusers are almost entirely doing this with larger blocks.
>>
>> The point is that while “The problem statement is pretty damning
>> ” (quoting Kevin Blumberg), the sky is not falling due to the transfer markets.  It’s damning within the small subset of re-transfers of blocks received off the waiting list.
>>
>>>> the organization will be provided the option to be placed on
>>>> a waiting list of pre-qualified recipients, listing both the block size
>>>> qualified for or a /22, whichever is smaller, and the smallest block
>>>> size acceptable, not to exceed a /22.
>>>
>>> I fail to see how this solves the problem. For $20k a pop, I can clear
>>> a tidy profit on a year, a shell company and some paperwork. Sure I'd
>>> rather get $200k a pop but the change doesn't make the effort
>>> unattractive. I really just need to create more shell companies.
>>>
>>> This approach is reactive. Oh, the fraud is mostly on the big blocks
>>> so stop that. Oh, now the fraud is on the smaller blocks, what do we
>>> do? Don't react. Get ahead of the problem. That's what you do.
>>
>> Yes, itÂ’s possible there is abuse with the small blocks off the waiting list as well, but so far we arenÂ’t seeing it (only 3% of smaller blocks have been re-transferred vs. 42% of the larger blocks).  Now, perhaps if we restrict the waiting list block size to a /22 these bad actors will start playing the same game with /22s, but we donÂ’t have any evidence that will occur.
>>
>> Others have pointed out issues of abuse in RIPE where LIRs are spun up to grab /22s from the final /8, but the 2 environments are different.  First, there is no justification requirement in RIPE.  Form a corp, have a presence in the RIPE region, and you get a /22 whether you can justify it or not.  That may not exactly be a noble action in support of the spirit of the RIPE community, but for the most part, it is policy-compliant.  In ARIN, you have to justify your need and sign an affidavit affirming your justification which makes willful misrepresentation fraudulent.   That’s a much higher disincentive to go through for a /22 than in RIPE, where basically it’s just frowned upon.  And per John Curran’s remarks, ARIN has revoked address space when investigating why some of these actors are selling their waiting list space shortly after receiving it.  So these gamers could risk an audit of their full address holdings in order to con ARIN out of a /22.  The “abuse” in RIPE regarding the final /8 is also heavily concentrated in a few member nations and, suffice it to say, those same nations are not ARIN members.
>>
>> Regards,
>>
>> Tom
>>
>>
>> _______________________________________________
>> ARIN-PPML
>> You are receiving this message because you are subscribed to
>> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
>> Unsubscribe or manage your mailing list subscription at:
>> https://lists.arin.net/mailman/listinfo/arin-ppml
>> Please contact info at arin.net if you experience any issues.
>
>