[arin-ppml] IP leasing policy
Fernando Frediani
fhfrediani at gmail.com
Wed May 29 20:59:52 EDT 2019
Hello Mike. IP space was (and is never) meant to fulfill the IP market
era but to get people connected in the most reasonable and fair way. And
the RIR should always be the entity who validate org's justification for
the need of more IP space, not private companies having profit with it
therefore with no neutral interest upon the topic.
When people go around the system with the justification that 'market
demands it', someone else is treated unfairly. In a ideal scenario any
unused or unjustified IP space should go back to the RIR pool which in
turn based on its own policies should re-distribute that IP space to
organizations in need, that justify and that are possibility waiting on
a queue. If people go around this logic other are treated unfairly
because someone could pay more and fewer people are privileged at the
cost of longer wait for those who go by the natural path.
Yes I understand the ideal scenario may never be reached but at least we
should bind ourselves to work towards that, not in the opposite way. One
important point to also mention is that it makes harder for newcomers.
In my personal view considering the current scenario they are the most
important to take in consideration as existing ASNs have technical ways
deal with IPv4 exhaustion, newcomers don't.
Leasing IP space from one ASN to another because it cannot get it
immediately from the RIR is a way to go around the system and to treat
others unfairly. If a RIR doesn't accept lease in such way as a
justification then it is a clear message that something is not right.
It may all sound poesy but it is based on the concepts how it was
thought from the beginnings.
Ahh, and before someone thinks I am against legitimate transfers in
certain conditions, as you mentioned are valid from a couple of years
already, I am not. But that's a different topic which I will not go into
to not divert from the subject about IP Leasing.
Thanks for your input.
Regards
Fernando
On 29/05/2019 21:13, Mike Burns wrote:
> Hi Scott and Fernando,
>
> Thank you for the change of subject and the discussion.
> Fernando, your vision of how things should be is reasonable and
> consistent, but archaic in the market era.
> We did things your way for decades, people did not return addresses
> for reasons involving utilization.
> Why not audit them? Too expensive and fraught.
> The community decided to provide incentives in the form of payment for
> IPv4 blocks.
> We began that in 2010 and since then transfers have provided the bulk
> of new allocations worldwide.
> The lure of lucre brought un- and under-utilized addresses to the
> market, which by nature elevates them to their most productive use.
>
> That has brought us to the current state. Whereas leasing was always
> problematical because it allowed the lessor to claim more address
> space from the RIRs by demonstrating efficient usage of his blocks,
> now there are basically no free pools at the RIRs, so there shouldn't
> be the same worries.
>
> In the absence of a policy, leasing is quite openly advertised and is
> legitimate, although not a valid justification for ARIN to approve
> more space for the Lessor.
> For the present, we should have a policy that recognizes legitimate
> leasing types (LOA, VPN) and requires the same sorts of assignment and
> delegation records commonly done by ISPs for their customers.
> It should recognize that blocks can be legitimately advertised under
> un-related ASNs with a valid Letter of Authorization, which must
> contain certain information.
> It could have a process for identifying ARIN members who are
> participating in a lease policy violation, for notifying them, and for
> potentially punishing them under RSA terms.
>
> We see more market participants who have a longer view of the duration
> of the transition to IPv6, and in a time of continually rising IPv4
> prices, who can blame address block holders who want to lease their
> blocks?
> At the end of the lease, instead of depreciated and worn-out assets,
> they could be shiny and more valuable then when the lease started.
> (Or they could be blacklisted.)
>
> Regards,
> Mike
>
>
>
>
> ---- On Wed, 29 May 2019 19:33:25 -0400 *Scott Leibrand
> <scottleibrand at gmail.com>* wrote ----
>
> On Wed, May 29, 2019 at 4:11 PM Fernando Frediani
> <fhfrediani at gmail.com <mailto:fhfrediani at gmail.com>> wrote:
>
> On 29/05/2019 19:26, Scott Leibrand wrote:
>
> (New subject line for a new topic.)
>
> You just described a lease policy: one where leasing is
> not allowed. Such a policy would have to exist to be
> enforced. Right now there is no policy, so leasing is
> allowed because it's not prohibited.
>
> No it doesn't. When someone leases IP addressing it proves it
> doesn't have use for its original justification. No one can
> think asking for more IP addressing and justify as "I need
> them to lease them" is something that would be ever accepted.
> If it is not a justification you can give to get more IPs from
> the RIR than it is not a accepted practice.
>
>
> ISPs lease space to their customers all the time, bundled
> with IP connectivity. Hosting companies do the same. So
> do VPN providers. The challenge with a "no leasing
> allowed" policy is differentiating between a valid
> reassignment of space to accompany multihomed IP
> connectivity, vs. an invalid reassignment of space
> intended primarily as a lease, where any IP connectivity
> provided is incidental, or a fig leaf VPN that simply is
> set up to comply with the policy.
>
> That has nothing to do with the topic and is a totally
> different matter. It is conceptual. ISPs allocate IP address
> to their customers **which are not autonomous system** and
> cannot get them directly from the RIR.
>
>
> That's not the only way IPs are allocated, reallocated, and
> assigned in the RIR system. It's also possible, and common, for
> an ISP to receive an allocation from ARIN, and reallocate it to
> multihomed downstream customers who do have their own ASN and are
> running BGP. The ISP assigning the space may be the primary
> provider of IP connectivity for the customer at the time of the
> reallocation, but may not remain so. Or they may be one of
> multiple upstream transit providers, and just happen to be the one
> from whom it's easiest/cheapest to get the needed IPv4 space.
>
> That's the main propose of an ISP Autonomous System go to the
> RIR to ask for IP space, to serve their internal needs and
> customers with Internet Services.
> When IP leases becomes the only service and **to another ASN**
> which inside the rules can ask directly to the RIR is
> certainly not the same thing as an ISP who allocates IP space
> to their end-user customer.
>
>
> What if IP leases aren't the *only* service, but the IP space is
> bundled with IP connectivity of some sort? What kind of IP
> connectivity is sufficient to make this "an ISP who allocates IP
> space to their end-user customer" vs. an impermissible case of "IP
> leases becomes the only service"?
>
>
> A more tractable policy on leasing might focus on things
> like requiring registration of the downstream recipient of
> any leased space. There may be other requirements that
> could be meaningfully enforced as well, but you'll need to
> be careful not to try to enforce requirements that impinge
> on the business of legitimate IP transit and hosting
> providers.
>
> That's not legitimate I'm sorry. It's not difficult to think
> things like: 1) Any Autonomous System should always go to the
> RIR and ask for more IP addresses
>
>
> Such a policy would put most multihomed autonomous systems in
> violation of your policy at some point in their growth.
>
> 2) If it has to go around it and get from another ASN there is
> something very wrong with it. Those addresses where given **to
> that ASN** for their internal use or end-user customers
>
>
> The downstream ASN is their end-user customer. That's why
> reallocations exist, and not just reassignments. But even
> reassignments are often made to ASNs defined as end users
> (organizations not themselves acting as ISPs and performing
> further reassignments).
>
> 3) If those addresses were given for this proposes and someone
> is not using (internal use or end-user who are not ASN) then
> that ASN doesn't justify for the IP space received anymore.
>
>
> Such a policy would force the reclamation of a lot of legitimately
> in-use space that is still in use primarily because it's difficult
> to renumber out of.
>
> Before going ahead and writing a more specific and clear
> policy for that need to find out how ARIN currently reads and
> apply that. Then think in a proper and well written policy to
> cover where else needed.
>
> I find very concerning defenses "as something pretty normal"
> use of IP address for proposes which they were never meant
> over the last decades, be a speculating and monetizing asset
> rather than serve to get people connected to the internet
> going against conversation and justification concepts. I see
> it seems the recent times of IPv4 exhaustion is making many to
> forget the very basics of Internet foundation and treat IP
> space as his very own asset and something irrevocable and
> unrecoverable.
>
>
> You seem to have a very limited view of how IPs are allocated,
> reallocated, and reassigned between legitimate network operators
> who aren't trying to circumvent the rules. Such practices have
> been in place since before IPv6 existed. It's not about treating
> IP space as property. In fact, it's the reverse: historically the
> use of Provider Assigned space when possible was the norm, and
> "everyone gets their own IP space from an RIR via direct
> allocation/assignment or via transfer" is a fairly recent practice
> (much more common within the last decade or so).
>
> -Scott
>
> On Wed, May 29, 2019 at 2:46 PM Fernando Frediani
> <fhfrediani at gmail.com <mailto:fhfrediani at gmail.com>> wrote:
>
> A lease policy should never exist in my opinion and
> registries should stand strong against it for the
> simple reason that IPs are not assets or something
> that belong to a company for it to lease.
>
> Is it always necessary to remind that IP addresses are
> meant to be used by the resource holders who
> justified for that ? If someone is leasing it it
> obviously means it does not need and justify anymore
> for that IP space and any RIR should recover them
> immediately. If such a policy doesn't exist on its
> terms it should exist and should be discussed to make
> it sooner.
> I would recommend some Jon Postel reading to those who
> believe "it is Ok to lease IPs" as if they were they
> very own asset as a router or a server that you buy
> with a invoice and you do whatever you like with it.
>
> This type of thing goes pretty much against concepts
> of conservation and justification.
> Imagine if someone asked a RIR more IP address and may
> justify as "I need them in order to lease them".
> That's what a lease policy would walk towards to.
>
> As I mentioned in the other message, the fact the
> people do anyway and the whois doesn't get updated is
> **less important** than having people monetizing IP
> addresses in such way while there are others on
> waiting lists that truly justify for those addresses.
>
> Regards
> Fernando
>
> On 29/05/2019 18:02, Mike Burns wrote:
>
> Hi Robert,
>
>
> The problem of leasing space before the 12 month
> waiting period, so as **only** to avoid that
> period, is small in my experience.
>
> After a year, any such lessor could sell if they
> wanted to, and they have the same sell/lease
> incentives as any other ARIN holder.
>
> Do you have evidence that people are monetizing
> waiting-list addresses prior to the 12 month
> period by leasing them?
>
>
> What you say below, however, is completely correct.
>
> I have tried to direct the community towards the
> glaring absence of a lease policy at any registry.
>
> I believe it’s time for such a policy, given the
> market circumstances we find ourselves in.
>
> Such a policy would allow for open leasing, with
> certain recording requirements for abuse contacts
> of the lessee, etc.
>
> I think such a policy would be in-scope and would
> yield, in a negative way, to the desired results
> of the anti-BGP hacking policy.
>
>
> Regards,
>
> Mike
>
>
>
>
>
> *From:* Robert Clarke <robert at rjfc.net>
> <mailto:robert at rjfc.net>
> *Sent:* Wednesday, May 29, 2019 4:24 PM
> *To:* Mike Burns <mike at iptrading.com>
> <mailto:mike at iptrading.com>
> *Cc:* Fernando Frediani <fhfrediani at gmail.com>
> <mailto:fhfrediani at gmail.com>; arin-ppml
> <arin-ppml at arin.net> <mailto:arin-ppml at arin.net>
> *Subject:* Re: [arin-ppml] Waiting List IPv4
> blocks transferred after issuance
>
>
> Hello Mike,
>
>
> Why are you using John's "waiting list IPv4 blocks
> transferred" numbers as a baseline for the /19
> numbers? This is completely arbitrary and doesn't
> give any scale as to the problem with fraud. See
> my earlier reply to John's email in the other thread:
>
>
> "Thanks for sharing. I'd like to note that it can
> be dangerous to use the blocks transferred via
> 8.2/8.3/9.4 as a metric for abuse. A fraudster
> that gets past ARIN's scrutiny and obtains IPs
> with fraudulent information is probably smart
> enough to lease their IPs as opposed to selling
> the space outright. There is a huge market for
> leased space, and those deals happen behind closed
> doors with no oversight from ARIN. IP addresses go
> for $0.2-0.5/mo depending on term/IP
> reputation/size which could lead to $XX,XXX in
> illicit revenue with no risk of ARIN's scrutiny
> which would normally occur during the transfer
> process."
>
>
> Thanks,
>
>
> Robert Clarke
>
>
>
> On May 29, 2019, at 8:13 AM, Mike Burns
> <mike at iptrading.com
> <mailto:mike at iptrading.com>> wrote:
>
>
> Hi Fernando,
>
>
> Thanks for the discussion.
>
> Many feel as you do, that unused addresses
> should be returned to ARIN for subsequent
> distribution to those in need.
>
> Unfortunately, that policy was not successful
> in bringing unused addresses into actual use
> by those in need.
>
> The community decided to harness the profit
> motive to incentive this process, and by all
> accounts it is working.
>
>
> Unfortunately the profit motive also
> incentivizes fraudulent plundering of the
> waiting list pool.
>
>
> So I am happy to discuss the correct balancing
> of things to prevent fraud but allow the
> market to continue to drive us towards the
> desirable ends of accurate registration and
> efficient use.
>
>
> Since the /19 is the threshold number of sorts
> for flipping, I could accept a /20 as the
> maximum size.
>
> I think a 2 year wait is reasonable, but I
> don’t see the additional benefit as worth the
> distinction of ARIN space into more classes.
>
> And making it more complicated with multiple
> waiting periods is even less desirable, IMO.
>
>
> Regards,
> Mike
>
>
>
>
>
> *From:*ARIN-PPML <arin-ppml-bounces at arin.net
> <mailto:arin-ppml-bounces at arin.net>>*On Behalf
> Of*Fernando Frediani
> *Sent:*Wednesday, May 29, 2019 10:50 AM
> *To:*arin-ppml at arin.net
> <mailto:arin-ppml at arin.net>
> *Subject:*Re: [arin-ppml] Waiting List IPv4
> blocks transferred after issuance
>
>
> On 29/05/2019 11:31, Mike Burns wrote:
>
> Orgs will wait out any period, sitting
> with unused addresses until they reach the
> resale date. Not efficient use.
>
> If it's not a legacy resource and if ARIN gets
> to know about it, it may just recover this
> addresses even if the resource holder is
> paying it correctly. That's how it should work.
>
>
>
>
> People will lease unused addresses to
> others and Whois accuracy will suffer if
> they can’t resell them. Not accurate
> registration.
>
> If people lease they prove they have no use
> for the addresses and again ARIN should
> recover them at any time. If whois is
> inaccurate, well it is their fault and not
> policies fault. They must bind to the current
> rules not the other way round.
>
>
>
>
> I think we should give everybody currently
> on the list up to a /19 and then restrict
> new entries to a /22.
>
> Fair to discuss this scenario, although I
> still think /19 is too much. Agree on /22 for
> new entries.
>
>
> I think a 5 year resale wait is too long,
> based on the paltry resales of prior
> waiting-list subnets smaller than /19.
>
> It may be long, but 2 years seems a little
> short and 'acceptable' for a fraudster.
> Perhaps something in between.
>
>
>
> I support a /22 restriction for new
> entrants, a /19 max for current list
> members, and maintenance of the 12 month
> wait for simplicity’s sake.
>
> What about discuss /22 for new entrants, /20
> for current list members and 36, 42 or 48
> months for transfers ? Seems more reasonable
> in my view and cover most aspects of this
> discussion.
>
>
>
>
>
>
> Regards,
> Mike
>
>
>
>
>
> *From:*ARIN-PPML<arin-ppml-bounces at arin.net>
> <mailto:arin-ppml-bounces at arin.net>*On
> Behalf Of*Fernando Frediani
> *Sent:*Wednesday, May 29, 2019 8:51 AM
> *To:*arin-ppml at arin.net
> <mailto:arin-ppml at arin.net>
> *Subject:*Re: [arin-ppml] Waiting List
> IPv4 blocks transferred after issuance
>
>
> +1
>
> On 28/05/2019 23:52, Owen DeLong wrote:
>
> Mike,
>
>
> Yes and no. I believe that the lack of
> legacy holders for any blocks issued
> under 4.1.8 reduces the need for the
> market.
>
>
> Defunct organizations can easily be
> reclaimed in this space because they
> stop paying their ARIN bill.
>
>
> Eliminating the resale value of these
> addresses won’t really encourage
> squatting on them and limiting the
> size of organization and size of block
> that can benefit from 4.1.8 further
> helps to reduce the potential for
> hoarding.
>
>
> I realize that as a broker, any
> address that can’t be monetized is a
> lost opportunity for your
> organization, but I think there’s
> plenty of addresses out there that
> haven’t been processed through 4.1.8,
> so I don’t think limiting the resale
> potential of such blocks to reduce
> fraud is a bad idea.
>
>
> Owen
>
>
>
>
>
>
> On May 28, 2019, at 12:46 , Mike
> Burns <mike at iptrading.com
> <mailto:mike at iptrading.com>> wrote:
>
>
> The percentages of blocks
> transferred takes a significant
> leap at the /19 size.
>
> Below that, the percentages are
> all below 7%.
>
> At /19 and above, the percentages
> are all above 21%.
>
> Seems like a natural demarcation
> for maximum block size, but prices
> do continue to rise.
>
> While we want to fight fraud, we
> should still remember the
> underlying reasons for the Ipv4
> transfer market apply to these
> addresses as well.
>
> That is, the market provides
> incentives for efficient use and
> accurate registration.
>
>
> Regards,
> Mike
>
>
>
>
>
> *From:*ARIN-PPML
> <arin-ppml-bounces at arin.net
> <mailto:arin-ppml-bounces at arin.net>>*On
> Behalf Of*John Curran
> *Sent:*Tuesday, May 28, 2019 1:53 PM
> *To:*ARIN-PPML List
> <arin-ppml at arin.net
> <mailto:arin-ppml at arin.net>>
> *Subject:*[arin-ppml] Waiting List
> IPv4 blocks transferred after issuance
> *Importance:*High
>
>
> Folks -
>
>
> It occurred to me that it might be
> useful to have a quick summary of
> waiting list blocks issued and
> subsequently transferred.
>
>
> Attached is the distribution
> (count per prefix size) of all
> blocks that have been issued via
> ARIN's waiting list policy and
> subsequently transferred via NRPM
> 8.2/8.3/8.4 policy.
>
>
> FYI,
>
> /John
>
>
> John Curran
>
> President and CEO
>
> American Registry for Internet Numbers
>
>
>
>
> <image001.png>
>
> _______________________________________________
> ARIN-PPML
> You are receiving this message
> because you are subscribed to
> the ARIN Public Policy Mailing
> List (ARIN-PPML at arin.net
> <mailto:ARIN-PPML at arin.net>).
> Unsubscribe or manage your mailing
> list subscription at:
> https://lists.arin.net/mailman/listinfo/arin-ppml
> Please contactinfo at arin.net
> <mailto:info at arin.net>if you
> experience any issues.
>
>
>
>
>
>
> _______________________________________________
>
> ARIN-PPML
>
> You are receiving this message because you are subscribed to
>
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net <mailto:ARIN-PPML at arin.net>).
>
> Unsubscribe or manage your mailing list subscription at:
>
> https://lists.arin.net/mailman/listinfo/arin-ppml
>
> Please contactinfo at arin.net <mailto:info at arin.net> if you experience any issues.
>
> _______________________________________________
> ARIN-PPML
> You are receiving this message because you are
> subscribed to
> the ARIN Public Policy Mailing List
> (ARIN-PPML at arin.net <mailto:ARIN-PPML at arin.net>).
> Unsubscribe or manage your mailing list
> subscription at:
> https://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net
> <mailto:info at arin.net> if you experience any
> issues.
>
>
> _______________________________________________
> ARIN-PPML
> You are receiving this message because you are
> subscribed to
> the ARIN Public Policy Mailing List
> (ARIN-PPML at arin.net <mailto:ARIN-PPML at arin.net>).
> Unsubscribe or manage your mailing list subscription at:
> https://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net <mailto:info at arin.net> if
> you experience any issues.
>
> _______________________________________________
> ARIN-PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net
> <mailto:ARIN-PPML at arin.net>).
> Unsubscribe or manage your mailing list subscription at:
> https://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net <mailto:info at arin.net> if you
> experience any issues.
>
> _______________________________________________
> ARIN-PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net
> <mailto:ARIN-PPML at arin.net>).
> Unsubscribe or manage your mailing list subscription at:
> https://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net <mailto:info at arin.net> if you
> experience any issues.
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20190529/005277c8/attachment.htm>
More information about the ARIN-PPML
mailing list