[arin-ppml] Draft Policy ARIN-2019-18: LIR/ISP Re-Assignment to Non-Connected Networks

hostmaster at uneedus.com hostmaster at uneedus.com
Tue Oct 1 12:03:53 EDT 2019


I do not consider the requirement as "descended from heaven" but merely 
the current policy which is always the starting point.  Proponents of 
policy change I believe need to be able to state clearly the reasons why a 
change from the current policy is desired.

So that I can understand what you are trying to change, can you please 
help me understand what a "non connected network" is in light of what you 
would like to be able to do, that would appear to be prohibited by the 
operational use current policy?

Non connected to me means no exposure of the numbers to the internet, 
except by NAT or a similar gateway.  Much like the regular use of the RFC 
1918 numbers that many use on the lan side of their router.

I would not consider the outlet address of a VPN to be a non connected 
network, since the entire purpose of a VPN is to communicate securely with 
the internet, using the outlet IP, which might not even be in the same 
country as the inlet connection.

I know there are some that claim to have a need for a unique worldwide 
addresses on their LAN, I do not think that those internal uses should 
trump those who which to obtain IPv4 numbering space for active internet 
use.

Maybe the term "non connected network" refers to IPv4 blocks that are part 
of the property of a leasing company, when that company does not provide 
any part of internet routing of those blocks.  However, if for example 
they are leased long term to a major cell phone provider for the outlet 
side of their 3G, 4G, xG network, those numbers are also really not an 
"non connected network" either.

Please give me some insight into what kind of operation needs to have an 
exemption to the current "operational use" requirement in order to receive 
IPv4 directed transfers for a "non connected network"

While RIPE might be successful in their operations, I do not yet see the 
problem with the current policy at ARIN.  A little insight as to what you 
would like to happen here that cannot be done under the current policy 
would be helpful in understanding the WHY of the draft policy.

Albert Erdmann
Network Administrator
Paradise On Line Inc.

On Tue, 1 Oct 2019, Mike Burns wrote:

> Hi Albert,
>
> Your first issue is a requirement for operational use as being something descended from heaven. It was simply the best method to fulfil our stewardship duties in a free pool era. That duty was conservation, i.e. efficient use. So naturally, since these were being given away for free, some limit was needed. The limit was operational use. Now the limit is the cost of addresses, and it is a more effective limit than the policy limit you cling to. I have demonstrated this by linking to Geoff Huston's article showing how the market drew addresses off the sidelines. I have pointed out that RIPE has no requirement for operational needs and is functioning quite well. You keep ignoring the RIPE experience, pointedly I think.
>
> Your second issue is the lack of direct relationship between the block user and ARIN. Sorry, that fails because this is the normal hierarchy for ISPs and LIRS at every registry. As an ISP I can assign a block to a connected customer and that customer has no RSA with ARIN. What's the problem? You have revealed a distinction without a difference. The blocks are covered by RSA regardless.
>
> You claim that anybody who doesn't use 50% of their block immediately is a hoarder. There are a lot of hoarders in ARIN by that definition. Sorry, but I took the time to define a speculator and your definition does not match, it's far too broad. As far as the mechanics of it go, we are talking about the same needs tests for leases as for connected customers, so a lessor or an owner has the same incentives towards immediate and efficient use.
>
> And once more, Albert, are you saying RIPE is subject to the many problems you have speculated about, due to the complete absence of a requirement to demonstrate use on operational network?  You have gone on and on about how wrong this is, but you can't point to the existence of a resulting problem from dropping the needs test?
>
> Finally, Albert, please do not start the ad hominem attacks on my positions as resulting from selfishness. My arguments stand on their own and should be properly evaluated as if they were anonymously offered. Surely you understand this?
>
> Regards,
> Mike
>
>
>
>
>
>
>
>
> The primary problem I have with the Draft Policy is that it eliminates the "operational use" policy.  Leasing is just a side issue.  Right now, obtaining addresses in the marketplace for the purposes of leasing them to others is not permitted because of that "operational use" policy.
>
> I also have an issue with another party being inserted into the transaction.  The operational use requirement is intended for the party receiving the directed transfer and NOT another unrelated person who is NOT under contract with ARIN.  What you propose is that another party that is NOT using the numbers sign the RSA and the lessee never does. In the case of abuse, the fact that the party doing the abuse is not subject to a signed RSA complicates the issues with ARIN enforcement action.
>
> In my opinion, speculators ARE hoarders if they are not putting 50% of the numbers to use at once as the policies generally require.  If leasing is permitted, someone willing to pay more for numbers, but is required to wait a while to get someone to use them is tilting the market price higher as opposed to those who want to use the numbers at once being the market price setters.
>
> While I can see your point of view, as you represent those with numbers to "sell", getting more money because of this change of policy. Leasing is not in the interest of the overall community who has a current policy in place to restrict buyers to those that intend to put the IPv4 resources to use at once.
>
> In effect, you are proposing changing the policy, so those with numbers can get more money for them by adding speculators to the market.  This is wrong.
>
> Albert Erdmann
> Network Administrator
> Paradise On Line Inc.
>
>
> On Tue, 1 Oct 2019, Mike Burns wrote:
>
>> Albert wrote:
>> It was always understood you were supposed to turn back in unused numbers.
>> The market is one way to do that, by turning your unused addresses over to someone who can use them. Leasing does not meet that standard in my mind.
>>
>> Numbers are for operational networks, not for speculators.
>>
>>
>> Hi Albert and thanks for your thoughts. My I ask why the transfer market turns unused addresses over to someone who can use them, but the leasing market does not?  Do you place such a premium on deal format? What if it's a lease-to-own arrangement? What if it's a 10 year lease? What is different, except for financial issues, between transfers and leases, in the context of bringing unused addresses into use on an operational network?
>>
>> Why do you think speculators would be antithetical to using numbers on
>> operational networks? I genuinely do not understand, unless you are
>> referring to that eternal bogeyman, the hoarder. You shouldn't oppose
>> policy in this regard until and unless somebody, somewhere has
>> evidence of IPv4 hoarding by speculators, ever.  I define speculator
>> as somebody who invests money into IPv4 addresses seeking to profit
>> from that investment. Can somebody even offer a description of how
>> hoarding would work *in this market* to a speculator's benefit?
>>
>> Regards,
>> Mike
>>
>>
>>
>>
>>
>>
>>
>>
>> On Mon, 30 Sep 2019, Mike Burns wrote:
>>
>>> Hi Fernando,
>>>
>>> Let me address the two items highlighted in your reply below.
>>>
>>> First is the reduction of ARIN to nothing more than a registration operation. What is wrong with that? RFC2050 said the primary purpose of an RIR is registration. We need to keep the numbers unique or everything fails. ARIN should indeed reduce itself to registering transfers and doing what it can to maintain accurate registration per our primary stewardship role. All else is subservient, including conservation. But we have addressed conservation.  RIPE has been reduced to a registration operation, to use your term. What is so wrong with RIPE?
>>>
>>> Second is the point that one of the business cases for leasing is for spamming. This is something to consider, but I would like for you to put yourself into the position of a Lessor. The Lessor knows  his blocks will lose value if they are blacklisted, so they take steps to mitigate this. For example, one notable lessor charges a $20 fee for every abuse complaint on a leased block. The Lessee pays the $20 fee and most of it is paid to the Lessor as compensation. This disincentivizes spamming on leased blocks. A Lessor who gets tricked into leasing to a spammer will find his block devalued significantly. He can get it delisted one, maybe twice if he can spin a good story. After that, no more for that owner. So the owners have penalties and usage terms built into the lease contract, or they get prepayment for many months in advance, or they lease large blocks which are not appealing to spammers. The point is this is a valid argument against changing policy to support leasi!
 n!
> g!
>> , but the problems are long-known and the market has applied corrections.  On the other hand, spammers like to hijack too, and having the ability to define a hijack as being non-compliant with a lease policy will enable ARIN to pressure the address holder for a policy violation if pressure from that side helps.
>>>
>>> Regards,
>>> Mike
>>>
>>>
>>>
>>> -----Original Message-----
>>> From: ARIN-PPML <arin-ppml-bounces at arin.net> On Behalf Of Fernando
>>> Frediani
>>> Sent: Monday, September 30, 2019 4:36 PM
>>> To: arin-ppml at arin.net
>>> Subject: Re: [arin-ppml] Draft Policy ARIN-2019-18: LIR/ISP
>>> Re-Assignment to Non-Connected Networks
>>>
>>> On 30/09/2019 15:36, hostmaster at uneedus.com wrote:
>>>
>>>> Currently, the ability to obtain IPv4 resources is constrained by
>>>> the requirement to prove to ARIN that you need the addresses for
>>>> your operational use in a network, which will be claimed to be no
>>>> unneeded once the "operational use" requirement is gone, leaving
>>>> ARIN to be nothing more than a registration operation.
>>> Excellent point raised. Couldn't agree more !
>>>>
>>>> While this is claimed to reduce one problem with leasing IPv4
>>>> addresses (lack of registration and associated abuse contacts) it
>>>> causes other issues.  Often network abusers lease addresses for
>>>> abuse, dumping them and leasing others when they get blacklisted.
>>> And this too. Actually this is a well known issue.
>>>>
>>>>
>>>>
>>>>
>>>> On Mon, 30 Sep 2019, Mike Burns wrote:
>>>>
>>>>>
>>>>> Hi Fernando,
>>>>>
>>>>>
>>>>>
>>>>> You said “RIR is and has always been the one who drives the
>>>>> resources to be efficientlly assigned by analysing justifications
>>>>> not private transfer companies. If an organization is not using
>>>>> resouces efficiently it either may change its resource assignment
>>>>> strategy otherwise it doesn't justify for those addresses anymore
>>>>> and should return them back to the RIR.”
>>>>>
>>>>>
>>>>>
>>>>> There is no policy in ARIN to return un-needed space.  IPv4
>>>>> resource holders own something of value, which is what economists
>>>>> call an “alienable asset”.  It is possible for such resource
>>>>> holders to return such space to ARIN, but you don’t have to be an
>>>>> economist to understand why they don’t and haven’t for the most part.
>>>>>
>>>>>
>>>>>
>>>>> Your method has been tried, and it was really a good try. The
>>>>> effort was decades-long, yet recognized a failure by the clear
>>>>> evidence of the routing table.
>>>>> So much space allocated, yet not routed. Not enough to be explained
>>>>> away by internal use; this is unconvincing. No, the space sat on
>>>>> the sidelines, it was not returned to ARIN. Until the market
>>>>> provided the missing incentive to action, and that action is also
>>>>> quite visible in the routing table and transfer logs.  The profit
>>>>> incentive, the draw of lucre, the absurd effect of price have led
>>>>> to an increase in the efficient use of the IPv4 address universe.
>>>>> Geoff Huston did a good analysis of the source of transferred
>>>>> addresses and showed the market brought many never-routed addresses into efficient use.
>>>>> https://blog.apnic.net/2017/01/09/studying-ipv4-transfer-market-rep
>>>>> o
>>>>> r
>>>>> ted-transfers/
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> You also said “It is pretty reasonable to think that in no RIRs you
>>>>> are able justify more IP space by saying ‘I need these addresses in
>>>>> order to lease them to someone else’. If that is never a possible
>>>>> justification that can be used therefore leases don't make any
>>>>> sense.”
>>>>>
>>>>>
>>>>>
>>>>> Anybody can indeed purchase RIPE addresses via transfer solely for
>>>>> the purpose of leasing them out. That is because RIPE does not have
>>>>> a needs justification for transfers (nor policy forbidding leasing).
>>>>> And that is because, in my opinion, the RIPE community realized
>>>>> that their intrinsic role of conservation would now be undertaken
>>>>> by market forces. These can be relied upon to bring un- and
>>>>> under-utilized addresses to their “highest and best use”, again as
>>>>> economists say.
>>>>>
>>>>>
>>>>>
>>>>> But you do bring up the relevant question in the context of this
>>>>> ARIN policy proposal, which is whether leasing to a “connected”
>>>>> customer is all that different from leasing to a “non-connected”
>>>>> customer when it comes to justifications. In the first case, the
>>>>> ISP normally registers the assignment of this block to his customer
>>>>> in Whois and can use it as justification. In the second there is no
>>>>> such registration requirement and the lease can’t be used as a
>>>>> justification.  To me this is a problem, and I think there is a
>>>>> solution.
>>>>>
>>>>>
>>>>>
>>>>> Conservation and Registration are our lodestars. In this case
>>>>> pricing will handle conservation, but what about registration? What
>>>>> about when pricing drives Conservation at the expense of
>>>>> Registration?  I am on record as supporting the RIPE model, which
>>>>> allows for lessors to purchase lease inventory, with registered
>>>>> transfers, and also allows them to record leases as assignments
>>>>> that include access to important contact information.
>>>>>
>>>>>
>>>>>
>>>>> The simple and straightforward answer here is to end the needs-test
>>>>> for transfers. RIPE has shown us the way, taken the “risk” and now
>>>>> we can look at years’
>>>>> and thousands of transfers’ worth of data. Anybody see any problems
>>>>> resulting from the dropping of the needs test in RIPE?
>>>>>
>>>>>
>>>>>
>>>>> Absent dropping the needs test for transfers, the logical step in
>>>>> the context of this policy allowing leasing, is to allow certain
>>>>> leases to be used for justifications while at the same time
>>>>> providing policy requiring registration (SWIP) and documentation (Letter Of Agency).
>>>>> It’s my opinion that this carrot and stick approach will induce
>>>>> Lessors to properly register their leases while also providing a
>>>>> clear demarcation of leasing versus hijacking that will empower our
>>>>> community and potentially law enforcement.  You want to purchase
>>>>> addresses because you think you can make money in their rental?
>>>>> Fine, show  us that you are efficiently using your prior
>>>>> allocations and properly registering assignments.
>>>>>
>>>>>
>>>>>
>>>>> There should be no difference in the way we treat those who assign
>>>>> to “non-connected” or “connected” networks. ARIN calls a VPN a
>>>>> connection. Times have moved on, and any two networks can be easily
>>>>> “connected” for the purposes of policy-compliance only. So why
>>>>> trade the lack of insight into IPv4 block contact information for
>>>>> the maintenance of this fig-leaf?
>>>>>
>>>>>
>>>>>
>>>>> Regards,
>>>>> Mike Burns
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> From: ARIN-PPML <arin-ppml-bounces at arin.net> On Behalf Of Fernando
>>>>> Frediani
>>>>> Sent: Saturday, September 28, 2019 7:20 PM
>>>>> To: arin-ppml <arin-ppml at arin.net>
>>>>> Subject: Re: [arin-ppml] Draft Policy ARIN-2019-18: LIR/ISP
>>>>> Re-Assignment to Non-Connected Networks
>>>>>
>>>>>
>>>>>
>>>>> I strongly oppose this proposal.
>>>>>
>>>>>
>>>>>
>>>>> Leasing of IP addresses in such way should never be permmited and
>>>>> is a distortion of the way IP addresses must be used by organizations.
>>>>>
>>>>>
>>>>>
>>>>> The main reason is simple: if an organization is "leasing" IP
>>>>> address it is a clear sign that the organization does not have
>>>>> usage for that IP space and as it doesn't justify anymore it should
>>>>> therefore return them back to the RIR in order to be re-assigned to
>>>>> those who really have a need for it, via waiting list or other
>>>>> methods covered by the policies.
>>>>>
>>>>>
>>>>>
>>>>> It is pretty reasonable to think that in no RIRs you are able
>>>>> justify more IP space by saying "I need these addresses in order to
>>>>> lease them to someone else".
>>>>>
>>>>> If that is never a possible justification that can be used
>>>>> therefore leases don't make any sense.
>>>>>
>>>>>
>>>>>
>>>>> If an organization needs further IP space for a temporary project
>>>>> it may just get from the LIR or ISP but if that is not possible and
>>>>> the organization is an Autonomous System it can just go to market
>>>>> and get it transfered permanentlly.
>>>>>
>>>>> Either from the RIR or transfered via market addresses must be
>>>>> justified and leases are nothing but unused address by who is
>>>>> willing to lease.
>>>>>
>>>>>
>>>>>
>>>>> The justification given to allow organizations to facilitate
>>>>> transition to IPv6 does not apply at all as organizations can go
>>>>> directlly to the RIR for that (4.10). Why would it get via a lease
>>>>> bypassing the RIR ?
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> By allowing leases it is just skipping the RIR's function to fairly
>>>>> re-distribute them and passing it private companies with financial
>>>>> interests.
>>>>>
>>>>>
>>>>>
>>>>> I think 8.5.2 is already properly written and doesn't require any
>>>>> change.
>>>>>
>>>>> Also Non-Connected Networks is not properly defined.
>>>>>
>>>>>
>>>>>
>>>>> Regarding the point about Conservation to be done through market
>>>>> pricing I will skip to comment such absurd thing.
>>>>>
>>>>>
>>>>>
>>>>> Regards
>>>>>
>>>>> Fernando
>>>>>
>>>>>
>>>>>
>>>>> On Tue, 24 Sep 2019, 17:41 ARIN, <info at arin.net> wrote:
>>>>>
>>>>>       On 19 September 2019, the ARIN Advisory Council (AC) accepted
>>>>>       "ARIN-prop-277: LIR/ISP Re-Assignment to Non-Connected
>>>>> Networks" as a
>>>>>       Draft Policy.
>>>>>
>>>>>       Draft Policy ARIN-2019-18 is below and can be found at:
>>>>>
>>>>>       https://www.arin.net/participate/policy/drafts/2019_18/
>>>>>
>>>>>       You are encouraged to discuss all Draft Policies on PPML. The
>>>>> AC will
>>>>>       evaluate the discussion in order to assess the conformance of
>>>>> this draft
>>>>>       policy with ARIN's Principles of Internet number resource
>>>>> policy as
>>>>>       stated in the Policy Development Process (PDP). Specifically,
>>>>> these
>>>>>       principles are:
>>>>>
>>>>>       * Enabling Fair and Impartial Number Resource Administration
>>>>>       * Technically Sound
>>>>>       * Supported by the Community
>>>>>
>>>>>       The PDP can be found at:
>>>>>       https://www.arin.net/participate/policy/pdp/
>>>>>
>>>>>       Draft Policies and Proposals under discussion can be found at:
>>>>>       https://www.arin.net/participate/policy/drafts/
>>>>>
>>>>>       Regards,
>>>>>
>>>>>       Sean Hopkins
>>>>>       Policy Analyst
>>>>>       American Registry for Internet Numbers (ARIN)
>>>>>
>>>>>
>>>>>
>>>>>       Draft Policy ARIN-2019-18: LIR/ISP Re-Assignment to
>>>>> Non-Connected Networks
>>>>>
>>>>>       Problem Statement:
>>>>>
>>>>>       Businesses have a need to lease IPv4 space for limited
>>>>> periods of time,
>>>>>       as evidenced by a robust (technically prohibited) subleasing
>>>>> market. The
>>>>>       lack of legitimization of the subleasing market hinders
>>>>> innovation,
>>>>>       research, reporting, and the development of rules/industry best
>>>>>       practices to ensure identifiability and contactability.
>>>>>
>>>>>       Policy statement:
>>>>>
>>>>>       ORIGINAL POLICY LANGUAGE
>>>>>
>>>>>       2.4. Local Internet Registry (LIR)
>>>>>
>>>>>       A Local Internet Registry (LIR) is an IR that primarily
>>>>> assigns address
>>>>>       space to the users of the network services that it provides.
>>>>> LIRs are
>>>>>       generally Internet Service Providers (ISPs), whose customers
>>>>> are
>>>>>       primarily end users and possibly other ISPs.
>>>>>
>>>>>       PROPOSED POLICY LANGUAGE
>>>>>
>>>>>       A Local Internet Registry (LIR) is an IR that primarily
>>>>> assigns address
>>>>>       space to the users of the network services that it provides.
>>>>> LIRs are
>>>>>       generally Internet Service Providers (ISPs), whose customers
>>>>> are
>>>>>       primarily end users and possibly other ISPs.
>>>>>
>>>>>       LIRs may also assign address space to other organizations or
>>>>> customers
>>>>>       that request it for use in an operational network.
>>>>>
>>>>>       ORIGINAL POLICY LANGUAGE
>>>>>
>>>>>       8.5.2 Operational Use
>>>>>
>>>>>       ARIN allocates or assigns number resources to organizations
>>>>> via transfer
>>>>>       solely for the purpose of use on an operational network.
>>>>>
>>>>>       PROPOSED POLICY LANGUAGE
>>>>>
>>>>>       Option 1 : Remove 8.5.2 entirely
>>>>>
>>>>>       Option 2 : Edit as follows
>>>>>
>>>>>       8.5.2 Operational Use
>>>>>
>>>>>       ARIN allocates or assigns number resources to organizations
>>>>> via transfer
>>>>>       solely primarily for the purpose of use on an operational
>>>>> network, but
>>>>>       may allocate or assign number resources to organizations for
>>>>> other
>>>>>       purposes, including re-assignment to non-connected networks .
>>>>>
>>>>>       Comments:
>>>>>
>>>>>       Timetable for implementation: Immediate
>>>>>
>>>>>       Anything Else:
>>>>>
>>>>>       The legitimization of a subleasing market for IPv4 has
>>>>> numerous business
>>>>>       and community benefits, including (but not limited to):
>>>>>
>>>>>       - Allowing organizations to efficiently utilize IPv4 space
>>>>> without
>>>>>       transferring space permanently;
>>>>>       - Allowing organizations to obtain IPv4 space for a limited
>>>>> time in
>>>>>       order to facilitate transition to IPv6;
>>>>>       - Allowing organizations to develop enforceable acceptable
>>>>> use policies
>>>>>       in a previously lawless illegitimate space;
>>>>>       - Allowing the community to develop reporting and recording
>>>>> standards
>>>>>       and/or best practices to the benefit of preserving the
>>>>> integrity of IPv4
>>>>>       address space.
>>>>>       - We would like to engage further with the ARIN community to
>>>>> discuss the
>>>>>       current state of the unauthorized subleasing market, and how
>>>>> this
>>>>>       proposed policy change would both update ARIN policies to
>>>>> reflect the
>>>>>       reality of the subleasing market, and positively address
>>>>> business and
>>>>>       community concerns.
>>>>>
>>>>>       _______________________________________________
>>>>>       ARIN-PPML
>>>>>       You are receiving this message because you are subscribed to
>>>>>       the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
>>>>>       Unsubscribe or manage your mailing list subscription at:
>>>>>       https://lists.arin.net/mailman/listinfo/arin-ppml
>>>>>       Please contact info at arin.net if you experience any issues.
>>>>>
>>>>>
>>>>>
>>> _______________________________________________
>>> ARIN-PPML
>>> You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
>>> Unsubscribe or manage your mailing list subscription at:
>>> https://lists.arin.net/mailman/listinfo/arin-ppml
>>> Please contact info at arin.net if you experience any issues.
>>>
>>> _______________________________________________
>>> ARIN-PPML
>>> You are receiving this message because you are subscribed to the ARIN
>>> Public Policy Mailing List (ARIN-PPML at arin.net).
>>> Unsubscribe or manage your mailing list subscription at:
>>> https://lists.arin.net/mailman/listinfo/arin-ppml
>>> Please contact info at arin.net if you experience any issues.
>>>
>>
>>
>
>


More information about the ARIN-PPML mailing list