[arin-ppml] Draft Policy ARIN-2021-3: Private AS Number and Unique Routing Policy Clarifications

Owen DeLong owen at delong.com
Thu Jul 22 02:00:23 EDT 2021



> On Jul 21, 2021, at 17:39 , William Herrin <bill at herrin.us> wrote:
> 
> On Tue, Jul 20, 2021 at 12:52 PM ARIN <info at arin.net> wrote:
>> Replace
>> “Sites that do not require a unique AS Number should use one or more of the AS Numbers reserved for private use.”
>> 
>> with
>> “Private ASNs should be used only when there is no plan to use them on the public Internet.”
> 
> This is factually incorrect. It's uncommon but legitimate practice to
> employ a private AS number which is dropped from the path by your
> upstream provider.

At which point, said private ASN is not used on the public internet.

The prefixes might be, but the private ASN itself is not.

> 
> 
>> Replace
>> “1. A unique routing policy (its policy differs from its border gateway peers) 2. A multihomed site.”
>> 
>> with
>> “1. A plan to connect their network using a unique routing policy, such as Border Gateway Protocol (BGP) 2. A network requiring routing policies to be deployed which are unique only to that network”
> 
> This wording is extremely vague. It's difficult for me to understand
> how any router implementing something more complex than a default
> gateway has not implemented a routing policy unique to its network.

In general, a routing policy looks something like this:

From <AS_LOCAL> to AS_ANY export <local_prefixes>
From <AS_PEERAS> to <AS_LOCAL> import <permitted_prefixes ot any>
…

Sometimes, there is a different policy for different subsets of routers under the
same administrative control, even where they are not connected to more than one
PEERAS or more than one peer. In such cases, this would represent a unique
routing policy rather than multihoming, but still requires an ASN for each distinct
policy.

> "Multihomed" I understand. It just means you have two or more ISPs at
> the same time.

Nope… It means you peer with more than one non-local ASN at a time.

> 
>> 1. “Sites that do not require a unique AS Number should use one or more of the AS Numbers reserved for private use.” Some customers are not aware that their need for a unique AS Number depends upon their need (or lack thereof) to utilize the AS Number on the public Internet.
> 
> This is not entirely accurate. Any multi-organization internetwork
> using the BGP protocol requires coordination of AS numbers no
> different than they need coordination of IP addresses. It's not just
> the public Internet.

Correct… Use on the public internet should not be added to the ASN requirements IMHO.

Owen




More information about the ARIN-PPML mailing list