[arin-ppml] Proposal - Remove Initial Small Assignment Requirements for IPv6
Owen DeLong
owen at delong.com
Wed Sep 15 00:34:37 EDT 2021
I understand your frustration. In part, every WISPA event the answers about policy changed because ARIN policy is
not a static immutable thing. It’s constantly evolving in response to community input into the policy development
process and that was a time of a lot of policy proposals coming through the AC.
Sounds like most of your problems relate to vendors failing to provide good IPv6 support. I empathize. I’ve been doing
pretty much everything I can think of to achieve that for many years now.
As to your IPv4 situation, that’s a pretty classic example of why I say that the people refusing to deploy good IPv6
capabilities in their {product, content, network} are causing pain for the rest of us.
I don’t think I ever claimed ARIN helped you or even had a good solution for you. I’m not sure how you came to the
conclusion that it was ARIN’s or my duty to conjure additional IPv4 resources from thin air after runout or how the
failure of others to deploy IPv6 was our fault, but you’re entitled to your opinion.
My role at ARIN was as a volunteer trying to help the community develop policies that met the needs of the
community in a fair and equitable manner. I resigned from that role in June and now my relationship to ARIN
is that of victim^wcustomer too.
Owen
> On Sep 14, 2021, at 15:41 , Paul E McNary via ARIN-PPML <arin-ppml at arin.net> wrote:
>
> Yes Owen you have valid points.
> We are WISP in rural area.
> Our problem was we were using /24 and /22 we had with the datacenter for years.
> We also had /24 with low cost with that data center.
> We had another provider that could provide us bandwidth through the other Datacenter in the same building.
> We thought we had everything OK.
> Then the DataCenter moved out and decided to no longer to offer colo and cancelled our long term contracts.
> We were microwaving 60 mile from the top of this building.
> Then are Microwave links got too much interference.
> Licensed links were not in the budget.
> Finally we found a company that had a fiber run on the opposite side of our network area from were our homing was.
> So by the the time we got an ASN for multi-homing and jumping through the hoops that ARIN put in the way.
> Our fiber provider gave us a /28
> I got a /24 from a long term college/dear friend.
> I talked to you Owen at WISPA events.
> Someone on here I also talked to.
> I also talked to ARIN staff at WISPA.
> The young lady that was pregnant at the time was ARIN staff.
> But by the time we got our ASN. No IPv4 remained.
> So we did get IPv6 directly from ARIN.
> However our fiber provider did not have IPv6 available.
> When they finally did it couldn't be dual stack.
> At the time the IPv6 routing was split to the major players and still is.
> We had to forklift upgrade our entire network to use IPv6.
> Cheap Huh!
> The only place our network from our fiber provide and us crossed paths was near a water tower in a town of 90 people.
> So all our backhauls had to be replaced.
> Everything to our towers had to be completely engineered.
> We finally got 1 /24 from ARIN under the IPv6 conversion rules.
> Everthing had to be Double NATTED to get to these rural low density customers.
> At one WISPA event John and I had a heated argument and he blew me off without any answers.
> Owen you and John speak a version of English we don't speak here. Very circular and if this, not that but if this maybe that.
> I could never get clear answers.
> We still can't get dual stack on our fiber provider at this location.
> Oh the problems with ROKU, Smart TV's, Video surveillance.
> The video surveillance people can get around here in IPv4 only and they what a static or a port forward at our headend fiber.
> $1000's of dollars in "free" service calls because all these device sellers blamed us for not giving them a static IPv4 or a port forward to the customer.
> We do not have enough IPv4 to do this.
> Simple and free. No way in hell.
> And looking through ARIN justification which I reached out for help and ARIN said we had to this that and the other that did not work with our WISP model.
> So the clock ran out to get direct assignments and /24's were out of site to buy. Or I guess acquire (because we can't own).
> So ARIN helping gets resources to rural low density areas is a joke for SMB's like us.
>
> So ARIN told me that if I had acquired legacy resources, I would have to have the state's incorporation papers that I acquired.
> Many of the legacy resource holders were are small consultants who were sole proprietors in the 90's and never changed.
> Or they moved and let their corporations go stale and retired to others states.
> On a handshake deal the resources changed hands. All I got from Owen and ARIN staff was that these resources could be clawed back.
> The answer I got from Owen and ARIN staff was that ARIN might claw these legacy resources back in these cases.
> Some of these legacy resource holder had given their legacy resources to other people, have retired and died.
> Many sole proprietors of the pre ARIN period and the ARIN policies don't address this situation except that ARIN can claw back these resources.
> And every WISPA event Owen and the ARIN staff would change the answers about policy.
> After I was able to get these list, I saw why. Always arguing.
> One time the policy was we were going to have to transfer every single IP that a ISP subscriber had in the registration system.
>
> So tell me how ARIN has helped our company out so much again.
> Heck many of our low income customers we had to switch all their equipment that couldn't do IPv6 with our routers.
> Cheap huh!
>
> Then the equipment could do IPv6. Heck I have a fairly new tv that can not do IPv6.
> My current DISH Hopper equipment can't do it without dual stack they told use.
> I have have IPv6 available at my house but not dual stack.
> And from this conversation I see that even dual stack probably isn't workable yet.
> We had 1 fiber provide that was available in our area.
> Now the Local COOP's are subsidizing their sub companies who can get all the grant money we can't and are overbuilding use.
> The offered to let use use their fiber for $10000 a month for 1 gig fiber hand off.
> Then when they started overbuilding that offer basically went away.
> We do last mile where no one will go and the cream of small towns has been taken away.
> So all this arguing I have been involved with since we had to get an ASN, has been been very enlightening about ARIN's bureaucratic shit to jump through.
>
> That's how ARIN has helped our company.
> Cheap and inexpensive hell no.
>
> So please explain
>
> Paul McNary
> pmcnary at cameron.net
>
>
>
>
> ----- Original Message -----
> From: "Dan Oachs" <doachs at gac.edu>
> To: "arin-ppml" <arin-ppml at arin.net>
> Sent: Tuesday, September 14, 2021 3:19:40 PM
> Subject: Re: [arin-ppml] Proposal - Remove Initial Small Assignment Requirements for IPv6
>
> I agree with everything Owen and Albert have been saying in these
> latest threads. Keep up the good fight.
>
> I've been running a dual stacked network for a college for over 10
> years now and the rest of the world just needs to hurry up already.
> Heck, my home ISP (Mediacom) has given me IPv6 addresses for around 4
> years too. You can't expect to keep running the same stuff for
> decades without a firmware/hardware upgrade. The "internet" is no
> different. Time to apply the upgrade, reboot, and more on. :)
>
> --Dan
>
> On Tue, Sep 14, 2021 at 2:47 PM Owen DeLong via ARIN-PPML
> <arin-ppml at arin.net> wrote:
>>
>>>
>>> The point is that at this time, we should not have to justify nat in order to permit its standardization. Standardize it and let users figure it out.
>>
>> Why? It’s a local application only technology not useful on the broader internet, so why bother to standardize it? Why waste time of the standards bodies?
>>
>>>> Nat also assumes that noone wants to run their own internet services. While many things like cameras use a remote server to bypass the NAT leading to vendor tiein, things are clearly cleaner if each workstation or other device like a camera can run its own publically accessable services. Note that this does not mean that firewalls cannot be in place to block things that are not intended to be world readable. NAT is NOT a substitute for a firewall.
>>>
>>> It is in IPv4. And lets not encourage camera server and devices to be globally accessible, we already know that is a disaster.
>>
>> Actually, I’d suggest the following:
>> 1. NAT Is NOT a substitution for a firewall. It might be integral in the firewall in IPv4, but that’s not the same thing.
>> 2. Are cameras on the public internet a disaster because it was allowed, or are they a disaster because MFRs were
>> able to assume that NAT would protect them from bad engineering and somehow everyone bought into the idea
>> that such an assumption and bad engineering was acceptable?
>> 3. I’d argue that switching the expectation from “Everything is behind NAT, so it’s OK to be security-careless” to
>> “Everything is publicly addressable and might be reachable, therefore security is important” would be very
>> good for the industry as a whole, not to mention end users. Yes, there will be some pain points as this
>> transition occurs, but the end result is highly desirable.
>>
>>>> If you want NAT on the networks you manage, go for it. All the tech bits to make NAT work in IPv6 are there. Just do not expect the rest of us that would like to get back to the end-to-end model to support your choice, and I am sure some of your users will wish you did not make that choice, because of things they want that may not work in this enviroment.
>>>
>>> I expect exactly that. I expect you to support peoples ability to make this choice, since the current alternative is
>>
>> So you expect everyone else to put in effort to support your choice of technology because you don’t like our choice… Sounds a lot like your reasons earlier claiming we shouldn’t expect v6 to be widely deployed any time soon.
>>
>> You’ve successfully argued against yourself here. The advantage goes to v6 without NAT because it is further along in deployment than any effort to standardize NATv6 (fortunately).
>>
>> Owen
>>
>> _______________________________________________
>> ARIN-PPML
>> You are receiving this message because you are subscribed to
>> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
>> Unsubscribe or manage your mailing list subscription at:
>> https://lists.arin.net/mailman/listinfo/arin-ppml
>> Please contact info at arin.net if you experience any issues.
> _______________________________________________
> ARIN-PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> https://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.
> _______________________________________________
> ARIN-PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> https://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.
More information about the ARIN-PPML
mailing list