[arin-ppml] Proposal - Remove Initial Small Assignment Requirements for IPv6

Paul E McNary pmcnary at cameron.net
Tue Sep 14 18:41:24 EDT 2021


Yes Owen you have valid points.
We are WISP in rural area.
Our problem was we were using /24 and /22 we had with the datacenter for years.
We also had /24 with low cost with that data center.
We had another provider that could provide us bandwidth through the other Datacenter in the same building.
We thought we had everything OK.
Then the DataCenter moved out and decided to no longer to offer colo and cancelled our long term contracts.
We were microwaving 60 mile from the top of this building.
Then are Microwave links got too much interference.
Licensed links were not in the budget.
Finally we found a company that had a fiber run on the opposite side of our network area from were our homing was.
So by the the time we got an ASN for multi-homing and jumping through the hoops that ARIN put in the way.
Our fiber provider gave us a /28
I got a /24 from a long term college/dear friend.
I talked to you Owen at WISPA events.
Someone on here I also talked to.
I also talked to ARIN staff at WISPA.
The young lady that was pregnant at the time was ARIN staff.
But by the time we got our ASN. No IPv4 remained.
So we did get IPv6 directly from ARIN.
However our fiber provider did not have IPv6 available.
When they finally did it couldn't be dual stack.
At the time the IPv6 routing was split to the major players and still is.
We had to forklift upgrade our entire network to use IPv6.
Cheap Huh!
The only place our network from our fiber provide and us crossed paths was near a water tower in a town of 90 people.
So all our backhauls had to be replaced.
Everything to our towers had to be completely engineered.
We finally got 1 /24 from ARIN under the IPv6 conversion rules.
Everthing had to be Double NATTED to get to these rural low density customers.
At one WISPA event John and I had a heated argument and he blew me off without any answers.
Owen you and John speak a version of English we don't speak here. Very circular and if this, not that but if this maybe that.
I could never get clear answers.
We still can't get dual stack on our fiber provider at this location.
Oh the problems with ROKU, Smart TV's, Video surveillance.
The video surveillance people can get around here in IPv4 only and they what a static or a port forward at our headend fiber.
$1000's of dollars in "free" service calls because all these device sellers blamed us for not giving them a static IPv4 or a port forward to the customer.
We do not have enough IPv4 to do this.
Simple and free. No way in hell.
And looking through ARIN justification which I reached out for help and ARIN said we had to this that and the other that did not work with our WISP model.
So the clock ran out to get direct assignments and /24's were out of site to buy. Or I guess acquire (because we can't own).
So ARIN helping gets resources to rural low density areas is a joke for SMB's like us.

So ARIN told me that if I had acquired legacy resources, I would have to have the state's incorporation papers that I acquired.
Many of the legacy resource holders were are small consultants who were sole proprietors in the 90's and never changed.
Or they moved and let their corporations go stale and retired to others states.
On a handshake deal the resources changed hands. All I got from Owen and ARIN staff was that these resources could be clawed back.
The answer I got from Owen and ARIN staff was that ARIN might claw these legacy resources back in these cases.
Some of these legacy resource holder had given their legacy resources to other people, have retired and died.
Many sole proprietors of the pre ARIN period and the ARIN policies don't address this situation except that ARIN can claw back these resources.
And every WISPA event Owen and the ARIN staff would change the answers about policy.
After I was able to get these list, I saw why. Always arguing. 
One time the policy was we were going to have to transfer every single IP that a ISP subscriber had in the registration system.

So tell me how ARIN has helped our company out so much again.
Heck many of our low income customers we had to switch all their equipment that couldn't do IPv6 with our routers.
Cheap huh!

Then the equipment could do IPv6. Heck I have a fairly new tv that can not do IPv6.
My current DISH Hopper equipment can't do it without dual stack they told use.
I have have IPv6 available at my house but not dual stack.
And from this conversation I see that even dual stack probably isn't workable yet.
We had 1 fiber provide that was available in our area.
Now the Local COOP's are subsidizing their sub companies who can get all the grant money we can't and are overbuilding use.
The offered to let use use their fiber for $10000 a month for 1 gig fiber hand off.
Then when they started overbuilding that offer basically went away.
We do last mile where no one will go and the cream of small towns has been taken away.
So all this arguing I have been involved with since we had to get an ASN, has been been very enlightening about ARIN's bureaucratic shit to jump through.

That's how ARIN has helped our company.
Cheap and inexpensive hell no.

So please explain

Paul McNary
pmcnary at cameron.net




----- Original Message -----
From: "Dan Oachs" <doachs at gac.edu>
To: "arin-ppml" <arin-ppml at arin.net>
Sent: Tuesday, September 14, 2021 3:19:40 PM
Subject: Re: [arin-ppml] Proposal - Remove Initial Small Assignment Requirements for IPv6

I agree with everything Owen and Albert have been saying in these
latest threads.  Keep up the good fight.

I've been running a dual stacked network for a college for over 10
years now and the rest of the world just needs to hurry up already.
Heck, my home ISP (Mediacom) has given me IPv6 addresses for around 4
years too.  You can't expect to keep running the same stuff for
decades without a firmware/hardware upgrade.  The "internet" is no
different.  Time to apply the upgrade, reboot, and more on.  :)

--Dan

On Tue, Sep 14, 2021 at 2:47 PM Owen DeLong via ARIN-PPML
<arin-ppml at arin.net> wrote:
>
> >
> > The point is that at this time, we should not have to justify nat in order to permit its standardization. Standardize it and let users figure it out.
>
> Why? It’s a local application only technology not useful on the broader internet, so why bother to standardize it? Why waste time of the standards bodies?
>
> >> Nat also assumes that noone wants to run their own internet services. While many things like cameras use a remote server to bypass the NAT leading to vendor tiein, things are clearly cleaner if each workstation or other device like a camera can run its own publically accessable services. Note that this does not mean that firewalls cannot be in place to block things that are not intended to be world readable. NAT is NOT a substitute for a firewall.
> >
> > It is in IPv4. And lets not encourage camera server and devices to be globally accessible, we already know that is a disaster.
>
> Actually, I’d suggest the following:
>         1.      NAT Is NOT a substitution for a firewall. It might be integral in the firewall in IPv4, but that’s not the same thing.
>         2.      Are cameras on the public internet a disaster because it was allowed, or are they a disaster because MFRs were
>                 able to assume that NAT would protect them from bad engineering and somehow everyone bought into the idea
>                 that such an assumption and bad engineering was acceptable?
>         3.      I’d argue that switching the expectation from “Everything is behind NAT, so it’s OK to be security-careless” to
>                 “Everything is publicly addressable and might be reachable, therefore security is important” would be very
>                 good for the industry as a whole, not to mention end users. Yes, there will be some pain points as this
>                 transition occurs, but the end result is highly desirable.
>
> >> If you want NAT on the networks you manage, go for it.  All the tech bits to make NAT work in IPv6 are there.  Just do not expect the rest of us that would like to get back to the end-to-end model to support your choice, and I am sure some of your users will wish you did not make that choice, because of things they want that may not work in this enviroment.
> >
> > I expect exactly that. I expect you to support peoples ability to make this choice, since the current alternative is
>
> So you expect everyone else to put in effort to support your choice of technology because you don’t like our choice… Sounds a lot like your reasons earlier claiming we shouldn’t expect v6 to be widely deployed any time soon.
>
> You’ve successfully argued against yourself here. The advantage goes to v6 without NAT because it is further along in deployment than any effort to standardize NATv6 (fortunately).
>
> Owen
>
> _______________________________________________
> ARIN-PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> https://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.
_______________________________________________
ARIN-PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
Unsubscribe or manage your mailing list subscription at:
https://lists.arin.net/mailman/listinfo/arin-ppml
Please contact info at arin.net if you experience any issues.


More information about the ARIN-PPML mailing list