<div dir="ltr"><div dir="ltr"><div dir="ltr">Please note that RFC2050 has be obsoleted by RFC7020<div><br></div><div><a href="https://tools.ietf.org/html/rfc2050">https://tools.ietf.org/html/rfc2050</a><br></div><div><a href="https://tools.ietf.org/html/rfc7020">https://tools.ietf.org/html/rfc7020</a><br></div><div><br></div><div>So you are arguing about a document that is no longer controlling.</div></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Sep 30, 2019 at 4:23 PM Fernando Frediani <<a href="mailto:fhfrediani@gmail.com">fhfrediani@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF">
<div class="gmail-m_4628345583212804105moz-cite-prefix">On 30/09/2019 18:06, Mike Burns wrote:<br>
</div>
<blockquote type="cite">
<pre class="gmail-m_4628345583212804105moz-quote-pre">Hi Fernando,
Let me address the two items highlighted in your reply below.
First is the reduction of ARIN to nothing more than a registration operation. What is wrong with that? RFC2050 said the primary purpose of an RIR is registration. We need to keep the numbers unique or everything fails. ARIN should indeed reduce itself to registering transfers and doing what it can to maintain accurate registration per our primary stewardship role. All else is subservient, including conservation. But we have addressed conservation. RIPE has been reduced to a registration operation, to use your term. What is so wrong with RIPE?</pre>
</blockquote>
<p>It also says: "<i>ISPs are required to utilize address space in
an efficient manner. To this end, ISPs should have documented
justification available for each assignment. The regional
registry may, at any time, ask for this information. If the
information is not available, future allocations may be
impacted.In extreme cases, existing loans may be impacted.</i>"</p>
<p>What's wrong with that statement ? Sounds pretty reasonable to
me.<br>
Why do you wish to reduce substantially the roles of the RIRs and
pass them to private companies ?</p>
<p>It also defines Conservation as: "<i>Fair distribution of
globally unique Internet address space according to the
operational needs of the end-users and Internet Service
Providers operating networks using this address space.
Prevention of stockpiling in order to maximize the lifetime of
the Internet address space.</i>"</p>
<p>What is wrong with that statement ? Sounds also pretty
reasonable.<br>
Or do you think that only assigning resources to those who can pay
more will be the best and more fair way to maximize the lifetime
of the Internet address space version 4 to those who really need
them to get connected ?<br>
RIRs have been the ones who check these operational needs
impartially (with no economic interests in mind) and according to
the current policies. Why remove it from them and pass to private
companies to do ?<br>
</p>
<blockquote type="cite">
<pre class="gmail-m_4628345583212804105moz-quote-pre">Second is the point that one of the business cases for leasing is for spamming. This is something to consider, but I would like for you to put yourself into the position of a Lessor. The Lessor knows his blocks will lose value if they are blacklisted, so they take steps to mitigate this. For example, one notable lessor charges a $20 fee for every abuse complaint on a leased block. The Lessee pays the $20 fee and most of it is paid to the Lessor as compensation. This disincentivizes spamming on leased blocks. A Lessor who gets tricked into leasing to a spammer will find his block devalued significantly. He can get it delisted one, maybe twice if he can spin a good story. After that, no more for that owner. So the owners have penalties and usage terms built into the lease contract, or they get prepayment for many months in advance, or they lease large blocks which are not appealing to spammers. The point is this is a valid argument against changing policy to support leasing, but the problems are long-known and the market has applied corrections. On the other hand, spammers like to hijack too, and having the ability to define a hijack as being non-compliant with a lease policy will enable ARIN to pressure the address holder for a policy violation if pressure from that side helps.</pre>
</blockquote>
This is more a point of view one how the things happen in practice
or should happen and I personally don't agree with that in full.<br>
<blockquote type="cite">
<pre class="gmail-m_4628345583212804105moz-quote-pre">Regards,
Mike
-----Original Message-----
From: ARIN-PPML <a class="gmail-m_4628345583212804105moz-txt-link-rfc2396E" href="mailto:arin-ppml-bounces@arin.net" target="_blank"><arin-ppml-bounces@arin.net></a> On Behalf Of Fernando Frediani
Sent: Monday, September 30, 2019 4:36 PM
To: <a class="gmail-m_4628345583212804105moz-txt-link-abbreviated" href="mailto:arin-ppml@arin.net" target="_blank">arin-ppml@arin.net</a>
Subject: Re: [arin-ppml] Draft Policy ARIN-2019-18: LIR/ISP Re-Assignment to Non-Connected Networks
On 30/09/2019 15:36, <a class="gmail-m_4628345583212804105moz-txt-link-abbreviated" href="mailto:hostmaster@uneedus.com" target="_blank">hostmaster@uneedus.com</a> wrote:
</pre>
<blockquote type="cite">
<pre class="gmail-m_4628345583212804105moz-quote-pre">Currently, the ability to obtain IPv4 resources is constrained by the
requirement to prove to ARIN that you need the addresses for your
operational use in a network, which will be claimed to be no unneeded
once the "operational use" requirement is gone, leaving ARIN to be
nothing more than a registration operation.
</pre>
</blockquote>
<pre class="gmail-m_4628345583212804105moz-quote-pre">Excellent point raised. Couldn't agree more !
</pre>
<blockquote type="cite">
<pre class="gmail-m_4628345583212804105moz-quote-pre">While this is claimed to reduce one problem with leasing IPv4
addresses (lack of registration and associated abuse contacts) it
causes other issues. Often network abusers lease addresses for abuse,
dumping them and leasing others when they get blacklisted.
</pre>
</blockquote>
<pre class="gmail-m_4628345583212804105moz-quote-pre">And this too. Actually this is a well known issue.
</pre>
<blockquote type="cite">
<pre class="gmail-m_4628345583212804105moz-quote-pre">
On Mon, 30 Sep 2019, Mike Burns wrote:
</pre>
<blockquote type="cite">
<pre class="gmail-m_4628345583212804105moz-quote-pre">Hi Fernando,
You said “RIR is and has always been the one who drives the resources
to be efficientlly assigned by analysing justifications not private
transfer companies. If an organization is not using resouces
efficiently it either may change its resource assignment strategy
otherwise it doesn't justify for those addresses anymore and should
return them back to the RIR.”
There is no policy in ARIN to return un-needed space. IPv4 resource
holders own something of value, which is what economists call an
“alienable asset”. It is possible for such resource holders to
return such space to ARIN, but you don’t have to be an economist to
understand why they don’t and haven’t for the most part.
Your method has been tried, and it was really a good try. The effort
was decades-long, yet recognized a failure by the clear evidence of
the routing table.
So much space allocated, yet not routed. Not enough to be explained
away by internal use; this is unconvincing. No, the space sat on the
sidelines, it was not returned to ARIN. Until the market provided the
missing incentive to action, and that action is also quite visible in
the routing table and transfer logs. The profit incentive, the draw
of lucre, the absurd effect of price have led to an increase in the
efficient use of the IPv4 address universe. Geoff Huston did a good
analysis of the source of transferred addresses and showed the market
brought many never-routed addresses into efficient use.
<a class="gmail-m_4628345583212804105moz-txt-link-freetext" href="https://blog.apnic.net/2017/01/09/studying-ipv4-transfer-market-repor" target="_blank">https://blog.apnic.net/2017/01/09/studying-ipv4-transfer-market-repor</a>
ted-transfers/
You also said “It is pretty reasonable to think that in no RIRs you
are able justify more IP space by saying ‘I need these addresses in
order to lease them to someone else’. If that is never a possible
justification that can be used therefore leases don't make any
sense.”
Anybody can indeed purchase RIPE addresses via transfer solely for
the purpose of leasing them out. That is because RIPE does not have a
needs justification for transfers (nor policy forbidding leasing).
And that is because, in my opinion, the RIPE community realized that
their intrinsic role of conservation would now be undertaken by
market forces. These can be relied upon to bring un- and
under-utilized addresses to their “highest and best use”, again as
economists say.
But you do bring up the relevant question in the context of this ARIN
policy proposal, which is whether leasing to a “connected” customer
is all that different from leasing to a “non-connected” customer when
it comes to justifications. In the first case, the ISP normally
registers the assignment of this block to his customer in Whois and
can use it as justification. In the second there is no such
registration requirement and the lease can’t be used as a
justification. To me this is a problem, and I think there is a
solution.
Conservation and Registration are our lodestars. In this case pricing
will handle conservation, but what about registration? What about
when pricing drives Conservation at the expense of Registration? I
am on record as supporting the RIPE model, which allows for lessors
to purchase lease inventory, with registered transfers, and also
allows them to record leases as assignments that include access to
important contact information.
The simple and straightforward answer here is to end the needs-test
for transfers. RIPE has shown us the way, taken the “risk” and now we
can look at years’
and thousands of transfers’ worth of data. Anybody see any problems
resulting from the dropping of the needs test in RIPE?
Absent dropping the needs test for transfers, the logical step in the
context of this policy allowing leasing, is to allow certain leases
to be used for justifications while at the same time providing policy
requiring registration (SWIP) and documentation (Letter Of Agency).
It’s my opinion that this carrot and stick approach will induce
Lessors to properly register their leases while also providing a
clear demarcation of leasing versus hijacking that will empower our
community and potentially law enforcement. You want to purchase
addresses because you think you can make money in their rental? Fine,
show us that you are efficiently using your prior allocations and
properly registering assignments.
There should be no difference in the way we treat those who assign to
“non-connected” or “connected” networks. ARIN calls a VPN a
connection. Times have moved on, and any two networks can be easily
“connected” for the purposes of policy-compliance only. So why trade
the lack of insight into IPv4 block contact information for the
maintenance of this fig-leaf?
Regards,
Mike Burns
From: ARIN-PPML <a class="gmail-m_4628345583212804105moz-txt-link-rfc2396E" href="mailto:arin-ppml-bounces@arin.net" target="_blank"><arin-ppml-bounces@arin.net></a> On Behalf Of Fernando
Frediani
Sent: Saturday, September 28, 2019 7:20 PM
To: arin-ppml <a class="gmail-m_4628345583212804105moz-txt-link-rfc2396E" href="mailto:arin-ppml@arin.net" target="_blank"><arin-ppml@arin.net></a>
Subject: Re: [arin-ppml] Draft Policy ARIN-2019-18: LIR/ISP
Re-Assignment to Non-Connected Networks
I strongly oppose this proposal.
Leasing of IP addresses in such way should never be permmited and is
a distortion of the way IP addresses must be used by organizations.
The main reason is simple: if an organization is "leasing" IP address
it is a clear sign that the organization does not have usage for that
IP space and as it doesn't justify anymore it should therefore return
them back to the RIR in order to be re-assigned to those who really
have a need for it, via waiting list or other methods covered by the
policies.
It is pretty reasonable to think that in no RIRs you are able justify
more IP space by saying "I need these addresses in order to lease
them to someone else".
If that is never a possible justification that can be used therefore
leases don't make any sense.
If an organization needs further IP space for a temporary project it
may just get from the LIR or ISP but if that is not possible and the
organization is an Autonomous System it can just go to market and get
it transfered permanentlly.
Either from the RIR or transfered via market addresses must be
justified and leases are nothing but unused address by who is willing
to lease.
The justification given to allow organizations to facilitate
transition to IPv6 does not apply at all as organizations can go
directlly to the RIR for that (4.10). Why would it get via a lease
bypassing the RIR ?
By allowing leases it is just skipping the RIR's function to fairly
re-distribute them and passing it private companies with financial
interests.
I think 8.5.2 is already properly written and doesn't require any
change.
Also Non-Connected Networks is not properly defined.
Regarding the point about Conservation to be done through market
pricing I will skip to comment such absurd thing.
Regards
Fernando
On Tue, 24 Sep 2019, 17:41 ARIN, <a class="gmail-m_4628345583212804105moz-txt-link-rfc2396E" href="mailto:info@arin.net" target="_blank"><info@arin.net></a> wrote:
On 19 September 2019, the ARIN Advisory Council (AC) accepted
"ARIN-prop-277: LIR/ISP Re-Assignment to Non-Connected
Networks" as a
Draft Policy.
Draft Policy ARIN-2019-18 is below and can be found at:
<a class="gmail-m_4628345583212804105moz-txt-link-freetext" href="https://www.arin.net/participate/policy/drafts/2019_18/" target="_blank">https://www.arin.net/participate/policy/drafts/2019_18/</a>
You are encouraged to discuss all Draft Policies on PPML. The
AC will
evaluate the discussion in order to assess the conformance of
this draft
policy with ARIN's Principles of Internet number resource
policy as
stated in the Policy Development Process (PDP). Specifically,
these
principles are:
* Enabling Fair and Impartial Number Resource Administration
* Technically Sound
* Supported by the Community
The PDP can be found at:
<a class="gmail-m_4628345583212804105moz-txt-link-freetext" href="https://www.arin.net/participate/policy/pdp/" target="_blank">https://www.arin.net/participate/policy/pdp/</a>
Draft Policies and Proposals under discussion can be found at:
<a class="gmail-m_4628345583212804105moz-txt-link-freetext" href="https://www.arin.net/participate/policy/drafts/" target="_blank">https://www.arin.net/participate/policy/drafts/</a>
Regards,
Sean Hopkins
Policy Analyst
American Registry for Internet Numbers (ARIN)
Draft Policy ARIN-2019-18: LIR/ISP Re-Assignment to
Non-Connected Networks
Problem Statement:
Businesses have a need to lease IPv4 space for limited periods
of time,
as evidenced by a robust (technically prohibited) subleasing
market. The
lack of legitimization of the subleasing market hinders
innovation,
research, reporting, and the development of rules/industry best
practices to ensure identifiability and contactability.
Policy statement:
ORIGINAL POLICY LANGUAGE
2.4. Local Internet Registry (LIR)
A Local Internet Registry (LIR) is an IR that primarily assigns
address
space to the users of the network services that it provides.
LIRs are
generally Internet Service Providers (ISPs), whose customers
are
primarily end users and possibly other ISPs.
PROPOSED POLICY LANGUAGE
A Local Internet Registry (LIR) is an IR that primarily assigns
address
space to the users of the network services that it provides.
LIRs are
generally Internet Service Providers (ISPs), whose customers
are
primarily end users and possibly other ISPs.
LIRs may also assign address space to other organizations or
customers
that request it for use in an operational network.
ORIGINAL POLICY LANGUAGE
8.5.2 Operational Use
ARIN allocates or assigns number resources to organizations via
transfer
solely for the purpose of use on an operational network.
PROPOSED POLICY LANGUAGE
Option 1 : Remove 8.5.2 entirely
Option 2 : Edit as follows
8.5.2 Operational Use
ARIN allocates or assigns number resources to organizations via
transfer
solely primarily for the purpose of use on an operational
network, but
may allocate or assign number resources to organizations for
other
purposes, including re-assignment to non-connected networks .
Comments:
Timetable for implementation: Immediate
Anything Else:
The legitimization of a subleasing market for IPv4 has numerous
business
and community benefits, including (but not limited to):
- Allowing organizations to efficiently utilize IPv4 space
without
transferring space permanently;
- Allowing organizations to obtain IPv4 space for a limited
time in
order to facilitate transition to IPv6;
- Allowing organizations to develop enforceable acceptable use
policies
in a previously lawless illegitimate space;
- Allowing the community to develop reporting and recording
standards
and/or best practices to the benefit of preserving the
integrity of IPv4
address space.
- We would like to engage further with the ARIN community to
discuss the
current state of the unauthorized subleasing market, and how
this
proposed policy change would both update ARIN policies to
reflect the
reality of the subleasing market, and positively address
business and
community concerns.
_______________________________________________
ARIN-PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List (<a class="gmail-m_4628345583212804105moz-txt-link-abbreviated" href="mailto:ARIN-PPML@arin.net" target="_blank">ARIN-PPML@arin.net</a>).
Unsubscribe or manage your mailing list subscription at:
<a class="gmail-m_4628345583212804105moz-txt-link-freetext" href="https://lists.arin.net/mailman/listinfo/arin-ppml" target="_blank">https://lists.arin.net/mailman/listinfo/arin-ppml</a>
Please contact <a class="gmail-m_4628345583212804105moz-txt-link-abbreviated" href="mailto:info@arin.net" target="_blank">info@arin.net</a> if you experience any issues.
</pre>
</blockquote>
</blockquote>
<pre class="gmail-m_4628345583212804105moz-quote-pre">_______________________________________________
ARIN-PPML
You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (<a class="gmail-m_4628345583212804105moz-txt-link-abbreviated" href="mailto:ARIN-PPML@arin.net" target="_blank">ARIN-PPML@arin.net</a>).
Unsubscribe or manage your mailing list subscription at:
<a class="gmail-m_4628345583212804105moz-txt-link-freetext" href="https://lists.arin.net/mailman/listinfo/arin-ppml" target="_blank">https://lists.arin.net/mailman/listinfo/arin-ppml</a>
Please contact <a class="gmail-m_4628345583212804105moz-txt-link-abbreviated" href="mailto:info@arin.net" target="_blank">info@arin.net</a> if you experience any issues.
</pre>
</blockquote>
</div>
_______________________________________________<br>
ARIN-PPML<br>
You are receiving this message because you are subscribed to<br>
the ARIN Public Policy Mailing List (<a href="mailto:ARIN-PPML@arin.net" target="_blank">ARIN-PPML@arin.net</a>).<br>
Unsubscribe or manage your mailing list subscription at:<br>
<a href="https://lists.arin.net/mailman/listinfo/arin-ppml" rel="noreferrer" target="_blank">https://lists.arin.net/mailman/listinfo/arin-ppml</a><br>
Please contact <a href="mailto:info@arin.net" target="_blank">info@arin.net</a> if you experience any issues.<br>
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail_signature">===============================================<br>David Farmer <a href="mailto:Email%3Afarmer@umn.edu" target="_blank">Email:farmer@umn.edu</a><br>Networking & Telecommunication Services<br>Office of Information Technology<br>University of Minnesota <br>2218 University Ave SE Phone: 612-626-0815<br>Minneapolis, MN 55414-3029 Cell: 612-812-9952<br>=============================================== </div>