<div dir="ltr">Doug,<div><br></div><div>The current FL-IX space was requested in September 2014 (prior to run-out.) The peering LAN /24 appears on the "Micro-allocations for Internet Exchange Points" list at <a href="https://www.arin.net/reference/research/statistics/microallocations/">https://www.arin.net/reference/research/statistics/microallocations/</a> The infrastructure /24 does not. Both the CIX-ATL /24s are IXP allocations. A newly assigned /23 which we'll use to renumber FL-IX is within the /16 mentioned on the page but itself does not yet appear.</div><div><br></div><div>The FL-IX /24 is >75% utilized. Prior to the assignment of the /23, we were challenged about the routing of the existing /24s. As you can see from the other responses, our long-standing use is consistent with the need and there is no reasonable alternative. Fortunately, we were able to obtain the /23, but under a different interpretation, a 158-member non-profit IXP wouldn't be able to expand with ARIN space, which I don't think would have been an outcome consistent with the intent of the critical infrastructure policy.</div><div><br></div><div>As mentioned by Bill, other IXPs in the ARIN region will also face a renumbering need soon, so the question about appropriate use of existing assignments is timely.</div><div><br></div><div>Regards,</div><div>Ryan Woolley</div><div>Community IX</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Apr 19, 2024 at 8:23 AM Douglas Camin <<a href="mailto:doug@dougcamin.com">doug@dougcamin.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div class="msg7938982225355440178">
<div lang="EN-US" style="overflow-wrap: break-word;">
<div class="m_7938982225355440178WordSection1">
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif">Ryan –
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif">Thanks so much for surfacing this discussion on PPML.
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif">Reading through the responses from everyone, I think it’s clear there are use cases for IXPs to reasonably need a block of routable space for administrative purposes, particularly
independent ones where there is no guaranteed sponsor pool to pull from. Ryan – did your IXP use a 4.4 allocation for the administrative prefix, or pull that from elsewhere?<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif">I think a follow up question, from a policy perspective, would be: The policy (4.4) as written defines several critical infrastructure categories, but does not create a boundary
for what services can run on those allocations. Does this create an avenue for abuse of this pool?<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif">I think the example already shared of using this as a fast way to get v4 space to use as a CDN node seems like a good one – there may be a use case for it to exist on the member
network, but using that IP for access for the Internet at large would appear (to me) to be in violation of the spirit of the policy and the reason for the allocation.
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif">In the current setup, ARIN staff is almost certainly having to make interpretations and judgement calls, which leads to the additional question – does the community want more
than that?<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif">Thank you –
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif">Doug<u></u><u></u></span></p>
<div>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:black"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:black"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:black">--<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:black">Douglas J. Camin<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:black">ARIN Advisory Council</span><span style="font-size:11pt;font-family:Calibri,sans-serif"><u></u><u></u></span></p>
</div>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:black"><a href="mailto:doug@dougcamin.com" target="_blank">doug@dougcamin.com</a></span><span style="font-size:11pt;font-family:Calibri,sans-serif"><u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif"><u></u> <u></u></span></p>
<div id="m_7938982225355440178mail-editor-reference-message-container">
<div>
<div style="border-right:none;border-bottom:none;border-left:none;border-top:1pt solid rgb(181,196,223);padding:3pt 0in 0in">
<p class="MsoNormal" style="margin-bottom:12pt"><b><span style="color:black">From:
</span></b><span style="color:black">ARIN-PPML <<a href="mailto:arin-ppml-bounces@arin.net" target="_blank">arin-ppml-bounces@arin.net</a>> on behalf of Ryan Woolley <<a href="mailto:rwoolley@communityix.org" target="_blank">rwoolley@communityix.org</a>><br>
<b>Date: </b>Thursday, April 18, 2024 at 6:44</span><span style="font-family:Arial,sans-serif;color:black"> </span><span style="color:black">PM<br>
<b>To: </b><a href="mailto:arin-ppml@arin.net" target="_blank">arin-ppml@arin.net</a> <<a href="mailto:arin-ppml@arin.net" target="_blank">arin-ppml@arin.net</a>><br>
<b>Subject: </b>[arin-ppml] Feedback on ARIN 53 question on micro-allocations for IXPs<u></u><u></u></span></p>
</div>
<div>
<p class="MsoNormal">At ARIN 53, John Sweeting asked for clarification from the community on whether an internet exchange needs IP space beyond that used for the switching fabric, and whether IP allocations made to an IXP operator may need to be routable.
Additionally, John shared a suggestion that the historical basis for maintaining a pool specific to IXPs was to enable the building of filters to prevent those addresses from being globally routable.<br>
<br>
Community IX operates two IXPs, FL-IX in south Florida and CIX-ATL in Atlanta. FL-IX was founded in 2015 and now connects 158 member networks. CIX-ATL began operations in 2019 and currently connects 66 member networks.<br>
<br>
Both IXPs have been assigned IP address space from ARIN. Each IXP uses one prefix for the member LAN, which is not announced outside of our members’ networks, and a second, routed, prefix for the IXP infrastructure.<br>
<br>
The routed prefix supports operations critical to the operation of the exchange. Our member portal, network management systems, and equipment loopback addresses are, by need and design, addressed in routable IP space. For example, route servers build filters
based on ROAs and IRR databases, and configurations are replicated off-site.<br>
<br>
Unlike an IXP affiliated with an ISP or data center operator, we have no line of business which would enable us to borrow IP space from, for example, a pool maintained for allocation to IP transit customers. Our transit is provided as a donation by members,
who may come or go as their connectivity needs require, so we cannot reasonably use non-provider-independent IP space.<br>
<br>
On the second question of whether space reserved for IXP allocations should be unroutable as a feature, we have not, in our years of operation, encountered any issues with reachability for these allocations. If networks are building filters for this purpose,
our experience suggests that is not a common practice.<br>
<br>
IXPs do commonly have a desire to prevent their member LAN prefix from being routable. The current best practice is that this prefix is signed in RPKI with an origin ASN of zero (as described in RFC 6483), and Community IX does this for both our IXPs’ member
LANs. To the extent that filtering based on IP addressing may have been contemplated in the past, is it now obsoleted by RPKI.<br>
<br>
Regards,<br>
<br>
Ryan Woolley<br>
Community IX<u></u><u></u></p>
</div>
</div>
</div>
</div>
</div>
_______________________________________________<br>
ARIN-PPML<br>
You are receiving this message because you are subscribed to<br>
the ARIN Public Policy Mailing List (<a href="mailto:ARIN-PPML@arin.net" target="_blank">ARIN-PPML@arin.net</a>).<br>
Unsubscribe or manage your mailing list subscription at:<br>
<a href="https://lists.arin.net/mailman/listinfo/arin-ppml" rel="noreferrer" target="_blank">https://lists.arin.net/mailman/listinfo/arin-ppml</a><br>
Please contact <a href="mailto:info@arin.net" target="_blank">info@arin.net</a> if you experience any issues.<br>
</div></blockquote></div>