A wild stab at the numbers

Howard C. Berkowitz hcb at clark.net
Mon Jan 20 15:38:55 EST 1997


I have a sense it might be a good idea to respond fairly quickly to this;
I'm beginning to think flamers come out in strength when the moon rises
(yes David, I know, it's already tomorrow where you are, and I'm being
US-centric...)

>To: satchell at accutek.com (Stephen Satchell)
>cc: NAIPR at LISTS.INTERNIC.NET, davidc at apnic.net
>Subject: Re: A wild stab at the numbers
>Date: Mon, 20 Jan 1997 20:02:30 +0900
>From: "David R. Conrad" <davidc at apnic.net>

>
>Stephen,
>
>I want to publicly express my gratitude for you actually coming up
>with numbers, as made of straw as they might be.  They are extremely
>useful in that they provide a starting point for discussions.

I will echo David's gratitude.  This is an excellent start to a process
that I believe is needed both to validate the proposal, and to gain
consensus.

I was the first technical employee at the Corporation for Open Systems, and
was involved with planning and setting up its physical plant, as well as a
wide range of secretariat activities.  Regardless of what one thinks of OSI
(it makes me feel old when people now ask me "what's that?"), some of our
practical experience may be relevant here.  Some of our experience is very
relevant in how _not_ to deal with the owning members and the technical
public.  Many of the membership issues are not appropriate to this note,
but the idea of reasonable budgets are.  COS had ridiculously expensive
quarters and other "image" things that hurt its credibility.  Utility was
often sacrificed to image.

Again, I am far less concerned with the numerical values of line items as
identifying what the line items are, and what missions they support.

>
>A couple of points, however:
>
>>First off, in looking at the original proposal, I see that the *sole*
>>function of this registry is to allocate IP addresses to those who apply
>>for them,
>
>Almost -- registries allocate space to organizations which demonstrate
>need.  A very significant difference when it comes to computing
>staffing costs (see below).
>
>>Staff salaries:  you need two clerical types ($30K/year), director
>>($60K/year), policy co-ordinator ($40K/year), on-site repair and sysadmin
>>($60K/year), and a receptionist ($25K/year).  Multiply by three to cover
>>benefits, per-employee overhead, on-desk computers, building, physical
>>plant, parking, and the annual company picnic.  Total estimated:
>>$735K/year.  Budging $1000K/year allows for unforseen needs, as well as a
>>cushion for hiring consultants to deal with in-house problems.

I think physical plant needs to be examined further...see below.  As far as
desktop and plant requirements go in general, don't forget telecommuting
will be an option.  Telecommuting may in fact be a useful way to handle
time zone variations among the customer base.  There's probably practical
value to locating the new registry office relatively near the current
Internic, to ease transition, but I hate to see people on Pacific time
forced to live by Eastern hours. (I do mean here the Pacific Time Zone, as
opposed to the perception of time by Californians as opposed to those of us
in the Eastern Establishment *wink*)
>
>Nope.  In order to demonstrate need for IP addresses, you need
>technical staff capable of reading and understanding network
>engineering plans.  They must also understand the explanations
>provided to them by the requestors when they call up to explain why
>they need a /16 for 2000 hosts.

>Then there is AS number request
>justifications.

Not that ASN justifications are anywhere near the volume of address
allocations,
I must have missed them in the proposal.  Of course, they are logically
part of the process.

>
>Note, that people with this kind of knowledge are in quite high demand
>at this point in time.
>
>As an aside, the time necessary to understand a requestor's network in
>sufficient detail to justify allocation tends to be bimodal -- the
>clueful only take an hour or two, the aggressively clueless can take
>weeks (note that this is APNIC's experience, InterNIC's may be a bit
>less as there are less language issues that need to be dealt with).

First, I agree with David that you will need to have technical people
reviewing the requests.  It's entirely possible well-trained clerical
people will do some of the screening, or even software (with associated
development cost), but at some point a person with a good knowledge of
addressing and routing will need to become involved.

Depending, of course, on going salaries wherever the registry is placed,
such a person will run more than that.  In the DC area, I'd start at $60K
(not including benefits) and go up from there.

A technical director will run higher.

I'm not clear what the policy coordinator would do, or what his/her
qualifications need to be.  Stephen, could you elaborate?

Before we estimate how many people are needed to handle requests, whether
technical (of varying levels, we need a better understanding of the volume
of requests and the level of effort required to handle them.  I agree that
there will be at least a bimodal distribution of processing effort.
>
>Currently, I believe InterNIC has something like 10 full time staff
>handling request reviews (Kim will correct me if I'm wrong).  RIPE-NCC
>is approximately similar.  APNIC has 2 staff who do the reviews, but
>we're dying for additional staff and our load is an order of magnitude
>less than InterNICs and RIPE-NCC.
>
>And please, before people start screaming that the registries should
>not to do these reviews, I am talking about CURRENT registry policies
>as defined in RFC 2050.  If you'd like to modify those policies,
>please take it to the Policy And Guidelines for Allocation of Network
>numbers mailing list, pagan at apnic.net (to subscribe, send a message
>body of "subscribe" to pagan-request at apnic.net).
>
>>Computers:  you will need something fairly good-size for a Web and FTP
>>server so that people can get registry information.  Call it $50K every
>>five years, or $10K/year.

>
>Load on whois servers can be quite high -- Mark Kosters can provide
>details.  People whine very loudly when they can't reach the
>registration database.  Instead of a single big machine, you'll likely
>want an array of smaller machines so you can round robin load share
>over those machines.  Also helps availability.

>
>>Networking equipment:  I can't see the need for anything faster than three
>>T1 links
>>Connectivity:  Three T1s would eat up $108K/year in port costs, and some
>>amount for the actual physical links.  In my territory, you are talking
>>$72K/year.  Total is $180K/year.  Probably way too high.
>>
>>Office space [lease]:  incorporated into headcount expense.


The "production" servers are critical resources.  If they are colocated
with an IX, as proposed below, UPS, backed up HVAC, 24x7 staff, etc., will
presumably be there.  If they are at the main offices, raise the physical
plant costs to cover the high-availability requirements.  Also raise the
communications line cost to reflect needs for physical route diversity.
>
>Both APNIC and (I believe) RIPE-NCC have placed machines at Internet
>exchange points.  This has 3 advantages: a) bandwidth is generally not
>a concern, b) you don't run the risk of "gives us more addresses or
>we'll cut you off", and c) people won't say "we're better than ISP x
>because we're providing Internet services to a regional registry".  Of
>course, the registry has to be able to negotiate peering and transit
>agreements as necessary.

I tend to agree with IX placement for the "production servers."
Informational web servers might be handled differently.  Of course, the
registry will need connectivity to the production servers, and to the
Internet in general.

Security is a consideration, given the criticality of the function.  It's
not a question of if crackers will try to attack the servers, it's a
question of when, how frequently, and how hard.  There will need to be
firewalls, authentication servers, etc.

>
>Housing at an IX plus peering/transit fees can be significantly higher
>than your projected numbers.
>
>>Periodic meetings:  The usual cost for throwing a meeting ranges from $4K
>>to $9K, depending on how fancy you get.  This assumes five days, rooms for
>>the few staff that attend, some amenities, and the non-staff attendees pay
>>their own room costs.  This also incorporates some costs for printing and
>>copying contributions to the meetings.  If you assume quarterly
>>face-to-face meetings, the total to budget is $36K/year
>>
>>Trade show presence:  Small booths run roughly $15K to build -- and expect
>>to build a new one every year.  Transporting, setting up, tearing down, and
>>returning the booth to storage is around $1K/show.  Labor and amenities
>>(power and net connection) associated with the booth should be no more than
>>$7K per show.  Assuming the organization exhibits at three trade shows a
>>year, that's $39K/year.

I'm not sure of the reason to have trade show booth presence.  Just as it
has been suggested snail mail should be minimized, I wonder if web presence
is adequate for "user" contact, coupled with visibility at, and
participation in,  technical conferences.

>
>Not sure how valuable trade show presence is, however it has proven to
>be important that the registries attend technical conferences and
>meetings of ISPs (e.g., IETFs, IEPGs, NANOGs, EOFs, etc).  These
>probably balance out.
>
>>Copying, Mailings:  While I can make a strong case that this organization
>>should *never* mail a document, the truth is that ballots and such may need
>>to be mailed, and once you start snail-mailing ballots you might as well do
>>it right.
>
>Don't forget billing expenses.
>
>>Loan costs:  priced correctly, there is no way that you can get enough
>>grants to fund this thing totally.  Assume you will need to borrow $1.5
>>million to start, and you can get this for 12 percent (secured loan).  That
>>means your debt service will be at most $180K/year.  This is a good place
>>to look to cover with revenue from "first-time fees."
>
>Shouldn't be necessary -- NSI is providing funding backstop while ARIN
>becomes established.
>
>>Remember, I calculated the
>>out-of-pocket cost for a member is in the close order of $100;
>
>Depends very much on the number of members -- this is one of the
>unknowns.
>
>>Now let's talk about grandfathering existing allocations.  Let's say you
>>have 3000 existing top-level customers of address space.
>
>I suspect this would be a bit controversial.
>
>Again, thanks for providing the numbers -- they provide very good
>input for useful discussions.
>

Seconded.

Disclaimer, Hopefully with Useful Content
-----------------------------------------
Let me issue a disclaimer here, on a topic that is I think also relevant to
the discussion. I am a direct employee of a Cisco Training Partner, and
hold Cisco stock in my retirement account (as well as Ascend).  We do
training for other internetworking vendors including Digital and Motorola.
I also develop advanced courses that we offer commercially, such as OSPF
and BGP.

As an individual, I am working on a textbook for CiscoPress (the joint
venture between Cisco and MacMillan), on which I hope to go to contract
this week, with a goal of publication this summer.

A significant thrust of this textbook is to educate people in how to
prepare a clueful address request.  David's comment "As an aside, the time
necessary to understand a requestor's network in sufficient detail to
justify allocation tends to be bimodal -- the clueful only take an hour or
two, the aggressively clueless can take weeks (note that this is APNIC's
experience, InterNIC's may be a bit less as there are less language issues
that need to be dealt with)." is just the sort of thing I am trying to deal
with.  In the process of developing my text, I had planned to solicit
comments from registry staffs.

I'm interested in registry experience with the clueless, as it is a portion
of those to which the book is aimed.  I recognize certain segments of the
clueless are beyond engineering education, and simply need adult
supervision.

So, I have a financial interest in understanding registry needs.  At the
same time, it is also in my interest to help make those needs clear.


Thoughts?

Howard Berkowitz
PSC International, a Cisco Training Partner
  (To the best of my knowledge, my immediate boss doesn't know what address
allocation is, and is a sufficiently reasonable human being as not to have
an opinion on it without understanding it).

Telecommuting office (703)998-5819, fax (703)998-5058, home (703)998-5017



More information about the Naipr mailing list