View
214
Download
1
Tags:
Embed Size (px)
Citation preview
Boston, MA8 June 2011
ISOC presents: World IPv6 Day
3 of 23
Today Google, Facebook, Yahoo!, Akamai and Limelight Networks will be amongst some of the major organisations offering their content over IPv6 for a 24-hour “test flight”. The goal is to motivate organizations across the industry – Internet service providers, hardware makers, operating system vendors and web companies – to prepare their services for IPv6 to ensure a successful transition as IPv4 addresses run out.
Susan HamlinDirector, Communications and Member Services
Internet Governance
6 of 23
7 of 23
8 of 23
9 of 23
10 of 23
Number Resource Provisioning HierarchyICANN / IANA
(Internet Assigned Numbers Authority)Manage global unallocated IP address
pool
ISPs
End UsersISPs
RIRs(AfriNIC, APNIC, ARIN, LACNIC, RIPE NCC)
Manage regional unallocated IP address pool
Re-Allocate Re-Assign
End Users
Allocate
AssignAllocate
Susan HamlinDirector, Communications and Member Services
ARIN History & Overview
1993
IR function contracted by NSF to NSI; InterNIC, APNIC formed. DoD oversight ends.
Registrant
1992
RFC 1366: Regional IRs established; RIPE NCC formed
Registrant
1991
RFC 1261: DoD IR function contract moved to Network Solutions, Inc.
Registrant
1980s
Internet Registry (IR) function contracted by DoD to SRI International
Registrant
1980s
NSFNET/ARPANET - Jon Postel managed addressing via DoD contract;this was called the Internet Assigned Numbers Authority (IANA)
Registrant
Governm
ent Oversight
Historical Timeline
DDN NIC
DDN NIC
DDN NIC
InterNIC
Historical Timeline
2005 Regionalization complete; AfriNIC formed
Registrant
2002 Regionalization continues; LACNIC formed
Registrant
1998 ICANN formed
Registrant
1997 IR regionalization completed; ARIN formed. USG oversight of IR function ends.
Registrant
Comm
unity Oversight
Regional Internet Registries
The NRO exists to protect the unallocated number resource pool, to promote and protect the bottom-up policy development process, and to act as a focal point for Internet community input intothe RIR system.
Number Resource Organization
NonprofitMembership Organization
Community-regulated
• Fee for services, not number resources
• 100% community funded
• Open
• Broad-based - Private sector - Public sector - Civil society
• Community developed policies
• Member-elected executive board
• Open and transparent
RIR Structure
Number Resources
OrganizationPolicy Development
• IP address allocation & assignment
• ASN assignment• Directory
services• WHOIS• IRR
• Reverse DNS
• Elections
• Meetings
• Information dissemination
• Website• Newsletters• Roundtables
• Training
• Maintain email discussion lists
• Conduct public policy meetings
• Publish policy documents
RIR Services
About ARIN
• One of five Regional Internet Registries
• Services 25 Economies in the Caribbean and North America
• Nonprofit corporation based in Chantilly, VA
• Established December 1997
• 100% community funded
• Applying the principles of stewardship, ARIN, a nonprofit corporation:
– allocates Internet Protocol resources;
– develops consensus-based policies; and
– facilitates the advancement of the Internet through information and educational outreach.
ARIN’s Mission
ARIN’s Service Region
ARIN’s region includesCanada, many Caribbean and North Atlantic islands, and the United States.
ARIN’s Services• Like the other RIRs, ARIN:
– Allocates and assigns Internet number resources
– Maintains WHOIS, in-addr.arpa, and other community services
– Participates in the global Internet community
– Facilitates policy development– Is a nonprofit, membership organization
Organization Chart
24 of 23
Registration Services
• Manage Internet number resources and related services
• Manage Directory Services (WHOIS & IRR)
Organization Services
Public Policy & Members Meetings
Executive Board Elections
Organization Services
Information publicationand dissemination
Education& Training
Outreach & Education Services
• Online education resources
• Event Presentations
• Exhibits (direct and reverse)
• Media interviews
Outreach & EducationMaterials
• Fact and information sheets (and CDs)
• Multimedia pieces
• Giveaways (pens, stickers, etc.)
• Slide decks
• Comic books
• More…
• TeamARIN Micrositehttp://TeamARIN.net– Event Calendar– Education– Blogs– Spread the word
• Public use slide deck• Materials support
request
• ARIN IPv6 wikihttp://getipv6.info
ARIN Resource Links
ARIN on Social Media
Facebook – www.facebook.com/TeamARIN
Twitter – www.twitter.com/TeamARIN
LinkedIn – www.linkedin.com
YouTube – www.youtube.com/TeamARIN
Q&A
Einar BohlinPolicy Analyst
The ARIN Policy Development Process
Overview
What is a PolicyThe Policy Development Process
– Origin– Principles– Process Steps
A Case Study and Examples
Number Resource PolicyManual (NRPM)
NRPM is ARIN’s policy document – Version 2011.2 (16 March 2011)– This is the 22nd version
Contains• Change Logs• Available as PDF• Index
https://www.arin.net/policy/nrpm.html
Policies in the NRPM• IPv4 Address Space• IPv6 Address Space• Autonomous System Numbers (ASNs)• Directory Services (WHOIS)• Reverse DNS (in-addr)• Transfers• Experimental Assignments• Resource Review Policy
Policy Development Process (PDP)
FlowchartProposal TemplateArchiveMovie
https://www.arin.net/policy/pdp.html
PDP Origin - Rough ConsensusThe foundation of the PDPRough consensus is a term used in consensus
decision-making to indicate the "sense of the group" concerning a particular matter under consideration.*
Note that 51% of the working group does not qualify as "rough consensus" and 99% is better than rough.*
(*from wikipedia.org)
Consensus Decision Making*(*from wikipedia.org)
PDP Versions
Current version is the 4th
First written version - April 2001Two revisions
Major overhaul - January 2009
The current PDP
Empowers the Advisory Council as a development body (balanced by expanded petitions)
Establishes goal = clear, technically sound and useful policy
Requires staff and legal assessments and freezes text prior to Public Policy Meetings
Process PrinciplesOpen Forum - Anyone can participate
Public Policy Mailing ListPublic Policy Meetings
TransparentPDP documentedPolicies documentedMeetings documented
Bottom UpARIN staff does not create policy, we apply it
PDP RolesCommunity
Submit proposals! If there is a problem, raise it Comment on proposals (in favor or not?)Participate in Petitions
Advisory Council “AC” (elected volunteers)Write the policy text to ensure that it is
clear, technically sound and usefulDetermine Consensus
Roles cont.
ARIN “Board” (elected volunteers)Provide process oversightProvide corporate fiduciary oversight
ARIN Staff Provide feedback
• Clarity and Understanding • Staff Assessments
Implement Policy
Basic Steps1. Community member submits a proposal2. Community discusses the proposal on the “List”3. AC creates a draft policy or abandons the
proposal4. Community discusses the draft policy on the
“List” and at the meeting5. AC conducts its consensus review6. Community performs last call7. Board adopts8. Staff implements
Petitions
Anyone dissatisfied with a decision by the AC can petition to keep the proposal moving forward
1. Petition to bring proposal to list and meeting 4 successful*6 unsuccessful
2. Last call petition (to send to Board) 1 – unsuccessful
*3 ultimately abandoned, 1 adopted
Public Policy Mailing ListOpen to anyoneEasy to subscribe to Contains: ideas, proposals, draft policies, last calls,
announcements of adoption and implementation, and petitions
ArchivesRSS available for ARIN only posts
https://www.arin.net/participate/mailing_lists/index.html
The ARIN Website
How to participate and not be overwhelmed?
The AC meets monthlyFront page links to proposals and draft policies under
discussionNew proposals need feedback for the AC’s initial
decisionWeb site will help you focus on what’s important to
you and your company
ARIN Meetings
Two meetings a year
Check the ARIN Public Policy Meeting site 4-6 weeks prior to meeting
Proposals/Draft Policies on AgendaDiscussion Guide (summaries and text)Attend in Person/Remote
AC meeting last dayWatch list for AC’s decisionsLast Calls – For or against?
Policy Participation• No requirements, other than email and willingness to
involve yourself.
You must be a member to• Vote for AC and Board• Nominate for those positions (membership not required to
run)
https://www.arin.net/participate/elections/index.html
Total Draft Policies
Active current drafts – 2 (plus 4 awaiting ARIN Board review)
Adopted – 61 (plus 2 more global policies awaiting ICANN Board review)
Abandoned – 50
Case Study: Policy 2008-5
2008-5 SummaryName: Dedicated IPv4 block to facilitate IPv6
Deployment (2008-5)Proposal: Reserve some IPv4 space (a /10), and
make it available to organizations that need some IPv4 space to deploy IPv6.
Rationale: “[This policy] will facilitate IPv6 deployment by ensuring that some small chunks of IPv4 space will remain available for a long time to ease the co-existence of IPv4 & IPv6.”
Policy 2008-5 HistoryProposal was submitted on June 2008.Draft policy text discussed on the list and at ARIN XXII
meeting (Oct 2008).The policy was sent to last call (Oct/Nov).Minor revision by the AC, reposted to last call Nov/Dec.Adopted by the Board 5 Jan 2009.Implemented 1 Apr 2009 (NRPM Section 4.10).
https://www.arin.net/policy/proposals/2008_5.html
Policy ExamplesAdopted
2010-12: IPv6 Subsequent Allocation2010-8: Rework of IPv6 assignment criteria2010-2: /24 End User Minimum Assignment Unit2010-1: Waiting List for Unmet IPv4 Requests (take
what’s available or wait)
Abandoned2010-13: Permitted Uses of space reserved
under NRPM 4.102010-7: Simplified IPv6 policy
References
Policy Development Processhttps://www.arin.net/policy/pdp.html
Draft Policies and Proposalshttps://www.arin.net/policy/proposals/index.html
Number Resource Policy Manualhttps://www.arin.net/policy/nrpm.html
Q&A
Draft Policies and Proposals: Changes to Number Policy
Einar BohlinPolicy Analyst
Draft Policies and Proposals
• 6 Active Draft Policies– 4 Awaiting Board Review– 2 Under Discussion
• 16 Policy Proposals
Draft Policies Awaiting Board Review• ARIN-2011-3: Better IPv6 Allocations for
ISPs– Nibble boundary allocations – IPv6 /36 to /12.
• ARIN-2011-4: Reserved Pool for Critical Infrastructure– IPv4 /16’s worth of space to be set aside for CI.
• ARIN-2011-5: Shared Transition Space for IPv4 Address Extension– Shared IPv4 /10 (eg. draft-shirasaki-nat444-03 ).
• ARIN-2011-6: Returned IPv4 Addresses– ARIN will quickly recycle address space in the ARIN
region.
Draft Policies Under Discussion• ARIN-2011-1: Globally Coordinated Transfer
Policy– Would allow transfers to/from ARIN region
• The RIRs must have compatible transfer policy• Need required (transfers are needs-based)
• ARIN-2011-7: Compliance Requirement– Primarily concerned with ensuring that ISPs
maintain accurate reassignment information• Enforcement via stopping reverse DNS services and
possibly revocation
Proposals• ARIN-prop-137 Global Policy for post
exhaustion IPv4 allocation mechanisms by the IANA– Instructs IANA to accept returned address space and
reissue that space to the RIRs (a 1/5th portion to each RIR every 6 months).
• ARIN-prop-140 Business Failure Clarification– Changes policy text from “organization that goes out
of business” to “organization that ceases to exist.”• ARIN-prop-141 Combined M&A and
Specified Transfers– Clarifies that organizations can perform both types
of transfers at roughly the same time.
Proposals cont. 1• ARIN-prop-144 Remove Single Aggregate
requirement from Specified Transfer– Removes “aggregate” language from the transfer
policy (opposite of prop-153).• ARIN-prop-146 Clarify Justified Need for
Transfers– Extends the 12-month supply period for address
space to all specified transfers.• ARIN-prop-147 Set Transfer Need to 24
months– Lengthens the supply period for specified
transfers to 24 months.
Proposals cont. 2• ARIN-prop-148 LRSA resources must not be
transferred to LRSA– Requires the RSA for specified transfers of address
space covered by an LRSA.
• ARIN-prop-149 Improved Transparency for Directed Transfers– Requires ARIN to publish a list of prefixes transferred
via the policy for transfers to specified recipients.
• ARIN-prop-151 Limiting needs requirements for IPv4 Transfers– Removes the needs-based evaluation from transfers
to specified recipients.
Proposals cont. 3• ARIN-prop-152 RSA Modification Limits
– Regards transfers and the RSA.
• ARIN-prop-153 Correct erroneous syntax in NRPM 8.3 – Would change the transfer policy so that only a
single aggregate could be transferred (opposite of prop 144).
Did any of those proposals possibly affect you?
• You have two ways to voice your opinion:– Public Policy Mailing List– Public Policy Meeting (in person or
remote)
References• Draft Policies & Proposals
– https://www.arin.net/policy/proposals/index.html
• ARIN Public Policy Mailing List– https://www.arin.net/participate/mailing_lists/index.html
Questions?
How and Why to Participate in the ARIN
Community
Learn More and Get InvolvedYour participation
Important, critical, needed, appreciated…
Get Involved in ARINPublic Policy Mailing ListARIN Suggestion and Consultation ProcessMember ElectionsAttend a Meeting
http://www.arin.net/participate/
74
ARIN Mailing Lists
75 of 23
https://www.arin.net/participate/mailing_lists/index.html
ARIN Announce - [email protected]
ARIN Discussion – [email protected]
ARIN Public Policy – [email protected]
ARIN Consultation – [email protected]
ARIN Issued – [email protected]
ARIN Technical Discussions - [email protected]
ARIN Consultation and Suggestion Process
• Open for business September 2006• As of 31 March 2011
– 14 community consultations• all closed • https://www.arin.net/participate/acsp/acsp_consultations.html
– 127 suggestions• 16 remain open• https://www.arin.net/participate/acsp/acsp_suggestions.html
Board of TrusteesAdvisory CouncilNRO Number Council
77 of 23
General Member Eligibility Date for 2011 Elections 1 January
Board, AC, and NRO Number Council Call for Nominations 25 July-24 August
Deadline to Establish Voter Eligibility 27 September
Board, AC, and NRO NC Final Slate of Candidates Announced 30 SeptemberElections 12 – 22 OctoberThree year terms begin 1 January
Next ARIN Meetings
• Remote participation
• Policy discussions
• Tutorials
• Social event
• Adjacent to NANOG
https://www.arin.net/participate/meetings
IPv4 Depletion
IPv6 Adoption
Quick History of the Internet Protocol• Internet Protocol version 4 (IPv4, or just “IP”)
– First developed for the original Internet (ARPANET) in spring 1978
– Deployed globally with growth of the Internet– Total of 4 billion IP addresses available– Well entrenched and used by every ISP and hosting company
to connect customers to the Internet– Allocated based on documented need
• Internet Protocol version 6 (IPv6)– Design started in 1993 when IETF forecasts showed IPv4
depletion between 2010 and 2017– Completed, tested, and available for production since 1999– Total of
340,282,366,920,938,463,463,374,607,431,768,211,456 IP addresses available
– Used and managed similar to IPv4
About IPv4 and IPv6IP version
IPv4 IPv6
Deployed 1981 1999
Address Size
32-bit number 128-bit number
Address Format
Dotted Decimal Notation: 192.0.2.76
Hexadecimal Notation: 2001:0DB8:0234:AB00:0123:4567:8901:ABCD
Number of Addresses
232 = 4,294,967,296 2128 = 340,282,366,920,938,463,463,374,607,431,768,211,456
Examples of Prefix Notation
192.0.2.0/2410/8
(a “/8” block = 1/256th of total IPv4 address space = 224 = 16,777,216 addresses)
2001:0DB8:0234::/48 2600:0000::/12
IPv4 Address Space Utilization
*as of 3 February 2011
IANA Available IPv4 Space in /8s
Number of ARIN IPv6 Allocations Issued to ISPs
Jan-09
Feb-09
Mar-09
Apr-09
May-09
Jun-09Jul-0
9
Aug-09
Sep-09
Oct-09
Nov-09
Dec-09
Jan-10
Feb-10
Mar-10
Apr-10
May-10
Jun-10Jul-1
0
Aug-10
Sep-10
Oct-10
Nov-10
Dec-10
Jan-11
Feb-11
Mar-11
Apr-11
0
10
20
30
40
50
60
70
80
90
100
Number of ARIN IPv6 Assignments Issued to End-users
Jan-09
Feb-09
Mar-09
Apr-09
May-09
Jun-09Jul-0
9
Aug-09
Sep-09
Oct-09
Nov-09
Dec-09
Jan-10
Feb-10
Mar-10
Apr-10
May-10
Jun-10Jul-1
0
Aug-10
Sep-10
Oct-10
Nov-10
Dec-10
Jan-11
Feb-11
Mar-11
Apr-11
0
10
20
30
40
50
60
70
ARIN Issued IPv4 Addresses (in /24s)
Jan-09
Feb-09
Mar-09
Apr-09
May-09
Jun-09Jul-0
9
Aug-09
Sep-09
Oct-09
Nov-09
Dec-09
Jan-10
Feb-10
Mar-10
Apr-10
May-10
Jun-10Jul-1
0
Aug-10
Sep-10
Oct-10
Nov-10
Dec-10
Jan-11
Feb-11
Mar-11
Apr-11
02000400060008000
10000120001400016000180002000022000240002600028000300003200034000360003800040000420004400046000480005000052000
IPv4 Requests Received by ARIN
Jan-09
Feb-09
Mar-09
Apr-09
May-09
Jun-09Jul-0
9
Aug-09
Sep-09
Oct-09
Nov-09
Dec-09
Jan-10
Feb-10
Mar-10
Apr-10
May-10
Jun-10Jul-1
0
Aug-10
Sep-10
Oct-10
Nov-10
Dec-10
Jan-11
Feb-11
Mar-11
Apr-11
0
100
200
300
Jan-09
Feb-09
Mar-09
Apr-09
May-09
Jun-09Jul-0
9
Aug-09
Sep-09
Oct-09
Nov-09
Dec-09
Jan-10
Feb-10
Mar-10
Apr-10
May-10
Jun-10Jul-1
0
Aug-10
Sep-10
Oct-10
Nov-10
Dec-10
Jan-11
Feb-11
Mar-11
Apr-11
0
50
100
150
200
250
IPv6 Requests Received by ARIN
IPv4 Depletion Situation Report
• Each RIR received its last /8 from IANA on 3 February 2011.
• The IANA free pool of IPv4 addresses has reached 0%.
• While each RIR currently has IPv4 addresses to allocate, it is impossible to predict when each RIR will run out.
• ARIN publishes an inventory of available IPv4 addresses, updated daily, at www.arin.net.
IPv4 & IPv6 - The Bottom Line• We’re running out of IPv4
address space.
• IPv6 must be adopted for continued Internet growth.
• IPv6 is not backwards compatible with IPv4.
• We must maintain IPv4 and IPv6 simultaneously for many years.
• IPv6 deployment has begun.
RIRs have been allocatingIPv6 address space since 1999.
Thousands of organizations havereceived an IPv6 allocation to date.
ARIN has IPv6 distribution policies for service providers, community networks,
and end-user organizations.
IPv6 Deployment has begun
IPv4 & IPv6 Coexistence
Today, the Internet is predominantly based on IPv4.
For the foreseeable future, the Internet must run both IP versions (IPv4 & IPv6) at the same time. (When done on a single device, this is called the “dual-stack” approach.)
Deployment is already underway: Today, there are organizations attempting to reach your mail, web, and application servers via IPv6...
Action Plans
What does this mean for:• Broadband Access Providers? • Internet Service Providers?• Internet Content Providers?• Enterprise Customers?• Equipment Vendors?• Government Organizations?
Call to ActionBroadband Access Providers
Your customers want access to the entire Internet, and this means IPv4 and IPv6 websites. Offering full access will require running IPv4/IPv6 transition services and is a significant engineering project.
Multiple transition technologies are available, and each provider needs to make its own architectural decisions.
Call to ActionInternet Service Providers
Plan out how to connect businesses via IPv6-only and IPv4/IPv6 in addition to IPv4-only.
Businesses are beginning to ask for IPv6 over their existing Internet connections and for their co-located servers.
Communicate with your peers and vendors about IPv6, and confirm their timelines for production IPv6 services.
Call to ActionInternet Content Providers
Content must be reachable to newer Internet customers.
Content served only via IPv4 will be accessed by IPv6 customers via transition solutions run by the access providers.
Plan on serving content via IPv6 in addition to IPv4 as soon as possible.
Call to Action Enterprise Customers
Mail, web, and application servers must be reachable via IPv6 in addition to IPv4.
Open a dialogue with your Internet Service Provider about providing IPv6 services.
Each organization must decide on timelines, and investment level will vary.
Call to ActionEquipment Vendors
There was probably limited demand for IPv6 in the past.
Demand for IPv6 support will become mandatory very, very quickly.
Introduce IPv6 support into your product cycle as soon as possible.
Awareness
Coordinate with industry
Adopt incentives• Regulatory• Economic
Support and promote awareness and educational activities
Require IPv6-compatibility in procurement procedures
Officially adopt IPv6
Call to ActionGovernment Organizations
IPv6 Adoption Needs
IPv6 address space
IPv6 connectivity (native or tunneled)
Operating systems, software, and network management tool upgrades
Router, firewall, and other hardware upgrades
IT staff and customer service training
Resources– Community Use Slide Deck
– IPv6 Wiki
– Information Page at www.arin.net/knowledge/v4-v6.html
– Outreach Microsite:www.TeamARIN.net
– Social Media at ARINwww.arin.net/social.html
– ARIN Board Resolution
– Letter to CEOs
Learn More and Get InvolvedLearn more about IPv6www.arin.netwww.getipv6.infowww.TeamARIN.net
Get Involved in ARINPublic Policy Mailing ListAttend a Meeting
http://www.arin.net/participate/
Q&A
Requesting and Managing Internet Number ResourcesJon WorleySenior Resource Analyst
Overview
• New ARIN Online Functionality• Template Changes• RESTful Provisioning• Policy Changes• Inventory • Post-Depletion Services (8.3
Transfers, STLS, Waiting List)• Future Services
New ARIN Online Functionality• Reverse DNS Zone
Management• DNSSEC• Resource Requests• POC Validation
Reverse DNS
• Managed per zone, not per network
• Must manage through ARIN Online
• Networks issued without nameservers
• SWIP to customers, then add reverse delegation
Reverse DNS - Shared Authority
Joe’s Bar and Grill has reassigned a /24 to HELLO WORLD. Both can manage the /24 zone.
Reverse DNS – Querying Whois
Query for the zone directly:whois> 136.136.192.in-addr.arpa
Name: 136.136.192.in-addr.arpa.Updated: 2011-03-19NameServer: SEC1.AUTHDNS.RIPE.NETNameServer: NS1.ARIN.NETNameServer: NS2.LACNIC.NETNameServer: SEC1.APNIC.NETNameServer: NS2.ARIN.NETRef: http://whois.arin.net/rest/rdns/136.136.192.in-addr.arpa.
DNSSEC
• Same interface as reverse DNS
• DS records generated by user
• Zone must have nameservers before you can add DS records
1) Paste DS Record
2) Parse DS Record
3) Apply
IP/ASN Requests
• Done through ARIN Online only• Officer attestation for IP
requests now done via a signed form instead of email
• Can no longer specify resource POCs or reverse DNS delegation in request
Policy 2008-7: POC Validation• Annual validation of each POC handle
required• Can validate either by email sent by
ARIN or ARIN Online• If linked to POCs that have not been
validated within 60 days, can’t access ARIN Online until POC handles validated
Template Changes
• Version 5 templates– Version 4 still accepted– Version 3 and prior no longer accepted
• Resource request templates deprecated• API key required to authorize processing
– Generated via ARIN Online– Can associate an email address– Required for all templates
Version 5 Reassign Simple
Template: ARIN-REASSIGN-SIMPLE-5.0 ** As of March 2011 ** Detailed instructions are located below the
template. 00. API Key: 01. Registration Action (N,M, or R): 02. Network Name: 03. IP Address and Prefix or Range: 04. Origin AS: 05. Private (Yes or No): 06. Customer Name: 07. Customer Address: 07. Customer Address: 08. Customer City: 09. Customer State/Province: 10. Customer Postal Code: 11. Customer Country Code: 12. Public Comments: END OF TEMPLATE
Paste API key here
Enter “yes” only for service delivered to a residence
Debugging Template Problems• Most templates aren’t
ticketed• Problems? Send both
template and error message to [email protected]
• Designed to be backward compatible, but may be a few slight differences
RESTful Interface
• Programmatic way to interact with ARIN– Intended to be used for automation– Not meant to be used by humans
• Useful for ISPs that manage a large number of SWIP records
• Requires an investment of time to achieve those benefits
Example – Reassign Detailed
• Your automated system issues a PUT call to ARIN using the following URL:https://www.arin.net/rest/net/NET-10-129-0-0-1/reassign?apikey=API-1234-5678-9ABC-DEFG
The call contains the following data:
<net xmlns="http://www.arin.net/regrws/core/v1" > <version>4</version> <comment></comment> <registrationDate></registrationDate> <orgHandle>HW-1</orgHandle> <handle></handle> <netBlocks> <netBlock> <type>A</type> <description>Reassigned</description> <startAddress>10.129.0.0</startAddress> <endAddress>10.129.0.255</endAddress> <cidrLength>24</cidrLength> </netBlock> </netBlocks> <parentNetHandle>NET-10-129-0-0-1</parentNetHandle> <netName>HELLOWORLD</netName> <originASes></originASes> <pocLinks></pocLinks></net>
Example – Reassign DetailedARIN’s web server returns the
following to your automated system:<net xmlns="http://www.arin.net/regrws/core/v1" ><version>4</version><comment></comment><registrationDate>Tue Jan 25 16:17:18 EST 2011</registrationDate><orgHandle>HW-1</orgHandle><handle>NET-10-129-0-0-2</handle><netBlocks><netBlock><type>A</type><description>Reassigned</description><startAddress>10.129.0.0</startAddress><endAddress>10.129.0.255</endAddress><cidrLength>24</cidrLength></netBlock></netBlocks><parentNetHandle>NET-10-129-0-0-1</parentNetHandle><netName>netName>HELLOWORLD</netName><originASes></originASes><pocLinks></pocLinks></net>
Reg date and net handle added
Other RESTful Notes• IPv6 Reassign Simple available
only through the RESTful interface
• Cannot manage reverse DNS zones (yet)
• Still operating RESTful beta site as a test bed–Must request access
Obtaining RESTful Assistance• “Ask ARIN” via your web account• arin-tech-discuss mailing list
–Make sure to subscribe–Someone on the list will help you
ASAP• Help Desk phone not a good fit
–Debugging these problems requires a detailed look at the method, URL, and payload being used
Policy Changes
• 3 month supply for all ISPs• IPv6 End User• IPv6 ISP in the pipeline• 2010-14• IPv6 Subsequent Allocations for
Transitional Technology• M&A Transfers
3 Month Supply For ISPs
• Prior to IANA IPv4 free pool depletion, experienced ISPs could get a 12 month supply
• Dropped to 3 month supply immediately upon IANA issuing its last 5 /8s
• Still computed based on demonstrated utilization rate
• Expectation should be coming back ~4 times a year for additional IP addresses
IPv6 End User Changes• Before: Block size based on HD Ratio
– Complex; used logarithms
• After: Block size based solely on number of sites within the end user’s network Number of Sites Block Size Justified
1 /48
2-12 /44
13-192 /40
193-3,072 /36
3,073-49,152 /32
Results of End User Policy ChangeSmall uptick in large blocks, but
majority still /48Prefix Length % of assignments
in the year prior to new policy
% of assignments since new policy implemented
/32-/35 0.35% 2.14%
/36-/39 1.04% 5.00%
/40-/43 6.60% 7.14%
/44-/47 15.97% 17.86%
/48 76.04% 67.86%
2011-3: Better IPv6 Allocation for ISPs
• ARIN AC recommended adoption 5/24/2011
• Still needs to be ratified by ARIN Board and have an implementation date scheduled
• Allows ISPs to have uniform subnets– Each “serving site” gets a block large
enough to number the largest serving site
– Must be nibble-aligned: /48, /44, /40, etc
2011-3 Example
• ISP A, a FTTP provider, has 37 PoPs– The largest PoP (New York City) has 1,084
customers
• ISP A wants to assign a /48 to each– /37 smallest block that has 1,084 /48s (2,048)– Each of the 37 PoPs gets a /36 (round to nibble)
• Smallest block that contains 37 /36s is a /30 (64 /36s)
• ISP A gets a /28 (round to nibble)
2010-14: Standardize IP Reassignment Registration Requirements
• To be implemented by 9/30/2011• Abuse contact now required• New policies for ISPs with residential
customers that dynamically draw IP addresses from pools – must submit SWIP information for each market
area– must show 80% assigned with a 50-80%
utilization rate across markets
• IPv6 /64 and larger static reassignments must be visible via SWIP/RWhois
IPv6 Subsequent Allocations for Transitional Technologies
• ISPs with an initial allocation for native IPv6 can request a separate block to be used for IPv4 -> IPv6 transitional technology– 6rd is the most common example, but
the policy doesn’t specify a technology
• /24 maximum allocation– Allows a typical ISP to map a /56 to each
of their existing IPv4 addresses in a 6rd deployment
2010-6: Simplified M&A Transfers• Implemented 9/9/2010• If resources are no longer
justified, ARIN will work with you to get back into compliance
• If resources underused, ARIN will work with you on a plan to regain compliance via growth or return
Inventory Report
• IANA IPv4 free pool now depleted– ARIN received its last /8 from IANA in
mid-February
• At that time, ARIN had ~5.49 /8 equivalents in its free pool
• Daily inventory published on ARIN’s web site
Inventory updated daily @ 8PM ET
Burn Rate Since IANA Depletion
2/2/2
011
2/6/2
011
2/10/2
011
2/14/2
011
2/18/2
011
2/22/2
011
2/26/2
011
3/2/2
011
3/6/2
011
3/10/2
011
3/14/2
011
3/18/2
011
3/22/2
011
3/26/2
011
3/30/2
011
4/3/2
011
4/7/2
011
4/11/2
011
4/15/2
011
4/19/2
011
4/23/2
011
4/27/2
011
5/1/2
011
5/5/2
011
5/9/2
011
5/13/2
011
5/17/2
011
5/21/2
011
5/25/2
011
5/29/2
0114.60
4.70
4.80
4.90
5.00
5.10
5.20
5.30
5.40
5.50
5.60
Inventory (/8 Equivalents)
Inventory (/8 Equivalents)
The Obvious Question
• How long will that free pool last?• ARIN doesn’t make projections• Why not?
– Past performance doesn’t always predict the future
– Potential game-changing requests– Projections are interpreted as assurances of
availability• To illustrate, here are three plausible
scenarios of ARIN’s IPv4 free pool exhaustion
View #1: The Wide-Eyed Optimist• Network operators are responsible
and will use their existing IPv4 addresses more efficiently and implement IPv6 ASAP
• We see a drop in consumption rate• Projection assumes utilization rate
observed since IANA IPv4 depletion will continue– Warning: small sample size
Projecting the recent burn rate forward, the supply might last 5 years
2/2/2
011
4/13/2
011
6/22/2
011
8/31/2
011
11/9/2
011
1/18/2
012
3/28/2
012
6/6/2
012
8/15/2
012
10/24/2
012
1/2/2
013
3/13/2
013
5/22/2
013
7/31/2
013
10/9/2
013
12/18/2
013
2/26/2
014
5/7/2
014
7/16/2
014
9/24/2
014
12/3/2
014
2/11/2
015
4/22/2
015
7/1/2
015
9/9/2
015
11/18/2
015
1/27/2
0160.00
1.00
2.00
3.00
4.00
5.00
6.00
Recent Rate Projected Forward
Actual Inventory (/8 Equivalents)Projected Inventory (/8 Equivalents)
View #2: Business As Usual• Network operators are pragmatic• They will continue to consume IPv4
addresses just as they did in the past• Plans for dealing with depletion of
ARIN’s IPv4 free pool are in development but will not be deployed until depletion actually occurs
• Projection assumes same burn rate as seen over the past few years
Projecting the average yearly burn rate forward, the supply might last 18 months
5/1/2
011
6/1/2
011
7/1/2
011
8/1/2
011
9/1/2
011
10/1/2
011
11/1/2
011
12/1/2
011
1/1/2
012
2/1/2
012
3/1/2
012
4/1/2
012
5/1/2
012
6/1/2
012
7/1/2
012
8/1/2
012
9/1/2
012
10/1/2
0120.00
1.00
2.00
3.00
4.00
5.00
6.00
Projected Inventory (/8 Equivalents)/10 Floor
View #3: Hit The Panic Button• Network operators will act in their own
self interest• A small number of large requests shifts
the timeline dramatically• Projection assumes two hypothetical
“game-changing” requests– One ISP has an immediate need for a /8 to
be deployed over three months, another has a need for a /8+/10 to be deployed over one month
– Assume they are justified
Two game-changing requests drop the supply to 6 months
5/1/2011 6/1/2011 7/1/2011 8/1/2011 9/1/2011 10/1/2011 11/1/2011 12/1/2011 1/1/20120.00
1.00
2.00
3.00
4.00
5.00
6.00
Projected Inventory (/8 Equivalents)
/10 Floor
Large ISP uses a /8 over 3 months
Large ISP deploys a /8+/10 over 1 month
The Reality – We Have No Idea
• Network operators may:– become more efficient– continue to consume at the same rate– consume at a faster rate
• IPv4 availability cannot be guaranteed because IPv4 free pool exhaustion cannot be accurately predicted– Hence why you should migrate to IPv6 – Unless you intend to stop growing your
business….
IPv4 Churn
• ARIN does get back IPv4 addresses through returns, revocations, and reclamations– Return = voluntary– Revoke = for cause (usually
nonpayment)– Reclaimed = fraud or business
dissolution
• From 1/1/2005 to 3/31/2011, ARIN got ~585 /16 equivalents back
• Hooray!
Unfortunately, we get back far less than we issue
Issued 1/1/2005 - 3/31/2011 Got Back 1/1/2005 - 3/31/20110
500
1000
1500
2000
2500
3000
3500
4000
4500
5000
/16 Equivalents
IPv4 Holdings Profile
/16 equivalents held by Orgs with a /12 or more/16 equivalents held by Orgs with less than a /12
1.5% of the subscriber Org IDs hold 80% of the non-legacy IPv4 addresses
The remaining 98.5% of the Org IDs hold 20% of the non-legacy IPv4 addresses
Org IDs with a /12 or moreOrg IDs with less than a /12
2010 Block Size Profile
76%
24%
24% were is-sued as blocks /14 and smaller
76% were issued as blocks larger than /14
There were 162,644 /24s issued in 2010
Post-Depletion World
• While availability of IPv4 addresses cannot be assured, there will be ways network operators may be able to obtain additional IPv4 addresses– Transfers to Specified Recipients– Specified Transfer Listing Service (STLS)– Waiting List for Unmet IPv4 Requests
Transfers to Specified Recipients• Resources no longer required to be
under RSA• If resources are not maintained under
RSA, verification of title may take some time
• Attestation from officer required if resources not under LRSA/RSA
• RSA coverage = smoother transfer
STLS
• Previously had listers and needers
• “Facilitators” have been added –$100 annual fee for access
• Not much activity yet
2010-1: Waiting List for Unmet IPv4 Reqests
• Starts when ARIN can’t fill a justified request
• Option to specify smallest acceptable size
• If no block available between approved and smallest acceptable size, option to go on the waiting list
• May receive only one allocation every three months
Future Services
• RPKI in development– Cryptographically authenticate registration
authority
• Routing registry changes– Better authentication (currently use only
mail-from)
• Billing information visible through ARIN Online– View & modify billing contact information– View payment history
Questions?