Re: [sig-policy] prop-058-v001: Proposal to create IPv4 shared use address space, among LIRs

To: sig-policy@lists.apnic.net
Subject: Re: [sig-policy] prop-058-v001: Proposal to create IPv4 shared use address space, among LIRs
From: Philip Smith <pfs@cisco.com>
Date: Mon, 28 Jan 2008 20:43:35 +1000
Authentication-results: syd-dkim-1; header.From=pfs@cisco.com; dkim=pass ( sig from cisco.com/syddkim1002 verified; );
Delivered-to: sig-policy@clove.apnic.net
In-reply-to: <479D58C6.7080604@psg.com>
List-archive: <http://mailman.apnic.net/mailing-lists/sig-policy>
List-help: <mailto:sig-policy-request@lists.apnic.net?subject=help>
List-id: APNIC SIG on resource management policy <sig-policy.lists.apnic.net>
List-post: <mailto:sig-policy@lists.apnic.net>
List-subscribe: <http://mailman.apnic.net/mailman/listinfo/sig-policy>, <mailto:sig-policy-request@lists.apnic.net?subject=subscribe>
List-unsubscribe: <http://mailman.apnic.net/mailman/listinfo/sig-policy>, <mailto:sig-policy-request@lists.apnic.net?subject=unsubscribe>
Organization: Cisco Systems
References: <479D58C6.7080604@psg.com>
User-agent: Thunderbird 2.0.0.9 (Macintosh/20071031)


2.  Summary of current problem
------------------------------

LIRs providing firewall and IP connectivity services behind NATs using
RFC 1918 address space face potential address space collisions between
end user networks that are using the same RFC 1918 address ranges.

This is stated as the problem. How does a shared use address pool solvethis problem??


RFC1918 collides, because everyone can use it.

The authors' proposed /8 will also collide, because everyone will thenuse it.


So this proposal does not solve the above problem.

This is preventing LIRs and their end users from benefitting from the
security and efficient IPv4 address use that firewalls and NATs can
provide.


NATs do not provide security.

Instead, some LIRs are applying (and receiving) global IPv4 address
allocations to providing firewall and IP connectivity services.

Which APNIC policy dictates that LIRs *must* use global IPv4 addressesbehind NATs? There isn't one I'm aware of, so this is an LIR createdproblem. Why do we need to fix APNIC policies because LIRs are "notusing IPv4 addresses properly"?

Furthermore, if LIRs assign only IPv6 addresses to end users, they
cannot communicate with non-IPv6 ready site.

Are there any IPv6 only sites now? Their folly for discarding IPv4, realor NAT'ed. Not an APNIC policy problem.

By having IPv4 shared use address space as an alternative to RFC 1918
address ranges, LIRs would not need to request global IPv4 allocations
to achieve their aims. Therefore LIRs can continue to provide IP
connectivity after IPv4 free pool exhaustion.

This proposal simply desires to extend RFC1918 address space. Theprevious effort to do this a few years back was thrown out. Differentauthors, same proposal, wasting APNIC Policy meeting time yet again.

On 3 August 2007, the following Internet Draft was submitted to the
IETF:

     - Redesignation of 240/4 from "Future Use" to "Limited Use for
       Large Private Internets"
       http://www.ietf.org/internet-drafts/draft-wilson-class-e-01.txt

What has this got to do with the proposal? Nothing. And it is prettymuch accepted that use of the 240/4 address block as an RFC1918extension is a non-starter due to the massive deployed infrastructurethat simply cannot handle it.

4.2. Conditions for use of this shared use address space are:

     - All LIRs in the AP region can use the address space

     - LIRs can choose a range within the shared space for their use
       without needing to apply to APNIC or NIRs

     - LIRs do not need to register use of their chosen shared use
       range

     - Global/regional address uniqueness is not guaranteed

     - End-users cannot use this proposed address space and should
       continue to use the existing RFC 1918 address ranges.

     - LIRs are free to assign this shared use addresses to their
       customers.

     - Use of shared use address space will not be included when
       calculating APNIC fees

Yes, all like RFC1918 space. Wouldn't it have been more polite to askTony Hain to resubmit his previous proposal?

5.   Advantages and disadvantages of the proposal
-------------------------------------------------

Advantages:

     - It promotes effective use of global IPv4 address space, as the
       largest LIRs will use this proposed address space rather than
       global addresses

It will still have to be NATed though, so I don't see how this can be aclaimed advantage.

     - By using this shared use address space, LIRs can continue to
       provide IPv4 connectivity even after the IPv4 address exhaustion


They can also do so with routable address space.

     - LIRs can provide IPv4 connectivity by dual-stacking shared use
       addresses with IPv6 addresses. This is important as we currently
       do not have high-throughput IPv6-IPv4 translators for commercial
       use

Has anyone got IPv6 traffic that and IPv6 to IPv4 translator can'thandle? Extending RFC1918 address space doesn't solve the IPv6transition problem.

This proposal needs to sort out what problem it is trying to solve. Inthis state, it does little more than waste conference time.


philip
--

Follow-Ups:
- Re: [sig-policy] prop-058-v001: Proposal to create IPv4 shared use address space, among LIRs
  - From: Jonny Martin <jonny@jonnynet.net>

References:
- [sig-policy] prop-058-v001: Proposal to create IPv4 shared use address space, among LIRs
  - From: Randy Bush <randy@psg.com>

Prev by Date: Re: [sig-policy] prop-058-v001: Proposal to create IPv4 shared use address space, among LIRs
Next by Date: Re: [sig-policy] prop-057-v001: Proposal to change IPv6 initial allocation criteria
Previous by thread: Re: [sig-policy] prop-058-v001: Proposal to create IPv4 shared use address space, among LIRs
Next by thread: Re: [sig-policy] prop-058-v001: Proposal to create IPv4 shared use address space, among LIRs
Index(es):
- Date
- Thread