[apnic-talk] RE: Policies for Address Space Management
Paul
Please find our comments on the "Policies for Address Space Management".
These comments were prepared by Glen Turner:
GENERAL COMMENTS
There are many minor criticisms below. These should not be taken to
mean that we disagree with the broad thrust of APNIC's address
allocation policy.
Many of these criticisms concern special cases that we have
encountered at various times. In the past APNIC has been suitabily
flexible in dealing with these special cases, and suitabily inflexible
when people have presented "special cases" that are actually requests
for special treatment. We hope this understanding approach continues.
Most of the comments refer to effects of the proposed policies when
applied to large organisations. Academic and research institutions
are large enterprises that use public addressing. Most business and
government enterprises choose to use private addressing. However,
this is driven by current security technologies. These organisations
may wish to gain public address space should security technologies
change.
We are appreciative of the time and energy that APNIC has put into
creating and documenting the address allocation policy.
SPECIFIC COMMENTS
5.1.2 Registration
APNIC should attempt to ensure that the directory of allocated space
is only used for its intended purpose and that opportunity for misuse
of the data, such as the collation of addresses for spam e-mail, is
limited.
APNIC should not make the entire contents of the directory available.
That is, people should be able to search the directory in order to
find a suitable contact for fault-finding, but they should not be able
to download or view all (or a substantial part) of the database.
Fields that are collected for APNIC's use and serve no public purpose
should not be made available to the public. A billing address would
be such a field.
6.1 Routability not guarrunteed
APNIC can significantly improve the routability of address space by:
a) aligning its allocation policies with those of other registries
[which it currently does]
b) cooperating with those registries to produce a unified set of
route filtering policies for use by backbone ISPs.
At the present, information on the allocation strategies used by
various registries at various times is fragmented and incomplete.
This makes constructing a bug-free route filtering policy difficult.
6.8 Evaluations to be based on efficient technologies
This provision does not allow for address space to be assigned for
experimental purposes of limited duration.
Some experimentation is essential for the progress of Internet
technologies. In the past, addresses uses have come from the copious
addresses assigned to academic and research institutions. However, as
these institutions come to use more of their traditionally-assigned
address space for other purposes, then registries should be prepared
to contribute addressing.
6.8 Evaluations to be based on efficient technologies
Some allowance should be made for large networks. It can take upwards
of a year for a single person to visit all the networking equipment at
some enterprises.
In such an environment there will always be a lag between the
availability of a new technology and its comprehensive use in the
network.
6.10 Documentation
Documentation requests should not be unreasonable. An academic
instituion with a 90% full class B network faces an almost impossible
documentation task to gain more address space if network diagrams are
requested.
7.2 Address space lease
This policy allows a lease condition to be altered with notice varying
from one day to one year, depending on the date of the policy change
and the date of the lease expiry.
A minimum time to move to lease compliance upon the change of a lease
condition should be specified. A suggested minimum is one year, as
this allows for any extraordinary expenses related to achieving lease
compliance to be obtained from the annual budgetting process used by
most large corporate, government and academic networks.
7.6 Slow start mechanism for allocations
This mechanism fails for large network conversion projects.
Imagine a government department migrating from SNA to IP and using
public address space. Such a migration would usually occur across a
public holiday, the new networking equipment having been
pre-configured in the previous months.
There is no way under the suggested policy for that network to gain
enough address space to pre-configure the network (as the network will
have zero host addresses used) and to conduct a well-planned rollout.
Allowance should be made in the allocation policy for the allocation
of addressing based on firm network upgrade plans. It would be
reasonable for APNIC to request budgetary documents to assure itself
that the request is indeed for a sure committment to use the address
space at the end of the roll-out period.
7.11 Address portability encouraged
A "strong technical ground" should include addresses for important
name servers, such as the .AU root. This allows the country root name
server to be connected to many ISPs, increasing the robustness of the
network.
7.12 Renumbering to promote aggregation
The class B networks historically assigned to many academic
institutions are often underutilised. Encouraging the return of these
addresses for a more appropiate amount of address space is to be
encouraged.
7.13 Private address space
Given the debates in the Internet community about the wisdom of
enterprise addressing and NAT, it is surprising to see APNIC so
wholeheartedly endorse the technology. Readers should be informed of
the existence of literature counter to APNIC's enthusiasm so that they
can make an educated decision.
7.16.2 Registering contact persons
"The administrative contact *must* be someone who is physically
located at the site". This makes no sense for research outposts.
Ringing a scientist in Antartica to report a network fault is
fruitless, sending them a letter makes even less sense. The
administrative contact is this case would better be located at the
ANARE headquarters in Tasmania, Australia.
7.20 Mergers, acquisitions and takeovers
These policies are welcomed and appear to be reasonable for merging
academic and research institutions.
8.1 Static assignments strongly discouraged
"Issues of administrative convenience will not be sufficent" neatly
ignores the huge cost of moving a large statically-addressed network
to a dynamically-addressed network. Although most large academic
institutions are moving towards dynamic addressing, it could well take
another five years before the majority of hosts in some networks gain
their addresses dynamically.
We fully agree that all new allocations should use dymanic addressing
and that old allocations should be moving towards dymanic addressing.
George McLaughlin, AARNet
Tel: (02)6285 8358
Fax: (02)6285 8211
Mobile: 0411 256 370
email: gmm at avcc dot edu dot au
* APNIC-TALK: General APNIC Discussion List *
* To unsubscribe: send "unsubscribe" to apnic-talk-request at apnic dot net *