Home page logo
/

nanog logo nanog mailing list archives

Re: IPv4 address exchange
From: David Conrad <drc () virtualized org>
Date: Mon, 18 Apr 2011 19:35:34 -0700

Jeff,

On Apr 18, 2011, at 6:15 PM, Jeff Wheeler wrote:
ARIN has all the buy-in they need: No transit network will (except by
act of omission/mistake) allow you to announce IPs that aren't
registered to you in an RIR database, or delegated to you by the
registrant of those IPs.

And yet, Ron has recently raged on this list about hijacked prefixes used for spamming, so clearly "no transit network" 
is inaccurate.

Regardless, for sake of argument, let's assume ARIN refused to recognize the Microsoft/Nortel sale and Microsoft 
deploys a few prefixes of those 666K addresses for (say) new MSN services. Do you think ISPs, particularly the larger 
ones, all over the world would refuse to accept those announcements (especially when their call centers start getting 
calls from irate customers who aren't able to gain access to MSN services)?

If we didn't have ARIN, we would probably have one of two things:

Just to be clear, I don't believe the suggestion is that ARIN goes away, rather that "post allocation services" (e.g., 
reverse DNS, registration maintenance, etc.) for IPv4 no longer be a geographical monopoly.  However, taking the bait:

1) no "regulator" at all, thus BGP anarchy (we came surprisingly close to that in the 1990s at least once)

And the solution to that "BGP anarchy" (by which I assume you mean a flood of long prefixes) in the 1990s was some ISPs 
deploying prefix length filters to protect their own infrastructures.  Been there, got several t-shirts.  Yes, over 
time, the sales/marketing folks will force the network engineers to remove the filters once hardware has been upgraded, 
but once established, minimum prefix lengths (at least the perception of them) seem to have a long half-life.

It's also true that ARIN (at least currently, before RPKI is deployed) has no control over routing policy so suggesting 
that they regulate BGP anarchy may not be accurate.

2) a worse "regulator" who is totally uninterested in the small ISP / hosting shop / Fortune 50,000, as opposed to 
the Fortune 500

We're talking about IPv4 addresses which will (soon) be unavailable from the RIRs because the free pool has been 
exhausted. The small ISP/hosting shop/Fortune 50,000 who have not already taken steps to adjust to this new reality 
will simply be screwed regardless of what ARIN or the other RIRs do. Even if alternative "post allocation services" 
providers didn't exist, the Fortune 500 are going to be able to pay more to the folks with allocated-but-unused 
addresses than the 'all but Fortune 500' and I have no doubt that the Fortune 500 will be able to justify "need" (to 
any level of detail) just as well as the 'all but Fortune 500'.  Or do you believe ARIN et al. will be establishing 
price caps and establishing who among the various requesters for the same block deserves to get the SLS seller's blocks?

What a bunch of folks seem to have gotten their panties in a bunch about is the idea that without our Benevolent RIR 
Overlords, Enron-wannabes are going to go around and buy up all the unused IPv4 address space and make a killing 
selling it to the highest bidder. I'm afraid I haven't been able to get worked up about this: the only difference 
between the world with the BRO and without I can see is who gets the money (and this is ignoring the debate as to 
whether speculators can encourage bringing more addresses into play since their sitting on lost opportunity cost of 
they simply hoard IPv4 addresses).  I find the whole discussion quite odd: laws of economics are pretty clear about 
situations with limited supply and increased demand and the reality is that ARIN is not a regulator and has essentially 
no enforcement mechanisms outside of contractual relationships.  It is a 501(c)(6) consisting of 3865 members, of which 
a couple of hundred technical folks participate in policy definition processes that affect tens of millions of people, 
the vast majority of which have never heard of ARIN.  As long as the policies ARIN defined by the technical folk don't 
affect folks with money/power in negative ways, everything is fine.  That time is just about over.  People really need 
to adjust.

I do not think it would function better if it were "just a WHOIS database."

To try to bring this back to NANOG (instead of PPML-light), the issue is that since at least two alternative registries 
have apparently been established, how are network operators going to deal with the fact that the currently execrable 
"whois database" is almost certainly going to get worse?

Regards,
-drc



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]