IPv4 Depletion and IPv6 Adoption - ARIN...• Autonomous System Numbers (ASNs) • Directory...
Transcript of IPv4 Depletion and IPv6 Adoption - ARIN...• Autonomous System Numbers (ASNs) • Directory...
1 of 23
Richard JimmersonChief Information Officer
Internet Governance
5 of 23
6 of 23
7 of 23
8 of 23
9 of 23
Number Resource Provisioning Hierarchy
ICANN / IANA(Internet Assigned Numbers Authority)
Manage global unallocated IP address pool
ISPs
End UsersISPs
RIRs(AfriNIC, APNIC, ARIN, LACNIC, RIPE NCC)
Manage regional unallocated IP address pool
Re-Allocate Re-Assign
End Users
Allocate
AssignAllocate
Richard JimmersonChief Information Officer
ARIN History & Overview
1993 IR function contracted by NSF to NSI; InterNIC, APNIC formed. DoD oversight ends.
Registrant
1992 RFC 1366: Regional IRs established; RIPE NCC formed
Registrant
1991 RFC 1261: DoD IR function contract moved to Network Solutions, Inc.
Registrant
1980s Internet Registry (IR) function contracted by DoD to SRI International
Registrant
1980s NSFNET/ARPANET - Jon Postel managed addressing via DoD contract;this was called the Internet Assigned Numbers Authority (IANA)
Registrant
Governm
ent Oversight
Historical Timeline
DDN NIC
DDN NIC
DDN NIC
InterNIC
Historical Timeline2005 Regionalization complete; AfriNIC formed
Registrant
2002 Regionalization continues; LACNIC formed
Registrant
1998 ICANN formed
Registrant
1997 IR regionalization completed; ARIN formed. USG oversight of IR function ends.
Registrant
Comm
unity Oversight
Regional Internet Registries
The NRO exists to protect the unallocated number resource pool, to promote and protect the bottom-up policy development process, and to act as a focal point for Internet community input intothe RIR system.
Number Resource Organization
ARIN’s Service Region
ARIN’s region includesCanada, many Caribbean and North Atlantic islands, and the United States.
Nonprofit Membership Organization
Community-regulated
• Fee for services, not number resources
• 100% community funded
• Open• Broad-based
- Private sector- Public sector- Civil society
• Community developed policies
• Member-elected executive board
• Open and transparent
RIR Structure
Number Resources Organization Policy Development
• IP address allocation & assignment
• ASN assignment• Directory
services• WHOIS• IRR
• Reverse DNS
• Elections• Meetings• Information
dissemination• Website• Newsletters• Roundtables
• Training
• Maintain e-mail discussion lists
• Conduct public policy meetings
• Publish policy documents
RIR Services
About ARIN• One of five Regional Internet Registries
• Services 25 Economies in the Caribbean and North America
• Nonprofit corporation based in Chantilly, VA
• Established December 1997
• 100% community funded
• Applying the principles of stewardship, ARIN, a nonprofit corporation:
– allocates Internet Protocol resources;
– develops consensus-based policies; and
– facilitates the advancement of the Internet through information and educational outreach.
ARIN’s Mission
ARIN’s Services• Like the other RIRs, ARIN:
– Allocates and assigns Internet number resources
– Maintains WHOIS, in-addr.arpa, and other community services
– Participates in the global Internet community
– Facilitates policy development– Is a nonprofit, membership organization
Registration Services
• Manage Internet number resources and related services
• Manage Directory Services (WHOIS & IRR)
Organization Services
Public Policy & Members Meetings
Executive Board Elections
Organization Services
Information publicationand dissemination
Education& Training
Organizational Chart
Learn More and Get InvolvedYour participation
Important, critical, needed, appreciated…
Get Involved in ARINPublic Policy Mailing ListMember ElectionsAttend a Meeting
http://www.arin.net/participate/
26
Next ARIN Meeting
• Remote participation
• Policy discussions
• Tutorials
• Social event
• Adjacent to NANOG
https://www.arin.net/participate/meetings
Einar BohlinPolicy Analyst
The ARIN Policy Development Process
OverviewWhat is a PolicyThe Policy Development Process
– Origin– Principles– Process Steps
A Case Study and Some Examples
Number Resource PolicyManual (NRPM)
NRPM is ARIN’s policy document – Version 2010.2 (7 June 2010)– This is the 19th version
Contains• Change Logs• Available as PDF• Index
https://www.arin.net/policy/nrpm.html
Policies in the NRPM• IPv4 Address Space• IPv6 Address Space• Autonomous System Numbers (ASNs)• Directory Services (WHOIS)• Reverse DNS (in-addr)• Transfers• Experimental Assignments• Resource Review Policy
Policy Development Process (PDP)
Flowchart
Proposal Template
Archive
Movie
https://www.arin.net/policy/pdp.html
PDP Origin - Rough Consensus
The foundation of the PDP
Rough consensus is a term used in consensus decision-making to indicate the "sense of the group" concerning a particular matter under consideration.*
Note that 51% of the working group does not qualify as "rough consensus" and 99% is better than rough.*
(*from wikipedia.org)
Consensus Decision Making*(*from wikipedia.org)
PDP Versions
Current version is the 4th
First written version - April 2001Two revisions
Major overhaul - January 2009
The current PDP
Empowers the Advisory Council as a development body (balanced by expanded petitions)
Establishes goal = clear, technically soundand useful policy
Requires staff and legal assessments and freezes text prior to Public Policy Meetings
Process Principles
Open Forum - Anyone can participate Public Policy Mailing List
Public Policy Meetings
TransparentPDP documented
Policies documented
Meetings documented
Bottom UpARIN does not create policy, ARIN implements it
Roles
CommunitySubmit proposals! If there is a problem, raise it
Comment on proposals (in favor or not?)
Participate in Petitions
Advisory Council “AC” (elected volunteers)Write the policy text to ensure that it is
clear, technically sound and useful
Determine Consensus
Roles
ARIN “Board” (elected volunteers)Provide process oversight
Provide corporate fiduciary oversight
ARIN Staff Provide feedback
• Clarity and Understanding
• Staff Assessments
Implement Policy
Basic Steps1. Community member submits a proposal2. Community discusses the proposal on the “List”3. AC creates a draft policy or abandons the
proposal4. Community discusses the draft policy on the
“List” and at the meeting5. AC conducts its consensus review6. Community performs last call7. Board adopts8. Staff implements
PetitionsAnyone dissatisfied with a decision by the AC
can petition to keep the proposal moving forward
1. Petition to bring proposal to list and meeting 4 successful*3 unsuccessful
2. Last call petition (to send to Board)
One – unsuccessful
*2 ultimately abandoned, 2 under discussion
Public Policy Mailing List
Open to anyone
Easy to subscribe to
Contains: ideas, proposals, draft policies, last calls, announcements of adoption and implementation, and petitions
Archives
RSS available for ARIN only posts
https://www.arin.net/participate/mailing_lists/index.html
The ARIN Website
How to monitor and not be overwhelmed?
The AC meets monthlyFront page of the ARIN site to see proposals and draft
policies under discussion
New proposals need feedback for the AC’s initial decision
Web site will help you focus on what’s important to you and your company
ARIN Meetings
Two meetings a year
Check the ARIN Public Policy Meeting site 4-6 weeks prior to meeting
Proposals/Draft Policies on Agenda
Discussion Guide (summaries and text)
Attend in Person/Remote
AC meeting last dayWatch list for AC’s decisions
Last Calls – For or against?
Policy Participation
You must be a member to
• Vote for AC and Board
• Nominate for those positions
Don’t let others say that such and such can’t be done because ARIN won’t allow it
https://www.arin.net/participate/elections/index.html
Total Draft Policies
Active current drafts – 7
Adopted – 57 (plus 2 more global policies awaiting ICANN Board review)
Abandoned – 46
A Case Study: Policy 2008-5
2008-5 SummaryName: Dedicated IPv4 block to facilitate IPv6
Deployment (2008-5)
Proposal: Reserve some IPv4 space (a /10), and make it available to organizations that need some IPv4 space to deploy IPv6.
Rationale: “[This policy] will facilitate IPv6 deployment by ensuring that some small chunks of IPv4 space will remain available for a long time to ease the co-existence of IPv4 & IPv6.”
Policy 2008-5 HistoryProposal was submitted on June 2008.
Draft policy text discussed on the list and at ARIN XXII meeting (Oct 2008).
The policy was sent to last call (Oct/Nov).
Minor revision by the AC, reposted to last call Nov/Dec.
Adopted by the Board 5 Jan 2009.
Implemented 1 Apr 2009 (NRPM Section 4.10).
https://www.arin.net/policy/proposals/2008_5.html
Policy ExamplesAdopted
2010-2: /24 End User Minimum Assignment Unit (to be implemented early September)
2009-8: Equitable IPv4 Run-Out (ISP allocation timeframe to reduce from 12 months to 3 upon receipt of last /8)
2009-1: Transfer Policy (transfers allowed to specified recipients, based on need)
Abandoned2010-7: Simplified IPv6 (Everyone allowed one each of the
following /48, /40, /32, /28, /24)2007-27: Cooperative distribution of the end of the IPv4
free pool (RIR to RIR requests)
References
Policy Development Processhttps://www.arin.net/policy/pdp.html
Draft Policies and Proposalshttps://www.arin.net/policy/proposals/index.html
Number Resource Policy Manualhttps://www.arin.net/policy/nrpm.html
Suggestions -> Policy
Policies Under Discussion
Einar BohlinPolicy Analyst
Draft Policies• 7 on PPML for discussion and feedback
right now• They will be presented and discussed
at ARIN meeting in Atlanta• You have two ways to voice your
opinion about these, on the PPML or at the PPM (in person or remote)
2010-8• Rework of IPv6 assignment criteria• Allows almost all organizations to receive a
/48 or larger block. Organizations can request a block that would allow each site in their network to be assigned a /48. Criteria: have an IPv4 end user assignment; or be multi-homed; or provide technical justification why upstream space will not suffice. Also allows space for non-connected (private) networks.
• Point: Makes available IPv6 assignments from ARIN to most organizations, connected or not.
• Text is being worked on (carried over from previous ARIN meeting)
2010-9• IPv6 for 6rd• Allows organizations with at least two
blocks of non-contiguous IPv4 space to request an IPv6 /32 or larger block to be used for a 6rd deployment. These allocations/assignments will be reviewed every 3 years by ARIN staff.
• Point: IPv6 allocations specifically for 6rd.
2010-10• (Global Proposal): Global Policy for
IPv4 Allocations by the IANA Post Exhaustion
• Establishes an IANA reclamation pool of IPv4 address space. This pool will be comprised of any “eligible” IPv4 address space returned to IANA.
• Point: Allows IANA to allocate space after the free pool is gone. Assumes IANA will get space back.
2010-11• Required Resource Reviews• Requires ARIN staff to initiate resource reviews
when M&A activity occurs but IP addresses are not transferred; when fraud or abuse is reported to ARIN (either about a specific IP address range or about an organization); when a specified recipient transfer occurs; or when staff are reviewing an additional IP address request and find that more than a quarter of an ISP’s downstream SWIPs are covered under the Residential Customer Privacy policy.
• Point: Original policy said ARIN can do reviews, how often, and what can happen after a review, etc. This proposal adds mandatory triggers which cause reviews.
2010-12• IPv6 Subsequent Allocation• Allows an additional IPv6 allocation for
transitional technologies (IPv4 to IPv6). The allocations will be reviewed every 3 years by ARIN staff.
• Point: IPv6 space for IPv4 to IPv6 transition technologies (like 6rd).
2010-13• Permitted Uses of space reserved under NRPM 4.10
– Ups the reserved space from a /10 to the actual entire /8.– Makes two pools of space available, both of which can be
drawn from by an organization. "Part A" for ISPs to issue single addressess to customers (/24 to /18, max /16, 6 months, customers must be using IPv6). "Part B" for ISPs or end users to deploy IPv6 (/28 to /24, max /20, 6 months, assignment/infrastructure.) Part A gets 3/4 of the /8. Part B gets 1/4.
– Space returned to ARIN goes to the 4.10 pool or back to IANA.– Utilization is 80% most recent, 90% other space. Utilization must
be for transitional technology purposes (examples provided).– Quarterly reviews. With allocation/assignment reduction
possible. • [Point: The current policy makes IPv4 space available to
facilitate IPv6 deployment (/28 to /24, 6 months). The proposal expands the reserved block, makes larger allocations available, attempts to replenish the block with returns, has stricter utilization both in terms of
percentages and permitted use, and adds quarterlymonitoring.]
2010-14• Standardize IP Reassignment Registration Requirements• The policy:
– Specifies that organization information is: Legal name, street address, and one technical POC and one abuse POC. Each POC must have an email and phone number.
– Defines residential customer. – Expands the current Cable Address Policy with a broader policy
applicable to all Residential Market Areas.– Extends the Residential Market Area policy to IPv6.– Broadens the threshold for required SWIPing in IPv6 from /56 to
/64.– Allows a resource review when ARIN believes an organization is
not complying with reassignment policy.• Point: Specifies what organizational information is required
to be added to WHOIS, defines residential customer, expands the current cable only residential policy to all residential areas (makes it easier to register utilization and apply for more), requires individual IPv6 subnets be
registered in WHOIS, and allows for resource reviewsfor failure to comply with reassignment policy.
Do any of these possibly impact you?• You have two ways to voice your
opinion about these, on the PPML or at the PPM (in person or remote)
References• Draft Policies & Proposals
– https://www.arin.net/policy/proposals/index.html
ARIN Services
Jon WorleySenior Resource Analyst
Current Policies
/24s are back!• Only for multi-homed
end-users• Must still show at least
25% used immediately and at least 50% used within one year
• Must renumber and return to get another block
IPv4 For The Rest of Us• Single-homed end-users
– /20 minimum; show at least 25% used immediately and at least 50% within a year
• ISPs– Single-homed: /20 minimum, show you’re already
using a /20 (or equivalent)– Multi-homed: /22 minimum, show you’re already
using a /23 (or equivalent), agree to renumber
Additional IPv4 Allocations• Show you’ve efficiently used all previous allocations
and at least 80% of your most recent allocation
• ISPs allowed to request a three month supply of addresses for their first year, then a twelve month supply after that
• Allocation size based on demonstrated utilization rate, not projected growth– Block size lags growth
Special Policies• Multiple Discrete Networks
– Networks operated separately from one another
– Can request IPs for networks that need more, even when other networks aren’t fully used, as long as some basic overall criteria are met
• Cable ISPs– Show 80% of IPs assigned, with a 50-80%
utilization rate
What ARIN Will Need• ISPs
– List of dynamic pools with information on purpose, utilization metrics, etc
– List of statically assigned customers with subnets/IPs
• /29 and larger need to be published via SWIP/Rwhois• Can mark name/street address private if the service is
delivered to a residence
• End-users– Subnet mappings for any previous assignments– Proposed subnet mapping for new block
New Aspects to IPv4 Requests• Officer attestation
– Required by ARIN’s Board of Trustees– Prior to approval, officer is sent request
data via e-mail, reviews, and replies to verify data is correct
• Utilization data for previous allocations– Has always been required by policy– Typically a utilization percentage,
although may ask for more if needed
• Many legacy IPv4 registrations are no longer used
• We can definitely rely on our community to be good samaritans and return them, right?
What about unused IPv4 addresses?
Enter NRPM 8.3• NRPM policy 8.3 allows orgs with
unused IPv4 addresses to transfer them to a network that needs IPv4 addresses
• Network must qualify for the IPv4 addresses under a current ARIN policy
• ARIN will operate a listing service• Why? IPv4 depletion
IPv6 Policies• ISPs
– Known, existing ISPs automatically qualify– /32 minimum
• Really really really big; ~4.2 Billion subnets
• End-users– Typically qualify by showing you qualify for IPv4– /48 minimum
• 65,536 subnets• Qualify for larger by showing proposed use
– Guidelines: /48 for a large site, /56 for a small site
Interacting With ARIN
Service Delivery• ARIN services traditionally
delivered via e-mail• Not reliable
– E-mails get lost in the bit bucket• Errors not noted until
reviewed by ARIN– Delays your request by hours or
days• There’s got to be a better
way!
ARIN Online• All services to be delivered through the
web site via ARIN Online (eventually)• Has been available for ~1 year• Accounts are new
– If you didn’t create one in the past year, create a new one, even if you already have records in Whois
Linking your ARIN Online Account• ARIN Online account is associated with
your Whois records by linking to your POC handle(s)
• To link, need to be able to get e-mail sent to an e-mail address listed on the handle
• Linking to the POC handle allows you to access Org IDs/resources associated with that handle
Recovering Old Records• POC handle that is yours, but has an
incorrect e-mail address– POC Recovery
• Org ID has no valid POC handles listed– Org recovery
Current ARIN Online Functionality• Org and POC management• Ask ARIN• Bulk WHOIS
– FTP service retired– XML tagging– Easy to automate using API keys
• Reassignment Reports
Future Functionality• Manage in-addr.arpa zones• Request and modify AS numbers and
IP addresses• Manage reassignment information
New Services
POC Validation• NRPM 3.6.1 requires ARIN to contact
POCs annually to validate information• If information is correct, just click URL in
message• Otherwise, use ARIN Online to set up
account, then validate on POC page
WhoisRWS• Port 80 queries much improved
– XML tagging– Retrieve data via URL
• Frequently updated (many times per day, instead of once a day)– in-addr.arpa zones still daily
• Query syntax has changed
RPKI• X.509 certificates for direct registrants
of IPv4 and IPv6 addresses• Pilot program at http://rpki-
pilot.arin.net has been operating since July 2009
• Production system in the near future
DNSSEC• Cryptographically sign in-addr.arpa
delegations• ARIN’s /8 zones are signed as trust
anchors since in-addr.arpa isn’t signed yet
• Users able to add DS records to sign their own delegations by the end of the year
Outreach And Education
Outreach & Education Services• Online education resources• Event Presentations• Exhibits (direct and reverse)• Media interviews
Outreach & EducationMaterials• Fact and information sheets (and CDs)• Multimedia pieces• Giveaways (pens, stickers, etc.)• Slide decks• Comic books• More…
• TeamARIN Micrositehttp://TeamARIN.net– Event Calendar– Education– Blogs– Spread the word
• Public use slide deck• Materials support
request• ARIN IPv6 wiki
http://getipv6.info
ARIN Resource Links
ARIN on Social MediaFacebook –www.facebook.com/TeamARIN
Twitter –www.twitter.com/TeamARIN
LinkedIn –www.linkedin.com
YouTube –www.youtube.com/TeamARIN
IPv4 Depletion
IPv6 Adoption6 August 2010
14 /8s Remaining
Quick History of the Internet Protocol• Internet Protocol version 4 (IPv4, or just “IP”)
– First developed for the original Internet (ARPANET) in spring 1978– Deployed globally with growth of the Internet– Total of 4 billion IP addresses available– Well entrenched and used by every ISP and hosting company
to connect customers to the Internet– Allocated based on documented need
• Internet Protocol version 6 (IPv6)– Design started in 1993 when IETF forecasts showed IPv4
depletion between 2010 and 2017– Completed, tested, and available for production since 1999– Total of 340,282,366,920,938,463,463,374,607,431,768,211,456 IP
addresses available– Used and managed similar to IPv4
About IPv4 and IPv6IP version IPv4 IPv6Deployed 1981 1999
Address Size 32-bit number 128-bit number
Address Format
Dotted Decimal Notation: 192.0.2.76
Hexadecimal Notation: 2001:0DB8:0234:AB00:0123:4567:8901:ABCD
Number of Addresses
232 = 4,294,967,296 2128 = 340,282,366,920,938,463,463,374,607,431,768,211,456
Examples of Prefix Notation
192.0.2.0/2410/8
(a “/8” block = 1/256th of total IPv4 address space = 224 = 16,777,216 addresses)
2001:0DB8:0234::/48 2600:0000::/12
IPv4 Address Space Utilization
*as of 6 August 2010
Available IPv4 Space in /8s
In 2010, RIRs have been allocated twelve /8s blocks as of 6 August, leaving fourteen /8s unallocated (14/256 = 5.46%)
IPv4 Demand – RIR Allocations
In 2010, RIRs have been allocated twelve /8s blocks as of 6 August.
IPv4 Depletion Situation Report• The RIRs have needed between 8
and 12 /8s each year worldwide.
• There are 14 /8s remaining in the available pool as of 6 August 2010.
• Demand for IPv4 continues to grow from organizations around the world.
IPv4 & IPv6 - The Bottom Line• We’re running out of IPv4
address space.
• IPv6 must be adopted for continued Internet growth.
• IPv6 is not backwards compatible with IPv4.
• We must maintain IPv4 and IPv6 simultaneously for many years.
• IPv6 deployment has begun.
RIRs have been allocatingIPv6 address space since 1999.
Thousands of organizations havereceived an IPv6 allocation to date.
ARIN has IPv6 distribution policies for service providers, community networks,
and end-user organizations.
IPv6 Deployment has begun
IPv4 & IPv6 Coexistence Today, the Internet is predominantly based on IPv4.
For the foreseeable future, the Internet must run both IP versions (IPv4 & IPv6) at the same time. (When done on a single device, this is called the “dual-stack” approach.)
Deployment is already underway: Today, there are organizations attempting to reach your mail, web, and application servers via IPv6...
Action Plans
What does this mean for:• Broadband Access Providers? • Internet Service Providers?• Internet Content Providers?• Enterprise Customers?• Equipment Vendors?• Government Organizations?
Call to ActionBroadband Access Providers
Your customers want access to the entireInternet, and this means IPv4 and IPv6 websites. Offering full access will require running IPv4/IPv6 transition services and is a significant engineering project.
Multiple transition technologies are available, and each provider needs to make its own architectural decisions.
Call to ActionInternet Service ProvidersPlan out how to connect businesses via IPv6-only and IPv4/IPv6 in addition to IPv4-only.
Businesses are beginning to ask for IPv6 over their existing Internet connections and for their co-located servers.
Communicate with your peers and vendors about IPv6, and confirm their timelines for production IPv6 services.
Call to ActionInternet Content ProvidersContent must be reachable to newer Internet customers.
Content served only via IPv4 will be accessed by IPv6 customers via transition solutions run by the access providers.
Plan on serving content via IPv6 in addition to IPv4 as soon as possible.
Call to Action Enterprise CustomersMail, web, and application servers must be reachable via IPv6 in addition to IPv4.
Open a dialogue with your Internet Service Provider about providing IPv6 services.
Each organization must decide on timelines, and investment level will vary.
Call to ActionEquipment VendorsThere was probably limited demand for IPv6 in the past.
Demand for IPv6 support will become mandatory very, very quickly.
Introduce IPv6 support into your product cycle as soon as possible.
AwarenessCoordinate with industry
Adopt incentives• Regulatory• Economic
Support and promote awareness and educational activities
Require IPv6-compatibility in procurement procedures
Officially adopt IPv6
Call to ActionGovernment Organizations
IPv6 Adoption NeedsIPv6 address space
IPv6 connectivity (native or tunneled)
Operating systems, software, and network management tool upgrades
Router, firewall, and other hardware upgrades
IT staff and customer service training
Resources– Community Use Slide Deck
– IPv6 Wiki
– Information Page at www.arin.net/knowledge/v4-v6.html
– Outreach Microsite:www.TeamARIN.net
– Social Media at ARINwww.arin.net/social.html
– ARIN Board Resolution
– Letter to CEOs
Learn More and Get InvolvedLearn more about IPv6www.arin.netwww.getipv6.infowww.TeamARIN.net
Get Involved in ARINPublic Policy Mailing ListAttend a Meeting
http://www.arin.net/participate/