On Saturday, October 22, 2016, Sander Steffann <sander@steffann.nl> wrote:
Now, the problem is that we never properly defined what a sub-assignment in this context is. Just based on the language, every case where I tell you to use an address is an assignment. If I were to give you a bit of paper that says "you can use 2001:db8::1" then that is an assignment. I just assigned 2001:db8::1 to you. (Yes, we could get into the discussion that SLAAC isn't technically an assignment in this context but stateful DHCPv6 is, but let's not go there). Basically, under the current policy, based on the English language, letting any 3rd party use your IPv6 PI address space is a violation of the policy.
I agree this needs to be fixed.
What this policy tries to define is what sub-assignment, and define it as a /64 or more. So letting 3rd parties connect to your WiFi (which will assign them a couple of addresses) is fine, as is letting someone host a server on your network. But you're not allowed to give them their own /64 or more. If you do that then (under the proposed policy text) you are sub-assigning, which isn't allowed.
Basically, what is proposed is: assigning separate addresses is fine, whole subnets is not.
I think this is the right approach. +1 for support.
One of the things I would like to see discussed here is whether the current text is doing what it is supposed to. Is putting a limit at /64 a good criterium? I could comments like "this encourages people to make non-/64 subnets" etc. On the other hand, say we would instead write in the policy that assigning subnets to 3rd parties isn't allowed no matter which size, would that make /127 point-to-point connections impossible?
I would be fine with /64 as the criterion, with the intention to revise the policy at some point if people abuse the policy (and their customers) by assigning subnets longer/smaller than /64. I would also be fine with something like "any assignment shorter/larger than /126" to make sure PtP links aren't covered, but any usable assignment would be. That might also discourage use of /112s for PtP links, though, which I don't have any problem with. I think on balance, the /64 cutoff is a reasonable starting point that could be adjusted later if needed.
Speaking as a chair: this issue has been around for a long time, and it keeps coming up. Without us (this WG) giving extra guidance to the RIPE NCC their interpretation of what we mean by "sub-assignment" can only be based on the English language, where assignment without any further qualification/quantification means *any* assignment, even if it's just a single address. So I would like to properly define in policy what we as a working group would like to happen.
+1 -Scott