On Wed, 2006-06-07 at 12:54 -0700, David Conrad wrote:
Jordi,
Unlurking from the sidelines and speaking only for myself, some comments on your proposal:
[..]
Can you identify an organization that does not want to avoid renumbering or which might not identify a need to be multihomed?
Nobody wants to renumber. Simple fact. You can renumber your home, but anything where more than say (random number) 20+ machines are involved is a mess, especially when you don't have all the factors in your own control: routing, dns (at remote places), firewall entries (at remote places) etc etc etc. Thus avoiding renumbering is a thing that everybody wants. As such every organisation in whatever form will want to have their own address space at a certain point. Unless you want to force NAT down everybodies throat, but that will only end up in more problems anyway, and while they might not be our problems, a bit of empathy on their side is nice too :) For current ISP type organisations there should not be a problem for getting a plan for 200 sites. But if you are only your own office and you want your own web/mail/...- servers then you are never going to be that large, even if you plan for it. That is why they need a *seperate* policy, or at least seperate in wording from the current one. The whole problem with these policies is that they seem more targetted at "Routes" and not at "Address Space". Currently one can request a /31 and simply give one half of it (a /32) to somebody else. Two companies happy under the hat of one LIR and filtering won't affect this either as most people either filter >/48 or >/32. That said, IMHO there should be the availability of address space to anybody who can show a demand for it, thus: /32 and larger for ISP's, thus companies that (plan to) provide connectivity to other sites. This is the current policy. This allows every such ISP to grow for quite some time, even if they are small. They pay a LIR fee every year, thus they won't simply get it and not use it, there will be a business case to get it in the first place. a /48 or larger for non-ISP's, thus endsites and the like. To get these you don't become a full LIR, but you do pay a substantial yearly fee to make sure that one really needs it. If you are too small that you can't cough up a certain amount of money you won't easily be able to buy and maintain (personal costs) the correct equipment for running the connectivity anyway (but that is my pov) Everyone who really needs it thus should be able to get address space. But the amount of address space SHOULD measure up to the amount that will actually be used. Wasting space does not make sense, unless you want our children's children to complain about those filthy people who stole all the address space when there was still plenty. (okay there are about 7 tries left after 2000::/3 is used... Routing policy wise: I am being a bit mean here as above I state that routing and addressing are seperate. Also note that none of the RIR's can force anybody to accept any kind of routing policy whatsoever, though one might be inclined to play along the nice rules. (That said, if anybody with some value would steal say 666::/32 and simply use it then most likely it will simply work as long as your network is important enough that the others have to accept it otherwise they would loose customers. It is just not 'nice' to do, but it can be done by a few if they wanted it) The /32's are PA, as such they SHOULD not be deaggregated as such only the /32 and up should pop up in the routing tables. The /48's are PI, as such these can pop up in the size allocated. There is one large issue with this though. Say you are Company XYZ. You have an office in London and one in Beijing and a couple of others. To keep firewall rules simple you want the same block, as you can then filter on 2001:db8::/40. Thus you announce the /40 in one go. Your webservers though are in the London office. Thus when some person in China goes to the website, the traffic flows to Beijing, as that is the best announcement that will be received in that area. This thus means that you will have to accept and forward yourself (with some magic or an internal/private network) all this traffic over your small 2mbit line to London. As such this gives a load of issues and one will be inclined quickly to announce the /48's seperatly per office. The same goes for the PA space of course as at a certain point you will want to do a bit more Traffic Engineering and at the moment the only way to do this is to announce more specifics in BGP. There is potential (note that I write potential ;) problem that could arise, being that the routing table size becomes very large. There is one nice side-effect to this. Lets say that 500.000 allocations will be made. That means that RIPE will receive: 500.0000 * 2000 EUR yearly. That should allow for some good people to get an incentive to build some nice routing setup that also scales to that magnitude... Greets, Jeroen