Hi Daniel, Op 4 jul. 2014, om 17:00 heeft Daniel Baeza (Red y Sistemas TVT) <d.baeza@tvt-datos.es> het volgende geschreven:
El 04/07/2014 13:53, Gert Doering escribió:
How can RIPE NCC IPRAs verify that these requirements are met?
How can you prevent abuse? (Like, "all 1024 addresse must respond to ping!" - that's more easily achieved by faking it than if you connect real customers that have firewalls...)
Rulese need to be a) easily verifable for someone not at your network, and b) not so easy to just circumvent.
Is that the only problem? Was hoping more... :)
Probably no the only one, just the first one :) It's one of the major problems here. Almost everybody has need for more addresses, so there need to be clear and implementable rules about what is 'enough need'. Is 'I have 500 customers that don't want to be behind NAT' good enough?
How was it done before? How ppl used to prove they needed more space?
Show which assignments you are going to make, why the assignments need to be the size you give them (how many devices are connected etc). Most of the policy for this has been removed as the need to document all this became an unnecessary bureaucratic burden when the current policy gives every LIR a fixed /22 allocation if they need any IPv4 addresses anyway. See http://www.ripe.net/ripe/policies/proposals/2013-03 for the clean-up policy. One of the things people seem concerned about is re-introducing that bureaucratic burden again. Because how can you prove you need more than a /22 when you don't have to justify how you used the /22? You could then just use up the /22 in any way you like and then demand 'I now need more'. There are more side effects to giving LIRs more than a single /22 than you think :) Cheers, Sander