2010-07 New Policy Proposal (Ambiguity cleanup on IPv6 Address Space Policy for IXP)
Dear Colleagues, A proposed change to RIPE Document is now available for discussion. You can find the full proposal at: http://www.ripe.net/ripe/policies/proposals/2010-07.html We encourage you to review this proposal and send your comments to <address-policy-wg@ripe.net> before 17 November 2010. Regards Emilio Madaio Policy Development Officer RIPE NCC
Hi, [ Copied to EIX-wg, since this policy affects assignments to Internet Exchange Points specifically ] On 19 Oct 2010, at 16:00, Emilio Madaio wrote:
You can find the full proposal at:
http://www.ripe.net/ripe/policies/proposals/2010-07.html
We encourage you to review this proposal and send your comments to <address-policy-wg@ripe.net> before 17 November 2010.
I think that 'open' in the document right now, means 'we are open about the policy for joining', not 'the exchange is open to anyone to join'. Is this the feeling ? If so, the policy should read "there must be a clear and documented policy for others to join", rather than a removal of the requirement for there to be a policy ? Now that IPv6 PI is available to all networks, in addition to Internet Exchange Points, perhaps we do not need to have a special policy for IXPs at all, but I see possible future value in IXPs sitting inside 2001:7f8/32, so I think it should remain. Best wishes, Andy Davidson (Hats: EIX-wg co-chair, uk.dev, LONAP, IXLeeds)
Hi Andy, thanks for forwarding to EIX. We'll discuss this proposal (and the wider topic "how do we want the policy to be?") in the Wednesday APWG time slot in Rome (Thursday APWG time slot conflicts with EIX, which would be non-helpful). Since both of the listed authors of the current RIPE document regarding IPv6 assignments to IXPs are reading this list :-) - Timothy and Leo, could you briefly comment how you remember the intent of the policy? thanks, Gert Doering, APWG chair On Thu, Oct 21, 2010 at 03:18:35PM +0100, Andy Davidson wrote:
Hi,
[ Copied to EIX-wg, since this policy affects assignments to Internet Exchange Points specifically ]
On 19 Oct 2010, at 16:00, Emilio Madaio wrote:
You can find the full proposal at:
http://www.ripe.net/ripe/policies/proposals/2010-07.html
We encourage you to review this proposal and send your comments to <address-policy-wg@ripe.net> before 17 November 2010.
I think that 'open' in the document right now, means 'we are open about the policy for joining', not 'the exchange is open to anyone to join'. Is this the feeling ?
If so, the policy should read "there must be a clear and documented policy for others to join", rather than a removal of the requirement for there to be a policy ?
Now that IPv6 PI is available to all networks, in addition to Internet Exchange Points, perhaps we do not need to have a special policy for IXPs at all, but I see possible future value in IXPs sitting inside 2001:7f8/32, so I think it should remain.
Best wishes, Andy Davidson (Hats: EIX-wg co-chair, uk.dev, LONAP, IXLeeds)
-- did you enable IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279
On Oct 25, 2010, at 7:16 AM, Gert Doering wrote: […]
Since both of the listed authors of the current RIPE document regarding IPv6 assignments to IXPs are reading this list :-) - Timothy and Leo, could you briefly comment how you remember the intent of the policy?
My memory of the intention was that the exchange should be open to new members who could meet a set of technical requirements documented in a corporate policy. The kind of requirements we anticipated were things like: - 24/7 NOC - Assigned a unique AS Number - Assigned or allocated address space - Routing policy published in an IRR database It was not intended that the requirements be onerous. The goal was to make sure that membership was available to network operators in general rather than being available to an elite clique. HTH, Leo Vegoda
On Mon, 25 Oct 2010, Leo Vegoda wrote:
The kind of requirements we anticipated were things like:
- 24/7 NOC - Assigned a unique AS Number - Assigned or allocated address space - Routing policy published in an IRR database
It was not intended that the requirements be onerous. The goal was to make sure that membership was available to network operators in general rather than being available to an elite clique.
I haven't been involved in this discussion, but just to bring an outside perspective into it.. Why should an exchange run a 24x7 NOC or not be entitled to restrict who can peer over it? I realise most European exchanges are mutual (and I hope it stays that way), but we shouldn't be making it more difficult for someone to either start an exchange nor restrict their ability to run it. Having IRR registered routes is far more important than how a business wants to run its internal affairs. Regards, Sebastien. (for transparency: I am a director of a mutual exchange which already has an IPv6 block; but these views are strictly my own, etc.)
Hi, On Mon, Oct 25, 2010 at 04:44:52PM +0100, Sebastien Lahtinen wrote:
Why should an exchange run a 24x7 NOC or not be entitled to restrict who can peer over it?
Well, from what I recall at that time, people were afraid that this would become a "cheap way to get IPv6 PI" (which wasn't otherwise available yet) - just find two friends with an AS number, declare yourself an IXP, and get your prefix. Nowadays, IPv6 PI exists, and the IXP landscape has changed as well - which is why I want to re-open the discussion "how should the IPv6 IXP policy look like?" at the next RIPE meeting's address policy WG meeting. Input from the IXP folks is more than welcome, of course. You help us define "what is an IXP?", we make a policy that works for you... :-) Gert Doering -- AWPG chair -- did you enable IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279
On 25 Oct 2010, at 16:52, Gert Doering wrote:
Input from the IXP folks is more than welcome, of course. You help us define "what is an IXP?", we make a policy that works for you... :-)
I am in favour of light touch policy - let each ixp have some simple/relevant rules on connection (which will always have to be specific to their own market, region, culture), write the rules down, and follow them. If you have a policy which is enforced equally, then for the purpose of this policy, it is 'open' - because the ixp is open about the policy. In terms of the policy, my current preference is 'there must be a clear and documented policy'. My second preference is the wording suggested by Emilio. My last preference is the current wording. -- Best wishes Andy Davidson eix-wg co-chair, personal capacity.
Hi Seb, On 25 Oct 2010, at 8:44, Sebastien Lahtinen wrote:
On Mon, 25 Oct 2010, Leo Vegoda wrote:
The kind of requirements we anticipated were things like:
- 24/7 NOC - Assigned a unique AS Number - Assigned or allocated address space - Routing policy published in an IRR database
It was not intended that the requirements be onerous. The goal was to make sure that membership was available to network operators in general rather than being available to an elite clique.
I haven't been involved in this discussion, but just to bring an outside perspective into it..
Why should an exchange run a 24x7 NOC or not be entitled to restrict who can peer over it? I realise most European exchanges are mutual (and I hope it stays that way), but we shouldn't be making it more difficult for someone to either start an exchange nor restrict their ability to run it. Having IRR registered routes is far more important than how a business wants to run its internal affairs.
I think I may not have been clear. The requirements I listed above (as examples only) were the kind of thing I expected exchanges to require of prospective members. Of course, an exchange might decide that 24/7 NOC isn't sufficiently important to be a requirement but as long as its policy didn't impose it on some (potential) members but not others that would be fine. The language was written at a time where there was no policy allowing IPv6 PI space and there was a concern that IXP prefixes might be seen as an alternative. But now there is an IPv6 PI policy it makes sense to revisit the language and make it less onerous if it is causing problems for groups starting new IXPs. I've read the proposed change and it seems reasonable to me but I'm certainly not an IXP expert. Regards, Leo
On Oct 25, 2010, at 8:25 PM, Leo Vegoda wrote:
Hi Seb,
On 25 Oct 2010, at 8:44, Sebastien Lahtinen wrote:
On Mon, 25 Oct 2010, Leo Vegoda wrote:
The kind of requirements we anticipated were things like:
- 24/7 NOC - Assigned a unique AS Number - Assigned or allocated address space - Routing policy published in an IRR database
It was not intended that the requirements be onerous. The goal was to make sure that membership was available to network operators in general rather than being available to an elite clique.
I haven't been involved in this discussion, but just to bring an outside perspective into it..
Why should an exchange run a 24x7 NOC or not be entitled to restrict who can peer over it? I realise most European exchanges are mutual (and I hope it stays that way), but we shouldn't be making it more difficult for someone to either start an exchange nor restrict their ability to run it. Having IRR registered routes is far more important than how a business wants to run its internal affairs.
I think I may not have been clear. The requirements I listed above (as examples only) were the kind of thing I expected exchanges to require of prospective members. Of course, an exchange might decide that 24/7 NOC isn't sufficiently important to be a requirement but as long as its policy didn't impose it on some (potential) members but not others that would be fine.
The language was written at a time where there was no policy allowing IPv6 PI space and there was a concern that IXP prefixes might be seen as an alternative. But now there is an IPv6 PI policy it makes sense to revisit the language and make it less onerous if it is causing problems for groups starting new IXPs.
I've read the proposed change and it seems reasonable to me but I'm certainly not an IXP expert.
The definition of an Exchange goes back to a discussion in June 2001. http://www.ripe.net/ripe/maillists/archives/eix-wg/2001/msg00029.html The intention of the "clear and open" was to make sure that the rules to join the exchange were there for everyone, whatever the rules were. Wether you needed an AS number or the existing membership had to vote for new members to join or whatever. As long as this was written down somewhere for everyone to take notice of. As far as I am concerned the definition is clear and should not have been an obstacle for denying IPv6 address space to an Exchange. However if leaving out the word "open" as proposed in the change makes applying the policy less sensitive to the arbitrary ruling of a hostmaster it makes sense to do so. - Henk Steenman
On Oct 25, 2010, at 8:25 PM, Leo Vegoda wrote:
Hi Seb,
On 25 Oct 2010, at 8:44, Sebastien Lahtinen wrote:
On Mon, 25 Oct 2010, Leo Vegoda wrote:
The kind of requirements we anticipated were things like:
- 24/7 NOC - Assigned a unique AS Number - Assigned or allocated address space - Routing policy published in an IRR database
It was not intended that the requirements be onerous. The goal was to make sure that membership was available to network operators in general rather than being available to an elite clique.
I haven't been involved in this discussion, but just to bring an outside perspective into it..
Why should an exchange run a 24x7 NOC or not be entitled to restrict who can peer over it? I realise most European exchanges are mutual (and I hope it stays that way), but we shouldn't be making it more difficult for someone to either start an exchange nor restrict their ability to run it. Having IRR registered routes is far more important than how a business wants to run its internal affairs.
I think I may not have been clear. The requirements I listed above (as examples only) were the kind of thing I expected exchanges to require of prospective members. Of course, an exchange might decide that 24/7 NOC isn't sufficiently important to be a requirement but as long as its policy didn't impose it on some (potential) members but not others that would be fine.
The language was written at a time where there was no policy allowing IPv6 PI space and there was a concern that IXP prefixes might be seen as an alternative. But now there is an IPv6 PI policy it makes sense to revisit the language and make it less onerous if it is causing problems for groups starting new IXPs.
I've read the proposed change and it seems reasonable to me but I'm certainly not an IXP expert.
The definition of an Exchange goes back to a discussion in June 2001. http://www.ripe.net/ripe/maillists/archives/eix-wg/2001/msg00029.html The intention of the "clear and open" was to make sure that the rules to join the exchange were there for everyone, whatever the rules were. Wether you needed an AS number or the existing membership had to vote for new members to join or whatever. As long as this was written down somewhere for everyone to take notice of. As far as I am concerned the definition is clear and should not have been an obstacle for denying IPv6 address space to an Exchange. However if leaving out the word "open" as proposed in the change makes applying the policy less sensitive to the arbitrary ruling of a hostmaster it makes sense to do so. - Henk Steenman
On Mon, 25 Oct 2010, Leo Vegoda wrote:
- 24/7 NOC - Assigned a unique AS Number - Assigned or allocated address space - Routing policy published in an IRR database
I think I may not have been clear. The requirements I listed above (as examples only) were the kind of thing I expected exchanges to require of prospective members.
Ah, thanks.. That puts it in somewhat of a different perspective. I'll climb back into my hole :) seb
Hello, Yes as I recall the intention of that point was that the IXP be open to all who wished to join. The main policy discussion revolved around the definition of an exchange point and then that the IXP be open to any who wish to join. The policy has also been interpreted in this way in the past as far as I am aware. As Leo mentioned IPv6 PI was not supported then so the goal was to ensure only IXPs would receive the address block and then only for IXP purposes. Best Regards, Timothy Lowe RIPE NCC Staff On Oct 25, 2010, at 5:00 PM, Leo Vegoda wrote:
On Oct 25, 2010, at 7:16 AM, Gert Doering wrote:
[…]
Since both of the listed authors of the current RIPE document regarding IPv6 assignments to IXPs are reading this list :-) - Timothy and Leo, could you briefly comment how you remember the intent of the policy?
My memory of the intention was that the exchange should be open to new members who could meet a set of technical requirements documented in a corporate policy. The kind of requirements we anticipated were things like:
- 24/7 NOC - Assigned a unique AS Number - Assigned or allocated address space - Routing policy published in an IRR database
It was not intended that the requirements be onerous. The goal was to make sure that membership was available to network operators in general rather than being available to an elite clique.
HTH,
Leo Vegoda
On Oct 26, 2010, at 11:40 AM, Timothy Lowe wrote:
Hello,
Yes as I recall the intention of that point was that the IXP be open to all who wished to join. The main policy discussion revolved around the definition of an exchange point and then that the IXP be open to any who wish to join.
An Exchange point is never open to all who wish to join. There are always some kind of restrictions, even if limited to being a registered company or having an AS. - Henk Steenman
The policy has also been interpreted in this way in the past as far as I am aware. As Leo mentioned IPv6 PI was not supported then so the goal was to ensure only IXPs would receive the address block and then only for IXP purposes.
Best Regards, Timothy Lowe RIPE NCC Staff
On Oct 25, 2010, at 5:00 PM, Leo Vegoda wrote:
On Oct 25, 2010, at 7:16 AM, Gert Doering wrote:
[…]
Since both of the listed authors of the current RIPE document regarding IPv6 assignments to IXPs are reading this list :-) - Timothy and Leo, could you briefly comment how you remember the intent of the policy?
My memory of the intention was that the exchange should be open to new members who could meet a set of technical requirements documented in a corporate policy. The kind of requirements we anticipated were things like:
- 24/7 NOC - Assigned a unique AS Number - Assigned or allocated address space - Routing policy published in an IRR database
It was not intended that the requirements be onerous. The goal was to make sure that membership was available to network operators in general rather than being available to an elite clique.
HTH,
Leo Vegoda
On 21/10/2010 15:18, Andy Davidson wrote:
Now that IPv6 PI is available to all networks, in addition to Internet Exchange Points, perhaps we do not need to have a special policy for IXPs at all, but I see possible future value in IXPs sitting inside 2001:7f8/32, so I think it should remain.
From the point of view of keeping the rules short and sweet, I would see value in scrapping both RIPE-233 (ipv6 for root servers) and RIPE-451 (ipv6 for IXPs), and take their essence into the "IPv6 Address Allocation and Assignment Policy" policy document. It would certainly be possible to note
On the question at hand, the RIPE NCC's interpretation of the word "open" has caused a lot of trouble. It would probably be better to remove it rather than keep it. that the RIPE NCC may assign IXPs space from certain netblocks. But in the general case, duplication of policy documents is not useful. Nick
* andy@nosignal.org (Andy Davidson) [Thu 21 Oct 2010, 16:40 CEST]:
On 19 Oct 2010, at 16:00, Emilio Madaio wrote:
http://www.ripe.net/ripe/policies/proposals/2010-07.html [..]
Now that IPv6 PI is available to all networks, in addition to Internet Exchange Points, perhaps we do not need to have a special policy for IXPs at all, but I see possible future value in IXPs sitting inside 2001:7f8/32, so I think it should remain.
IPv6 PI won't work for IXPs as numbers need to be handed out to connected parties, which is not allowed for PIv6 (in contrast to PIv4 under INFRA-AW). -- Niels. -- "It's amazing what people will do to get their name on the internet, which is odd, because all you really need is a Blogspot account." -- roy edroso, alicublog.blogspot.com
On 27 okt 2010, at 13:15, niels=apwg@bakker.net wrote:
* andy@nosignal.org (Andy Davidson) [Thu 21 Oct 2010, 16:40 CEST]:
On 19 Oct 2010, at 16:00, Emilio Madaio wrote:
http://www.ripe.net/ripe/policies/proposals/2010-07.html [..]
Now that IPv6 PI is available to all networks, in addition to Internet Exchange Points, perhaps we do not need to have a special policy for IXPs at all, but I see possible future value in IXPs sitting inside 2001:7f8/32, so I think it should remain.
IPv6 PI won't work for IXPs as numbers need to be handed out to connected parties, which is not allowed for PIv6 (in contrast to PIv4 under INFRA-AW).
As long as it's one address per customer out of a shared block it's allowed as being infrastructure. What you are not allowed to do is to assign a /64 to each customer, but I don't see a reason for an IXP to do that anyway. MarcoH
As long as it's one address per customer out of a shared block it's allowed as being infrastructure. What you are not allowed to do is to assign a /64 to each customer, but I don't see a reason for an IXP to do that anyway.
Been corrected off-list, apparently this is not the case. MarcoH
participants (10)
-
Andy Davidson
-
Emilio Madaio
-
Gert Doering
-
Henk Steenman
-
Leo Vegoda
-
Marco Hogewoning
-
Nick Hilliard
-
niels=apwg@bakker.net
-
Sebastien Lahtinen
-
Timothy Lowe