[policy-wg] AfriNIC policy: IPv6 for critical infrastructure

JORDI PALET MARTINEZ jordi.palet at consulintel.es
Sun Jun 4 22:55:48 SAST 2006


Hi Frank,

I just submitted a new proposal, which will avoid requiring neither this one
or the PI one that I submitted previously.

The main point is the inexistence of a definition for an end site in the
region under the current IPv6 allocation policy, which is different that
what we have in the rest of the regions.

So what I'm proposing is to allow organizations that are "end-sites", but
need to delegate to their own infrastructure or entities, to become an LIR
and receive a /32.

As the policies need to be approved in a face-to-face meeting, there is not
any harm done having several proposals "competing" for the same goals being
discussed, but I think we should reach a consensus in the list before next
meeting about which one we want to support.

By the way, I will also propose that we remove the requirement to wait for a
face-to-face meeting for moving ahead with a policy if consensus is reached
in the list.

Nevertheless, I will support your policy if needed, but some modifications
are suggested below.

Regards,
Jordi




> De: Frank Habicht <geier-lists-afrinic-policywg at tih.co.tz>
> Responder a: AfriNIC Policy Working Group List <policy-wg at afrinic.net>
> Fecha: Fri, 02 Jun 2006 13:06:26 +0300
> Para: <policy-wg at afrinic.net>
> Asunto: [policy-wg] AfriNIC policy: IPv6 for critical infrastructure
> 
> Your Name:    Frank Habicht
> Your Organisation: TIX / TZ ISP association (ORG-TISP1-AFRINIC)
> Policy Affected: afpol-v6200407-000 and/or afpol-v60604
> Date:  02 / June / 2006
> 
> Proposal: IPv6 assignments for critical infrastructure
> 
> Incentive:
> No IPv6 assignments for critical infrastructure specified yet. Can be
> incorporated in afpol-v6.
> 
> Proposed policy for PI assignments of IPv6 address space does not cater
> for special case of critical infrastructure.
> 
> 1.0 Definitions:
> 
> Critical infrastructure includes Internet Exchange Points, ccTLD DNS
> servers and root DNS servers. The addition of more global root DNS
> servers is unlikely and all present servers are operated by entities
> from outside the AfriNIC area. For the purpose of this policy is is
> proposed to not distinguish between Root and ccTLD DNS servers. It is
> suggested that on request popular SLD operations can also qualify for
> critical infrastructur assignments.

You need to consider that sooner or later, you will get some root server
mirrors deployed in the region, hopefully. Actually I will talk about root
and TLDs in general.

> 
> 
> 2.0 Proposed policy:
> 
> On request AfriNIC assigns IPv6 address ressource to [operators of]
> critical infrastructure. Internet Exchange Points, DNS root server
> operations, DNS ccTLD operations, and popular SLD DNS operations upon
> justification are considered critical infrastructure.

Remove "popular ...", just say "DNS TLDs" of any kind.

> 
> The default assignment size for an Internet Exchange Point shall be a
> /48. Assignments can be larger blocks on request with justification. For
> critical DNS server operations ( root DNS, ccTLD DNS, and SLD DNS with
> justification ) default assignment size is equal to the default
> assignment size for PI assignments of IPv6 address space to End Users
> [as defined in separate policy].

I will suggest not relating both proposals, and instead using /32 by
default. This is the case for critical infrastructures in APNIC and LACNIC
(in LACNIC there is a small difference for IX with usually get allocated a
/48, but they aren't routed, I think that's wrong and we should not go that
way here). RIPE NCC also uses /32 for root servers, but /64 or /48 for IX
(again, assuming they aren't announced). ARIN uses /48 for
micro-allocations.

> 
> Operators of critical infrastructure can obtain ASN assignments from
> AfriNIC. They must be multihomed to do so.

I don't think asking to be multihomed is a good thing in the region. Cost is
high, and may be the SLA allows them to have a single ISP with a sufficient
enough reliability level vs. cost.

> 
> 
> 3.0 Remarks
> 
> IPv6 PI policy proposal (afpol-v60604) specifies temporary assignments
> and no special cases for critical infrastructure.
> 
> 
> 
> _______________________________________________
> policy-wg mailing list
> policy-wg at afrinic.net
> http://lists.afrinic.net/mailman/listinfo.cgi/policy-wg




**********************************************
The IPv6 Portal: http://www.ipv6tf.org

Barcelona 2005 Global IPv6 Summit
Slides available at:
http://www.ipv6-es.com

This electronic message contains information which may be privileged or confidential. The information is intended to be for the use of the individual(s) named above. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, including attached files, is prohibited.






More information about the policy-wg mailing list