Search RPD Archives
[AfriNIC-rpd] Proposal: Out of region sales of IPv4 space
Andrew Alston
aa at tenet.ac.za
Sun Feb 13 15:16:28 UTC 2011
Hi Walu,
I have just submitted a revised policy to the policy-submission address and
as soon as I have a proper policy number, it will be posted here.
But let me attempt to explain the spirit of the policy.
You are right in some sense that I implied we have no other choice, and at
this point, I honestly do believe that to be the case, and I¹ll attempt a
further explanation of why in a second. As to fixing it, there is a fix in
the works, however, the email that I will send to the list following this
one will appeal to our community to reject that so called fix in its current
form because its far more dangerous and creates far more problems than it
would ever solve (keep an eye out for my emails to follow on the currently
proposed RPKI stuff)
Now, to get back to what I said in the original proposal, lets analyze this
for a second:
A.) We know that we are going to have space available for allocation long
after the rest of the world runs out (with the exception perhaps of the
LACNIC region), and a fair amount of space at that
B.) When the other RIR¹s run out of space, people are going to have no
alternative but to either look at IPv6 or make grabs at other available IPv4
space (and I suspect in some cases grabs at ³not so available IPv4 space²)
C.) In the case of the former mentioned in point (B), we will start seeing
services available ONLY on IPv6, and as a result, the value of IPv4
addresses will start decreasing, they will have less and less reach on the
global internet.
D.) In the case of the latter, the more you have available that isn¹t being
used, the higher the chance that it gets hijacked/taken/whatever.
Now, we have a policy currently ratified (the soft landing policy), which
says that IP address space assigned under that policy must be announced 90%
in the african region or the space gets revoked, so lets hold up for a
second and analyze what this means.
A.) For a policy to have any substance beyond a statement of intent requires
that the policy can be enforced. Enforcement of the 90/10 rule is, in my
opinion, nigh impossible for the following reasons
A.1.) How do you determine the geographic location of an announcement?
Judging by latency, reverse dns entries on routers, traceroutes etc, are all
non-starters (You cannot use any of the above for definitive geographic
location)
A.2.) How do you define what is ³used² on the african continent. What is
stopping someone taking a 56k line to europe, doing his network statements
in africa (at this point the space is announced from within the region),
doing some next-hop rewrites in europe, and now using his space as he wants
in the european region as he wants?
A.3.) Does AfriNIC have the resources, time, people, money etc for policy
enforcement?
A.4.) If the policy is not adhered to, and the space is withdrawn, is that
withdrawl of space from a large entity really doable? With the current
state of IRR and the fact that routing registry entries can be inserted in a
number of recognized databases by virtually anyone, this could result in
long and protracted battles, and at best, you might end up with a partial
return of the space if the person allocated the space decides to dig their
heels in. Space that has been ³hijacked² in this manner could not be
reliably allocated to anyone else with them being guaranteed full
reachability when they use it.
B.) The question needs to be asked, by the time the soft landing policy
kicks in (when we are down to a single /8), will the rest of the world still
be completely dual-stacked, or will we have started to see a lot of IPv6
only addresses appearing. If the latter is the case, the space is now
getting worth less and less, and in effect, we have held onto space that
could have been used faster and to the benefit of the african community
through the proposal as outlined, rather than letting it lie there unused
until there was little point to it any more.
C.) IANA is already working on policies to allow for inter-RIR IP space
transfer, how long before the rest of the world starts demanding AfriNIC
return its resources because we¹re not using them fast enough, and once
again, the resources are gone from africa without ANY benefit to the african
community?
D.) Considering the points in (A), how will AfriNIC verify that a company
requesting IP space and membership in AfriNIC is nothing more than a shell
company created in Africa PURELY for the purposes of taking IP Space outta
the continent? How is AfriNIC going to verify that the company is actually
doing legitimate business on the African continent enough to justify that
space and using it here? And how do we plan to deal with large African
companies that have huge international holdings out of the region? Deny the
AFRICAN company space because the other RIR¹s have run out of space, and
force the AFRICAN company to stop global expansion because we don¹t want our
IP space used off continent? Doesn¹t that rather fly in the face of the
ideal of benefiting the African community?
Yes, its nice to be idealistic and say we can fix the problems and keep the
resources, but reality says, even if there are fixes for these problems,
they are not fixes that can be implemented in time to stop the grabbing of
IP resources. Further more, the question needs to be asked, do we really
want to be creating the illusion that IPv4 can last for so many more years
on the African continent when the reality is, the value of IPv4 space is
directly proportional to how much of the rest of the world is reachable
using that space. As the rest of the world runs out, we need to realize
that we need to move on, stop looking for ways to drag out the inevitable
and call a spade a spade, IPv4 is at its end of life. As such, to avoid the
psychological illusion that we have loads of it that will last for years,
lets reduce that, spread it out with the foreign entities and at the same
time benefit as the African community from doing so.
A resource that will never get used is worthless, a resource that will
inevitably get stolen if you don¹t find a way to regulate that is better off
distributed for some gain before that happens.
I would LOVE to hear the counter arguments that give solid answers as to how
the problem can be addressed to avoid the situation I describe above, but as
of yet, and after speaking to many people, I have yet to hear anything that
shows a solution. So, let us profit from what we have, and use the money
generated to promote something that has some longevity, rather than ending
up with nothing.
Just my thoughts
Andrew
On 2011/02/13 3:59 PM, "Walubengo J" <jwalu at yahoo.com> wrote:
> McTim,
>
> 1st, this being a "policy" platform, i would appreciate less abreviations and
> more straight english. SL, AFAIK, etc can only serve to increase confusion
> ;-).
>
> 2ndly, I do appreciate the bit about "out of africa" operators needing abit of
> afrinic resources - for interconnection purposes. Might that be your second
> point?
>
> what i dont understand is the insinuation that Afrinic should accept a policy
> proposal on the simple reason that they have NO choice...I would rather we
> address such a weakness rather than accept policies to re-inforce the same.
>
> walu.
> nb: am not saying am against the proposed proposa. that would be premature
> since I still dont understand the spirit behind the summary statement in the
> proposed policy.
>
> --- On Sat, 2/12/11, McTim <dogwallah at gmail.com> wrote:
>>
>> From: McTim <dogwallah at gmail.com>
>> Subject: Re: [AfriNIC-rpd] Proposal: Out of region sales of IPv4 space
>> To: "Walubengo J" <jwalu at yahoo.com>
>> Cc: rpd at afrinic.net, "Graham Beneke" <graham at apolix.co.za>
>> Date: Saturday, February 12, 2011, 2:48 PM
>>
>>
>>
>> On Sat, Feb 12, 2011 at 1:47 PM, Walubengo J <jwalu at yahoo.com
>> </mc/compose?to=jwalu at yahoo.com> > wrote:
>>> Could someone explain the summary bit that I have highlighted - does it mean
>>> the african region has no way of protecting its IP resources?
>>>
>>> We have the SL policy. AFAIK, no other region has placed such a restriction
>>> on its resources.
>>>
>>> Sometimes folk have good reasons to use addresses in Region B and C, even
>>> though they were obtained in region A. If a compnay has a global network
>>> for example, is it fair to make them become 5 different LIRs, one in each
>>> region? It also helps in aggregation to have fewer blocks allocated to
>>> large networks.
>>>
>>> What drc has pointed out is that it is non-trivial to determine where
>>> resources are used.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.afrinic.net/pipermail/rpd/attachments/20110213/01950920/attachment.html>
More information about the RPD
mailing list