<p dir="ltr">+++1 i am fully behind this one.</p>
<p dir="ltr">Cheers</p>
<p dir="ltr">Noah</p>
<div class="gmail_quote">On 29 Oct 2014 17:07, "Frank Habicht" <<a href="mailto:geier@geier.ne.tz">geier@geier.ne.tz</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hello all,<br>
<br>
please find this proposed policy, which we (3 co-authors) have submitted to<br>
the pdpwg last week:<br>
<br>
Resource Reservation for Internet Exchange Points<br>
<br>
Author(s):<br>
a) Frank Habicht, Tanzania Internet Exchange<br>
b) Michuki Mwangi, Internet Society/KIXP<br>
c) Nishal Goburdhan, Packet Clearing House/JINX<br>
<br>
1) Summary of the Problem being addressed by this proposal<br>
<br>
This policy reserves IPv4 and 2-byte ASNs resources for public Internet<br>
Exchange Points (IXPs) in the African region, ensuring that there would be<br>
discrete IPv4 resources to allow the establishment and growth of future IXPs.<br>
<br>
<br>
2) Summary of How this Proposal Addresses the Problem<br>
<br>
This policy requests AfriNIC to reserve, and publish IPv4 resources, and<br>
2-byte ASNs for use by IXPs only.<br>
<br>
<br>
3) Proposal<br>
<br>
3.1 Introduction<br>
<br>
It is widely considered that Internet Exchange Points (IXPs) are one of the<br>
critical elements needed for Internet economies to develop. Africa is still<br>
in the process of developing these, and is, at the same time, faced with<br>
the imminent exhaustion of its IPv4 resources. Not having IPv4 addresses to<br>
grow, or start new, IXPs would create unnecessary and unneeded routing<br>
complexity for Internet connected networks, looking to peer at IXPs to<br>
further their network scope. AfriNIC already has an existing policy to make<br>
allocations to IXPs [1], but that policy does not specifically reserve IPV4<br>
space to ensure that there will be such, for future IXPs to grow and<br>
develop. Additionally, this policy reserves a set of 2-byte ASNs for use by<br>
IXPs for use at IXP BGP Route Servers.<br>
<br>
<br>
3.2 Distinction between IXP peering and management networks<br>
<br>
We distinguish between two kinds of IP address resources needed and used at<br>
IXPs. An IXP peering LAN is the contiguous network address block that the<br>
IXP would use to assign unique IP addresses to each peering member, for<br>
each peering participant to exchange network traffic across the shared<br>
peering infrastructure. Best practice has the IXP peering LAN *not* being<br>
visible in a view of the global routing table, among other things to reduce<br>
the attack vectors for ISP border routers via the IXP.<br>
<br>
>From a network identification, monitoring and analysis perspective, it is<br>
thus desirable, that the "peering LAN" space be provided from a contiguous<br>
block. The IXP management LAN is the management network that the IXP uses<br>
to provision services at the IXP, like monitoring, statistics, mail, ticket<br>
systems, provisioning of transit to DNS Roots, etc.<br>
<br>
Management networks, are meant to be reachable globally, for instance to<br>
publish data and allow remote access for common good network infrastructure<br>
(such as root and TLD DNS servers) and research projects.<br>
<br>
<br>
3.3 BGP Route Servers use<br>
<br>
Typically IXPs use BGP route servers to help manage peering sessions<br>
between different participants. The route servers implement IXP routing<br>
policy in the form of BGP communities, typically in the form of A:B, where<br>
A,B represent A=IXP BGP route server and B=participant ASN. Current BGP<br>
implementations utilise 6 bytes for the extended community attribute<br>
[RFC5668]. Therefore, an IXP with a 4-byte ASN in use at its route server<br>
would not be able to successfully implement the A:B BGP community mapping,<br>
if an IXP participant has a 4-byte ASN. This situation is likely to be<br>
experienced by more IXPs, as additional 4-byte ASNs are allocated through<br>
the current AfriNIC process.<br>
<br>
If, IXP route server communities include the IXP ASN and the peer's ASN<br>
(expected to be 4-byte), and a total of only 6 bytes are available, it<br>
follows that IXP route servers ASN could not be longer than a 2-byte ASN.<br>
<br>
<br>
3.4 Proposal<br>
<br>
To ensure that there are sufficient resources for IXPs to develop, this<br>
policy proposes that AfriNIC reserve IPv4 addresses for IXP peering LANs<br>
out of an address block marked particularly, and exclusively, for IXP<br>
peering LAN use. Assignments for IXP peering LANs must be from one<br>
dedicated block, published as such by AfriNIC. Assignments for IXP<br>
management addresses should NOT be provided from the same block as the IXP<br>
peering LANs.<br>
<br>
It is proposed that a /16 block be reserved for future requirements for IXP<br>
peering LANs in the AfriNIC service region, and that AfriNIC publish this<br>
block as such.<br>
<br>
It is further proposed to reserve the equivalent of an additional /16 block<br>
for IXP management prefixes, separate from the peering LANs. It is proposed<br>
that AfriNIC reserves a block of 2-byte ASNs for use in BGP route servers<br>
at IXPs in the AfriNIC service region.<br>
<br>
The number of ASNs to be reserved should be the larger of 114, or half of<br>
the remaining 2-byte ASNs within AfriNIC's block at the date of<br>
ratification of this policy.<br>
<br>
AfriNIC will allocate these resources on a first come first served basis.<br>
<br>
<br>
3.5 Evaluation criteria<br>
<br>
This policy does not suggest new evaluation criteria for what determines a<br>
valid IXP.<br>
<br>
<br>
4.0 References<br>
<br>
[1] AfriNIC Policy for End User Assignments - AFPUB-2006-GEN-001<br>
<a href="http://afrinic.net/en/library/policies/127-afpub-2006-gen-001" target="_blank">http://afrinic.net/en/library/policies/127-afpub-2006-gen-001</a> Sections 5)<br>
and 6)<br>
<br>
<br>
<br>
<br>
Note: proposal also available at<br>
<a href="http://www.afrinic.net/en/community/policy-development/policy-proposals/1231-resource-reservation-for-internet-exchange-points" target="_blank">http://www.afrinic.net/en/community/policy-development/policy-proposals/1231-resource-reservation-for-internet-exchange-points</a><br>
<br>
<br>
Regards,<br>
Frank<br>
_______________________________________________<br>
rpd mailing list<br>
<a href="mailto:rpd@afrinic.net">rpd@afrinic.net</a><br>
<a href="https://lists.afrinic.net/mailman/listinfo.cgi/rpd" target="_blank">https://lists.afrinic.net/mailman/listinfo.cgi/rpd</a><br>
</blockquote></div>