1 of 23
Internet Governance
Richard Jimmerson
Chief Information Officer
5 of 23
6 of 23
7 of 23
8 of 23
9 of 23
Number Resource Provisioning Hierarchy
ICANN / IANA
(Internet Assigned Numbers Authority)
Manage global unallocated IP address pool
Allocate
RIRs
(AfriNIC, APNIC, ARIN, LACNIC, RIPE NCC)
Manage regional unallocated IP address pool
Allocate
Assign
ISPs
End Users
Re-Allocate
Re-Assign
ISPs
End Users
ARIN History & Overview
Richard Jimmerson
Chief Information Officer
Historical Timeline
1993
IR function contracted by NSF to NSI; InterNIC, APNIC formed. DoD oversight ends.
InterNIC

1992
RFC 1366: Regional IRs established; RIPE NCC formed
Government Oversight

1991
 Registrant
DDN NIC
 Registrant
Internet Registry (IR) function contracted by DoD to SRI International

1980s
DDN NIC
RFC 1261: DoD IR function contract moved to Network Solutions, Inc.

1980s
 Registrant
DDN NIC
 Registrant
NSFNET/ARPANET - Jon Postel managed addressing via DoD contract;
this was called the Internet Assigned Numbers Authority (IANA)

Registrant
Historical Timeline
2005
Regionalization complete; AfriNIC formed

Community Oversight
2002
Regionalization continues; LACNIC formed

1998
 Registrant
ICANN formed

1997
 Registrant
 Registrant
IR regionalization completed; ARIN formed. USG oversight of IR function ends.

 Registrant
Regional Internet Registries
Number Resource Organization
The NRO exists to protect the unallocated number
resource pool, to promote and protect the bottom-up
policy development process, and to act as a focal
point for Internet community input into
the RIR system.
ARIN’s Service Region
ARIN’s region includesCanada, many Caribbean and
North Atlantic islands, and the United States.
RIR Structure
Nonprofit
•
•
Fee for services,
not number
resources
100%
community
funded
Membership
Organization
•
Open
•
Broad-based
- Private sector
- Public sector
- Civil society
Communityregulated
•
•
•
Community
developed
policies
Member-elected
executive board
Open and
transparent
RIR Services
Number Resources Organization
•
•
•
IP address
allocation &
assignment
ASN assignment
Directory
services
•
Elections
•
Meetings
•
Website
• Newsletters
• Roundtables
•
WHOIS
• IRR
•
•
Reverse DNS
Information
dissemination
•
Training
Policy Development
•
•
•
Maintain e-mail
discussion lists
Conduct public
policy meetings
Publish policy
documents
About ARIN
• One of five Regional Internet Registries
• Services 25 Economies in the Caribbean and
North America
• Nonprofit corporation based in
Chantilly, VA
• Established December 1997
• 100% community funded
ARIN’s Mission
• Applying the principles of stewardship,
ARIN, a nonprofit corporation:
– allocates Internet Protocol resources;
– develops consensus-based policies; and
– facilitates the advancement of the Internet
through information and educational
outreach.
ARIN’s Services
• Like the other RIRs, ARIN:
– Allocates and assigns Internet number
resources
– Maintains WHOIS, in-addr.arpa, and other
community services
– Participates in the global Internet
community
– Facilitates policy development
– Is a nonprofit, membership organization
Registration Services
• Manage Internet number
resources and related
services
• Manage Directory Services
(WHOIS & IRR)
Organization Services
Public Policy & Members
Meetings
Executive Board
Elections
Organization Services
Information publication
and dissemination
Education
& Training
Organizational
Chart
Learn More and Get Involved
Your participation
Important, critical, needed, appreciated…
Get Involved in ARIN
Public Policy Mailing List
Member Elections
Attend a Meeting
http://www.arin.net/participate/
26
Next ARIN Meeting
• Remote participation
• Policy discussions
• Tutorials
• Social event
• Adjacent to NANOG
https://www.arin.net/participate/meetings
The ARIN Policy
Development Process
Einar Bohlin
Policy Analyst
Overview
What is a Policy
The Policy Development Process
– Origin
– Principles
– Process Steps
A Case Study and Some Examples
Number Resource Policy
Manual (NRPM)
NRPM is ARIN’s policy document
– Version 2010.2 (7 June 2010)
– This is the 19th version
Contains
• Change Logs
• Available as PDF
• Index
https://www.arin.net/policy/nrpm.html
Policies in the NRPM
•
•
•
•
•
•
•
•
IPv4 Address Space
IPv6 Address Space
Autonomous System Numbers (ASNs)
Directory Services (WHOIS)
Reverse DNS (in-addr)
Transfers
Experimental Assignments
Resource Review Policy
Policy Development Process (PDP)
Flowchart
Proposal Template
Archive
Movie
https://www.arin.net/policy/pdp.html
PDP Origin - Rough Consensus
The foundation of the PDP
Rough consensus is a term used in consensus
decision-making to indicate the "sense of the
group" concerning a particular matter under
consideration.*
Note that 51% of the working group does not
qualify as "rough consensus" and 99% is
better than rough.*
(*from wikipedia.org)
Consensus Decision Making*
(*from wikipedia.org)
PDP Versions
Current version is the 4th
First written version - April 2001
Two revisions
Major overhaul - January 2009
The current PDP
Empowers the Advisory Council as a
development body (balanced by
expanded petitions)
Establishes goal = clear, technically sound
and useful policy
Requires staff and legal assessments and
freezes text prior to Public Policy
Meetings
Process Principles
Open Forum - Anyone can participate
Public Policy Mailing List
Public Policy Meetings
Transparent
PDP documented
Policies documented
Meetings documented
Bottom Up
ARIN does not create policy, ARIN implements it
Roles
Community
Submit proposals! If there is a problem, raise it
Comment on proposals (in favor or not?)
Participate in Petitions
Advisory Council “AC” (elected volunteers)
Write the policy text to ensure that it is
clear, technically sound and useful
Determine Consensus
Roles
ARIN “Board” (elected volunteers)
Provide process oversight
Provide corporate fiduciary oversight
ARIN Staff
Provide feedback
• Clarity and Understanding
• Staff Assessments
Implement Policy
Basic Steps
1. Community member submits a proposal
2. Community discusses the proposal on the “List”
3. AC creates a draft policy or abandons the
proposal
4. Community discusses the draft policy on the
“List” and at the meeting
5. AC conducts its consensus review
6. Community performs last call
7. Board adopts
8. Staff implements
Petitions
Anyone dissatisfied with a decision by the AC
can petition to keep the proposal moving
forward
1. Petition to bring proposal to list and meeting
4 successful*
3 unsuccessful
2.
Last call petition
(to send to Board)
One – unsuccessful
*2 ultimately abandoned, 2 under discussion
Public Policy Mailing List
Open to anyone
Easy to subscribe to
Contains: ideas, proposals, draft policies, last calls,
announcements of adoption and
implementation, and petitions
Archives
RSS available for ARIN only posts
https://www.arin.net/participate/mailing_lists/index.html
The ARIN Website
How to monitor and not be overwhelmed?
The AC meets monthly
Front page of the ARIN site to see proposals and draft
policies under discussion
New proposals need feedback for the AC’s initial
decision
Web site will help you focus on what’s important to
you and your company
ARIN Meetings
Two meetings a year
Check the ARIN Public Policy Meeting site 4-6 weeks
prior to meeting
Proposals/Draft Policies on Agenda
Discussion Guide (summaries and text)
Attend in Person/Remote
AC meeting last day
Watch list for AC’s decisions
Last Calls – For or against?
Policy Participation
You must be a member to
• Vote for AC and Board
• Nominate for those positions
Don’t let others say that such and such can’t be
done because ARIN won’t allow it
https://www.arin.net/participate/elections/index.html
Total Draft Policies
Active current drafts – 7
Adopted – 57 (plus 2 more global policies
awaiting ICANN Board review)
Abandoned – 46
A Case Study: Policy 2008-5
2008-5 Summary
Name: Dedicated IPv4 block to facilitate IPv6
Deployment (2008-5)
Proposal: Reserve some IPv4 space (a /10), and
make it available to organizations that need
some IPv4 space to deploy IPv6.
Rationale: “[This policy] will facilitate IPv6
deployment by ensuring that some small
chunks of IPv4 space will remain available for
a long time to ease the co-existence of IPv4 &
IPv6.”
Policy 2008-5 History
Proposal was submitted on June 2008.
Draft policy text discussed on the list and at ARIN XXII
meeting (Oct 2008).
The policy was sent to last call (Oct/Nov).
Minor revision by the AC, reposted to last call Nov/Dec.
Adopted by the Board 5 Jan 2009.
Implemented 1 Apr 2009 (NRPM Section 4.10).
https://www.arin.net/policy/proposals/2008_5.html
Policy Examples
Adopted
2010-2: /24 End User Minimum Assignment Unit (to be
implemented early September)
2009-8: Equitable IPv4 Run-Out (ISP allocation timeframe
to reduce from 12 months to 3 upon receipt of last /8)
2009-1: Transfer Policy (transfers allowed to specified
recipients, based on need)
Abandoned
2010-7: Simplified IPv6 (Everyone allowed one each of the
following /48, /40, /32, /28, /24)
2007-27: Cooperative distribution of the end of the IPv4
free pool (RIR to RIR requests)
References
Policy Development Process
https://www.arin.net/policy/pdp.html
Draft Policies and Proposals
https://www.arin.net/policy/proposals/index.html
Number Resource Policy Manual
https://www.arin.net/policy/nrpm.html
Suggestions -> Policy
Policies Under Discussion
Einar Bohlin
Policy Analyst
Draft Policies
• 7 on PPML for discussion and feedback
right now
• They will be presented and discussed
at ARIN meeting in Atlanta
• You have two ways to voice your
opinion about these, on the PPML or at
the PPM (in person or remote)
2010-8
• Rework of IPv6 assignment criteria
• Allows almost all organizations to receive a
/48 or larger block. Organizations can request
a block that would allow each site in their
network to be assigned a /48. Criteria: have
an IPv4 end user assignment; or be multihomed; or provide technical justification why
upstream space will not suffice. Also allows
space for non-connected (private) networks.
• Point: Makes available IPv6 assignments from
ARIN to most organizations, connected or not.
• Text is being worked on (carried over from
previous ARIN meeting)
2010-9
• IPv6 for 6rd
• Allows organizations with at least two
blocks of non-contiguous IPv4 space
to request an IPv6 /32 or larger block
to be used for a 6rd deployment.
These allocations/assignments will be
reviewed every 3 years by ARIN staff.
• Point: IPv6 allocations specifically for
6rd.
2010-10
• (Global Proposal): Global Policy for
IPv4 Allocations by the IANA Post
Exhaustion
• Establishes an IANA reclamation pool
of IPv4 address space. This pool will be
comprised of any “eligible” IPv4
address space returned to IANA.
• Point: Allows IANA to allocate space
after the free pool is gone. Assumes
IANA will get space back.
2010-11
• Required Resource Reviews
• Requires ARIN staff to initiate resource reviews
when M&A activity occurs but IP addresses are
not transferred; when fraud or abuse is reported to
ARIN (either about a specific IP address range or
about an organization); when a specified
recipient transfer occurs; or when staff are
reviewing an additional IP address request and
find that more than a quarter of an ISP’s
downstream SWIPs are covered under the
Residential Customer Privacy policy.
• Point: Original policy said ARIN can do reviews,
how often, and what can happen after a review,
etc. This proposal adds mandatory triggers which
cause reviews.
2010-12
• IPv6 Subsequent Allocation
• Allows an additional IPv6 allocation for
transitional technologies (IPv4 to IPv6).
The allocations will be reviewed every
3 years by ARIN staff.
• Point: IPv6 space for IPv4 to IPv6
transition technologies (like 6rd).
2010-13
• Permitted Uses of space reserved under NRPM 4.10
– Ups the reserved space from a /10 to the actual entire /8.
– Makes two pools of space available, both of which can be
drawn from by an organization. "Part A" for ISPs to issue single
addressess to customers (/24 to /18, max /16, 6 months,
customers must be using IPv6). "Part B" for ISPs or end users to
deploy IPv6 (/28 to /24, max /20, 6 months,
assignment/infrastructure.) Part A gets 3/4 of the /8. Part B gets
1/4.
– Space returned to ARIN goes to the 4.10 pool or back to IANA.
– Utilization is 80% most recent, 90% other space. Utilization must
be for transitional technology purposes (examples provided).
– Quarterly reviews. With allocation/assignment reduction
possible.
• [Point: The current policy makes IPv4 space available to
facilitate IPv6 deployment (/28 to /24, 6 months). The
proposal expands the reserved block, makes larger
allocations available, attempts to replenish the block with
returns, has stricter utilization both in terms of
percentages and permitted use, and adds quarterly
monitoring.]
2010-14
• Standardize IP Reassignment Registration Requirements
• The policy:
– Specifies that organization information is: Legal name, street
address, and one technical POC and one abuse POC. Each
POC must have an email and phone number.
– Defines residential customer.
– Expands the current Cable Address Policy with a broader policy
applicable to all Residential Market Areas.
– Extends the Residential Market Area policy to IPv6.
– Broadens the threshold for required SWIPing in IPv6 from /56 to
/64.
– Allows a resource review when ARIN believes an organization is
not complying with reassignment policy.
• Point: Specifies what organizational information is required
to be added to WHOIS, defines residential customer,
expands the current cable only residential policy to all
residential areas (makes it easier to register utilization and
apply for more), requires individual IPv6 subnets be
registered in WHOIS, and allows for resource reviews
for failure to comply with reassignment policy.
Do any of these possibly impact
you?
• You have two ways to voice your
opinion about these, on the PPML or at
the PPM (in person or remote)
References
• Draft Policies & Proposals
– https://www.arin.net/policy/proposals/ind
ex.html
ARIN Services
Jon Worley
Senior Resource Analyst
Current Policies
/24s are back!
• Only for multi-homed
end-users
• Must still show at least
25% used immediately
and at least 50% used
within one year
• Must renumber and
return to get another
block
IPv4 For The Rest of Us
• Single-homed end-users
– /20 minimum; show at least 25% used
immediately and at least 50% within a year
• ISPs
– Single-homed: /20 minimum, show you’re already
using a /20 (or equivalent)
– Multi-homed: /22 minimum, show you’re already
using a /23 (or equivalent), agree to renumber
Additional IPv4 Allocations
• Show you’ve efficiently used all previous allocations
and at least 80% of your most recent allocation
• ISPs allowed to request a three month supply of
addresses for their first year, then a twelve month
supply after that
• Allocation size based on demonstrated utilization
rate, not projected growth
– Block size lags growth
Special Policies
• Multiple Discrete Networks
– Networks operated separately from one
another
– Can request IPs for networks that need
more, even when other networks aren’t
fully used, as long as some basic overall
criteria are met
• Cable ISPs
– Show 80% of IPs assigned, with a 50-80%
utilization rate
What ARIN Will Need
• ISPs
– List of dynamic pools with information on
purpose, utilization metrics, etc
– List of statically assigned customers with
subnets/IPs
• /29 and larger need to be published via SWIP/Rwhois
• Can mark name/street address private if the service is
delivered to a residence
• End-users
– Subnet mappings for any previous assignments
– Proposed subnet mapping for new block
New Aspects to IPv4 Requests
• Officer attestation
– Required by ARIN’s Board of Trustees
– Prior to approval, officer is sent request
data via e-mail, reviews, and replies to
verify data is correct
• Utilization data for previous allocations
– Has always been required by policy
– Typically a utilization percentage,
although may ask for more if needed
What about unused IPv4
addresses?
• Many legacy IPv4 registrations are no
longer used
• We can definitely rely on our
community to be good samaritans
and return them, right?
Enter NRPM 8.3
• NRPM policy 8.3 allows orgs with
unused IPv4 addresses to transfer them
to a network that needs IPv4 addresses
• Network must qualify for the IPv4
addresses under a current ARIN policy
• ARIN will operate a listing service
• Why? IPv4 depletion
IPv6 Policies
• ISPs
– Known, existing ISPs automatically qualify
– /32 minimum
• Really really really big; ~4.2 Billion subnets
• End-users
– Typically qualify by showing you qualify for IPv4
– /48 minimum
• 65,536 subnets
• Qualify for larger by showing proposed use
– Guidelines: /48 for a large site, /56 for a small site
Interacting With ARIN
Service Delivery
• ARIN services traditionally
delivered via e-mail
• Not reliable
– E-mails get lost in the bit bucket
• Errors not noted until
reviewed by ARIN
– Delays your request by hours or
days
• There’s got to be a better
way!
ARIN Online
• All services to be delivered through the
web site via ARIN Online (eventually)
• Has been available for ~1 year
• Accounts are new
– If you didn’t create one in the past year,
create a new one, even if you already
have records in Whois
Linking your ARIN Online
Account
• ARIN Online account is associated with
your Whois records by linking to your
POC handle(s)
• To link, need to be able to get e-mail
sent to an e-mail address listed on the
handle
• Linking to the POC handle allows you
to access Org IDs/resources
associated with that handle
Recovering Old Records
• POC handle that is yours, but has an
incorrect e-mail address
– POC Recovery
• Org ID has no valid POC handles listed
– Org recovery
Current ARIN Online
Functionality
• Org and POC management
• Ask ARIN
• Bulk WHOIS
– FTP service retired
– XML tagging
– Easy to automate using API keys
• Reassignment Reports
Future Functionality
• Manage in-addr.arpa zones
• Request and modify AS numbers and
IP addresses
• Manage reassignment information
New Services
POC Validation
• NRPM 3.6.1 requires ARIN to contact
POCs annually to validate information
• If information is correct, just click URL in
message
• Otherwise, use ARIN Online to set up
account, then validate on POC page
WhoisRWS
• Port 80 queries much improved
– XML tagging
– Retrieve data via URL
• Frequently updated (many times per
day, instead of once a day)
– in-addr.arpa zones still daily
• Query syntax has changed
RPKI
• X.509 certificates for direct registrants
of IPv4 and IPv6 addresses
• Pilot program at http://rpkipilot.arin.net has been operating since
July 2009
• Production system in the near future
DNSSEC
• Cryptographically sign in-addr.arpa
delegations
• ARIN’s /8 zones are signed as trust
anchors since in-addr.arpa isn’t signed
yet
• Users able to add DS records to sign
their own delegations by the end of
the year
Outreach And Education
Outreach & Education
Services
• Online education resources
• Event Presentations
• Exhibits (direct and reverse)
• Media interviews
Outreach & Education
Materials
• Fact and information sheets (and CDs)
• Multimedia pieces
• Giveaways (pens, stickers, etc.)
• Slide decks
• Comic books
• More…
ARIN Resource Links
• TeamARIN Microsite
http://TeamARIN.net
–
–
–
–
Event Calendar
Education
Blogs
Spread the word
• Public use slide deck
• Materials support
request
• ARIN IPv6 wiki
http://getipv6.info
ARIN on Social Media
Facebook –
www.facebook.com/TeamARIN
Twitter –
www.twitter.com/TeamARIN
LinkedIn –
www.linkedin.com
YouTube –
www.youtube.com/TeamARIN
IPv4 Depletion
IPv6 Adoption
6 August 2010
14 /8s Remaining
Quick History of the Internet Protocol
• Internet Protocol version 4 (IPv4, or just “IP”)
First developed for the original Internet (ARPANET) in spring 1978
Deployed globally with growth of the Internet
Total of 4 billion IP addresses available
Well entrenched and used by every ISP and hosting company
to connect customers to the Internet
– Allocated based on documented need
–
–
–
–
• Internet Protocol version 6 (IPv6)
– Design started in 1993 when IETF forecasts showed IPv4
depletion between 2010 and 2017
– Completed, tested, and available for production since 1999
– Total of 340,282,366,920,938,463,463,374,607,431,768,211,456 IP
addresses available
– Used and managed similar to IPv4
About IPv4 and IPv6
IP version
IPv4
IPv6
Deployed
1981
1999
Address Size
32-bit number
128-bit number
Address
Format
Dotted Decimal Notation:
192.0.2.76
Hexadecimal Notation:
2001:0DB8:0234:AB00:
0123:4567:8901:ABCD
Number of
Addresses
232 = 4,294,967,296
2128 = 340,282,366,920,938,463,
463,374,607,431,768,211,456
Examples of
Prefix
Notation
192.0.2.0/24
10/8
2001:0DB8:0234::/48
2600:0000::/12
(a “/8” block = 1/256th of total IPv4 address
space = 224 = 16,777,216 addresses)
IPv4 Address Space Utilization
*as of 6 August 2010
Available IPv4 Space in /8s
In 2010, RIRs have been allocated twelve /8s blocks as of
6 August, leaving fourteen /8s unallocated (14/256 = 5.46%)
IPv4 Demand – RIR Allocations
In 2010, RIRs have been allocated twelve /8s blocks as of 6 August.
IPv4 Depletion Situation Report
• The RIRs have needed between 8
and 12 /8s each year worldwide.
• There are 14 /8s remaining in the
available pool as of 6 August 2010.
• Demand for IPv4 continues to grow
from organizations around the world.
IPv4 & IPv6 - The Bottom Line
• We’re running out of IPv4
address space.
• IPv6 must be adopted for
continued Internet growth.
• IPv6 is not backwards
compatible with IPv4.
• We must maintain IPv4 and
IPv6 simultaneously for many
years.
• IPv6 deployment has begun.
IPv6 Deployment has begun
RIRs have been allocating
IPv6 address space since 1999.
Thousands of organizations have
received an IPv6 allocation to date.
ARIN has IPv6 distribution policies for
service providers, community networks,
and end-user organizations.
IPv4 & IPv6 Coexistence
Today, the Internet is predominantly based
on IPv4.
For the foreseeable future, the Internet must
run both IP versions (IPv4 & IPv6) at the same
time. (When done on a single device, this is
called the “dual-stack” approach.)
Deployment is already underway: Today,
there are organizations attempting to reach
your mail, web, and application servers via
IPv6...
Action Plans
What does this mean for:
• Broadband Access Providers?
• Internet Service Providers?
• Internet Content Providers?
• Enterprise Customers?
• Equipment Vendors?
• Government Organizations?
Call to Action
Broadband Access Providers
Your customers want access to the entire
Internet, and this means IPv4 and IPv6
websites. Offering full access will require
running IPv4/IPv6 transition services and is a
significant engineering project.
Multiple transition technologies are available,
and each provider needs to make its own
architectural decisions.
Call to Action
Internet Service Providers
Plan out how to connect businesses via IPv6only and IPv4/IPv6 in addition to IPv4-only.
Businesses are beginning to ask for IPv6 over
their existing Internet connections and for
their co-located servers.
Communicate with your peers and vendors
about IPv6, and confirm their timelines for
production IPv6 services.
Call to Action
Internet Content Providers
Content must be reachable to newer
Internet customers.
Content served only via IPv4 will be
accessed by IPv6 customers via transition
solutions run by the access providers.
Plan on serving content via IPv6 in
addition to IPv4 as soon as possible.
Call to Action
Enterprise Customers
Mail, web, and application servers must be
reachable via IPv6 in addition to IPv4.
Open a dialogue with your Internet Service
Provider about providing IPv6 services.
Each organization must decide on timelines,
and investment level will vary.
Call to Action
Equipment Vendors
There was probably limited demand for IPv6 in
the past.
Demand for IPv6 support will become
mandatory very, very quickly.
Introduce IPv6 support into your product cycle
as soon as possible.
Call to Action
Government Organizations
Awareness
Coordinate with industry
Adopt incentives
• Regulatory
• Economic
Support and promote awareness and educational
activities
Require IPv6-compatibility in procurement procedures
Officially adopt IPv6
IPv6 Adoption Needs
IPv6 address space
IPv6 connectivity (native or tunneled)
Operating systems, software, and network
management tool upgrades
Router, firewall, and other hardware upgrades
IT staff and customer service training
Resources
– Community Use Slide Deck
– IPv6 Wiki
– Information Page at
www.arin.net/knowledge/v4-v6.html
– Outreach Microsite:
www.TeamARIN.net
– Social Media at ARIN
www.arin.net/social.html
– ARIN Board Resolution
– Letter to CEOs
Learn More and Get Involved
Learn more about IPv6
www.arin.net
www.getipv6.info
www.TeamARIN.net
Get Involved in ARIN
Public Policy Mailing List
Attend a Meeting
http://www.arin.net/participate/