1 of 23

Richard JimmersonChief Information Officer

Internet Governance

5 of 23

6 of 23

7 of 23

8 of 23

9 of 23

Number Resource Provisioning Hierarchy

ICANN / IANA(Internet Assigned Numbers Authority)

Manage global unallocated IP address pool

ISPs

End UsersISPs

RIRs(AfriNIC, APNIC, ARIN, LACNIC, RIPE NCC)

Manage regional unallocated IP address pool

Re-Allocate Re-Assign

End Users

Allocate

AssignAllocate

Richard JimmersonChief Information Officer

ARIN History & Overview

1993 IR function contracted by NSF to NSI; InterNIC, APNIC formed. DoD oversight ends.

Registrant

1992 RFC 1366: Regional IRs established; RIPE NCC formed

Registrant

1991 RFC 1261: DoD IR function contract moved to Network Solutions, Inc.

Registrant

1980s Internet Registry (IR) function contracted by DoD to SRI International

Registrant

1980s NSFNET/ARPANET - Jon Postel managed addressing via DoD contract;this was called the Internet Assigned Numbers Authority (IANA)

Registrant

Governm

ent Oversight

Historical Timeline

DDN NIC

DDN NIC

DDN NIC

InterNIC

Historical Timeline2005 Regionalization complete; AfriNIC formed

Registrant

2002 Regionalization continues; LACNIC formed

Registrant

1998 ICANN formed

Registrant

1997 IR regionalization completed; ARIN formed. USG oversight of IR function ends.

Registrant

Comm

unity Oversight

Regional Internet Registries

The NRO exists to protect the unallocated number resource pool, to promote and protect the bottom-up policy development process, and to act as a focal point for Internet community input intothe RIR system.

Number Resource Organization

ARIN’s Service Region

ARIN’s region includesCanada, many Caribbean and North Atlantic islands, and the United States.

Nonprofit Membership Organization

Community-regulated

• Fee for services, not number resources

• 100% community funded

• Open• Broad-based

- Private sector- Public sector- Civil society

• Community developed policies

• Member-elected executive board

• Open and transparent

RIR Structure

Number Resources Organization Policy Development

• IP address allocation & assignment

• ASN assignment• Directory

services• WHOIS• IRR

• Reverse DNS

• Elections• Meetings• Information

dissemination• Website• Newsletters• Roundtables

• Training

• Maintain e-mail discussion lists

• Conduct public policy meetings

• Publish policy documents

RIR Services

About ARIN• One of five Regional Internet Registries

• Services 25 Economies in the Caribbean and North America

• Nonprofit corporation based in Chantilly, VA

• Established December 1997

• 100% community funded

• Applying the principles of stewardship, ARIN, a nonprofit corporation:

– allocates Internet Protocol resources;

– develops consensus-based policies; and

– facilitates the advancement of the Internet through information and educational outreach.

ARIN’s Mission

ARIN’s Services• Like the other RIRs, ARIN:

– Allocates and assigns Internet number resources

– Maintains WHOIS, in-addr.arpa, and other community services

– Participates in the global Internet community

– Facilitates policy development– Is a nonprofit, membership organization

Registration Services

• Manage Internet number resources and related services

• Manage Directory Services (WHOIS & IRR)

Organization Services

Public Policy & Members Meetings

Executive Board Elections

Organization Services

Information publicationand dissemination

Education& Training

Organizational Chart

Learn More and Get InvolvedYour participation

Important, critical, needed, appreciated…

Get Involved in ARINPublic Policy Mailing ListMember ElectionsAttend a Meeting

http://www.arin.net/participate/

26

Next ARIN Meeting

• Remote participation

• Policy discussions

• Tutorials

• Social event

• Adjacent to NANOG

https://www.arin.net/participate/meetings

Einar BohlinPolicy Analyst

The ARIN Policy Development Process

OverviewWhat is a PolicyThe Policy Development Process

– Origin– Principles– Process Steps

A Case Study and Some Examples

Number Resource PolicyManual (NRPM)

NRPM is ARIN’s policy document – Version 2010.2 (7 June 2010)– This is the 19th version

Contains• Change Logs• Available as PDF• Index

https://www.arin.net/policy/nrpm.html

Policies in the NRPM• IPv4 Address Space• IPv6 Address Space• Autonomous System Numbers (ASNs)• Directory Services (WHOIS)• Reverse DNS (in-addr)• Transfers• Experimental Assignments• Resource Review Policy

Policy Development Process (PDP)

Flowchart

Proposal Template

Archive

Movie

https://www.arin.net/policy/pdp.html

PDP Origin - Rough Consensus

The foundation of the PDP

Rough consensus is a term used in consensus decision-making to indicate the "sense of the group" concerning a particular matter under consideration.*

Note that 51% of the working group does not qualify as "rough consensus" and 99% is better than rough.*

(*from wikipedia.org)

Consensus Decision Making*(*from wikipedia.org)

PDP Versions

Current version is the 4th

First written version - April 2001Two revisions

Major overhaul - January 2009

The current PDP

Empowers the Advisory Council as a development body (balanced by expanded petitions)

Establishes goal = clear, technically soundand useful policy

Requires staff and legal assessments and freezes text prior to Public Policy Meetings

Process Principles

Open Forum - Anyone can participate Public Policy Mailing List

Public Policy Meetings

TransparentPDP documented

Policies documented

Meetings documented

Bottom UpARIN does not create policy, ARIN implements it

Roles

CommunitySubmit proposals! If there is a problem, raise it

Comment on proposals (in favor or not?)

Participate in Petitions

Advisory Council “AC” (elected volunteers)Write the policy text to ensure that it is

clear, technically sound and useful

Determine Consensus

Roles

ARIN “Board” (elected volunteers)Provide process oversight

Provide corporate fiduciary oversight

ARIN Staff Provide feedback

• Clarity and Understanding

• Staff Assessments

Implement Policy

Basic Steps1. Community member submits a proposal2. Community discusses the proposal on the “List”3. AC creates a draft policy or abandons the

proposal4. Community discusses the draft policy on the

“List” and at the meeting5. AC conducts its consensus review6. Community performs last call7. Board adopts8. Staff implements

PetitionsAnyone dissatisfied with a decision by the AC

can petition to keep the proposal moving forward

1. Petition to bring proposal to list and meeting 4 successful*3 unsuccessful

2. Last call petition (to send to Board)

One – unsuccessful

*2 ultimately abandoned, 2 under discussion

Public Policy Mailing List

Open to anyone

Easy to subscribe to

Contains: ideas, proposals, draft policies, last calls, announcements of adoption and implementation, and petitions

Archives

RSS available for ARIN only posts

https://www.arin.net/participate/mailing_lists/index.html

The ARIN Website

How to monitor and not be overwhelmed?

The AC meets monthlyFront page of the ARIN site to see proposals and draft

policies under discussion

New proposals need feedback for the AC’s initial decision

Web site will help you focus on what’s important to you and your company

ARIN Meetings

Two meetings a year

Check the ARIN Public Policy Meeting site 4-6 weeks prior to meeting

Proposals/Draft Policies on Agenda

Discussion Guide (summaries and text)

Attend in Person/Remote

AC meeting last dayWatch list for AC’s decisions

Last Calls – For or against?

Policy Participation

You must be a member to

• Vote for AC and Board

• Nominate for those positions

Don’t let others say that such and such can’t be done because ARIN won’t allow it

https://www.arin.net/participate/elections/index.html

Total Draft Policies

Active current drafts – 7

Adopted – 57 (plus 2 more global policies awaiting ICANN Board review)

Abandoned – 46

A Case Study: Policy 2008-5

2008-5 SummaryName: Dedicated IPv4 block to facilitate IPv6

Deployment (2008-5)

Proposal: Reserve some IPv4 space (a /10), and make it available to organizations that need some IPv4 space to deploy IPv6.

Rationale: “[This policy] will facilitate IPv6 deployment by ensuring that some small chunks of IPv4 space will remain available for a long time to ease the co-existence of IPv4 & IPv6.”

Policy 2008-5 HistoryProposal was submitted on June 2008.

Draft policy text discussed on the list and at ARIN XXII meeting (Oct 2008).

The policy was sent to last call (Oct/Nov).

Minor revision by the AC, reposted to last call Nov/Dec.

Adopted by the Board 5 Jan 2009.

Implemented 1 Apr 2009 (NRPM Section 4.10).

https://www.arin.net/policy/proposals/2008_5.html

Policy ExamplesAdopted

2010-2: /24 End User Minimum Assignment Unit (to be implemented early September)

2009-8: Equitable IPv4 Run-Out (ISP allocation timeframe to reduce from 12 months to 3 upon receipt of last /8)

2009-1: Transfer Policy (transfers allowed to specified recipients, based on need)

Abandoned2010-7: Simplified IPv6 (Everyone allowed one each of the

following /48, /40, /32, /28, /24)2007-27: Cooperative distribution of the end of the IPv4

free pool (RIR to RIR requests)

References

Policy Development Processhttps://www.arin.net/policy/pdp.html

Draft Policies and Proposalshttps://www.arin.net/policy/proposals/index.html

Number Resource Policy Manualhttps://www.arin.net/policy/nrpm.html

Suggestions -> Policy

Policies Under Discussion

Einar BohlinPolicy Analyst

Draft Policies• 7 on PPML for discussion and feedback

right now• They will be presented and discussed

at ARIN meeting in Atlanta• You have two ways to voice your

opinion about these, on the PPML or at the PPM (in person or remote)

2010-8• Rework of IPv6 assignment criteria• Allows almost all organizations to receive a

/48 or larger block. Organizations can request a block that would allow each site in their network to be assigned a /48. Criteria: have an IPv4 end user assignment; or be multi-homed; or provide technical justification why upstream space will not suffice. Also allows space for non-connected (private) networks.

• Point: Makes available IPv6 assignments from ARIN to most organizations, connected or not.

• Text is being worked on (carried over from previous ARIN meeting)

2010-9• IPv6 for 6rd• Allows organizations with at least two

blocks of non-contiguous IPv4 space to request an IPv6 /32 or larger block to be used for a 6rd deployment. These allocations/assignments will be reviewed every 3 years by ARIN staff.

• Point: IPv6 allocations specifically for 6rd.

2010-10• (Global Proposal): Global Policy for

IPv4 Allocations by the IANA Post Exhaustion

• Establishes an IANA reclamation pool of IPv4 address space. This pool will be comprised of any “eligible” IPv4 address space returned to IANA.

• Point: Allows IANA to allocate space after the free pool is gone. Assumes IANA will get space back.

2010-11• Required Resource Reviews• Requires ARIN staff to initiate resource reviews

when M&A activity occurs but IP addresses are not transferred; when fraud or abuse is reported to ARIN (either about a specific IP address range or about an organization); when a specified recipient transfer occurs; or when staff are reviewing an additional IP address request and find that more than a quarter of an ISP’s downstream SWIPs are covered under the Residential Customer Privacy policy.

• Point: Original policy said ARIN can do reviews, how often, and what can happen after a review, etc. This proposal adds mandatory triggers which cause reviews.

2010-12• IPv6 Subsequent Allocation• Allows an additional IPv6 allocation for

transitional technologies (IPv4 to IPv6). The allocations will be reviewed every 3 years by ARIN staff.

• Point: IPv6 space for IPv4 to IPv6 transition technologies (like 6rd).

2010-13• Permitted Uses of space reserved under NRPM 4.10

– Ups the reserved space from a /10 to the actual entire /8.– Makes two pools of space available, both of which can be

drawn from by an organization. "Part A" for ISPs to issue single addressess to customers (/24 to /18, max /16, 6 months, customers must be using IPv6). "Part B" for ISPs or end users to deploy IPv6 (/28 to /24, max /20, 6 months, assignment/infrastructure.) Part A gets 3/4 of the /8. Part B gets 1/4.

– Space returned to ARIN goes to the 4.10 pool or back to IANA.– Utilization is 80% most recent, 90% other space. Utilization must

be for transitional technology purposes (examples provided).– Quarterly reviews. With allocation/assignment reduction

possible. • [Point: The current policy makes IPv4 space available to

facilitate IPv6 deployment (/28 to /24, 6 months). The proposal expands the reserved block, makes larger allocations available, attempts to replenish the block with returns, has stricter utilization both in terms of

percentages and permitted use, and adds quarterlymonitoring.]

2010-14• Standardize IP Reassignment Registration Requirements• The policy:

– Specifies that organization information is: Legal name, street address, and one technical POC and one abuse POC. Each POC must have an email and phone number.

– Defines residential customer. – Expands the current Cable Address Policy with a broader policy

applicable to all Residential Market Areas.– Extends the Residential Market Area policy to IPv6.– Broadens the threshold for required SWIPing in IPv6 from /56 to

/64.– Allows a resource review when ARIN believes an organization is

not complying with reassignment policy.• Point: Specifies what organizational information is required

to be added to WHOIS, defines residential customer, expands the current cable only residential policy to all residential areas (makes it easier to register utilization and apply for more), requires individual IPv6 subnets be

registered in WHOIS, and allows for resource reviewsfor failure to comply with reassignment policy.

Do any of these possibly impact you?• You have two ways to voice your

opinion about these, on the PPML or at the PPM (in person or remote)

References• Draft Policies & Proposals

– https://www.arin.net/policy/proposals/index.html

ARIN Services

Jon WorleySenior Resource Analyst

Current Policies

/24s are back!• Only for multi-homed

end-users• Must still show at least

25% used immediately and at least 50% used within one year

• Must renumber and return to get another block

IPv4 For The Rest of Us• Single-homed end-users

– /20 minimum; show at least 25% used immediately and at least 50% within a year

• ISPs– Single-homed: /20 minimum, show you’re already

using a /20 (or equivalent)– Multi-homed: /22 minimum, show you’re already

using a /23 (or equivalent), agree to renumber

Additional IPv4 Allocations• Show you’ve efficiently used all previous allocations

and at least 80% of your most recent allocation

• ISPs allowed to request a three month supply of addresses for their first year, then a twelve month supply after that

• Allocation size based on demonstrated utilization rate, not projected growth– Block size lags growth

Special Policies• Multiple Discrete Networks

– Networks operated separately from one another

– Can request IPs for networks that need more, even when other networks aren’t fully used, as long as some basic overall criteria are met

• Cable ISPs– Show 80% of IPs assigned, with a 50-80%

utilization rate

What ARIN Will Need• ISPs

– List of dynamic pools with information on purpose, utilization metrics, etc

– List of statically assigned customers with subnets/IPs

• /29 and larger need to be published via SWIP/Rwhois• Can mark name/street address private if the service is

delivered to a residence

• End-users– Subnet mappings for any previous assignments– Proposed subnet mapping for new block

New Aspects to IPv4 Requests• Officer attestation

– Required by ARIN’s Board of Trustees– Prior to approval, officer is sent request

data via e-mail, reviews, and replies to verify data is correct

• Utilization data for previous allocations– Has always been required by policy– Typically a utilization percentage,

although may ask for more if needed

• Many legacy IPv4 registrations are no longer used

• We can definitely rely on our community to be good samaritans and return them, right?

What about unused IPv4 addresses?

Enter NRPM 8.3• NRPM policy 8.3 allows orgs with

unused IPv4 addresses to transfer them to a network that needs IPv4 addresses

• Network must qualify for the IPv4 addresses under a current ARIN policy

• ARIN will operate a listing service• Why? IPv4 depletion

IPv6 Policies• ISPs

– Known, existing ISPs automatically qualify– /32 minimum

• Really really really big; ~4.2 Billion subnets

• End-users– Typically qualify by showing you qualify for IPv4– /48 minimum

• 65,536 subnets• Qualify for larger by showing proposed use

– Guidelines: /48 for a large site, /56 for a small site

Interacting With ARIN

Service Delivery• ARIN services traditionally

delivered via e-mail• Not reliable

– E-mails get lost in the bit bucket• Errors not noted until

reviewed by ARIN– Delays your request by hours or

days• There’s got to be a better

way!

ARIN Online• All services to be delivered through the

web site via ARIN Online (eventually)• Has been available for ~1 year• Accounts are new

– If you didn’t create one in the past year, create a new one, even if you already have records in Whois

Linking your ARIN Online Account• ARIN Online account is associated with

your Whois records by linking to your POC handle(s)

• To link, need to be able to get e-mail sent to an e-mail address listed on the handle

• Linking to the POC handle allows you to access Org IDs/resources associated with that handle

Recovering Old Records• POC handle that is yours, but has an

incorrect e-mail address– POC Recovery

• Org ID has no valid POC handles listed– Org recovery

Current ARIN Online Functionality• Org and POC management• Ask ARIN• Bulk WHOIS

– FTP service retired– XML tagging– Easy to automate using API keys

• Reassignment Reports

Future Functionality• Manage in-addr.arpa zones• Request and modify AS numbers and

IP addresses• Manage reassignment information

New Services

POC Validation• NRPM 3.6.1 requires ARIN to contact

POCs annually to validate information• If information is correct, just click URL in

message• Otherwise, use ARIN Online to set up

account, then validate on POC page

WhoisRWS• Port 80 queries much improved

– XML tagging– Retrieve data via URL

• Frequently updated (many times per day, instead of once a day)– in-addr.arpa zones still daily

• Query syntax has changed

RPKI• X.509 certificates for direct registrants

of IPv4 and IPv6 addresses• Pilot program at http://rpki-

pilot.arin.net has been operating since July 2009

• Production system in the near future

DNSSEC• Cryptographically sign in-addr.arpa

delegations• ARIN’s /8 zones are signed as trust

anchors since in-addr.arpa isn’t signed yet

• Users able to add DS records to sign their own delegations by the end of the year

Outreach And Education

Outreach & Education Services• Online education resources• Event Presentations• Exhibits (direct and reverse)• Media interviews

Outreach & EducationMaterials• Fact and information sheets (and CDs)• Multimedia pieces• Giveaways (pens, stickers, etc.)• Slide decks• Comic books• More…

• TeamARIN Micrositehttp://TeamARIN.net– Event Calendar– Education– Blogs– Spread the word

• Public use slide deck• Materials support

request• ARIN IPv6 wiki

http://getipv6.info

ARIN Resource Links

ARIN on Social MediaFacebook –www.facebook.com/TeamARIN

Twitter –www.twitter.com/TeamARIN

LinkedIn –www.linkedin.com

YouTube –www.youtube.com/TeamARIN

IPv4 Depletion

IPv6 Adoption6 August 2010

14 /8s Remaining

Quick History of the Internet Protocol• Internet Protocol version 4 (IPv4, or just “IP”)

– First developed for the original Internet (ARPANET) in spring 1978– Deployed globally with growth of the Internet– Total of 4 billion IP addresses available– Well entrenched and used by every ISP and hosting company

to connect customers to the Internet– Allocated based on documented need

• Internet Protocol version 6 (IPv6)– Design started in 1993 when IETF forecasts showed IPv4

depletion between 2010 and 2017– Completed, tested, and available for production since 1999– Total of 340,282,366,920,938,463,463,374,607,431,768,211,456 IP

addresses available– Used and managed similar to IPv4

About IPv4 and IPv6IP version IPv4 IPv6Deployed 1981 1999

Address Size 32-bit number 128-bit number

Address Format

Dotted Decimal Notation: 192.0.2.76

Hexadecimal Notation: 2001:0DB8:0234:AB00:0123:4567:8901:ABCD

Number of Addresses

232 = 4,294,967,296 2128 = 340,282,366,920,938,463,463,374,607,431,768,211,456

Examples of Prefix Notation

192.0.2.0/2410/8

(a “/8” block = 1/256th of total IPv4 address space = 224 = 16,777,216 addresses)

2001:0DB8:0234::/48 2600:0000::/12

IPv4 Address Space Utilization

*as of 6 August 2010

Available IPv4 Space in /8s

In 2010, RIRs have been allocated twelve /8s blocks as of 6 August, leaving fourteen /8s unallocated (14/256 = 5.46%)

IPv4 Demand – RIR Allocations

In 2010, RIRs have been allocated twelve /8s blocks as of 6 August.

IPv4 Depletion Situation Report• The RIRs have needed between 8

and 12 /8s each year worldwide.

• There are 14 /8s remaining in the available pool as of 6 August 2010.

• Demand for IPv4 continues to grow from organizations around the world.

IPv4 & IPv6 - The Bottom Line• We’re running out of IPv4

address space.

• IPv6 must be adopted for continued Internet growth.

• IPv6 is not backwards compatible with IPv4.

• We must maintain IPv4 and IPv6 simultaneously for many years.

• IPv6 deployment has begun.

RIRs have been allocatingIPv6 address space since 1999.

Thousands of organizations havereceived an IPv6 allocation to date.

ARIN has IPv6 distribution policies for service providers, community networks,

and end-user organizations.

IPv6 Deployment has begun

IPv4 & IPv6 Coexistence Today, the Internet is predominantly based on IPv4.

For the foreseeable future, the Internet must run both IP versions (IPv4 & IPv6) at the same time. (When done on a single device, this is called the “dual-stack” approach.)

Deployment is already underway: Today, there are organizations attempting to reach your mail, web, and application servers via IPv6...

Action Plans

What does this mean for:• Broadband Access Providers? • Internet Service Providers?• Internet Content Providers?• Enterprise Customers?• Equipment Vendors?• Government Organizations?

Call to ActionBroadband Access Providers

Your customers want access to the entireInternet, and this means IPv4 and IPv6 websites. Offering full access will require running IPv4/IPv6 transition services and is a significant engineering project.

Multiple transition technologies are available, and each provider needs to make its own architectural decisions.

Call to ActionInternet Service ProvidersPlan out how to connect businesses via IPv6-only and IPv4/IPv6 in addition to IPv4-only.

Businesses are beginning to ask for IPv6 over their existing Internet connections and for their co-located servers.

Communicate with your peers and vendors about IPv6, and confirm their timelines for production IPv6 services.

Call to ActionInternet Content ProvidersContent must be reachable to newer Internet customers.

Content served only via IPv4 will be accessed by IPv6 customers via transition solutions run by the access providers.

Plan on serving content via IPv6 in addition to IPv4 as soon as possible.

Call to Action Enterprise CustomersMail, web, and application servers must be reachable via IPv6 in addition to IPv4.

Open a dialogue with your Internet Service Provider about providing IPv6 services.

Each organization must decide on timelines, and investment level will vary.

Call to ActionEquipment VendorsThere was probably limited demand for IPv6 in the past.

Demand for IPv6 support will become mandatory very, very quickly.

Introduce IPv6 support into your product cycle as soon as possible.

AwarenessCoordinate with industry

Adopt incentives• Regulatory• Economic

Support and promote awareness and educational activities

Require IPv6-compatibility in procurement procedures

Officially adopt IPv6

Call to ActionGovernment Organizations

IPv6 Adoption NeedsIPv6 address space

IPv6 connectivity (native or tunneled)

Operating systems, software, and network management tool upgrades

Router, firewall, and other hardware upgrades

IT staff and customer service training

Resources– Community Use Slide Deck

– IPv6 Wiki

– Information Page at www.arin.net/knowledge/v4-v6.html

– Outreach Microsite:www.TeamARIN.net

– Social Media at ARINwww.arin.net/social.html

– ARIN Board Resolution

– Letter to CEOs

Learn More and Get InvolvedLearn more about IPv6www.arin.netwww.getipv6.infowww.TeamARIN.net

Get Involved in ARINPublic Policy Mailing ListAttend a Meeting

http://www.arin.net/participate/