> The current draft text can be found on ARIN’s policy page here: > https://www.arin.net/participate/policy/drafts/2024_5/
Hi folks, There hasn't been a whole lot of discussion about this proposal since it was introduced last year. A few folks argued back and forth about what an IXP peering LAN looks like, spelling out "critical infrastructure," whether policy can express "intent," IX virtualization, and so on. Some of those have been addressed in the current text. Some have not yet been addressed. Discussion has kinda tapered off with, in the latest round, only Tyler stepping forward to offer feedback and say he likes the proposal and wants to see it move forward (thank you Tyler!) I'd like to step back a moment and get a sense of what all of you think about the problems 2024-5 is trying to solve and whether it's still worth trying to solve them. Here's the draft's problem statement and some questions I have for which answers from you would help me better understand. > Problem Statement: > > The current NRPM Section 4.4 language hasn't aged well. Would anyone offer some discussion about this? In what manner has it failed to age well? Examples would be welcome. If you have an example containing private information, feel free to send it to me off-list and I'll anonymize it for the group. > As the ARIN 53 > policy experience report demonstrated, 4.4 has also become difficult to > implement by ARIN staff. For reference you can find that policy experience report (PER) here, along with the transcript of its presentation at ARIN 53: https://www.arin.net/participate/meetings/ARIN53/materials/monday/arin53_policyimplementation.pdf https://www.arin.net/participate/meetings/ARIN53/day1_transcript/#policy-implementation-and-experience-report My understanding is that the issue raised by the PER is whether or not IXPs receiving 4.4 space are permitted to broadly route that space via BGP on the Internet. Many common IXP implementations do not route those addresses in order to prevent hacking from end users. It's hard to hack equipment if you can't send packets to it and there's no technical requirement that the routers on the IXP lan be able to receive packets to their IP addresses from end users -- only that they be able to send ICMP unreachables. ARIN's current implementation of NRPM 4.4 is that IXP addresses allocated under 4.4 are NOT permitted to be broadly routed and could be revoked if found to be used for equipment other than the IXP interconnect LAN. Are there issues from the PER that I missed or misunderstood? I note that restricting the routing of 4.4 IXP addresses gives ARIN an effective lever to limit abuse by applicants who aren't really operating an IXP. Is this desirable, or is it a problem? The draft says it's a problem and reverses ARIN's no-routing rule. And of course the big question: would you like to see the Advisory Council continue working on this draft and moving it forward? Regards, Bill Herrin -- William Herrin [email protected] https://bill.herrin.us/ _______________________________________________ ARIN-PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List ([email protected]). Unsubscribe or manage your mailing list subscription at: https://lists.arin.net/mailman/listinfo/arin-ppml Please contact [email protected] if you experience any issues.
