Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
Hi, On Wed, Nov 08, 2017 at 05:48:42PM +0100, Maximilian Wilhelm wrote: > [...] > > I feel that the current version is solving partially Max case, but even in > > his case, if he decides to provide /64 for each hot-spot customer, this > > proposal will not work. > > Actually the NCC IA interpretation is rather clear on this one - as > Marco (IIRC) confirmed while the WG session. /64 assignments to hosts > aren't a problem with the current policy text / interpretation. Precision of language: "... with the proposed new policy text". (Sorry to be nit-picking here) gert -- have you enabled IPv6 on something today...? SpaceNet AGVorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 signature.asc Description: PGP signature
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
On 08.11.2017 11:20, JORDI PALET MARTINEZ wrote: > Ok, here is it then. Hopefully we have a lot of fun and good noise ;-) > (that's music?) > > The main idea is to allow what Max (and many other people) needs in PI, but > not having restrictions. > > For that, what I’m proposing is: > > 1) Change the actual definition of Assign in 2.6, to: > 2.6. Assign > To “assign” means to delegate address space to an ISP or End User for > specific use within the Internet infrastructure they operate. Assignments > must only be made for specific purposes documented by specific organisations > and are not to be sub-assigned to other parties, with the exception of > Provider Independent (PI). To me, this wording makes things even worse. This makes PIv6 more adorable (less restricted) and will lead to more confusion instead of less. > 2) Remove last paragraph in 7. IPv6 Provider Independent (PI) Assignments > So, REMOVE: The PI assignment cannot be further assigned to other > organisations. I'm happy with the "no subassignent" restriction (as in: you cannot enter a bigger prefix in the RIPE DB, even as an LIR), I challenge NCC's interpretation of allowing third party users use my PI space temporary being a sub-assignment (guest WiFi/Freifunk case). > Rationale: > > a. Arguments Supporting the Proposal > This proposal will avoid the situations of breaking existing policy when a > network using PI is using the addressing space for point-to-point links or in > cases such as providing connectivity to employee or visitor devices (BYOD), > hot-spots, and similar situations. > At this way, regardless of if a single /128 or /64 is sub-assigned, and > independently of what technology is used for that (SLAAC, DHCPv6, DHCPv6-PD), > the restriction is no longer an issue. My employees are part of my organisation, no issue there. Visitors are what is objected by the NCC, as they are not part of the organisation that holds the PI assignment. But then the RIPE NCC is in breach with it's own interpretation when using their PI space on a RIPE Meeting's public network (wired & wireless): not every WiFi user at a RIPE Meeting is an employee of the RIPE NCC. So, next time we'll see the RIPE NCC requesting a temporary PA (v4 and v6) from the providing ISP for the Meeting's network? Similarily, as my family isn't me, I may not allow them to use PI space assigned to me? But then, what's PI good for anyway? Any service that's setup/operated/funded by the assignee (the holder of (PI) space) should be considered proper use of these Internet resources, as far as the IR is concerned. > b. Arguments Opposing the Proposal > It can be argued that this proposal could increase the number of PI request > to RIPE NCC. > > Mitigation/counter-argument: This is not an issue and should not be > considered as a “bad-effect”. > > The resulting policy could be used to circumvent the allocation policy, > avoiding creating a LIR. > > Mitigation/counter-argument: This seems not to have sense as there must be a > justification process anyway, and because the starting point is /48, an ISP > willing to connect customers, will really want to be an LIR. Furthermore, if > we want to be restrictive on this, we could add a limitation that the maximum > sub-assignment can be /64. So I need a /48 per WiFi I use (as each requires an /64 and two "sub-assignments" therefore would exceed the limit)? Does not look like it solves any issue ;) Still: I don't think ripe-684 needs an update. At fault is the RIPE NCC's, highly inconsistent, interpretation of the term "sub-assignment". ripe-684's definition of "assign" states (in 2.6): "Assignments must only be made for specific purposes documented by specific organisations and are not to be sub-assigned to other parties". If a /128 for a device that doesn't belong to the organisation holding a IPv6 assigment is a "sub-assignment", there is *no* way for *any* organisation to (in accordance of RIPE NCC's interpretation) provide externals with public IPv6 addresses. By any means. Regardless if the organisation is an IR or not. (Well, an IR could formally "assign" address space from their allocated, unassigned pool, if the End User comes with "Internet infrastructure they operate"; different story.) I somewhat doubt that RIPE NCC teaches this interpretation to (old and) new LIRs for evaluating PA requests. But then there is no justification to interpret the definition of "assign" in 2.6 differently for PI. As I don't think the intent of ripe-684 was to prevent the use of IPv6 on guest or even public WiFi, in coworking spaces, hotels or at meetings, the sane thing to do is to abolish this interpretation of an /128 being a "sub-assignment" within the RIPE NCC. It's nowhere in the policy text; on the contrary: This "/128 is a sub-assignment" interpretation even contradicts ripe-684. Quoting 5.4.1. ("Assignment address space size"): "End Users are assigned an End Site assignment
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
Anno domini 2017 JORDI PALET MARTINEZ scripsit: Hi, > Ok, here is it then. Hopefully we have a lot of fun and good noise ;-) > (that's music?) > The main idea is to allow what Max (and many other people) needs in PI, but > not having restrictions. > > For that, what I’m proposing is: > > 1) Change the actual definition of Assign in 2.6, to: > 2.6. Assign > To “assign” means to delegate address space to an ISP or End User for > specific use within the Internet infrastructure they operate. Assignments > must only be made for specific purposes documented by specific organisations > and are not to be sub-assigned to other parties, with the exception of > Provider Independent (PI). > > 2) Remove last paragraph in 7. IPv6 Provider Independent (PI) Assignments > So, REMOVE: The PI assignment cannot be further assigned to other > organisations. > > Rationale: > > a. Arguments Supporting the Proposal > This proposal will avoid the situations of breaking existing policy when a > network using PI is using the addressing space for point-to-point links or in > cases such as providing connectivity to employee or visitor devices (BYOD), > hot-spots, and similar situations. > At this way, regardless of if a single /128 or /64 is sub-assigned, and > independently of what technology is used for that (SLAAC, DHCPv6, DHCPv6-PD), > the restriction is no longer an issue. > > b. Arguments Opposing the Proposal > It can be argued that this proposal could increase the number of PI request > to RIPE NCC. > > Mitigation/counter-argument: This is not an issue and should not be > considered as a “bad-effect”. > > The resulting policy could be used to circumvent the allocation policy, > avoiding creating a LIR. > > Mitigation/counter-argument: This seems not to have sense as there must be a > justification process anyway, and because the starting point is /48, an ISP > willing to connect customers, will really want to be an LIR. Furthermore, if > we want to be restrictive on this, we could add a limitation that the maximum > sub-assignment can be /64. > Thoughts? I like the idee, but I'm totally with Nick on this one: It's a much larger change - which I support - but don't think, that we can get this implemented into policy in the near future. So I propose to *now* implement my proposal with the smaller change and then get the bold move of lifting more restrictions or even lifting the distinction between PI/PA going. I think it's safe to predict that if we shift to your approach right now, we will still be discussing this on the next RIPE meeting, or even the one after that as the area of things touched by this change is considerably larger, as pointed out by others already. That way we solve the real time problem - which we all agree on, right? - right now and make PI great again, and then have time to make the world and even better place afterwards. :-) Best Max
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
On 08.11.2017 16:54, Nick Hilliard wrote: > JORDI PALET MARTINEZ wrote: >> I don’t think reaching consensus in the PI/PA change will be so easy >> in the “near future” (considering that it may require a long >> implementation time), and a middle way proposal looks feasible to >> me. > but it's not a middle way: it's removing the block on sub-assigning to > other parties, which is the thing that distinguishes PI from PA. It's not, as that isn't a distinction; sub-assigning is blocked in general. Quoting https://www.ripe.net/publications/docs/ripe-684#assign: > 2.6. Assign > > To “assign” means to delegate address space to an ISP or End User for > specific use within the Internet infrastructure they operate. Assignments > must only be made for specific purposes documented by specific organisations > and are not to be sub-assigned to other parties. Regards, -kai
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
Anno domini 2017 JORDI PALET MARTINEZ scripsit: Hi Jordi, [...] > I feel that the current version is solving partially Max case, but even in > his case, if he decides to provide /64 for each hot-spot customer, this > proposal will not work. Actually the NCC IA interpretation is rather clear on this one - as Marco (IIRC) confirmed while the WG session. /64 assignments to hosts aren't a problem with the current policy text / interpretation. Best Max
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
Erik Bais wrote: > I don’t think that the fear from past times is something that we > should keep in this discussion these days.. the issue isn't fear from past times: it's that PI & PA are ingrained pretty deeply in the RIPE NCC billing model and service expectation model, and some way would need to be found to square a number of circles in order to integrate the two flavours of integers. I'm not objecting to trying to get this done, btw, just saying that if we're going to do it, let's do it properly. Regarding 2016-04, it's clear that the current rules / rule interpretations are too limited and are causing problems in the real world, so the sensible thing to do would be to open up the usage terms so that third parties can use PI assignments, even if the addresses are not subassigned. This doesn't go as far as what Jordi is talking about and looks like a practicable middle ground to aim for. Nick
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
Hi Gert, Nick & Jordi, I don’t think that the fear from past times is something that we should keep in this discussion these days.. If you have a look at which speed hosters / ISP are opening up new LIR’s for the /22 IPv4 … and are able to get their own v6 /29, just because they need the v4 anyway .… I have serious doubt if someone would even consider to get a ‘cheap’ /48 PI just to game the system. It would have my vote to remove as much of the IPv6 PI restrictions as possible, but keep the /48 PI limit without documentation … The goal of aggregation is noble for the DFZ, but if you have a look at the current v6 space and what people are de-aggregating their v6 prefixes into .. you would probably have to agree with me that this discussion doesn’t apply to the real world anymore. The discussion of financial cost for v6 space is nothing if you look at the cost for getting v4 .. and if someone wants to do the documentation for PI space .. rather than becoming a LIR.. where you can get a /29 without any questions or documentation .. Go for it .. If you have that amount of customers .. I think you would be an LIR already .. Just have a look how certain companies are doing more specific announcements of their /32 in /48’s .. or even smaller… If customers want to implement v6 .. using PI space for their internal infra .. or even host a server or 200 on that /48 .. let them have fun with it.. The reality is that is not where the pollution in the routing table will come from imho .. I do think that a proposal to change the PI v6 requirements should be a separate discussion and policy proposal. Regards, Erik Bais On 08/11/2017, 17:14, "address-policy-wg on behalf of Gert Doering"wrote: Hi, On Wed, Nov 08, 2017 at 03:54:42PM +, Nick Hilliard wrote: > JORDI PALET MARTINEZ wrote: > > I don???t think reaching consensus in the PI/PA change will be so easy > > in the ???near future??? (considering that it may require a long > > implementation time), and a middle way proposal looks feasible to > > me. > > but it's not a middle way: it's removing the block on sub-assigning to > other parties, which is the thing that distinguishes PI from PA. Which is one of the things. Other things are "how big will that bag of numbers be" and "what costs are attached to it". Especially the "how big will that bag of numbers be" will certainly be something we'll have to discuss next, shall we decide to open up PI for "more liberate use" (like, will "I want to assing a million /64 to DSL users" be a sufficient reason to get "larger than a /48"?). Consequences to all we do... Gert Doering -- APWG chair -- have you enabled IPv6 on something today...? SpaceNet AGVorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
Hi, On Wed, Nov 08, 2017 at 05:16:32PM +0100, JORDI PALET MARTINEZ wrote: > That???s why I suggested that the limit can be only /64 if we want to have a > in PI at the time being. A /64 for what? per customer? So, what is the answer we give to the NCC when they come to us and say "so, this large Telco with 10 million customers has asked for a /40 PI, to give all their customers a /64"? Not that a /40 would really "lots of space", and it's one routing table slot either way, but we need to decide "is this something we consider 'acceptable use' or 'deny this request'". (I pretend to not have an opinion, so you, as the community, decide) Gert Doering -- APWG chair -- have you enabled IPv6 on something today...? SpaceNet AGVorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 signature.asc Description: PGP signature
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
That’s why I suggested that the limit can be only /64 if we want to have a in PI at the time being. Regards, Jordi -Mensaje original- De: address-policy-wgen nombre de Nick Hilliard Responder a: Fecha: miércoles, 8 de noviembre de 2017, 16:55 Para: CC: Asunto: Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification) JORDI PALET MARTINEZ wrote: > I don’t think reaching consensus in the PI/PA change will be so easy > in the “near future” (considering that it may require a long > implementation time), and a middle way proposal looks feasible to > me. but it's not a middle way: it's removing the block on sub-assigning to other parties, which is the thing that distinguishes PI from PA. Nick ** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
Hi, On Wed, Nov 08, 2017 at 03:54:42PM +, Nick Hilliard wrote: > JORDI PALET MARTINEZ wrote: > > I don???t think reaching consensus in the PI/PA change will be so easy > > in the ???near future??? (considering that it may require a long > > implementation time), and a middle way proposal looks feasible to > > me. > > but it's not a middle way: it's removing the block on sub-assigning to > other parties, which is the thing that distinguishes PI from PA. Which is one of the things. Other things are "how big will that bag of numbers be" and "what costs are attached to it". Especially the "how big will that bag of numbers be" will certainly be something we'll have to discuss next, shall we decide to open up PI for "more liberate use" (like, will "I want to assing a million /64 to DSL users" be a sufficient reason to get "larger than a /48"?). Consequences to all we do... Gert Doering -- APWG chair -- have you enabled IPv6 on something today...? SpaceNet AGVorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 signature.asc Description: PGP signature
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
JORDI PALET MARTINEZ wrote: > I don’t think reaching consensus in the PI/PA change will be so easy > in the “near future” (considering that it may require a long > implementation time), and a middle way proposal looks feasible to > me. but it's not a middle way: it's removing the block on sub-assigning to other parties, which is the thing that distinguishes PI from PA. Nick
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
I don’t think reaching consensus in the PI/PA change will be so easy in the “near future” (considering that it may require a long implementation time), and a middle way proposal looks feasible to me. Regards, Jordi -Mensaje original- De: address-policy-wgen nombre de Nick Hilliard Responder a: Fecha: miércoles, 8 de noviembre de 2017, 13:10 Para: CC: Asunto: Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification) JORDI PALET MARTINEZ wrote: > Fully agree, and I’ve been working around that idea for about a year > already … I’ve something in the kitchen, but still not mature > enought. > > I’m waiting for NCC budget figures to be able to make a proposal that > is sustainable in the long term. I know “money” is not related to > policies, but in this case, even if is only rational behind the > proposal text, I think it is a must. > > Nevertheless, my opinion is that that change may take, as you said, a > longer period of discussion, and I will like to make sure, meanwhile, > cases such as Max one, aren’t “in hold” for deploying IPv6. if you're planning to change this universally some time in the future, it would be simpler and easier to make a step change (i.e. Max's suggestions) in the ipv6 assignment policy now rather than making a fundamental change there first and catching up with other bits of policy later on. Nick ** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
JORDI PALET MARTINEZ wrote: > Fully agree, and I’ve been working around that idea for about a year > already … I’ve something in the kitchen, but still not mature > enought. > > I’m waiting for NCC budget figures to be able to make a proposal that > is sustainable in the long term. I know “money” is not related to > policies, but in this case, even if is only rational behind the > proposal text, I think it is a must. > > Nevertheless, my opinion is that that change may take, as you said, a > longer period of discussion, and I will like to make sure, meanwhile, > cases such as Max one, aren’t “in hold” for deploying IPv6. if you're planning to change this universally some time in the future, it would be simpler and easier to make a step change (i.e. Max's suggestions) in the ipv6 assignment policy now rather than making a fundamental change there first and catching up with other bits of policy later on. Nick
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
Hi Elvis, I think the number of sub-assignments is something that can be very different in different cases and we may end-up with a new case that will not fit the policy. My rational to /64 is that actual IETF work direction is very consistent with a /64 to be used in a single interface (a host having VMs, for example) and I think this match very well what it may be the difference between PI and PA (while we keep it). https://datatracker.ietf.org/doc/draft-ietf-v6ops-unique-ipv6-prefix-per-host/ Regards, Jordi -Mensaje original- De: address-policy-wgen nombre de Elvis Daniel Velea Responder a: Fecha: miércoles, 8 de noviembre de 2017, 12:12 Para: CC: Asunto: Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification) Hi Jordi, Excuse the briefness of this mail, it was sent from a mobile device. > On Nov 8, 2017, at 02:20, JORDI PALET MARTINEZ wrote: > > b. Arguments Opposing the Proposal > It can be argued that this proposal could increase the number of PI request to RIPE NCC. > > Mitigation/counter-argument: This is not an issue and should not be considered as a “bad-effect”. > > The resulting policy could be used to circumvent the allocation policy, avoiding creating a LIR. > > Mitigation/counter-argument: This seems not to have sense as there must be a justification process anyway, and because the starting point is /48, an ISP willing to connect customers, will really want to be an LIR. Furthermore, if we want to be restrictive on this, we could add a limitation that the maximum sub-assignment can be /64. how about... if we want to be restrictive - instead of limiting the size of the prefix, we limit the number of sub-assignments one can make from a PI? elvis ** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
Hi Nick, Fully agree, and I’ve been working around that idea for about a year already … I’ve something in the kitchen, but still not mature enought. I’m waiting for NCC budget figures to be able to make a proposal that is sustainable in the long term. I know “money” is not related to policies, but in this case, even if is only rational behind the proposal text, I think it is a must. Nevertheless, my opinion is that that change may take, as you said, a longer period of discussion, and I will like to make sure, meanwhile, cases such as Max one, aren’t “in hold” for deploying IPv6. Regards, Jordi -Mensaje original- De: address-policy-wgen nombre de Nick Hilliard Responder a: Fecha: miércoles, 8 de noviembre de 2017, 12:24 Para: Gert Doering CC: , JORDI PALET MARTINEZ Asunto: Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification) Gert Doering wrote: > both would work to solve the (real) problem at hand, and Jordi's approach > would certainly much easier than trying to come up with unambiguous wording > to "permit some, disallow other" use cases. this is a restatement of the long-standing question about whether the RIPE community should continue with the idea of differentiating between PA and PI address space. If we're going to go down this road, this is a substantial change to make, with far-reaching consequences, and it needs a good deal more attention than a couple of lines in the ipv6 policy doc. Nick ** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
Gert Doering wrote: > both would work to solve the (real) problem at hand, and Jordi's approach > would certainly much easier than trying to come up with unambiguous wording > to "permit some, disallow other" use cases. this is a restatement of the long-standing question about whether the RIPE community should continue with the idea of differentiating between PA and PI address space. If we're going to go down this road, this is a substantial change to make, with far-reaching consequences, and it needs a good deal more attention than a couple of lines in the ipv6 policy doc. Nick
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
Hi Jordi, Excuse the briefness of this mail, it was sent from a mobile device. > On Nov 8, 2017, at 02:20, JORDI PALET MARTINEZ> wrote: > > b. Arguments Opposing the Proposal > It can be argued that this proposal could increase the number of PI request > to RIPE NCC. > > Mitigation/counter-argument: This is not an issue and should not be > considered as a “bad-effect”. > > The resulting policy could be used to circumvent the allocation policy, > avoiding creating a LIR. > > Mitigation/counter-argument: This seems not to have sense as there must be a > justification process anyway, and because the starting point is /48, an ISP > willing to connect customers, will really want to be an LIR. Furthermore, if > we want to be restrictive on this, we could add a limitation that the maximum > sub-assignment can be /64. how about... if we want to be restrictive - instead of limiting the size of the prefix, we limit the number of sub-assignments one can make from a PI? elvis
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
Hi, Excuse the briefness of this mail, it was sent from a mobile device. > On Nov 8, 2017, at 02:41, Gert Doeringwrote: > > Hi, > >> On Wed, Nov 08, 2017 at 11:20:34AM +0100, JORDI PALET MARTINEZ wrote: >> Ok, here is it then. Hopefully we have a lot of fun and good noise ;-) >> (that's music?) > > Thanks. > > So, basically, we have two possible approaches here: > > proposed by Max (active proposal): > keep the IPv6 PI policy as somewhat restrictive, trying to find wording > that permits "some generally accepted" use-cases where other people's > devices can get numbers from someone's IPv6 PI block > I agree with Jordi. This is just a patch. This community can do better. > or, > > proposed by Jordi (new direction): > completely remove the restrictions on "letting other people use parts > of someone's IPv6 PI block" > much better, I would support elvis > > both would work to solve the (real) problem at hand, and Jordi's approach > would certainly much easier than trying to come up with unambiguous wording > to "permit some, disallow other" use cases. > > Thanks for your proposal, and now let's see what the community wants :-) > > Gert Doering >-- APWG chair > -- > have you enabled IPv6 on something today...? > > SpaceNet AGVorstand: Sebastian v. Bomhard > Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann > D-80807 Muenchen HRB: 136055 (AG Muenchen) > Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
Hi, On Wed, Nov 08, 2017 at 11:20:34AM +0100, JORDI PALET MARTINEZ wrote: > Ok, here is it then. Hopefully we have a lot of fun and good noise ;-) > (that's music?) Thanks. So, basically, we have two possible approaches here: proposed by Max (active proposal): keep the IPv6 PI policy as somewhat restrictive, trying to find wording that permits "some generally accepted" use-cases where other people's devices can get numbers from someone's IPv6 PI block or, proposed by Jordi (new direction): completely remove the restrictions on "letting other people use parts of someone's IPv6 PI block" both would work to solve the (real) problem at hand, and Jordi's approach would certainly much easier than trying to come up with unambiguous wording to "permit some, disallow other" use cases. Thanks for your proposal, and now let's see what the community wants :-) Gert Doering -- APWG chair -- have you enabled IPv6 on something today...? SpaceNet AGVorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 signature.asc Description: PGP signature
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
Ok, here is it then. Hopefully we have a lot of fun and good noise ;-) (that's music?) The main idea is to allow what Max (and many other people) needs in PI, but not having restrictions. For that, what I’m proposing is: 1) Change the actual definition of Assign in 2.6, to: 2.6. Assign To “assign” means to delegate address space to an ISP or End User for specific use within the Internet infrastructure they operate. Assignments must only be made for specific purposes documented by specific organisations and are not to be sub-assigned to other parties, with the exception of Provider Independent (PI). 2) Remove last paragraph in 7. IPv6 Provider Independent (PI) Assignments So, REMOVE: The PI assignment cannot be further assigned to other organisations. Rationale: a. Arguments Supporting the Proposal This proposal will avoid the situations of breaking existing policy when a network using PI is using the addressing space for point-to-point links or in cases such as providing connectivity to employee or visitor devices (BYOD), hot-spots, and similar situations. At this way, regardless of if a single /128 or /64 is sub-assigned, and independently of what technology is used for that (SLAAC, DHCPv6, DHCPv6-PD), the restriction is no longer an issue. b. Arguments Opposing the Proposal It can be argued that this proposal could increase the number of PI request to RIPE NCC. Mitigation/counter-argument: This is not an issue and should not be considered as a “bad-effect”. The resulting policy could be used to circumvent the allocation policy, avoiding creating a LIR. Mitigation/counter-argument: This seems not to have sense as there must be a justification process anyway, and because the starting point is /48, an ISP willing to connect customers, will really want to be an LIR. Furthermore, if we want to be restrictive on this, we could add a limitation that the maximum sub-assignment can be /64. Thoughts? Regards, Jordi -Mensaje original- De: address-policy-wgen nombre de Gert Doering Responder a: Fecha: miércoles, 8 de noviembre de 2017, 11:09 Para: JORDI PALET MARTINEZ CC: Asunto: Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification) Hi, On Wed, Nov 08, 2017 at 10:47:09AM +0100, JORDI PALET MARTINEZ wrote: > So, in the morning of 25th I???ve prepared a draft version and > my co-author hasn???t provided any input back. I just resent it to > him and my next step is to send a copy to the co-chairs and Max in > private in a few seconds, so we can move on from there. Before coming up with finished new proposal text it might be a good idea to present your approach to the list and discuss the general direction, and only then come up with a specific text to take WG feedback into account. This is not the IETF where things have to start with elaborate drafts, we are at liberty to discuss first. Speeds up things a bit :-) Gert Doering -- APWG chair -- have you enabled IPv6 on something today...? SpaceNet AGVorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 ** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
Hi, On Wed, Nov 08, 2017 at 10:47:09AM +0100, JORDI PALET MARTINEZ wrote: > So, in the morning of 25th I???ve prepared a draft version and > my co-author hasn???t provided any input back. I just resent it to > him and my next step is to send a copy to the co-chairs and Max in > private in a few seconds, so we can move on from there. Before coming up with finished new proposal text it might be a good idea to present your approach to the list and discuss the general direction, and only then come up with a specific text to take WG feedback into account. This is not the IETF where things have to start with elaborate drafts, we are at liberty to discuss first. Speeds up things a bit :-) Gert Doering -- APWG chair -- have you enabled IPv6 on something today...? SpaceNet AGVorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 signature.asc Description: PGP signature
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
Responding to Sander and Gert, in a single email … Actually, I fully agree with you, and this is what I’ve said to my co-author in Dubai, during the meeting, that it will be better to just draft this together with Max, but we wanted to clarify first among ourselves. So, in the morning of 25th I’ve prepared a draft version and my co-author hasn’t provided any input back. I just resent it to him and my next step is to send a copy to the co-chairs and Max in private in a few seconds, so we can move on from there. Regards, Jordi -Mensaje original- De: address-policy-wgen nombre de Gert Doering Responder a: Fecha: miércoles, 8 de noviembre de 2017, 10:41 Para: JORDI PALET MARTINEZ CC: Asunto: Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification) Hi, On Wed, Nov 08, 2017 at 10:33:36AM +0100, JORDI PALET MARTINEZ wrote: > I think Jan comments (in the meeting, hopefully he can repeat here) are very relevant, and I???ve a draft policy proposal in that direction, I???m waiting for my co-author review to submit it. Multiple parallel proposals touching the same area of the same policy document are never a good idea. So if you want to work on the IPv6 PI policy, please join forces with Max (or wait for his proposal to finish, either way). Gert Doering -- APWG chair -- have you enabled IPv6 on something today...? SpaceNet AGVorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 ** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
Hi, On Wed, Nov 08, 2017 at 10:33:36AM +0100, JORDI PALET MARTINEZ wrote: > I think Jan comments (in the meeting, hopefully he can repeat here) are very > relevant, and I???ve a draft policy proposal in that direction, I???m waiting > for my co-author review to submit it. Multiple parallel proposals touching the same area of the same policy document are never a good idea. So if you want to work on the IPv6 PI policy, please join forces with Max (or wait for his proposal to finish, either way). Gert Doering -- APWG chair -- have you enabled IPv6 on something today...? SpaceNet AGVorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 signature.asc Description: PGP signature
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
Hi Jordi, > I think Jan comments (in the meeting, hopefully he can repeat here) are very > relevant, and I’ve a draft policy proposal in that direction, I’m waiting for > my co-author review to submit it. If you are talking about a RIPE policy proposal: please don't. Having multiple "competing" policy proposals on the same subject active at the same time tends to make it impossible to get consensus on anything. If you want to contribute please work with the current policy proposer. The end goal should be working group consensus, so getting consensus with the current proposer on the next version should only be a small effort in that direction :) Cheers, Sander
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
What I’m not supporting is the *current* text (this version, as I understand we are discussing this version). I feel that the current version is solving partially Max case, but even in his case, if he decides to provide /64 for each hot-spot customer, this proposal will not work. I think Jan comments (in the meeting, hopefully he can repeat here) are very relevant, and I’ve a draft policy proposal in that direction, I’m waiting for my co-author review to submit it. Regards, Jordi -Mensaje original- De: address-policy-wgen nombre de Gert Doering Responder a: Fecha: miércoles, 8 de noviembre de 2017, 10:26 Para: JORDI PALET MARTINEZ CC: Asunto: Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification) Hi, On Wed, Nov 08, 2017 at 10:12:59AM +0100, JORDI PALET MARTINEZ wrote: > Sorry, I thought that you also consider the opinions in the meeting, so just repeating myself, I???m against this proposal. I find my "before we enter discussion" slide on this quite unambiguous. The discussion at the meeting is relevant to get a feel for the room, and help the proposer to get guidance in which direction the proposal should be developed. For the sake of openness and transparency, the *list* is what is relevant. But besides that, your statement is not helping. You have voiced support at the May meeting for the general proposal, and now oppose "the proposal", without further qualifying. So what, do you support loosening up the IPv6 PI policy, and just do not agree with the v2.0 wording, or do you generally oppose any move into that direction? > I know, a policy can probably never be perfect at once, but I > will prefer, in this case, having a better solution than an > intermediate step to a better one, as otherwise we are complicating > the interpretation of many other aspects in the overall IPv6 policy. There are no perfect policies. There are workable compromises that iteratively get adjusted to changed community requirements. The IPv6 PI policy is a good example: it's a compromise, because we did not know 10+ years ago what a "perfect!" policy would have looked like (and 10+ years ago, what people assumed would be needed is different from the landscape today) Gert Doering -- APWG chair -- have you enabled IPv6 on something today...? SpaceNet AGVorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 ** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
Gert Doering wrote: > So: > >>> We encourage you to read the proposal, impact analysis and draft >>> document and send any comments to>>> before 17 November 2017. > > Please speak up *here* if you have opinions on this proposal. Looks sensible. I support the proposal. Nick
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
Hi, On Wed, Nov 08, 2017 at 10:12:59AM +0100, JORDI PALET MARTINEZ wrote: > Sorry, I thought that you also consider the opinions in the meeting, so just > repeating myself, I???m against this proposal. I find my "before we enter discussion" slide on this quite unambiguous. The discussion at the meeting is relevant to get a feel for the room, and help the proposer to get guidance in which direction the proposal should be developed. For the sake of openness and transparency, the *list* is what is relevant. But besides that, your statement is not helping. You have voiced support at the May meeting for the general proposal, and now oppose "the proposal", without further qualifying. So what, do you support loosening up the IPv6 PI policy, and just do not agree with the v2.0 wording, or do you generally oppose any move into that direction? > I know, a policy can probably never be perfect at once, but I > will prefer, in this case, having a better solution than an > intermediate step to a better one, as otherwise we are complicating > the interpretation of many other aspects in the overall IPv6 policy. There are no perfect policies. There are workable compromises that iteratively get adjusted to changed community requirements. The IPv6 PI policy is a good example: it's a compromise, because we did not know 10+ years ago what a "perfect!" policy would have looked like (and 10+ years ago, what people assumed would be needed is different from the landscape today) Gert Doering -- APWG chair -- have you enabled IPv6 on something today...? SpaceNet AGVorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 signature.asc Description: PGP signature
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
Hi Gert, all, Sorry, I thought that you also consider the opinions in the meeting, so just repeating myself, I’m against this proposal. I know, a policy can probably never be perfect at once, but I will prefer, in this case, having a better solution than an intermediate step to a better one, as otherwise we are complicating the interpretation of many other aspects in the overall IPv6 policy. Regards, Jordi -Mensaje original- De: address-policy-wgen nombre de Gert Doering Responder a: Fecha: miércoles, 8 de noviembre de 2017, 9:46 Para: Marco Schmidt CC: Asunto: Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification) Dear Working Group, On Thu, Oct 19, 2017 at 03:08:07PM +0200, Marco Schmidt wrote: > Policy proposal 2016-04, "IPv6 Sub-assignment Clarification" is now in the Review Phase. I'm a bit disappointed by the reactions of the WG on this - one voice of support on the list, silence otherwise. Then, quite vocal opposition at the RIPE meeting in dubai (to the current version, v2.0, while still in favour of the general idea to loosen up the IPv6 PI policy somewhat). Afterwards, silence again. But if it's not on the list, it did not happen, as per the ever-repeated explanation at the meetings. So, does this mean "the WG supports the current form of this proposal", and "the outburst at the RIPE meeting was not meant as sustained opposition"? So: > We encourage you to read the proposal, impact analysis and draft document and send any comments to before 17 November 2017. Please speak up *here* if you have opinions on this proposal. Gert Doering -- APWG chair -- have you enabled IPv6 on something today...? SpaceNet AGVorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 ** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
Re: [address-policy-wg] 2016-04 Review Phase (IPv6 Sub-assignment Clarification)
Dear Working Group, On Thu, Oct 19, 2017 at 03:08:07PM +0200, Marco Schmidt wrote: > Policy proposal 2016-04, "IPv6 Sub-assignment Clarification" is now in the > Review Phase. I'm a bit disappointed by the reactions of the WG on this - one voice of support on the list, silence otherwise. Then, quite vocal opposition at the RIPE meeting in dubai (to the current version, v2.0, while still in favour of the general idea to loosen up the IPv6 PI policy somewhat). Afterwards, silence again. But if it's not on the list, it did not happen, as per the ever-repeated explanation at the meetings. So, does this mean "the WG supports the current form of this proposal", and "the outburst at the RIPE meeting was not meant as sustained opposition"? So: > We encourage you to read the proposal, impact analysis and draft document and > send any comments tobefore 17 November 2017. Please speak up *here* if you have opinions on this proposal. Gert Doering -- APWG chair -- have you enabled IPv6 on something today...? SpaceNet AGVorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 signature.asc Description: PGP signature