date:20240213

>
> Except we aren't really "post-pandemic" despite the claims that we are.
>

"post-pandemic" the way that I used it was to mean "after the COVID
lockdowns,  with close to normal travel gatherings".

It certainly wasn't intended to be commentary on the current state of
COVID, if it's referred to as 'pandemic' or 'endemic' , etc. Nor does that
sort of convo really belong anywhere near this list.

On Tue, Feb 13, 2024 at 7:58 PM Glen A. Pearce  wrote:

> On 11/02/2024 7:56 a.m., Tom Beecher wrote:
> > Yup. Post pandemic, the unfortunate hotel situation, and a non-zero
> > number of companies still have tight travel budgets.
> >
> > It's been slowly creeping back though.
>
> Except we aren't really "post-pandemic" despite the claims that we are.
>
> As long as COVID exists and we don't reach eradication there are going to
> be a number of people who might have otherwise participated in these
> types of events that will opt not to if they have the choice. Unfortunately
> I don't see us eradicating COVID as long as governments succeed at
> convincing people that it's not a problem anymore because that's easier
> than taking on the people that throw a fit if pandemic control measures
> inconvenience them.
>
> Info on what a problem COVID still is from some of the few people that
> still write about it:
> https://www.okdoomer.io/its-that-bad/
>
> https://www.textise.net/showText.aspx?strURL=https%253A//www.normalcyfugitive.com/p/the-pandemic-isnt-over
>
> Now I know I can't tell people what to do but I can share what I know
> if it might help some people.  This pandemic has been one failure after
> another with the virus being underestimated at every turn.  I have
> thoughts on what I think should be done to get us to eradication
> but that gets political and probably too off topic for NANOG.
>
> So back to the topic, because of this situation there will always be some
> people opting out of gatherings wherever possible as long as this drags
> on and we won't ever be fully back to "normal" as much as many
> people try to fake normal.  (I think Jessica at okdoomer had it nailed
> when she used the term "cosplaying 2019".)  It may be a little less
> obvious as most of the people opting out aren't really being vocal
> about why, they just aren't showing up.
>
> As for why the sales people are still showing up...
> ...detachment from reality has long been a big part of "sales culture".
> (Whereas it's not an inherent into "techy culture".)
>
> --
> Glen A. Pearce
> g...@ve4.ca
> Network Manager, Webmaster, Bookkeeper, Fashion Model and Shipping Clerk.
> Very Eager 4 Tees
> http://www.ve4.ca
> ARIN Handle VET-17
>
>

Re: The Reg does 240/4

>
> We aren't trying to have a debate on this. All we can do is present our
> case, explain our reasons and hope that we can gain a consensus from the
> community.


Respectfully, if you're just putting your case out there and hoping that
people come around to your position, it's never going to happen.

On Tue, Feb 13, 2024 at 5:15 PM Christopher Hawker 
wrote:

> Hi Tom,
>
> We aren't trying to have a debate on this. All we can do is present our
> case, explain our reasons and hope that we can gain a consensus from the
> community.
>
> I understand that some peers don't like the idea of this happening and yes
> we understand the technical work behind getting this across the line. It's
> easy enough for us to say "this will never happen" or to put it into the
> "too hard" basket, however, the one thing I can guarantee is that will
> never happen, if nothing is done.
>
> Let's not think about ourselves for a moment, and think about the
> potential positive impact that this could bring.
>
> Regards,
> Christopher Hawker
> --
> *From:* Tom Beecher 
> *Sent:* Wednesday, February 14, 2024 1:23 AM
> *To:* Christopher Hawker 
> *Cc:* North American Operators' Group ;
> aus...@lists.ausnog.net ; Christopher Hawker via
> sanog ; apnic-t...@lists.apnic.net <
> apnic-t...@lists.apnic.net>
> *Subject:* Re: The Reg does 240/4
>
>
> Now, we know there's definitely going to be some pushback on this. This
> won't be easy to accomplish and it will take some time.
>
>
>  It won't ever be 'accomplished' by trying to debate this in the media.
>
> On Tue, Feb 13, 2024 at 5:05 AM Christopher Hawker 
> wrote:
>
> Hello all,
>
> [Note: I have cross-posted this reply to a thread from NANOG on AusNOG,
> SANOG and APNIC-Talk in order to invite more peers to engage in the
> discussion on their respective forums.]
>
> Just to shed some light on the article and our involvement...
>
> Since September 1981, 240/4 has been reserved for future use, see
> https://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xhtml.
> This space has always been reserved for future use and given the global
> shortage of available space for new network operators we feel it is
> appropriate for this space to be reclassified as Unicast space available
> for delegation by IANA/PTI to RIRs on behalf of ICANN.
>
> At present, the IP space currently available for RIRs to delegate to new
> members is minimal, if any at all. The primary goal of our call for change
> is to afford smaller players who are wanting to enter the industry the
> opportunity to do so without having to shell out the big dollars for space.
> Although I do not agree with IP space being treated as a commodity (as this
> was not what it was intended to be), those who can afford to purchase space
> may do so and those who cannot should be able to obtain space from their
> respective RIR without having to wait over a year in some cases just to
> obtain space. It's not intended to flood the market with resources that can
> be sold off to the highest bidder, and this can very well be a way for
> network operators to plan to properly roll out IPv6. At this point in time,
> the uptake and implementation of IPv6 is far too low (only 37% according to
> https://stats.labs.apnic.net/ipv6) for new networks to deploy IPv6
> single-stack, meaning that we need to continue supporting IPv4 deployments.
>
> The reallocation of IPv4 space marked as Future Use would not restrict or
> inhibit the deployment of IPv6, if anything, in our view it will help the
> deployment through allowing these networks to service a greater number of
> customers than what a single /24 v4 prefix will allow. Entire regions of an
> economy have the potential to be serviced by a single /23 IPv4 prefix when
> used in conjunction with IPv6 space.
>
> Now, some have argued that we should not do anything with IPv4 and simply
> let it die out. IPv4 will be around for the foreseeable future and while it
> is, we need to allow new operators to continue deploying networks. It is
> unfair of us to say "Let's all move towards IPv6 and just let IPv4 die"
> however the reality of the situation is that while we continue to treat it
> as a commodity and allow v6 uptake to progress as slowly as it is, we need
> to continue supporting it v4. Some have also argued that networks use this
> space internally within their infrastructure. 240/4 was always marked as
> Reserved for Future Use and if network operators elect to squat on reserved
> space instead of electing to deploy v6 across their internal networks then
> that is an issue they need to resolve, and it should not affect how it is
> reallocated. It goes against the bottom-up approach of policy development
> by allowing larger network operators to state that this space cannot be
> made unicast because they are using it internally (even though it's not
> listed in RFC1918), and its reallocation would affect their networks.
>
> In the APNIC region, there is a

Re: NANOG 90 Attendance?

2024-02-13 Thread Glen A. Pearce

On 11/02/2024 7:56 a.m., Tom Beecher wrote:
Yup. Post pandemic, the unfortunate hotel situation, and a non-zero
number of companies still have tight travel budgets.

It's been slowly creeping back though.

Except we aren't really "post-pandemic" despite the claims that we are.

As long as COVID exists and we don't reach eradication there are going to
be a number of people who might have otherwise participated in these
types of events that will opt not to if they have the choice. Unfortunately
I don't see us eradicating COVID as long as governments succeed at
convincing people that it's not a problem anymore because that's easier
than taking on the people that throw a fit if pandemic control measures
inconvenience them.

Info on what a problem COVID still is from some of the few people that
still write about it:
https://www.okdoomer.io/its-that-bad/
https://www.textise.net/showText.aspx?strURL=https%253A//www.normalcyfugitive.com/p/the-pandemic-isnt-over

Now I know I can't tell people what to do but I can share what I know
if it might help some people. This pandemic has been one failure after
another with the virus being underestimated at every turn. I have
thoughts on what I think should be done to get us to eradication
but that gets political and probably too off topic for NANOG.

So back to the topic, because of this situation there will always be some
people opting out of gatherings wherever possible as long as this drags
on and we won't ever be fully back to "normal" as much as many
people try to fake normal. (I think Jessica at okdoomer had it nailed
when she used the term "cosplaying 2019".) It may be a little less
obvious as most of the people opting out aren't really being vocal
about why, they just aren't showing up.

As for why the sales people are still showing up...
...detachment from reality has long been a big part of "sales culture".
(Whereas it's not an inherent into "techy culture".)

--
Glen A. Pearce
g...@ve4.ca
Network Manager, Webmaster, Bookkeeper, Fashion Model and Shipping Clerk.
Very Eager 4 Tees
http://www.ve4.ca
ARIN Handle VET-17

Re: The Reg does 240/4

Hi Bill,

I agree, that a more viable path may be to look at moving it from reserved to 
unicast (which in itself would be relatively easy to accomplish). Once this has 
been done we could then look at possible use-cases for it instead of trying to 
trying to jump 4 steps ahead.

The idea to this discussion is to get feedback/input and talk about this. If 
there is such a strong push away from this from all stakeholders (and not just 
the top 1% of network operators) then it may not be the way to go. Everyone 
needs to be afforded a say.

Regards,
Christopher Hawker

From: William Herrin 
Sent: Wednesday, February 14, 2024 10:06 AM
To: Christopher Hawker 
Cc: North American Operators' Group 
Subject: Re: The Reg does 240/4

On Tue, Feb 13, 2024 at 2:34 PM Christopher Hawker  wrote:
> Having [240/4] reclassified as unicast space is indeed much easier.

Hi Chris,

If I were spending my time on the effort, that's what I'd pursue. It's
a low-impact change with no reasonable counter-argument I've seen. As
you noted, half the vendors already treat it as unicast space anyway.

> With that, comes the argument - what about legacy hardware
> that vendors no longer support, or are out of warranty and no
> longer receive software updates?

What about legacy hardware that doesn't support CIDR? What about the
1990s Sparc Stations that don't have enough ram to run anything
vaguely like a modern web browser? You make the key standards change
(from reserved undefined use to reserved unicast use) and over time
varying potential uses for those unicast addresses become practical
despite the receding legacy equipment.

None of us has a crystal ball saying when IPv4 use will start to fall
off. It's entirely possible It'll still be going strong in 20 more
years. If so, and if 240/4 was defined as unicast now, it'll surely be
practical to use it by then.

Making the simple standards change also lets us debate the "best" use
of the addresses while the needed software change happens in parallel,
instead of holding up the software changes while we debate. Allocating
them to the RIRs isn't the only practical use of a new set of unicast
IP addresses. Other plausible uses include:

* More RFC1918 for large organizations.

* IXP addresses which only host routers, not the myriad servers and
end-user client software.

* ICMP unreachable source address block, for use by routers which need
to emit a destination unreachable message but do not have a global IP
address with which to do so.

* A block of designated private-interconnect addresses intended to be
used by off-internet networks using overlapping RFC1918 which
nevertheless need to interconnect.

Indeed, the only use for which we definitely -don't- need more IPv4
addresses is Multicast.

So, a rush to deploy 240/4 to RIRs is not really warranted.

Regards,
Bill Herrin

--
William Herrin
b...@herrin.us
https://bill.herrin.us/

Re: The Reg does 240/4

Hi David,

In order to forecast exhaustion rates, we needed something to measure against. 
It would be rather naive of us to assume that allocation policy would remain 
the same tomorrow as it was yesterday, if APNIC received a /8 from IANA. This 
is where we looked at pre-prop127 delegation sizes of up to a /22. If we were 
to allow applicants who have received either a /23 or /24 post-prop127 to apply 
for resources up to a maximum holding of /22 this would last (again, under 
current policy) 20+ years. These of course as mentioned are dependent on 3 x /8 
prefixes.

The intent of this isn't just to drop more space into the wild to be snatched 
up by the highest bidder, it's supposed to afford new players an opportunity to 
connect without having to fork out a small fortune to do so. I can only hope 
that people understand and see this, and instead of selfishly saying no, see 
what it's trying to do, who it can impact and at least understand. I definitely 
understand that RIR policy can change in as little as 12 months and it very 
well could happen that policies will change that see the exhaustion policies 
implemented over the last 15 years all undone for the sake of being able to get 
a quick /20 and for space to disappear in a few years (again) which I don't 
really think is the right way to go. This is a second chance to purposefully 
ration out a finite resource.

Regards,
Christopher Hawker

From: David Conrad 
Sent: Wednesday, February 14, 2024 10:24 AM
To: Christopher Hawker 
Cc: North American Operators' Group 
Subject: Re: The Reg does 240/4

Christopher,

On Feb 13, 2024, at 2:15 PM, Christopher Hawker  wrote:
Let's not think about ourselves for a moment, and think about the potential 
positive impact that this could bring.

Let’s assume that the class E checks in all IP stacks and application code that 
do or can connect to the Internet are magically removed (not going to argue 
feasibility of this) and control of 240/4 is put into the hands of IANA to 
allocate to the RIRs. Subsequent steps would be:

1. RIRs, following 
https://www.icann.org/resources/pages/allocation-ipv4-rirs-2012-02-25-en, would 
request new /8s, and receive those allocations.
2. Entities[*] with pent up demand would submit requests and have those 
requests filled by the RIRs
3. While more /8s in 240/4 remain, go to step 1
4. Return to status quo ante.

In other words, while the IANA free pool is not (again) empty, network 
operators would be able to get IPv4 address space at a fraction of the market 
price, and then we’d go back to the way things are now.

This suggests the length of time the primary benefit (cheap IPv4 addresses) 
would be enjoyed depends on RIR allocation policies.  ISTR a comment from you 
earlier suggesting that based on current consumption rates, 240/4 would fulfill 
needs for 50 years.  However, this appears to assume that current “soft 
landing” (etc) policies would remain in place.  Why would you assume that?  I 
would imagine there would be non-trivial pressure from the RIR memberships to 
return to the pre-runout policy regime which was burning through multiple /8s 
in months. In particular, I’d think the large scale buyers of address space (as 
well as IP market speculators) who tend to be the most active in RIR policy 
forums would jump at the opportunity to get “huge tracts of land” at bargain 
basement prices again.

This doesn’t seem all that positive to me, particularly because it’s temporary 
since the underlying problem (limited resource, unlimited demand) cannot be 
addressed.  What positive impact do you predict?

Thanks,
-drc
* I’ve purposefully ignored the geopolitical aspect of this here. In reality, I 
suspect there would be pressure for ‘entities’ to include countries, etc.

Re: The Reg does 240/4

2024-02-13 Thread David Conrad

Christopher,

On Feb 13, 2024, at 2:15 PM, Christopher Hawker  wrote:
> Let's not think about ourselves for a moment, and think about the potential 
> positive impact that this could bring.

Let’s assume that the class E checks in all IP stacks and application code that 
do or can connect to the Internet are magically removed (not going to argue 
feasibility of this) and control of 240/4 is put into the hands of IANA to 
allocate to the RIRs. Subsequent steps would be:

1. RIRs, following 
https://www.icann.org/resources/pages/allocation-ipv4-rirs-2012-02-25-en, would 
request new /8s, and receive those allocations.
2. Entities[*] with pent up demand would submit requests and have those 
requests filled by the RIRs
3. While more /8s in 240/4 remain, go to step 1
4. Return to status quo ante.

In other words, while the IANA free pool is not (again) empty, network 
operators would be able to get IPv4 address space at a fraction of the market 
price, and then we’d go back to the way things are now.

This suggests the length of time the primary benefit (cheap IPv4 addresses) 
would be enjoyed depends on RIR allocation policies.  ISTR a comment from you 
earlier suggesting that based on current consumption rates, 240/4 would fulfill 
needs for 50 years.  However, this appears to assume that current “soft 
landing” (etc) policies would remain in place.  Why would you assume that?  I 
would imagine there would be non-trivial pressure from the RIR memberships to 
return to the pre-runout policy regime which was burning through multiple /8s 
in months. In particular, I’d think the large scale buyers of address space (as 
well as IP market speculators) who tend to be the most active in RIR policy 
forums would jump at the opportunity to get “huge tracts of land” at bargain 
basement prices again.

This doesn’t seem all that positive to me, particularly because it’s temporary 
since the underlying problem (limited resource, unlimited demand) cannot be 
addressed.  What positive impact do you predict?

Thanks,
-drc
* I’ve purposefully ignored the geopolitical aspect of this here. In reality, I 
suspect there would be pressure for ‘entities’ to include countries, etc.

Re: The Reg does 240/4

2024-02-13 Thread William Herrin

On Tue, Feb 13, 2024 at 2:34 PM Christopher Hawker  wrote:
> Having [240/4] reclassified as unicast space is indeed much easier.

Hi Chris,

If I were spending my time on the effort, that's what I'd pursue. It's
a low-impact change with no reasonable counter-argument I've seen. As
you noted, half the vendors already treat it as unicast space anyway.

> With that, comes the argument - what about legacy hardware
> that vendors no longer support, or are out of warranty and no
> longer receive software updates?

What about legacy hardware that doesn't support CIDR? What about the
1990s Sparc Stations that don't have enough ram to run anything
vaguely like a modern web browser? You make the key standards change
(from reserved undefined use to reserved unicast use) and over time
varying potential uses for those unicast addresses become practical
despite the receding legacy equipment.

None of us has a crystal ball saying when IPv4 use will start to fall
off. It's entirely possible It'll still be going strong in 20 more
years. If so, and if 240/4 was defined as unicast now, it'll surely be
practical to use it by then.

Making the simple standards change also lets us debate the "best" use
of the addresses while the needed software change happens in parallel,
instead of holding up the software changes while we debate. Allocating
them to the RIRs isn't the only practical use of a new set of unicast
IP addresses. Other plausible uses include:

* More RFC1918 for large organizations.

* IXP addresses which only host routers, not the myriad servers and
end-user client software.

* ICMP unreachable source address block, for use by routers which need
to emit a destination unreachable message but do not have a global IP
address with which to do so.

* A block of designated private-interconnect addresses intended to be
used by off-internet networks using overlapping RFC1918 which
nevertheless need to interconnect.

Indeed, the only use for which we definitely -don't- need more IPv4
addresses is Multicast.

So, a rush to deploy 240/4 to RIRs is not really warranted.

Regards,
Bill Herrin

-- 
William Herrin
b...@herrin.us
https://bill.herrin.us/

Re: The Reg does 240/4

Hello John,

It'll only take "98 years" if we drag our feet. In practicality, I'm of the 
belief that the first prefix from 240/4 can be delegated in as little as 
optimistically 2 years, and conservatively 5 years.

Regards,
Christopher Hawker

From: NANOG  on behalf of John 
Levine 
Sent: Wednesday, February 14, 2024 8:26 AM
To: nanog@nanog.org 
Subject: Re: The Reg does 240/4

It appears that Lyndon Nerenberg (VE7TFX/VE6BBM)  said:
>And what are they going to do when 240/4 runs out?

That will be a hundred years from now, so who cares?

R's,
John

PS: I know this because it will take 98 years of process before the
RIRs can start allocating it.

Re: The Reg does 240/4

Per my original email, looking at current exhaustion rates in the APNIC service 
region, if we stuck to allocating space to new entities and maintained 
allocating a maximum of a /22 to networks, just 3 x /8 would last over 20 
years. This should be a more than sufficient timeframe for a much wider v6 
adoption and deployment.

Regards,
Christopher Hawker

From: NANOG  on behalf of Lyndon 
Nerenberg (VE7TFX/VE6BBM) 
Sent: Wednesday, February 14, 2024 7:42 AM
To: North American Operators' Group 
Subject: Re: The Reg does 240/4

And what are they going to do when 240/4 runs out?

Re: The Reg does 240/4

We understand that having 240/4 reclassified as public space for 
assignment/allocation by RIRs will take some time and we are not expecting it 
to happen overnight. Having it reclassified as unicast space is indeed much 
easier. The Linux kernel already supports this (thanks Dave Taht), Windows is a 
"Patch Tuesday" away, and many hardware vendors can enable support for 240/4 
with a minor firmware revision if they already do not.

With that, comes the argument - what about legacy hardware that vendors no 
longer support, or are out of warranty and no longer receive software updates? 
There are a few ways this could go, either network operators replace their 
equipment with equipment that supports this space (and grants allocated for 
organisations in LDCs who may have issues with funding equipment replacement) 
or hardware vendors release a special public firmware update that only 
addresses this change in routability which is exempt from support contract 
requirements (resulting in less equipment from being scrapped).

Regards,
Christopher Hawker

From: William Herrin 
Sent: Wednesday, February 14, 2024 3:43 AM
To: Christopher Hawker 
Cc: North American Operators' Group 
Subject: Re: The Reg does 240/4

On Tue, Feb 13, 2024 at 2:03 AM Christopher Hawker  wrote:
> [Note: I have cross-posted this reply to a thread from NANOG on
> AusNOG, SANOG and APNIC-Talk in order to invite more peers
> to engage in the discussion on their respective forums.]

Chris,

Do not cross-post lists. Many of the folks who want to discuss are
only subscribed to one of the lists and thus cannot post to the
others. This inevitably results in a disjoint and confusing set of
posts with replies to messages for which the originals didn't make it
to the local list. If you want to discuss something on multiple lists
with multiple audiences, start a separate discussion on each.

Honestly, how can you not know this. It's only been mailing list
etiquette for decades.

> we feel it is appropriate for this space to be reclassified as
> Unicast space available for delegation by IANA/PTI to RIRs
> on behalf of ICANN.

That is probably unrealistic. Getting 240/4 reclassified as unicast is
at least plausible. As you say, there's no residual value in
continuing to hold it in reserve. The opportunity cost has fallen near
zero. But before anybody with a clue is willing to see it allocated to
RIRs for general Internet use they'll want to see studies and
experiments which demonstrate that it's usable enough on the public
Internet to be usefully deployed there.

Regards,
Bill Herrin

--
William Herrin
b...@herrin.us
https://bill.herrin.us/

Re: The Reg does 240/4

Hi Tom,

We aren't trying to have a debate on this. All we can do is present our case, 
explain our reasons and hope that we can gain a consensus from the community.

I understand that some peers don't like the idea of this happening and yes we 
understand the technical work behind getting this across the line. It's easy 
enough for us to say "this will never happen" or to put it into the "too hard" 
basket, however, the one thing I can guarantee is that will never happen, if 
nothing is done.

Let's not think about ourselves for a moment, and think about the potential 
positive impact that this could bring.

Regards,
Christopher Hawker

From: Tom Beecher 
Sent: Wednesday, February 14, 2024 1:23 AM
To: Christopher Hawker 
Cc: North American Operators' Group ; aus...@lists.ausnog.net 
; Christopher Hawker via sanog ; 
apnic-t...@lists.apnic.net 
Subject: Re: The Reg does 240/4

Now, we know there's definitely going to be some pushback on this. This won't 
be easy to accomplish and it will take some time.

 It won't ever be 'accomplished' by trying to debate this in the media.

On Tue, Feb 13, 2024 at 5:05 AM Christopher Hawker 
mailto:ch...@thesysadmin.au>> wrote:
Hello all,

[Note: I have cross-posted this reply to a thread from NANOG on AusNOG, SANOG 
and APNIC-Talk in order to invite more peers to engage in the discussion on 
their respective forums.]

Just to shed some light on the article and our involvement...

Since September 1981, 240/4 has been reserved for future use, see 
https://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xhtml. 
This space has always been reserved for future use and given the global 
shortage of available space for new network operators we feel it is appropriate 
for this space to be reclassified as Unicast space available for delegation by 
IANA/PTI to RIRs on behalf of ICANN.

At present, the IP space currently available for RIRs to delegate to new 
members is minimal, if any at all. The primary goal of our call for change is 
to afford smaller players who are wanting to enter the industry the opportunity 
to do so without having to shell out the big dollars for space. Although I do 
not agree with IP space being treated as a commodity (as this was not what it 
was intended to be), those who can afford to purchase space may do so and those 
who cannot should be able to obtain space from their respective RIR without 
having to wait over a year in some cases just to obtain space. It's not 
intended to flood the market with resources that can be sold off to the highest 
bidder, and this can very well be a way for network operators to plan to 
properly roll out IPv6. At this point in time, the uptake and implementation of 
IPv6 is far too low (only 37% according to https://stats.labs.apnic.net/ipv6) 
for new networks to deploy IPv6 single-stack, meaning that we need to continue 
supporting IPv4 deployments.

The reallocation of IPv4 space marked as Future Use would not restrict or 
inhibit the deployment of IPv6, if anything, in our view it will help the 
deployment through allowing these networks to service a greater number of 
customers than what a single /24 v4 prefix will allow. Entire regions of an 
economy have the potential to be serviced by a single /23 IPv4 prefix when used 
in conjunction with IPv6 space.

Now, some have argued that we should not do anything with IPv4 and simply let 
it die out. IPv4 will be around for the foreseeable future and while it is, we 
need to allow new operators to continue deploying networks. It is unfair of us 
to say "Let's all move towards IPv6 and just let IPv4 die" however the reality 
of the situation is that while we continue to treat it as a commodity and allow 
v6 uptake to progress as slowly as it is, we need to continue supporting it v4. 
Some have also argued that networks use this space internally within their 
infrastructure. 240/4 was always marked as Reserved for Future Use and if 
network operators elect to squat on reserved space instead of electing to 
deploy v6 across their internal networks then that is an issue they need to 
resolve, and it should not affect how it is reallocated. It goes against the 
bottom-up approach of policy development by allowing larger network operators 
to state that this space cannot be made unicast because they are using it 
internally (even though it's not listed in RFC1918), and its reallocation would 
affect their networks.

In the APNIC region, there is a policy which only allows for a maximum of a /23 
IPv4 prefix to be allocated/assigned to new members and any more space required 
must be acquired through other means. If (as an example) APNIC were to receive 
3 x /8 prefixes from the 240/4 space this would allow for delegations to be 
made for approximately the next ~50 years whereas if policy was changed to 
allow for delegations up to and including a /22 this would extend the current 
pool by well over 20 years, based on current

Re: The Reg does 240/4

>
> PS: I know this because it will take 98 years of process before the
> RIRs can start allocating it.
>

Intense optimism detected!

On Tue, Feb 13, 2024 at 4:27 PM John Levine  wrote:

> It appears that Lyndon Nerenberg (VE7TFX/VE6BBM)  said:
> >And what are they going to do when 240/4 runs out?
>
> That will be a hundred years from now, so who cares?
>
> R's,
> John
>
> PS: I know this because it will take 98 years of process before the
> RIRs can start allocating it.
>
>
>
>

Re: The Reg does 240/4

2024-02-13 Thread John Levine

It appears that Lyndon Nerenberg (VE7TFX/VE6BBM)  said:
>And what are they going to do when 240/4 runs out?

That will be a hundred years from now, so who cares?

R's,
John

PS: I know this because it will take 98 years of process before the
RIRs can start allocating it.

Re: [External] Re: The Reg does 240/4




On 2/13/24 21:47, Hunter Fuller wrote:

On Tue, Feb 13, 2024 at 12:17 PM Bryan Holloway  wrote:

https://help.mikrotik.com/docs/display/ROS/Routing+Protocol+Overview

Ping across? Sure. Ok. But I wouldn't rely on it for anything critical.


Well that's certainly interesting.
You will not see me sticking up for MikroTik's documentation, ever. I
don't think the table reflects the reality of ROS 7, there's even a
note that "Routed traffic does not work to odd address" in one
version. I know that to be false, because, well, I do this in
production, and I suspect I would have noticed if the niche
functionality of "routing" suddenly stopped working.

Maybe this document refers to the literal configuration of a /31. But
I always configure them as point to points, as I mentioned before. But
there again, in the documentation, that ability is totally missing...
great.


I would 100% concur that Mikrotik documentation can be spotty.

That said, what you choose to do on your network is of course totally up 
to you.


Personally, I would not use MikroTik's /31 implementation in mine.

Re: [External] Re: The Reg does 240/4

2024-02-13 Thread Hunter Fuller via NANOG

On Tue, Feb 13, 2024 at 12:17 PM Bryan Holloway  wrote:
> https://help.mikrotik.com/docs/display/ROS/Routing+Protocol+Overview
>
> Ping across? Sure. Ok. But I wouldn't rely on it for anything critical.

Well that's certainly interesting.
You will not see me sticking up for MikroTik's documentation, ever. I
don't think the table reflects the reality of ROS 7, there's even a
note that "Routed traffic does not work to odd address" in one
version. I know that to be false, because, well, I do this in
production, and I suspect I would have noticed if the niche
functionality of "routing" suddenly stopped working.

Maybe this document refers to the literal configuration of a /31. But
I always configure them as point to points, as I mentioned before. But
there again, in the documentation, that ability is totally missing...
great.

-- 
Hunter Fuller (they)
Router Jockey
VBH M-1C
+1 256 824 5331

Office of Information Technology
The University of Alabama in Huntsville
Network Engineering

Re: The Reg does 240/4

2024-02-13 Thread Chris Adams

Once upon a time, richey goldberg  said:
> They support /31s and have for some time.   The trick we found is that the 
> Mikrotik has to be the higher numbered IP and network address has to be the 
> lower

I would not classify that as "support /31s" - that's "there's a
work-around that handles 50% of cases".  Can you have two Mikrotiks
connected to each other with a /31?  If not, they don't support using
/31s.

-- 
Chris Adams

Re: The Reg does 240/4

2024-02-13 Thread Lyndon Nerenberg (VE7TFX/VE6BBM)

And what are they going to do when 240/4 runs out?

Re: The Reg does 240/4

2024-02-13 Thread richey goldberg

They support /31s and have for some time.   The trick we found is that the 
Mikrotik has to be the higher numbered IP and network address has to be the 
lower

add address=x.x.x.61/31 interface=ether1--dia network=x.x.x.60

Then point your default route at the lower numbered IP in the /31.

-richey

From: NANOG  on behalf of 
Bryan Holloway 
Date: Tuesday, February 13, 2024 at 11:05 AM
To: NANOG list 
Subject: Re: The Reg does 240/4
Let me know when they support /31s.

On 2/13/24 08:07, Dave Taht wrote:
> And routerOS is one of
> the more up to date platforms.

RE: The Reg does 240/4

2024-02-13 Thread Tony Wicks

I use a CCR2004 at home as it's one of the only devices that could handle
the 4Gb/s XGS-PON on pppoe. I've got an IPoE GPON (1000/500) failover, v4/v6
dual stack everywhere, incoming vpn and ipsec tunnels to other MT's and it
run's great. The only problem I have run into is if you run the 10G ports at
2.5G the buffering is a complete bust, so I have had to put cheap
10G/2.5G/1G switches in between the MT and 2.5G clients to achieve proper
performance. Oh, and some custom cooling fans as it gets a bit noisy once
the 10GBASET SFP's heat things up.

-Original Message-
From: NANOG  On Behalf Of Tim Howe
Sent: Wednesday, February 14, 2024 6:05 AM
To: nanog@nanog.org
Subject: Re: The Reg does 240/4

That's very disappointing.

I acquired a Mikrotik L009 router to play with recently, and it's been one
let-down after another; now this.

--TimH

Re: The Reg does 240/4

2024-02-13 Thread Tim Howe

That's disappointing.

Thanks for the info.  What a strange thing to not support.

--TimH

On Tue, 13 Feb 2024 19:17:03 +0100
Bryan Holloway  wrote:

> Folks have been known to kludge around it, but it is not officially 
> supported by ROS, not even in v7. To wit:
> 
> https://help.mikrotik.com/docs/display/ROS/Routing+Protocol+Overview
> 
> Ping across? Sure. Ok. But I wouldn't rely on it for anything critical.
> 
> Caveat emptor.
> 
> 
> On 2/13/24 18:43, Tim Howe wrote:
> > So, just FYI, we just tested a /31 on Eth1 of the L009 and it
> > seems to work fine(?)
> > 
> > --TimH
> > 
> > On Tue, 13 Feb 2024 09:04:50 -0800
> > Tim Howe  wrote:
> >   
> >> That's very disappointing.
> >>
> >> I acquired a Mikrotik L009 router to play with recently, and it's been one
> >> let-down after another; now this.
> >>
> >> --TimH
> >>
> >> On Tue, 13 Feb 2024 17:04:45 +0100
> >> Bryan Holloway  wrote:
> >>  
> >>> Let me know when they support /31s.
> >>>
> >>>
> >>> On 2/13/24 08:07, Dave Taht wrote:  
>  And routerOS is one of
>  the more up to date platforms.  
> >

Re: The Reg does 240/4

Folks have been known to kludge around it, but it is not officially 
supported by ROS, not even in v7. To wit:


https://help.mikrotik.com/docs/display/ROS/Routing+Protocol+Overview

Ping across? Sure. Ok. But I wouldn't rely on it for anything critical.

Caveat emptor.


On 2/13/24 18:43, Tim Howe wrote:

So, just FYI, we just tested a /31 on Eth1 of the L009 and it
seems to work fine(?)

--TimH

On Tue, 13 Feb 2024 09:04:50 -0800
Tim Howe  wrote:


That's very disappointing.

I acquired a Mikrotik L009 router to play with recently, and it's been one
let-down after another; now this.

--TimH

On Tue, 13 Feb 2024 17:04:45 +0100
Bryan Holloway  wrote:


Let me know when they support /31s.


On 2/13/24 08:07, Dave Taht wrote:

And routerOS is one of
the more up to date platforms.

Re: The Reg does 240/4

2024-02-13 Thread Tim Howe

So, just FYI, we just tested a /31 on Eth1 of the L009 and it
seems to work fine(?)

--TimH

On Tue, 13 Feb 2024 09:04:50 -0800
Tim Howe  wrote:

> That's very disappointing.
> 
> I acquired a Mikrotik L009 router to play with recently, and it's been one
> let-down after another; now this.
> 
> --TimH
> 
> On Tue, 13 Feb 2024 17:04:45 +0100
> Bryan Holloway  wrote:
> 
> > Let me know when they support /31s.
> > 
> > 
> > On 2/13/24 08:07, Dave Taht wrote:  
> > > And routerOS is one of
> > > the more up to date platforms.

Re: jaguar network contact?

Probably should've been clearer ... this is jaguar network AS30781 in 
France.


(Thank you to those who have already reached out!)

Apologies for the noise ...


On 2/13/24 18:05, Bryan Holloway wrote:
If anyone here is lurking from Jaguar Network, could you reach out to me 
off-list, please?


I think you're blocking at least one, possibly more of our subnets.

Thank you!
     - bryan

Re: [External] Re: The Reg does 240/4

2024-02-13 Thread Hunter Fuller via NANOG

On Tue, Feb 13, 2024 at 10:05 AM Bryan Holloway  wrote:
> Let me know when they support /31s.

A /31 is configured in RouterOS as a point-to-point interface. You put
your IP in the "address" field and their IP in the "network" field.

That's how I've been doing it since I started using RouterOS in 2014.
I can't speak to versions that predate that.

HTH

Re: The Reg does 240/4

2024-02-13 Thread Ryan Hamel

Tim,

How is that Mikrotik a let down?

Ryan

From: NANOG  on behalf of Tim Howe 

Sent: Tuesday, February 13, 2024 12:04:50 PM
To: nanog@nanog.org 
Subject: Re: The Reg does 240/4

Caution: This is an external email and may be malicious. Please take care when 
clicking links or opening attachments.

That's very disappointing.

I acquired a Mikrotik L009 router to play with recently, and it's been one
let-down after another; now this.

--TimH

On Tue, 13 Feb 2024 17:04:45 +0100
Bryan Holloway  wrote:

> Let me know when they support /31s.
>
>
> On 2/13/24 08:07, Dave Taht wrote:
> > And routerOS is one of
> > the more up to date platforms.

jaguar network contact?

If anyone here is lurking from Jaguar Network, could you reach out to me 
off-list, please?


I think you're blocking at least one, possibly more of our subnets.

Thank you!
- bryan

Re: The Reg does 240/4

2024-02-13 Thread Tim Howe

That's very disappointing.

I acquired a Mikrotik L009 router to play with recently, and it's been one
let-down after another; now this.

--TimH

On Tue, 13 Feb 2024 17:04:45 +0100
Bryan Holloway  wrote:

> Let me know when they support /31s.
> 
> 
> On 2/13/24 08:07, Dave Taht wrote:
> > And routerOS is one of
> > the more up to date platforms.

Re: The Reg does 240/4

2024-02-13 Thread William Herrin

On Tue, Feb 13, 2024 at 2:03 AM Christopher Hawker  wrote:
> [Note: I have cross-posted this reply to a thread from NANOG on
> AusNOG, SANOG and APNIC-Talk in order to invite more peers
> to engage in the discussion on their respective forums.]

Chris,

Do not cross-post lists. Many of the folks who want to discuss are
only subscribed to one of the lists and thus cannot post to the
others. This inevitably results in a disjoint and confusing set of
posts with replies to messages for which the originals didn't make it
to the local list. If you want to discuss something on multiple lists
with multiple audiences, start a separate discussion on each.

Honestly, how can you not know this. It's only been mailing list
etiquette for decades.

> we feel it is appropriate for this space to be reclassified as
> Unicast space available for delegation by IANA/PTI to RIRs
> on behalf of ICANN.

That is probably unrealistic. Getting 240/4 reclassified as unicast is
at least plausible. As you say, there's no residual value in
continuing to hold it in reserve. The opportunity cost has fallen near
zero. But before anybody with a clue is willing to see it allocated to
RIRs for general Internet use they'll want to see studies and
experiments which demonstrate that it's usable enough on the public
Internet to be usefully deployed there.

Regards,
Bill Herrin

-- 
William Herrin
b...@herrin.us
https://bill.herrin.us/

Any AI or Data Science Projects?

2024-02-13 Thread Adrian Bolster

Hi everyone,
I am a masters student of Artificial Intelligence and Data Science at the 
University of Hull and I am in need of a suitable project for my final semester.
Prior to studying I was heavily involved in the formation and building of an 
ISP network in my local area. We built out to approximately 15k customers using 
a mix of wireless and fibre before selling the business to a competitor in 
2022. I am still very interested in all things Internet and would very much 
like a project within this sector.
If anyone has any requirements or any ideas then please do not hesitate to 
contact me off list.

Many thanks,

Adrian.
Sent from my iPhone

Re: The Reg does 240/4


Let me know when they support /31s.


On 2/13/24 08:07, Dave Taht wrote:

And routerOS is one of
the more up to date platforms.

Re: The Reg does 240/4

2024-02-13 Thread Stephen Satchell


On 2/12/24 11:07 PM, Dave Taht wrote:

if I could use the controversy to talk to why it has been so hard to
deploy ipv6 to the edge and how to fix that problem instead rather
than triggering people, it would be helpful.


1.  My provider, AT, keeps saying "we don't support IPv6."  I've 
written about my years-long effort to get my web server to speak IPv6 
over AT fiber.  I finally broke through when I was forced to upgrade 
to business service, and started receiving a better grade of technical 
support.


2.  I have a DNS  record for my web server.  Looking at yesterday's 
access log for SSL, I've had exactly five (5) accesses from two IPv6 
addresses.  Earlier in the month, I found a couple of search engines 
found the IPv6 side of the web server.


3.  I cannot obtain a PTR record for IPv6, so the mail server is a no-go 
because I won't be able to accomplish the minimum effort required for 
major players to recognize my mail server as valid.  My mail server is, 
except for port 25, LAN only.  Haven't run into any IPv6-only mail 
servers, based on the logs.


4.  My new IPv6-aware edge router firewall is in development.  This 
firewall, using NFT, will still NAT uplink IPv4 connections. It will not 
forward new connections from WAN to LAN over a defined subnet of IPv6; 
equipment on the LAN will be assigned IPv6 addresses from that subnet. 
Frankly, I'm not fast-tracking this work because I don't feel blocked by 
not having IPv6 connectivity.


It feels like IPv6 has Second Product Syndrome, where everything but the 
kitchen sink was thrown into it.

Re: Microwave Service- Oberkrämer, Germany

2024-02-13 Thread Karsten Thomann via NANOG

Hi,

I'm not sure if DTAG is still doing microwave, but as it is near Berlin you 
could ask Plusnet (plusnet.de) if they already have coverage in that area or 
are willing to install microwave hardware in a nearby tower.
If you have trouble getting in touch let me know and I will try to contact some 
people I know there.

Kind regards
Karsten



Am 13. Feb. 2024, 15:45, um 15:45, Robert DeVita  
schrieb:
>I am looking for a microwave point to point provider in Oberkrämer,
>Germany.
>
>Any suggestions? This is for 1 gig of internet access.
>
>Thanks
>
>
>[cid:image001.jpg@01DA5E58.DCC39870]
>Robert DeVita
>CEO and Founder
>t: (469) 581-2160
> |
>m: (469) 441-8864
>e: radev...@mejeticks.com
> |
>w: mejeticks.com
>a:
>2323 N Akard Street
>,
>Dallas
>,
>75201
>[cid:image002.png@01DA5E58.DCC39870]
>[cid:image003.png@01DA5E58.DCC39870]
>[cid:image004.png@01DA5E58.DCC39870]
>[cid:image005.png@01DA5E58.DCC39870]

Microwave Service- Oberkrämer, Germany

2024-02-13 Thread Robert DeVita

I am looking for a microwave point to point provider in Oberkrämer, Germany.

Any suggestions? This is for 1 gig of internet access.

Thanks


[cid:image001.jpg@01DA5E58.DCC39870]
Robert DeVita
CEO and Founder
t: (469) 581-2160
 |
m: (469) 441-8864
e: radev...@mejeticks.com
 |
w: mejeticks.com
a:
2323 N Akard Street
,
Dallas
,
75201
[cid:image002.png@01DA5E58.DCC39870]
[cid:image003.png@01DA5E58.DCC39870]
[cid:image004.png@01DA5E58.DCC39870]
[cid:image005.png@01DA5E58.DCC39870]

Re: The Reg does 240/4

>
> Now, we know there's definitely going to be some pushback on this. This
> won't be easy to accomplish and it will take some time.


 It won't ever be 'accomplished' by trying to debate this in the media.

On Tue, Feb 13, 2024 at 5:05 AM Christopher Hawker 
wrote:

> Hello all,
>
> [Note: I have cross-posted this reply to a thread from NANOG on AusNOG,
> SANOG and APNIC-Talk in order to invite more peers to engage in the
> discussion on their respective forums.]
>
> Just to shed some light on the article and our involvement...
>
> Since September 1981, 240/4 has been reserved for future use, see
> https://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xhtml.
> This space has always been reserved for future use and given the global
> shortage of available space for new network operators we feel it is
> appropriate for this space to be reclassified as Unicast space available
> for delegation by IANA/PTI to RIRs on behalf of ICANN.
>
> At present, the IP space currently available for RIRs to delegate to new
> members is minimal, if any at all. The primary goal of our call for change
> is to afford smaller players who are wanting to enter the industry the
> opportunity to do so without having to shell out the big dollars for space.
> Although I do not agree with IP space being treated as a commodity (as this
> was not what it was intended to be), those who can afford to purchase space
> may do so and those who cannot should be able to obtain space from their
> respective RIR without having to wait over a year in some cases just to
> obtain space. It's not intended to flood the market with resources that can
> be sold off to the highest bidder, and this can very well be a way for
> network operators to plan to properly roll out IPv6. At this point in time,
> the uptake and implementation of IPv6 is far too low (only 37% according to
> https://stats.labs.apnic.net/ipv6) for new networks to deploy IPv6
> single-stack, meaning that we need to continue supporting IPv4 deployments.
>
> The reallocation of IPv4 space marked as Future Use would not restrict or
> inhibit the deployment of IPv6, if anything, in our view it will help the
> deployment through allowing these networks to service a greater number of
> customers than what a single /24 v4 prefix will allow. Entire regions of an
> economy have the potential to be serviced by a single /23 IPv4 prefix when
> used in conjunction with IPv6 space.
>
> Now, some have argued that we should not do anything with IPv4 and simply
> let it die out. IPv4 will be around for the foreseeable future and while it
> is, we need to allow new operators to continue deploying networks. It is
> unfair of us to say "Let's all move towards IPv6 and just let IPv4 die"
> however the reality of the situation is that while we continue to treat it
> as a commodity and allow v6 uptake to progress as slowly as it is, we need
> to continue supporting it v4. Some have also argued that networks use this
> space internally within their infrastructure. 240/4 was always marked as
> Reserved for Future Use and if network operators elect to squat on reserved
> space instead of electing to deploy v6 across their internal networks then
> that is an issue they need to resolve, and it should not affect how it is
> reallocated. It goes against the bottom-up approach of policy development
> by allowing larger network operators to state that this space cannot be
> made unicast because they are using it internally (even though it's not
> listed in RFC1918), and its reallocation would affect their networks.
>
> In the APNIC region, there is a policy which only allows for a maximum of
> a /23 IPv4 prefix to be allocated/assigned to new members and any more
> space required must be acquired through other means. If (as an example)
> APNIC were to receive 3 x /8 prefixes from the 240/4 space this would allow
> for delegations to be made for approximately the next ~50 years whereas if
> policy was changed to allow for delegations up to and including a /22 this
> would extend the current pool by well over 20 years, based on current
> exhaustion rates and allowing for pool levels to return to pre-2010 levels.
>
> Now, we know there's definitely going to be some pushback on this. This
> won't be easy to accomplish and it will take some time. However, if we do
> nothing then nothing will happen. The currently available pool has reached
> severe exhaustion levels yet we have a block representing about 6% of the
> total possible IP space which may not seem like a lot yet it can go a long
> way.
>
> This call for change is not about making space available for existing
> networks. It is about new networks emerging into and on the internet. While
> we do work towards IPv6 being the primary addressing method we need to
> continue allow those who may not be able to deploy IPv6 to connect to the
> internet.
>
> Regards,
> Christopher Hawker
>
> --
> *From:* NANOG  on behalf of
>

Re: IRRD & exceptions to RPKI-filtering

2024-02-13 Thread Geoff Huston

> On 12 Feb 2024, at 6:01 pm, Richard Laager  wrote:
> 
> On 2024-02-12 15:18, Job Snijders via NANOG wrote:
>> On Mon, Feb 12, 2024 at 04:07:52PM -0500, Geoff Huston wrote:
>>> I was making an observation that the presentation material was
>>> referring to "RPKI-Invalid" while their implementation was using
>>> "ROA-Invalid" There is a difference between these two terms, as I'm
>>> sure you're aware.
> 
> I'm sure Job is aware, but I'm not. Anyone want to teach me the difference?

this is _my_ take:

If the crypto leads to a validation failure (expired certificates, signature 
mismatch in the 
validation chain, number resource extension mismatch in the validation path, or 
similar
then the X.509 certificate cannot be validated against a trust anchor and the 
object
(a ROA in this case) is "RPKI-Invalid". RPKI validators discard such objects 
from
consideration as they cannot convey any useful information.

"ROA-Invalid" starts with a route object, not a ROA, and compares the route
against the locally assembled collection of RPKI-valid ROAs. If it can find a 
RPKI-valid 
ROA that matches the route object then its "ROA-valid". If if can only find 
valid
RPKI objects that match the prefix part of e ROA, but not the origin AS, or its 
a
more specific prefix of a RPKI-valid ROA, then its "ROA-invalid". If no such 
match
is found, then the route is "ROA-unknown"

The distinction being made is:

"RPKI-invalid" refers to a crypto object and the ability of a local party (a 
"relying 
party") to confirm its crypto-validity against a locally selected trust anchor 
(or set of
trust anchors).

"ROA-invalid" refers to a route object and a collection of RPKI-valid ROAs
that have been assembled by an observer and refers to the outcome
of the observer testing this route against this locally assembled collection of 
ROAs.

Geoff

Re: The Reg does 240/4