RIPE 79 Address Policy Working Group Minutes

RIPE Meeting RIPE 79
Working Group Address Policy
Status Draft

Chairs: Gert Doering, Erik Bais
Scribe: Antony Gollan

A. Administrative Matters

Gert welcomed attendees, noting that they had moved the presentation from Remco forward to the first slot.

There were no other changes to the agenda and the minutes from RIPE 78 were adopted without comment.

B. Presentation of the NRO NC Candidates

The working group heard candidate statements from Filiz Yilmaz and Stefan Nikolov.

C. Panel Discussion on "IPv4 Effects After RIPE NCC Run-out"

A panel discussed the effects of IPv4 run-out.

F.2 2019-07 Default Assignment Size for IXPs

- Remco van Mook

This presentation is available at:
https://ripe79.ripe.net/presentations/66-66-2019-07.pdf

Wolfgang Tremmel, DE-CIX, said he had an issue with the wording, which said that if an IXP required a larger assignment, it had to return its existing one. He asked how an IXP could return an assignment if it didn't already have one. He also asked what happened if an IXP had to return an assignment it was using on a different exchange.

Remco said if the IXP didn't have addresses, it couldn’t return them and so this didn't apply. He added that the assignment was on a per-IXP basis rather than a per-organisation basis.

Gert added that this could be clarified if they did a second version of the proposal.

Nick Hilliard, INEX, said they had grown over time - from a /27 to a /25, and now they had a /23. Each time involved re-numbering, and this was a gigantic headache. There was no reason to think that having a smaller allocation size than a /24 would make the pool last much longer. A /24 assignment size would allow for 512 IXP assignments – and given the number of IXPs in their service region, this should effectively last them indefinitely. He couldn't see a compelling reason to drop the minimum assignment size to a /27, given all of the headaches this would involve.

Erik asked Nick to make sure he posted this to the mailing list.

Fredy Kuenzler, Init7, said renumbering was always a pain and involved losing a bunch of peers. He suggested that if the proposal was to go through, the remaining /24 from the /27 must be reserved for that IXP so at least it wouldn't need to renumber when it moved to a larger assignment. In general, he supported what Nick said.

Remco said, as they were going back to the old days of needs-based allocations, they might remember a thing called "sparse allocation" where instead of sequentially handing out blocks, you handed them out with maximum growth potential. He hadn't thought to write this into the policy, as this was how the RIPE NCC was doing needs-based allocation when that was still a thing.

Chris Woodfield, Salesforce / ARIN AC, asked if there might be a better match between reclaimed address space and IXP allocations. He suggested they consider adding recovered addresses to this pool.

Remco said the IXP community had just gotten its hands on a fresh /16 so there was no immediate issue. He added that he understood the RIPE NCC was receiving something like 1,000 /24s per year - which might be a bit excessive.

Mikael Abrahamsson, NTT, agreed with Nick and said that if they were going to be needs-based, they would need a tiered approach so IXPs could get a larger space when they were bumped-up and wouldn't need to renumber again.

Jordi Palet Martinez, The IPv6 Company, agreed with Nick and suggested as a compromise they use a four-year window for needs.

Remco said a two-year restriction was already a bit of fiction and making it four years would not make it any better.

End of first session.

 

D. Current Policy Topics

- Marco Schmidt, Policy Development Officer, RIPE NCC

This presentation is available here:
https://ripe79.ripe.net/presentations/70-70-RIPE-79-Current-Policy-Topics_final.pdf

Erik referred to Marco's slide on inter-RIR transfers and noted that there was currently a needs-based assessment between ARIN, APNIC and the RIPE NCC. He asked how this would be implemented for the recent inter-RIR policy in the LACNIC region (between RIPE and LACNIC, for instance).

Jordi said he was the author of the LACNIC proposal. He noted that it had reached consensus and LACNIC staff had presented on the difficulty of the implementation at its meeting last week in Panama. They had said it would be implemented by July next year. He said he had made the policy symmetrical with what they had in RIPE, ARIN and APNIC so they wouldn't have problems with these transfers.

Jordi also clarified that they hadn't abandoned the BGP hijacking proposal - this was simply because LACNIC's process didn't allow them to indicate that a proposal was on "stand-by" on their website.

Chris Woodfield, ARIN AC, said he wanted to provide some more information about what had happened with the ARIN waiting list. The suspension had been lifted and ARIN was now allocating returned resources again. They had made policy changes through the emergency PDP process that dramatically changed the rules and allocation sizes - now you could only get a /22, you couldn't apply if you had already received a /20 or greater, and you had to wait five years before you could transfer addresses you had received from the waiting list. Now that these changes had been made, they were continuing to make smaller changes and tweaks through the regular PDP.

Marco thanked Chris for the summary. He noted there had been a lot of activity in their community recently.

Chris added that the entity that had manipulated the policy in this way had been indicted by the US Department of Justice.

Marco said that he was leaving his role as Policy Development Officer and would continue to serve the community in the role of Assistant Manager of Registration Services and Policy Development Office. He said Petrit Hasani would take over the PDO role.

The chairs and the rest of the WG thanked Marco for his support over the years.

E. Feedback from RIPE NCC Registration Services

- Nikolas Pediaditis, RIPE NCC

This presentation is available here:
https://ripe79.ripe.net/wp-content/uploads/presentations/77-RS_Feedback_RIPE79-1.pdf

IPv4 run-out

Randy Bush, IIJ, asked if they considered doing quality tests on addresses that were in quarantine (such as making sure they were not on any blacklists). He understood that the RIPE NCC might not want to put a "stamp" on the address space for legal reasons, but they might want to put a delay on some address space and sort by quality.

Nikolas said this was something they were already doing on an ad hoc basis and was something they were considering, to see if they could provide this as a service for their members.

Out-of-region LIRs

Erik asked if they still had many new LIRs registering from the Seychelles or other tax haven countries that were making it hard to distinguish who was behind those corporations. He said this was probably a bigger misuse than a US entity that actually had network elements in the RIPE NCC's service region.

Nikolas said they still received these applications. In response they had strengthened their due diligence checks and were stricter – they only proceeded when they could verify this information. This was tricky, as they had to balance between being reasonable and verifying. He said it was not only from those regions - they had a lot of requests from the US, China and Hong Kong – often to get PI resources as well. For many of these countries they could go to the online registry to find this information.

Erik asked about the due diligence they were doing. A couple of slides back, Nikolas had stated there had been incidents where the "active element" tick-box had been checked, and this had led to termination of memberships and sponsorships. He asked if this was due to the RIPE NCC’s ARCs discovering this, or due to separate investigations based on information that had been provided to the RIPE NCC.

Nikolas said it was both cases, but most often it was during an IPv4 or IPv6 request. In their membership application process, LIRs were asked to confirm that they had a network element in the RIPE NCC service region. Later, when asked to prove this, they supplied fabricated documents such as fake invoices from data centres and the RIPE NCC terminated their memberships when these were discovered.

Jordi said he was not a member RIPE or any RIR – but he was working on policies in all five regions. He had a feeling that RIPE was the cheapest and most flexible and sometimes this meant the easiest to cheat. He didn’t have an opinion on this, but he had a feeling that RIPE was too relaxed.

Nikolas said this was the feedback they wanted to get from the community and from their members, in this case how strict they wanted the RIPE NCC to be. To respond to Jordi’s question – sometimes you won something, but you lost something else. The community had given them directions and they were following them, and it was a balance.

Erik asked if this was something they should discuss in the GM or in the WG.

Nikolas said this might be a good topic for the GM.

Randy said that due to ARIN policies and their massive legacy space, there were sometimes transfers from ARIN to RIPE because people could generate an RPKI certificate for that space in the RIPE region. He didn’t think they should discourage this – refugees did need a home.

Nikolas said they recognised this was a valid case and they understood that networks were global. But they were seeing many people trying to game the system and were wondering what they should do here.

Gert said it would be interesting to watch this space and whether they might be more loose on the IPv6 policy once the incentives to grab IPv4 were gone. He agreed with Randy that having the option was good, but they should probably go after abuse.

Nikolas said the main question was what the RIPE NCC should do if they allocated an IP block and a month later saw it was not being used in their region at all. They wanted to know what the community thought they should do in these cases – whether this came from the WG or the GM.

F. Discussion of Open Policy Proposals

F.1 2019-06 Multiple Editorial Changes in IPv6 Policy

- Jordi Palet Martinez

This presentation is available here:
https://ripe79.ripe.net/presentations/76-ripe79-2019-06v1.pdf

Lee Howard, IPv4.Global, asked if the bullet points were an “and” or an “or”.

Jordi said this was a good question. He thought it was an “or” and he would take the opportunity to clarify this.

Lee asked if Jordi wanted him to clarify this in the three other RIR venues or if he could trust that Jordi would handle this.

Gert said they had the discussion about whether the ISP had to provide transit, and there it was again – so it would be good to clarify this. He said End Site had been in the policy forever but there had never been a reasonable definition, so it would be good to tackle this.

Gert said what he heard from the mailing list was that Jordi was definitely on the right track with this.

Jordi said one final note was that he had skipped one of the slides, but he just wanted to mention that it had been changed in one of the regions and at the last APNIC meeting he had done the same changes which had been ratified.

Gert said of course he would make his usual comment that they did what worked for them as a community and not what other regions did.

Y. Open Policy Hour

Z. AOB

Juri Bogdanov, IP4Market, said he wanted to bring up for discussion the issue of maintaining PI objects as LIRs. In the past years, there had been many cases about PI objects and how to maintain them directly - what to check and how to do due diligence. He said there were a lot of cases where the RIPE NCC and LIRs disagreed.

Gert clarified with Juri that this was about contractual obligations. He asked if Juri wanted to build something like a list of answers to common questions.

Gert said this sounded like a useful exercise. He wasn't sure what forum they could use for this.

Nikolas said that for now, he could say that they were here all week and happy to meet with anyone to talk about these questions. An FAQ seemed like something they could prepare to explain the various obligations.

Randy said that we wanted to remind that today was the twenty-first anniversary of John Postel's death.

Erik said during the panel there was a discussion about temporary transfers. He said it seemed that the RIPE NCC's current approach was due to operational reasons. They needed to check if this was a procedure they could change to make it more flexible, and if this was desirable, perhaps this was something they could pursue and provide the information on the mailing list - perhaps in Berlin.

Gert said they didn't do action items anymore, but they would note that this was something for Erik to follow-up with the RIPE NCC and report back on.

End of second session.

RIPE Forum

The RIPE Forum is an additional way to participate in RIPE community mailing list discussions using a web-based interface rather than an email client.

Check out the forum