[address-policy-wg] 2013-06 New Policy Proposal (PA/PI Unification IPv6 Address Space)
- Previous message (by thread): [address-policy-wg] 2013-06 New Policy Proposal (PA/PI Unification IPv6 Address Space)
- Next message (by thread): [address-policy-wg] 2013-06 New Policy Proposal (PA/PI Unification IPv6 Address Space)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Dan Luedtke
maildanrl at gmail.com
Tue Nov 19 16:06:06 CET 2013
Tore Anderson wrote: > Being a data centre operator and LIR, I believe I cannot > currently make an IPv6 PA assignment to a customer of mine who wants to > run a cloud service where their customers can rent virtual servers in > turn. (A customer of theirs may in turn run some sort of web hotel for > another set of customers on those VMs, and so on and so on.) This is a typical situation the policies do not address well. Optional example: I have one IPv6 PI and I would love to become a RIPE member which I can not afford since I run a non-profit network targeted at network beginners. The policies gave me more than one headache and are the reason why I joined this wg in the first place. AFAIK the only way to go is by deciding which policy violation is less harmful. And that is bad. If an e.g. /56 would be treated like a single IPv4 address is today the solution would be "the loophole" (see quote above). As soon as I give /64 to a single VM to isolate it from other VMs and I am not the "owner" of the VM I will get into policy trouble because I just sub-allocated a portion of my PI space. Since I regularly deal with networking beginners and their VMs it would be fine to isolate them a bit more. Instead it looks like this: Multiple VMs share a link and a VM's interface gets as many addresses from that subnet as required, not more and not less, still seeing other VMs in the neighbor cache. On Tue, Oct 29, 2013 at 4:23 PM, Daniel Stolpe <stolpe at resilans.se> wrote: > > > On Sun, 27 Oct 2013, Roger Jørgensen wrote: > >> Erik Bais's mail touch what is probably the only real difference >> between PI and PA, and our core problem: >> >>> From Erik Bais's post on this thread: >> >> "Having garage-style 'hosters' do assignments, just because they can while >> using PI IPv6 space, is against the policy, however removing that >> distinction between PI and PA for v6 and allowing sub-assignments from PI >> space will basically open the door in the near future for cheap resources, >> without being an LIR. That will have an impact on the number of members >> the >> NCC will have once we are beyond the v4 era ... And less members will >> result >> in a high fee per member." >> >> >> Isn't this really about what is the difference between being a member and >> not? >> It would be nice to get ride of the PI and PA, and at the same time >> keeping the difference between member (LIR) and none member (no-LIR). > > > Well, there has to be some benefits for the members, hasn't it? At the same > time, what says RIPE has to have 10.000 members? Or 130 employees? And the > current policy looks very much like a membership boosting construction: just > sign up, pay the bill and get a /29 (compaired to ask a member to apply for > a /48 with very restricted use and make life really hard if you ever want > anything more). > > What makes us think that PA holders/members are always responsible while PI > holders/non-members are completely not trustworthy? > > I would prefer policies to apply for addresses (let's say, thou shalt not > assign less than a /xx to an yy) rather than the role play of today. > > > Best Regards, > > Daniel Stolpe > > _________________________________________________________________________________ > Daniel Stolpe Tel: 08 - 688 11 81 > stolpe at resilans.se > Resilans AB Fax: 08 - 55 00 21 63 > http://www.resilans.se/ > Box 13 054 > 556741-1193 > 103 02 Stockholm -- Dan Luedtke http://www.danrl.de
- Previous message (by thread): [address-policy-wg] 2013-06 New Policy Proposal (PA/PI Unification IPv6 Address Space)
- Next message (by thread): [address-policy-wg] 2013-06 New Policy Proposal (PA/PI Unification IPv6 Address Space)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]