ARIN IP6 policy for those with legacy IP4 Space

> Put less tersely:
>
> We were assigned space, under a policy whose purpose was primarily to
> guarantee uniqueness in IPv4 numbering. As with other legacy holders,
> we obtained portable space to avoid the technical problems associated
> with renumbering, problems with in-addr.arpa subdelegation, etc.

So far, correct.

> Part of that was an understanding that the space was ours (let's not
> get distracted by any "ownership" debate, but just agree for the sake
> of this point that it was definitely understood that we'd possess it).
> This served the good of the Internet by promoting stability within an
> AS and allowed us to spend engineering time on finer points (such as
> maintaining PTR's) rather than renumbering gear every time we changed
> upstreams.
>
This is fictitious unless you are claiming that your allocation predates:

RFC2050 November, 1996
RFC1466 May, 1993
RFC1174 August, 1990

Prior to that, it was less clear, but, the concept was still generally
justified need so long as that need persisted.

Which ours does.

> Eventually InterNIC was disbanded, and components went in various
> directions. ARIN landed the numbering assignment portion of InterNIC.
> Along with that, maintenance of the legacy resources drifted along to
> ARIN.

Actually, ARIN was spun off from InterNIC (containing most of the same
staff that had been doing the job at InterNIC) well before InterNIC was
disbanded.

Is there an effective difference or are you just quibbling? For the
purposes of this discussion, I submit my description was suitable to
describe what happened.

> ARIN might not have a contract with us, or with other legacy holders.
> It wasn't our choice for ARIN to be tasked with holding up InterNIC's
> end of things. However, it's likely that they've concluded that they
> better do so, because if they don't, it'll probably turn into a costly
> legal battle on many fronts, and I doubt ARIN has the budget for that.

This is going to be one of those situations that could become a
legal battle on many fronts either way. On the one hand you have
legacy holders who have no contractual right to services from
anyone (If you want to pursue InterNIC for failing to live up to
whatever agreement you have/had with them, I wish you the
very best of luck in that endeavor, especially since you don't
have a written contract from them, either).

On the other hand, in a relatively short timeframe, you are likely
to have litigants asking why ARIN has failed to reclaim/reuse
the underutilized IPv4 space sitting in so many legacy registrations.

Which of those two bodies of litigants is larger or better funded
is left as an exercise for the reader. Nonetheless, ARIN is
going to be in an interesting position between those two
groups (which one is rock and which is hard place is also
left as an exercise for the reader) going forward regardless
of what action is taken by ARIN in this area.

That is why the legacy RSA is important. It represents ARIN
trying very hard to codify and defend the rights of the legacy
holders.

Yes, but according to the statistics provided by Mr. Curran, it looks
like few legacy space holders are actually adopting the LRSA.

Like many tech people, you seem to believe that the absence of a
"contract" means that there's no responsibility, and that InterNIC's
having been disbanded absolves ARIN from responsibility. In the real
world, things are not so simple. The courts have much experience at
looking at real world situations and determining what should happen.
These outcomes are not always predictable and frequently don't seem to
have obvious results, but they're generally expensive fights.

> As a legacy holder, we don't really care who is currently "responsible"
> for legacy maintenance/etc. However, whoever it is, if they're not
> going to take on those responsibilities, that's a problem.

You assume that anyone is currently responsible. What documentation
do you have that there is any such responsibility?

As a point in fact, ARIN has, for the good of the community, extended
the courtesy of maintaining those records and providing services
to legacy holders free of charge because it is perceived as being
in the best interests of the community.

That's only one possible interpretation. A court might well reach a more
general conclusion that ARIN is the successor to InterNIC, and has agreed
to honor legacy registrations. That'd be inconvenient for ARIN, but is a
very reasonable possible outcome.

> The previous poster asked, "If you don't have a contract with ARIN,
> why should ARIN provide you with anything?"
>
> Well, the flip side to that is, "ARIN doesn't have a contract with us,
> but we still have copies of the InterNIC policies under which we were
> assigned space, and ARIN undertook those duties, so ARIN is actually
> the one with significant worries if they were to try to pull anything,
> otherwise, we don't really care."

Could you please provide those to Steve Ryan, John Curran, and,
ideally, I'd like to see them too.

> Is that a suitable defense of that statement (which might not have
> been saying quite what you thought)?

I don't know. I have yet to see the content of the documents which
you claim are your defense.

I'd be pleased to pull them off our backups for our normal hourly rates.
Otherwise, you're encouraged to do your own research.

... JG

Put less tersely:

We were assigned space, under a policy whose purpose was primarily to
guarantee uniqueness in IPv4 numbering. As with other legacy holders,
we obtained portable space to avoid the technical problems associated
with renumbering, problems with in-addr.arpa subdelegation, etc.

So far, correct.

Part of that was an understanding that the space was ours (let's not
get distracted by any "ownership" debate, but just agree for the sake
of this point that it was definitely understood that we'd possess it).
This served the good of the Internet by promoting stability within an
AS and allowed us to spend engineering time on finer points (such as
maintaining PTR's) rather than renumbering gear every time we changed
upstreams.

This is fictitious unless you are claiming that your allocation predates:

RFC2050 November, 1996
RFC1466 May, 1993
RFC1174 August, 1990

Prior to that, it was less clear, but, the concept was still generally
justified need so long as that need persisted.

Which ours does.

Eventually InterNIC was disbanded, and components went in various
directions. ARIN landed the numbering assignment portion of InterNIC.
Along with that, maintenance of the legacy resources drifted along to
ARIN.

Actually, ARIN was spun off from InterNIC (containing most of the same
staff that had been doing the job at InterNIC) well before InterNIC was
disbanded.

Is there an effective difference or are you just quibbling? For the
purposes of this discussion, I submit my description was suitable to
describe what happened.

Your description makes it sound like there was limited or no continuity
between the former and the current registration services entity.

I point out that ARIN was formed run by and including most of the
IP-related staff from InterNIC.

I consider that a substantive distinction.

ARIN might not have a contract with us, or with other legacy holders.
It wasn't our choice for ARIN to be tasked with holding up InterNIC's
end of things. However, it's likely that they've concluded that they
better do so, because if they don't, it'll probably turn into a costly
legal battle on many fronts, and I doubt ARIN has the budget for that.

This is going to be one of those situations that could become a
legal battle on many fronts either way. On the one hand you have
legacy holders who have no contractual right to services from
anyone (If you want to pursue InterNIC for failing to live up to
whatever agreement you have/had with them, I wish you the
very best of luck in that endeavor, especially since you don't
have a written contract from them, either).

On the other hand, in a relatively short timeframe, you are likely
to have litigants asking why ARIN has failed to reclaim/reuse
the underutilized IPv4 space sitting in so many legacy registrations.

Which of those two bodies of litigants is larger or better funded
is left as an exercise for the reader. Nonetheless, ARIN is
going to be in an interesting position between those two
groups (which one is rock and which is hard place is also
left as an exercise for the reader) going forward regardless
of what action is taken by ARIN in this area.

That is why the legacy RSA is important. It represents ARIN
trying very hard to codify and defend the rights of the legacy
holders.

Yes, but according to the statistics provided by Mr. Curran, it looks
like few legacy space holders are actually adopting the LRSA.

So far, yes. That's unfortunate.

Like many tech people, you seem to believe that the absence of a
"contract" means that there's no responsibility, and that InterNIC's
having been disbanded absolves ARIN from responsibility. In the real
world, things are not so simple. The courts have much experience at
looking at real world situations and determining what should happen.
These outcomes are not always predictable and frequently don't seem to
have obvious results, but they're generally expensive fights.

No, actually, quite the opposite. I believe that BOTH legacy holders and
ARIN have responsibilities even though there is no contract. I believe
that ARIN is, however, responsible to the community as it exists today
and not in any way responsible to legacy holders who choose to
ignore that community and their responsibilities to it.

The reality is that the community has evolved. For the most part, the
community has been willing to let legacy holders live in their little
reality distortion bubble and accommodated their eccentricities.
I think that is as it should be, to some extent. On the other hand,
I think the history now shows that ARIN's failure to immediately
institute the same renewal pricing model on legacy holders as on
new registrants has created an unfortunate disparity and a number
of unfortunate perceptions. Contrast this with APNIC and the
domain registrars/registries shortly after the ARIN spinoff from
InterNIC, where, yes, there was much grumbling from those of
us who had legacy (domain, ip resources) from them, but, in the
long run, we paid our fees and moved on.

Had ARIN done this on day one, perhaps it would have gone the
same way. Instead, we have a situation where the mere mention
of requiring legacy holders to pay a token annual fee like the rest
of IP end-users in the ARIN region leads to discussions like this.

FWIW, I'm a legacy holder myself, but, I have signed the LRSA
and I do have IPv6 resources under an RSA as well. No harm
has come to me as a result and it is not costing me any more
to have done so. In fact, I got my IPv6 assignment for a good
discount in the process, but, that deal is no longer available.

Frankly, I find it remarkably short-sighted that so many legacy
holders have refused to sign the LRSA. Especially in light of
the fact that if you are sitting on excess resources and want
to be able to transfer them under NRPM 8.3, you will need
to bring them under LRSA or RSA first and the successor who
acquires them from you (under 8.2 or 8.3) will need to sign an
RSA for the transfer to be valid.

As a legacy holder, we don't really care who is currently "responsible"
for legacy maintenance/etc. However, whoever it is, if they're not
going to take on those responsibilities, that's a problem.

You assume that anyone is currently responsible. What documentation
do you have that there is any such responsibility?

As a point in fact, ARIN has, for the good of the community, extended
the courtesy of maintaining those records and providing services
to legacy holders free of charge because it is perceived as being
in the best interests of the community.

That's only one possible interpretation. A court might well reach a more
general conclusion that ARIN is the successor to InterNIC, and has agreed
to honor legacy registrations. That'd be inconvenient for ARIN, but is a
very reasonable possible outcome.

As a general rule, courts tend to rule that absent an exchange of value, there
is no contract. They also tend to rule that contracts which contain significantly
inequitable exchanges of value are invalid.

Since ARIN is collecting nothing from legacy holders and not getting
funded by NSF or other US Government agency the way InterNIC was,
it's hard to see where you would find the exchange of value to support
that conclusion.

Additionally, it could be argued that by refusing to sign the LRSA or RSA
and refusing to participate in the community on a level playing field with
others, legacy holders are not meeting their obligations under your
implied contract theory.

IANAL, so I could be completely wrong here and this is just my personal
opinion, not a statement of ARIN or the AC.

The previous poster asked, "If you don't have a contract with ARIN,
why should ARIN provide you with anything?"

Well, the flip side to that is, "ARIN doesn't have a contract with us,
but we still have copies of the InterNIC policies under which we were
assigned space, and ARIN undertook those duties, so ARIN is actually
the one with significant worries if they were to try to pull anything,
otherwise, we don't really care."

Could you please provide those to Steve Ryan, John Curran, and,
ideally, I'd like to see them too.

Is that a suitable defense of that statement (which might not have
been saying quite what you thought)?

I don't know. I have yet to see the content of the documents which
you claim are your defense.

I'd be pleased to pull them off our backups for our normal hourly rates.
Otherwise, you're encouraged to do your own research.

I've done my own research... I've come up with nothing. You're the one
claiming you have documentation to support your assertions...

To be blunt, put up or shut up.

Owen

Owen,

Instead, we have a situation where the mere mention
of requiring legacy holders to pay a token annual fee like the rest
of IP end-users in the ARIN region leads to discussions like this.

I don't believe the issue is the token annual fee. My guess is that most legacy holders would be willing to pay a "reasonable" service fee to cover rDNS and registration database maintenance (they'd probably be more willing if there were multiple providers of that service, but that's a separate topic). I suspect the issue might be more related to stuff like:

Especially in light of
the fact that if you are sitting on excess resources and want
to be able to transfer them under NRPM 8.3, you will need
to bring them under LRSA or RSA first and the successor who
acquires them from you (under 8.2 or 8.3) will need to sign an
RSA for the transfer to be valid.

You appear to be assuming folks are willing to accept ARIN has the right and ability to assert the above (and more). That is, that the entire policy regime under which the NRPM has been defined is one that legacy holders are implicitly bound simply because they happen to operate in ARIN's service region and received IP addresses in the past without any real terms and conditions or formal agreement. I imagine the validity of your assumption will not be established without a definitive legal ruling. I'm sure it will be an interesting court case.

In any event, it seems clear that some feel that entering into agreements and paying fees in order to obtain IPv6 address space is hindering deployment of IPv6. While ARIN has in the past waived fees for IPv6, I don't believe there has ever been (nor is there likely to be) a waiver of signing the RSA. Folks who want that should probably get over it.

To try to bring this back to topics relevant to NANOG (and not ARIN's PPML), the real issue is that pragmatically speaking, the only obvious alternative to IPv6 is multi-layer NAT and it seems some people are trying to tell you that regardless of how much you might hate multi-layer NAT, how much more expensive you believe it will be operationally, and how much more limiting and fragile it will be because it breaks the end-to-end paradigm, they believe it to be a workable solution. Are there _any_ case studies, analyses with actual data, etc. that shows multi-layer NAT is not workable (scalable, operationally tractable, etc.) or at least is more expensive than IPv6?

Regards,
-drc

Owen,

Instead, we have a situation where the mere mention
of requiring legacy holders to pay a token annual fee like the rest
of IP end-users in the ARIN region leads to discussions like this.

I don't believe the issue is the token annual fee. My guess is that most legacy holders would be willing to pay a "reasonable" service fee to cover rDNS and registration database maintenance (they'd probably be more willing if there were multiple providers of that service, but that's a separate topic). I suspect the issue might be more related to stuff like:

Especially in light of
the fact that if you are sitting on excess resources and want
to be able to transfer them under NRPM 8.3, you will need
to bring them under LRSA or RSA first and the successor who
acquires them from you (under 8.2 or 8.3) will need to sign an
RSA for the transfer to be valid.

You appear to be assuming folks are willing to accept ARIN has the right and ability to assert the above (and more). That is, that the entire policy regime under which the NRPM has been defined is one that legacy holders are implicitly bound simply because they happen to operate in ARIN's service region and received IP addresses in the past without any real terms and conditions or formal agreement. I imagine the validity of your assumption will not be established without a definitive legal ruling. I'm sure it will be an interesting court case.

Well, if they want to operate under the previous regime, then, they should simply return any excess resources now rather than attempting to monetize them under newer policies as that was the policy in place at the time. Certainly they should operate under one of those two regimes rather than some alternate reality not related to either.

Interestingly, APNIC seems to have had little trouble asserting such in their region, but, I realize the regulatory framework in the ARIN region is somewhat different.

In any event, it seems clear that some feel that entering into agreements and paying fees in order to obtain IPv6 address space is hindering deployment of IPv6. While ARIN has in the past waived fees for IPv6, I don't believe there has ever been (nor is there likely to be) a waiver of signing the RSA. Folks who want that should probably get over it.

I believe you are correct about that.

To try to bring this back to topics relevant to NANOG (and not ARIN's PPML), the real issue is that pragmatically speaking, the only obvious alternative to IPv6 is multi-layer NAT and it seems some people are trying to tell you that regardless of how much you might hate multi-layer NAT, how much more expensive you believe it will be operationally, and how much more limiting and fragile it will be because it breaks the end-to-end paradigm, they believe it to be a workable solution. Are there _any_ case studies, analyses with actual data, etc. that shows multi-layer NAT is not workable (scalable, operationally tractable, etc.) or at least is more expensive than IPv6?

Can you point to a single working deployment of multi-layer NAT? I can recall experiences with several attempts which had varying levels of dysfunction. Some actually done at NANOG meetings, for example. As such, I'm willing to say that there is at least anecdotal evidence that multi-layer NAT either is not workable or has not yet been made workable.

Owen

Well, if they want to operate under the previous regime, then, they should simply return any excess resources now rather than attempting to monetize them under newer policies as that was the policy in place at the time.

Why? There were no policies to restrict how address space was transferred (or anything else) when they got their space.

Certainly they should operate under one of those two regimes rather than some alternate reality not related to either.

When most of the legacy space was handed out, there were no restrictions on what you could do/not do with address space simply because no one considered it necessary. Much later, a policy regime was established that explicitly limits rights and you seem surprised when the legacy holders aren't all that interested.

Interestingly, APNIC seems to have had little trouble asserting such in their region,

Hah. I suspect you misunderstand.

Can you point to a single working deployment of multi-layer NAT?

I suppose it depends on your definition of "working".

I've been told there are entire countries that operate behind multi-later NAT (primarily because the regulatory regime required ISPs obtain addresses from the PTT and the PTT would only hand out a couple of IP addresses).

I have put wireless gateways on NAT'd hotel networks and it works for client services, for some value of the variable "works".

I can recall experiences with several attempts which had varying levels of dysfunction. Some actually done at NANOG meetings, for example. As such, I'm willing to say that there is at least anecdotal evidence that multi-layer NAT either is not workable or has not yet been made workable.

The problem is, anecdotal evidence isn't particularly convincing to folks who are trying to decide whether to fire folks so they'll have money to spend on upgrading their systems to support IPv6.

Regards,
-drc

David -

I don't think I can agree with that statement, but for sake of clarity -
when do you think this "no restriction" period actually occurred?

/John

John Curran
President and CEO
ARIN

John,

When most of the legacy space was handed out, there were no restrictions on what you could do/not do with address space simply because no one considered it necessary.

I don't think I can agree with that statement,

Not surprising.

but for sake of clarity -
when do you think this "no restriction" period actually occurred?

Hard for me to tell, since my interaction with Jon in terms of obtaining IP addresses was limited to getting 202/7 back in '93 or so. If I remember correctly, Jon simply said addresses from that block should be used for assignments in the AP region in keeping with RFC 1466. He did not impose any sort of restrictions on "transfers" (why bother since all you needed to do was ask for addresses) nor were there any formal agreements. I suppose the limitation of allocation to the AP region could be considered a restriction, but that's probably a bit pedantic.

However, pragmatically speaking, both of our views are irrelevant. My impression is that folks who have legacy space believe that it is their asset. As I said in response to Owen, I suspect a legal decision will be needed to definitively resolve this question.

Regards,
-drc

John,

What restrictions do you believe were imposed on someone requesting a
class-C between 4/93 and 9/94 who did not intend to connect to MILNET
or NSFNET?

For your reference, here's the form then active:
http://bill.herrin.us/network/templates/199304-internet-number-template.txt

Regards,
Bill Herrin