From some informal conversations on the subject it would seem that there
is a widespread interest in eliminating the ambiguity that has existed on
Hi all,
I have prepared a VERY DRAFT paper in an attempt to clarify the situation
regarding IP addresses delegated historically by NZGATE, and to describe
one possible approach for bringing the current situation into line with
current policies of provider-based addressing.
This is only one possible solution. This document is DRAFT. This document
does not attempt to define policy; it is merely intended to provoke some
useful discussion.
this topic, and in agreeing a strategy to allow a transition to provider-
based addressing to proceed as rapidly as is practical.
Please distribute this document as widely as you care to. Comments,
criticism, flames and threats back to the list please, so everybody can
enjoy them :)
Thanks to Andy Linton and John Houlker for useful feedback and comments
on earlier, even more primitive drafts. Note that any factual errors or
ommisions on this history of the NZ internet are mine. The spelling
mistakes are all Andy's fault, however :)
Copies are available at http://www.patho.gen.nz/~jabley/nznumber.txt
Joe
--
Joe Abley Tel +64 9 912-4065, Fax +64 9 912-5008
Network Architect, CLEAR Net http://www.clear.net.nz/
--------------------------------------------------------------------------
IP Addresses delegated from "NZGATE" in use within New Zealand
1. The problem
1.1. Overview
RFC2050 documents the best current practice for address delegation for
the global Internet. It imposes a framework of restrictions driven by a
growing scarcity of globally-unique IP addresses and a need to summarise
or aggregate routing advertisements globally to keep the Internet running
reliably.
The history of the Internet in New Zealand includes, at an early stage,
a single domestic provider known as "NZGATE". This provider was facilitated
by the University of Waikato, with international connectivity to NASA.
Initially, NZGATE provided the sum total of international Internet
connectivity for New Zealand.
The regional authority for IP address allocation, APNIC, delegated a number
of address ranges to NZGATE [3.1]. Early entrants to the Internet community
in New Zealand, obtaining transit through NZGATE, were delegated address
space out of these blocks according to the guidelines set down by APNIC and,
indirectly, IANA.
NZGATE faded out of existance in 1996 [3.2]. Since that time additional
providers have added global internet transit using dedicated international
circuits to their portfolio of products, including (in no particular order)
Netway, IBM, CLEAR, IHUG, Telstra NZ and Voyager. Most of these participants
have obtained address delegations directly from an appropriate regional
registry, as they are diversely connected and don't favour a single provider
for "default routing".
Newly-connected customers of these transit providers (be they end users
or resellers, i.e. ISPs) have been delegated address space by their providers,
from the blocks delegated to those providers from APNIC, according to
RFC2050. If these customers change providers, they are obliged to return
the address delegations to their old provider, and obtain corresponding
new ranges from their new provider.
1.2. Issues
1.2.1. Stability and RFC2050
It is extremely important from a technical standpoint that provider-based
aggregation and delegation is adhered to for all customers who do not meet
the criteria for operating under addresses delegated directly from APNIC.
1.2.2. Impact on end-users
Renumbering can be an expensive exercise for some end users, especially
those whose networks have evolved for some years.
In the early days of the Internet in New Zealand, provider-based addressing
was not part of the network design. Provider-based addressing first came
under discussion as a solution to problems of scale, and only gradually
moved from being a radical departure from good practice to an accepted
reality. The evolutionary nature of this change was good in the sense that
the impact could be somewhat tuned to the timeline of the allocations and
expectations, but was bad in the sense that the moving situation added
to the complexity and uncertainty.
Many established end-user networks were built without the expectation
that the IP addresses delegated to them were tied to a particular provider.
Now that provider-based addressing is widely recognised as best current
practice and is required by the regional registries, the requirement to
renumber upon changing provider is still widely misunderstood.
It is worth noting that there was no way that NZGATE (or any other ISP
at the time) could solve all the issues of address portability raised by
the addressing policy changes sweeping across the internet.
Many NZGATE-numbered end-users may already have changed providers without
renumbering, reinforcing the unfortunate myth that the NZGATE addresses they
are using are still inherently portable, and "owned" by them.
Although some providers now include clauses in their customer contracts
underlining the point that addresses delegated as part of service delivery
must be returned at the end of the contract, this is by no means universal,
and the myth of "customer-owned IP addresses" lives on.
It is imperative going forward that the concept of provider-based addressing
and the non-portability of most network numbers is widely publicised
amongst end-users.
1.2.3. Impact on national providers
For ISPs that obtain global transit through other providers, and who have
not arranged address delegations directly from APNIC, renumbering may be
just as onerous as for end-users.
Additionally national providers may supply end-users for whom renumbering
is expensive, and the associated inconvenience mentioned in [1.2.2] is
cumulative.
1.2.4. Competitive advantage
There has been a misconception within the NZ Internet community that Netway
communications (and, latterly, NetGate/Telecom NZ) assumed the NZGATE role
by providing connectivity to the Waikato network in early 1996, and by
virtue of this fact the addresses delegated by APNIC to NZGATE are now,
by proxy, effectively delegated to Telecom NZ.
This does not appear to be a view held by others involved in the
"transition" [3.2]. More accurately, for a time Netway was the sole
provider to NZGATE, and hence also to all downstream networks of NZGATE.
This situation soon changed, with other providers bringing international
transit to NZGATE subscribers, and NZGATE slowly faded out of existance
leaving end-user networks direct customers of the new international
providers.
It is not at all obvious that any single provider can lay legitimate
claim to operational responsibility of the NZGATE blocks.
The effective use of these addresses as "portable" between providers over
the past few years is not compatible with a delegation model whereby it is
acceptable for NetGate customer networks to use them, but not acceptable for
a customer of another provider.
In effect, an expectation has been raised by Telecom NZ that customers
who have been happily numbered under NZGATE addresses (and have used a
variety of ISPs for some time) are now faced with a choice of (a) renumber,
or (b) change providers to NetGate/Xtra. Due to the operational cost
of renumbering, this gives Telecom NZ competitive advantages over other
ISPs based on the contentious belief that Telecom has assumed operational
responsibility for the NZGATE address blocks.
Many address ranges delegated from the NZGATE blocks, although well
documented at the time, have since been unofficially "transferred" to other
operators, or are not currently in use. Hence documentation of the current
state of NZGATE delegations is out-of-date.
The operational responsibility for the NZGATE address blocks, when coupled
with a lack of documentation for past delegations is, in fact, a hindrance
to Telecom NZ, as it makes strict compliance with APNIC policy for the
delegation of additional address blocks far more difficult.
1.3. Unified approach
It is in the interests of all providers within NZ that a solution to the
problems outlined in this document be found. It is also important that no
single provider is seen to be responsible for what may be seen by end-users
as restrictions, or inconvenient changes of policy.
By taking a unified approach to the problem with a policy document agreed
by the majority of New Zealand providers, the risk of confusion is minimised
and the chances of productive user education are increased.
It is proposed that the unified policy be agreed as an operational exercise
within the provider community, by the usual open discussion within the NZNOG
forum.
2. One possible solution
2.1. Overview
The proposed solution attempts to minimise the risks discussed in [1.2],
whilst providing a clear migration path towards full provider-based
addressing within New Zealand.
2.2. Rationalisation of historical NZGATE delegations
A list should be generated (and published) documenting subnets of the
NZGATE blocks [3.1] which are in use at some agreed time. All blocks
being so-used should be documented.
If the sections of the NZGATE blocks in use by Telecom/NetGate/Xtra
infrastructure (and not by end-users of Telecom/NetGate/Xtra) are
conveniently contiguous, it will make sense to re-designate those
blocks as delegated to Telecom rather than "NZGATE".
On the other hand, if it transpires that the NZGATE blocks are overly
fragmented to make this impractical, Telecom should approach APNIC for
a further, distinct address delegation.
2.3. Administrative control of NZGATE blocks returned to APNIC
All NZGATE-derived subnets not in use at the agreed time should be
returned to APNIC for administration. No further delegations from the
NZGATE blocks should be permitted by any NZ provider.
To enforce this, providers in NZ may apply route filters to prevent the
use of non-approved NZGATE address ranges.
2.4. Forced renumbering
No end-user network using NZGATE subnets should be obliged to renumber as
part of the normal course of their operation (but see [2.5] and [2.6]).
2.5. Process for extending address space delegations
Any end-user network which needs additional addresses due to growth should
be obliged to renumber with provider-based addressing in order to obtain
their larger address range. The released NZGATE addresses will be returned
to APNIC by the ISP.
2.6. Process for managing ISP-hopping by end-user networks
Any end-user network that uses NZGATE numbers and decides to change ISPs
must renumber using provider-based addressing provided by the new ISP. The
released NZGATE addresses will be returned to APNIC by the former ISP.
2.7. Process for managing ISP-hopping by national providers
Any national provider that uses NZGATE numbers and decides to change
global transit providers must renumber its own infrastructure using
provider-based addressing provided by the new global transit provider.
Customers of the national provider who use NZGATE numbers will not be
required to renumber (but see [2.5], [2.6]).
3. References
3.1. Netblocks delegated historically to NZGATE-NZ
The addresses concerned have all been delegated from within the NZGATE-NZ
networks as recorded at APNIC, which are described as:
netname: NZGATE-NZ
descr: NZ Gate National Service Provider
descr: Component of University Of Waikato
descr: New Zeland
The netblocks currently assigned to NZGATE-NZ are:
inetnum: 202.27.0.0 - 202.27.255.255
inetnum: 202.49.0.0 - 202.49.255.255
inetnum: 202.50.0.0 - 202.50.255.255
inetnum: 202.36.0.0 - 202.37.255.255
inetnum: 203.96.0.0 - 203.97.255.255
The netblock 203.96.0.0 - 203.97.255.255 is perhaps erroneously attributed
to NZGATE-NZ here - in fact, this block was delegated to an APNIC
confederate member, NZNIC, operated by the University of Waikato. NZNIC
no longer operates [3.2].
3.2. Transition of NZGATE services to other providers
The following message outlines the events surrounding the transition of
international internet transit from NZGATE to other providers in early
1996, as recalled by John Houlker of Waikato University (quoted with
permission).
From: John Houlker
To: ccc_rex(a)waikato.ac.nz, "'Joe Abley'"
Cc: asjl(a)netlink.co.nz, Jamie Clark ,
Roger Hicks
Subject: RE: [jabley(a)clear.co.nz: NZGATE-NZ]
Date: Tue, 22 Sep 1998 16:38:45 +1200
X-Mailer: Internet Mail Service (5.5.2232.9)
Joe
I would be very interested to hear your views on my original e-mail, which
is attached; in particular relating to Brett Telfer's comment, quoted in
the Herald:
"Netgate service specialist Brett Telfer says most of the Waikato
University provided IP addresses passed to the Telecom subsidiary when
it took over the running of NZ Gate in late 1995."
It was my understanding that NZ Gate had ceased to exist in its former
role, rather than being subsumed into Telecom?
Telecom (i.e., Netway) did not "take over" NZGate, but nor did NZGate
instantly "cease to exist" (such a step was simply not possible). Netway
did become NZGate's supplier for a significant period while NZGate gradually
reduced out of existence (I believe this started in January 1996). At the
time NZGate shut down its international links this was phased with the
introduction of commercial providers offering international capacity at the
NZIX, but it was a complex transition with Telecom and Clear only slowly
coming to grips with international IP services, and NZGate clients only
slowly working out what they should do.
The NZGate international circuit contracts came up to expiry in January 1996
(and we were in no position to renew for a further 12 months) and the NASA
"PACCOM" access was supposed to cease in February 1996 (in the event it
didn't, but we could not count on further access to the NASA FIX-WEST
gateway beyond that date). We were not in a position, however, to disperse
all the NZGate customers to direct supply from the newly establishing
commercial suppliers (Clear made a late start with limited bandwidth,
pricing was still under negotiation, all this was proving harder for the new
entrants than they expected). Indeed we were asked to keep NZGate going to
give our clients more time to sort out alternatives. As a result NZGate
continued as a reseller, i.e., an intermediate IP provider, and we bought
our international supply from Netway (our only option at the time). The
University network "Kawaihiko" ceased being a customer of "NZGate" and moved
to buy directly (also from Netway). As you know, somewhat later Kawaihiko
took the considerably more complicated step of "multi-homing", buying from
Netway and Clear in parallel (and later again, also from Telstra).
In this way Netway "inherited" the NZGate address blocks as they were at
that time - since they became suppliers to the remains of NZGate, and
Kawaihiko (and they later picked up the then "CRINET" and AgNet as well).
I would be interested in your comments,
I haven't seen the Herald article, but it does sound like there are sites
that don't yet know the implications of moving provider. In terms of the
old blocks of former NZGate addresses it could indeed be most useful to get
special treatment from the APNIC to allow greater flexibility in on-going
devolution of the original NZGate group. As things stand Telecom have no
option but to comply with APNIC requirements on efficient use of address
space (this does not apply to the "NZNIC confederation" space that Waikato
allocated to ISPs - in an attempt to assist portability - i.e.,
203.96.0.0/15, which is entirely independent.
Whether or not the APNIC would agree to a special approach here, it seems
there may be existing customers of Telecom (or of ISPs using Telecom) who
aren't yet aware of the portability issues. If not, perhaps some publicity
drive out of Telecom and/or perhaps NZNOG contacts could spread the word.
I asked Jim Higgens if ISOCNZ has good contacts to spread information to
ISPs but I gather that (especially given the demise of ISPANZ) NZNOG may be
the best shot.
John
4. Contributors
Joe Abley, CLEAR Communications Ltd
John Houlker, Waikato University
Andy Linton, NetLink Communications Ltd
5. Document History
$Log: nznumber.txt,v $
Revision 1.4 1998/10/08 09:23:46 jabley
Some further clarification
Revision 1.3 1998/10/08 09:01:42 jabley
Modifications following comments from jhoulker
Revision 1.2 1998/10/08 00:22:36 jabley
minor typo corrected as pointed out by wellingtonian pedant
Revision 1.1 1998/10/07 13:01:32 jabley
Initial revision
---------
To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz
where the body of your message reads:
unsubscribe nznog
