APNIC Policy Proposal 114
Folks, Saw this: https://www.apnic.net/policy/proposals/prop-114 Whilst the proposal does its best to outline pros and cons, I feel that from a policy perspective it removes the direct incentive to establish interconnectivity with IXP's (or some other mechanism for Multihoming). You gain an ASN but you are not compelled to increase the resilience of the Internet. To me that is a disadvantage that has not been stated. To me, having a network with an ASN means fundamentally you are participating in the mesh. On the solution: An organisation is eligible for an ASN assignment if: - they are currently multi-homed, OR - have previous allocated provider independent address space by APNIC, AND intend to multi-home in the future It seems to suggest a policy tilted towards incumbents or those who've been around long enough to have some PI space? The problem statement: The policy seems to imply that both requirements i.e. multi-homing and clearly defined single routing policy must be met simultaneously, this has created much confusion in interpreting the policy. Suggests that removing the confusing or conflicting elements of the current policy is wise, but I'm not convinced the proposed solution does that without undermining what I think is a important characteristic of the Internet which is a highly interconnected mesh. As an alternate, is it not better to strengthen the process to determine whether the applicant did indeed multi-home? There are downsides in that of course. It does place overhead on an entity to test that but what matters more? Ease of access into the ASN club or ensuring high levels of interconnectivity? What do others think? jamie
Hi Jamie, My $0.02.
As an alternate, is it not better to strengthen the process to determine
whether the applicant did indeed multi-home? There are downsides in that of course. It does place overhead on an entity to test that but what matters more? Ease of access into the ASN club or ensuring high levels of interconnectivity?
I run AS131196. (relatively) small enterprise with a need for redundant connectivity. I don't want to spend my days running BGP, or have the budget for a big gateway, so both my ISPs advertise to me a default route. For the last couple years, AS131196 appeared to be single homed off AS23655. It wasn't until 23655 had that major hiccup a couple of weeks ago that suddenly we started being advertised by 9503. Our prefix is still being advertised by both (prepended 3x towards 9503), but at some point I'll pull down the 9503 advertisement, as there's some funny business going on and I'm still seeing traffic via 9503. Points that I'm trying to make: 1. My commercial arrangement with 9503 explicitly states that the service is for BCP purposes, I.e. It will sit idle. Not advertising the prefix unless I need it, combined with shutting off my primary's port for 24 hours is a simple way to achieve this. Prepending isn't perfect, and 23655 were still advertising our routes through their outage until we shut off the port. 2. In my case, it'd be very difficult for an outside party to determine if I'm multihomed, without either interpreting pieces of paper, or forcing us to do a BCP test. 3. And, if you look very carefully, 131196 is actually registered on our behalf by 23655 - again, trying to simplify my job by not having to do admin functions. So, I've got no direct relationship to those who would want to test me. I understand where you're coming from (I think someone said it costs $50k per route in the BGP table), but I can't see how anything but the Honour Code is going to work, given the table itself isn't black & white, and is muddled with complexities of commercial and technical arrangements. And hey, given that no one implements BCP38, BGP is already an Honour Code implementation; why should the policies be any different? ;) Thanks, Jed. Sent from a small screen.
Hi Jamie,
I can see your points here. I believe that in this economy you've hit
the nail on the head. If this policy were enacted in NZ, it would
only serve to create an increase in the number of single homed end
sites.
I don't necessarily have a current opinion on the proposal, but I'd
like to present two pieces of aspects from people who seem to support
the proposal.
1) This proposal lowers the barrier to organisations being able to
become APNIC members and get their own IP addresses. IPv4 addresses
are running out (big shock to only Rip Van Winkle). ISPs won't give
you a /24 as a corporate anymore. In NZ we don't seem to be feeling
this as much as other economies. Maybe thats because the large
providers still have stock piles. In economies which are either late
to the Internet party, have massive growth, or both, this shortage is
being felt a lot more. Enterprises, whom historically would have been
a single homed network of a single ISP, are being encouraged to
contact APNIC directly so that they can get their own resources.
I've said "No Sympathy, just adopt IPv6" in the past, but people want
what they want. =(
Removing the requirement for multihoming allows them to do this
without having to incur any possible cost of joining two networks
(even when one of them might be an IXP). This seems to be popular
with large providers as it means they can encourage their customers to
contact APNIC without also effectively making them find a competitor
to also peer with. It also seems to be popular among IP Brokers as it
increases their target market size.
2) There are some economies within the region where being a serial
single homer is the way to play the game. I don't want to get into
justifying this, but it's something that we don't really see here and
I thought I'd just make sure people were aware of it.
Situation as follows:
I'm a small enterprise who buys my tubes from ISP 'A'. I can only
afford to get a connection from one ISP. Having two in my economy
would be cost prohibitive. The ISP give me an a small range of IP
addresses (or even a single address) which I use to host my services
on. ISP 'B' approaches me with a good deal on price. I can't change
away from ISP 'A' however without having to renumber =( This is too
much work so it never happens.
What I'd like to do is to be able to have my own AS number and IP
resources so that I can change ISP whenever one offers me a better
deal. I'd like to do this every month if I wanted to.
Now I've heard this from a number of organisations across a number of
economies in the region. I've raised concerns about the practice
making BGP less stable, but people seem to not care that much.
It's not something that we'd see being a problem here. An enterprise
wouldn't swap from Spark to Voda every other month because they were
undercutting each other, but that IS what happens in some of the
faster growing economies.
Again - I don't want to come out with an opinion either way. Just to
say that there are organisations in other economies who seem to want
to use this (and other proposals) in ways which in which it's
unlikely we'd see in a large way in NZ. Are they right? Who knows.
Dean
On Wed, Sep 2, 2015 at 11:41 PM, Jamie Baddeley
Folks,
Saw this: https://www.apnic.net/policy/proposals/prop-114
Whilst the proposal does its best to outline pros and cons, I feel that from a policy perspective it removes the direct incentive to establish interconnectivity with IXP's (or some other mechanism for Multihoming). You gain an ASN but you are not compelled to increase the resilience of the Internet. To me that is a disadvantage that has not been stated. To me, having a network with an ASN means fundamentally you are participating in the mesh.
On the solution:
An organisation is eligible for an ASN assignment if:
- they are currently multi-homed, OR
- have previous allocated provider independent address space by APNIC, AND intend to multi-home in the future
It seems to suggest a policy tilted towards incumbents or those who've been around long enough to have some PI space?
The problem statement:
The policy seems to imply that both requirements i.e. multi-homing and clearly defined single routing policy must be met simultaneously, this has created much confusion in interpreting the policy.
Suggests that removing the confusing or conflicting elements of the current policy is wise, but I'm not convinced the proposed solution does that without undermining what I think is a important characteristic of the Internet which is a highly interconnected mesh.
As an alternate, is it not better to strengthen the process to determine whether the applicant did indeed multi-home? There are downsides in that of course. It does place overhead on an entity to test that but what matters more? Ease of access into the ASN club or ensuring high levels of interconnectivity?
What do others think?
jamie
_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog
participants (3)
-
Dean Pemberton -
Jamie Baddeley -
Jed Laundry