LACNIC-CARIBE 2008 / Curaçao - ANJuly 21/22 2008 Ricardo Patara - LACNIC How to Apply for Internet Resources and Current Policies How to Apply for Internet.

LACNIC-CARIBE 2008 / Curaçao - AN July 21/22 2008

Ricardo Patara - Ricardo Patara - LACNICLACNIC

How to Apply for Internet How to Apply for Internet ResourcesResources

andand

Current PoliciesCurrent Policies

How to Apply for Internet How to Apply for Internet ResourcesResources

andand

Current PoliciesCurrent Policies

AgendaAgenda

Internet Resources Distribution Policies LACNIC Policies

IPv4, IPv6, ASN, Inverse DNS Delegation How to apply for Internet Resources

Internet Resources DistributionInternet Resources Distribution

Internet Resources: finite set and globally available.

Its distribution should follows certain criteria such as : justified need.

According to RFC 2050, it should also guarantees:

Uniqueness, Conservation, Routability and Registration

Conservation:

Fair distribution of globally unique Internet address space according to the operational needs... Prevention of stockpiling in order to maximize the lifetime of the Internet address space.

Routability:

Distribution of globally unique Internet in an hierarchical manner, permitting the routing scalability of the address ...

Registration:

Provisioning of a public registry documenting address space allocation and assignment. This is necessary to ensure uniquenessuniqueness...

IANAIANA

ISPISP End UserEnd User

End UserEnd User End UserEnd User

IANA (Internet Assigned Numbers Authority) is a function of ICANN (Internet Corporation for Assigned Names and Numbers), and takes care of assignment of numeric resources (IP blocks, ASN, protocol numbers, etc).

AFRINICAFRINIC APNICAPNIC ARINARIN LACNICLACNIC RIPERIPE

ISPISP

They all use a set of written criteria or policies for the distribution of Internet Resources.

Policy creation follows bottom-up process: addressing community needs and technology development

LACNIC policies for Internet Resources Distribution:

Some parts from inherited from ARIN Adjust to community/region needs:

9 public forum meetings since then More than 20 proposals turned into policies.

LACNIC PoliciesLACNIC Policies

Important terms:

ISP End-user Allocation Assignment Multihomed Singlehomed

Membership Registration fee Maintenance fee

Organization that will use the IP address space to provide services to third parties.

End user

Organization that will use IP address space inside its own infrastructure and to provide services.

Allocation

The act of issuing IP address space to ISP, for further sub allocations to its customers (ISP or end-users)

Assignment

The act of issuing IP address space to End-Users for its use internally to its organization

Multihomed

An organization connected to the internet through two or more independent transit providers

Singlehomed

An organization connect to the internet through only one transit provider.

Membership

According to LACNIC bylaws, any organization allocated/assigned a IP address space (v4 or v6), is LACNIC member

What entitles the organization to attend LACNIC meetings, to vote on member meetings, be part of the board.

Registration fee once approved to receive a Internet resource.

Maintenance fee. To maintain registration information Inverse DNS delegation IP Administration System, etc

Set of policies for allocation and assignment of Public address space.

Out of scope: private resources Private (RFC 1918): Internal address for private

networks. Reserved: Multicast ...

Initial and additional process.

Inverse DNS delegation.

LACNIC Policies - IPv4LACNIC Policies - IPv4

Use of Classless schema (CIDR – Classless Inter Domain Routing)

To avoid fragmentation To optimize routing

IP address allocated on “right of use” or lease basis. Not a possession!Not a possession!

Allocation or assignment valid as long as initial needs/justification keeps valid

Initial allocation to ISP:

Minimal allocation size: /21 (2048 IPs) Justification:

Demonstrate currentcurrent useuse or immediateimmediate needneed of a IP block of /23 prefix.

Send a plan to use /22 in one year Agree to renumber from previous address

block.

Initial allocation to ISP (continued):

For bigger blocks (/20, larger) Justification:

If Multihomed: currently using at least /22 block If Singlehomed: currently using at least /21 block

Send a plan to use /20 in one year Agree to renumber from previous address

block.

Initial DirectDirect allocation to ISP:

Minimal allocation size: /20 (4096 IPs) Justification:

Organization starting its business, with important inversion and no previous Internet Providers nor IP address allocation. Should be multihomed.

Send information about acquisitions, contract with upstreams providers, network topology, services portfolios, usage plan.

Micro assignment for critical structure:

Special policy for organization with key roles in the Internet: ccTLDs, RIRs, IXPs ...

Minimal assignment size: /24 (256 IPs) Justification:

Demonstrate its role as one of mentioned organization.

Initial assignment for End-Users

If MultihomedMultihomed

Minimal assignment size: /24 (256 IPs) Justification.

Current use of at least a /25 IP block. Send usage plan for 3, 6 and 12 months Agree to renumber from previous block.

If SinglehomedSinglehomed

Minimal assignment size: /20 (4096 IPs) Justification.

Current use of at least a /21 IP block. Send usage plan for 3, 6 and 12 months Agree to renumber from previous block.

Both cases should observe:

25% immediate usage rate of requested block25% immediate usage rate of requested block

50% one-year usage rate of requested block 50% one-year usage rate of requested block

Additional allocation / assignment:

Show utilization of at least 80% of previous allocated address space.

Verification of sub allocation/assignment registered in LACNIC database (every /29 or smaller allocation should be registered)

Verification of inverse DNS delegation

Initial/original policy:

Globally coordinated Allocations only to ISPs

Due to routing constraints / large size of total address space.

Currently:

Minimal allocation size: /32 (a lot of IPs) Justification:

Be a LIR or ISP; Plan for services and connectivity to be offered. Announce a single block to the routing system in

no longer than 12 months Offer service via IPv6 to clients or related entities

in no longer than 24 months.

Micro assignment for critical structure:

Similar to IPv4. Organizations with key roles in the internet: ccTLDs, RIRs, IXPs ...

Assignment Size: /48 to /32 (maximal) Concerns about routing filters... it is changingit is changing.

Justification: Demonstrate its role as one of mentioned

organization.

Returning First allocation for a bigger one:

Organization with only one IPv6 allocation can return it within 6 months in order to apply for a new and bigger one.

This can be done only once Same criteria as initial/first application. New and more elaborated utilization plan.

Additional allocation / assignment

Utilization of previous address space should meet a threshold in terms /48 assignments.

HD-Ratio of 0.94

HD= Log(number of allocated objects)

Log(max number of allocatable objects)

LACNIC Policies - ASNLACNIC Policies - ASN

Autonomous System Number (ASN)

Organizations currently multihomed or planning to become one (within two weeks)

Organization with different routing policy compared to the one of the upstream

Autonomous System Number (ASN)

16 Bits ASN. Currently used/default Finite space: 0 – 65535 (64512 – 65535

Private/reserved) New Version: 32 Bits

Notation in discussion: X.Y (4.0 ~ 4.1023) RFC4893 BGP Support for Four-octet AS Number.

16 bits / 32 bits ASN

From Jan/2007 ~ Dec/2008: 16 bits default. 32 bits when requested

From Jan/2009 ~ Dec/2009: 32 bits default. 16 bits when requested

From Jan/2010: no more distinction: Range from 0.0 to 65535.65535 (where 0.0 ~

0.65535 previous 16bits space)

LACNIC Policies – Inverse DNSLACNIC Policies – Inverse DNS

Inverse DNS resolution:

IP address to name Once used for security mechanisms. Logs More recently as spam control and to constrain

other abusive activities.

LACNIC Policies – Inverse DelegationLACNIC Policies – Inverse Delegation

Inverse DNS delegation:

Required for any allocation/assignment Also used as indication of

allocated/assigned address space utilization.

Lame Delegation Control:

DNS delegation considered “lame”, when delegated server has no information about the DNS zone it was delegated for.

Query overload on main servers: requeries Delegations with “lame” servers are

removed from main LACNIC DNS servers.

Lame Delegation Control:

Entire inverse zone (in-addr.arpa, ip6.arpa) under LACNIC control checked daily.

Lame servers marked (status in whois output)

Tech contacts warned every 15 days while problem persist.

Inverse delegation with problem removed after 60 days.

How to apply for Internet Resources

How to applyHow to apply

Organizations located in LACNIC coverage area: http://lacnic.net/sp/sobre-lacnic/cobertura

Not necessary to become member first

Organizations with IP address allocation became member automatically

Text based templates

Email to hostmaster@lacnic.net

One template for each and every type of resources

Initial part equal to any of them:

Organization information: name, postal address, phone number, Organization-id (in the case of additional request)

Points of contact: admin, tech, billing, membership.

Initial part equal to any of them:0a. Organization ID. (OwnerID): 0a. Organization ID. (OwnerID):

0b. Name of the Organization: 0b. Name of the Organization:

0c. Postal address: 0c. Postal address:

0d. City: 0d. City:

0e. State: 0e. State:

0f. Country: 0f. Country:

0g. ZIP Code: 0g. ZIP Code:

1a. ID. technical contact (UserID): 1a. ID. technical contact (UserID):

1b. ID. billing contact (UserID): 1b. ID. billing contact (UserID):

Organization ID created when of first allocation/assignment

Point of contacts should be created by each contact:

Web form: https://lacnic.net/newid Personal information, language preference,

personal password... An UserID created and sent by email.

Basic work flow: RequestRequestRequestRequest

VerificationVerificationprocessprocess

ApprovalApprovalApprovalApproval DenialDenialDenialDenialFeeFeeFeeFee

RSARSARSARSA

Allocation concludedAllocation concludedAllocation concludedAllocation concluded

How to apply – IPv4 / ISPHow to apply – IPv4 / ISP

Provide information about:

Upstream providers: name, postal address, ASN. If multihomed, repeat it as many upstream in use.

Current IP blocks and its usage rates: If initial request: IP blocks currently allocated by

upstreams If additional request: IP blocks previously allocated

by LACNIC.

Provide information about (continued):

IP address block prefix needed (CIDR notation: /20, /21, etc ...)

One year usage plan of requested block Number of addresses needed for each service

provided (dedicated access, dial-up, dsl, cable, wireless, others)

Any additional information that might useful to better understand the need.

Verification process

Utilization of current blocks: Should meet requirements for initial request and

80% for additional Information about reassignments and its

justification. Internal usage (routers, servers, etc). Internal registration database, inverse delegation Extra information requested as needed. Agree to renumber (if initial)

Once approved:

If initial, organization should sign RSA (Registration Service Agreement). Pay registration fee.

If additional, no need for registration fee neither document signing.

Organization contractual status must be okay. Allocation is only completed once satisfied

previous steps/verifications.

How to apply – IPv4 / End userHow to apply – IPv4 / End user

Upstream providers: name, postal address, ASN. If multihomed, repeat it as many upstream in use.

Current IP blocks in use: Its distribution internally: departments, number of

equipments, purposes, etc

Provide information about (continued):

Number of IP address needed/being requested.

Utilization/distribution plan for: immediately, 3, 6 and 12 months.

Sub net plans, number of departments, number of equipments, public services/servers.

Utilization of current blocks: Should meet requirements for initial request and

80% for additional. Inverse delegation Extra information requested as needed. Agree to renumber (if initial)

Once approved:

Registration Fee (either initial or additional)

If initial, organization should also sign RSA (Registration Service Agreement)

If additional organization contractual status must be okay.

Allocation is only completed once satisfied previous steps/verifications.

How to apply – IPv4 / Critical InfraHow to apply – IPv4 / Critical Infra

Organizations with keys roles for internet: ccTLD operators, IXP, RIRs

Minimal size: /24

Information necessary:

Confirmation about its activity. ccTLD: checking IANA information about

organization role IXP: incorporation act, list of potential members,

open policy for member joining.

How to apply – IPv6How to apply – IPv6

Upstream providers: name, postal address, ASN, and its ability to route IPv6.

Address distribution plan: Planed prefixes for each type of customer, for equipments, POPs, etc.

Planed IPv6 enabled services.

How to apply – IPv6How to apply – IPv6

Organization should be a Internet provider (internal or external to the organization)

Current IPv4 allocation/utilization (specially in cases of larger prefix requests)

Should compromise to start announcing prefix within 12 months, and to offer IPv6 enabled services within 24 months

No registration fee at the moment

How to apply – IPv6 / Critical InfraHow to apply – IPv6 / Critical Infra

Organizations with keys roles for internet: ccTLD operators, IXP, RIRs

Minimal size: /48

Information necessary:

Confirmation about its activity. ccTLD: checking IANA information about

organization role IXP: incorporation act, list of potential members,

open policy for member joining.

How to apply – ASNHow to apply – ASN

Upstream providers. At least two if applying as multihomed.

Providers currently contracted or in the 2 weeks time frame to conclude.

Detailed explanation about policy routing Should be a routing policy different from the

upstream provider. For instance, connection to an IXP.

How to apply – ASNHow to apply – ASN

Verification process:

Independent IP address space: Some providers would not accept routing part of a

second provider address space portion. Information about the routing policy and

upstream providers. If 32 bits ASN:

Currently checking about understating about it.

Thank you!

LACNIC-CARIBE 2008 / Curaçao - ANJuly 21/22 2008 Ricardo Patara - LACNIC How to Apply for Internet Resources and Current Policies How to Apply for Internet.

lacnic policies allocation

curaao anjuly

lacnic meetings

lacnic policies multihomed

lacnic member

lacnic policies membership

lacnic bylaws

organization slide

Documents

LACNIC XIII - cu.ipv6tf.org

Potenciando la comunidad de LACNIC Reporte LACNIC 31 ·...

UpDown RPKI LACNIC

The Claudian Monument at Patara

Didi Saxlis Patara Diasaxlisi

APNIC 15 LACNIC REPORT Raúl Echeberría LACNIC CEO APNIC 15...

Servicio de Registro LACNIC Buenos Aires 20 Marzo 2003...

LACNIC X Statistics Ricardo Patara. La red Ancho de Banda...

LACNIC Jornada de EntrenamientoPanamá PROCESO DESARROLLO DE...

Montevideo 20 mayo 2003 Ricardo Patara Sistema de Registro.....

The$Reputaon$of$Networks$– LACNIC$Region$ ·...

Patara Kent İçi Su Dağıtım Yapıları (Urban Water...

Hidrologia Patara

pingvini pepe - kargiskola.gekargiskola.ge/anbani/pingvini.....

IPv6 & IPv6 Metrics at LACNIC Roque Gagliano, Ricardo...

Lacnic v Bgp