Re: Squeezing IPs out of ARIN

[Luke S. Crawford]

On Tue, Apr 24, 2012 at 01:32:17PM -0400, ad...@thecpaneladmin.com wrote:
> Anyone have any tips for getting IPs from ARIN? For an end-user 
> allocation they are requesting that we provide customer names for 
> existing allocations, which is information that will take a while to 
> obtain. They are insisting that this is standard process and something 
> that everyone does when requesting IPs.  Has anyone actually had to do 
> this?

I have.  

clearly, I should have asked, or looked closer, but  when I started
this mess? it was not at all clear to me that ARIN saw things that went
into a home as 'residential' and everything else as 'business'  - but
from my reading and their reactions to my questions, that's how they see 
it.  If it's in a data center and not in a residence, you need to 
give them a name (human or business) for every reassigned IP, 
even if the reassignment is a /32.

Probably the majority of my VPSs?  personal use, but not residential.

I started with changing the privacy policy, and blogged about it, asking
for at least 80% of the people to opt-in.  Maybe 2% did.   I gave it 
months, then I emailed everyone, asking them to opt-out.   I gave them
two weeks, maybe 2% did.   

So yeah; eh, nobody got mad at me for it, and I think some people were
impressed that I emailed them when I made such a large change to 
the privacy policy (that isn't expected?)  so I guess it all turned out
okay, but yeah.  ARIN wants a name of some sort for every 
/32.  (Now, I just did a query against my billing database and returned
the business name and only returned the human name if there was no 
business name.)

 

Re: Squeezing IPs out of ARIN

[Jack Bates]

On 4/26/2012 7:09 PM, Jimmy Hess wrote:
ome "show" commands will show DHCP server usage, but not conclusive 
proof of the utilization of the address space. Because the show 
commands are not independently verifiable -- for all the RIR knows, 
someone plugged in a big stack of $10 modems just to register with the 
DHCP server. -- -JH 


I believe buying and connecting thousands of $10 modems to register with 
a DHCP server actually constitutes valid use of IP addresses. You would 
more likely need to create a script to spoof mac addresses in 
registering with the DHCP server over time to be in violation. Works 
about like a script that pulls names out of a phone book and assigns 
them to IP addresses in a report. The difference between the two is that 
it's easier to make the report than create a good dhcp script that will 
also utilize bandwidth and multiple interfaces or fill dhcp snooping 
tables and show up interfaces.


The reason I'm completely for skipping all the extra paperwork and going 
straight to a meeting session is that it's easy to view the various 
screens depending on the ISP layout to show that a group of addresses 
are in use and much more difficult to cover all bases to defraud ARIN 
(not impossible, but much more difficult than forging customer names).



Jack

Re: Squeezing IPs out of ARIN

[William Herrin]

On 4/26/12, Owen DeLong  wrote:
> On Apr 26, 2012, at 8:47 AM, Jack Bates wrote:
>> It is unreasonable to require detailed customer information on /32 static
>> assignments which make up the smallest fraction of space compared to the
>> huge blocks of dhcp pools (pools which justify allocations on their own).
>> In addition, a few show commands on a router displaying arp (with first 6
>> filtered) or ppp sessions (with username filtered) or dhcp pool printouts
>> showing utilization would make much more sense and provide better "proof"
>> of utilization then handing out private resident names of the <10% static
>> /32 utilization pool.
>
> /32s are not required. Get over it.

Hi Owen,

John Curran says otherwise.

http://lists.arin.net/pipermail/arin-ppml/2012-April/024518.html
http://lists.arin.net/pipermail/arin-ppml/2012-April/024523.html

Regards,
Bill Herrin


-- 
William D. Herrin  her...@dirtside.com  b...@herrin.us
3005 Crane Dr. .. Web: 
Falls Church, VA 22042-3004

Re: Squeezing IPs out of ARIN

[Owen DeLong]

On Apr 26, 2012, at 8:47 AM, Jack Bates wrote:

> On 4/26/2012 1:05 AM, Jimmy Hess wrote:
>> If resources are used to provide service to a customer,  it is not
>> unreasonable that ARIN require that this to be shown,  what customer,
>> etc  -- the org. assigning or reallocating the resources is required
>> to have documented this.
>> 
>> In addition to this documentation,  for reallocations of  /29 or  more
>> IPs, SWIP or Rwhois is also required by policy.
> 
> It is unreasonable to require detailed customer information on /32 static 
> assignments which make up the smallest fraction of space compared to the huge 
> blocks of dhcp pools (pools which justify allocations on their own). In 
> addition, a few show commands on a router displaying arp (with first 6 
> filtered) or ppp sessions (with username filtered) or dhcp pool printouts 
> showing utilization would make much more sense and provide better "proof" of 
> utilization then handing out private resident names of the <10% static /32 
> utilization pool.
> 

/32s are not required. Get over it.

/29 and larger.

> For management statics, the same applies. A couple arp table captures 
> generally should provide enough proof of utilization.
> 
> If ARIN really wants to be uptight about it, they can do what all the vendors 
> do and set up a meeting session to watch us type the commands. This is 
> probably the hardest method to forge.
> 
> I have not argued about any /29 or greater assignment which should be SWIP'd.
> 
> Someone else in the thread complained that someone would be vague information 
> in a SWIP concerning a customer, but I see it's still listed under 
> 4.2.3.7.3.2. So the NRPM still apparently recognizes the need for Residential 
> privacy as long as upstream contacts are available to handle abuse/technical 
> contact.
> 

The other person spoke of classes of businesses so the residential privacy 
policy would not apply.

Owen

Re: Squeezing IPs out of ARIN

[Jimmy Hess]

On 4/26/12, Jack Bates  wrote:
>> In addition to this documentation,  for reallocations of  /29 or  more
>> IPs, SWIP or Rwhois is also required by policy.
> It is unreasonable to require detailed customer information on /32
> static assignments which make up the smallest fraction of space compared

It is not unreasonable to require detailed information be kept; it is
standard business practice to maintain such documentation for support,
incident handling, and billing purposes.  If that customer stops
paying  for their service, exactly the right service will be
determined.  It is also required  that exactly the right /32  be
de-allocated;   the previous customer's use of that  /32  can no
longer be used to consider the IP still utilized for justifying future
allocations,  until it is reassigned.

If the provider failed to "unmark" that static /32 as utilized in
their management system,  in that case, it may be ARIN's job to detect
the absence of proof of current utilization for those now-unused /32s.

The provider is required to maintain that detailed level of
documentation, but it is burdensome to publish documentation down to
the /32 level,  hence,  one of the
reasons that it is actually not required to RWHOIS or SWIP, unless
the allocation is a /29 or larger.

That doesn't excuse the provider from maintaining documentation, that
ARIN may require at any time,  it  just  reduces the  operational burden
of constantly updating  external databases with single-IP assignments.

> to the huge blocks of dhcp pools (pools which justify allocations on
> their own). In addition, a few show commands on a router displaying arp

Proof implies that you have provided independently verifiable
information,  that can be
used to show that the applicant is  providing truthful information.

Some "show" commands will show DHCP server usage, but not conclusive
proof of the utilization of the address space.

Because the show commands are not independently verifiable -- for all
the RIR knows,  someone plugged in a big stack of $10  modems  just to
register with the DHCP server.



--
-JH

Re: Squeezing IPs out of ARIN

[Matthew Palmer]

On Wed, Apr 25, 2012 at 08:31:44AM -0700, Owen DeLong wrote:
> On Apr 24, 2012, at 9:57 PM, Jack Bates wrote:
> > I sometimes wonder what happens to that information; if it sits around
> > in an archive somewhere in the vast digital repositories of ARIN
> > awaiting someone to steal it.
> 
> That's a very cynical view. I happen to know that ARIN takes the security
> of that data very seriously and I think they do a good job of protecting
> it.  If you have any reason to believe otherwise, I invite you to offer
> some form of substantiation to support such a claim.

I'm sure that if you s/ARIN/Sony/, s/ARIN/Wordpress/, or s/ARIN/RSA/ (just
to name a few), you'd have found people at some point in the past more than
willing to stand behind the resulting statement.

Just sayin'.

- Matt

Re: Squeezing IPs out of ARIN

[William Herrin]

On 4/26/12, Jack Bates  wrote:
> On 4/26/2012 1:05 AM, Jimmy Hess wrote:
>> In addition to this documentation,  for reallocations of  /29 or  more
>> IPs, SWIP or Rwhois is also required by policy.
>
> It is unreasonable to require detailed customer information on /32
> static assignments which make up the smallest fraction of space compared
> to the huge blocks of dhcp pools (pools which justify allocations on
> their own).

It depends.

If you have a healthy mix of assignment sizes and your contact at ARIN
is hassling you about the /32's, you may want to ask why he's seeking
that information in light of the policy cut-off at /29.

If the bulk of your assignment sizes are /32 then I suspect your ARIN
contact is really saying: This fits a pattern consistent with careless
and poorly tracked assignments which if audited would reveal enough
dead assignments to put you in violation of policy. Show us that's not
the case.

If you have already provided a reasonable demonstration of the actual
utilization of your /32's yet you're still getting hassled about
identifying those customers that would seem, to my read anyway, to
violate ARIN's written policy. In which case I'm confident that ARIN
President John Curran would like to hear from you privately.

Regards,
Bill Herrin

-- 
William D. Herrin  her...@dirtside.com  b...@herrin.us
3005 Crane Dr. .. Web: 
Falls Church, VA 22042-3004

Re: Squeezing IPs out of ARIN

[William Herrin]

On 4/26/12, Joe Maimon  wrote:
> Owen DeLong wrote:
>> RWHOIS is a perfectly valid alternative to SWIP.

> I actually got RWHOIS working a while back. But then faced with the
> prospect of loading it up, I decided that ARIN templates were actually
> easier to use.

The rwhois software from about 10 years ago was very difficult to work
with and it periodically crashed to boot. I used it because I already
had my allocation data in a handy machine-readable form and could
write software which would wholesale convert that database into what
rwhois wanted to see. That way I didn't have to write something to
detect changes and "update" the SWIP templates. I could just push a
completely fresh database into rwhois.

Had I needed to import the data by hand, there's no way: I would have
used the SWIP templates.

Regards,
Bill Herrin

-- 
William D. Herrin  her...@dirtside.com  b...@herrin.us
3005 Crane Dr. .. Web: 
Falls Church, VA 22042-3004

Re: Squeezing IPs out of ARIN

[Jack Bates]

On 4/26/2012 1:05 AM, Jimmy Hess wrote:

If resources are used to provide service to a customer,  it is not
unreasonable that ARIN require that this to be shown,  what customer,
etc  -- the org. assigning or reallocating the resources is required
to have documented this.

In addition to this documentation,  for reallocations of  /29 or  more
IPs, SWIP or Rwhois is also required by policy.


It is unreasonable to require detailed customer information on /32 
static assignments which make up the smallest fraction of space compared 
to the huge blocks of dhcp pools (pools which justify allocations on 
their own). In addition, a few show commands on a router displaying arp 
(with first 6 filtered) or ppp sessions (with username filtered) or dhcp 
pool printouts showing utilization would make much more sense and 
provide better "proof" of utilization then handing out private resident 
names of the <10% static /32 utilization pool.


For management statics, the same applies. A couple arp table captures 
generally should provide enough proof of utilization.


If ARIN really wants to be uptight about it, they can do what all the 
vendors do and set up a meeting session to watch us type the commands. 
This is probably the hardest method to forge.


I have not argued about any /29 or greater assignment which should be 
SWIP'd.


Someone else in the thread complained that someone would be vague 
information in a SWIP concerning a customer, but I see it's still listed 
under 4.2.3.7.3.2. So the NRPM still apparently recognizes the need for 
Residential privacy as long as upstream contacts are available to handle 
abuse/technical contact.


I didn't see in the NRPM where SWIP was necessary for /32 assignments, 
nor that such contact information should be handed to ARIN. This is the 
difference between NRPM and ARIN implementation of NRPM. ARIN has always 
asked for dhcp pool counts versus actual customer counts, dialup counts, 
dialup ratios, etc. They have also always asked for SWIP/records for /29 
or larger assignments.  I've always been surprised that they don't ask 
for a few router/server captures as verification. Instead they ask for 
information which isn't pertinent to justification, the <10% assignments 
(when the 90% more than justifies on its own).



Jack

Re: Squeezing IPs out of ARIN

[Suresh Ramasubramanian]

Though to be fair that is probably legacy and level3 does swip its customers.

On Thu, Apr 26, 2012 at 8:19 PM, Suresh Ramasubramanian
 wrote:
>
> suresh@frodo 07:41:38 :~$ telnet rwhois.level3.net 4321
> Trying 209.244.1.179...
> ^C [keeps timing out]



-- 
Suresh Ramasubramanian (ops.li...@gmail.com)

Re: Squeezing IPs out of ARIN

[Suresh Ramasubramanian]

They do, they do .. but there's all kinds of rwhois unfortunately.

suresh@frodo 07:41:38 :~$ telnet rwhois.level3.net 4321
Trying 209.244.1.179...
^C [keeps timing out]

suresh@frodo 07:48:17 :~$ telnet rwhois.hostnoc.net 4321
Trying 64.191.49.26...
Connected to rwhois.hostnoc.net.
Escape character is '^]'.
%rwhois V-1.5:003fff:00 rwhois.hostnoc.net (by Network Solutions, Inc.
V-1.5.9.5)
[not particularly up to date]

compared to, for example -

suresh@frodo 07:47:13 :~$ telnet rwhois.cogentco.com 4321
Trying 66.28.3.252...
Connected to plebe.sys.cogentco.com.
Escape character is '^]'.
%rwhois V-1.5:0010b0:00 rwhois.cogentco.com
[fast, works great, accurate]

suresh@frodo 07:47:22 :~$ telnet rwhois.softlayer.com 4321
Trying 66.228.118.79...
Connected to rwhois.softlayer.com.
Escape character is '^]'.
%rwhois V-1.5:003fff:00 rwhois.softlayer.com (by Network Solutions,
Inc. V-1.5.9.5)
[ditto]


On Thu, Apr 26, 2012 at 8:07 PM, Owen DeLong  wrote:
> Actually, most of the ISPs I know that use RWHOIS instead of SWIP do so tying
> the RWHOIS server into their IP management database through an automated
> process (if not just live queries).
>
> However, you are right that most ISPs use SWIP.



-- 
Suresh Ramasubramanian (ops.li...@gmail.com)

Re: Squeezing IPs out of ARIN

[Owen DeLong]

Actually, most of the ISPs I know that use RWHOIS instead of SWIP do so tying
the RWHOIS server into their IP management database through an automated
process (if not just live queries).

However, you are right that most ISPs use SWIP.

Owen

On Apr 26, 2012, at 7:02 AM, Suresh Ramasubramanian wrote:

> It is an extremely rare ISP that has an rwhois server, and then
> ensures that it remains available, up and answering queries.
> 
> And even rarer when the ISP ensures that its rwhois records are up to
> date and not hopelessly stale.
> 
> On Thu, Apr 26, 2012 at 7:22 PM, Joe Maimon  wrote:
>> 
>> 
>> Owen DeLong wrote:
>>> 
>>> 
 
>>> RWHOIS is a perfectly valid alternative to SWIP.
>>> 
>>> Owen
>>> 
>> 
>> 
>> I actually got RWHOIS working a while back. But then faced with the prospect
>> of loading it up, I decided that ARIN templates were actually easier to use.
>> 
>> And with their restful interface, even more so.
>> 
>> Unless it is all prerolled for your and bundled with your ip management
>> software that you are already using, dont bother.
>> 
>> Joe
>> 
> 
> 
> 
> -- 
> Suresh Ramasubramanian (ops.li...@gmail.com)

Re: Squeezing IPs out of ARIN

[Suresh Ramasubramanian]

It is an extremely rare ISP that has an rwhois server, and then
ensures that it remains available, up and answering queries.

And even rarer when the ISP ensures that its rwhois records are up to
date and not hopelessly stale.

On Thu, Apr 26, 2012 at 7:22 PM, Joe Maimon  wrote:
>
>
> Owen DeLong wrote:
>>
>>
>>>
>> RWHOIS is a perfectly valid alternative to SWIP.
>>
>> Owen
>>
>
>
> I actually got RWHOIS working a while back. But then faced with the prospect
> of loading it up, I decided that ARIN templates were actually easier to use.
>
> And with their restful interface, even more so.
>
> Unless it is all prerolled for your and bundled with your ip management
> software that you are already using, dont bother.
>
> Joe
>



-- 
Suresh Ramasubramanian (ops.li...@gmail.com)

Re: Squeezing IPs out of ARIN

[Joe Maimon]

Owen DeLong wrote:





RWHOIS is a perfectly valid alternative to SWIP.

Owen




I actually got RWHOIS working a while back. But then faced with the 
prospect of loading it up, I decided that ARIN templates were actually 
easier to use.


And with their restful interface, even more so.

Unless it is all prerolled for your and bundled with your ip management 
software that you are already using, dont bother.


Joe

Re: Squeezing IPs out of ARIN

[Jimmy Hess]

On 4/25/12, Jack Bates  wrote:
> On 4/25/2012 10:31 AM, Owen DeLong wrote:
>> There is nothing whatsoever wrong with providing the information to
>> ARIN under NDA. ARIN provides a very good (IMHO) plain English mutual
--
> Sure, and small ISP techs immediately think of NDAs when talking to
> ARIN. ARIN didn't suggest it. In addition, the entire "provide all this
[snip]

Before anyone received their first allocation from ARIN, they had to
sign a Registration Services Agreement,  which contains a section
explaining that ARIN may review Holder's utilization of previously
assigned resources to ensure the Holder is complying with the terms,
when a transfer or additional IPs are requested.

In other words,  they have been forewarned, that ARIN may at any time
require them to show  thorough documentation  proving the utilization
of the resources,  and exactly who or what resources have been
reassigned or reallocated to,  and eligibility for future resource
transfers/allocations may be impacted.

If resources are used to provide service to a customer,  it is not
unreasonable that ARIN require that this to be shown,  what customer,
etc  -- the org. assigning or reallocating the resources is required
to have documented this.

In addition to this documentation,  for reallocations of  /29 or  more
IPs, SWIP or Rwhois is also required by policy.

That is all discussed in the ARIN Number resource policy manual,  that
resource holders have agreed to  be bound to by signing a RSA.


The requirement to document utilization and maintain evidence for the
justification for utilization at all times,  does  not   start  when
applying for additional resources.
The policy is in effect at all times.

The requirement is that the justification be made and documented,
before resources
are reallocated.

In short...  please don't blame the registry for failure to adhere to
the rules and advice
"should" rules given in number resource policies by maintaining proper
documentation.

The ARIN policies are community  developed;   and  the ARIN staff
wouldn't be doing their job as steward of scarce IPv4 resources which
will be exhausted before too long;
if they didn't require sufficient details to prove the utilization in
resource reviews for
the new allocations.


https://www.arin.net/policy/nrpm.html#four23
"
4.2.3. Reassigning Address Space to Customers
4.2.3.1. Efficient utilization

ISPs are required to apply a utilization efficiency criterion in
providing address space to their customers. To this end, ISPs should
have documented justification available for each reassignment. ARIN
may request this justification at any time. If justification is not
provided, future receipt of allocations may be impacted.
"


The requirement for End users is even more stringent:
https://www.arin.net/policy/nrpm.html#four33
"
Requesters must show exactly how previous address assignments have
been utilized and must provide appropriate details to verify their
one-year growth projection.
"




-- 
-JH

Re: Squeezing IPs out of ARIN

[Jack Bates]

This is the first time I've seen ARIN request actual individual names. 
I've had them requests SWIP and I've had them request exact user counts, 
and I generally get much larger allocations than what was being 
allocated. In addition, all their numbers matched up with all of my 
numbers and the allocated space matched what I had assigned them minus 1 
/24 (they had 5 /23's from me). After their initial renumber into the 
/21, they had to return to get the additional /24. They reorganized some 
networks to squeeze off the tenth /24.


On 4/25/2012 10:31 AM, Owen DeLong wrote:
There is nothing whatsoever wrong with providing the information to 
ARIN under NDA. ARIN provides a very good (IMHO) plain English mutual 
NDA for just this purpose. What rational ethical ISP fails to include 
a provision for this process in their TOS? 
Sure, and small ISP techs immediately think of NDAs when talking to 
ARIN. ARIN didn't suggest it. In addition, the entire "provide all this 
customer detail information" was overkill as well, given that the /21 
was justified without the last little bit of justification requiring 
customer names (or for that matter, the management equipment model/type 
info).



I sometimes wonder what happens to that information; if it sits around in an 
archive somewhere in the vast digital repositories of ARIN awaiting someone to 
steal it.

That's a very cynical view. I happen to know that ARIN takes the security of 
that data very seriously and I think they do a good job of protecting it. If 
you have any reason to believe otherwise, I invite you to offer some form of 
substantiation to support such a claim.


I would like to assume they do a good job protecting the data (although 
I have no proof that this is true). However, leaving unnecessary data 
laying around for no valid reason is careless. Historical information of 
customer names/addresses is not necessary, even if said information is 
provided to ARIN. A note on the account verifying that necessary 
information was seen by the ARIN representative is enough. Requiring 
this level of detail on the smallest fraction of the justified space 
makes it even worse.


Of course, ARIN might delete the information. I've seen nothing in the 
documentation to suggest if they do or not.


I never presume data is secure. The more unnecessary copies of it there 
are, the more likely it will be obtained by an unauthorized individual.



Jack

Re: Squeezing IPs out of ARIN

[John Curran]

On Apr 25, 2012, at 2:28 PM, Andy Susag wrote:

> We just recently "wrastled" with ARIN to get a whopping /22 from them,
> it wasn't very easy. 
> 
> Keeping record of what you have allocated downstream is important and I
> totally agree with ARIN insisting this be done. Luckily as long as you
> have an address, customer name, and a contact, you can issue reassign
> simples to hostmaster. You don't have to walk your customers through
> creating POCs and ORG-IDs. When you issue a reassign simple, it will
> automatically create all that. As long as your allocations are 80% full,
> you should be able to make a request. You might not get what you want
> though.
> 
> Seems kind of counterproductive to ARIN though. I wouldn't think they'd
> like a database full of fudged SWIP info, but I guess they're OK with
> it...

Andy - 

You're 90% right in your quick summary about reassignment data; more details 
are 
available here:   
If you've got concerns regarding privacy for residential subscribers, there are 
specific mechanisms for handling that, but otherwise you should be putting in
accurate reassignment data (including organization) for each IPv4 assignment of
/29 or more.  To not do so would be very awkward for you and your customers if 
your network block were reported for Internet number resource fraud due to 
being "full of fudged SWIP info"...

FYI,
/John

John Curran
President and CEO
ARIN

Re: Squeezing IPs out of ARIN

[Robert E. Seastrom]

"Andy Susag"  writes:

> Seems kind of counterproductive to ARIN though. I wouldn't think they'd
> like a database full of fudged SWIP info, but I guess they're OK with
> it...

They require an officer attestation.  SWIP info that is made up out of
whole cloth sounds suspiciously like fraud to me, but I'm neither a
lawyer nor your CxO.  Choose wisely.

-r

RE: Squeezing IPs out of ARIN

[Andy Susag]

We just recently "wrastled" with ARIN to get a whopping /22 from them,
it wasn't very easy. 

Keeping record of what you have allocated downstream is important and I
totally agree with ARIN insisting this be done. Luckily as long as you
have an address, customer name, and a contact, you can issue reassign
simples to hostmaster. You don't have to walk your customers through
creating POCs and ORG-IDs. When you issue a reassign simple, it will
automatically create all that. As long as your allocations are 80% full,
you should be able to make a request. You might not get what you want
though.

Seems kind of counterproductive to ARIN though. I wouldn't think they'd
like a database full of fudged SWIP info, but I guess they're OK with
it...

-Original Message-
From: Richey [mailto:myli...@battleop.com] 
Sent: Wednesday, April 25, 2012 13:21
To: 'Kenneth McRae'; 'Owen DeLong'
Cc: nanog@nanog.org
Subject: RE: Squeezing IPs out of ARIN

I got a new allocation about 18 months ago.  I sent them a spread sheet
of the users and their current IPs.  I changed the real customer name to
something that reflected what business they were in.  So I had lots of
"Hotel Customer 1" and "Dr. Office 112" with what IPs they were using.
There was no way we were going to release a complete customer list to
anyone.  They didn't seem to have a problem with this.

Richey

-Original Message-
From: Kenneth McRae [mailto:kenneth.mc...@dreamhost.com]
Sent: Wednesday, April 25, 2012 11:46 AM
To: Owen DeLong
Cc: nanog@nanog.org
Subject: Re: Squeezing IPs out of ARIN

I have never provided the names of end users..  How the address space
would be utilized?  Definitely..  But not the names of end users...

On Wed, Apr 25, 2012 at 8:34 AM, Owen DeLong  wrote:

> There is not a new policy added on to prevent hoarding. What is 
> required is what has been required for several years. Utilization 
> information and proper justification.
>
> If you are seeking an ISP allocation, then, reassignment (customer) 
> information is in fact part of that utilization information.
>
> Owen
>
> On Apr 25, 2012, at 8:22 AM, Kenneth McRae wrote:
>
> > Negative..  I have never had to provide end user information.  I 
> > have
> been
> > required to provide utilization information.  I am sure this 
> > "policy" is and add-on to make it more difficult to prevent
hoarding..
> >
> > On Tue, Apr 24, 2012 at 10:47 AM, Jonathan Lassoff 
> wrote:
> >
> >> On Tue, Apr 24, 2012 at 10:32 AM,  
wrote:
> >>> Anyone have any tips for getting IPs from ARIN? For an end-user
> >> allocation
> >>> they are requesting that we provide customer names for existing
> >> allocations,
> >>> which is information that will take a while to obtain. They are
> insisting
> >>> that this is standard process and something that everyone does 
> >>> when requesting IPs.  Has anyone actually had to do this?
> >>
> >> Indeed. It's worked this way for a long time.
> >>
> >> When starting a new organization, there's a bit of a chicken and 
> >> egg problem with IP space. If anyone could get IP space just for 
> >> asking for it, it would have been consumed too quickly. So, 
> >> organizations must first get some space assigned to them from an 
> >> upstream provider and begin using it.
> >> At some point the current usage and growth rate of the assigned 
> >> space will justify a direct allocation.
> >>
> >> Then, you can renumber into your new space and be totally
independent.
> >>
> >> Cheers,
> >> jof
> >>
> >>
> >
> >
> > --
> > Best Regards,
> >
> >
> >
> > Kenneth McRae
> > *Sr. Network Engineer*
> > kenneth.mc...@dreamhost.com
> > Ph: 323-375-3814
> > www.dreamhost.com
>
>


--
Best Regards,



Kenneth McRae
*Sr. Network Engineer*
kenneth.mc...@dreamhost.com
Ph: 323-375-3814
www.dreamhost.com

Re: Squeezing IPs out of ARIN

[Kenneth McRae]

No I am speaking about my previous positons with large providers, telco,
etc.

On Wed, Apr 25, 2012 at 9:09 AM, Jonathan Lassoff  wrote:

> On Wed, Apr 25, 2012 at 8:46 AM, Kenneth McRae <
> kenneth.mc...@dreamhost.com> wrote:
>
>> I have never provided the names of end users..  How the address space
>> would be utilized?  Definitely..  But not the names of end users...
>>
>
> Probably because you are an "end user".
> If you're talking about AS26347, I don't think there is any re-assigned
> space in there.
>
> Do you ever "assign" users CIDR blocks of IP space for their own use? If
> it's just the transitory use of IPs in an operational network you control,
> then that sounds like "end user" use to me, even though you may sell the
> use of those IPs.
>
> If you have questions about this stuff, the ARIN NRPM is a great resource:
> https://www.arin.net/policy/nrpm.html
>
> Cheers,
> jof
>



-- 
Best Regards,



Kenneth McRae
*Sr. Network Engineer*
kenneth.mc...@dreamhost.com
Ph: 323-375-3814
www.dreamhost.com

Re: Squeezing IPs out of ARIN

[Justin M. Streiner]

On Wed, 25 Apr 2012, -Hammer- wrote:


Killing me softly Owen


The difference is subtle, but important.

jms

Re: Squeezing IPs out of ARIN

[-Hammer-]

Killing me softly Owen

-Hammer-

"I was a normal American nerd"
-Jack Herer



On 4/25/2012 1:15 PM, Owen DeLong wrote:

Nope... You paid for and received registration services for a block of IP 
Addresses.

Anyone can use those integers for many purposes, but, only you are registered 
to use them as
topological identifiers on the internet according to ARIN and the other RIRs.

Owen

On Apr 25, 2012, at 10:59 AM, -Hammer- wrote:


purchase/lease/rent/titlepawn/etc. We paid for and got a block of IPs.

-Hammer-

"I was a normal American nerd"
-Jack Herer



On 4/25/2012 11:13 AM, valdis.kletni...@vt.edu wrote:

On Wed, 25 Apr 2012 10:54:39 -0500, -Hammer- said:

I can say that I recently completed the purchase of a large IPv6 block.

"purchase"??!?

Re: Squeezing IPs out of ARIN

[Owen DeLong]

Nope... You paid for and received registration services for a block of IP 
Addresses.

Anyone can use those integers for many purposes, but, only you are registered 
to use them as
topological identifiers on the internet according to ARIN and the other RIRs.

Owen

On Apr 25, 2012, at 10:59 AM, -Hammer- wrote:

> purchase/lease/rent/titlepawn/etc. We paid for and got a block of IPs.
> 
> -Hammer-
> 
> "I was a normal American nerd"
> -Jack Herer
> 
> 
> 
> On 4/25/2012 11:13 AM, valdis.kletni...@vt.edu wrote:
>> On Wed, 25 Apr 2012 10:54:39 -0500, -Hammer- said:
>>> I can say that I recently completed the purchase of a large IPv6 block.
>> "purchase"??!?

Re: Squeezing IPs out of ARIN

[-Hammer-]

Sorry everyone. Bad choice of words. I simply meant they have their 
money and we have our allocation.


Stand down. Move along. Nothing to see here.

-Hammer-

"I was a normal American nerd"
-Jack Herer



On 4/25/2012 11:55 AM, Owen DeLong wrote:

No, you didn't. You may have completed the acquisition of a large IPv6 block, 
but you did not purchase it.

Number resources are not property and cannot be bought and/or sold.

What you pay to ARIN pays for registration services (the registration of the 
numbers, not the numbers themselves). While I realize that in practice this may 
seem like a distinction without a difference, there are major legal and 
practical implications to this fact that are quite important to the very 
underpinnings of how the internet works.

Owen

On Apr 25, 2012, at 8:54 AM, -Hammer- wrote:


I can say that I recently completed the purchase of a large IPv6 block. We've 
had several large V4 blocks for years and got them with very little effort. For 
this block, we had to provide a detailed list of all our physical locations as 
well as how the IP schema would be utilized. I also had to provide site 
drawings (scrubbed visios) showing my topology layout to justify my additional 
ASNs. It was not a harsh ordeal. ARIN was very professional about it. But it 
was a lot more paperwork than what I've needed in the past. None of it seemed 
unreasonable. We just had to work out NDAs and whatnot so I could share more 
detailed information with them.

-Hammer-

"I was a normal American nerd"
-Jack Herer



On 4/25/2012 10:34 AM, Owen DeLong wrote:

There is not a new policy added on to prevent hoarding. What is required is what
has been required for several years. Utilization information and proper 
justification.

If you are seeking an ISP allocation, then, reassignment (customer) information 
is
in fact part of that utilization information.

Owen

On Apr 25, 2012, at 8:22 AM, Kenneth McRae wrote:


Negative..  I have never had to provide end user information.  I have been
required to provide utilization information.  I am sure this "policy" is
and add-on to make it more difficult to prevent hoarding..

On Tue, Apr 24, 2012 at 10:47 AM, Jonathan Lassoff   wrote:


On Tue, Apr 24, 2012 at 10:32 AM,   wrote:

Anyone have any tips for getting IPs from ARIN? For an end-user

allocation

they are requesting that we provide customer names for existing

allocations,

which is information that will take a while to obtain. They are insisting
that this is standard process and something that everyone does when
requesting IPs.  Has anyone actually had to do this?

Indeed. It's worked this way for a long time.

When starting a new organization, there's a bit of a chicken and egg
problem with IP space. If anyone could get IP space just for asking
for it, it would have been consumed too quickly. So, organizations
must first get some space assigned to them from an upstream provider
and begin using it.
At some point the current usage and growth rate of the assigned space
will justify a direct allocation.

Then, you can renumber into your new space and be totally independent.

Cheers,
jof



--
Best Regards,



Kenneth McRae
*Sr. Network Engineer*
kenneth.mc...@dreamhost.com
Ph: 323-375-3814
www.dreamhost.com

Re: Squeezing IPs out of ARIN

[-Hammer-]

purchase/lease/rent/titlepawn/etc. We paid for and got a block of IPs.

-Hammer-

"I was a normal American nerd"
-Jack Herer



On 4/25/2012 11:13 AM, valdis.kletni...@vt.edu wrote:

On Wed, 25 Apr 2012 10:54:39 -0500, -Hammer- said:

I can say that I recently completed the purchase of a large IPv6 block.

"purchase"??!?

RE: Squeezing IPs out of ARIN

[Richey]

I got a new allocation about 18 months ago.  I sent them a spread sheet of
the users and their current IPs.  I changed the real customer name to
something that reflected what business they were in.  So I had lots of
"Hotel Customer 1" and "Dr. Office 112" with what IPs they were using.
There was no way we were going to release a complete customer list to
anyone.  They didn't seem to have a problem with this.

Richey

-Original Message-
From: Kenneth McRae [mailto:kenneth.mc...@dreamhost.com] 
Sent: Wednesday, April 25, 2012 11:46 AM
To: Owen DeLong
Cc: nanog@nanog.org
Subject: Re: Squeezing IPs out of ARIN

I have never provided the names of end users..  How the address space would
be utilized?  Definitely..  But not the names of end users...

On Wed, Apr 25, 2012 at 8:34 AM, Owen DeLong  wrote:

> There is not a new policy added on to prevent hoarding. What is 
> required is what has been required for several years. Utilization 
> information and proper justification.
>
> If you are seeking an ISP allocation, then, reassignment (customer) 
> information is in fact part of that utilization information.
>
> Owen
>
> On Apr 25, 2012, at 8:22 AM, Kenneth McRae wrote:
>
> > Negative..  I have never had to provide end user information.  I 
> > have
> been
> > required to provide utilization information.  I am sure this 
> > "policy" is and add-on to make it more difficult to prevent hoarding..
> >
> > On Tue, Apr 24, 2012 at 10:47 AM, Jonathan Lassoff 
> wrote:
> >
> >> On Tue, Apr 24, 2012 at 10:32 AM,   wrote:
> >>> Anyone have any tips for getting IPs from ARIN? For an end-user
> >> allocation
> >>> they are requesting that we provide customer names for existing
> >> allocations,
> >>> which is information that will take a while to obtain. They are
> insisting
> >>> that this is standard process and something that everyone does 
> >>> when requesting IPs.  Has anyone actually had to do this?
> >>
> >> Indeed. It's worked this way for a long time.
> >>
> >> When starting a new organization, there's a bit of a chicken and 
> >> egg problem with IP space. If anyone could get IP space just for 
> >> asking for it, it would have been consumed too quickly. So, 
> >> organizations must first get some space assigned to them from an 
> >> upstream provider and begin using it.
> >> At some point the current usage and growth rate of the assigned 
> >> space will justify a direct allocation.
> >>
> >> Then, you can renumber into your new space and be totally independent.
> >>
> >> Cheers,
> >> jof
> >>
> >>
> >
> >
> > --
> > Best Regards,
> >
> >
> >
> > Kenneth McRae
> > *Sr. Network Engineer*
> > kenneth.mc...@dreamhost.com
> > Ph: 323-375-3814
> > www.dreamhost.com
>
>


--
Best Regards,



Kenneth McRae
*Sr. Network Engineer*
kenneth.mc...@dreamhost.com
Ph: 323-375-3814
www.dreamhost.com

Re: Squeezing IPs out of ARIN

[Owen DeLong]

No, you didn't. You may have completed the acquisition of a large IPv6 block, 
but you did not purchase it.

Number resources are not property and cannot be bought and/or sold.

What you pay to ARIN pays for registration services (the registration of the 
numbers, not the numbers themselves). While I realize that in practice this may 
seem like a distinction without a difference, there are major legal and 
practical implications to this fact that are quite important to the very 
underpinnings of how the internet works.

Owen

On Apr 25, 2012, at 8:54 AM, -Hammer- wrote:

> I can say that I recently completed the purchase of a large IPv6 block. We've 
> had several large V4 blocks for years and got them with very little effort. 
> For this block, we had to provide a detailed list of all our physical 
> locations as well as how the IP schema would be utilized. I also had to 
> provide site drawings (scrubbed visios) showing my topology layout to justify 
> my additional ASNs. It was not a harsh ordeal. ARIN was very professional 
> about it. But it was a lot more paperwork than what I've needed in the past. 
> None of it seemed unreasonable. We just had to work out NDAs and whatnot so I 
> could share more detailed information with them.
> 
> -Hammer-
> 
> "I was a normal American nerd"
> -Jack Herer
> 
> 
> 
> On 4/25/2012 10:34 AM, Owen DeLong wrote:
>> There is not a new policy added on to prevent hoarding. What is required is 
>> what
>> has been required for several years. Utilization information and proper 
>> justification.
>> 
>> If you are seeking an ISP allocation, then, reassignment (customer) 
>> information is
>> in fact part of that utilization information.
>> 
>> Owen
>> 
>> On Apr 25, 2012, at 8:22 AM, Kenneth McRae wrote:
>> 
>>> Negative..  I have never had to provide end user information.  I have been
>>> required to provide utilization information.  I am sure this "policy" is
>>> and add-on to make it more difficult to prevent hoarding..
>>> 
>>> On Tue, Apr 24, 2012 at 10:47 AM, Jonathan Lassoff  wrote:
>>> 
 On Tue, Apr 24, 2012 at 10:32 AM,  wrote:
> Anyone have any tips for getting IPs from ARIN? For an end-user
 allocation
> they are requesting that we provide customer names for existing
 allocations,
> which is information that will take a while to obtain. They are insisting
> that this is standard process and something that everyone does when
> requesting IPs.  Has anyone actually had to do this?
 Indeed. It's worked this way for a long time.
 
 When starting a new organization, there's a bit of a chicken and egg
 problem with IP space. If anyone could get IP space just for asking
 for it, it would have been consumed too quickly. So, organizations
 must first get some space assigned to them from an upstream provider
 and begin using it.
 At some point the current usage and growth rate of the assigned space
 will justify a direct allocation.
 
 Then, you can renumber into your new space and be totally independent.
 
 Cheers,
 jof
 
 
>>> 
>>> -- 
>>> Best Regards,
>>> 
>>> 
>>> 
>>> Kenneth McRae
>>> *Sr. Network Engineer*
>>> kenneth.mc...@dreamhost.com
>>> Ph: 323-375-3814
>>> www.dreamhost.com
>> 
>> 

Re: Squeezing IPs out of ARIN

[Valdis . Kletnieks]

On Wed, 25 Apr 2012 10:54:39 -0500, -Hammer- said:
> I can say that I recently completed the purchase of a large IPv6 block.

"purchase"??!?


pgpMtR5JcMTNK.pgp
Description: PGP signature

Re: Squeezing IPs out of ARIN

[Jonathan Lassoff]

On Wed, Apr 25, 2012 at 8:46 AM, Kenneth McRae
wrote:

> I have never provided the names of end users..  How the address space
> would be utilized?  Definitely..  But not the names of end users...
>

Probably because you are an "end user".
If you're talking about AS26347, I don't think there is any re-assigned
space in there.

Do you ever "assign" users CIDR blocks of IP space for their own use? If
it's just the transitory use of IPs in an operational network you control,
then that sounds like "end user" use to me, even though you may sell the
use of those IPs.

If you have questions about this stuff, the ARIN NRPM is a great resource:
https://www.arin.net/policy/nrpm.html

Cheers,
jof

Re: Squeezing IPs out of ARIN

[Justin M. Streiner]

On Wed, 25 Apr 2012, Chuck Anderson wrote:


RWHOIS is a perfectly valid alternative to SWIP.


Can a downstream ISP SWIP records if their upstream ISP uses RWHOIS
for the block that is further delegated to that downstream ISP?


I would think so, but it might also depend on how the space is delegated 
to you.  The upstream should be able to put a note in the rwhois record 
stating that further assignments from a.b.c.0/xx have been SWIP'd or 
something to that effect.


jms

Re: Squeezing IPs out of ARIN

[-Hammer-]

I can say that I recently completed the purchase of a large IPv6 block. 
We've had several large V4 blocks for years and got them with very 
little effort. For this block, we had to provide a detailed list of all 
our physical locations as well as how the IP schema would be utilized. I 
also had to provide site drawings (scrubbed visios) showing my topology 
layout to justify my additional ASNs. It was not a harsh ordeal. ARIN 
was very professional about it. But it was a lot more paperwork than 
what I've needed in the past. None of it seemed unreasonable. We just 
had to work out NDAs and whatnot so I could share more detailed 
information with them.


-Hammer-

"I was a normal American nerd"
-Jack Herer



On 4/25/2012 10:34 AM, Owen DeLong wrote:

There is not a new policy added on to prevent hoarding. What is required is what
has been required for several years. Utilization information and proper 
justification.

If you are seeking an ISP allocation, then, reassignment (customer) information 
is
in fact part of that utilization information.

Owen

On Apr 25, 2012, at 8:22 AM, Kenneth McRae wrote:


Negative..  I have never had to provide end user information.  I have been
required to provide utilization information.  I am sure this "policy" is
and add-on to make it more difficult to prevent hoarding..

On Tue, Apr 24, 2012 at 10:47 AM, Jonathan Lassoff  wrote:


On Tue, Apr 24, 2012 at 10:32 AM,  wrote:

Anyone have any tips for getting IPs from ARIN? For an end-user

allocation

they are requesting that we provide customer names for existing

allocations,

which is information that will take a while to obtain. They are insisting
that this is standard process and something that everyone does when
requesting IPs.  Has anyone actually had to do this?

Indeed. It's worked this way for a long time.

When starting a new organization, there's a bit of a chicken and egg
problem with IP space. If anyone could get IP space just for asking
for it, it would have been consumed too quickly. So, organizations
must first get some space assigned to them from an upstream provider
and begin using it.
At some point the current usage and growth rate of the assigned space
will justify a direct allocation.

Then, you can renumber into your new space and be totally independent.

Cheers,
jof




--
Best Regards,



Kenneth McRae
*Sr. Network Engineer*
kenneth.mc...@dreamhost.com
Ph: 323-375-3814
www.dreamhost.com

Re: Squeezing IPs out of ARIN

[Justin M. Streiner]

On Wed, 25 Apr 2012, Kenneth McRae wrote:


I have never provided the names of end users..  How the address space would
be utilized?  Definitely..  But not the names of end users...


When I worked at an ISP, we provided the names of companies to whom we 
assigned address space, but not individual residential subs.


Running an rwhois server that was tied into our customer provisioning 
system made the process of requesting more space from ARIN pretty 
painless, all things considered, and saved the overhead of having to SWIP 
every assignment.


jms

Re: Squeezing IPs out of ARIN

[Chuck Anderson]

On Wed, Apr 25, 2012 at 08:28:35AM -0700, Owen DeLong wrote:
> 
> On Apr 25, 2012, at 3:23 AM, Joe Maimon wrote:
> 
> > 
> > 
> > ad...@thecpaneladmin.com wrote:
> >> Anyone have any tips for getting IPs from ARIN? For an end-user
> >> allocation they are requesting that we provide customer names for
> >> existing allocations, which is information that will take a while to
> >> obtain. They are insisting that this is standard process and something
> >> that everyone does when requesting IPs. Has anyone actually had to do this?
> >> 
> >> 
> > 
> > ARIN does not require you or your customers to use NAT.
> > 
> > If you have customers, you are an ISP and need an allocation.
> > 
> > SWIP everything you do.
> > 
> RWHOIS is a perfectly valid alternative to SWIP.

Can a downstream ISP SWIP records if their upstream ISP uses RWHOIS
for the block that is further delegated to that downstream ISP?

Re: Squeezing IPs out of ARIN

[Kenneth McRae]

I have never provided the names of end users..  How the address space would
be utilized?  Definitely..  But not the names of end users...

On Wed, Apr 25, 2012 at 8:34 AM, Owen DeLong  wrote:

> There is not a new policy added on to prevent hoarding. What is required
> is what
> has been required for several years. Utilization information and proper
> justification.
>
> If you are seeking an ISP allocation, then, reassignment (customer)
> information is
> in fact part of that utilization information.
>
> Owen
>
> On Apr 25, 2012, at 8:22 AM, Kenneth McRae wrote:
>
> > Negative..  I have never had to provide end user information.  I have
> been
> > required to provide utilization information.  I am sure this "policy" is
> > and add-on to make it more difficult to prevent hoarding..
> >
> > On Tue, Apr 24, 2012 at 10:47 AM, Jonathan Lassoff 
> wrote:
> >
> >> On Tue, Apr 24, 2012 at 10:32 AM,   wrote:
> >>> Anyone have any tips for getting IPs from ARIN? For an end-user
> >> allocation
> >>> they are requesting that we provide customer names for existing
> >> allocations,
> >>> which is information that will take a while to obtain. They are
> insisting
> >>> that this is standard process and something that everyone does when
> >>> requesting IPs.  Has anyone actually had to do this?
> >>
> >> Indeed. It's worked this way for a long time.
> >>
> >> When starting a new organization, there's a bit of a chicken and egg
> >> problem with IP space. If anyone could get IP space just for asking
> >> for it, it would have been consumed too quickly. So, organizations
> >> must first get some space assigned to them from an upstream provider
> >> and begin using it.
> >> At some point the current usage and growth rate of the assigned space
> >> will justify a direct allocation.
> >>
> >> Then, you can renumber into your new space and be totally independent.
> >>
> >> Cheers,
> >> jof
> >>
> >>
> >
> >
> > --
> > Best Regards,
> >
> >
> >
> > Kenneth McRae
> > *Sr. Network Engineer*
> > kenneth.mc...@dreamhost.com
> > Ph: 323-375-3814
> > www.dreamhost.com
>
>


-- 
Best Regards,



Kenneth McRae
*Sr. Network Engineer*
kenneth.mc...@dreamhost.com
Ph: 323-375-3814
www.dreamhost.com

Re: Squeezing IPs out of ARIN

[Owen DeLong]

There is not a new policy added on to prevent hoarding. What is required is what
has been required for several years. Utilization information and proper 
justification.

If you are seeking an ISP allocation, then, reassignment (customer) information 
is
in fact part of that utilization information.

Owen

On Apr 25, 2012, at 8:22 AM, Kenneth McRae wrote:

> Negative..  I have never had to provide end user information.  I have been
> required to provide utilization information.  I am sure this "policy" is
> and add-on to make it more difficult to prevent hoarding..
> 
> On Tue, Apr 24, 2012 at 10:47 AM, Jonathan Lassoff  wrote:
> 
>> On Tue, Apr 24, 2012 at 10:32 AM,   wrote:
>>> Anyone have any tips for getting IPs from ARIN? For an end-user
>> allocation
>>> they are requesting that we provide customer names for existing
>> allocations,
>>> which is information that will take a while to obtain. They are insisting
>>> that this is standard process and something that everyone does when
>>> requesting IPs.  Has anyone actually had to do this?
>> 
>> Indeed. It's worked this way for a long time.
>> 
>> When starting a new organization, there's a bit of a chicken and egg
>> problem with IP space. If anyone could get IP space just for asking
>> for it, it would have been consumed too quickly. So, organizations
>> must first get some space assigned to them from an upstream provider
>> and begin using it.
>> At some point the current usage and growth rate of the assigned space
>> will justify a direct allocation.
>> 
>> Then, you can renumber into your new space and be totally independent.
>> 
>> Cheers,
>> jof
>> 
>> 
> 
> 
> -- 
> Best Regards,
> 
> 
> 
> Kenneth McRae
> *Sr. Network Engineer*
> kenneth.mc...@dreamhost.com
> Ph: 323-375-3814
> www.dreamhost.com

Re: Squeezing IPs out of ARIN

[Owen DeLong]

On Apr 24, 2012, at 9:57 PM, Jack Bates wrote:

> On 4/24/2012 2:00 PM, Owen DeLong wrote:
>> I know that the ARIN process can, on occasion be tricky to navigate if you 
>> don't
>> understand the subtleties of how some of the terminology is defined and that 
>> people
>> often use terms which have very specific meanings to ARIN staff members to 
>> have
>> a much broader meaning in what they are intending to say. I know that often 
>> leads
>> to misunderstandings which make the process even more difficult.
> 
> Yeah. Let's not forget that if you have 120 management devices (wifi 
> backhaul/switches/waps) and a ton of customers with /32 assignments and you 
> are renumbering from provider assigned space you gathered over many years 
> into your own initial ARIN assignment, they want:
> 
> 1. equipment type and info for each management device
> 2. customer info for each /32 assignment
> 
> Tell me what ISP can legally and ethically give out their customer base 
> information? Don't get me wrong. I'm sure small guys don't think twice about 
> it, accumulating all the information and handing it over to ARIN thinking 
> they have no choice (the responses from ARIN leaves one with that impression; 
> you want the address space, you WILL give us this).
> 

There is nothing whatsoever wrong with providing the information to ARIN under 
NDA. ARIN provides a very good (IMHO) plain English mutual NDA for just this 
purpose.

What rational ethical ISP fails to include a provision for this process in 
their TOS?

> I sometimes wonder what happens to that information; if it sits around in an 
> archive somewhere in the vast digital repositories of ARIN awaiting someone 
> to steal it.

That's a very cynical view. I happen to know that ARIN takes the security of 
that data very seriously and I think they do a good job of protecting it. If 
you have any reason to believe otherwise, I invite you to offer some form of 
substantiation to support such a claim.

Owen

Re: Squeezing IPs out of ARIN

[Owen DeLong]

On Apr 25, 2012, at 3:23 AM, Joe Maimon wrote:

> 
> 
> ad...@thecpaneladmin.com wrote:
>> Anyone have any tips for getting IPs from ARIN? For an end-user
>> allocation they are requesting that we provide customer names for
>> existing allocations, which is information that will take a while to
>> obtain. They are insisting that this is standard process and something
>> that everyone does when requesting IPs. Has anyone actually had to do this?
>> 
>> 
> 
> ARIN does not require you or your customers to use NAT.
> 
> If you have customers, you are an ISP and need an allocation.
> 
> SWIP everything you do.
> 
RWHOIS is a perfectly valid alternative to SWIP.

Owen

Re: Squeezing IPs out of ARIN

[Kenneth McRae]

Negative..  I have never had to provide end user information.  I have been
required to provide utilization information.  I am sure this "policy" is
and add-on to make it more difficult to prevent hoarding..

On Tue, Apr 24, 2012 at 10:47 AM, Jonathan Lassoff  wrote:

> On Tue, Apr 24, 2012 at 10:32 AM,   wrote:
> > Anyone have any tips for getting IPs from ARIN? For an end-user
> allocation
> > they are requesting that we provide customer names for existing
> allocations,
> > which is information that will take a while to obtain. They are insisting
> > that this is standard process and something that everyone does when
> > requesting IPs.  Has anyone actually had to do this?
>
> Indeed. It's worked this way for a long time.
>
> When starting a new organization, there's a bit of a chicken and egg
> problem with IP space. If anyone could get IP space just for asking
> for it, it would have been consumed too quickly. So, organizations
> must first get some space assigned to them from an upstream provider
> and begin using it.
> At some point the current usage and growth rate of the assigned space
> will justify a direct allocation.
>
> Then, you can renumber into your new space and be totally independent.
>
> Cheers,
> jof
>
>


-- 
Best Regards,



Kenneth McRae
*Sr. Network Engineer*
kenneth.mc...@dreamhost.com
Ph: 323-375-3814
www.dreamhost.com

Re: Squeezing IPs out of ARIN

[Joe Maimon]

ad...@thecpaneladmin.com wrote:

Anyone have any tips for getting IPs from ARIN? For an end-user
allocation they are requesting that we provide customer names for
existing allocations, which is information that will take a while to
obtain. They are insisting that this is standard process and something
that everyone does when requesting IPs. Has anyone actually had to do this?




ARIN does not require you or your customers to use NAT.

If you have customers, you are an ISP and need an allocation.

SWIP everything you do.

Produce a common format form that must be completed before any addresses 
are assigned to anyone. On this your fortitude will be tested without end.


Justifiable, documented and responsible utilization is rewarded with 
additional resources (for the next 1-4 years), so give your customers 
what they can document their need for.



Joe

Re: Squeezing IPs out of ARIN

[David Miller]

On 4/25/2012 12:57 AM, Jack Bates wrote:
> On 4/24/2012 2:00 PM, Owen DeLong wrote:
>> I know that the ARIN process can, on occasion be tricky to navigate
>> if you don't
>> understand the subtleties of how some of the terminology is defined
>> and that people
>> often use terms which have very specific meanings to ARIN staff
>> members to have
>> a much broader meaning in what they are intending to say. I know that
>> often leads
>> to misunderstandings which make the process even more difficult.
>
> Yeah. Let's not forget that if you have 120 management devices (wifi
> backhaul/switches/waps) and a ton of customers with /32 assignments
> and you are renumbering from provider assigned space you gathered over
> many years into your own initial ARIN assignment, they want:
>
> 1. equipment type and info for each management device
> 2. customer info for each /32 assignment
>
> Tell me what ISP can legally and ethically give out their customer
> base information? Don't get me wrong. I'm sure small guys don't think
> twice about it, accumulating all the information and handing it over
> to ARIN thinking they have no choice (the responses from ARIN leaves
> one with that impression; you want the address space, you WILL give us
> this).
>
> I sometimes wonder what happens to that information; if it sits around
> in an archive somewhere in the vast digital repositories of ARIN
> awaiting someone to steal it.
>
> Jack
>

The ARIN Privacy Policy covers information submitted for address
justifications:
  https://www.arin.net/privacy.html

-DMM

Re: Squeezing IPs out of ARIN

[Jack Bates]

On 4/24/2012 2:00 PM, Owen DeLong wrote:

I know that the ARIN process can, on occasion be tricky to navigate if you don't
understand the subtleties of how some of the terminology is defined and that 
people
often use terms which have very specific meanings to ARIN staff members to have
a much broader meaning in what they are intending to say. I know that often 
leads
to misunderstandings which make the process even more difficult.


Yeah. Let's not forget that if you have 120 management devices (wifi 
backhaul/switches/waps) and a ton of customers with /32 assignments and 
you are renumbering from provider assigned space you gathered over many 
years into your own initial ARIN assignment, they want:


1. equipment type and info for each management device
2. customer info for each /32 assignment

Tell me what ISP can legally and ethically give out their customer base 
information? Don't get me wrong. I'm sure small guys don't think twice 
about it, accumulating all the information and handing it over to ARIN 
thinking they have no choice (the responses from ARIN leaves one with 
that impression; you want the address space, you WILL give us this).


I sometimes wonder what happens to that information; if it sits around 
in an archive somewhere in the vast digital repositories of ARIN 
awaiting someone to steal it.


Jack

Re: Squeezing IPs out of ARIN

[William Herrin]

On 4/24/12, ad...@thecpaneladmin.com  wrote:
> Anyone have any tips for getting IPs from ARIN? For an end-user
> allocation they are requesting that we provide customer names for
> existing allocations, which is information that will take a while to
> obtain. They are insisting that this is standard process and something
> that everyone does when requesting IPs.  Has anyone actually had to do
> this?

First, distinguish whether you're looking for an ISP allocation or an
end-user assignment.

If you're an end user then you're not allocating IP addresses to
customers. I know you think you are, but trust me: you're not. You're
assigning a block of addresses to 20 servers in the computer room and
a block of addresses to 50 PCs on the LAN, and so forth. Where you
claim servers connected to the Internet, expect to provide a list of
current IPs or URLs which you claim will be moved onto the new
addresses.

You don't plan to use NAT anywhere because real IP addresses are
better. Right? And if you have a customer at site B then you're doing
the same thing at site B: X servers here, Y desktops there. Not at
customer B, at _your site_ B.

Also, you're multihoming. You already requested and received an ASN
and you've provided a copy of bills from two different Internet
vendors both listing your business name and location. Because if
you're not multihoming then you have to have many many more computers.
So many computers, in fact, that you'd have to be crazy not to
multihome.


If you're an ISP, the rules are a little different. A few of your
addresses will be specified as above but most will be listed as
"assigned to Customer XYZ, address, name, phone number." Expect to
provide customer name, address, contact name, contact email and phone
number. If you don't wanna, you don't get to play at national registry
level. Go get IPs from your upstream.

For your largest customer assignments, expect to also present some
basic documentation of their use in the same form as above: 50 PCs on
the LAN, 20 servers in the computer room, etc. Because that's what the
customer gave you to justify receiving those addresses. Pursuant to
ARIN policy which as an ISP you follow. Right?

Regards,
Bill Herrin

-- 
William D. Herrin  her...@dirtside.com  b...@herrin.us
3005 Crane Dr. .. Web: 
Falls Church, VA 22042-3004

Re: Squeezing IPs out of ARIN

[Owen DeLong]

On Apr 24, 2012, at 11:38 AM, Jonathan Lassoff wrote:

> On Tue, Apr 24, 2012 at 11:14 AM, Owen DeLong  wrote:
>> That's not entirely true. What you say applies to one possible way for an
>> ISP to get an allocation. It does not apply at all to end-users.
> 
> Even for end-user allocations, they would still need to fulfill the
> requirements of 4.3.3 in the ARIN NRPM
> (https://www.arin.net/policy/nrpm.html#four33), no?
> 

Yes, but, that utilization can be documented need for X hosts to be numbered in 
an initial
deployment, it does not have to be X existing hosts numbered from some other 
set of
resources. It can also be made up of hosts numbered from RFC-1918 space which 
now
need globally unique addresses for whatever reason.

> I suppose for "immediate need" assignments, this can be short
> circuited, but from what I know those are pretty rare.
> 

Not all that rare, but, yes, relatively rare.

> Am I missing something?
> 

I'm not sure. I know that I have no trouble getting appropriate sized 
assignments for
my end-user clients with appropriate justification of their needs without them 
necessarily
having existing space from ARIN or any other entity.

I know that the ARIN process can, on occasion be tricky to navigate if you don't
understand the subtleties of how some of the terminology is defined and that 
people
often use terms which have very specific meanings to ARIN staff members to have
a much broader meaning in what they are intending to say. I know that often 
leads
to misunderstandings which make the process even more difficult.

Owen

Re: Squeezing IPs out of ARIN

[Stephen Sprunk]

On 24-Apr-12 12:32, ad...@thecpaneladmin.com wrote:
> Anyone have any tips for getting IPs from ARIN? For an end-user
> allocation they are requesting that we provide customer names for
> existing allocations, which is information that will take a while to
> obtain.

There are no "end-user allocations".  Allocations go to ISPs;
assignments go to end-users.

Which are you?  From the sound of it, you're an ISP requesting an
allocation, and ARIN is requesting documentation of the assignments
you've made to end users from your previous allocation(s) to verify you
really need more--as required by community policy.

If you're doing an even marginally competent job of managing your
previous allocation(s), this data should be readily available in /some/
form, and providing it to ARIN should require little more effort than
pinging your lawyers to verify the appropriate NDA is in place.

If you're /not/ doing a marginally competent job of managing your
previous allocation(s), you're not going to get more until you learn to
do a better job of it.  In my experience, going through that learning
experience will uncover a lot of unused space that will likely make your
current request moot (for now).  And that's a big part of the point.

> They are insisting that this is standard process and something that
> everyone does when requesting IPs.  Has anyone actually had to do this?

Everyone /should/ be required to provide documentation of justification
for all requests to any RIR.  If you're aware of anyone who /hasn't/,
let us know so we can beat up the RIR in question.

S

-- 
Stephen Sprunk "God does not play dice."  --Albert Einstein
CCIE #3723 "God is an inveterate gambler, and He throws the
K5SSSdice at every possible opportunity." --Stephen Hawking



smime.p7s
Description: S/MIME Cryptographic Signature

Re: Squeezing IPs out of ARIN

[Jonathan Lassoff]

On Tue, Apr 24, 2012 at 11:14 AM, Owen DeLong  wrote:
> That's not entirely true. What you say applies to one possible way for an
> ISP to get an allocation. It does not apply at all to end-users.

Even for end-user allocations, they would still need to fulfill the
requirements of 4.3.3 in the ARIN NRPM
(https://www.arin.net/policy/nrpm.html#four33), no?

I suppose for "immediate need" assignments, this can be short
circuited, but from what I know those are pretty rare.

Am I missing something?

Cheers,
jof

Re: Squeezing IPs out of ARIN

[Jon Lewis]

On Tue, 24 Apr 2012 ad...@thecpaneladmin.com wrote:

Anyone have any tips for getting IPs from ARIN? For an end-user allocation 
they are requesting that we provide customer names for existing allocations, 
which is information that will take a while to obtain. They are insisting 
that this is standard process and something that everyone does when 
requesting IPs.  Has anyone actually had to do this?


If you can't [easily] tell ARIN who's using your current IP space, then 
you're probably not doing a very good job of managing that space, which 
begs the question, do you really need more?


--
 Jon Lewis, MCP :)   |  I route
 Senior Network Engineer |  therefore you are
 Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_

Re: Squeezing IPs out of ARIN

[Owen DeLong]

On Apr 24, 2012, at 10:47 AM, Jonathan Lassoff wrote:

> On Tue, Apr 24, 2012 at 10:32 AM,   wrote:
>> Anyone have any tips for getting IPs from ARIN? For an end-user allocation
>> they are requesting that we provide customer names for existing allocations,
>> which is information that will take a while to obtain. They are insisting
>> that this is standard process and something that everyone does when
>> requesting IPs.  Has anyone actually had to do this?
> 
> Indeed. It's worked this way for a long time.
> 
> When starting a new organization, there's a bit of a chicken and egg
> problem with IP space. If anyone could get IP space just for asking
> for it, it would have been consumed too quickly. So, organizations
> must first get some space assigned to them from an upstream provider
> and begin using it.
> At some point the current usage and growth rate of the assigned space
> will justify a direct allocation.
> 
> Then, you can renumber into your new space and be totally independent.
> 
> Cheers,
> jof

That's not entirely true. What you say applies to one possible way for an
ISP to get an allocation. It does not apply at all to end-users.

Owen

Re: Squeezing IPs out of ARIN

[Justin M. Streiner]

On Tue, 24 Apr 2012, ad...@thecpaneladmin.com wrote:

Anyone have any tips for getting IPs from ARIN? For an end-user allocation 
they are requesting that we provide customer names for existing allocations, 
which is information that will take a while to obtain. They are insisting 
that this is standard process and something that everyone does when 
requesting IPs.  Has anyone actually had to do this?


Now that we're getting down to the bottom of the IPv4 barrel, the 
amount of documentation and justification needed to get v4 addresses from 
the RIRs has increased.  Expect any v4 requests to be scrutinized closely.
This is not news, and at this point, it should not come as a surprise to 
anyone.


IPv6 address blocks are pretty easy to get ;)

jms

Re: Squeezing IPs out of ARIN

[Jonathan Lassoff]

On Tue, Apr 24, 2012 at 10:32 AM,   wrote:
> Anyone have any tips for getting IPs from ARIN? For an end-user allocation
> they are requesting that we provide customer names for existing allocations,
> which is information that will take a while to obtain. They are insisting
> that this is standard process and something that everyone does when
> requesting IPs.  Has anyone actually had to do this?

Indeed. It's worked this way for a long time.

When starting a new organization, there's a bit of a chicken and egg
problem with IP space. If anyone could get IP space just for asking
for it, it would have been consumed too quickly. So, organizations
must first get some space assigned to them from an upstream provider
and begin using it.
At some point the current usage and growth rate of the assigned space
will justify a direct allocation.

Then, you can renumber into your new space and be totally independent.

Cheers,
jof

Squeezing IPs out of ARIN

[admin]

Anyone have any tips for getting IPs from ARIN? For an end-user 
allocation they are requesting that we provide customer names for 
existing allocations, which is information that will take a while to 
obtain. They are insisting that this is standard process and something 
that everyone does when requesting IPs.  Has anyone actually had to do 
this?