Tag Cloud:

IPv6 at the Dutch ccTLD registry SIDN

Where there’s a will, there’s a way. Senior Research Engineer at SIDN, Marco Davids, explains how Dutch ccTLD registry SIDN committed to IPv6 deployment.

Guest blog post by Marco Davids

.nl, the IPv6-enabled registry

SIDN is the registry for the Dutch country-code top-level domain. In terms of domain names per capita, we are one of the largest TLDs in the world. And even in absolute numbers, we are still among the five largest country-code TLDs. I guess that makes us kind of special. We may be a small country, but, as in so many countries, the Internet is immensely popular and has been for quite some time. In that regard, we are far from exceptional.

SIDN photoAt SIDN, we firmly believe in IPv6 as a long-term solution for the exponential growth of the Internet and the problems that arise from that. In fact, with IPv4 space running out, and prices on the secondary market rising, the need for a new addressing scheme on the internet is perhaps more acute than ever.

We are pleased to see that many organisations recognise the need for change and are acting accordingly. On the other hand, surprisingly, a considerable number of organisations haven’t even bothered to look into IPv6 at all. That is a concern. Large ISPs in the Netherlands (with a few exceptions) are moving, but they tend to take things slowly. This is one of the reasons why we are keen to promote awareness and adoption of IPv6. It goes without saying that we practise what we preach: IPv6 has been enabled on our own services for quite some time. More on that later.

The Dutch ‘comply-or-explain’ policy

The Dutch government is very much aware of the urgency of IPv6. In the Netherlands, the government maintains a so-called ‘comply-or-explain’ list, containing various Internet standards, including IPv6. Standards on the list should be used by government organisations and, for example, be part of the requirements in a procurement process. As I said, IPv6 has been on the list for quite some time, and an increasing number of government services are now reachable via IPv6. A broadly similar European list also exists, and naturally IPv6 is on that list as well.

Although we are not required to, because we are not a government agency, SIDN has decided to adhere to the comply-or-explain list. The authoritative name servers for the .nl domain have been fully IPv6-compliant for quite a number of years, but we felt we needed to go a few steps further and enable all of our services on IPv6. Naturally, we ran into a few issues. The vendor of our email appliances, for example, promised IPv6 support ‘soon’. But it turned out they needed ‘a little more time’. Quite frustrating, but also a lesson learned: be firm and serious with your vendor and make clear agreements beforehand about mutual expectations. There are still vendors out there, trying to make their customers believe that ‘no one really needs IPv6’ or claiming that IPv6 support ‘is in the next version of the firmware, scheduled for release any time soon’. My advice: show them the door.

Sometimes being pragmatic is the solution. We came to the conclusion that modifying the entire back-end infrastructure of our registry system for IPv6 was not feasible in the short term. As an interim solution, we are using load balancers to disclose our registry system via IPv6 on the Internet side, while it is still running on (RFC1918) IPv4 space internally. We also made our Whois service accessible via IPv6 in a similar fashion. So, where there’s a will, there’s often a way.

Internet.nl

The Dutch Internet Standards Platform is a private-public initiative by several organisations with the goal of promoting new standards, including IPv6. On a simple website, https://internet.nl/, anyone can easily check the quality of their connection, or a domain name for that matter, in relation to these new standards. The test is strict; some people say it’s too strict. But if you manage to achieve a 100% score, you can at least be sure that your setup is very future proof. So try it out.

Summarising, I would say that IPv6 is here and now. It’s a mature standard that is being deployed at a rapid pace. The amount of IPv6 traffic is increasing by 100% a year.  And in the interest of an ever expanding internet, everyone should join in.

 

Marco DavidsMarco Davids is a Senior Technical Policy Advisor and Senior Research Engineer at SIDN, the ccTLD for the Netherlands (.nl). He has been with SIDN since 2007 and a member of the SIDN Labs R&D-team. In this capacity he is involved in various projects, primarily with a focus on the DNS. Marco is also an active participant in the RIPE and IETF communities and has contributed to several RFCs and draft documents.

 

 

 

Waiting List for Unmet IPv4 Requests

By Richard Jimmerson, Chief Information Officer, ARIN

As described in an announcement on 1 July 2015, ARIN has activated the Unmet Requests Policy. Organizations are currently electing to accept block sizes smaller than those for which they qualified or are electing to be placed on the Waiting List for Unmet Requests. So far, 21 organizations have elected to be placed on the waiting list and ARIN expects there to be over 100 soon.

ARIN Waiting List Activated No Reason to Wait for IPv6

At the time of this post, ARIN holds only /24 blocks in the ARIN IPv4 free pool inventory. We expect the ARIN IPv4 free pool inventory to deplete in full sometime around the late August timeframe. Options for obtaining IPv4 address space other than through the ARIN IPv4 free pool, including transfers, are described on our IPv4 inventory page.

Starting in late August, we will publish the Waiting List for Unmet Requests on the ARIN public website. The information will be displayed on a dedicated page for the waiting list and will include the full waiting list order based on date/timestamp placement, qualified block sizes, and minimum acceptable block sizes. We will also include summary totals for all information displayed. ARIN is unable to publicly disclose the names of the organizations on the waiting list, so that information will not be included.

I want to note that the community will continue to see IPv4 blocks larger than what remains in the inventory issued from ARIN over the next 60 days. The reason for this is that when an organization is approved for IPv4 address space, they are granted an approval that is valid for 60 days. At the time of approval, the approved block size is placed on a 60-day temporary hold for the organization. Inside this 60-day period, the organization pays any applicable registration fees due and signs a Registration Services Agreement (RSA), if an updated one is not already on file. After this has all been done, the organization is issued the block that was held for them.

If you see a block being issued by ARIN that is larger than what remains in the IPv4 inventory, it is for approvals that were granted up to two months ago.

 

 

Get your apps ready for IPv6

By Andy Newton, Chief Engineer, ARIN

With IPv4 depletion at critical levels, the pressure to transition to IPv6 has never been higher. For years, network engineers and planners have been upgrading routers and configuring networks to prepare for the new protocol, but many remain unsure whether or not their custom-built applications and commercial-off-the-shelf software packages are IPv6-ready. Applications are a crucial component of any organization’s network health, but can still be overlooked when preparing a large network for IPv6 adoption. With that in mind, ARIN proudly presents “Preparing Applications for IPv6,” a software developers guide to writing and migrating networked applications for use on IPv6 networks. This guide focuses on software application needs when making the migration to IPv6, and covers some common assumptions made when developing software for an IPv4-only Internet.

Preparing Apps for IPv6

 

Custom application developers will find this guide useful as a checklist of areas to investigate in your software’s code. You know your codebase better than anybody else, so we encourage you to take a look at each section of this guide and determine if it applies to your software. If your software acts as a Representational State Transfer (REST) client, you should be aware of the issues involved with placing IPv6 addresses in URLs. If your software takes IP address information from user, you will need to look at input validation and forms. This guide should spare you hours of exploratory testing, allowing you to fix the code you know will break before entering into an expensive QA cycle.

If you are the user of custom or off-the-shelf software, you can use this guide as a roadmap covering potential issues that software may encounter with an IPv6 deployment. For example, if your software stores IP addresses in a database, you may wish to ask your software vendor if the database is capable of storing IPv6 addresses as well as IPv4 addresses. You may also wish to forward this guide to your software vendor for their use in determining if the software they have created is suitable for the coming IPv6 world.

The overwhelming majority of the books available on IPv6 migration are aimed at helping network engineers migrate their network infrastructure to IPv6. With the lack of IPv6 transition information for software developers, we feel a guide with a software focus was long overdue. This guide is geared specifically toward software architects, software developers, software engineers, and computer programmers. We hope it will help you gain a more thorough understanding of the changes needed for your software to make a smooth transition to IPv6, and arm you with the knowledge you need to confront software vendors about their preparedness for IPv6.

If you have any questions after reading this guide, just contact us at info@arin.net.

 

On the Horizon: Unmet Requests Policy Activation

By Richard Jimmerson, Chief Information Officer, ARIN

On the Horizon

We expect to take registration actions this week that will activate ARIN’s policy for unmet requests. For the first time, it is expected an organization will receive a block size smaller than they qualified for, and/or an organization will be placed on the waiting list for unmet requests.

When an organization qualifies for a block size that no longer remains in the ARIN IPv4 inventory, they are given the option to either accept a smaller block that is available to fully satisfy their request, or to be placed on the waiting list for unmet requests. As we do with all IPv4 tickets, we take action on customer responses in the date/time stamp order that they were received. We are able to look ahead in our IPv4 response queue and see that we will take the registration actions described above during this business week.

Once we take the registration action of issuing a smaller block than what was qualified for, or place an organization on the waiting list for unmet requests, we will issue an announcement to the community and a press release.

At the time of this post, there is less than 1% of a /8 equivalent remaining in the ARIN IPv4 free pool. The only prefix sizes remaining are /23s and /24s.

 

Registry Data Access Protocol (RDAP): A Common Whois System

By Andy Newton, Chief Engineer, ARIN

For decades the only common method for accessing data in all the Regional Internet Registries (RIRs) has been Whois. Unfortunately, as a protocol, Whois does not specify any queries or responses making true interoperability between RIRs very difficult. This situation is even worse for domain registries.

1.1.1.1-NicInfo

In March, the Internet Engineering Task Force (IETF) published a set of Requests for Comment (RFCs) for a protocol intended to be a replacement for the Whois systems of RIRs and Domain Name Registries (DNRs). This protocol is called the Registry Data Access Protocol (RDAP), and it is based on the common approach of delivering results in JavaScript Object Notation (JSON) format over HTTP (also know as a Representational State Transfer, or RESTful web service). Both LACNIC and APNIC have already fielded servers speaking this new protocol. On 20 June 2015, ARIN officially deployed its RDAP services. The other RIRs and many DNRs are expected to do so very soon as well.

ARIN’s RDAP services are composed of an RDAP version of its WHOIS system, essentially returning ARIN registration data in RDAP format, and an RDAP bootstrap service.

In RDAP, the method to find the proper server for which to send queries is called bootstrapping. It is a set of processes that involve downloading JSON files from IANA and indexing them appropriately. For some types of clients, such as Javascript programs running in web browsers or simple Bash scripts using curl or wget, bootstrapping can be onerous. But ARIN’s bootstrapping service makes this trivial. Clients that do not wish to conduct bootstrapping simply send their RDAP queries to the bootstrap service, and an HTTP(S) redirect will be returned instructing the client where next to send the query.

ARIN’s bootstrap service is located at https://rdap.arin.net/bootstrap. A query for IP address 1.0.0.0 would look like this: https://rdap.arin.net/bootstrap/ip/1.0.0.0. That query results in a redirect to APNIC, whereas http://rdap.arin.net/bootstrap/ip/23.0.0.0 results in a redirect to ARIN’s RDAP registry service (located at https://rdap.arin.net/registry). Incidentally, the code for ARIN’s RDAP bootstrap service is open source and available on GitHub.

ARIN has also made available an RDAP command-line client called NicInfo. This is an open source, Ruby program, and most recent versions of Linux and Mac OS can be simply installed with ‘gem install nicinfo’. More information on NicInfo can be found on its GitHub pages.

 

 

A Closer Look at The Internet of Things

Nick Rojas explores the Internet of Things and how some will appreciate the fundamental changes to the Internet that will allow it to come to fruition, while others will simply take it for granted.

Guest blog post by Nick Rojas

The so-called “Internet of Things” (IoT), is not just about the seemingly endless benefits of connecting everything to the internet, or as some say, making things “smart”. It’s also about infrastructure, intellectual property, education, and increasingly growing business interests. It’s how devices are tied to the cloud for commerce, research, and an endless array of applications.

While considering the benefits of having smart refrigerators and other fun gadgets, many forget the significant potential applications that the Internet of Things could change, such as water conservation due to “smart” sensors, reducing city traffic congestion, and a radical change in health care practices.

IoT

The Main Challenge: Infrastructure

Smartphones alone command a staggering share of smart devices in use today, with more than 143 million of them in use. When phones, refrigerators, bathroom scales, football stadiums, and even entire cities collectively need to connect to the Internet, we may find that we simply don’t have the infrastructure to support this yet. When IP protocols were first designed, futurists couldn’t have envisioned all the devices that would one day connect to the Internet. The concept of connecting virtually everything to the Internet goes well beyond the original framework.

Every device connected to the Internet must be given a unique identifier to function properly, so IP address exhaustion is certainly a thing that could hinder the ability to provide for the “Internet of Everything”. This is where we can enjoy a bit of good news.

IPv4 provided approximately 4.3 billion addresses, and has lasted for about 25 years. IPv6 has been available since 1999 and vastly expands the number of addresses to about 340 trillion, trillion, trillion addresses. Simply put, we’re good to go, for a very long time.

As progress is made, some of us will appreciate the fundamental change to the Internet while others will simply take it for granted.

“There will be so many IP addresses … so many devices, sensors, things that you are wearing, things that you are interacting with that you won’t even sense it. It will be part of your presence all the time.”  – Eric Schmidt, Google’s chairman and former CEO

With Increased Connectivity comes Improved Analysis

In addition to infrastructure and the increasing number of devices, the Internet of Things will prompt the continued development of analytics. Advanced statistics and predictive algorithms will play an ever larger role in decision making.   As an example, smart devices can be used by medical researchers to track the relationship between medicines consumed and heart rate.

As the volume of people using such devices increases, and the amount of data reaches statistical significance, analyzing the data can help researchers glean valuable information about the impact of certain foods on heart rate.

According to M.V. Greene, “”The “Internet of Things,” where objects in the physical world are connected to electronic virtual networks, is poised to turn retail on its head. Not since the introduction of online shopping – and before that credit and debit cards for purchasing – has something in retail had the potential to be so transformative.”

As the applications of these smart devices are dreamed of and manufactured, the opportunities for scientists and researchers are endless. Dreaming up ways of connecting human activities with data can lead to major advances in how we lead our lives. With the recent launch of Apple’s Smart Watch, which signifies the first massive step into mass adoption of wearable technology, the potential of the Internet of Things has just begun.

 

Nick RojasNick Rojas is a business consultant and writer who lives in Los Angeles. He has consulted small and medium-sized enterprises for over twenty years. He has contributed articles to Visual.ly, Entrepreneur, and TechCrunch. You can follow him on Twitter @NickARojas, or you can reach him at NickAndrewRojas@gmail.com.

 

 

 

 

 

 

Breaking down ARIN’s remaining IPv4 Pool

By Richard Jimmerson, Chief Information Officer, ARIN

At the time of this post, there is only .15 of a /8 remaining in the ARIN IPv4 free pool. The largest prefix that remains available is a /11. Within days, that /11 will either be issued to a qualifying organization, or broken down to make smaller prefixes available for organizations who have qualified for a block size that falls between a /11 and the next available block size in inventory. Given the limited amount of address space remaining in the ARIN IPv4 inventory, a common question has been about the concept of “breaking blocks”, so let me explain why and how it works.

IPv4 Review Team
 

When an organization qualifies for a block size that is not available in the ARIN IPv4 inventory, but there is a larger block size available, we split the closest available larger block to create the newly qualified/approved block size for that organization. For instance, if an organization qualifies for a /14, but it is not available in the inventory, ARIN will split the next available, larger block to create the block that is needed to fulfill that request. In this case, for example, the next larger block is a /11, which would be split to fulfill that approved /14 request. The blocks remaining after that split, a /12, /13, and a /14, would remain in the ARIN IPv4 free pool inventory and be displayed accordingly.

We have hundreds of open IPv4 requests at ARIN today. We are very carefully reviewing and responding to tickets in the order they were received and in accordance with Phase 4 of our IPv4 Countdown Plan. We are aware that this has created delays in our response times, as the request volume and customer questions we are receiving have significantly increased our workload. Rest assured that we are working diligently, and that our number one priority is ensuring Phase 4 procedures are followed during this unique time in the IPv4 history.

The number of days remaining before depletion are dwindling. It is very likely that we are already processing a request that we will be unable to fulfill. We will manage the distribution of the remaining IPv4 in accordance with policy and by following the procedures we outlined in 2011 as part of the IPv4 Countdown Plan.

As a community, we have been preparing for this milestone for years, and now that it is here the Registration Services team is fully committed to making sure that we exercise full diligence with each IPv4 request. As anticipated, this has slowed our request processing pace, and we appreciate the patience of all our customers at this time.

 

 

Turning Bits into Bites

I can has IPv6? Mathew Newton knows how to make IPv6 fun – by involving cats of course. Here’s how he connected a DIY device to the Internet of Things to solve a problem and make his feline friends extra happy on World IPv6 Day.

Guest blog post by Mathew Newton

If we are to believe the figures being banded around, the Internet looks set to be dominated by the number of devices connecting under the ‘Internet of Things’ banner at some point over the coming years. If there’s any domination of the Internet before then it is arguably by cats – cat photos, cat videos, pretty much cat anything. I actually think there’s room for both though in the form of Internet-enabled cat feeders

Back in 2009 I was looking for a solution to ensure our two cats didn’t go hungry if my wife and I had to work late or go out for the evening straight from work. I couldn’t help but feel that I already had half the solution by virtue of my home-grown security solution based around the use of IP cameras. We could see the cats via the Internet wherever we were, so why not feed them this way on an occasional basis also? Cutting a long story short (the full details of which can be found on my website with the obligatory cat video on YouTube) I built the first version (the ‘Mark 1’) of my cat feeder:

Cat Feeder

Aesthetics didn’t feature on the requirements list (well, not mine anyway – it turns out they did on my wife’s!) but function and reliability definitely did. It seemed to tick both of these boxes completely with little room for improvement.

That’s not to say my work was done however – I had to do something about the Cisco Catalyst switch (I know, pun intended; it was clearly meant to be!) which I’d used to interface the feeder to the network through some hacked-together RJ45 loopback adapters and piggybacking on the port status LED driver ICs. Not only was the switch noisy but also bulky and had to be tethered to a nearby network port. After rummaging through piles of kits that ‘may come in handy one day’ I found a Cisco-Linksys WRT54GL broadband router and used it to make the improved ‘Mark 2’ version:

Cat Feeder 2

Cat Feeder Schematic

Not only was the feeder now a self-contained device, but it was also wireless (well, apart from the main power) and, by reflashing the firmware, could also support IPv6! The immediate benefit of this was, of course, being able to assign an appropriate ‘vanity’ address involving ::f00d and ::feed and no doubt others! Once that novelty wore off, the other benefits became obvious – there was no messing about with port forwarding and dynamic DNS update scripts. It just worked. Out of the box. This could of course be a double-edged sword where network security relies solely on the stateful property of a NAT and so my first IoT lesson to learn was making sure that my firewall was configured to protect the feeder accordingly.

The second lesson was also security-themed, and I’ve only got myself to blame for this one. On World IPv6 Day in June 2011, I decided to open up the feeder for 24 hours for anyone to access. For those connecting over IPv4 they could only view the feeder-mounted webcams, but for those with IPv6 they could also take control of the feeder and feed the cats. You can probably imagine how it went – food pretty much everywhere and two very full cats! The real problem, however, was that some users had spotted that I was passing control parameters through the URL to a PHP script (e.g. /catfeedercontrol.php?action=feed&time=5) and so were trying to abuse this by manipulating the feed durations, fishing for other commands and goodness knows what else. I quickly added some sanity checking to the scripts to mitigate this (I didn’t do this previously because access was usually password controlled). A key point to note here is that this attack vector was not directly related to the use of IPv6 as such – the vulnerability was at the application layer after all – however the ease with which IPv6 allows devices to be reachable from the Internet highlights the importance of ensuring that security is properly considered at all layers of the stack.

Even with sanity checking I would have benefited from being able to rate limit access but didn’t have time to work out how to do this. Instead, I opted to filter the source address of repeat offenders using the firewall and this became my third security lesson. The IPv6 double-edge sword was back – the offender was either hopping between addresses (whether that be manually or using short-term privacy addresses) or an entire organisation was seemingly in on the act because the addresses were all over the place within a very large prefix! I assumed the former but given the futility of playing cat and mouse with the offender (pun not intended!) I gave up blocking individual addresses and filtered the entire prefix instead. In a ‘real world’ application this could of course have significant unintended consequences, and so it did make me realise that our approach to filter-by-address strategies in IPv4 might need further thought when it comes to IPv6.

All in all, the cat feeder has been a great success and has never let us down in the six years we’ve been using it (I should point out that we only use it on occasion and not as a substitute for in-person contact with our pets!). Indeed, the cats seem to love it although it has to be said they’d love anything that feeds them! I suspect though that they might be particularly keen on the IPv6 aspect as normally they are fed twice a day but on World IPv6 Day they were fed a total of 168 meals. So from their perspective, this answers the question as to how much better IPv6 is than IPv4… 84 times of course!

 

Mathew NewtonMathew has nearly 20 years of network-related experience with a particular focus on all aspects relating to the design and deployment of IP (v4 and v6) and DNS.

His interest in computing, electronics and ‘how things work’ arguably stems from a childhood of taking things apart. He is now at the level where hardly any screws are left over when putting them back together again.

 

 

 

 

3 Reasons Not to Delay your IPv6 Deployment

By John Curran, President and CEO, ARIN

Lately there has been some remarkably bad advice circulating that suggests companies would be better off delaying their IPv6 deployment ­– effectively deferring their IPv6 efforts until there’s no other option. Deferring the roll out of IPv6 while the Internet is moving ahead with IPv6 is a flawed strategy with serious impacts to your business. Let’s take a look at three reasons why companies should make their IPv6 websites reachable now versus waiting until later.

Don't Delay

1. The public Internet is moving to IPv6 whether you’re ready for it or not

First, it’s important to remember that it is the public Internet that now is migrating to IPv6, so for most organizations it is not your whole enterprise that is impacted at this point. Unless you’re an Internet service provider, the migration to IPv6 only impacts the public-facing servers (e.g. web servers) that you use to communicate with your customers and business partners. No one is saying that the printer in the copy room needs to find IPv6, or that every desktop needs it – it is the public Internet is moving to IPv6, and this means whether you like it or not, your public servers are going to be reached increasingly via the IPv6 protocol.  This ongoing migration of the public Internet to IPv6 is easy to confirm – just look at deployment of mobile devices in the US, where nearly every leading carrier is using IPv6 to expand their networks. Google indicates that more than 15% of search queries in the US are now coming over IPv6, and this is increasing each week.

 

2. The costs of moving to IPv6 aren’t as high as you think

The costs of IPv6-enabling your public facing servers are actually are quite modest, and consist primarily of confirming that your external connectivity/ISP has enabled IPv6, and then configuring your existing firewalls, load balancing, and web servers with the additional IPv6 addresses. For many who have third-party hosting of their website, it’s quite possible that the much of work has already been done. The return on investment is quite real, since an increasing number of mobile users have IPv6-based connectivity and see faster performance from IPv6-enabled websites than IPv4-only websites (which must be accessed via dynamic translation.)

 

3. The longer you wait, the longer your competitors are gaining valuable experience working with IPv6 that you aren’t

Finally, when deciding whether putting off your IPv6 efforts make sense, it’s probably best to think about what happens at the end of that process. By deferring your experience with IPv6, you’re effectively putting your enterprise behind the technology curve compared to the marketplace and your competitors. At some point you will need to expend more resources at a faster rate to build the skills and competency needed to catch up. This is poor situation to put your technology team in, and may even surprise your financial folks with the sudden need to invest in new, more capable technology that your competition has been using for years. But there might be some good news – dealing with these consequences of delaying your IPv6 efforts is more likely going to be your successor’s problem, once the deferment and resulting impacts to the company become evident.

 

For more information on IPv6, go to Get6.

 

IPv4 Request Pipeline

By Richard Jimmerson, Chief Information Officer, ARIN

IPv4 pipeline

Today we have .20 of a /8 remaining in the ARIN IPv4 free pool. At the same time, we have over 200 open tickets from organizations requesting IPv4 address space from that free pool. These requests are for sizes ranging from a /23 to larger than a /16. This does not count the many open tickets we have for /24s.

IPv4 inventory 5.7.2015It is possible in the coming weeks we will have enough IPv4 address space requests in the pipeline to account for all the remaining IPv4 address space in the ARIN IPv4 free pool. Because of this, the first organization to elect to be placed on the waiting list for unmet resources may already have an open request for IPv4 address space today.

We are working hard to reduce the response times for IPv4 requests, but are at the same time being very precise about the order in which we review and respond to tickets. Strict adherence to our Phase 4 countdown procedures is more important than ever as we near the end of our IPv4 free pool. It is imperative that we review and respond to all tickets in the order they were received according to their timestamp.

When the first organization elects to be placed on the Waiting List for Unmet Requests, we will let you know. We will send an announcement out via our arin-announce mailing list, update you with another blog in this series, share it on social media, and issue a press release to notify the media about this milestone. We can’t predict exactly when this will happen, but we expect it to be soon. This will be a signal that full depletion of the ARIN IPv4 free pool is imminent.

Of course, organizations have options to obtain IPv4 address space through the transfer process and to request IPv6 address space from ARIN. We will share more information about the status of the ARIN IPv4 inventory in the coming weeks.

 

Webpass Deploys IPv6 For ARIN 35 Event

The IPv4-IPv6 dual stack network at ARIN 35 last week went off without a hitch. Webpass VP of Technology, Blake Drager, explains what it took to get it up and running. 

Guest blog post by Blake Drager

ARIN partnered with Webpass, an industry leading Internet Service Provider (ISP), to provide the network for the ARIN 35 event held in San Francisco from April 12-15, 2015.

We met with ARIN to determine what type of connectivity was needed:

  • BGP
  • Webpass allocated IPv4 / IPv6
  • ARIN netblocks statically routed to Webpass WAN

Since ARIN has a specifically reserved IPv4 /20 and IPv6 /48 for ARIN and NANOG meeting events, statically routing ARIN’s netblocks within the Webpass network was the best solution.

webpass_microwave_link

Webpass’ network is 100% dual-stacked and running on a Brocade CER and MLXe platform so setting up the IP circuit was as simple as:

  1. Adding an IPv4 /30 and an IPv6 /64 for connectivity between networks
  2. Statically routing ARIN’s netblocks with the next-hop being the Webpass WAN IPs
  3. Redistributing the static routes into our OSPF and OSPFv3 tables

After setting up the IP circuit, ARIN’s netblocks were routing within the Webpass network, but we wanted to redistribute these blocks to our eBGP peers so we had to do the following:

  1. Create prefix lists for the ARIN blocks
  2. Add those prefix lists as an applicable route-map statement attached to eBGP neighbors
  3. Verify that the routes were being advertised to Webpass’ eBGP peers
  4. Contact eBGP NOCs, send them the ARIN LOA for  Webpass to advertise ARIN’s netblocks and request that they update their prefix lists accordingly. This took a few emails and a little coercion with some networks, but after a while, ARIN was able to verify their routes were visible in public BGP looking glasses and route servers.

Once all of the above steps had been successfully executed, and the microwave link was installed at the JW Marriott, ARIN was able to verify public connectivity for both IPv4 and IPv6. All things considered, the process was very simple. IPv6 setup required no additional configuration when compared to the IPv4 setup. This is contrary to popular narrative that IPv6 is overly complicated and makes IP provisioning more difficult. Nothing can be further from the truth. Once your network is 100% dual-stacked and your staff is appropriately trained, IPv6 provisioning gets easier.

In fact, if ARIN’s meeting requirements were for IPv6 only, the configuration would have been as simple as Webpass providing ARIN with a /56 or a /48 via DHCPv6 Prefix Delegation. DHCPv6 would automatically assign them a /48 with a next hop of their local “fe80″ IPv6 address. The Brocade router would see this delegation occur (via DHCPv6 relay) and automatically insert that route into the routing table as a “delegated static” entry. This is the common Webpass customer IPv6 connectivity configuration.

 

 

Blake Drager Blake joined Webpass in 2006 and serves as the Vice President of Technology, leading the Webpass software development and network teams.  Blake started his career at Webpass building systems used to deploy Webpass’ Internet and providing technical support to residential customers. Webpass needed a scalable network that could interface with customers and employees and Blake rose to the challenge of building it. Today, Blake continues to drive software development that enables Webpass to run efficient operations.

 

 

 

 

ARIN 35 Members Meeting Daily Recap

By Jennifer Bly, Public Relations and Social Media Coordinator, ARIN

On the final day of ARIN 35 in San Francisco we wrapped up with a Members Meeting that was open to the entire ARIN community – onsite and online.  Throughout the morning we heard an update on ARIN fees and services and took questions and comments from attendees.

ARIN 35 Meeting 15 April 2015

We received departmental reports from Communications and Member Services, Engineering, Financial Services, Human Resources and Administration, and Registration Services.  Of note, some interesting points shared with the community included:

  • We’re growing our outreach program with more ARIN on the Roads events
  • New Get6 campaign can just launched on TeamARIN
  • There are upcoming changes to the election process and voter eligibility
  • 96,512 ARIN Online accounts have been activated since inception through Q1 of 2015
  • Total Whois traffic reached 12% over IPv6

  • The Operational Test & Evaluation environment is a place to test code and process – about 161 networks have access to today
  •  ARIN has an open source software repository, and you’re invited to make your tools available here too
  • Currently, ARIN has 68 employees and a 95% retention rate
  • ARIN’s IPv4 depletion planning includes maintaining our 2-day service level agreement turn around time
  • We stand ready for the first request that goes on the IPv4 waiting list
  • ARIN expects the IPv4 waiting list will be activated in the coming weeks
  • 65 transfers were approved (all types combined) in March 2015 – that’s more than any other month in ARIN history!

Rounding out the day, we got reports on ARIN finances, the Advisory Council, and Board of Trustees. Concluding the meeting was one more chance for people to bring up topics with a closing open microphone session, during which several attendees expressed their thanks for the meeting and shared their intent to participate again in the future.

In case you want to reference the slides from today’s meeting, all of them are already posted on the ARIN website; and in the coming days, full transcripts, notes, and webcasts from every day of the meeting will also be made available.  Thanks to each of you who participated in ARIN 35 for contributing your insights and expertise.

Mark your calendars for 1-3 June 2015 for ARIN’s Public Policy Consultation in San Francisco, California and 8-9 October 2015 for ARIN 36 in Montréal, Québec.

 

 

Daily Recap 2: ARIN 35 Public Policy Meeting

ARIN 35 Daily RecapBy Jennifer Bly, Public Relations and Social Media Coordinator, ARIN

Thanks for joining us for our second daily recap about what happened today at ARIN 35.

Kicking off the morning, we heard updates from the Number Resource Organization (NRO) comprising the five Regional Internet Registries (RIRs).  We also viewed many worldwide Internet number resources statistics on ASN, IPv4, and IPv6 allocations and assignments. Later in the day we heard global reports from our colleagues around the world at the IANA, AFRINIC, APNIC, LACNIC, and the RIPE NCC.

In a special Transfer Experience Panel, we heard lessons learned and observations from both brokers and organizations involved in the IPv4 transfer market.  An interesting conversation ensued as attendees asked questions of panelists about IPv4 transfers.

Today the three policies discussed included:

ARIN 35 Hands Raised

In the afternoon we learned about the status of Registration Data Access Protocol (RDAP) which is a new set of IETF specifications to replace the Whois protocol used by the Regional Internet Registries (RIRs) and Domain Name Registries (DNRs).  We finished the day with an open microphone session that covered a range of topics from Internet number transfers to the IANA stewardship transition.

All of today’s discussions will be posted online in in the upcoming weeks, including webcasts, complete transcripts, and abbreviated notes.  In the meanwhile you can download all of the slides decks presented at the meeting already up on the ARIN website.

Lots of ARIN 35 attendees show their support for Get6. See ARIN’s album on Facebook!

 

Remember, you can participate in the final day of ARIN 35 starting at 9:00 AM PDT tomorrow morning whether you’re onsite with us here in San Francisco or at your home/office/local coffee shop through remote participation.

ARIN 35 Public Policy Meeting Daily Recap: Day 1

By Jennifer Bly, Public Relations and Social Media Coordinator, ARIN

ARIN 35 Daily Recap

ARIN’s Public Policy Meeting took place in the Golden Gate City today, bringing together Internet community members from across the region and around the globe to talk about the policies that determine how Internet number resources are distributed.

To start the day off, we heard from the Advisory Council Chair about on-docket proposals.  Then we took a look at regional policies that are being discussed in the four other Regional Internet Registries (RIRs).  We received a report on ARIN’s policy implementation and experiences that identified areas where new or modified policy may be needed based on operational experience and customer feedback.  An IPv6 IAB/IETF Activities Report took a look at what is going on at Internet Engineering Task Force (IETF) meetings.

In the late morning, we heard from a Consolidated RIR IANA Stewardship Proposal (CRISP) Team Panel that reviewed the proposal submitted to the IANA Stewardship Coordination Group (ICG).  The panelists talked about the current status, the next steps, and they also took many questions from attendees.

ARIN 35

The policies we discussed today included:

We wrapped up the day with an ARIN software development update.  Yesterday during ARIN 35, we had two great tutorials.  First, those who attended learned all about Resource Public Key Infrastructure (RPKI) in How to Certify Your ARIN Resources with RPKI.  The hands-on session walked through how to sign up for Hosted RPKI (in a test environment) and how to issue a Route Origin Authorization (ROA).  Second, during a tutorial on Life After IPv4 Depletion, we found out about the various options for obtaining IP address space as we near full IPv4 address depletion.  There was also an orientation for first time meeting attendees.

We enjoyed chatting with you on Twitter throughout the meeting.  Here are some of our favorites using the #ARIN35 hashtag so far.  Keep up the sharing!

If you want to refer to anything you saw or heard at the meeting so far, today’s slides are already up on our website, and the full webcast archives will be added at a later date.

Remember, you don’t have to be with us in San Francisco to participate in the meeting.  There are still two more days of ARIN 35 left, and remote participants can watch the webcasts, follow the live transcript, vote in polls, and submit questions and comments via a Jabber chat room.  Please register to take full advantage of our remote participation options. Tomorrow we’ll be back in session at 9:00 AM PDT and at the end of the day, we’ll be posting another daily recap right here on TeamARIN.

 

 

Get To Know the ARIN 35 Fellows

By the ARIN 35 Fellows

Only a few days are left until ARIN 35 takes to San Francisco. We’re getting excited and hope you are too! Coming to their first ARIN Public Policy and Members meeting are five fellows who are eager to learn more and dive into policy discussions at ARIN 35.

ARIN 35 Fellows
 

Get to know these ARIN 35 fellowship recipients so you can be sure to say hi and strike up a conversation with these outstanding individuals:

Andre Graham

Programme Coordinator, University College of the Caribbean – Jamaica

What is the #1 fun thing you hope to do while in San Francisco?

Riding the tram and visiting Fisherman’s Wharf.

Describe how you would modify a snail so it would go faster. 

Modify its shell and add wheels to it.

What interests you about ARIN?

With the advent of new and emerging technologies and the need for each device to have an IP address it is imperative to know how the change from IPv4 to IPv6 will impact these devices and communication in general on the various networking platforms. It is interesting to know that ARIN is actively seeking to educate and sensitize the region on how to make the switch from IPv4 to IPv6 and I would love to get the opportunity to be a part of this growing community. Additionally, I am also interested in the area of Internet Governance and the policies being put in place to manage this vast network and its implications for developing Caribbean nations.

How do you think your ARIN Meeting experience will benefit you or your organization when you return home?

In my capacity as a Programme Coordinator for the IT programmes at the University College of the Caribbean I will use my meeting experience and the knowledge gained at the meeting to disseminate the information to the stakeholders that I interface with.

If you could have one super power what would it be and why?

A combination of the powers of Batman, Superman, Spiderman and Hulk with the ability to heal myself.  This would help me to be able to assist persons in danger and to give the aggressors a beat down when necessary.

 

Stephen Ives

Sr. Network Engineer, Matanuska Telephone Assn. – Alaska, USA

What is the #1 fun thing you hope to do while in San Francisco?

Going to a Giants baseball game.

Describe how you would modify a snail so it would go faster.


I would attach lubricating system on the head and miniature water jets on the side so that it could slide faster.

What interests you about ARIN?

I’m interested in the decision making process for IP address allocation.

How do you think your ARIN Meeting experience will benefit you or your organization when you return home?

Allow us to better serve our customers with their IP addressing needs.

If you could have one super power what would it be and why?

My super power would be teleportation, because it would be the most comfortable and fastest way to travel.

 

Andrew Trudgeon

Manager, Scandia ISP Internet Inc. – Ontario, Canada

What is the #1 fun thing you hope to do while in San Francisco?

See the golden gate bridge and the full house tv show house haha.

Describe how you would modify a snail so it would go faster.

Rocket boosters, must have rocket booster.

What interests you about ARIN?

We are a small ISP and as such are always looking for ways to be most efficient. With IP addresses dwindled, moving to IPv6 has been a big under taking for us and would love more info or guidance on how we can better make this transition.

What do you intend to accomplish by attending an ARIN Meeting?

Gain industry knowledge and create friendships within the ARIN industry to help us move forward on the next big undertaking.

If you could have one super power what would it be and why?

Invisibility – seems like you could do a lot of things being invisible to help fight crime.

 

Michael SchlohMichael Schloh

Computer Scientist, MSvB Recherche – California, USA

What is the #1 fun thing you hope to do while in San Francisco?

Take a walk (or run) in some nice place, and visit a hackerspace.

Describe how you would modify a snail so it would go faster.

Give it excellent teammates and coworkers.

What interests you about ARIN? 

Network peering, routing, standardization, general network engineering, and keeping standards and implementations of exotic (like SCTP) protocols consistent during adoption.   But… I’m mostly interested in IPv6 and helping to promote it. I operate three IPv6 networks and try to be instrumental in motivating operators to migrate their legacy IPv4 nodes to IPv6.

What do you intend to accomplish by attending an ARIN Meeting?

Learn of the process that diverse interest groups and regions control the network landscape. I would also like to propose ideas, such as those originating from a current RTC communications project to advance Internet principles communication.   Secondly, I am a ‘Intel Innovator’ with the mandate to promote the Internet of Things (IoT) which I believe will only fly on robust IPv6 networks. This topic is worthy of idea exchange at the San Francisco meeting, as well as networking at home with those getting started with IoT and IPv6.   Lately I’ve been very active with the Tor project, and would like to network with others to enable and facilitate democratic information and communication via standardized interfaces.

If you could have one super power what would it be and why?

To be able to travel through time via a mayonnaise layer.

 

Jon AitchisonJon Aitchison

Senior Policy Advisor,Government of Canada – Ontario, Canada

What is the #1 fun thing you hope to do while in San Francisco?

Escape from Alcatraz.

Describe how you would modify a snail so it would go faster. 

I’d give my snail redbull, that stuff gives you wings.

What do you intend to accomplish by attending an ARIN Meeting?

I have participated in all forms of internet policy debate, whether it be from a private sector, Academic or Government policy perspective. I look forward to the opportunity to bring this experience to the conversation and to deepen/refresh my understanding of the technical discussions around internet architecture in order to inform my perspective on appropriate governance and security debates.

How do you think your ARIN Meeting experience will benefit you or your organization when you return home?

My goal is to deepen my technical knowledge and to understand all sides of the debates over internet’s future. Forward looking policy is difficult and exposure to big, mutifacted ideas is often difficult to solicit in one place. I hope this meeting will do just that and give me broader perspective on medium to long range issues.

If you could have one super power what would it be and why?

Bradley Cooper’s power from limitless. It’s great because it leverages what we all already have.  And if I could manufacture the pills I’d give them to everyone. It’d be great to be brilliant but better to be surrounded by brilliance.

 

Since its inception in 2009, the ARIN Fellowship program has allowed over forty different people to attend their first ARIN Meeting. ARIN warmly welcomes our newest ARIN Fellows to San Francisco and hopes you join their ranks in the future! Applications are already open for our next meeting ARIN 36 in Montreal, so take five short minutes to apply today.