Tag Cloud:

Life After IPv4 Depletion

By John Sweeting, Senior Director of Registration Services, ARIN

Believe it or not, it’s been a year since ARIN reached full IPv4 depletion on 24 September 2015. In that time, we’ve seen organizations continue to seek IPv4 addresses via both our IPv4 Waiting List and the IPv4 transfer market. We’ve also seen some exciting strides made toward full IPv6 adoption in the industry and expect to see IPv6 deployments continue to increase within the region. I’d like to share a few observations we’ve made during the past year to ensure networks within the ARIN region can continue to get the resources they need to operate.

Life After IPv4 Depletion

Even though we no longer have IPv4 addresses available in the free pool, many organizations have decided to put their requests on our waiting list of unmet IPv4 requests in the event more IPv4 addresses become available. We’ve checked the couches in ARIN’s offices several times and haven’t found any extra IPv4 addresses under the cushions, but they do occasionally become available either via redistribution from IANA, when addresses are returned to ARIN by the registrant, or when they’re revoked (generally due to an organization’s failure to pay required fees). Unfortunately, the number of requests currently on the waiting list—almost 400!—is far greater than the number of requests we’ve been able to fill from the waiting list (12 via IANA redistribution and one via returned/revoked space). If your organization’s need for IPv4 addresses can’t be delayed indefinitely, you may need to look to the transfer market or to IPv6 rather than pursuing space via the waiting list.

The IPv4 transfer market has been extremely active in the year since IPv4 depletion. Need-based transfer requests have increased almost 400% over that period with a total of almost 100,000 /24s changing hands in those transfers. If your organization is interested in securing IPv4 addresses via the transfer market, ARIN offers a free transfer pre-approval service that allows your organization to have its 24 month need verified by ARIN prior to seeking addresses from a source organization. While not required, pre-approval will help ensure ARIN can process your request as quickly as possible once a transaction is arranged. Organizations with unused IPv4 addresses that are interested in making them available are encouraged to contact ARIN as early in the process as possible to make sure the process goes smoothly. In particular, if the original registrant is no longer in business or has otherwise ceased to exist, a merger and acquisition transfer may be necessary before we’ll be able to help you transfer the addresses to a recipient.

While IPv4 demand continues to be strong, IPv6 is the future of the Internet, and we’ve seen continued steps being taken toward that future over the past year. For the first time, more than half of our subscriber members have registered IPv6 addresses, and we continue to issue IPv6 addresses to 60-100 additional organizations per month. Networks seeking to deploy IPv6 can request IPv4 addresses from ARIN (up to one /24 every six months) from a block that was reserved specifically to assist IPv6 deployment after they register their IPv6 block. One year after IPv4 depletion, more than 99.5% of that reserved space remains available. Organizations adopting IPv6 are encouraged to use this policy after registering an IPv6 block to facilitate their IPv6 deployment.

Looking forward, while we expect IPv4 activity to continue, the reality is that there simply aren’t enough IPv4 addresses to number a world with billions of people each using multiple devices on the Internet. If your organization hasn’t yet deployed IPv6, it’s time to join the movement and start adopting IPv6 today. To make this transition even easier, ARIN’s Board of Trustees recently implemented a new fee schedule that provides for more cost-effective IPv6 registration fees. ARIN’s current IPv6 policies allow almost all organizations to qualify for a block, and once you register a block, you’ll unlock access to the reserved IPv4 block that’s earmarked specifically to assist organizations like yours in their transition to IPv6. For those reasons, if you’ve been postponing your IPv6 deployment, there’s never been a better time than right now to jump in and join the party. Along with everyone at ARIN, I look forward to helping you with that transition in any way I can.

 

A Quick Guide to ARIN’s Whois

By Leslie Nobile, Senior Director of Global Registry Knowledge, ARIN

ARIN's Whois Service

Most of you have heard of Whois and have some fundamental familiarity with it. But how well do you really know the ins and outs of Whois, and in particular, of ARIN’s Whois service? To help you get a better understanding of how to use ARIN’s Whois service, we’ve developed a Quick Guide to ARIN’s Whois that we think will be your one resource for all things Whois.

First, the basics. The term “Whois” refers to any query and response protocol that is used for searching databases that store registered users or assignees of an Internet resource (e.g. IP addresses or domain names). Specifically, ARIN’s Whois service allows a user to retrieve information about IP number resources, organizations, and Points of Contact (POCs) registered with ARIN. It pulls this information directly from ARIN’s database.

As for how to access Whois, you have a few options. You can use one of the various web interfaces that ARIN (and many others) provide, an Application Program Interface (API), or a command-line interface (CLI) client like the terminal on a Mac or the Windows command prompt. In our quick guide and in this blog, we’ll focus on how to use Whois from a Mac terminal window using different flags to customize your searches.

To submit a Whois query from a terminal, you’ll want to structure your search like this:

whois -h whois.arin.net “flag search-term

The parts of this command are:

  • whois: the command itself
  • -h: specifies that the hostname of the Whois server will follow
  • whois.arin.net: the name of ARIN’s Whois server
  • flag: narrows the search by restricting the results to those that match criteria designated by the flag (this piece varies depending on your search)
  • search-term: the information for which you are searching (this piece varies depending on your search)

Some common types of flags you may use are “n” for the specified network address space, “p” for specified Points of Contact, or “o” for an organization. There are many more flags you can use to narrow your search, so we’ve compiled a complete list of Whois flags you can use. You can also use wildcards in conjunction with any flag.

But once you’ve entered your search, how do you make sense of the results? It’s easy to feel overwhelmed by the lines of text that Whois may display, but once you know what key fields you’re looking for, the results make perfect sense.

The different result fields are grouped into five main categories that are shown below, along with some of the result fields that are returned:

  • Network Information
    • NetRange
    • NetName
    • NetHandle
  • Organization Information
    • OrgName
    • OrgTechName
    • OrgAbuseName
  • ASN Information
    • ASNumber
    • ASHandle
  • Point of Contact (POC) Information
    • Name
    • Handle
    • Company
  • Delegation/Reverse DNS Information
    • Name
    • NameServer

Some other common fields that appear in the results of all kinds of queries include address, “RegDate” (date that the resource was initially registered in the ARIN database), and a last updated date. But keep in mind that this list is not all-inclusive! To see a complete list of all result fields and their respective descriptions, you’ll want to visit the “Interpreting Whois Results” section of the Quick Guide.

Now that you have a better picture of what information Whois contains and how to access it, we hope that you’ll make the most of one of ARIN’s most useful services!

ARIN Policies Start with You!

By Sean Hopkins, Policy Analyst, ARIN

Our prime directive is the administration and management of Internet number resources (IP addresses and Autonomous System Numbers). Between registering, distributing, maintaining, and updating these resources and the records associated with them, there is a lot of work to do, and it’s all guided by our Number Resource Policy Manual, or NRPM. Can you guess where this big book of policies comes from? Believe it or not, it comes directly from people just like you!

You may already know that ARIN policies are community-based, but you may not have known that our community includes anyone and everyone with an interest in Internet number resources, not just those who are within the ARIN region. You might even think you would at least need to be an ARIN Member to help drive ARIN’s Policy Development Process (PDP), but in reality, all you need is an email address to start influencing the future of the Internet.

To submit your very own Internet number resource policy proposal, just fill out our brief template and send it to policy@arin.net. Don’t worry about getting the wording of your proposal exactly right – our Advisory Council (AC) will work with you directly to help transform your idea into a clear change, removal, or addition to policy text, and get it the community attention it needs to move through the PDP.

If you’re more of a visual learner, check out our new video entitled “ARIN’s Policy Development Process” to learn more about each step of the PDP, and become a part of the Internet’s future today!

Additional resources can be found on the following webpages:

Word of Advice for Getting Started with IPv6

By Jennifer Bly, Public Relations and Social Media Coordinator, ARIN

This month we’ve been reviewing the results of our recent IPv6 survey. First we took a look at why you decided to deploy IPv6 and who was involved. Next we examined some of the benefits of IPv6 and overcoming the challenges to IPv6 Adoption. Now we are going to look at the advice you said you’d give to others in the early stage of their IPv6 journey.

start-work-asap-ipv6

Here’s a sampling of what you said when asked “If you could give one piece of advice to a company that is just beginning its IPv6 deployment process, what would it be?”:

The big picture

  • Start ASAP, and make it a priority
  • Get full buy in from management
  • Make top-down decisions or policies to include dual-stack as a standard for all new services
  • Start early and define your long-term and short-term strategies and implementation processes before you begin
  • Get high-level support, then focus on security. After approval from CIO and Security to move forward begin training the network team. The training and early implementation need to be close together

How to think about it

  • Take it slow and give your plan due diligence
  • Start thinking of IPv4 as the add-on with IPv6 as the main protocol, not the other way around
  • Make it a matter of pride in the whole company
  • Motivate technical folks to achieve deployment progress through competitions among their peers
  • Be patient and dedicate the proper amount of time to training / research / deploying
  • Think of this as an opportunity to fix all of the mistakes you made in your IPv4 design, so take your time and do it right

Where to start

  • Manage it like any other project and prioritize enabling Internet-facing services ahead of the internal network
  • Get an address assignment and start playing
  • Request enough IPv6 address space to give yourself adequate headroom for growth
  • Prototype in lab environment first, test different IPv6 options to find the right mix
  • Set up test environments to gain experience and then in production, you’ll be surprised at how straightforward it can be
  • Start with customer-facing equipment, email, DNS, website, then your access, and last your business applications
  • Begin somewhere with a small number of hosts/services and block everything at the firewall, opening up only what is needed as it is implemented
  • Start with customer/Internet facing services and then endpoint access, slowly move legacy applications as they become available, use DNS to ‘fix’ services that lack IPv4 support
  • Take your time. Work from the core out and get DNS working rock solid
  • Make sure all routing equipment will support v6, and start deploying inside the network, with translation as a test, then cut over
  • Start at the edge of network and then work inward. End-user devices should be the last step

Knowledge is key

  • Talk to someone who has done it
  • Find trusted advisors
  • Hire a consultant versed in IPv6 to map out and work on the transition
  • Become an expert by getting­­­ training, lots of training for everyone involved

What do you think of this advice? Can you relate? Is it helpful? Do you have more to share? Let us know. Tweet us @TeamARIN on Twitter. In a future post we’re going to look at even more advice you gave in our IPv6 survey and we may feature what you have to say on Twitter as well.

Benefits of Adopting IPv6

By Jennifer Bly, Public Relations and Social Media Coordinator

A couple of weeks ago, we shared some of the results of our recent IPv6 deployment survey with you and promised we’d share a few the benefits our respondents gained from deploying the next generation protocol, as well as how they overcame some of their IPv6 adoption challenges.

In our original post we mentioned that only 20% of respondents indicated “cost” as a barrier to IPv6 adoption within their organizations, many citing technical issues as a larger concern.  So what is the bigger concern? Technical issues. We asked what would have made deploying IPv6 easier for your organization and the most common responses included the need for a better technical understanding inside the organization, training and documentation. Another common answer was the desire to see more vendor support.  A lack of feature parity between IPv4 and IPv6 seems to be a collective pain point in the transition process. More broadly, others indicated they’d like to see an industry-wide consensus to make the move, customer demand, and community support to help drive IPv6 projects inside their own companies. They’d also like to have access to more staffing resources with the appropriate experience.  Lastly, people mentioned that a no hassle IPv6 allocation from ARIN would be nice (which we’re happy to note, is indeed available).

We are deploying IPv6 so we're ready for the future

Benefits of Deploying IPv6

Even though quite a few respondents suggested the tangible benefits of IPv6 deployment are limited at this time, there were several notable perspectives on the benefits of IPv6 deployment, including:

  • More IP space, obviously
  • Future proofing
  • Bragging rights
  • Staying on the forefront of networking and IT trends
  • Leading by innovation and recognition as market leader, both to customers and peers
  • Ahead of the curve instead of behind it, before IPv6 became a critical network dependency
  • Easier to recruit top engineering talent who want to work for a forward-looking company
  • Access to IPv6 only services
  • Simplified access to endpoints, reduced complexity of internal network
  • Better connectivity and easier expansion of public facing services without NAT
  • Meeting US federal OMB requirements
  • Peer routing on partner networks
  • Easier device management and troubleshooting without multiple instances of RFC1918 space to manage
  • ISP customers are able to be assigned an entire subnet, whereas before they could only obtain a single IP
  • Easier to configure internal services on native IPv6 without using up scarce IPv4 resources
  • Less DNS changes
  • Performance and scale
  • Email seems faster
  • Growth of the IoT
  • Meets the demand for mobile devices
  • Makes people feel like they are good netizens

Overcoming the Challenges to IPv6 Adoption

Realistically every business decision and networking problem has its challenges, and IPv6 deployment is no different. Respondents had some great suggestions on how to overcome IPv6 challenges.  In a nutshell, here are few recommendations:­­

  • Just start hacking away at it
  • Slowly enable the core of the network
  • Work on providing IPv6 for externally facing systems
  • Grow on demand with a slow rollout to build confidence
  • Monitor your IPv6 deployment carefully to find any problems early
  • Get training for your IT teams
  • Retire and replace old equipment which does not properly support IPv6: including CPEs, load balancers, device firmware, router CPUs, etc.
  • Request IPv6 support from vendors, opening trouble tickets, and ultimately changing vendors if necessary
  • Make IPv6 support part of your RFP process for new vendors
  • Migrate to IPv6-capable data centers that can accommodate IPv6 upstream providers
  • Have your Internet peers enable IPv6
  • Use third party 6in4 tunnels
  • Treat IPv6 mail with the same rules as IPv4 mail
  • Parallel networks and firewalls, so the IPv6 will be visible to both ISPs and two separate IPv4 ranges will be handling different parts of your traffic
  • Approach the transition as a necessity, not as an annoyance
  • Work with other similar organizations to guide you through the process

Next week we’ll take a look at some of the advice survey respondents said they’d give to others who are planning to deploy IPv6.  Until then, if you’re interested in sharing your advice as well, feel free to tweet your tips and tricks and don’t forget to tag them with the hashtag #get6.

 

No More Excuses: IPv6 Planning Made Easy

By John Sweeting, Senior Director of Registration Services, ARIN

Planning for IPv6

We know that deploying IPv6 can seem daunting. There’s a lot to think about – is your equipment ready? What about your software? Does your hosting provider support IPv6? Do you have an addressing plan? These are just some of the things you need to ask yourself when getting ready to make the switch to IPv6. And while there are lots of questions to be asked, we would like to focus on the big one that we frequently hear: “How much IPv6 address space do I even need?”

It’s a pretty straightforward question, but we find that a lot of folks aren’t sure how to decide what’s appropriate for their organization. So we’ve developed a brand new webpage dedicated to helping you plan for IPv6, and specifically, helping you determine how much space may be right for you.

It all starts with determining whether you’re an end user or Internet Service Provider (ISP):

  • End users operate networks that do not provide Internet access to external customers.
  • ISPs are either networks that provide traditional Internet access (cable, fiber, wireless, etc.) or they are hosting providers that operate services which provide Internet access (colocation, dedicated servers, virtual private servers, etc.).

Note: End users that are not ISPs but do provide Internet connectivity to users (for example, universities) may apply either as end users or as ISPs.

After that, it’s as easy as 1-2-3!

Step 1: Verify that you qualify for IPv6. End users qualify if they meet any of the criteria below:

  • Have an IPv4 assignment from ARIN or one of its predecessors
  • Intend to immediately be IPv6 multi-homed
  • Have 13 end sites (offices, data centers, etc.) within one year
  • Use 2,000 IPv6 addresses within one year
  • Use 200 /64 subnets within one year

ISPs qualify if they meet any of these criteria:

  • Have an IPv4 allocation from ARIN or one of its predecessors
  • Intend to immediately be IPv6 multi-homed
  • Have a plan to make 50 assignments within five years

IPv6 Block Size TableStep 2: Determine how much space you’ll need. If you’re an end user, block size is determined by the number of end sites in your network, not by the number of IP addresses you anticipate using (see table at right). End sites are physical locations such as offices and data centers. If you’re an ISP, block size is based on the number and size of subnets to be assigned to customers, not on the number of IP addresses required by customers. ISPs will typically assign one subnet (/48 or smaller) to each customer.

If you want to brush up on exactly how many IPv6 addresses a /48, /44, etc. contains, refer to our CIDR chart.

Step 3: You’re almost done! All you need to do after completing steps 1 and 2 is submit your resource request via your ARIN Online account.

That’s it! For more information on the different steps in this process (including more details on determining block size), you’ll want to visit our IPv6 planning page. Our goal is to demonstrate how easy getting IPv6 can be, and we hope we’ve helped you see that making the switch doesn’t have to be confusing. And if you’re ever not sure about something, contact us and we’ll guide you through the process.

Why You Decided to Deploy IPv6

By Jennifer Bly, Public Relations and Social Media Coordinator

We asked you to tell us about your IPv6 deployment journey at your own organization via an open survey.  Out of more than 150 responses, we collected some interesting information that you may enjoy hearing more about.

ahead of the curve ipv6

Some of the services companies provide over IPv6 include (but are not limited to): DNS, DHCP, webhosting, Internet connectivity, network monitoring, email, video streaming, VoIP, ftp, apps, colocation, dedicated server, virtualization, AAAA records, IPTV, WAN uplink, and more.  More than 65% of respondents said they have IPv6-enabled transit and/or peers (77%), network infrastructure (88%), DNS (AAAA or NS records) (67%), and firewalls (72%). However it seems like many organizations still haven’t made their public-facing websites ready for the next generation of the Internet.

steps toward ipv6 survey

Of those who already deployed IPv6, many organizations made the decision to do so because they wanted to futureproof their technology and be experienced with the protocol before customer demand increases.  Many recognized that IPv4 was depleted and that IPv6 is important for business growth.  Some also indicated that deploying IPv6 was a natural progression during planned network improvements that presented little downside.  Several suggested that their company prides itself on being at the forefront of technology, and thus IPv6 was part of their effort to be a market leader and stay ahead of industry trends.  Others indicated that they did not think there is another good long-term solution for dealing with IPv4 scarcity.  International organizations in particular suggested IPv6 is important to connect globally and to be sure customers and clients are able to access them from all over the world.

how long IPv6 survey

Most respondents began work on deploying IPv6 in 2014 (18%) and 2015 (19%) and the process took less than year to complete for more than 45% of respondents. Many internal stakeholders were involved in the decision to deploy IPv6.  A common theme among respondents echoed that executives and management needed to be involved to get the project off the ground.  Specific roles mentioned include: CEO, CIO, CTO, Executive Director, and the like.  From the technical side, implementation involved the IT Department, Network Operations, Systems Administrators, Engineers, Information Services, Technology Directors, and even consultants.  Notably, approval from finance or purchasing was crucial to getting sign off to begin work on IPv6 projects.

Many suggested that deploying IPv6 would have been easier if there had been more of a management push to accomplish it, a hard deadline, and a cross-functional effort across their organization.  Respondents also indicated training would have been helpful, along with examples and best practice documentation from peers.

obstacles IPv6 survey

Interestingly, only 20% of respondents indicated “cost” is a barrier to IPv6 adoption within their organizations, many citing technical issues as a larger concern.  In a following blog post we’ll take a look at how some of our survey respondents overcame a few of their IPv6 adoption challenges. We’ll also share some of the benefits and advice for others that were given. Stay tuned, and in the meanwhile, be sure to follow @TeamARIN on Twitter for some of the feedback from the survey using the hashtag #get6.

Connecting with the Caribbean Internet Community

By Sean Hopkins, Policy Analyst, ARIN

This past week, ARIN joined forces with the Latin America and Caribbean Network Information Centre (LACNIC) for the Caribbean Association of National Telecommunication Organizations’ (CANTO) 32nd Annual Conference & Trade Exhibition in San Juan, Puerto Rico. As usual, the welcoming nature of the Caribbean was in full effect, with little mystery as to who the Regional Internet Registries (RIRs) are or why they were present. We had the opportunity to speak with many stakeholders from both the ARIN and LACNIC regions, as well as answer questions about both IPv4 and IPv6 usage, our IPv4 waiting list, ASN requests, Internet Exchange Point (IXP) allocations, IPv6 implementation strategies, and much more!

CANTO 2016

We were fortunate to have a presence not only on the expo floor, but in the speaking rotation as well. Leslie Nobile, ARIN’s Senior Director of Global Registry Knowledge, joined Kevon Swift, LACNIC’s Head of Strategic Relations and Integration, on the “Aligning the Caribbean ICT Calendar” panel discussion to provide updates on IPv6 adoption and RIR initiatives in the Caribbean and beyond. As we continue to encourage the Caribbean Internet community to bring their unique experience and needs to the Internet number resource policy development process, we look for additional opportunities to educate the Caribbean Internet community about everything from requesting Internet number resources to the latest public policy discussions.

Throughout the week we were able to engage with a wide range of community members, and CANTO provided one of the most open and conducive shows for Caribbean engagement that we have had the pleasure of attending. If you did not get a chance to stop by the ARIN/LACNIC booth and would like to participate in our Internet number resource policy discussions and development, ARIN offers a fellowship program to send up to five people per region to each Public Policy and Members Meeting held in the spring and fall of each year. In addition to fellowships, we also offer full remote participation options in case attending in person is not possible. This October we will be headed to Dallas, Texas, and in April 2017, we will make our way to New Orleans, Louisiana, so we hope to see you at an upcoming meeting! We depend on the participation of all of our members to make sure we’re able to meet the needs of our entire region. No matter where you reside, if you are looking to get more involved in ARIN, here are a few places you can start:

Get the latest news from ARIN

Subscribe to arin-announce

Follow and contribute to policy discussions

Subscribe to ARIN’s public policy mailing list (ppml)

Request resources from ARIN

Request IPv4, IPv6, or ASNs

Come to an ARIN event

ARIN biannual meetings and one-day ARIN on the Road events provide a chance to network with colleagues and discuss important matters affecting the Internet community.

Get resources on IPv6

IPv6 Wiki

Get6

Why Learning IPv6 Puts You a Step Ahead in Your Career

Signal to employers that you’re at the top of your game by learning IPv6 now

Guest blog post by Jonathan S. Weissman

ARIN reached the true technical IPv4 Exhaustion on September 24, 2015. Yet back in 2012, I believe that I created and taught the first ever college course held in the United States that was devoted exclusively to IPv6, a summer course at Finger Lakes Community College. The course had a normal 45 hours aggregate meeting time, but it was devoted to just IPv6 and nothing else. Twenty years before that, in 1992, the IETF asked for white papers after multiple proposals to expand IPv4’s 32 bit address space surfaced. RFCs for IPv6 started appearing in 1996, twenty years ago from this summer, in which my IPv6 course is running in its fifth consecutive iteration at FLCC.

Both my FLCC IPv6 course and my personally written exam for the course are certified by the IPv6 Forum, a world-wide consortium, and an official certifying body for IPv6. Students who get a 70% or better on my exam at the end of the semester, will automatically earn their IPv6 Certified Network Engineer – Silver certification from the IPv6 Forum. Adding this certification to their resume will no doubt make a huge impression on potential employers.

A group of my students at Finger Lakes Community College about to get IPv6 certified!

A group of my students at Finger Lakes Community College about to get IPv6 certified!

IPv6 has, for the last few years, been appearing on industry level certification exams by CompTIA, Cisco, and others. It’s no longer something being shoved under the rug. Especially now that ARIN is “fresh out” of IPv4 addresses, the knowledge of IPv6 becomes more and more of a requirement with each passing day. You can’t simply wait until your company starts using IPv6 before learning about it. With a solid background in IPv6 before it’s needed, you will be able to easily adapt to and adopt this fascinating new protocol with intelligence and efficiency.

Interestingly enough, I recently looked back at the reports from my first industry certification exams, and to my shock, I saw that my Novell CNE and CNA exams from 2000/2001 actually had IPv6 questions. However, at that point, IPv6 was still in its infancy. No one was using it in earnest as we are just starting to do now.

There happens to be a great twist to this story. IPv4 isn’t going away entirely for a very long time. Experts are predicting decades more of IPv4. On January 1, 1983, ARPANET turned off NCP (Network Control Protocol), and flipped on Vint Cerf’s TCP/IP, featuring IPv4 addressing. There has not been, nor will there ever be, a corresponding “flag day” for IPv6. Back then, if you were “connected,” you were a government agency, academic institution, or research institution. Nowadays, all businesses are connected, and some can’t even afford seconds of downtime. Some companies pay extra to their service providers for the “five nines,” 99.999% guaranteed uptime during a year. Therefore, IPv6 education includes incorporating and interoperating IPv6 with IPv4 with dual-stacking, tunneling, or translation.

For my students with IPv6 education (and certification), it shows at the very least that they are progressive, motivated, and a step ahead of the times. It shows that they are scalable, adaptable, and up on the latest and greatest (although as we mentioned, this “latest and greatest” is nearly twenty-five years old). It shows potential employers that when the need arises to start using IPv6 in an incremental fashion, those who have been already working with IPv6 can be trusted as the pioneers, the architects, the leaders for IPv6 deployment. Learning IPv6 now, when you’re not faced with pressure, deadlines, prioritization demands, and more makes the learning process smoother and cleaner. Being able to learn IPv6 now affords you the opportunity to cover both breadth and depth in ways that simply wouldn’t be possible in a more “on demand” environment.

IPv6 is not just about the exhaustion of IPv4 addresses. The Internet is slowly going to turn from IPv4 to IPv6. It’s happening now. Think about business continuity. At some point, if you don’t make the switch, from a business perspective, it could be devastating. IPv6 is also about doing things that simply weren’t possible with IPv4. For example, “Internet of Things” devices simply do not have enough logic to run a dual stacked IPv4/IPv6 combination. Those sensors being placed all over the planet? They’re running native IPv6! Besides sensory networks, think about the control systems. Think about reporting systems. Think about appliances. Think about home entertainment devices.

One more thing, of course…security! Some networks might have IPv6 enabled and might not even realize it. Malicious IPv6 traffic can enter the network, tunneled through IPv4. Firewalls won’t catch it. Neither will IDS/IPS systems. They don’t even know what they’re looking for, as far as IPv6 goes!

Furthermore, you can’t start thinking about IPv6 security mechanisms and implementations without a truly solid background in the IPv6 protocol and all of its subcomponents like Internet Control Message Protocol for IPv6 (ICMPv6), Neighbor Discovery Protocol (NDP), Dynamic Host Configuration Protocol for IPv6 (DHCPv6), link-local addresses, Internet Protocol Security (IPsec), and much more. As my IPv6 course illustrates, there are so many layers and wrinkles to IPv6. You can’t just read a book over a weekend and be ready to deploy IPv6 or, even worse, IPv6 security on a Monday morning. I tell my students, “seeing is believing,” as we spend lots of time on IPv6 labs, while sniffing in Wireshark.

There’s little to no pressure right now to start learning IPv6. As the days, weeks, and months go by, that will become less and less true. The “Internet of Things” and mobile devices are, of course, the big factors responsible for IPv6’s great need right now. Now is the time to start learning IPv6! There will never be a better time!

 

Jonathan WeissmanJonathan S. Weissman is an Associate Professor and IT Program Coordinator at FLCC. He holds 34 industry level certifications, five of which are IPv6 certifications from the IPv6 Forum.

Connect with him on LinkedIn or email him at jonathan.weissman@flcc.edu

 
 

My Experience as an ARIN Fellow

ARIN 37 Fellow Alyssa Moore shares about her experience as a newcomer to the ARIN community and the policy development process.

Guest Blog by Alyssa Moore

In April I had the good fortune to:

  • Attend an all-expenses-paid meeting in Jamaica
  • Nerd out with Internet community experts and veterans
  • Engage in the best professional development of my career
  • Form relationships with brilliant mentors

Sounds too good to be true, right? Allow me to introduce you to the ARIN Fellowship Program.

ARIN 37 Fellows

ARIN 37 Fellows – April, 2016. Photo: ARIN

During my time as an ARIN Fellow, I learned that Internet number resource policies in the ARIN region are developed entirely by the community. Every word of the Number Resource Policy Manual (NRPM) undergoes rigorous examination in a transparent, community-driven, bottom-up policy development process. This is significant because in an increasingly networked world, we should all have a stake in Internet governance. Number resource policy is of particular importance in light of the recent depletion of the IPv4 address “free pool” in the ARIN region, the development of an IPv4 transfer market, and the slow pace of a global transition to IPv6.

I also learned that ARIN provides multiple avenues to contribute to the formation of policies and processes that underpin global Internet infrastructure. Anyone with an email address can chime in on global Internet policy-making simply by joining and participating in a mailing list.  Anyone can also attend an ARIN meeting, either in person or virtually. And anyone residing in the ARIN region with an interest in Internet governance is encouraged to apply for the Fellowship Program.

Policy Discussion at ARIN 37

Facilitation of policy discussion at ARIN 37. Photo: ARIN

While there is much lively discussion on mailing lists or during meetings, I found that some of the most spirited policy conversations took place over breakfast and at after-hours socials. For example, rules around IPv4 address transfers are currently of particular interest to the ARIN community. Some advocate passionately for the application of strict needs tests in cases where limited IPv4 resources are sold in a private transaction. Others support complete liberalization of the IPv4 transfer market, and the rest fall somewhere in between. If you’re involved in politics in any way, this type of problem may sound familiar.

Regardless of where one’s opinions fall on the policy spectrum, each and every person I encountered took the time to engage in a meaningful discussion with me and explain the issues within their historical context. I was floored by how quickly introductions were made and how welcoming the ARIN community is to newcomers. It’s for these reasons that I strongly encourage anyone with a stake in number resources or the larger Internet governance landscape to get out to an ARIN meeting in person. Fellowship applications are currently being accepted for the 20-21 October 2016 meeting in Dallas, Texas through 31 July 2016.

 

Alyssa MooreAlyssa Moore is the Policy and Strategy Analyst at Cybera, Alberta’s non-profit research and education network. She is involved in the Canadian Internet community as an advocate for socially responsible tech policy and a champion of publicly owned network infrastructure. Alyssa’s passion for the Internet is borne of a love-hate relationship with rural dial-up and satellite connections in her formative years. She holds a Bachelor of Arts in Political Science from Carleton University.
Cybera website: http://www.cybera.ca
Personal website: http://www.alyssamoore.ca
Twitter: @lyssamoo

 

Voting Contact Clean-Up Campaign Now Underway!

By Wendy Leedy, Member Engagement Coordinator, ARIN

Each fall, ARIN’s Membership elects representatives to the ARIN Board of Trustees and Advisory Council. Two out of three years, they also elect one ARIN representative to the Number Resource Organization Number Council (NRO NC). Every member organization – regardless of its size – is permitted one Voting Contact who casts one vote in ARIN Elections. These elections directly shape the future of ARIN, our community, and the Internet itself!ARIN Elections

This year, all eligible voters must log into ARIN Online to access their organization’s ballot, therefore requiring all registered Voting Contacts to have an ARIN Online account to participate – as previously announced, ARIN is improving the security of its voting system and will no longer email web links for casting ballots. To be eligible to vote, an organization must be a General Member in Good Standing (current on all invoices) and must have designated a Voting Contact linked to an ARIN Online account on record by 6 September.

To assist and ensure all eligible member organizations are prepared to vote during ARIN Elections, our team is currently leading an extensive Voting Contact clean-up campaign. Over the past few weeks and in the coming weeks every member organization should receive an email that either:

  • Confirms an organization’s Voting Contact (if there is no change, no action is required)
  • Requests an organization to designate a Voting Contact now
  • Requests your Voting Contact set up their ARIN Online Account and/or validate their being a voting contact for your organization

As Member Engagement Coordinator, I encourage each of you to please take a few minutes to read the email you received and to take any necessary action asked of you as soon as possible. By doing this, you will ensure that you are eligible to vote in this year’s election. Don’t forget that the deadline to establish voter eligibility for Voting Contacts is Tuesday, 6 September 2016.

Since the outcome of ARIN Elections can have a far-reaching impact, it’s not only a privilege for member organizations to participate, but also an important responsibility. Active and ongoing participation in elections demonstrates an organization’s support of and commitment to electing representatives who will drive transparent policy discussion and change; openly listen to, engage with, and fairly represent the community at-large; and work toward advancing the future of ARIN and the Internet.

Have questions or need help establishing your voting eligibility? Contact us at members@arin.net or call 1.703.227.9840, ext. 834. You may also visit our Voting Contacts page for steps on how to view and update your Voting Contact information or create an ARIN Online account.

At ARIN, we recognize you are busy, so we thank you in advance for your time and ongoing involvement in and support of ARIN. We look forward to virtually seeing you at the polls in October! It’s your voice, your vote – make it count!

Can You Make IPv6 Work Commercially?

Uncovering the costs and (hidden) benefits of IPv6 deployment that lead to a positive business case

Guest Blog Post by Marco Hogewoning, External Relations Officer – Technical Advisor at the RIPE NCC

Large scale IPv6 deployments suggest that IPv6 is at least a technical success – the technology works. Now it’s time to visit the other important question: does it work commercially? Does IPv6 really come with a positive business case? We are about to find out, if you help us…

RIPE Labs ROI PollOur technical community has spent about two decades making IPv6 work on a technical level. We have developed the protocol, modified and expanded a few others; we set up the registry system and distributed the addresses. In addition, over the last 10 years we have invented pretty much any possible way to encapsulate or translate IPv6, making it easier to integrate with the IPv4-based world we still live in. And we have succeeded: when in Belgium, there is about a one-in-two chance your Internet connection supports IPv6; on a global scale, Google (on a good day) sees one-in-eight customers connecting via IPv6.

Are we done then? After all, we can show that IPv6 works, even on a massive scale with millions of users. We have written all the documentation there is to write, we have educated and trained all of our colleagues and even created awareness outside of our own community about the need to transition the Internet to use IPv6. Meanwhile the IETF has already taken steps to investigate and discuss the consequences of the inevitable “shutdown” of IPv4. All we need to do is sit back, relax and wait for the IPv6 transition to complete, which is just a matter of time.

Or is it?

As part of this year’s inter-sessional work for the Internet Governance Forum (whose 2016 event will be held in Mexico this December), a group of volunteers has picked up the daring task of trying to describe the commercial and economic reality that underpins a successful deployment of IPv6. As part of the project to document IPv6 best practices, we are hoping to gather some input on the costs and (hidden) benefits of IPv6 deployment that lead to a positive business case and that will convince the product managers and boardrooms who are now stuck with the challenge of expanding their business using a finite and very much exhausted resource, to deploy IPv6 within their products and services.

Can you help us? Share how you make IPv6 work in a competitive market, share the arguments behind your business case – maybe it was just a matter of your competitor deploying it? Even if you haven’t deployed IPv6, please share your arguments or business case, as this would also help us to gain insight in what is happening here.

More information about the IGF Best Practices Forum will soon be posted on the IGF website from where you can also subscribe to a dedicated mailing list. To read my full post, check out RIPE Labs and answer our IPv6 Return on Investment Poll there as well.

 

Marco_Hogewoning112x165Marco Hogewoning is External Relations Officer – Technical Advisor with the RIPE NCC. As part of the External Relations team, he helps lead the RIPE NCC’s engagement with membership, the RIPE community, government, law enforcement and other Internet stakeholders.

 

 

 

 

 

Origin AS: An Easier Way to Validate Letters of Authority

By Mark Kosters, Chief Technology Officer, ARIN

One challenge that Internet Service Providers (ISPs) face today is dealing with end customers who have their own IP address blocks and want their ISP to route them. ISPs want to satisfy their customers, but they also want to ensure that the customer has valid use of the IP address block.  Determining a customer’s valid use of an address block is fairly simple if the customer is the address block holder and if the ISP can easily see, using tools such as Whois, that they are the rightful holder.  However, in the case where the customer does not provide a clear assertion that they are the rightful holder, determining valid use becomes more challenging. In this case, the customer presents a “Letter of Authority” (LOA) that asserts that the IP address holder has authorized the customer use of their block. The ISP must figure out how to verify the letter so that Internet routing of the address block can be enabled by that ISP.

View and Manage Network Screenshot

The challenge in validating LOAs is that it requires looking at the past history of the IP address block within the directory services of the various Regional Internet Registries (RIRs) and the Internet Routing Registry (IRR).  If the validation is done carefully, ISPs need to follow the registration trail of the companies if the name of the company providing the LOA does not match the current holder of that space within the registry. This effort is time consuming, inherently manual, and often fraught with questionable information. Further, there is no standard process or recordkeeping for the validation process, so that vetting may be uneven between ISPs and is likely non-transferrable when the customer moves between ISPs and wishes to use the address block again. This situation creates redundant work when the holder moves on to the second ISP, who also needs to determine the current organization with the registration rights before they can validate the customer’s offered LOA, and accept the IP address space to be originated from their network.

Long term, better maintenance of IP address blocks in the registry would make vetting LOA’s easier, and the adoption of Resource Public Key Infrastructure (RPKI) resource certification would eliminate most, if not all, of the issues.  However, until there is more widespread adoption of RPKI, the community is seeking an easier way to validate that the customer presenting an LOA is actually authorized by the address block holder.

One possible solution that can be implemented with the existing ARIN registry system is to make use of the “Origin AS” address block attribute.   Specifically, if a customer asks that an IP address block be routed because of an LOA, the ISP can request that the customer configure the Origin Autonomous System (AS) associated with the IP address block that is reflected in ARIN’s directory services to match the ISP’s AS number.  IP address block holders (including legacy address holders) can easily set this attribute using an ARIN Online account. Organizations that don’t have current contact information associated with their address block will need to be validated by ARIN, but this only needs to occur once. Once validated, the resource holder can update their IP address record, including the Origin AS, as necessary.   The other advantage of this approach is that it ensures that organization information is consistently reviewed by ARIN and eliminates any potential change of the ISP, thus preventing the hijacking of IP address blocks by parties that don’t have the registration rights to those address blocks.

The Origin AS can be set by the appropriate contact (tech, admin, or resource) in one of two ways:

  • SWIP-EZ: A web interface through ARIN Online that allows any authenticated user to make changes to their registration information for that IP address block.
  • Reg-RWS: An API that allows for automated and authorized updates by an authenticated user to occur via ARIN’s provisioning system for that IP address block.

Once the information is updated, an ISP can manually validate that the Origin AS of the IP address matches theirs, or validate using automated scripts.  Either way, after the IP address block has an Origin AS that matches the AS of the ISP, the ISP can provision the route of this IP address without worry.

 

Where are you on your IPv6 journey?

By Hollis Kara, Communications Manager, ARIN

Over and over again we hear that people need more resources to help them deploy IPv6, so we have set out to find out what would be the most valuable for those who are trekking upward. Our first step is to discover what kind of IPv6 activities are already occurring in our region. To do that we have an IPv6 Deployment Survey aimed at those organizations who have already begun their journey to IPv6.

IPv6 Survey

Have you started, or even completed, deploying IPv6? If so, please take our short survey to help us collect information about where you are in the process, the challenges you have faced, and the advice you would give to others. By attempting to identify the pain points companies are experiencing, we hope to be able to help you overcome them.

The survey will begin by asking you some demographic questions, followed by questions designed to help us understand what types of services your company has already made available over IPv6. Next we’ll ask you about the obstacles you encountered along the way and how you overcame them. We’ll also ask you what kind of resources were (or would have been) useful for you and if there’s one piece of advice you could give to others, what would it be?

Many respondents to date have indicated they have an IPv6-enabeld network infrastructure, IPv6 transit and/or peers. The main obstacle we’re seeing so far appears to be technical issues, and for almost half of those who have responded so far, the process has taken less than one year to accomplish. Better vendor support would have made deploying IPv6 easier for many of you, and lots of respondents have suggested the best advice is to plan early and strategically.

Please take a few minutes to answer our survey questions yourself.  It shouldn’t take more than ten minutes to complete, and the results will be used for educational purposes only. Also consider including your contact information at the end so we may reach out to you for more detail or to partner with you in our outreach efforts (that currently include Get6 and lists of hosting/DNS providers and consultants/trainers on our IPv6 wiki). We’re looking forward to using the results of this survey to continue to help you on your IPv6 journey!

 

Healthcare’s Digital Future is Here, But How Will it Connect?

By Ashley Durkin-Rixey, Stanton Communications

This past week, I attended the Digital Healthcare Summer Summit and 2016 BIO International Convention on behalf of ARIN. You might be wondering what one of the Regional Internet Registries and healthcare have in common. The answer is quite a bit.

Digital Healthcare Summit Get6

Igniting the Tipping Point

The theme of the Summit itself was “Igniting the tipping point,” a nod to the fact that the digital revolution in healthcare is not necessarily a new topic, but one that is poised to move into the everyday lives of clinicians, researchers and patients everywhere. These technologies can improve clinical efficiencies, education and most importantly, patient outcomes; but there is still much work to be done in order to make the case for investments in digital healthcare and widespread adoption.

This is a theme familiar to ARIN. In September of last year, ARIN announced the depletion of IPv4 addresses and the need to transition to IPv6. Since then, ARIN has focused on educating communities outside the tech world on making the move to IPv6 and why the time is now. IPv6’s unlimited address pool and true end-to-end connection is the backbone that will facilitate the Internet of Things as we add more and more connected devices to our lives.

Creating the Internet of Healthcare Things

In speaking with attendees and exhibitors at the summit, many told me condition specific wearables and monitoring devices in particular are igniting the tipping point. Whether it is a sock with a sensor in it to track patients within a hospital, facility, or at home to make sure they are moving post-surgery, or an application to help patients adhere to medication-that is accessed via mobile phones and smartwatches, these types of digital healthcare innovations will have an immediate impact on outcomes.

So how will all these devices connect? That’s where I’ve been able to share ARIN’s message on IPv6. I’m delighted to say there are app and device makers who are aware of IPv6 and taking that into consideration as they develop, but there is still much to be done to educate care providers and their network teams about future proofing their networks to use IPv6 to the fullest.

The Internet of Healthcare Things is fast emerging and its promises will be felt everywhere on the healthcare continuum, from wellness care to acute disease conditions. But with any technological revolution, the devices are only one side of the coin. IPv6 and network evolution play a key role in sparking our connected healthcare future.