Tag Cloud:

RDAP: Whois for the Modern World

By Andy Newton, Chief Engineer, ARIN

At an Internet Engineering Task Force (IETF) conference in 2011, I was invited to participate in an informal brainstorming session on Internet routing security. During the meeting, a researcher showed me one of his web-based tools for diagnosing routing issues. He started his demonstration with “Give me your AS number.” Plugging my Autonomous System Number (ASN) into his browser, the tool came to life with a rich set of data.

Then he said, “It only works for ASNs from ARIN.” I asked why, and he explained that all of the logic was running in the browser using Javascript, not on a back-end system, and ARIN was the only Regional Internet Registry (RIR) with a REST-based Whois service compatible with the program running in his browser. That was true. At that time, ARIN was the only RIR with such a service, and it was a proprietary system designed specifically for ARIN by ARIN. Fast-forward five years, and now all the RIRs run such a service… the same service: the Registration Data Access Protocol (RDAP).

RDAP the new whois

Why do RIRs run RDAP?

RDAP was given official standards status last year by the Internet Engineering Task Force (IETF) and was quickly adopted by all the RIRs. But the IETF didn’t just design RDAP for IP network registrations and ASNs. RDAP was also designed to model the data in Domain Name Registries (DNRs) and has extension mechanisms for other registry types. Extensions have already been defined for ENUM registries (which are DNRs for telephone numbers), and work is beginning on using it for routing registries as well.

Where WHOIS uses a special-use port and protocol, RDAP uses HTTP/HTTPS. Where WHOIS has a myriad of encoding schemes, RDAP uses the well-understood JSON format. Where WHOIS has a data model for every registry, RDAP defines one data model. And where WHOIS has no provisions for authentication, bootstrapping, or internationalization, RDAP has answers for them all.

Of course, this article could describe the technical merits and benefits of each one of those items, but doing so would help obscure a more meaningful point: by adopting one single standard, the effort to create tools which need this data has been made much easier. And it’s those tools, providing solutions for problems unforeseen by the protocol wizards and policy wonks that created RDAP, that can help change how the ‘internals’ of the Internet operate.

Using the WHOIS protocol, software developers have a much more difficult effort with regards to obtaining data from registries. They must craft special code for almost each registry.

By contrast, RDAP is easier because there is one data model. And the programming model is easier too because it is web-based. Software developers do not need to worry about lower-level network connections, which are often unavailable in some constrained programming environments. The web-based, RESTful encoding with JSON employed by RDAP can be accessed with built-in application programming interfaces available on all modern platforms: server, desktop, web, and mobile.

Creating tools for RDAP

Back in 2010 when ARIN first fielded its pilot, web-based, REST service containing Whois data, an analysis of the web logs after a few short months yielded some surprising results: a large number of the queries came from custom programs, many of them being browser-based applications. In other words, people had created tools around the service in a short amount of time.

The same is true of RDAP. Tools making use of it are popping up in all forms. Earlier this year I had a similar experience to the one I mentioned from five years ago. This time, it was the fine folks from APNIC Labs, and this time, their tool (vizAS) worked with any ASN from any RIR because it uses RDAP.

Check out vizAS: a tool for exploring the interconnections between AS numbers within a single economy, and a comparison of the state of interconnections between the IPv4 and IPv6 address families.

As DNRs start to field RDAP services, the opportunity for tooling becomes greater. Network abuse researchers have talked to me about tools that make use of RDAP for both types of data: coordinating observations of network abuse between the registration information of domain names and IP networks.

And some anti-spam researchers have figured out a way to use RDAP to enhance domain reputation scores. As more Top Level Domain (TLD) operators support RDAP, the ability for spammers to hide behind bad domains will become harder (and the TLDs without RDAP service may get bad reputations themselves).

Going forward, it is hard to predict what other tools may surface which use RDAP. But then again, that’s the whole point. RDAP is an enabling technology for network metadata, and the utility it may bring cannot be foreseen but should not be overlooked.

 

This post originally appeared on APNIC’s blog.

IPv6 Success Stories from Companies that Have Done It

By Jennifer Bly, Public Relations and Social Media Coordinator, ARIN

Many organizations have already successfully deployed IPv6. In your journey to do the same, seeking out advice from those who have already been there can help you along in the process. In a featured session at the ARIN 37 Public Policy and Members Meeting, a group of experts from a diverse range of companies (e.g. large and small ISPs, enterprise, software, CDNs, cloud services providers) discussed IPv6 obstacles and successes at their own organizations.

IPv6 Success Stories Panel at ARIN 37

Questions asked of panelists included some standouts like:

  • Do you advertise that you’re utilizing IPv6, or do you just try to make it so the customer never realizes that the transition has happened?
  • Having gone through implementations, what kind of long-term benefits have you seen, in terms of automation and scale?
  • How has your organization been with adapting tools, back office systems, sales systems, CRM, ERPs, billing systems, etc. to accommodate your IPv6 transition?
  • What advice would you give based on your experience regarding what worked well and what didn’t?
  • Why did you decide to not simply keep buying IPv4 addresses or embrace carrier-grade NAT?

A few highlighted quotes from the panel were:

“When you look at how many devices we would like to provision, continuing to try and buy IP[v4] addresses and propagate that model and the amount of money that it would require, it’s actually cheaper to deploy v6.”  – Dan Alexander, Network Engineer, Comcast

“[IPv6 deployment] doesn’t just happen. You need to put someone in charge of it. You need to have somebody own that process”  – Rob Seastrom, Principal Engineer, Time Warner Cable

“We’ve had a lot of internal activism going out to the various software development departments saying:  If you’re building code that doesn’t support v6, you’re hurting the company.”  Owen DeLong, Senior Architect, Akamai Technologies

“When we went out and built our under-LAN infrastructure, v6 allocations made it a lot easier for different locations and sites and we were able to properly plan long term.”  – Charles Gucker, Network Engineer, VMware

“One of the keys for success is having a good v6 addressing plan to make your deployments simple. For example, we assigned a /48 to each site and then on occasion we embed the VLAN number inside our addressing blocks so it’s easy for people to find.”  – Andrew Dul, Network Architect, EGATE Networks

Those are only a few gems from the discussion. Watch the entire session below or read through the full transcript on our website.

If you have an IPv6 success story you’d like to share, we’d love to help get the word out. Drop us a note in the comments or shoot us an email at get6@arin.net and we’ll be in touch.

You probably have IPv6. Turn it on!

Kyle Drake, founder of Neocities, a free web hosting service, shares his experience with implementing IPv6. This post originally appeared on APNIC’s blog.

Guest blog post by Kyle Drake

Thanks to a massive amount of time and effort, there are now a large number of ISPs, data centres, cloud services, and software that now support IPv6 in the United States and around the world. Actual adoption of IPv6 in production is slowly increasing globally, but is still lower than it could be.

With this post, I not only want to convince you to start looking into beginning to use IPv6 on your own computer, but show that in many cases, enabling IPv6 can be as simple as clicking a button on your WiFi router.

Turn on IPv6

You might already know the reasons why IPv6 is so important: we’ve now run out of available IPv4 addresses, and it’s now very expensive to acquire new IPv4 addresses (in the ARIN region, you likely have to buy them from others), hampering the ability for network operators to provide infrastructure services at reasonable costs.

There are also significant security benefits to IPv6. One of the ways exploits are propagated is they scan the entirety of the IPv4 address range looking for vulnerabilities. As the IPv6 address range is so large (128 bits), it becomes impossible to scan the entire range. There was a great recent blog post on The Internet of Stupid Things that highlights the serious security problems we’ll have with IoT if we don’t deal with the address scanning problem, to say nothing about the problem of not even remotely having enough IPv4 addresses to support that many devices.

Considering the many benefits of IPv6, you may be wondering when you’ll be able to start using it. The answer is, probably now. And it might be easier than you realise.

Getting my feet wet with IPv6

I wanted to see if I could get IPv6 support for Neocities, which started my investigation into the current state of IPv6. At that point, I didn’t really know a lot about actually using IPv6. Before I enabled it on my servers, I wanted to get it working on my laptop and home network. I didn’t just want to ping the server from another server, I wanted to test the complete end-user experience myself.

The first thing I did was contact my ISP to see if they supported IPv6, and it turns out they did. Surprisingly to me, this is already true for many (if not the majority) of ISPs in the USA. Comcast, Time Warner Cable, Verizon, Cox, AT&T, Charter, and CenturyLink all have active support for IPv6, and that’s just the largest ISPs in the United States, representing approximately 78 million subscribers.

The way these ISPs provide IPv6 today is with a “Dual Stack” configuration, essentially providing both an IPv4 and IPv6 address at the same time. This allows you to start getting your feet wet with IPv6 while still supporting sites and software that haven’t switched over yet.

After confirming support from my ISP, my next goal was to figure out how to actually turn it on.

Configuring your WiFi router

If your ISP supports IPv6 and you have a modern WiFi router, this may be the only thing you need to actually configure to get IPv6 working on your home network.

My personal computer only had an IPv4 address being assigned to it from my WiFi router (which I confirmed by visiting an IPv6 test site?, so something clearly needed to get configured on it to enable IPv6.

I started by logging into my WiFi router (a D-Link DIR-868L) and quickly realised that it not only supported IPv6 but that I was one click away from enabling it. The router informed me that it would go into an automatic setup mode which would take a few minutes, then it would reboot with IPv6 support. I clicked the button and went for a cup of tea. Before I came back, the WiFi router had rebooted, and my local network now magically had a dual stack IPv4 and IPv6 address assignment and had bound seamlessly to the modem’s IPv6 address assigned by my ISP.

D-Link’s firmware was the easiest I saw for IPv6 configuration, but I also upgraded a network running a CenturyLink router that was fairly easy (though a few steps were somewhat obtuse), and another router running OpenWRT, which has excellent IPv6 support.

Most routers provide pretty good IPv6 support at this point but unfortunately, there are exceptions. Notably, I was surprised to learn that DD-WRT IPv6 configuration was ridiculously complex, and I didn’t feel bold enough to try to enable it. I’m hoping that DD-WRT can work to improve this in the future.

Trying it out

Now that my home network was set up, I focused my attention on enabling IPv6 for my laptop. At this point I braced myself for a headache, assuming the process would be a harrowing effort of digging through complicated config file muck, fixing broken, incomplete or badly configured software.

Here again, I was pleasantly surprised at how easy this process was. I simply rebooted my computer and had IPv4 and IPv6 support running on my machine. Great! But now how do I actually use it with my web browser?

It turns out that was seamless, too. In fact, it’s so seamless that it took me a while to figure out if it was even working. This is possible because most web browsers (I tested Firefox and Chrome) automatically determine whether they should use IPv6 or IPv4. When you type in a domain name, they automatically look for an AAAA record (the DNS A record for IPv6). If it exists, it tries using IPv6, falling back to the A record and IPv4 if necessary. I noticed no performance reduction in this process, though there could be a minor, unnoticeable difference.

The new “problem” was that I couldn’t visually tell when a site was loading with IPv4 or IPv6. To give me better insight into this, I installed the IPvFox add-on, which put a small icon in my address bar that would tell me if the site was loading with 4, 6, or with a combination of the two (Chrome also has a similar plugin called IPvFoo). I strongly recommend installing these plugins to assist you with testing IPv6 support. In addition, it also provides an interesting insight into which websites currently support IPv6 (a surprisingly large number), and which currently don’t.

Many websites have IPv6 support and don’t even realise it. For example, cloud proxy services such as Cloudflare provide IPv6 support transparently to the site they are proxying, whether the upstream web server supports it or not. Their aggressiveness in adopting cutting-edge technology for their infrastructure is notably helping to improve IPv6 adoption, and in fact, could even be responsible for the majority of web servers that currently support it.

Enabling IPv6 for the servers

Now it was time to see if we could enable IPv6 for the Neocities servers. I first went to the server that powered our web application (the front site), and saw that an IPv6 address had already been provided by our data centre operator, and automatically configured on our server.

If your data centre or cloud provider doesn’t automatically provide an IPv6 address, they usually provide an option to get one through a web interface or by contacting support. Once the server has been assigned an IPv6 address, you need to configure your server to use it. Each operating system has a unique way of configuring networking, so follow the relevant documentation to see how to enable IPv6 for your specific OS.

Once the server has been assigned an IPv6 address, I needed to configure the web server software to use it. Like many (if not most) online providers, we use Nginx for both serving sites we host on Neocities, and for proxying our backend web application. So I needed to configure nginx to start listening on the IPv6 address, in addition to the IPv4 one.

We use a custom compile of nginx that’s tuned for our needs, so I had to enable IPv6 by adding –with-ipv6 to the ./configure before compiling, but if you use the prebuilt nginx that comes from software packages, you likely won’t need this step. Once it was compiled and installed, I only needed to add a line to nginx.conf to tell it to also listen on IPv6:

server {
listen 80;
listen [::]:80;
server_name neocities.org;
# … the rest of your server config
}

I then reloaded nginx, and voila, IPv6 support! When I was ready, the last step was to add an AAAA record for that server to my nameservers. Within minutes, users with IPv6 support started automatically using that address, perhaps without even realizing it.

Minor tooling differences

In the process of testing IPv6, I did notice some mild software differences that initially made it difficult for me to test things, and I wanted to mention them briefly. The first notable difference was that I had to wrap the IPv6 address in square brackets for my web browser.

For example, if I wanted to access http://234::3334::44, I had to type it in as http://[234::3334::44]. I also had to use ping6 instead of ping, and use -6 with curl in order to force IPv6. And SSH would fail with square brackets, so I had to leave them out.

Having to deal with these quirks was honestly a little annoying. The one thing I particularly don’t like about IPv6 is weirdness of the colon delimitation. It’s a bit annoying to have to work with it, and I agree with some other writers that think we could do better in this category. It would be nice to see some improvements here in the future, but it’s not a deal breaker for me for the IPv6 adoption we need.

The crazy things IPv6 can do

Lastly, I wanted to mention some pretty interesting experimental projects people are already using IPv6 for. Specifically, I wanted to mention Cjdns, an experimental project that uses private keys to derive IPv6 addresses, enabling trustless distributed routing networks. This works because IPv6 addresses are so large (128 bits), that it’s safe to simply derive them randomly from keypair cryptography. In the future, this could help to address problems like route poisoning and related problems with the present Internet’s trust-oriented routing infrastructure. It’s experimental at this stage, but still a very interesting example of what IPv6 could hold for the future.

IPv6 doesn’t just allow us to add more devices to the Internet; it also enables the possibility of re-architecting the Internet to improve performance, upgrade security, and increase privacy. I’m excited to see what comes next.

Conclusion

All of my ISPs, data centre operators, and cloud service providers supported IPv6. But in many cases, I had to click an extra button to enable it, or explicitly request it. I understand the motive for doing this, as they perhaps wanted to avoid creating any issues with bugs or opening up any unknown security holes. I come from a similar school of thought (don’t turn anything on unless you really need it), but I’m now going to make a rare exception for IPv6.

Router manufacturers, data centres, cloud services: I love how easy you’ve made it to enable IPv6, and I appreciate the hard work you did to enable it, but now’s the time to go one step further. No more “one extra click” or “on request” support: it’s time to enable dual stack IPv6 support by default. When WiFi routers and servers start automatically configuring IPv6 alongside IPv4, we’re going to start seeing a lot more adoption of IPv6. And the farther along we get, the closer we get to being able to finally deprecate IPv4.

This particular technology is working best when its functionality is invisible to the end user. Thanks to the amazing work everyone has put into making IPv6 seamless, most users won’t even notice they’re using it, as everything they do today will continue to work with no noticeable difference. There’s only one thing left for you to do: Turn it on!

Kyle DrakeKyle Drake is a tech entrepreneur and the founder of Neocities.

 

 

 

 

 

The IPv4 Transfer Process

By Cathy Clements, Transfer Services Manager, ARIN

Ever since we officially depleted our IPv4 free pool back in September 2015, we’ve seen more and more interest in transferring IPv4 address space. We know that if this is your first time going through the transfer process, it can seem a little confusing, so we wanted to guide you through the process.

Check out the flowchart below to help you get started in the IPv4 transfer process. Whether you already have IPv4 address space and you’re looking to transfer it, or you need to acquire IPv4 address space, this graphic should point you in the right direction.

IPv4 Transfers Flowchart

ARIN 37 Day 3 Daily Recap

By Jennifer Bly, Public Relations and Social Media Coordinator, ARIN

Though it’s hard to believe, ARIN 37 has already come and gone.  Today was the third and final day of our Public Policy and Members Meeting in Montego Bay, Jamaica.   Over the last few days, community members have discussed policies, networked with colleagues, and learned more about regional and global issues affecting Internet number resources.

ARIN 37 Meeting Photo

Today’s sessions took us through many topics at the heart of ARIN as an organization. We first heard about a new Services Working Group that has been created to assist with the consideration of proposed changes to ARIN’s services.  Then we heard departmental reports from Communications and Member Services, Engineering, Global Registry Knowledge, Financial Services, Human Resources and Administration, and Registration Services.  A few highlights included:

There were also reports on ARIN finances, the Advisory Council, and Board of Trustees. We wrapped up the meeting was one last open microphone session, during which attendees covered outreach to the Caribbean, IPv4 address space, and more. If you are interested in referencing the slide decks from today’s meeting, all are already available on the ARIN website. In a few days, full transcripts, notes, and webcasts will be posted as well, so stay tuned.

Thanks to everyone who participated in ARIN 37 both onsite and online for making this a successful and enjoyable meeting.  While it’s still fresh in your mind, don’t forget to save the date for the next ARIN meeting in Dallas, Texas from 20-21 October 2016.

 

ARIN 37 Day 2 Daily Recap

By Jennifer Bly, Public Relations and Social Media Coordinator, ARIN

Today marked Day 2 of the ARIN 37 Public Policy and Members Meeting.  First thing this morning we heard updates from the Number Resource Organization (NRO) comprising the five Regional Internet Registries (RIRs).  We received reports from our RIR colleagues about their respective regions.

ARIN 37 Day 2 Photo

The three policies discussed in detail today included:

In a special IANA Transition Panel, we heard about the current status of the IANA stewardship transition proposal and where it stands now. We also saw presentations on policy simplification and ARIN software development.  Lastly, we rounded out the day with an open microphone session that included topics from legacy address space to future IANA delegations.  We continued to enjoy chatting with you on Twitter about the meeting using #ARIN37.

In the coming weeks, complete webcasts, transcripts, and abbreviated notes from the entire meeting will be posted online.  In the meantime, downloads of all the slide decks presented at the meeting are already available. Don’t forget that you can participate in the last day of ARIN 37 tomorrow morning whether you’re onsite in Jamaica or online anywhere in the world.  See you again tomorrow!

 

ARIN 37 Day 1 Daily Recap

By Jennifer Bly, Public Relations and Social Media Coordinator, ARIN

Community members from across the ARIN region convened to discuss Internet number resource policy at the ARIN 37 Public Policy Meeting in Montego Bay, Jamaica. See below for a high-level view of what happened during the first day of ARIN 37 and check back in again on Tuesday and Wednesday for more daily recaps of meeting activities.

ARIN 37 Day 1 Photo

ARIN 37 unofficially kicked off yesterday with an orientation for first time meeting attendees and officially today with an overview of all on-docket proposals.  Next we took a look at the 25 total regional policies that are being discussed in five Regional Internet Registries (RIRs) year to date.  Then we heard a report on ARIN’s policy implementation and experiences that identified areas where new or modified policy may be needed based on operational experience, especially digging into the practice of IPv4 transfers.

In a much anticipated panel talk, an impressive group of industry experts spoke about their own experiences with IPv6 deployment.  In sharing operational success stories, panelists offered their advice regarding IPv6 in the enterprise and took questions from attendees.

The two policies we discussed today included:

In the afternoon, we got an IETF Update that highlighted what happened at the most recent Internet Engineering Task Force (IETF) meeting, and Leslie Nobile, Senior Director of Global Registry Knowledge, provided insights on why it is important to update your information in ARIN’s registry during a session on Whois accuracy.

We enjoyed your tweets about the meeting so far.  Here are some of our favorites using the #ARIN37 hashtag.  Keep up the sharing!

Remember, you don’t have to be with us in Jamaica to participate the next two days of ARIN 37. Remote participants have the ability watch webcasts, follow the live transcript, vote in polls, and submit questions and comments via chat.  All you need to do is register to take full advantage of our remote participation options. See you back again here tomorrow!

 

 

 

The Importance of Maintaining Accurate Whois Data

By Leslie Nobile, Senior Director of Global Registry Knowledge, ARIN

The main purpose of ARIN’s Whois directory service is fairly clear-cut: maintain and display accurate registration records of who has the rights of use to a particular Internet Number resource. Simple enough, right? It’s easy to see how network operators would value this service; but did you know that researchers, law enforcement, and many other community stakeholders also use Whois data for a variety of reasons?

With that in mind, it’s easy to see the importance of maintaining accurate registration records in Whois. Aside from the fact that accurate data helps keep the Internet secure and safe (and quite simply, it’s the right thing to do), there are other reasons that you may not have considered.

Keep Your Resources Safe

ARIN has increasingly found that registration records that haven’t been updated have become the prime targets of hijackers and other potential criminals. The common approach is to find these dormant resource, organization, and Point of Contact (POC) records, and subsequently go through a series of checks to determine if the associated Internet number resources are being used by a viable organization. If it appears that the Internet number resources may not be used or that the registrant is no longer in business, the perpetrators then attempt to emulate the organization so as to take over the organization record and its related resources (including persuading ISPs to begin routing those resources). With enough effort, this type of fraud can lead to a registrant losing control of its resources if not promptly detected.

So what can you do to defend yourself? There are a couple of important steps organizations and individuals can take to protect their Whois data and prevent their resources from being hijacked. The first and most important one is to ensure the timely and accurate maintenance of your Whois data. This includes updating ARIN about any mergers, acquisitions, transfers, or name changes that have taken place over the years. You can make registration updates by logging into your ARIN Online account (or creating a new one if you don’t already have one) and selecting the appropriate request category in the left-hand navigation.

A second, very important step that organizations and individuals can take is to respond to ARIN’s annual POC validation request. Either confirming that your registration information is correct or sending ARIN updated contact information helps to ensure that the Whois database is properly and accurately updated.

Note that the ability to update IP registry records is currently available to all individuals and organizations receiving ARIN services, whether pursuant to a Registration Services Agreement or because the registrant holds legacy number resources issued before ARIN’s formation.

All updates made to Whois records will be reflected in the “Last Updated” date field in Whois. When a potential hijacker sees a recent “Last Updated” date, this is an indicator that the contact and its associated organization are current and active, which can be a significant deterrent to potential hijackers. If you observe an inaccuracy in Whois for other organizations, please let us know so we can work to update the record accordingly. To do so, please click the “Whois Inaccuracy Reporting” link on ARIN’s homepage and fill out a short web form or send an email to hostmaster@arin.net.

We encourage everyone to take the time necessary to update their registration data whenever it changes – remember: it only takes a little effort now to defend yourself against larger problems down the line!

Get Ready to Set Sail for ARIN 37

By Susan Hamlin, Director of Communications and Member Services, ARIN

It’s almost time to pack our bags and ship out to Montego Bay, Jamaica for ARIN 37! We’ll be at the Half Moon resort from 17-20 April and we hope you will too. If you can’t join us on site, I hope you will take advantage of our remote participation options and lend your voice to policy discussions.

ARIN 37 logo

The following policies are on our agenda along with a number of educational updates from ARIN and around the world:

In addition to our usual policy and technical discussions, there will also be a chance for newcomers to get acquainted with ARIN through a special “ARIN at a Glance” event on Sunday afternoon. This is a great opportunity for folks to brush up on the basics of ARIN. We’ll also host two happy hours (one on Sunday evening and one on Tuesday evening) plus a beach barbecue on Monday evening so you can connect with others in the Internet community.

For a full breakdown of events, view the complete day-by-day, hour-by-hour agenda on the ARIN 37 website.

If you’ll be traveling to Jamaica and need help making travel plans or finding things to do, take a look at the following websites:​

If you are joining us online, the remote participation options include a publicly available webcast and live transcript, as well as designated chat rooms to allow registered remote participants to contribute to the policy discussions and open microphone sessions. The live transcript will record the presentations and discussions from the meeting floor, so you can read along to enhance your webcast viewing. Remote registration is free, and all remote registrants will be listed as registered participants on the meeting website and in the archive of the meeting on the ARIN website. More information about remote participation is available here.

Lastly, to keep up with all the latest ARIN 37 happenings (either directly from the meeting or from afar), don’t forget to tweet using #ARIN37.

Whether you’ll be joining us in person or remotely, we look forward to your participation and another great Public Policy and Members Meeting.

Introducing the ARIN 37 Fellows

By Wendy Leedy, Member Engagement Coordinator, ARIN

Just a few more weeks until we head to Montego Bay, Jamaica for ARIN 37! We hope you’re planning to join us and if you are, you’ll keep an eye out for our 15 fellows and say hello. We have a great group coming to ARIN 37 and I’ve been lucky enough to get their thoughts about the upcoming meeting. It’s been a fantastic opportunity for me to learn more about them and what excites them about ARIN and the Internet community.

ARIN 37 Fellows

To better understand each of the fellows’ interest in ARIN and their desire to attend ARIN 37, I first asked, “Why did you apply for a Fellowship?” This led to some interesting insight from our fellows. Patrick Anglin (Jamaica) shared that he wanted his voice to be a part of the Internet governance discussion, and that seemed to be a common theme for many of the fellows. Kevin Powell (Jamaica) also remarked that he was interested in “finding out the latest updates on … IPv4 number allocation and where we are with IPv6.” Andrew Trudgeon (Canada) valued the chance to make new contacts at the last ARIN meeting he attended, and he wished to further his conversations at ARIN 37. Some were even persuaded by others to apply, like Alison Wood (USA), who was encouraged by a coworker who was an ARIN fellow a few years ago and greatly valued the experience.

And after the time spent on their applications, how did the fellows feel when they learned they were selected? I was pleased to learn that Trevor Forrest (Jamaica) was elated, Craig Mollerstuen (USA) was appreciative, and Alison Wood “literally jumped up in the air and cheered!” We’re off to a good start with reactions like those!

Next, I wanted to know what our fellows were most looking forward to at the meeting. Obviously, Jamaica’s sunshine and palm trees are a draw, but what else excites them about being at ARIN 37? Jose de la Cruz (USA) is looking forward to reconnecting with his mentor from ARIN 36 and meeting new network professionals. Andrew Trudgeon is ready for some “open discussion from some extremely bright minds in the field” and Gerry George (Caribbean) is excited about “the opportunity to meet with ICT peers at the following CaribNOG event.” Trevor Forrest is excited for the chance to network as well as have some discussions about how the regulatory and policy framework in his country can be improved.

What about the takeaways? We all know there’s a lot to gain by attending an ARIN Public Policy and Members Meetings, but what is the number one experience or piece of knowledge our fellows hope to gain?

Margaret Leon (Caribbean) is eager to learn more about ARIN’s general activities – undoubtedly a worthwhile goal. Michael Lerer (Canada) “would like to gain a better understanding of how the consumer, product, ISP, and hardware participants interact, and the economic factors that influence strategy decisions for those stakeholders.” Alyssa Moore (Canada) is looking to find out how she and her organization can “engage in and contribute to the policy development process.” DNS registration and address space management are on the mind of Gary Campbell (Jamaica), and Andrew Trudgeon and Craig Mollerstuen are both eager to learn about smaller Internet Service Providers making the move to IPv6. Learning more about IPv6 was a common theme, I quickly discovered!

It’s clear that there will be plenty to do at ARIN 37, and a lot to learn, but our fellows aren’t just thinking about the here and now – they’re also looking to the future and keeping in mind how to put all they learn into action. Patrick Anglin is looking forward to drafting effective strategies for enabling the increased use of technology in the Caribbean, specifically Jamaica. He hopes this will ultimately foster societal (not just economic) development. Daledrey Barrow (Caribbean) looks to inspire others to become involved in the local and international Internet registration process. Gerry George is looking at it a bit differently – he is excited that after participating in online sessions in the past, he can now get some first-hand and up-close experience with the meetings and gain a greater appreciation of the outcomes of the various discussions. And Roger Caruth (USA) anticipates being “actively involved in working groups, conducting research, and presenting literature for public consumption.” We look forward to your input, Roger!

All in all, it was great for me to have the chance to get to know our fellows a little better and on a more personal level. I’m looking forward to meeting them in Jamaica, and I hope I’ll get to meet you there too!

Stay in the Loop by Subscribing to a Mailing List

By Hollis Kara, Communications Manager, ARIN

There’s a lot going on at ARIN at any given time, which means there’s a lot for you – the community – to take in. What’s the easiest way to make sure you stay in the loop? The answer is simple: subscribe to one of our mailing lists.

uptodate

Whether you prefer to watch from the sidelines or become an active participant, ARIN’s Mailing Lists offer something for everyone in the community.

Stay Informed

ARIN Announce (arin-announce@arin.net)

Subscribe

This read-only list provides information on issues affecting the community, including elections, meetings, policy updates, training opportunities, and other ARIN events.

ARIN Issued (arin-issued@arin.net)

Subscribe

A read-only list open to the general public used to provide a daily report of addresses returned and addresses issued directly by ARIN or address blocks returned to ARIN’s free pool as requested in ACSP Suggestion 2008.2.

ARIN Suggestions (arin-suggestions@arin.net)

Subscribe

A read-only list open to the general public used to provide notification to community of new ACSP suggestions and ARIN responses.

Shape the Future

Public Policy (arin-ppml@arin.net)

Subscribe

This open forum plays an important role in our Policy Development Process. Raise and discuss issues surrounding existing and proposed policies. Opinions expressed here are reviewed by the Advisory Council to help determine consensus for policy proposals.

ARIN Consultation (arin-consult@arin.net)

Subscribe

This open list is part of the ARIN Consultation and Suggestion Process, and is used by ARIN’s senior leadership to solicit community feedback on important issues.

ARIN Technical Discussions (arin-tech-discuss@arin.net)

Subscribe

Open to the general public, this list allows us to gather technical feedback for ARIN on experiences in the use or evaluation of current ARIN services and features in development.

ARIN Discuss (arin-discuss@arin.net)

Subscribe

This member-only list is used to solicit feedback and discuss ARIN-specific issues such as fee structures and internal policies.

Note: To use any of these lists, you must adhere to ARIN’s Acceptable Use Policy (AUP).

We also provide links to publicly viewable archives of all our mailing lists. Don’t want to clutter your inbox? You can always take advantage of the RSS feeds of website announcements as well as the ARIN Issued, Public Policy, and ARIN Suggestions Mailing Lists, giving you one more way to stay updated and informed.

That’s all there is to it. Enjoy, and don’t be afraid to jump into a discussion!

 

Adventures in UI Improvement

By Jan Blacka, Senior User Experience Specialist, ARIN

Every site has different needs and issues that need addressing, and it can be challenging to fix existing issues while developing new features. We recently took the time to step back and take a hard look at our ARIN Online user interface (UI). The bad news: there is a lot of work to do, and it will be a painstaking and complex process. The good news: the ARIN team is ready for it.

Are we crazy? Maybe. But we’re recognizing the importance of UI improvements more and more every day, and we have our community to thank for nudging us along. As a matter of fact, it was in response to a suggestion via the ARIN Consultation and Suggestion Process that we specifically included UI improvements in our 2016-2017 Strategic Plan (see #4 on pages 3 and 4). So while we balance organizational needs and priorities, we are working small improvements in where we can and laying the groundwork for other changes down the line.

UI Improvements

The biggest changes we’ve made so far are to the navigation menu in ARIN Online. These changes were just rolled out on 12 March, so if you haven’t had a chance to fully explore them yet, let us summarize:

  • All of the functionality in ARIN Online previously had to be accessed through 10 flat-hierarchy menu items. To make room for the planned new SWIP-EZ functionality, the 10 were consolidated into seven top-level items plus Ask ARIN.
  • We re-ordered the items to group like things with like. The somewhat enigmatically-named MANAGE & REQUEST RESOURCES menu item is now broken out into “IP Addresses” and “ASNs” to make the labels more immediately meaningful to the people (router and network geeks) who are typically responsible for managing these things.
  • We added “hint” text (the smaller, yellow text) to secondary menu items to clarify terminology used in the main label and remove some of the guesswork about what you can do in ARIN Online.
  • We grouped user profile items with our Point of Contact and Organization ID records because all of these items are fundamentally about people who work with Internet numbers, not the Internet numbers themselves.
  • The visual presentation is now much more readable (we used to use all caps – now we’ve switched to mixed case) and takes advantage of the click-to-expand design pattern to give you control over the level of detail you see.
  • We’ve taken advantage of the badge design pattern to let you know at a glance how many unread Message Center messages you have.

On top of the changes we’ve already made, we’re working with you – the ARIN community – to make even more. We’re reaching out to the people who use our tools the most to learn how you think about the work you do in ARIN Online. We’re also paying attention to common pain points as evidenced by questions coming in through calls and emails, and finding ways to ease those pain points though improvements to ARIN Online.

Lastly, just as you can’t really proofread your own copy or test your own code, you can’t user-test your own interfaces. So we’re getting some face-time with you at ARIN on the Roads and conducting usability tests to test our assumptions and uncover any new pain points we are introducing with new features.

We appreciate your patience as we make these important updates and we hope you’re as excited about the changes as we are. While making UI improvements can seem daunting at first, we keep remembering that it’s akin to adopting IPv6 – we just have to do it!

P.S. Have a few minutes to spare for the good of the community? Volunteer to do some testing via screen sharing! Send an email to info@arin.net and be sure to reference this blog.

Calling All Member Organizations: Check Eligibility and Save the Date for the 2016 ARIN Elections

By Wendy Leedy, Member Engagement Coordinator, ARIN

ARIN Membership has its perks, but the privilege to vote for the Board of Trustees, Advisory Council, and Number Resource Organization Number Council (NRO NC) is undoubtedly the most important benefit of membership. ARIN Elections give you the chance to direct the future of ARIN, our community, and the Internet itself – no small task!

While October may feel far off, it will be here before you know it, so it’s important to save the date now for this year’s ARIN Elections. Mark your calendars: the polls open on 20 October 2016 for member voting to seat representatives on the 2017 ARIN Board of Trustees, Advisory Council, and NRO NC.

ARIN Elections

This year, ARIN Elections will be accessible exclusively through ARIN Online to provide Voting Contacts a consistent and seamless voting experience. Implementing this change requires all General Members in Good Standing to designate one person who has an ARIN Online web user account linked to the organization as its Voting Contact. The Voting Contact is key in the election process: s/he is the sole individual eligible to participate in the election for their organization so it is critical that every member organization verify this contact is up to date.

It’s important to note that a member organization’s Voting Contact must be on record with the Communications and Member Services Department no later than 45 days before a ballot or election. This year, the deadline to establish voter eligibility is 6 September 2016.

Once the polls are open, that’s your time to make your voice heard. Make sure you review the election system instructions on our website beforehand so you’re all ready to go when the time comes to vote. If you’ve forgotten your ARIN Online username or password, visit the Login Assistance page.

The polls will close on 28 October 2016, giving you just over a week to participate in this important process. You can also expect a call from ARIN during election time with a friendly reminder that it’s time to vote. The results of the elections will be announced no later than 4 November 2016. For other key elections dates, check out the calendar on the Election Headquarters page.

If you have any questions about the voting process, email me at members@arin.net for assistance. It’s your voice, your vote; make it count! We’ll see you in October!

Move Your Career Forward at ARIN

By Erin Alligood, Director of HR and Administration, ARIN

If you’re reading this blog, there’s a good chance you know that ARIN provides essential services related to the technical coordination and management of Internet number resources. But here’s something you may not have ever stopped to think about: there’s an actual group of real, live people leading this effort.

Join the ActionARIN is made up of some amazing, intelligent, and forward-thinking employees who are passionate about moving the Internet forward. If this sounds interesting to you, ARIN is currently hiring and we’re inviting you to apply to become part of the ARIN team!

Here are some of the things we’re proudest about when it comes to working at ARIN:

  • ARIN has great employee retention – in fact, our retention rate is 95% and the average employee tenure is five years.
  • Many of our team members were referred by other ARIN employees, demonstrating that employees enjoy working at ARIN so much that they’re telling others about it.
  • ARIN provides great benefits at a minimal cost to our employees.
  • ARIN is growing but we are also stable and dependable – we’ve been at it since 1997 and we show no signs of slowing down!

If we’ve convinced you that working at ARIN is a great opportunity, take a look at the list of our job postings on the ARIN website. We are currently looking to fill several positions, including a Paralegal/Staff Attorney in the Registration Services Department (RSD) and a Policy Analyst in the Communications and Member Services Department (CMSD). If you think you might be a good fit for one of these opportunities, follow the instructions included in the description to apply.

We hope to see your application soon!

Note: ARIN offices are located in the Washington, DC metro area in Chantilly, Virginia.

ARIN on the Road: Coming Attractions

By Susan Hamlin, Director of Communications and Member Services, ARIN

Since 2010, ARIN on the Road has been your chance to see the human face of ARIN while staying up to date on the latest happenings. These one-day, no-cost educational events cover everything from requesting IP addresses and Autonomous System Numbers (ASNs), to the status of IPv6 adoption, to current policy discussions and ARIN technical services such as DNSSEC and resource certification. If you ever find yourself with questions about how to interact with ARIN’s online services, this is the event for you. We even offer an optional Ask ARIN session and the chance to speak one-on-one with an ARIN staff member.

AOTR Tampa

Since the program is designed to bring new faces and voices into ARIN, we try to visit as many cities across the ARIN region as we possibly can. We look at not only where we haven’t been before, but also where we have a large concentration of members. So far we’ve made our way to 32 cities, and in 2016, we’ll add several more cities to the list.

Mark your calendar for these upcoming ARIN on the Roads:

  • ARIN on the Road: Austin – registration now open
    • 22 March in Austin, TX
  • ARIN on the Road: Edmonton
    • 3 May in Edmonton, AB, Canada
  • ARIN on the Road: Pittsburgh
    • 2 June in Pittsburgh, PA

That’s all we have scheduled for now, but more destinations will be added in the coming months. Keep an eye on our ARIN Meetings page for future dates and locations.

We hope you will make sure to attend if we stop in a city near you! And if we haven’t made a stop by you yet, let us know in the comments and we’ll try to visit your city soon.