[AusNOG] [pacnog] RIPE NCC Position On The ITU IPv6 Group

[David Conrad]

Hi Fred,

On Feb 26, 2010, at 11:51 PM, pita at connect.com.fj wrote:
> Keep the minds open as there are some real valid and serious issues here. 

I tend to agree.

> I would really like to hear good strong arguments for both sides

The ITU efforts are being discussed a bit on NANOG right.  Danny McPherson raises some interesting issues in response to a note by Steve Bellovin (attached).

Regards,
-drc

> From: Danny McPherson <danny at tcb.net>
> Date: February 26, 2010 6:38:01 PM PST
> To: "nanog at nanog.org list" <nanog at nanog.org>
> Subject: Re: [Fwd: [members-discuss] [ncc-announce] RIPE NCC Position On The ITU IPv6 Group]
> 
> 
> On Feb 26, 2010, at 4:41 PM, Steven M. Bellovin wrote:
> 
>> 
>> I think that "PTT" is the operative token here, but for reasons having
>> nothing to do with competition.  If all they wanted was competition,
>> the easy answer would be to set up more registries -- or registrars
>> -- not bounded by geography; as long as the number wasn't too large, it
>> wouldn't do too much violence to the size of the routing tables.
>> 
>> If a PTT-like body is *the* registry for a country, and if the country
>> chose to require local ISPs and business to obtain address space from
>> it, what's the natural prefix announcement to the world?  Right -- that
>> country's registry prefix, which means that all traffic to that country
>> just naturally flows through the PTT's routers and DPI boxes.  And it
>> benefits everyone, right?  It really cuts down on the number of prefixes
>> we have to worry about....
> 
> Until routing domains (i.e., ASNs) are carved up to become congruent 
> to national boundaries for national security, censorship or other 
> reasons.  When this happens, not only will those IPv6 prefixes become
> fragmented, so to will their legacy IPv4 space, and certainly to the 
> detriment of routing scalability, security, and stability.
> 
> Then add something like RPKI to the mix and you've got a very effective 
> hammer to enforce national policy - all network operators will use 
> the national RPKI trust anchor, and all of your address space will be 
> allocated (and certified) strictly from this national Internet registry 
> - so that they can surgically control precisely who can reach you, and who 
> you can reach - within the whole of the global routing system, and 
> DPI, tariffing, etc.. are all much akin to models of yester that they 
> can wrap their heads around.
> 
> And all the efforts and bottom-up policy driven by the RIRs in the 
> current model will dry up, as will the RIR revenue sources, and their
> much wider contributions to the Internet community.  
> 
> If you think the RIRs and the current model sucks, well, consider 
> the alternatives.  For that matter, so to better the RIRs and their
> constituents.
> 
>> It's funny -- just yesterday, I was telling my class that the
>> Internet's connectivity was not like the pre-deregulation telco model.
>> The latter had O(1) telco/country, with highly regulated
>> interconnections to anywhere else.  The Internet grew up under the
>> radar, partly because of the deregulatory climate and partly because
>> especially in the early days, it wasn't facilities-based -- if you
>> wanted an international link to a peer or a branch office, you just
>> leased the circuit.  The result was much richer connectivity than in
>> the telco world, and -- in some sense -- less "order".  Syria wants to
>> roll the clock back.
> 
> I can't believe that the current model of more dense interconnection, 
> continued disintermediation, and a far more robust IP fabric would 
> evolve to be more resilient and robust from national Internet registry 
> allocation models or the Internet routing system rearchitecting that's 
> sure to follow.
> 
> Of course, if the ITU-T is serious about this, they should probably be 
> asking for a good chunk of 32-bit ASNs as well, but that's a bit more
> difficult to do under the auspices of liberating IPv6. 
> 
> -danny
>