Address registry

From Citizendium, the Citizens' Compendium
Jump to: navigation, search
This article is developing and not approved.
Main Article
Talk
Related Articles  [?]
Bibliography  [?]
External Links  [?]
Citable Version  [?]
 
This editable Main Article is under development and not meant to be cited; by editing it you can help to improve it towards a future approved, citable version. These unapproved articles are subject to a disclaimer.

An address registry[1] manages the uniqueness and administration of several types of numeric identifier used in the public Internet:

These identifiers are critical to the Internet infrastructure, especially the proper operation of global routing using the Border Gateway Protocol (BGP). Address registries may also maintain a routing registry containing the routing policies of the Autonomous Systems under its jurisdiction. These are all highly technical elements of the infrastructure, which, so far, do not get significantly into the legal, commercial, and economic competition involved with the Domain Name System.

Relationship to the domain name system

A different set of registries are involved with Domain Name System (DNS) administration and management. The one role in which address registries interact with DNS is maintaining "reverse lookup" databases, which, when searched with an address or ASN, return the name of the domain, if any, associated with the numeric identifiers.

The RIRs have tried to stay neutral technical bodies, not involved in the controversies surrounding names. As opposed to domain name system registrars, which act as brokers and customer agents to domain name system registries, the RIRs are not-for-profit.

Address assignment policy is based on the assumption of fair sharing of a limited resource. Where speculators may obtain potentially attractive domain names that have nothing to do with their actual business, and sell the rights, at a premium, to the organization logically identified by that name, address registries will not cooperate in speculation or private sale of address space.

Major registries

There are five major Regional Internet Registries, at a roughly continental level. They cooperate closely, but, in principle, operate under the technical authority of the Internet Corporation for Assigned Names and Numbers (ICANN), as Address Supporting Organizations (ASO). Applicants for identifiers submit justifications for the identifiers to the registry, and, if approved, are allocated the appropriate identifier(s).

Region Registry name Link
North America American Registry for Internet Numbers http://www.arin.net/registration/templates/index.html
Europe RIPE Network Coordination Centre http://www.ripe.net/rs/as/
Asia-Pacific Asia-Pacific Network Information Center http://www.apnic.net/policy/asn-policy.html
Latin America and Caribbean Latin American and Caribbean Network Information Center http://lacnic.net/templates/asn-template-en.txt
Africa AfriNIC http://www.afrinic.net/documents.htm#templates

RIRs differ in if and how they further delegate address management. Formally, allocation is the process by which a registry issues an identifier to a recipient that will control it for a long time, such as an Internet Service Provider (ISP). If an ISP "leases" identifiers to a customer, with the customer required to relinquish it on termination of the business relationship, that process is called assignment. In practice, allocation and assignment tend to be used interchangeably.

Some RIRs have a formal delegation process to a lower-level tier of registries. In Europe, ISPs that will take on the administrative responsibilities may become local internet registries. In Latin America, there are some national-level registries, as for Brazil and Mexico.

Address assignment: registry vs. provider

Blocks of addresses fall into two general categories, provider-independent (PI) and provider-assigned (PA). The first stays with an organization until the identity of the organization changes, through such things as acquisition, merger or divestiture — and these things happen and can be real challenges. The second comes from a service provider, and, usually with a grace period, must be returned when no longer using that provider.

Provider-independent IPv4

The rules are best defined for IPv4. The original global policy document is obsolescent but still worth reading [1] Its key points are that address space is a finite resource, and address blocks of a given size must be justified as likely to be used in the near term rather than for administrative convenience. Another key point is that not only the absolute number of addresses is important, but the number of prefixes (i.e., the identifier of a block of addresses) is critical to the global Internet routing systems. A given router has a certain number of "slots" to store prefixes in its routing table. It is also the case, admittedly with qualifiers, that increasing number of finer-grained prefixes mean the global routing tables need more frequent updates, which consumes both bandwidth and control plane processing power & memory.

In general terms, PI address space is justified for one of two reasons:

  1. It can be demonstrated that enough addresses will be needed, in the moderate term, that it makes operational sense to have this prefix be unique in the routing system. The target size, in IPv4 terms, is usually that the organization would make immediate use of at least half, and possibly 80%, of a new block. In IPv4 terms, the smallest allocation of this type is a /20. While it is understood that real-world network layout will not allow a completely efficient assignment, a /20 can take a theoretical maximum of 4094 hosts.
  2. The using organization is multihomed to multiple service providers, and increasingly demanding technical requirements of multihoming need to be independent of a specific provider. In general, the application for a relatively small amount of PI multihomed address space needs to be able to show contracts with at least two upstream ISPs to which it will be multihomed. The smallest multihomed block is a /24, which can have a maximum of 254 hosts.

The registry may ask an applicant to show an engineering plan of how the address space will be user, so it can verify addresses are being used efficiently. It may wish to know if other address conservation techniques, which may not be operationally feasible in every case, have at least been considered, such as dynamic address assignment and network address translation into private addressing space.

Provider-assigned IPv4

Providers can "lease" a portion of their address space to their customers, which may be lower-level service providers or end user enterprises. Provider-assigned (PA) address space must be returned after terminating a relationship with the provider; technical as well as economic reasons exist why they would be unwilling to sell a "hole" in their block.

Since the providers' efficient address use may need to be justified if they request additional allocations, they will apply subsets of the PI rules to their customers. It may be that neither a provider nor a registry will be willing to give an organization as much space as it wants. Such denials are usually fair, and indicate that the customers' address management techniques could be approved, or they are demanding resources based on business plan rather than verifiable use.

IPv6

See also: Internet Protocol version 6 address management

Provider-independent IPv6

PI address space will be far easier to obtain in an IPv6 world, and may be the standard for most organizations, much as it was in the early days of IPv4. Still, there may be turnkey installations where a service provider will find it convenient to assign part of the provider's PI space.

A working assumption among address registries is that most enterprises will qualify for a /48, which allows 65k subnets (larger allocations are possible, simply requiring justification). When considering this number of subnets, remember that the large address space is meant to avoid the complexities of the many lengths of subnets common in real-world IPv4 implementations. The IETF assumes that except for loopbacks, no subnet will use prefixes longer than /64 and the /128 loopback assignments would normally come out of a specific /64 block.

Using a /56 for small and home office (SOHO) seems a common assumption.

Service providers would also receive a /48 unless they can demonstrate a need for a shorter prefix.

Provider-assigned IPv6

There is some interest in PA IPv6 space, especially for sites with multiple providers, since it may tend to provide load sharing among the providers. Fault recovery, however, becomes more complex, if a host is being reached through one provider and remains accessible through a different provider.

References

  1. 1.0 1.1 Hubbard, K. et al. (November 1996), Internet Registry IP Allocation Guidelines., Internet Engineering Task Force, RFC2050
  2. Hawkinson, J. & T. Bates (July 1996), RFC 1930: Guidelines for creation, selection, and registration of an Autonomous System (AS)