• Date Prev
• Date Next
• Thread Prev
• Thread Next
• Date Index
• Thread Index

[sig-policy] Prop-115 returned to author for further consideration

• To: "sig-policy at lists dot apnic dot net" <sig-policy at lists dot apnic dot net>
• Subject: [sig-policy] Prop-115 returned to author for further consideration
• From: Masato Yamanishi <myamanis at gmail dot com>
• Date: Sun, 13 Sep 2015 00:15:17 +0900
• Delivered-to: sig-policy at mailman dot apnic dot net
• Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=GkPQgq6Ke/OMwMtw31myqpM6crxtooTer5LV0xraGqM=; b=vvkqtOX5XT+YsjfcB3I1cSaipSVjiY3KtLGo3+4WV/VoPlAkC4dEaHYsxh7pBQgDr9 U4sSdYJNR+xdu0bJPqM/R8cM4w0cch7rVsfBnOV0YjpMhlJ9oGJz+InzhyLwhw7XpdwY IBY2jrEAT2bNzNRkkmSf+xRhrOxmGwUXwLmnBdf0/XIgVci5xHTpkzHK/qsD6gcRZVIx sXNa1GZhdUB6O8/LfRyXDU6GMQfGmDMrNRwoFMDUlFhvGcabj7SXbXnGxodTcFdaspXx uhg+DXQWwvwAfuSqK24mt7h5VHV8szzn5x4+rUVSbe5DwU/X7nbhrD0+idEA8nnFMe30 a93g==
• List-archive: <http://mailman.apnic.net/mailing-lists/sig-policy/>
• List-help: <mailto:sig-policy-request@lists.apnic.net?subject=help>
• List-id: APNIC SIG on resource management policy <sig-policy.lists.apnic.net>
• List-post: <mailto:sig-policy@lists.apnic.net>
• List-subscribe: <http://mailman.apnic.net/mailman/listinfo/sig-policy>, <mailto:sig-policy-request@lists.apnic.net?subject=subscribe>
Dear colleagues

Version 3 of prop-115: Registration of detailed assignment information
in whois DB, did not reach consensus at the APNIC 40 Open
Policy Meeting.

The Policy SIG Chair requested the Secretariat conduct further research
into the problem statement and returned the proposal to the authors for
further consideration.

Proposal details
----------------

This proposal seeks to require LIRs to register accurate filtering
information, such as IPv4 port-range information and IPv6 assignment
prefix size.

Proposal details, including the full text of the proposal, history, and
links to the APNIC 40 meeting archive, are available at:

         http://www.apnic.net/policy/proposals/prop-115

Regards

Masato and Sumon



------------------------------------------------------------------------
prop-115-v003: Registration of detailed assignment information in
               whois DB
------------------------------------------------------------------------

Proposer:       Ruri Hiromi
                hiromi at inetcore dot com

                Tomohiro Fujisaki
                fujisaki at syce dot net


1. Problem statement
--------------------

    Recently, there are some cases need to get IP address assignment
    information in more detail to specify user IP address.

    Without this information, operators cannot filter out specific
    address range, and it might lead to 'over-filter' (i.e. filtering
    whole ISP's address range).

    For example:

    1) 'Port' range information in IPv4

       ISPs are using 'CGN' or other kinds of IPv4 address sharing
       technology with assignment of IP address and specified port
       range to their users.

       In this case, port information is necessary to specify one user.

       ex) 192.0.2.24/32 1-256 is for HomeA
       192.0.2.24/32 257-511 is for HomeB

       or 192.0.2.0/24 1-65536 is shared address of ISP-X
       minimum size is /32

    2) address assignment size information in IPv6

       The IPv6 address assignment size may be different from ISP and
       its service estimation. Address assignment prefix size will be
       necessary.

       ex) 2001:db8:1::0/56 is for HomeA
       2001:db8:1:1::0/48 is for HomeB

       or 2001:db8:1::/36's minimum size is /56


2. Objective of policy change
-----------------------------

    Lots of operators look a record when harmful behavior coming to
    their network to identify its IP address confirming it can be
    filtered or not.

    The goal is providing more specific information to support these
    actions.


3. Situation in other regions
-----------------------------

    No same regulation/discussion can be seen in other regions.


4. Proposed policy solution
---------------------------

    Provide accurate filtering information generated from whois DB.

    For IPv4, propose to add 'port range' information to IP address
    entry.

    For IPv6, propose to provide 'assignment prefix size' information
    for specific IPv6 address.


5. Advantages / Disadvantages
-----------------------------

Advantages:

 - operators can set filtering by IP address based on correct assignment
   information base.

 - users who share same address space can be avoid to be including bulk
   filtering.

Disadvantages:

 - registration rule will move to more strict manner.

 - strict watch and control in registration of database records.

 - additional record or option will be considered.

 - privilege for withdrawing detailed information will be set for these
   records.


6. Impact on APNIC
------------------

    This might be beyond the scope of using whois DB and appropriate
    changes in policy document or guidance to whois DB will be needed.

    Some kind of modification cost in whois DB might be needed to set
    access privilege to the detailed information.

    Some kind of modification cost in whois DB might be needed in
    Help message/Warning/Alert when whois DB has non-privileged access.

    Some kind of promotion cost might be needed in announcing.

    Need cooperation and support from members(ISPs).

7. Other Consideration
----------------------

    For the security reason, this detailed records may be able to see
    only by operators.(some kind of user control/privilege setting is
    needed)

    For hosting services, /32 in IPv4 and /128 in IPv6 registration
    should be discussed based on its operability and possibility. But a
    harmful activities to filter by IP addresses are coming from hosting
    services as well. Here it seemed to be some demands.

    Some ISP use IRR DB to notice their filter policy towards BGP
    community with "remarks" filed in aut-num record. Need more
    discussion among APNIC members on using whois DB versus IRR DB.

    Start a pilot project for research its demands and effectiveness
    in APNIC region. APNIC is a worthy body to lead this pilot project.

    There are some opinions that it is not suitable to handle those
    issues at the Internet Registries (IRs), but we think it should be
    registered in the IRs database since that is part of assignment
    information.

References
----------

    TBD



• Date Prev
• Date Next
• Thread Prev
• Thread Next
• Date Index
• Thread Index
• Date Prev
• Date Next
• Thread Prev
• Thread Next
• Date Index
• Thread Index
• Prev by Date: [sig-policy] Participate in the APNIC Open Policy Meeting
• Previous by Thread: [sig-policy] Participate in the APNIC Open Policy Meeting
• Index(es):
  • Date
  • Thread