stephen at sprunk.org
Fri Jun 1 00:39:24 UTC 2007
Thus spake "Jeroen Massar" <jeroen at unfix.org>
> Stephen Sprunk wrote:
>> First of all, there's disagreement about the definition of "site",
> The general definition of a site that I find appropriate is and
> works pretty well as a rule of thumb:
> "A site is defined by it having a single administrative domain".
That's a good rule of thumb; I'm curious how close it is to what ARIN staff
uses when evaluating requests, though. Or if staff let the requestor define
"site" themselves since policy doesn't.
> As such, if you have for example an NREN, most likely every
> University will have their own Networking Department, with their
> own administrators of that network. As such, every university is
> a site.
That's reasonable, if for no other reason than the number of universities is
manageable and there's no doubt they're independently managed -- follow the
money. However, I'd argue that NREN is an LIR and the universities are
> When the University is very large, it will have multiple
> administrative portions, eg generally Computer Science will
> have their own folks managing the network.
That can be handled by subdividing the /48 that goes to the U.
> When you have a large company, the company is also split
> over several administrative sites, in some cases you might
> have a single administrative group covering several sites
> though, this allows you to provide them with a single /48 as
> they are one group they will know how to properly divide that
> address space up.
In my experience, there tends to be one corporate IT group that handles
stuff like connectivity to other orgs, and several subordinate IT groups
that manage their part of the network. That can be handled with chopping up
In the case of the rare (typically multinational) org where the groups run
independent networks that talk BGP to each other and/or have their own
uplinks, it'd be fair for ARIN to consider each group a separate site or
even org if requested. Ditto if a single org had multiple separate networks
but only one IT group (e.g. hosters).
> It comes sort of close to an AS actually, except that an AS
> tends to cover a lot of sites.
An end-user AS tends to cover a lot of locations. By definition, it
describes an area with a single coherent routing policy and administrator.
An ISP AS may cover a lot of sites because leaf sites are part of their
upstream's AS as far as routing is concerned.
> If you have 40k sites, then a /32 is a perfect fit for you. There
> are not too many organizations that come close to that though,
> making /32's excellent for most organizations, except the very
> small ones. These can request a /48, or something upto a /40
> for that purpose.
Let's take our canonical example of McDonald's. Does each store (let's
assume they're all company-owned, not franchisees, for a moment) really
count as a "site"? It's definitely a location, but if there's a single IT
group that manages all 100k or so of them, I'd argue they're all one "site",
certainly one org, and not an LIR. Give each store a /60 (to make rDNS easy
and allow for growth), and McD's as a whole would get a /40 or so (to allow
for internal aggregation).
However, as I noted, some folks would consider McD's an LIR and want to give
them a /30 or shorter. I think that's wrong, but policy doesn't clearly say
either way. Looking at WHOIS doesn't help much, since many obvious end-user
orgs like Cisco got LIR allocations back when there was no end-user PIv6
policy; who knows what they'd be told today if they applied with the same
rationale. (Though presumably they wouldn't try since assignments are far
cheaper to renew)
Stephen Sprunk "Those people who think they know everything
CCIE #3723 are a great annoyance to those of us who do."
K5SSS --Isaac Asimov
More information about the NANOG