Lightly used IP addresses

Jeffrey Lyon jeffrey.lyon at blacklotus.net
Sat Aug 14 04:12:27 UTC 2010


John et al,

I have read many of your articles about the need to migrate to IPv6
and how failure to do so will impact business continuity sometime in
the next 1 - 3 years. I've pressed our vendors to support IPv6 (note:
keep in mind we're a DDoS mitigation firm, our needs extend beyond
routers and switches) and found that it's a chicken and egg situation.
Vendors are neglecting to support IPv6 because there is "no demand."
I've pointed out your articles and demanded IPv6 support, some are
promising results in the next several months. We will see.

Meanwhile, there are hosting companies, dedicated server companies,
etc. with /17 and /18 allocations who are either forging justification
or wildly abusing the use of that space outside of the declared need.
I know of at least a couple of companies roughly the same size as my
own that fit this category. I'm actually a customer of one company
that will sell a /24 without substantial justification (eg. just write
"SSL web sites" in a block on the order form and you're good).
Meanwhile, we have used a /21 since 2006 and to this day have not
requested additional space. Instead we make more efficient use of
space and avoid selling them in bulk to dedicated server customers or
charge substantially for the space and let economics do the work for
us. A disgusting number of companies are involved in:

- Black hat SEO ("I need 2000 IP's from at least 20 different Class
C's.","No","Why not, companies A, B, and C are offering this for $X")
- IRC virtual host abuse ("My customers want 2 x Class C per shell
server for their bots and vhosts","No","OK fine, we'll buy one from
Company X for $Y")

ARIN needs to investigate these companies and start reclaiming space.
Pose as a customer, see if they'll sell you a /24 or shorter on a
dedicated server for some arbitrary reason, and if so they're busted.
>From there launch a full investigation and start reclaiming space.

The other day I had a customer asking if he could buy a /16 for some
ungodly reason.

Best regards, Jeff


On Sat, Aug 14, 2010 at 4:08 AM, John Curran <jcurran at arin.net> wrote:
> On Aug 13, 2010, at 6:03 PM, Ken Chase wrote:
>>
>> I don't know what to suggest, but perhaps a more binding set of policies for
>> ARIN members to engage in policing/responding to shutdown requests on the
>> community's behalf and some penalties for not upholding agreements is in
>> order.
>
> Ken -
>
> Be careful what you ask for... There is a fairly significant difference
> between ARIN administering number resources (as a trade association based
> on a body of openly-developed policy) and parties deciding not to engage
> in business with suppliers or customers except under certain conditions.
> Some countries prohibit discussions of collective business actions of
> any form, unless the government is involved to insure that the public
> interest is protected.
>
> As Vadim noted, you can certainly bilaterally negotiate with another ISP
> regarding the nature of the routes/IP addresses/traffic that you exchange,
> but you might want to seek counsel before trying such on a collective basis...
>
> /John
>
> John Curran
> President and CEO
> ARIN
>
>
>
>



-- 
Jeffrey Lyon, Leadership Team
jeffrey.lyon at blacklotus.net | http://www.blacklotus.net
Black Lotus Communications of The IRC Company, Inc.

Follow us on Twitter at http://twitter.com/ddosprotection to find out
about news, promotions, and (gasp!) system outages which are updated
in real time.

Platinum sponsor of HostingCon 2010. Come to Austin, TX on July 19 -
21 to find out how to "protect your booty."




More information about the NANOG mailing list