lansing, mi 27 october 2015. welcome. here today from arin… david farmer, arin advisory council...
TRANSCRIPT
![Page 1: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/1.jpg)
Lansing, MI27 October 2015
![Page 2: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/2.jpg)
Welcome. Here today from ARIN…
• David Farmer, ARIN Advisory Council
• Susan Hamlin, Director, Communications
and Member Services
• Jon Worley, Technical Services Manager
• Avneet Wadhwani, Senior Software
Engineer
![Page 3: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/3.jpg)
Morning Agenda
10:15 - 10:45 ARIN: Mission, Services and Community
Engagement; Susan Hamlin
10:45 -11:20 Security Overlays on Core Internet Protocols – DNSSEC; Avneet Wadhwani
11:20 - 12:00 Life After IPv4 Depletion: IPv4 Inventory, Waiting List and Transfers; Jon Worley
12:00 PM - 1:00 PM Lunch
![Page 4: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/4.jpg)
Afternoon Agenda1:00 - 1:30 Security Overlays on Core Internet Protocols - Resource Certification (RPKI); Avneet Wadhwani
1:30- 2:00 Number Resource Policy Discussions and How to Participate; David Farmer
2:00 - 2:30 Automating Interactions with ARIN; Avneet Wadhwani
2:30- 3:00 Moving to IPv6; Jon Worley
3:00- 3:15 Q&A / Open Mic Session; Susan Hamlin
![Page 5: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/5.jpg)
Let’s Get Started!
• Self introductions – Name– Organization
![Page 6: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/6.jpg)
ARIN and the RIR System: Mission, Role and Services
Susan Hamlin Director, Communications and
Member Services
![Page 7: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/7.jpg)
What is an RIR?
A Regional Internet Registry (RIR) is an organization that manages the allocation and registration of Internet number resources within a particular region of the world. Number resources include IP addresses and autonomous system (AS) numbers.
![Page 8: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/8.jpg)
Regional Internet Registries
![Page 9: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/9.jpg)
Not-for-profitMembership Organization
Community Regulated
• Fee for services, not number resources
• 100% community funded
• Open
• Broad-based - Private sector - Public sector - Civil society
• Community developed policies
• Member-elected executive board
• Open and transparent
RIR Structure
![Page 10: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/10.jpg)
The NRO exists to protect the unallocated number resource pool, to promote and protect the bottom-up policy development process, and to act as a focal point for Internet community input intothe RIR system.
Number Resource Organization
![Page 11: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/11.jpg)
ARIN, a nonprofit member-based organization, supports the operation of the Internet through the management of Internet number resources throughout its service region; coordinates the development of policies by the community for the management of Internet Protocol number resources; and advances the Internet through
informational outreach.
![Page 12: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/12.jpg)
ARIN’s Service Region
The ARIN Region includes many Caribbean and North Atlantic islands, Canada, the United States and outlying areas.
![Page 13: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/13.jpg)
IP Address and Autonomous System Number Provisioning Process
![Page 14: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/14.jpg)
Who is the ARIN community?
Anyone with an interest in Internet number resource management in the ARIN region
![Page 15: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/15.jpg)
The ARIN Community includes…• 20,000+ customers • 5,200+ members • 75+ professional staff • 7 member Board of Trustees
• elected by the membership
• 15 member Advisory Council• elected by the membership
• 3 person Number Resource Organization Number Council
• elected by the ARIN Community
![Page 16: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/16.jpg)
ARIN Board of Trustees• Paul Andersen, Vice Chair and Treasurer• Vinton G. Cerf, Chair• John Curran, President and CEO• Timothy Denton, Secretary• Aaron Hughes• Bill Sandiford• Bill Woodcock
16
![Page 17: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/17.jpg)
ARIN Advisory Council• Dan Alexander, Chair • Cathy Aronson• Kevin Blumberg, Vice Chair• Owen DeLong• Andrew Dul• David Farmer• David Huberman• Scott Leibrand• Tina Morris• Milton Mueller• Leif Sawyer• Heather Schiller• Robert Seastrom• John Springer• Chris Tacit
17
![Page 18: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/18.jpg)
NRO Number Council• 15 member body• 3 representatives from each RIR• From ARIN:
– Jason Schiller– Louie Lee– John Sweeting
18
![Page 19: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/19.jpg)
ARIN Services and ProductsARIN Manages:
• IP address allocations & assignments• ASN assignment• Transfers• Reverse DNS• Directory service
Whois Routing Information (Internet Routing Registry) WhoWas
19
![Page 20: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/20.jpg)
ARIN Services and ProductsARIN coordinates and administers:• Policy Development
Community meetingsDiscussionPublication
• Elections• Information publication and dissemination
and public relations • Community outreach • Education and training
20
![Page 21: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/21.jpg)
ARIN Services and Products
ARIN develops technologies for managing Internet number resources:
• ARIN Online• Community Software Project Repository • DNSSEC• Resource Certification (RPKI)• Whois-RWS• Reg-RWS
21
![Page 22: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/22.jpg)
![Page 23: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/23.jpg)
Globalization of IANA Oversight
On 14 March 2014, the US Government announced plans to transition oversight of the IANA functions contract to the global multistakeholder community
Current IANA functions contract expires 30 September 2016 (originally was 2015)
![Page 24: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/24.jpg)
NTIA Conditions for Transition Proposal
1. Support and enhance the multi-stakeholder model
2. Maintain the security, stability, and resiliency of the “Internet DNS”
3. Meet the needs and expectation of the global customers and partners of the IANA services
4. Maintain the openness of the Internet
![Page 25: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/25.jpg)
Current Status of IANA Stewardship Proposal
Number Resources (RIR community) – CRISP Team
https://www.nro.net/wp-content/uploads/ICG-RFP-Number-Resource-Proposal.pdf - 15 Jan 2015
– Draft Service Level Agreement (SLA) for the IANA Numbering Services – was open for public comment 1 May 2015 – 14 June 2015; under revision based on ICANN comments
![Page 26: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/26.jpg)
Current Status of IANA Stewardship Proposal
Domain Names: 25 June 2015https://community.icann.org/x/aJ00Aw
Protocol Parameters (IANAPLAN Working Group): 6 January 2015http://tools.ietf.org/html/draft-ietf-ianaplan-icg-response-09
![Page 27: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/27.jpg)
IANA Stewardship Proposal – Victory Conditions
• A proposal submitted to NTIA by July 2015 which meets NTIA’s conditions and provides for transition of IANA stewardship to the global Internet community
• Community support of the ICG proposal, based on belief that the mechanisms provided for oversight and accountability are appropriate
![Page 28: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/28.jpg)
IANA Stewardship – Potential Implications• Successful transition of IANA Stewardship from the USG to the Internet community would be an important validation of the Internet’s multi-stakeholder governance model • Inability to transition could raise concerns about the validity of the multi-stakeholder process and fuel discussion of the perceived need for intergovernmental mechanisms for Internet Governance
![Page 29: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/29.jpg)
Join in Internet Governance Discussions
Visit ARIN’s webpage:Ways to Participate in Internet Governance
https://www.arin.net/participate/governance/participate.html
![Page 30: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/30.jpg)
Get 6 – Websites on IPv6
http://teamarin.net/infographic/
![Page 31: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/31.jpg)
How to Participate in ARIN
• Attend Public Policy and Members Meetings & Public Policy Consultations– Remote participation available
• Apply for Meeting Fellowship• Discuss policies on Public Policy
Mailing List (ppml)• Come to outreach events• Subscribe to an ARIN mailing list
![Page 32: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/32.jpg)
More Ways to Participate
• Give your opinion on community consultations
• Submit a suggestion• Contribute to the IPv6 wiki• Write a guest blog for TeamARIN.net• Connect with us on social media• Members – Vote in annual elections
![Page 33: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/33.jpg)
ARIN Mailing Lists
http://www.arin.net/participate/mailing_lists/index.html
ARIN Announce: [email protected]
ARIN Discussion: [email protected] (members only)
ARIN Public Policy: [email protected]
ARIN Consultation: [email protected]
ARIN Issued: [email protected]
ARIN Technical Discussions: [email protected]
Suggestions: [email protected]
![Page 34: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/34.jpg)
ARIN on Social Media
www.TeamARIN.net
www.facebook.com/TeamARIN
@TeamARIN
www.gplus.to/TeamARIN
www.linkedin.com/company/ARIN
www.youtube.com/TeamARIN
#ARIN35
![Page 35: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/35.jpg)
Apply now for ARIN 37 April 2016 in Jamaicahttps://www.arin.net/participate/meetings/fellowship.html
NEW: Includes attendance at NANOG
![Page 36: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/36.jpg)
Q&A
![Page 37: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/37.jpg)
Security Overlays on Core Internet Protocols – DNSSEC
Avneet WadhwaniSoftware Engineer
![Page 38: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/38.jpg)
Core Internet Protocols
• Two critical resources that are unsecured– Domain Name Servers– Routing
• Hard to tell if compromised– From the user point of view– From the ISP/Enterprise
• Focus on government funding
![Page 39: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/39.jpg)
DNS
![Page 40: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/40.jpg)
How DNS Works
Resolver
Question: www.arin.net A
www.arin.net A ?
Cachingforwarder(recursive)
root-serverwww.arin.net A ?
Ask net server @ X.gtld-servers.net (+ glue)
gtld-serverwww.arin.net A ?
Ask arin server @ ns1.arin.net (+ glue)
arin-server
www.arin.net A ?
192.168.5.10
192.168.5.10
Add to cache
![Page 41: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/41.jpg)
Why DNSSEC? What is it?
• Standard DNS (forward or reverse) responses are not secure– Easy to spoof– Notable malicious attacks
• DNSSEC attaches signatures– Validates responses– Can not spoof
![Page 42: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/42.jpg)
Reverse DNS at ARIN
• ARIN issues blocks without any working DNS–Registrant must establish delegations after registration
–Then employ DNSSEC if desired
• Just as susceptible as forward DNS if you do not use DNSSEC
![Page 43: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/43.jpg)
Reverse DNS at ARIN
• Authority to manage reverse zones follows allocations–“Shared Authority” model–Multiple sub-allocation recipient entities may have authority over a particular zone
![Page 44: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/44.jpg)
Changes completed to make DNSSEC work at ARIN
• Permit by-delegation management• Sign in-addr.arpa. and ip6.arpa.
delegations that ARIN manages• Create entry method for DS Records
– ARIN Online– RESTful interface– Not available via templates
![Page 45: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/45.jpg)
Changes completed to make DNSSEC work at ARIN
• Only key holders may create and submit Delegation Signer (DS) records
![Page 46: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/46.jpg)
Reverse DNS in ARIN Online
First identify the network that you want to put Reverse DNS nameservers on…
![Page 47: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/47.jpg)
Reverse DNS in ARIN Online
…then enter the Reverse DNS nameservers…
![Page 48: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/48.jpg)
DNSSEC in ARIN Online…then apply DS record to apply to the delegation
![Page 49: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/49.jpg)
Reverse DNS: Querying ARIN’s WhoisQuery for the zone directly:whois> 81.147.204.in-addr.arpa
Name: 81.147.204.in-addr.arpa.Updated: 2006-05-15NameServer: AUTHNS2.DNVR.QWEST.NETNameServer: AUTHNS3.STTL.QWEST.NETNameServer: AUTHNS1.MPLS.QWEST.NET
Ref: http://whois.arin.net/rest/rdns/81.147.204.in-addr.arpa.
![Page 50: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/50.jpg)
DNSSEC in Zone Files; File written on Mon Feb 24 17:00:53 2014; dnssec_signzone version 9.3.6-P1-RedHat-9.3.6-20.P1.el5_8.60.74.in-addr.arpa. 86400 IN NS NS3.COVAD.COM. 86400 IN NS NS4.COVAD.COM. 10800 NSEC 1.74.in-addr.arpa. NS RRSIG NSEC 10800 RRSIG NSEC 5 4 10800 20140306210053 ( 20140224210053 57974 74.in-addr.arpa. oNk3GVaCWj2j8+EAr0PncqnZeQjm8h4w51nS D2VUi7YtR9FvYLF/j4KO+8qYZ3TAixb9c05c 8EVIhtY1grXEdOm30zJpZyaoaODpbHt8FdWY vwup9Tq4oVbxVyuSNXriZ2Mq55IIMgDR3nAT BLP5UClxUWkgvS/6poF+W/1H4QY= )1.74.in-addr.arpa. 86400 IN NS NS3.COVAD.COM. 86400 IN NS NS4.COVAD.COM. 10800 NSEC 10.74.in-addr.arpa. NS RRSIG NSEC 10800 RRSIG NSEC 5 4 10800 20140306210053 ( 20140224210053 57974 74.in-addr.arpa. DKYGzSDtIypDVcer5e+XuwoDW4auKy6G/OCV VTcfQGk+3iyy2CEKOZuMZXFaaDvXnaxey9R1 mjams519Ghxp2qOnnkOw6iB6mR5cNkYlkL0h lu+IC4Buh6DqM4HbJCZcMXKEtWE0a6dMf+tH sa+5OV7ezX5LCuDvQVp6p0LftAE= )
![Page 51: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/51.jpg)
DNSSEC in Zone Files0.121.74.in-addr.arpa. 86400 IN NS DNS1.ACTUSA.NET. 86400 IN NS DNS2.ACTUSA.NET. 86400 IN NS DNS3.ACTUSA.NET. 86400 DS 46693 5 1 ( AEEDA98EE493DFF5F3F33208ECB0FA4186BD 8056 ) 86400 DS 46693 5 2 ( 66E6D421894AFE2AF0B350BD8F4C54D2EBA5 DA72A615FE64BE8EF600C6534CEF ) 86400 RRSIG DS 5 5 86400 20140306210053 ( 20140224210053 57974 74.in-addr.arpa. n+aPxBHuf+sbzQN4LmHzlOi0C/hkaSVO3q1y 6J0KjqNPzYqtxLgZjU+IL9qhtIOocgNQib9l gFRmZ9inf2bER435GMsa/nnjpVVWW/MBRKxf Pcc72w2iOAMu2G0prtVT08ENxtu/pBfnsOZK nhCY8UOBOYLOLE5Whtk3XOuX9+U= ) 10800 NSEC 1.121.74.in-addr.arpa. NS DS RRSIG NSEC 10800 RRSIG NSEC 5 5 10800 20140306210053 ( 20140224210053 57974 74.in-addr.arpa. YvRowkdVDfv+PW42ySNUwW8S8jRyV6EKKRxe…
![Page 52: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/52.jpg)
DNSSEC Validating Resolvers
• www.internetsociety.org/deploy360/dnssec/• www.isc.org/downloads/bind/dnssec/
![Page 53: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/53.jpg)
Reverse DNS Management and DNSSEC in ARIN Online• Available on ARIN’s websitehttp://www.arin.net/knowledge/dnssec/
![Page 54: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/54.jpg)
Q&A
![Page 55: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/55.jpg)
Life After IPv4 DepletionJon Worley, Technical Services Manager
![Page 56: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/56.jpg)
Overview
• IPv4 Depletion Recap & Observations
• Post-depletion IPv4 options– IPv4 Waiting List– IPv4 Transfers– Dedicated IPv4 block to facilitate IPv6
deployment
56 56
![Page 57: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/57.jpg)
IPv4 Depletion Recap• ARIN reached full IPv4 depletion 9/24/2015
• Only single /24s had been available for approximately 3 months before full depletion
• Full depletion excludes space being held or reserved for specific policies
57 57
![Page 58: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/58.jpg)
IPv4 Space Held/Reserved
• Held space (minimum 60 days)– Space returned to ARIN or revoked for non-payment
– Held for at least 60 days
– Research required to verify ARIN can reissue
• Reserved space– /10 to facilitate IPv6 deployment
– 2 /16s for exchange points/critical infrastructure
58
![Page 59: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/59.jpg)
IPv4 Depletion Trends & Observations
• Few complaints/escalations
• Most criticism directed at policy not allowing requests to be filled with multiple blocks
• Smoother than expected
59 59
![Page 60: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/60.jpg)
Post-IPv4 Depletion Options• IPv4 Waiting List
• IPv4 Transfer Market
• Dedicated IPv4 block to facilitate IPv6 deployment
60 60
![Page 61: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/61.jpg)
IPv4 Wait List• Option to be added after justified need
verified– Maximum approved size determined by ARIN– Minimum acceptable size specified by requester
• Waiting List published on ARIN’s web site
• 149 requests currently on the waiting list– Approximately /12 required to fill all
61 61
![Page 62: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/62.jpg)
62
![Page 63: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/63.jpg)
How the IPv4 Wait List Works• Oldest request filled first (based on
approval date)– E.g. - if ARIN gets a /16 back and the oldest
request is for a /24, we issue a /24 to that org
• One approved request per organization on the list at a time
• Limit of one allocation or assignment every 3 months
https://www.arin.net/resources/request/waiting_list.html
63
![Page 64: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/64.jpg)
How Long Might You Wait?• 184 tickets added since wait list started
• 23 wait list requests filled– 13 filled with IANA /14 equivalent issued in 9/2015– 9 filled with blocks held for organizations that opted to
go on the waiting list– 1 filled with previously revoked space
• 3 filled via 8.3 transfer and removed
• Demand is far greater than availability64 64
![Page 65: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/65.jpg)
Transfers of IPv4 Addresses
• Mergers and Acquisitions (NRPM 8.2)
• Transfers to Specified Recipients (NRPM 8.3)
• Inter-RIR transfers (NRPM 8.4)
65 65
![Page 66: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/66.jpg)
Transfers to Specified Recipients (NRPM 8.3)
• Allows orgs with unused IPv4 resources to transfer them to orgs in need of IPv4 resources
• Source– Must be current registrant, no disputes– Not have received addresses from ARIN for 12 months
prior– Ineligible for further addresses from ARIN for 12
months after
• Recipient – Must demonstrate need for 24-month supply under
current ARIN policy
66 66
![Page 67: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/67.jpg)
Inter-RIR Transfers (NRPM 8.4)
• RIR must have reciprocal, compatible needs-based policies– Currently APNIC and RIPE NCC
• Transfers from ARIN– Source cannot have received IPv4 from ARIN 12
months prior to transfer or receive IPv4 for 12 months after transfer
– Must be current registrant, no disputes– Recipient meets destination RIR policies
• Transfers to ARIN– Must demonstrate need for 24-month supply
under current ARIN policy67 67
![Page 68: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/68.jpg)
Pre-approval for Specified Recipient Transfers • Pre-approval offered through ARIN
online– Based on 24 month need (per policy)– Valid for 2 years (no need for re-
verification)
•Must meet current ARIN policy• Can use multiple transfers to fill need
without being subject to re-verification
68 68
![Page 69: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/69.jpg)
Specified Transfer Listing Service (STLS)• Optional service intended to facilitate specified
recipient and inter-RIR transfers• All participants have access to each others contact
information– Listers: have available IPv4 addresses
• Resources must be covered under RSA/LRSA
– Needers: looking for IPv4 addresses• Must be pre-approved under ARIN policy to be listed
– Facilitators: available to help listers and needers find each other
• Public summary provided– Lists number of available and needed IPv4 address blocks
69 69
![Page 70: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/70.jpg)
Tips for Faster Transfer Processing
• Make sure that all registration information is current and accurate
• Request pre-approval for your 24 month need in advance of the transfer
• Provide detailed information to support 24 month need
• Apply under the correct transfer policy
70 70
![Page 71: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/71.jpg)
Reserved IPv4 Block for IPv6 Deployment
• /10 reserved in April 2009• /24 maximum• Must facilitate IPv6 deployment
– Translation, dual stack– IPv6 block must be registered
• One per organization every six months
![Page 72: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/72.jpg)
Summary• No IPv4 blocks currently available• No perfect solution to IPv4
depletion– CGN = potential problems– Waiting list = uncertainty– Transfers = subject to market prices
• Begin planning now
72 72
![Page 73: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/73.jpg)
73
![Page 74: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/74.jpg)
LUNCH
Take your valuables as the room will not be locked.
![Page 75: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/75.jpg)
Security Overlays on Core Internet Protocols –RPKI
Avneet WadhwaniSoftware Engineer
![Page 76: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/76.jpg)
Core Internet Protocols
• Two critical resources that are unsecured – Domain Name Servers– Routing
• Hard to tell if compromised– From the user point of view– From the ISP/Enterprise
• Focus on government funding
![Page 77: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/77.jpg)
Routing
![Page 78: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/78.jpg)
Routing Architecture• The Internet uses a two level routing hierarchy:
– Interior Routing Protocols, used by each network to determine how to reach all destinations that line within the network
– Interior Routing protocols maintain the current topology of the network
![Page 79: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/79.jpg)
Routing Architecture• The Internet uses a two level routing hierarchy:
– Exterior Routing Protocol, used to link each component network together into a single whole
– Exterior protocols assume that each network is fully interconnected internally
![Page 80: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/80.jpg)
Exterior Routing: BGP• BGP is a large set of bilateral (1:1)
routing sessions– A tells B all the destinations (prefixes)
that A is capable of reaching– B tells A all the destinations that B is
capable of reaching
A B
10.0.0.0/2410.1.0.0/1610.2.0.0/18
192.2.200.0/24
![Page 81: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/81.jpg)
What is RPKI?• Resource Public Key Infrastructure
• Attaches digital certificates to network resources– AS Numbers
– IP Addresses
• Allows ISPs to associate the two– Route Origin Authorizations (ROAs)– Can follow the address allocation chain
to the top
![Page 82: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/82.jpg)
What does RPKI accomplish?
• Allows routers or other processes to validate route origins
• Simplifies validation authority information– Trust Anchor Locator
• Distributes trusted information– Through repositories
![Page 83: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/83.jpg)
AFRINIC RIPE NCC APNIC ARIN LACNIC
LIR1 ISP2
ISP ISP ISP ISP4 ISP ISP ISP
Issued Certificates
Resource Allocation Hierarchy
Route Origination Authority“ISP4 permits AS65000 to originate a route for the prefix 192.2.200.0/24”
Attachment: <isp4-ee-cert>
Signed, ISP4 <isp4-ee-key-priv>
ICANN
Resource Cert Validation
![Page 84: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/84.jpg)
AFRINIC RIPE NCC APNIC ARIN LACNIC
LIR1 ISP2
ISP ISP ISP ISP4 ISP ISP ISP
Resource Allocation Hierarchy
Route Origination Authority“ISP4 permits AS65000 to originate a route for the prefix 192.2.200.0/24”
Attachment: <isp4-ee-cert>
Signed, ISP4 <isp4-ee-key-priv>
1. Did the matching private key sign this text?
ICANN
Issued Certificates
Resource Cert Validation
![Page 85: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/85.jpg)
AFRINIC RIPE NCC APNIC ARIN LACNIC
LIR1 ISP2
ISP ISP
Route Origination Authority“ISP4 permits AS65000 to originate a route for the prefix 192.2.200.0/24”
Attachment: <isp4-ee-cert>
Signed, ISP4 <isp4-ee-key-priv>
ISP ISP4
2. Is this certificate valid?
ISP ISP ISP
Issued Certificates
Resource Allocation Hierarchy
ICANN
Resource Cert Validation
![Page 86: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/86.jpg)
AFRINIC RIPE NCC APNIC ARIN LACNIC
LIR1 ISP2
ISP ISP
Route Origination Authority“ISP4 permits AS65000 to originate a route for the prefix 192.2.200.0/24”
Attachment: <isp4-ee-cert>
Signed, ISP4 <isp4-ee-key-priv>
ISP ISP4 ISP ISP ISP
Issued Certificates
Resource Allocation Hierarchy
ICANN
3. Is there a valid certificate path from a Trust Anchor to this certificate?
Resource Cert Validation
![Page 87: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/87.jpg)
What does RPKI Create?
• It creates a repository– RFC 3779 (RPKI) Certificates– ROAs– CRLs– Manifest records
![Page 88: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/88.jpg)
Repository View./ba/03a5be-ddf6-4340-a1f9-1ad3f2c39ee6/1:total 40-rw-r--r-- 1 143 143 1543 Jun 26 2009 ICcaIRKhGHJ-TgUZv8GRKqkidR4.roa-rw-r--r-- 1 143 143 1403 Jun 26 2009 cKxLCU94umS-qD4DOOkAK0M2US0.cer-rw-r--r-- 1 143 143 485 Jun 26 2009 dSmerM6uJGLWMMQTl2esy4xyUAA.crl-rw-r--r-- 1 143 143 1882 Jun 26 2009 dSmerM6uJGLWMMQTl2esy4xyUAA.mnf-rw-r--r-- 1 143 143 1542 Jun 26 2009 nB0gDFtWffKk4VWgln-12pdFtE8.roa
A Repository Directory containing an RFC3779 Certificate, two ROAs, a CRL, and a manifest
![Page 89: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/89.jpg)
Repository Use
• Pull down these files using a manifest-validating mechanism
• Validate the ROAs contained in the repository
• Communicate with the router marking routes “valid”, “invalid”, “unknown”
• Up to ISP to use local policy on how to route
![Page 90: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/90.jpg)
Possible Data Flow for Operations
• RPKI Web interface -> Repository
• Repository aggregator -> Validator
• Validated entries -> Route Checking
• Route checking results -> local routing decisions (based on local policy)
![Page 91: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/91.jpg)
How you can use ARIN’s RPKI System?• Hosted• Hosted using ARIN’s RESTful service• Delegated using Up/Down Protocol
![Page 92: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/92.jpg)
Hosted RPKI
• Pros– Easier to use– ARIN managed
• Cons– No current support for downstream
customers to manage their own space (yet)
– Tedious through the IU if you have a large network
– We hold your private key
![Page 93: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/93.jpg)
Hosted RPKI with RESTful Interace• Pros
– Easier to use– ARIN managed– Programmatic interface for large networks
• Cons– No current support for downstream
customers to manage their own space (yet)
– We hold your private key
![Page 94: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/94.jpg)
Delegated RPKI with Up/Down• Pros
– You safeguard your own private key– Follows the IETF up/down protocol
• Cons– Extremely hard to setup– Need to operate your own RPKI
environment– More later
![Page 95: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/95.jpg)
Hosted RPKI in ARIN Online
![Page 96: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/96.jpg)
Hosted RPKI in ARIN Online
![Page 97: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/97.jpg)
Hosted RPKI in ARIN Online
![Page 98: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/98.jpg)
Hosted RPKI in ARIN Online
![Page 99: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/99.jpg)
Hosted RPKI in ARIN OnlineSAMPLE-ORG
![Page 100: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/100.jpg)
Hosted RPKI in ARIN OnlineSAMPLE-ORG
![Page 101: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/101.jpg)
Hosted RPKI in ARIN Online
![Page 102: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/102.jpg)
Your ROA request is automatically processed and the ROA is placed in ARIN’s repository, accompanied by its certificate and a manifest. Users of the repository can now validate the ROA using RPKI validators.
![Page 103: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/103.jpg)
Delegated with Up/Down
![Page 104: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/104.jpg)
Delegated with Up/Down
![Page 105: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/105.jpg)
Delegated with Up/Down
![Page 106: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/106.jpg)
Delegated with Up/Down
• You have to do all the ROA creation• Need to setup a CA• Have a highly available repository• Create a CPS
![Page 107: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/107.jpg)
Q&A
![Page 108: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/108.jpg)
ARIN’s Policy Development ProcessCurrent Number Resource Policy
Discussions and How to Participate
David FarmerARIN Advisory Council
![Page 109: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/109.jpg)
Number Resource Policy Manual
ARIN’s Policy Document – Version 2015.3 (29 July 2015)– 39th version
Change LogsHTML/PDF/txt
http://www.arin.net/policy/nrpm.html
![Page 110: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/110.jpg)
Policy Development Process (PDP)
Process FlowchartProposal Template
http://www.arin.net/policy/pdp.html
![Page 111: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/111.jpg)
PDP Goals
• "open, transparent, and inclusive manner that allows anyone to participate in the process."
• "clear, technically sound and useful policies"
• "Policies, not Processes, Fees, or Services”
![Page 112: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/112.jpg)
PDP Basic Steps1. Proposal (problem statement and policy change)
2. Discussion of Draft Policy on ARIN’s Public Policy Mailing List and at open policy meeting(s)
3. Discussion of Recommended Draft Policy at open policy meeting(s)
4. Last Call
5. Board review
6. Staff implementation
![Page 113: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/113.jpg)
Current Draft Policies/Proposals
113
1. LAST CALL ARIN-2015-1: Modification to Criteria for IPv6 Initial End-User Assignments
2. ARIN-2015-2: Modify 8.4 (Inter-RIR Transfers to Specified Recipients) 3. ARIN-2015-3: Remove 30 day utilization requirement in end-user IPv4 policy 4. LAST CALL ARIN-2015-4: Modify 8.2 section to better reflect how ARIN handles
reorganizations 5. ARIN-2015-5: Out of region use 6. ARIN-2015-6: Transfers and Multi-national Networks 7. ARIN-2015-7: Simplified requirements for demonstrated need for IPv4 transfers 8. ARIN-2015-8: Reassignment records for IPv4 End-Users 9. ARIN-2015-9: Eliminating needs-based evaluation for Section 8.2, 8.3, and 8.4
transfers of IPv4 netblocks 10. ARIN-2015-10: Minimum IPv6 Assignments [abandoned]11. ARIN-2015-11: Remove transfer language which only applied pre-exhaustion of
IPv4 pool
![Page 114: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/114.jpg)
ARIN-2015-5: Out of region use• Would allow an organization to receive Internet
number resources from ARIN for use out of region as long as the applicant is currently using at least the equivalent of a /22 of IPv4, /44 of IPv6, or 1 ASN within the ARIN service region.
• 2015-5 discussion started June 2015– Earlier abandoned proposals:
• ARIN-2014-1: Out of Region Use• ARIN-2013-6: Allocation of IPv4 and IPv6 Address Space to Out-of-
region Requestors• ARIN-2011-13: IPv4 Number Resources for Use Within Region
• Presented at ARIN 36 in October(continued on next slide)
![Page 115: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/115.jpg)
2015-5 cont.• AC found draft to be fair, technically sound and
supported; and promoted to Recommended state• Will be presented again as a Recommended Draft
Policy– NANOG 66 and/or ARIN 37
• Possible next steps:– Last Call and review of last call comments– Board Review– Implementation by Staff
![Page 116: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/116.jpg)
How Can You Get Involved?
There are two ways to voice your opinion:
– Public Policy Mailing List
– Public Policy Consultations/Meetings
• In person or remotely
• ARIN meetings and Public Policy Consultations at NANOG
![Page 117: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/117.jpg)
Takeaways
Three things 1. ARIN doesn't make up the policy, ARIN
implements community created/maintained policy.
2. Policy process exists, if you are unhappy with a policy, there is a way for you to try to change it.
3. If you want to participate, you know where you can voice your opinion (email, in person and remote).
![Page 118: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/118.jpg)
References
Policy Development Processhttp://www.arin.net/policy/pdp.html
Draft Policies and Proposalshttp://www.arin.net/policy/proposals/index.html
Number Resource Policy Manualhttp://www.arin.net/policy/nrpm.html
![Page 119: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/119.jpg)
Q&A
![Page 120: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/120.jpg)
Automating Your Interactions with ARIN
Avneet WadhwaniSoftware Engineer
![Page 121: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/121.jpg)
Why Automate?
• Interact with ARIN faster• Not dependent on ARIN’s systems for
user interface issues• Build a customized system using
standards-based technologies• Improved accuracy• Integrate multiple services
![Page 122: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/122.jpg)
Why Automate (continued)
• We have a rich set of interfaces• Focused on reliability and
completeness• Welcome to share your tools with the
community at projects.arin.net
![Page 123: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/123.jpg)
REST – Service Summary
• ARIN’s RESTful Web Services (RWS)– Whois-RWS and RDAP
• Provides public Whois data via REST
– Reg-RWS (or Registration-RWS)• Allows ARIN customers to register and
maintain data in a programmatic fashion
– Report Request/Retrieval Automation• Permits request and download of various
ARIN data (subject to AUP)
– RPKI using Reg-RWS
![Page 124: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/124.jpg)
What is REST?• Representational State Transfer
• As applied to web services– defines a pattern of usage with HTTP to
create, read, update, and delete (CRUD) data
– “Resources” are addressable in URLs
• Very popular protocol model– Amazon S3, Yahoo & Google services, …
![Page 125: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/125.jpg)
The BIG Advantage of REST• Easily understood
– Any modern programmer can incorporate it– Can look like web pages
• Re-uses HTTP in a simple manner– Many, many clients– Other HTTP advantages
• This is why it is very, very popular with Google, Amazon, Yahoo, Twitter, Facebook, YouTube, Flickr, …
![Page 126: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/126.jpg)
What does it look like?Who can use it?
http://whois.arin.net/rest/poc/KOSTE-ARIN
Where the data is.
What type of data it is.
The ID of the data.
It is a standard URL. Anyone can use it.Go ahead, put it into your browser.
![Page 127: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/127.jpg)
Where can more information on REST be found?
• RESTful Web Services– O’Reilly Media
– Leonard Richardson
– Sam Ruby
![Page 128: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/128.jpg)
Whois-RWS• Publicly accessible, just like traditional
Whois• Searches and lookups on IP addresses,
AS numbers, POCs, Orgs, etc…• Very popular
– As of October 2014, constitutes 65% of our query load
• For more information:– http://www.arin.net/resources/whoisrws/index.html
![Page 129: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/129.jpg)
Whois Queries Per Second
2001-07 2002-06 2003-05 2004-04 2005-03 2006-02 2007-01 2007-12 2008-11 2009-10 2010-09 2011-08 2012-07 2013-06 2014-050
500
1000
1500
2000
2500
3000
3500
4000
RESTfulPort 43
![Page 130: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/130.jpg)
RDAP
• RDAP is a Whois alternative for querying resource registration data from Domain Name Registries (DNRs) and Regional Internet Registries (RIRs).
• IETF published the RDAP series of RFCs in Q1 of 2015.– ARIN has rolled out RDAP– Will be supported by all 5 RIRs and domain
registries.
![Page 131: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/131.jpg)
RDAP vs Whois-RWS
• Both are RESTful sevices• Standardized format used between
all RIRs for RDAP• RDAP responses offer direct referrals
to other RIRs, whereas Whois defines no queries or responses, and interaction with DNRs and RIRs can vary significantly
![Page 132: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/132.jpg)
ARIN RDAP
• ARIN’s RDAP service (w/ bootstrap)– https://rdap.arin.net/bootstrap/
• ARIN’s RDAP service (w/o bootstrap)– http://rdap.arin.net/registry/
• Command Line client called NicInfo– https://github.com/arineng/nicinfo
![Page 133: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/133.jpg)
RDAP IP Querywget https://rdap.arin.net/bootstrap/ip/100.42.0.0
{ "rdapConformance" : [ "rdap_level_0" ], "notices" : [ { "title" : "Terms of Service", "description" : [ "By using the ARIN RDAP/Whois service, you are agreeing to the RDAP/Whois Terms of Use" ], "links" : [ { "value" : "https://rdap.arin.net/registry/ip/100.42.0.0", "rel" : "about", "type" : "text/html", "href" : "https://www.arin.net/whois_tou.html" } ] } ], "handle" : "NET-100-42-0-0-2", "startAddress" : "100.042.000.000", "endAddress" : "100.042.000.255", "ipVersion" : "v4", "name" : "ISOTROPIC-NETWORKS", "parentHandle" : "NET-100-42-0-0-1“,...
![Page 134: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/134.jpg)
Bootstrapped Response
wget https://rdap.arin.net/bootstrap/ip/176.0.0.0
--2015-08-21 16:02:16-- https://rdap.arin.net/bootstrap/ip/176.0.0.0Resolving rdap.arin.net (rdap.arin.net)... 199.212.0.160, 2001:500:13::160Connecting to rdap.arin.net (rdap.arin.net)|199.212.0.160|:443... connected.HTTP request sent, awaiting response... 302 Moved TemporarilyLocation: https://rdap.db.ripe.net/ip/176.0.0.0 [following]--2015-08-21 16:02:16-- https://rdap.db.ripe.net/ip/176.0.0.0Resolving rdap.db.ripe.net (rdap.db.ripe.net)... 193.0.6.142, 2001:67c:2e8:22::c100:68eConnecting to rdap.db.ripe.net (rdap.db.ripe.net)|193.0.6.142|:443... connected.HTTP request sent, awaiting response... 200 OK
![Page 135: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/135.jpg)
RDAP Statistics
• RDAP Released June 20, 2015– 51K queries (as of September 1)
• Entity queries: 173 • Domain queries: 290 • IP queries: 40818 • Autnum queries: 9203
• 1 query/2 seconds
![Page 136: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/136.jpg)
Registration RWS (Reg-RWS)
• Programmatic way to interact with ARIN– Intended to be used for automation– Not meant to be used by humans
• Useful for ISPs that manage a large number of SWIP records
• Requires an investment of time to achieve those benefits
![Page 137: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/137.jpg)
Reg-RWS
• Requires an API Key– You generate one in ARIN Online on the
“Web Account” page• Permits you to register and manage
your data (ORGs, POCs, NETs, ASes)– But only your data
• More information– http://www.arin.net/resources/restful-interfaces.htm
l
![Page 138: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/138.jpg)
Anatomy of a RESTful request• Uses a URL (just like you would type into
your browser)• Uses a request type, known as a “method”,
of GET, PUT, POST or DELETE• Usually requires a payload
– Adheres to a published structure– Depends upon the type of data– Depends upon the method
• Method, Payload, and XML schema info is found at “RESTful Provisioning Downloads”
![Page 139: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/139.jpg)
Example – Reassign Detailed• Your automated system issues a PUT
command to ARIN using the following URL:http://www.arin.net/rest/net/NET-10-129-0-0-1/reassign?apikey=API-1234-5678-9A
BC-DEFG
The payload contains the following data:
<net xmlns="http://www.arin.net/regrws/core/v1" > <version>4</version> <comment></comment> <registrationDate></registrationDate> <orgHandle>HW-1</orgHandle> <handle></handle> <netBlocks> <netBlock> <type>A</type> <description>Reassigned</description> <startAddress>10.129.0.0</startAddress> <endAddress>10.129.0.255</endAddress> <cidrLength>24</cidrLength> </netBlock> </netBlocks> <parentNetHandle>NET-10-129-0-0-1</parentNetHandle> <netName>HELLOWORLD</netName> <originASes></originASes> <pocLinks></pocLinks></net>
![Page 140: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/140.jpg)
Example – Reassign DetailedARIN’s web server returns the
following to your automated system:<net xmlns="http://www.arin.net/regrws/core/v1" > <version>4</version> <comment></comment> <registrationDate>Tue Jan 25 16:17:18 EST 2011</registrationDate> <orgHandle>HW-1</orgHandle> <handle>NET-10-129-0-0-2</handle> <netBlocks> <netBlock> <type>A</type> <description>Reassigned</description> <startAddress>10.129.0.0</startAddress> <endAddress>10.129.0.255</endAddress> <cidrLength>24</cidrLength> </netBlock> </netBlocks> <parentNetHandle>NET-10-129-0-0-1</parentNetHandle> <netName>netName>HELLOWORLD</netName> <originASes></originASes> <pocLinks></pocLinks></net>
![Page 141: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/141.jpg)
Reg-RWS Has More Than Templates
• Only programmatic way to do IPv6 Reassign Simple
• Only programmatic way to manage Reverse DNS
• Only programmatic way to access your ARIN tickets
![Page 142: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/142.jpg)
Reg-RWS Adoption
ARIN 29
ARIN 30
ARIN 31
ARIN 32
ARIN 33
ARIN 34
ARIN 35
Tem-plate
408383 595858 846943 1066037
1311403
1498204
1749383
REST 40374 320197 841105 3524124
4296734
4715231
5034717
500,000
1,500,000
2,500,000
3,500,000
4,500,000
5,500,000
TemplateREST
![Page 143: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/143.jpg)
Testing Your Reg-RWS Client• We offer an Operational Test &
Evaluation environment for Reg-RWS• Your real data, but isolated
– Helps you develop against a real system without the worry that real data could get corrupted
• For more information:– http://www.arin.net/resources/ote.html
![Page 144: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/144.jpg)
Obtaining RESTful Assistance
• http://www.arin.net/resources/restful-interfaces.html• Pay attention to Method, Payload, and XML schema
documents under “RESTful Provisioning Downloads”• Or use ARIN Online’s Ask ARIN feature• Or use the arin-tech-discuss mailing list
– Make sure to subscribe– Someone on the list will help you ASAP– Archives on the web site
• Registration Services Help Desk telephone not a good fit– Debugging these problems requires a detailed look at
the URL, method, and payload being used
![Page 145: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/145.jpg)
Report Request/Retrieval
• For customer-specific data, access is restricted by user– Permits you to request and retrieve
reports– But only your data
• For public services, you must first sign an AUP or TOU (Bulk Whois, Registered ASNs, WhoWas)– ARIN staff may review your need to access this data
• Requires an API Key
![Page 146: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/146.jpg)
RPKI thru Reg-RWS
• Delegated – very complex• Hosted – easy but tedious if
managing a large network through the UI
• Solution: Interface to sign ROAs using the RESTful API– Ease of Hosted– Programmatic way of managing a large
number of ROAs
![Page 147: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/147.jpg)
Q&A
![Page 148: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/148.jpg)
Moving to IPv6
Jon Worley, Technical Services ManagerWith some help from Geoff Huston
148
![Page 149: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/149.jpg)
The Original IPv6 Plan - 1995
IPv6 Deployment
Time
IPv6 Transition – Dual Stack
IPv4 Pool Size
Size of the Internet
149
![Page 150: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/150.jpg)
The Revised IPv6 Plan - 2005
IPv6 Deployment
2004
IPv6 Transition – Dual Stack
IPv4 Pool Size
Size of the Internet
2006 2008 2010 2012Date
150
![Page 151: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/151.jpg)
IPv6 over time
ARIN IPv6 Allocations and Assignments*As of 30 June 2015
151
![Page 152: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/152.jpg)
5,196 total members as of 31 July 2015
ISP Members with IPv4 and IPv6
152
![Page 153: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/153.jpg)
Oops!We were meant to have completed the transition to IPv6 BEFORE we completely exhausted the supply channels of IPv4 addresses!
153
![Page 154: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/154.jpg)
Today’s Plan
IPv6 Deployment
IPv4 PoolSize
Size of the Internet
IPv6 Transition
Today
Time
?
0.8%
154
![Page 155: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/155.jpg)
And while we wait...The Internet continues its growth.
• And without an abundant supply of IPv4 addresses to support this level of growth, the industry is increasingly reliant on NATs:
– Edge NATs are now the de facto choice for residential broadband services at the CPE
– ISP NATs are now the de facto choice for 3G and 4G mobile IP services
155
![Page 156: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/156.jpg)
What ARIN is hearing from the community
• Movement to IPv6 is slow– Progress is being made– ISPs carefully rolling out IPv6
• Lots of ISPs purchasing CGN boxes
• There is a market for IP space– Rent by month– Purchase outright
156
![Page 157: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/157.jpg)
So why do the move to IPv6?• IPv4 will get more expensive• Move to IPv6 will happen when cost
is too high for IPv4• Don’t want to be caught with gear
that will not support IPv6 before it is end-of-life
• Need to have some experience on IPv6
157
![Page 158: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/158.jpg)
Call to Action for IPv6• ISPs should do it now• Universities should be teaching and making
IPv6 available• Businesses should be asking for IPv6 support
for gear and services they purchase– Want to be available to all on the Internet– If only IPv4 – may miss some IPv6 clientele
• Application developers need to integrate IPv6 support– “Preparing Applications for IPv6”– https://www.arin.net/knowledge/
preparing_apps_for_v6.pdf 158
![Page 159: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/159.jpg)
Call to Action for IPv6
• End user customers– May be behind CGN
• Impacts speed and services• Don’t want to lose in those real-time games!
(CoD gamers in particular)
– Ask for IPv6 support• Faster• Better application support• Less support calls for IPv4
159
![Page 160: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/160.jpg)
Get IPv6 from ARIN now!
Most organizations with IPv4 can IPv6 without increasing their annual ARIN fees
160
![Page 161: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/161.jpg)
Requesting IPv6 - ISPs
• Have a previous v4 allocation from ARIN or predecessor registry
OR• Intend to multi-home OR• Provide a technical justification
which details at least 50 assignments made within 5 years
161 161
![Page 162: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/162.jpg)
Data ARIN Will Typically Ask For - ISPs
• If requesting more than a /32, a spreadsheet/text file with– # of serving sites (PoPs, datacenters)– # of customers served by largest
serving site– Block size to be assigned to each
customer (/48 typical)
162 162
![Page 163: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/163.jpg)
Requesting IPv6 – End Users• Have a v4 direct assignment from ARIN or
predecessor registry OR• Intend to multi-home OR• Show how you will use 2000 IPv6 addresses
or 200 IPv6 subnets within a year OR• Technical justification as to why provider-
assigned IPs are unsuitable
163 163
![Page 164: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/164.jpg)
Data ARIN Will Typically Ask For – End users• If requesting more than a /48, a
spreadsheet/text file with– List of sites in your network
• Site = distinct geographic location• Street address for each
– Campus may count as multiple sites• Technical justification showing how they’re
configured like geographically separate sites
164 164
![Page 165: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/165.jpg)
Learn More
IPv6 Info Centerwww.arin.net/knowledge/ipv6_info_center.html
www.GetIPv6.info
www.TeamARIN.net165
![Page 166: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/166.jpg)
Operational Guidance
www.InternetSociety.org/Deploy360/
www.NANOG.org/archives/
www.hpc.mil/cms2/index.php/ipv6-knowledge-base-general-info
bcop.NANOG.org
166
![Page 167: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/167.jpg)
Q&A / Open Mic Session
![Page 168: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/168.jpg)
Take Aways• Apply for IPv6 addresses and get started.• Subscribe to an ARIN mailing list• Participate in ARIN 37 – in person or remotely• Apply for a future meeting fellowship• Think about implementing DNSSEC/Resource
Certification• Member organizations please update your
Voting Contact – linked to an ARIN Web User account
• Reach out though various channels with questions or suggestions
![Page 169: Lansing, MI 27 October 2015. Welcome. Here today from ARIN… David Farmer, ARIN Advisory Council Susan Hamlin, Director, Communications and Member Services](https://reader036.vdocuments.us/reader036/viewer/2022081511/5697bfab1a28abf838c9ac80/html5/thumbnails/169.jpg)
Apply now for ARIN 37 in Jamaicahttps://www.arin.net/participate/meetings/fellowship.html