Address Assignment Policy for IPv4 Exchange Points

This document discusses the criteria for assignment of address space to IPv4 Internet Exchange Points.

Problem Definition

Internet Exchange Points require IPv4 address space for two portions of the Exchange Point infrastructure. The first requirement is for the transit LAN to which all participants are connected. The second requirement is for the services LANs which hosts the systems and infrastructure necessary to run the exchange point.

Motivation

APNIC currently has no criteria for assigning address space to Internet Exchange Points.

Background

Internet Exchange Points are using address space from a variety of sources.

Some of them are applying directly to APNIC and usually failing. They would need to become a member to apply for address space, and as their requirements are usually very small and for an assignment, it is unlikely that they would be receive an address allocation. The non-member assignment policy enables them to apply and receive addresses, but the cost is often the inhibiting factor.
Some of them are receiving address space from the exchange point membership.
Some of them are receiving address space from the so-called Exchange Point address block administered by EP.net (http://www.ep.net/wtgipa.html).

Current Status – RIR IX address assignment polices

APNIC

APNIC has no distinct policy for IXPs. Normal APNIC policies apply, which will rule out assignments to IXPs in almost all cases.

ARIN

The ARIN makes micro assignments no smaller than /24 to critical Internet infrastructure, such as IXPs, RIRs, gTLDs, ccTLDs, and ICANN, as well as the named servers of the domain. In the case of IXPs, address space is assigned on the condition that it is not announced to the global Internet. See http://www.arin.net/regserv/initial-isp.html for more details.

RIPE NCC

Requests for Provider Independent `portable’ address space are handled through an existing LIR. No special criteria apply for the assignment of address space to IXPs.

Proposal

The proposal is that Internet Exchange Points can apply to APNIC for address space and receive a micro assignment, no smaller than a /24 for the IXP transit LAN and Internet Infrastructure Critical Services (IICS) as detailed below.

Detail One

The address space assigned to Internet Exchange Points for use on their transit LAN comes out of one reserved block of address space specifically for Internet Exchange Point assignments. For example this could be a /16, which will give the possibility of assigning a maximum of 256 /24s to Internet Exchanges in APNIC’s region. This makes the address block well known within the region, and technically efficient for ISPs to provide appropriate filters.

Detail Two

The address space assigned for the Exchange Point transit LAN on condition that it is NOT announced to the global Internet routing table. It is accepted by IXP operators that the transit LAN addresses must never be announced globally so that bandwidth fraud and denial of service attacks can be prevented.

Detail Three

If Internet Exchange Points are hosting Internet Infrastructure Critical Services, such as root nameservers, gTLD nameservers, or ccTLD nameservers, then they should indicate this in their application, along with all necessary supporting information such as authorisation and delegation particulars from the appropriate bodies for APNIC verification.

In this case, the IXP will receive at least two /24s in their assignment, one for the IXP transit LAN, the other for the essential services, on the explicit understanding that the network infrastructure hosting the IICS are not on the same logical network as the IXP transit LAN. They may announce globally one /24 out of this assignment to support the IICS they host.

Detail Four

The address space assigned to Internet Exchange Points for use for the IICS they are hosting comes out of one reserved block of address space specifically for IICS assignments. For example this could be a /16, which will give the possibility of assigning a maximum of 256 /24s to Internet Exchange IICS in APNIC’s region. This makes the address block well known within the region, and technically efficient for ISPs to provide appropriate filters.

Detail Five

APNIC will publicise on their web pages that minimum assignments from their exchange point blocks will be /24s so that ISPs who filter on registry boundaries can set up appropriate filters. The IICS portion of address space will be globally visible; the IXP transit LAN portion is unlikely to have more than local or regional visibility.

Detail Six

Internet Exchange Points would apply for APNIC membership, have rights and obligations such as other APNIC members, and be categorised in the same way as other APNIC members.

Detail Seven

If Internet Exchange Points require address space for other services, such as providing local IXP membership content services, management network, and so on, they should apply for address space from their own membership. Such infrastructure usually requires to be globally routed, so an assignment from one or more of their membership is recommended. Items of equipment and services coming under the membership services umbrella are usually referenced by name rather than address.

Note that hosting these services on the IICS LAN is an option, but in itself is not a sufficient justification for IICS address space, as they are not critical infrastructure. Hosting these services on the exchange point transit LAN itself is technically possible but not recommended for the reasons specified in Detail Two.

Discussion

Advantages

Acceptance of this proposal will mean that Internet Exchange Points will now be able to approach APNIC for membership and for address space. IXPs are critical to any country’s Internet infrastructure and economy.

IXPs no longer have to rely on their membership for address space, or finding ways of acquiring the necessary /24 network from “somewhere” so that the IXP can function. Using members’ address space often leads to conflicts of interest, or problems of renumbering when the member who has contributed address space withdraws from the exchange point. (Using member address space for IXP management infrastructure is not considered problematic in the same way as it would be for the transit LAN.)

The proposed policy is similar to that operated by the ARIN.

Disadvantages

None.

Internet Infrastructure Critical Services

Internet Infrastructure Critical Services have been defined as root nameservers, gTLD nameservers and ccTLD nameservers for the purposes of this policy.

This proposal only considers the case where the Internet Exchange Point hosts any IICS. Other organisations that are hosting IICS are expected to follow normal APNIC policies for acquiring address space. For example, an ISP hosting a ccTLD primary nameserver would be expected to use address space they have been allocated under their APNIC membership agreement.

Implementation

It is proposed that APNIC implement this new policy three months after consensus has been reached. All necessary supporting documents will be prepared by APNIC before the implementation date. This will include updating request and membership applications forms. The community will be informed of the changes in policy through the APNIC website and related mailing lists.