______________________________________________________________________ DRAFT TRANSCRIPT SIG: Policy Date: Thursday 2 March 2006 Time: 11.00am Presentation: Issue with critical infrastructure assignment size Presenter: Yong-Wan Ju, Billy Cheon ______________________________________________________________________ TOSHIYUKI HOSAKA: So the next speaker is Billy who's talking about an issue with critical infrastructure assignment size. BILLY CHEON: Hi. Nice to meet you. My name is Billy Cheon from KRNIC of NIDA. I'm not here to propose anything. I just convey the concerns and messages from Korean community over IPv6 allocation and Assignment Policy on critical infrastructure. I am just going to use APNIC policy. Sorry for my laziness. If you look at APNIC IPv6 allocation Assignment Policy, especially on the critical infrastructure, "The minimum assignment made is at least a /32." As other countries always does, we in Korea have a ccTLD site and we implemented IPv6 in April on our ccTLD site but we have another site for back-up region and then we, you know, possibly implement IPv6 on the other particular sites. But we already have /32 for our ccTLD sites but we, like I mentioned, we, in the future implementation of IPv6, we would like a /29 based on this policy to APNIC and then APNIC recommend /48 assignment on critical infrastructure. So I think, this statement is riddled with confusion. I don't know if it's since Korea, English is not the first word, so probably it's level of English. But from our understanding, we thought the minimum assignment made under this is /32 - that means, in one country, every ccTLD site can receive one /32 prefix. And, actually, they don't care about the prefix. They care about routing policy. As far as I know - I mean, I discussed it with them and they told me that there is no clear statement on the clear routing policy on routing table at this moment, like RFC or, you know, internationally agreed documentation on routing policy. It pretty much looks like it's dependent on LIR's allocation policy. So they are worried about the filtering of their prefix. So I just wanted to share opinion and the experience for - with our community and other regions. So, if anyone was in this kind of situation, would you tell me about this. RANDY BUSH: I run - not for IIJ, but myself - six ccTLD - two ccTLD servers. I see no reason for this. It does no good. You can look up the servers in the DNS. Why do they have to be in special address blocks? TERRY MANDERSON: Can I just clarify - was the issue about the actual size of the allocation or the fact that it's in a special address range? BILLY CHEON: It's actual size. TERRY MANDERSON: OK. Thank you. And, furthermore, I want to clarify - are you actually saying that you are having difficulties because of the said de-aggregation rule for IPv6 so you have a /32 and reluctance to de-aggregate. Is that correct? BILLY CHEON: Yeah. That's correct. Actually, they are worried about the future aggregation, yeah. TERRY MANDERSON: Maybe we should point back to the work from Izumi and Geoff and, in future, Randy, about variable-length allocations, perhaps. Thank you. TOSHIYUKI HOSAKA: Billy, I just want to clarify. Is there any case in your country that your ccTLD have to receive multiple /32s? BILLY CHEON: Like I said, at the moment, they don't have - I mean, there is one ccTLD which receives the /32 already and another site is, you know, is planning to implement IPv6 on their site. And then, you know, there is several - TOSHIYUKI HOSAKA: Separate networks? BILLY CHEON: No, several sites waiting for IPv6 implementation. So, for the future implementation of IPv6, we, you know, thought probably we need the same size of IP address /32. The reason is that aggregation - I mean, filtering is the main reason. SANJAYA: Sanjaya from APNIC. This is more of a question to the routing community. Because if I recall correctly, looking at the routing table in IPv6, the last time I checked, there are even some /64s being advertised. So there's quite a few /48s. My question is to the IPv6 operators - have you started filtering size? TERRY MANDERSON: Terry again. Sorry to answer my boss's question. But, yes, operators have started filtering size. I've noticed in experiments that I've done about de-aggregation and announcing /35s and smaller from our /32 allocation, that, in fact, they do not get full visibility due to filtering policies of other operators. SANJAYA: So that sort of validates Billy's concerns, then. BILLY CHEON: Oh, OK. Thanks. PHILIP SMITH: Philip Smith, Cisco. I run Cisco's present IPv6 Internet as it is and, basically, there are two filtering policies that ISPs seem to follow. Both are based on either relaxed filters or strict filters. Some ISPs implement strict filters, basically those on the minimum allocations, /32. Others don't. They operate as /48s. I operate the latter because no-one has as yet explained how IPv6 filtering will work with /32 as the limit. I don't really understand the concern in Korea. Yes, I announced the Cisco /32 aggregate. Yes, there are /48s with that being announced as well and there's no real reachability issue. SEUNGHOON LEE: I know that these related issues. You know I read RFC 2772. This is about the 6Bone routing guidelines. They say that BGP administrators filtering issues, they could advertise BGP prefix. They couldn't advertise BGP prefix, longer prefix than the RIR - no, RIR's delegated assigned prefix. They do not advertise longer prefix than RIR assigned - BILLY CHEON: So it's pretty much dependent on RIR allocation. PHILIP SMITH: RFC 2772 covers 6Bone. We're talking about the real IPv6 Internet. 6Bone disappears on the 6th of June this year. BILLY CHEON: Yes. Philip, is there any, like, standards for the - I mean, de-aggregation on clear statement on the filtering, like RFC or documentation. Was there any in native environment? PHILIP SMITH: Not that I know of. I mean, it boils down same as people do for IPv4. What you should be doing is announcing your aggregate that you receive from the registry and do the necessary subdivision to get whatever traffic engineering you need to achieve. That's what I would say. I don't think that's written down as a rule anywhere that I'm aware of. BILLY CHEON: OK. SEUNGHOON LEE: Actually, I know that there is no concrete routing schemes. So I refer to the 6Bone routing guidelines, you know. TOSHIYUKI HOSAKA: We have Jordi here to make a presentation regarding your topic. JORDI PALET: I guess this webpage could be interesting for this topic. It's webpage where I believe most of the ISPs which are implementing IPv6 are looking for recommendations for prefixes. So, for filtering prefixes. So you have here even examples for different routers and you have a list of all the prefixes that should be filtered, even if you want to go for the thing that Philip mentioned. I think it's well maintained and I really recommend, at least my customers, to follow these rules because, really, really are very nice in the sense that following up what is going on in all the prefixes allocated to the LIRs and also the ISPs. So I guess it could be interesting. Everybody can take a look on that. So that's it. BILLY CHEON: OK, I'd like to thank you for your opinions and suggestions. I will go back to my community and share this knowledge and, if there's still concerns or needs for this, you know, issues, I will be back at next APNIC meeting. Thank you. TOSHIYUKI HOSAKA: Thank you, Billy. So we could cover all the preparations in this SIG session. And we have more time to end this session. So I will pass this mic to Kenny. KENNY HUANG: OK, thank you. Because we still have time before the lunch, and I would like to take the opportunity to elaborate some of the topics we discussed in the previous session. OK, let's look at the open action items. Proposal 20-001 - application of HD-ratio to IPv4. In the previous session, I already conclude - think that we don't have proposal, we don't have any suggestion to tell the community what we should do and what we should do for the next step so I recommend we take it back to the mailing list for one month and we see what happens and, after one month, we make a decision. And I'd like to elaborate more regarding to your opinion regarding the open action item. Because, once it goes to the mailing list, very few traffic comes in and hardly get input from the community. So if you have any opinion or comment or question regarding to the open action, I would like to have your input and also share your input with the community. Regarding to the second proposal in the other RIRs. The last call already proceed in the RIPE region and in the LACNIC and ARIN, the proposal is abandoned. So before we take it back to the mailing list, please let us share your opinion and your comment. So, last call - any comment or opinions or suggestion regarding to the open action? ANNE LORD: Kenny, I've just got a question - what is the decision that you're going to make at the end of the one month? Are you going to suggest to abandon the proposal or continue discussing? KENNY HUANG: It really depends on the discussion on the mailing list. If there's no discussion in the mailing list, probably I would discuss with the two co-chairs. We can either abandon the proposal. Yeah. ANNE LORD: Because there was a sense from this morning's earlier discussion, at least articulated by Geoff, that we should they very carefully and cautiously about continuing with this in the light of the research that's been done about conservation and the impact of conservation. So there has been some feedback, at least to that extent. KENNY HUANG: OK. Right. Thank you. Any other comments? (None) OK, if no other comment, I'll still take if back in the mailing list and also thank you, Anne, for sharing information. At least it is some feedback. And so we will discuss the open action item during the mailing list and also I will discuss with the co-chairs for the Policy SIG to see how we're going to proceed in the next step regarding the open action item. So if there is no other comment or question, I'd like to conclude the meeting is adjourned and lunch will be served outside in the Level 2 foyer. OK. Thank you for your participation. I'll see you next time. Thank you. APPLAUSE