How to Request IP Addresses - Workshop LIR+IPv6 Luanda 2011

Download Report

Transcript How to Request IP Addresses - Workshop LIR+IPv6 Luanda 2011

Internet Number Resource
Management
PART 1
Introduction
• AfriNIC
• Audience
• Tea Breaks / Lunch
Session Objectives
• About AfriNIC
• Introduce participants to the fundamentals of
Internet Number Resource Management
• Dealing with AfriNIC in getting and managing
Internet number resources.
Content
Introduction to Internet Number Resources & How they are Managed
 Internet Number Resources
 Understanding policies and the policy development process
 About AfriNIC : Who we are, what we do
 How to become an AfriNIC member
 Membership Options, Fees structure
 Preparing your number resource requests
 NAT & IPv4 Address planning
 IPv4 Address Exhaustion : Facts & Figures
 Brief Introduction to The AfriNIC ‘whois’ service.
About AfriNIC
• RIR (Regional Internet Registry) that serves
Africa.
– ICANN recognized in 2005
• Not-for-profit
• Membership open to entities located in the
service region.
• Located in Mauritius.
– Infrastructure (public services) located in South
Africa.
About AfriNIC
• What we do:
– Manage the distribution of Internet Number
Resources in Africa
– Facilitate development of number resource
management policies
– Design and deliver training on technical issues
around number resource management
– Work with and support internet development
initiatives around the continent
Internet Number Resources
• IP Addresses
v4/v6
• AS Numbers
16/32-bit
• Reverse DNS Delegations *
.in-addr.arpa.
.ip6.arpa.
_____________________________________________
_
* not a number resource per-se, but a service provided by all RIRs
in tandem with v4/v6 registration .
IP addresses
• An IP address is a “number” that identifies a
computer or device on the internet (or a
network)
• Every computer requires an IP address in
order to connect to or be part of any network,
or the Internet.
• There are currently two “versions” :
– IPv4 (pool soon running out)
– IPv6 (The “Next Generation”)
Who issues IP addresses? (1/3)
• IP addresses are managed and distributed by
Regional Internet Registries (RIRs).
• A RIR is a non-profit body that manages the
issuance of IP addresses and other number
resources within a particular geographical
region.
• There are currently 5 RIRs: AfriNIC, APNIC,
LACNIC, ARIN and RIPE NCC
Who issues IP addresses? (2/3)
Registry (RIR)
Region Served
AfriNIC
Africa (including Mauritius,
Seychelles, Madagascar)
ARIN
USA & Canada
LACNIC
South America & the Caribbean
APNIC
Asia & Australia
RIPE NCC
Europe & the Middle East
Who else issues IP addresses
• Addresses can also be obtained from your
upstream/gateway provider
• Gateway providers often find it difficult to
adequately understand and service the
increasing IP needs of developing countries.
• Obtaining addresses from gateway providers
often degrades other services (such as geolocation).
Why do I need own IP addresses?
• To increase your network’s reliability by multihoming – having more than one connection
point (upstream) to the internet.
– If one connection becomes unavailable, the router
connects to another available network, hence no
visible downtime.
• Eliminate dependency on upstream ISP for
addressing needs and hence:
– Avoid renumbering when changing ISPs
– Plan, manage and scale own addressing
requirements.
Can I buy/sell IPv4 Addresses ?
• Section 8 of the RSA says:
– “NO PROPERTY RIGHTS. The Applicant acknowledges
and agrees that the numbering resources are not
property (real, personal or intellectual) and that The
Applicant shall not acquire any property rights on any
numbering resources by virtue of this Agreement or
otherwise. …“
– AfriNIC could cancel the RSA (and revoke any
resources) if there’s evidence of such.
– Community can address such issues through the PDP.
AfriNIC Resource Pool
• IPv4:
41/8, 102/8, 105/8, 197/8, Legacy Space.
• IPv6:
2c00::/12, 2001:4200::/23
• ASN:
36864 – 37887, 327680 - 328703
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000
1999
1998
1997
1996
1995
1994
1993
1992
1991
(Millions of ) IPv4 Addresses
IPv4 Addresses Issued in the Region
40
35
30
25
20
15
10
5
0
AfriNIC IPv4 Pool Status
• Four /8s plus (non-contiguous) legacy/ERX
address blocks.
• Approx 73m IP addresses left in pool (as at
April 2011)
• Average Monthly Consumption Rates:
– 2011: 680,256 addresses
– 2010: 710,080 addresses
– 2009: 500,000 addresses
AfriNIC IPv4 Pool Status
Block
41/8
102/8
105/8
197/8
Issued
May 05
Feb 11
Nov 10
Oct 08
Utilized
99.05 %
12.50 %
0.00 %
55.05 %
* Excludes Legacy/ERX address blocks.
Questions
Address Management Principles
• The Internet has evolved into a basic need
(just like water, telephony, energy).
• IP addresses are a public resource, critical for
the operation of the Internet.
• No entity can claim “ownership” of these
resources.
• ICANN has delegated regional management to
the RIRs.
Address Management Principles
The Hierarchy
ICANN
(IANA)
AfriNIC
LIR
Other RIR
EU
LIR/NIR/EU
Address Management Principles
• AfriNIC acts as the custodian of the IP
address/number resource pools.
• The public (the community) create the
guidelines and processes (called policies) that
AfriNIC must employ to distribute the
addresses.
• The policy development process is itself
created and continually reviewed by the
community.
Address Management Principles
• The policy development process is 6-part:
– A new proposal (or change to existing policy) is
proposed by anyone from anywhere.
– It’s posted on the (AfriNIC-hosted) policy discussion
mailing list ([email protected]) and discussed for at least
30 days.
– It’s presented at an AfriNIC face-to-face meeting.
– If there’s consensus at the f2f meeting, the proposal is
posted to the mailing list again for a 15-day “last-call”
period, for any comments arising after the
presentation & discussions during the f2f meeting.
Address Management Principles
– If there are no serious objections during the “lastcall” period, the proposal is sent to the AfriNIC
Board of Directors for approval & ratification.
– AfriNIC implements the requirements in the
proposal and it becomes an active policy.
• Implementation of a policy does not necessarily make it
permanent. A proposal to modify existing policy can be
drafted.
Address Management Principles:
The PDP
Proposal is drafted by
anyone
Sent to the policy
discussion mailing list
Discussed on the mailing
list for at least 30 days
If no issues arising, the
Board approves the
proposal & AfriNIC
implements it as a policy.
If there is consensus,
proposal is posted to the
list for 15-day “last-call”
Presented at an AfriNIC
f2f public policy meeting
Address Management Objectives
• Conservation (chiefly applies to IPv4):
– Efficient resource usage
– Demonstrated need
• Aggregation
– Limit routing table growth
– Support provider-based routing
• Registration
– Uniqueness
– Network troubleshooting
Questions
How to Request IP Addresses
Types of Membership
There are 2 types of membership:
 LIR : (Local Internet Registry) – usually ISPs. Can
assign from allocated resources to other parties
(e.g., customers)
 EU : (End User) – plan to use requested resources
only internally, never to issue to a third party.
How to Request IP Addresses (1/2)
• The procedure is 4-part:
– Apply for membership (from the AfriNIC website)
– Request for IP address space. The request is
evaluated once received.
– Pay the membership fee upon request approval
– Membership is approved and IP addresses are
issued by AfriNIC.
How to Request IP Addresses (2/2)
Register for
Membership online
Membership is
approved, IP
addresses are
allocated
Send the request
for IP addresses
Upon request
approval, invoice is
issued
Pay the invoice
How to Request IP Addresses
Applying for Membership
 Member Organizations must be:
o Incorporated in Africa
o Having IP network infrastructure in Africa
 Individual (non-company) memberships not
allowed.
How to Request IP Addresses
Applying for Membership
Documents to support the application include
the following:
– Certificate of Incorporation
– Proof of Address/Location
• Tenancy Agreement
• Utility bills (Energy, Telephone).
How to Request IP Addresses
Applying for Membership
https://my.afrinic.net
Click on “Register”
Fill in the online form and submit
How to Request IP Addresses
Allocation (PA – Provider Aggregatable)
An allocation is a block of IP addresses that has been
allocated to an LIR for subsequent distribution.
Assignment (PI – Provider Independent)
An assignment is a block of IP addresses delegated to
an organisation for specific use within the Internet
infrastructure they operate.
How to Request IP Addresses
The Registration Services Agreement (RSA)
The RSA is the contract between the member
and AfriNIC.
It’s automatically generated from filling the
online application form.
An original signed copy must be sent by
courier to Mauritius.
IP Address Eligibility Criteria
IPv4
IPv6
ISPs (LIRs):
Be (or request to be) an AfriNIC Member
Be (or request to be) an AfriNIC Member
• Either show proof of existing utilization Plan to provide IPv6 connectivity to a
of address space from an upstream ISP, reasonable number of end-sites /
or justify an immediate need of address customers in the AfriNIC service region.
space.
• A combination of the two factors is also
possible and acceptable.
Plan to announce the requested prefix on
the internet within 12 months of
acquiring it (also applies to EU below)
End-Users:
Be (or request to be) an AfriNIC Member
Be (or request to be) an AfriNIC Member
Either show proof of existing utilization of
at least a /25 from an upstream ISP or
justify an immediate need of at least 50%
of total requested space.
Hold IPv4 End-User space or possess the
eligibility criteria to obtain the space.
How to Request IP Addresses
Important: Have the following handy:
To verify your need for IP addresses:
 Contract(s) with your gateway/upstream ISP(s)
 Proof of purchase and/or installation of
equipment.
 Licenses (where needed) from your telecoms
regulator.
How to Request IP Addresses
Other things you should know:
Plan your addressing requirements for only
the next 12 months.
Ask for both your core network, and what
your customers will need.
Do not plan to hoard.
Do not ‘NAT’ unless necessary (.. for purpose
of ‘conserving’ addresses?).
What about IPv6
• Any member holding IPv4 space, by nature of
current IPv6 policy, can get IPv6.
• Just request for it, you’ll get it 
– ISPs (LIRs): /32
– End Users: /48
• No additional charges to the annual recurring
membership fees!
What about IPv6
• ISP/LIR /32 allocations are issued out of a
reserved /29. A contiguous prefix will be
issued subsequently.
• End-User /48 assignments are issued out of a
reserved /44.
• At the time of requesting, any prefix size will
be issued if justified.
What about IPv6
Policy requires that the received prefix be
announced within 12 months of receiving it.
Prefix
Organization
Issued
Advertized
2001:43f8:2a0::/48
University of Botswana
May ‘11
Yes
2001:43f8:2b0::/48 Botswana Post.
May ‘11
No
2c0f:ff00::/32
Nov ‘10
No
Botswana Telecoms.
IPv6 delegations / annum
120
100
80
60
40
20
0
2004 2005 2006 2007 2008 2009 2010 2011
IPv6 Distribution by Country
Other, 19%
Rwanda, 2%
South Africa,
28%
Sudan, 2%
Zimbabwe, 3%
Ghana, 3%
Kenya, 13%
Tanzania, 4%
Uganda, 4%
Egypt, 6%
Mau
ritius, 7%
Nigeria, 9%
Questions
Reverse DNS Delegation
• Reverse DNS: The process of resolving an IP
address to a domain name (the opposite of
forward DNS).
• One of the core services provided by RIRs
• Root of rDNS db:
– IPv4: .in-addr.arpa.
– IPv6: .ip6.arpa.
• Resolution process is by PTR DNS records.
Reverse DNS Delegation
Common uses of RDNS:
• Most ISPs will block mail from relays without
valid PTR record.
• Most mail servers will also reject mail from
relays without valid PTR record.
• Network troubleshooting tools: Tend to use
PTR records when logging hosts (to make it
more human-readable). Traceroute, ping,
syslog, etc
Reverse DNS Delegation
• Setup the name-servers that will serve the
reverse zones.
– AfriNIC does not operate commercial DNS services
or offer secondary services.
• Tell AfriNIC about the zones + configured
name-servers.
– Through MyAfriNIC (web-portal for members).
– By creating “domain” whois database objects.
Questions
The whois db
• “whois”:
– a ‘query/response’ protocol.
– defined in RFC3012 : “Whois Protocol
Specification”.
– Used to query and interact with databases that
store information about an internet resource.
– Implementations vary but the principle is the
same.
The whois db
– All AfriNIC-issued resources are publicly availed in
the AfriNIC whois database.
• IP addresses, AS Numbers, Reverse DNS information
• Contact information for each of the above:
– Physical Address
– Telephone Contacts
– Email addresses
– Do not provide information for listing if it is not
meant to be public (such as the CEO’s email
address, etc).
Uses of the whois db
• Very useful tool for LEAs in fighting
cybercrime.
– 1st point of contact for looking up IP addresses &
associated contact info.
• IP address geo-location tools.
– Google (browser country identification)
– iTunes? (content for different economies)
ETC
The whois db
• How to query/search the AfriNIC whois db:
– From any browser:
http://whois.afrinic.net
– Using software “whois clients”:
• OSX/Linux: Use the ‘whois’ command from the shell.
Install it if it’s not installed.
(From http://whois.sourceforge.net )
• Windows: Many tools exist but are not free. The best
free option is the browser (above).
Help & Support
• Requesting IP addresses, and status of all ongoing
requests:
[email protected]
+230 403 5100
+230 466 6616
Skype: skype2afrinic
• Membership applications
[email protected]
• Any other inquiries:
[email protected]
QUESTIONS