Re: [Fwd: [members-discuss] [ncc-announce] RIPE NCC Position On The ITU IPv6 Group]

[Danny McPherson <danny () tcb net>]

On Feb 26, 2010, at 4:41 PM, Steven M. Bellovin wrote:

> I think that "PTT" is the operative token here, but for reasons having
> nothing to do with competition.  If all they wanted was competition,
> the easy answer would be to set up more registries -- or registrars
> -- not bounded by geography; as long as the number wasn't too large, it
> wouldn't do too much violence to the size of the routing tables.
>
> If a PTT-like body is *the* registry for a country, and if the country
> chose to require local ISPs and business to obtain address space from
> it, what's the natural prefix announcement to the world?  Right -- that
> country's registry prefix, which means that all traffic to that country
> just naturally flows through the PTT's routers and DPI boxes.  And it
> benefits everyone, right?  It really cuts down on the number of prefixes
> we have to worry about....

Until routing domains (i.e., ASNs) are carved up to become congruent 
to national boundaries for national security, censorship or other 
reasons.  When this happens, not only will those IPv6 prefixes become
fragmented, so to will their legacy IPv4 space, and certainly to the 
detriment of routing scalability, security, and stability.

Then add something like RPKI to the mix and you've got a very effective 
hammer to enforce national policy - all network operators will use 
the national RPKI trust anchor, and all of your address space will be 
allocated (and certified) strictly from this national Internet registry 
- so that they can surgically control precisely who can reach you, and who 
you can reach - within the whole of the global routing system, and 
DPI, tariffing, etc.. are all much akin to models of yester that they 
can wrap their heads around.

And all the efforts and bottom-up policy driven by the RIRs in the 
current model will dry up, as will the RIR revenue sources, and their
much wider contributions to the Internet community.  

If you think the RIRs and the current model sucks, well, consider 
the alternatives.  For that matter, so to better the RIRs and their
constituents.

> It's funny -- just yesterday, I was telling my class that the
> Internet's connectivity was not like the pre-deregulation telco model.
> The latter had O(1) telco/country, with highly regulated
> interconnections to anywhere else.  The Internet grew up under the
> radar, partly because of the deregulatory climate and partly because
> especially in the early days, it wasn't facilities-based -- if you
> wanted an international link to a peer or a branch office, you just
> leased the circuit.  The result was much richer connectivity than in
> the telco world, and -- in some sense -- less "order".  Syria wants to
> roll the clock back.

I can't believe that the current model of more dense interconnection, 
continued disintermediation, and a far more robust IP fabric would 
evolve to be more resilient and robust from national Internet registry 
allocation models or the Internet routing system rearchitecting that's 
sure to follow.

Of course, if the ITU-T is serious about this, they should probably be 
asking for a good chunk of 32-bit ASNs as well, but that's a bit more
difficult to do under the auspices of liberating IPv6. 

-danny