[lacnog] Subasignación de prefijos a otro ASN y el tema con los RoA

Fernando Frediani fhfrediani en gmail.com
Jue Feb 3 17:47:06 -03 2022


Hi Mike

I will not provide it right now. If you don't believe and wish to get a 
strong evidence I suggest you consult LACNIC directly and take the 
chances in the case you are participating on this type of activities.

Regarding the AWS example if the prefixes are used under those 
circunstances I saw no problem with it as long the resource holder can 
prove that if asked by the RIR.

Regards
Fernando

Em 03/02/2022 17:42, Mike Burns escreveu:
>
> Please, for the third time, can you provide a link to anything but 
> your own opinion?
>
> Leasing is allowed in ARIN, in RIPE, and in APNIC without question.
>
> Can I get the LACNIC link prohibiting it?
>
> With the AWS thing, at least you acknowledge there is no inherent 
> problem with the advertising of blocks under an ASN not the same as 
> the block owner.
>
> So there is some progress…
>
> *From:* LACNOG <lacnog-bounces en lacnic.net> *On Behalf Of *Fernando 
> Frediani
> *Sent:* Thursday, February 03, 2022 3:36 PM
> *To:* lacnog en lacnic.net
> *Subject:* Re: [lacnog] Subasignación de prefijos a otro ASN y el tema 
> con los RoA
>
> Hi, you don´t need to believe me, you need to believe LACNIC.
> If you still don't then I suggest you tell them some LACNIC registered 
> prefixes that are currently leased to another ASN to make a little test.
>
> AWS case is a completely different scenario. That´s not a leasing. 
> Their customer, which is the rightful resource holder of those 
> prefixes wish to use them inside AWS environment so there is no 
> problem for them to use their own prefixes there. In those cases if 
> the resource holder is using those prefixes according to what they 
> have been justified for then all if good.
>
> Fernando
>
> Em 03/02/2022 17:29, Mike Burns escreveu:
>
>     You keep stating it’s prohibited, but I don’t believe  you.
>
>     Can you provide links supporting your statements?
>
>     What do you say about AWS and other cloud providers advertising
>     their clients’ addresses  under the AWS ASN?
>
>     *From:* LACNOG <lacnog-bounces en lacnic.net>
>     <mailto:lacnog-bounces en lacnic.net> *On Behalf Of *Fernando Frediani
>     *Sent:* Thursday, February 03, 2022 3:14 PM
>     *To:* lacnog en lacnic.net
>     *Subject:* Re: [lacnog] Subasignación de prefijos a otro ASN y el
>     tema con los RoA
>
>     Leasing is prohibited for LACNIC registered prefixes and LACNIC
>     already confirmed it, either is is good or not to broker business.
>     If you don't believe I invite you to publish LACNIC registered
>     prefixes from organizations you have knowledge and that are
>     currently rented to other ASNs so they can "have a look". And to
>     make it more clear in AfriNic and APNIC regions it is also
>     prohibited there. Even if you can point it is being done over
>     there in some cases, thankfully it is prohibited.
>
>     If you dint's understand it clear my response to Salvador is to
>     warn that as there is a leasing involved it cannot be used with
>     LACNIC prefixes independent if there is a ROA or not. My point was
>     not specifically about the ROA but about something that comes
>     before it and is more important.
>
>     Fernando
>
>     Em 03/02/2022 16:48, Mike Burns escreveu:
>
>         Untrue, leasing is not prohibited, if it were, there wouldn’t
>         be sites like ipxo.com.
>
>         Do a google search for “ipv4 leasing” and see how prohibited
>         it is.
>
>         Fernando, can you do us the favor of pointing out where
>         leasing is prohibited in policy or law?
>
>         I have already told you that advertising blocks under the ASN
>         of non-owners of the block is perfectly acceptable and
>         commonplace among cloud providers who offer
>         “bring-your-own-addresses” services, like Oracle and AWS.
>
>         Salvador, you can certainly get ROAs for leased blocks, except
>         where RPKI is prohibited, as it is for ARIN legacy holders who
>         haven’t signed a registration agreement.
>
>         If you need to lease blocks with an ROA, it is not difficult
>         to find lessors that will offer that.
>
>         Regards,
>         Mike Burns
>
>         *From:* LACNOG <lacnog-bounces en lacnic.net>
>         <mailto:lacnog-bounces en lacnic.net> *On Behalf Of *Fernando
>         Frediani
>         *Sent:* Thursday, February 03, 2022 2:27 PM
>         *To:* lacnog en lacnic.net
>         *Subject:* Re: [lacnog] Subasignación de prefijos a otro ASN y
>         el tema con los RoA
>
>         Hola Salvador
>
>         Como mencionaste que están involucrados brokers/renters de IP,
>         es claro que estamos hablando de arrendamiento de direcciones
>         IP y es importante aclarar algunos puntos importantes para que
>         nadie esté operando direcciones registradas en la región de
>         LACNIC de manera incorrecta. Con o sin existencia de ROAs para
>         el prefijo en cuestión *en la región de LACNIC* (y en algunas
>         otras regiones del mundo) *no se permite el arrendamiento o
>         préstamo de direcciones IP de un ASN a otro*.
>
>         Independiente el motivo, ya sea por escasez de direcciones
>         IPv4 o por otro, no está permitido arrendamiento y no es
>         correcto que una ASN alquile direcciones registradas en la
>         región LACNIC a otra ASN.
>         Incluso se pueden utilizar prefijos registrados en otras
>         regiones que lo permitan, pero no los registrados en la región
>         de LACNIC.
>
>         Las únicas 2 formas de lidiar con este problema aquí son el
>         proceso de Transferencias de prefijos de un ASN a otro de
>         manera definitiva (que puede ser facilitado por un
>         intermediario) o con mayor uso de IPv6 y menor dependencia de
>         IPv4.
>         Por lo tanto, incluso si la propuesta de política LAC-2020-10
>         llega a un consenso, no podría usarse para los prefijos de la
>         región de LACNIC si se están arrendando a otra ASN.
>
>         Los ASN quien hizo sus prefijos registrados per LACNIC estén
>         disponibles para alquiler a través de un intermediario corren
>         el riesgo de caer en el proceso de recuperación.
>
>         Fernando
>
>         Em 03/02/2022 15:31, Salvador Bertenbreiter escreveu:
>
>             Hola a todos,
>
>             Espero estén bien, hay un tema sobre el cual me gustaría
>             iniciar la conversación, IP brokers/renters y certificados
>             RoA.
>
>             Due to the exhaustion of IPv4 blocks, new ISPs that are
>             getting their ASN and IPv6 block in LACNIC are needed to
>             obtain at least one IPv4 /24 block with an IP broker (or
>             similar). Because even if they are delivering IPv6
>             addressing to their clients, they still need even a /24 to
>             raise bgp in IPv4 and then do CG-NAT for that traffic.
>
>             The problem I see is that most, at least of the several
>             I've had contact with, of IP brokers (and international
>             carriers that undersign IPs) are not offering to issue a
>             RoA for prefixes that they sub-assign to another ASN,
>             which I think is a problem as it breaks the path to
>             greater adoption of RPKI. How do you think this situation
>             could be improved/solved?
>
>              Saludos,
>
>             Salvador
>
>             _______________________________________________
>
>             LACNOG mailing list
>
>             LACNOG en lacnic.net
>
>             https://mail.lacnic.net/mailman/listinfo/lacnog
>
>             Cancelar suscripcion:https://mail.lacnic.net/mailman/options/lacnog
>
>
>
>         _______________________________________________
>
>         LACNOG mailing list
>
>         LACNOG en lacnic.net
>
>         https://mail.lacnic.net/mailman/listinfo/lacnog
>
>         Cancelar suscripcion:https://mail.lacnic.net/mailman/options/lacnog
>
>     _______________________________________________
>
>     LACNOG mailing list
>
>     LACNOG en lacnic.net
>
>     https://mail.lacnic.net/mailman/listinfo/lacnog
>
>     Cancelar suscripcion:https://mail.lacnic.net/mailman/options/lacnog
>
>
> _______________________________________________
> LACNOG mailing list
> LACNOG en lacnic.net
> https://mail.lacnic.net/mailman/listinfo/lacnog
> Cancelar suscripcion:https://mail.lacnic.net/mailman/options/lacnog
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: <https://mail.lacnic.net/pipermail/lacnog/attachments/20220203/c0765b4c/attachment-0001.htm>


Más información sobre la lista de distribución LACNOG