1、1APNIC/TWNIC IP Address APNIC/TWNIC IP Address 分配與分配與管理管理2WelcomeAPNIC Members Training CourseEffective IP Address Management:Asia-Pacific Policies and Procedures3Introduction to APNICAsia Pacific Network Information Center4What is APNIC?Regional Internet Registry(RIR)for the Asia Pacific RegionReso
2、urce registration,allocation and supportIP addresses,AS numbers,in-addr.arpa delegation Membership-based organizationNon-profit,neutral and impartialNot:an operations forumNot:a standards development body5LIRLIR LIRN IR LIRA P N ICB risbane,A u straliaIS PIS PIS PIS PIS PA R INR eston,V A,U SLIRLIRL
3、IRR IP E-N C CA m sterdam,T he N etherlandsIA N AM arina del R ey,C A,U SInternet Registry HierarchyASOICANN6APNIC StructureHostm asterHostm asterHostm asterTrainingM em ber ServicesM anagerSys Adm inProgram m erProgram m erDbase Adm inTech ServicesM anagerAccountantM Ship OfficerBusinessM anagerWeb
4、m asterDocum entationM anager-Director General -Executive Council -(7 m em bers)-APNIC M em bership -(415 m em bers)7APNIC Core Services Resource allocationIP allocationsSecond Opinion approval of IP assignmentsAS number assignments Resource registrationRegistration servicesAPNIC whois server DNS ma
5、nagementReverse domains-in-addr.arpa Not:Forward DNS services8Internet Registry allocation and assignmentPolicies9Definitions(1)Internet Registry(IR)An organisation which allocates or assigns,and registers Internet resources including IP addresses and related resources Regional Internet Registry(RIR
6、)An organisation with regional responsibility for management of Internet resources Responsibilities include allocation/registration services,coordination and policy development Must be neutral and consensus-based10Definitions(2)Internet Registries Local Internet Registry(LIR)Otherwise known as an AP
7、NIC MemberNormally operates as an ISP,and assigns address space to its customers National Internet Registry(NIR)IR which operates on a national basis and primarily allocates resources to its membersMust be neutral and consensus-based11Definitions(3)Allocation and Assignment AllocationA block of addr
8、ess space held by an IR for subsequent allocation or assignment AssignmentA block of address space used to address an operational network May be provided to IR customers,or used for an IRs infrastructure(“self-assignment”)12APNIC Policies Based on global Internet registry policiesRFC 2050(1996)Other
9、 RIR policies(developed since)Policies for Address Space Management in the Asia Pacific Region(was effective Jan 2000)http:/ Minimum practical allocation:/19Slow Start policy for new members Allocations as PA Address SpaceProvider responsible for aggregationCustomer assignments must be non-portable1
10、3APNIC Policies Allocations based on demonstrated needDetailed documentation requiredAll address space held to be declaredAddress space to be obtained from one sourcerouting considerations may applyStockpiling not permitted Validity of allocations and assignmentsAccording to original criteriaAccordi
11、ng to correct managementAccording to duration of lease 14Internet Registry procedures Address space allocations and assignments15Overview Addressing plan example ISP address request form Address allocations Second opinion request form16 Addressing Plan ExampleStarting off UpstreamISPLeased line serv
12、ices 5-8 customersDialup services 16 modemsCustomer services15 hosts NOC operations10 hosts Internal DNS,Web Mail serversISP Infrastructure 5 hostsVirtual web (http1.1)Interconnected resilience17Addressing Plan Example5 hosts15 hosts10 hostsUpstreamISP16 dialup modemsWAN point to point/305-8 leased
13、line customersip unnumberedto customers one loopback interface per assigned router/32 ip unnumberedto upstream ISP18Addressing Plan(contd)network-plan:network-plan:network-plan:analogue dialup modems,vendor xLAN-web hosting(http1.1)5-8 leased line customers(/28)network-plan:network-plan:network-plan
14、:network-plan:network-plan:LAN-NOC and Ops managementLAN-mail,DNS,web servers internalloopback router interfacesrouter WAN portsrouter WAN ports(x 5 lines)Initial addressing plan1651281510 4 2 2-numbers of host addresses(interfaces)19Network Plan Example 6 months later scale increased redundancy60 d
15、ialupmodems(2PRI)30 leased linecustomers11 hosts-http1.18 hosts-2ndary Servers25 hosts-NOC16 hosts-Servers60 dialupmodems(2PRI)UpstreamISPadded new router and LAN for redundancyadded new dial up equipmentreplaced originalmodemincreased number of leased line customersincreased number of hosts on all
16、LANs20Addressing Plan(contd)network-plan:network-plan:network-plan:2 PRI dialup modems,vendor yLAN-web hosting(http1.1)30 leased line customers(pool)16/5/128/15/10/4/2/2/network-plan:network-plan:network-plan:network-plan:network-plan:LAN-NOC and Ops managementLAN-mail,DNS,web servers internalloopba
17、ck router interfacesrouter WAN portsrouter WAN ports(x 8 lines)Network plan at 6 months60115122516622-increases in hosts(interfaces)New hardware2 PRI dialup modems LAN-secondary serversnetwork-plan:network-plan:0/0/608Changed description21Network Plan 12 months total site redundancy greater complexi
18、ty efficiency60 leased linecustomersip unnumbered11 hosts8 hosts35 host240 dialupmodems(8PRI)UpstreamISP A35 hosts240 dialupmodems(8PRI)40 hostsUpstreamISP Badded new customer routerredundancy of WAN connections now numbered links for BGP4two pieces of essential equipment22Addressing Plan(contd)netw
19、ork-plan:network-plan:network-plan:network-plan:8 PRI dialup modems,vendor x8 PRI dialup modems,vendor y LAN-web hosting(http1.1)60 leased line customers(pool)16/60/0/60/5/11/128/512/15/25/10/16/0/8/2/2/2/2/4/6network-plan:network-plan:network-plan:network-plan:network-plan:network-plan:LAN-NOC and
20、Ops managementLAN-mail,DNS,web servers internalLAN-secondary serversrouter WAN portsrouter WAN ports(x 8 lines)loopback router interfaces Network plan at 12 months240240111024403582212-increases in hosts(interfaces)-one year total23Addressing Plan(contd)network-plan:network-plan:network-plan:network
21、-plan:8 PRI dialup modems,vendor x8 PRI dialup modems,vendor yLAN-web hosting(http1.1)60 leased line customers(pool)16/60/2400/60/2405/11/11128/512/102415/25/4010/16/35 0/8/8 2/2/2 2/2/2 4/6/12network-plan:network-plan:network-plan:network-plan:network-plan:network-plan:LAN-NOC and Ops managementLAN
22、-mail,DNS,web servers internalLAN-secondary serversrouter WAN portsrouter WAN ports(x 8 lines)loopback router interfaces256256161024646484416 Can now determine subnet sizes24Addressing Plan(contd)Addressing plan for network-plandetermination of relative subnet addressesre-ordered large to small acco
23、rding to relative subnet sizenetwork-plan:0.0.0.01024128/512/1024 60 leased line customers(pool)network-plan:0.0.4.025616/60/240 8 PRI dial up modems,vendor xnetwork-plan:0.0.5.02560/60/240 8 PRI dial up modems,vendor ynetwork-plan:0.0.6.06410/16/35 LAN-mail,DNS,web internalnetwork-plan:0.0.6.646415
24、/25/40 LAN-NOC and Ops managementnetwork-plan:0.0.6.128165/11/11 LAN-web hosting(http1.1)network-plan:0.0.6.144160/8/8 LAN-secondary serversnetwork-plan:0.0.6.160164/6/12 loopback router interfacesnetwork-plan:0.0.6.17642/2/2 router WAN ports(x8)cumulative total 0.0.6.20825Addressing Plan(contd)Addr
25、essing plan for network-plandetermination of subnet masksnetwork-plan:0.0.0.0255.255.252.0 1024 128/512/1024 60 leased line customersnetwork-plan:0.0.4.0255.255.255.0 256 16/60/2408 PRI dial up modems,vendor xnetwork-plan:0.0.5.0255.255.255.0256 0/60/2408 PRI dial up modems,vendor ynetwork-plan:0.0.
26、6.0255.255.255.1926410/16/35 LAN-mail,DNS,web internal network-plan:0.0.6.64255.255.255.1926415/25/40 LAN-NOC&Ops managementnetwork-plan:0.0.6.128 255.255.255.240165/11/11 LAN-web hosting(http1.1)network-plan:0.0.6.144 255.255.255.240 160/8/8 LAN-secondary serversnetwork-plan:0.0.6.160 255.255.255.2
27、40164/6/12 loopback router interfacesnetwork-plan:0.0.6.176 255.255.255.25242/2/2 router WAN ports(x 8)26Addressing Plan(contd)Addressing plan for network-planconnect to the Internet(full-time,part-time)?network-plan:0.0.0.0255.255.252.0 YES 1024 128/512/1024 60 leased customersnetwork-plan:0.0.4.02
28、55.255.255.0 PART 256 16/60/240 8 PRI dial up work-plan:0.0.5.0255.255.255.0PART 256 0/60/240 8 PRI dial up work-plan:0.0.6.0255.255.255.192 YES 6410/16/35 LAN-mail,DNS,web internal network-plan:0.0.6.64255.255.255.192 YES 6415/25/40 LAN-NOC&Ops managementnetwork-plan:0.0.6.128 255.255.255.240 YES 1
29、65/11/11 LAN-web hosting(http1.1)network-plan:0.0.6.144 255.255.255.240 YES 16 0/8/8 LAN-secondary serversnetwork-plan:0.0.6.160 255.255.255.240 YES 16 4/6/12 loopback router interfacesnetwork-plan:0.0.6.176 255.255.255.252 YES 42/2/2 router WAN ports(x 8)27 Addressing plan completetotal planned for
30、 customer assignments/22total planned for ISP infrastructure/24+/23network-plan:0.0.0.0255.255.252.0 YES 1024 128/512/1024 60 leased line customersnetwork-plan:0.0.4.0255.255.255.0 PART 256 16/60/2408 PRI dial up work-plan:0.0.5.0255.255.255.0PART 256 0/60/2408 PRI dial up work-plan:0.0.6.0255.255.2
31、55.192YES 6410/16/35LAN-mail,DNS,web internal network-plan:0.0.6.64255.255.255.192YES 6415/25/40 LAN-NOC&Ops managementnetwork-plan:0.0.6.128255.255.255.240YES 165/11/11 LAN-web hosting(http1.1)network-plan:0.0.6.144255.255.255.240 YES 16 0/8/8LAN-secondary serversnetwork-plan:0.0.6.160255.255.255.2
32、40YES 16 4/6/12loopback router interfacesnetwork-plan:0.0.6.176255.255.255.252YES 42/2/2router WAN ports(x 8 lines)detailed,efficient and accurateAddressing Plan(contd)28ISP Address Request Life-cycleMore documentationand clarification by Member no Member has completed documentation?Step 1yes Evalua
33、tion ofrequest by APNIC-OK?Step 2yesupdate localrecordsupdate APNICdatabaseNotifyMemberStep 3Allocation by APNICno29OverviewISP address request form Network template Person template Technical template Additional information30Complete the DocumentationISP Address Request Form(APNIC-065)Webhttp:/ text
34、http:/ Address Request FormNetwork Template -registration details need for allocationAPNIC ISPNon Profit ISP in the Asia PacificAL25-AP32ISP Address Request FormPerson Template -need accurate contact details for network An APNIC NIC handle will automatically be created33ISP Address Request FormTechn
35、ical Template-General Overview Must be currentmember to receiveserviceExpectation is classlessTopological informationExpectation of non-portableassignments 34ISP Address Request FormTechnical Template -Customer Network fields Odd sized assignments should bereported on multiple lines35Evaluation by A
36、PNIC Customer network fields Registrationcheck all customer assignments are in the APNIC whois database accurately Parsercheck the netname on the form&the netname field in the database are the same ie.software reports discrepancieshost and subnet estimates are accurate and real Policy prefix distrib
37、ution of all customer assignmentsclassless assignments NOT on/24 boundariesassignments in line with rfc2050-50%after one year36ISP Address Request FormTechnical Template -ISP internal Infrastructure37ISP Address Request FormTechnical Template -ISP Future Network Plan38Evaluation by APNIC Infrastruct
38、ure&network-plan fields Policy technical descriptions are detailed enough so APNIC hostmaster can understand why subnet size was chosendo customer projections match infrastructure plans?Efficient subnet assignments Best current practicename based virtual web hostingdynamic dial up-more on this to fo
39、llow.39Evaluation by APNICSpecial verification IP based virtual hostingup to a/22 assigned for this purposemust send list of domains and URLvirtual ftp,E-commerce with SSL excludedAPNIC will ask why you cant use name based hosting cable,adsl,xdslstatic assignment for permanently on-line customersIP
40、addresses for static assignments/32 must be reported when subsequent allocation requesteddynamic address assignment preferred40ISP Address Request FormAdditional Information POP topologyDiagrams showing network designDiagrams showing POP designdoes network/POP topology description correlate with add
41、ressing plan and current infrastructure?larger requests will require additional documentation Deployment planGive details of phases of deploying equipmentDoes deployment plan match information in network-plan fields?41ISP Address Request FormAdditional information Equipment and servicesSpecification
42、s,number of portsinformation that cannot fit onto fields of formDetails of how implement servicesexplain acronyms or special services MiscellaneousAnything not covered by the form,anything unusualsupplementary information very useful to the hostmaster in evaluating your request42Evaluation by APNICG
43、eneral All address space held should be documentedcheck other RIR,NIR databases for historical allocations No reservations policyReservations may never be claimedFragments address spaceCustomers may need more or less address space than is actually reserved43Address AllocationsFirst allocation-summar
44、yRequires clear detailed requestImplementation of Best Current PracticeEfficient assignments plannedAlways a/19 slow startexceptions made for very large networks but not common44APNIC Address AllocationSubsequent allocations80%overall must be usedunless large assignment pendingDependant on accurate
45、and detailed informationDemonstrated conservative assignments Correct database registrations for customersAmount depends on“usage”ratehow much,how fast?allocate for up to one yearContiguous allocation not guaranteedbut every effort made45Customers NeedsAddress space assignment procedures46Definition
46、sCustomer ASSIGNMENT (by APNIC member)Assignment window 0determines maximum amount of address space a member can assign without approval from APNICincreases when procedures&criteria are understoodMember ALLOCATION (by APNIC)Slow start/19determines an initial allocationsize that is consistent and fai
47、rly applied to allincreases when usage rate determined47Assignment WindowAssignment window of memberAW=0 AW=/28AW=/27AW=/26 .AW=/19Member Assignment limit(host addresses)All new registriesrequests=16requests=32requests=64.requests AW?NoStep 3-Assignment Windowprocedure Member adds comments&recommend
48、ations&sends Member makes assignment,updates DB&local recordsYesStep 2-Member evaluates-OKAPNIC approves request?YesiterationNo492nd Opinion Request FormName&addressof customersnetworkTechnical detailsof customers networkMust be currentAPNIC memberSize of assignment http:/ Opinion Request FormConnec
49、t to Internet?Future network plan Description of useAccuratehost estimates512nd Opinion Request FormOverview of ALL address space used previously-use whois to research other databases522nd Opinion Request FormRequestor should be APNIC member and“known”to APNICUse to describe anything not covered by
50、form eg.renumbering53Evaluation Summary Policy Efficiencymore than 50%used in any one subnetmore than 80%used overallStockpilingis all address space held declared on form?has organisation obtained address space from more than one member/ISP Registration is assignment in the APNIC database?are the co
