afrinic training

8/2/2019 Afrinic Training

1/82

AfriNIC - 2005

AfricanNetworkInformation

centre

Welcome to the

AfriNIC LIR Training

AfriNIC


2/82


centre

Introductions

Instructor :

Students: Full Names & Nationality. Organization/Company Position/Title Brief Responsibilities. AfriNIC Member?

Experience with AfriNIC/RIR System.

Attendance Sheet : Please Complete and Send back to Instructor.


3/82


centre

Logistics Mobile phones Off or Silent Toilets ? Smoking Room ? Break Tea and Lunch ?

Time line :

09:00 - 13:00 Presentation

14:30 - 15:30 Hands on (Where LAB is arranged) early departures?

Online Materials: http://www.afrinic.net/training/index.htm Computer Based Training:

See URL above for download links of the computer-based training CD-ROM

Handouts Already given out.


4/82

AfricanNetwo

rkInformation

centre

Course Objectives:

Requesting IP number resources. Membership. * IPv4 / IPv6 addresses, 2-byte and 4-byte AS Numbers

Interacting with the AfriNIC whois db. Creating, updating and deleting objects: IP number resource

registrations, contact info, reverse domains, etc

AfriNIC policies & procedures. Policy Development Process and an overview of current

policy proposals under discussion.


5/82

AfricanNetwo

rkInformation

centre

Why AfriNICProblem:

Lack of co-ordination on IP

resource management in Africa.

Inconsistency in address

allocation policies.

Poor involvement of African

stakeholders in the IP address

allocation system.

Policy inappropriate for

Africas Internet environment.

Money is sent out of the

continent


6/82

AfricanNetwo

rkInformation

centre

Why AfriNIC

Results:a common address allocation

policy for Africa.

a common environment for

discussions on IP resources Policy.

Application of the bottom-up

process to allow participation from

the local community.

Adoption of new policies moreclose to the continents realities.

Money stays in Africa to support

training and other projects.


7/82

AfricanNetwo

rkInformation

centre

What is AfriNIC?

AfriNIC :

Independent not-for-profit membershiporganisation supporting its members and thecommunity

One of 5 Regional Internet Registries (RIR)


8/82

AfricanNetwo

rkInformation

centre

NRO

IANA

Policy making process

Internet Coordination bodies:

ICANN

Supporting

Organizations

Con

stituencies&

Ad

visorybodies

Internet

Community@

Large

ASO

Afr iNIC APNIC ARIN LACNIC RIPENCC

Community*

RegionalPo l

i cies

GlobalPolicies

Community* RIPE

ASO

ICANN


9/82

AfricanNetwo

rkInformation

centre

AfriNIC Policy Development Process

AfriNIC as a self governedentity based onmembership, hasdeveloped a PolicyDevelopment Processdriven by the community.

6 steps

Subscribe to the policydiscussion mailing list

policy-wg-request@afrinic.net

Propose changes or newpolicies on the mailinglist

PDP modificationproposal**
mailto:policy-wg-request@afrinic.netmailto:wg-request@afrinic.netmailto:wg-request@afrinic.netmailto:policy-wg-request@afrinic.net


10/82

AfricanNetwo

rkInformation

centre

Global IP allocation Hierarchy

41/8


11/82

AfricanNetwo

rkInformation

centre

Recent/Coming Activities

5th Public policy meeting held Mauritius: Dec 2006

6th Public policy meeting held in Abuja: May 2007

Several policy proposals. IPv6 and LIR hands-on training and Workshop.

Next meeting is scheduled for September 2007

Durban, South Africa. LIR Training (IPv6 TBC).


12/82

AfricanNetwo

rkInformation

centre

AfriNIC services

Member Services Registration:

IPv4 addresses

IPv6 addresses

AS numbers

Reverse delegation

Courses:

LIR courses IPv6 Training

Public Services

AFRINIC DB maintenance

Coordination & liaison

Meetings

Information

Tools and Utilities.


13/82

AfricanNetwo

rkInformation

centre

Contacts

Head QuartersAfriNIC Ltd.

3rd Floor, Cyber Tower

Cyber City, Ebene, Mauritius

Phone: +230 466 6616

Fax: +230 466 6758

Hostmaster hostmaster@afrinic.net

Billing billing@afrinic.net

DB-help afrinic- bm@afrinic.net

Training training@afrinic.net


14/82

AfricanNetwo

rkInformation

centre

Questions?


15/82

AfricanNetwo

rkInformation

centre

Introduction

* RIR specific terminology* The whois database


16/82

AfricanNetwo

rkInformation

centre

IP Address Space

Address space is not property Leased Automatically renewed, if criteria still

fulfilled

Recovered by AfriNIC if criteria not

fulfilled: e.g: Non Payment of membership fees

Not used anymore

Policy Violation, Court Orders, etc


17/82

AfricanNetwo

rkInformation

centre

Allocation address space issued by AfriNIC to a LIR. The LIR canfurther issue IP addresses to end-sites/customers from anallocation.

Sub-Allocation address space from LIRs allocation set apart by LIR for issuing

to downstream ISPs / resellers. Assignment

made from allocation or sub-allocation. address space in use in networks.

allocation

assignmentsub-allocation

assignment

assignments


18/82

AfricanNetwo

rkInformation

centre

Classless Addressing

Classful: 3 fixed network sizes: A, B, C Problem: waste of addresses

Solution: Classless Inter Domain Routing (CIDR)- flexible allocation / assignment sizes!

- hierarchical distribution

Always make classless assignments

/23 & /25 or /27 etc. not always /24


19/82

AfriNIC - 2005

AfricanNetwo

rkInformation

centre

The Whois Database Intro.

Description

DB queries

Creating contact objects


20/82

AfricanNetwo

rkInformation

centre

AfriNIC WHOIS Database Intro

A Public Network Management Database

Software Maintained and updated by AfriNIC, Originally developed by RIPE NCC.

Data LIRs, End Users, AfriNIC

Test WHOIS Database for practice:online at test-whois.afrinic.net port 43


21/82

AfricanNetwo

rkInformation

centre

Object Types

IP address space . . . . . . . .inetnum, inet6num

Reverse delegation. . . . . . .domain

Routing . . . . . . . . . . . . . . . aut-num

Organisation . . . . . . . . . . . organisation

Contact details . . . . . . . . . .person, role

Data protection . . . . . . . . . mntner, keycert

Documents AFRINIC DB User Manual: Getting Started

AFRINIC Database Reference Manual


22/82

AfricanNetwo

rkInformationcentre

Basic Queries

Use a Whois Client:Use a Whois Client:

** No known command-line whois client for Microsoft

Windows. All command line whois clients are usually on

Unix/Unix-Like Systems and Linux.

whois -h whois.afrinic.net

http://www.afrinic.net/cgi-bin/whois

Download a CLI whois client from sourceforge,freshmeat, etc.Download a CLI whois client from sourceforge,freshmeat, etc.

There may be some commercial windows whois clients.There may be some commercial windows whois clients.


23/82

AfricanNetwo

rkInformationcentre

Creating a Person Object

Query the whois server for an object template:

whois h whois.afrinic.net -t person

And for a verbose output:

whois h whois.afrinic.net -v person

Complete in plain text and email to:


24/82

AfricanNetwo

rkInformationcentre

person: [mandatory] [single] [lookup key]

address: [mandatory] [multiple] [ ]

org: [optional] [single] [inverse key]

phone: [mandatory] [multiple] [ ]

fax-no: [optional] [multiple] [ ]

e-mail: [optional] [multiple] [lookup key]

nic-hdl: [mandatory] [single] [primary/look-up key]

remarks: [optional] [multiple] [ ]

notify: [optional] [multiple] [inverse key]

mnt-by: [optional] [multiple] [inverse key]

changed: [mandatory] [multiple] [ ]

source: [mandatory] [single] [ ]

whois h whois.afrinic.net -t personattributes values


25/82

AfricanNetwo

rkInformationcentre

nic-hdl

Unique identifier forperson and role objects

Format: [number]-

e.g. PB1-AFRINIC

Use AUTO-1 when creating new objects to auto-generate a handle.

person: Pius Bognic-hdl: PB123-AFRINIC

person: Pius Bognic-hdl: auto-1

role: NOC Teamnic-hdl: auto-1

role: NOC Teamnic-hdl: NT1-AFRINIC


26/82

AfricanNetwo

rkInformationcentre

Database Responses

Successful update:object accepted (or no object found)

Errors:object NOT accepted read error report correct and re-send

Send questions to

include complete error report and original email to DB


27/82

AfricanNetwo

rkInformationcentre

Role Objects

Can contain several person objects for a defined role. For Example:

role: ISP-X NOC Contacts

.admin-c: ABC1-AFRINIC

admin-c: DEF1-AFRINIC

tech-c: GHI1-AFRINIC

nic-hdl: INC1-AFRINIC

Advisable to use role instead of person objects Easier to update multiple objects when contacts change

Only role object to be modified (admin-c/tech-c).


28/82

AfricanNetwo

rkInformationcentre

Querying Address Ranges

Standard IPv4 look-ups IP address

IP range

two IP addresses (-) IP address and prefix size (/ )

netname

Exact match by default smallest less specific if no exact match whois h whois.afrinic.net x [IP range]

If no matching object, nothing is returned


29/82

AfricanNetwo

rkInformationcentre

Hierarchical Queries

80.35.64.0-

80.35.65.19180.35.88/26

80.35.64.0 - 80.35.95.255

80.35.80/25

MARIBU TAIWO

whois -h whois.afrinic.net -M 80.35.64.0/19

whois -h whois.afrinic.net-m 80.35.64.0/19 (first sub-level only)

whois -h whois.afrinic.net-L 80.35.92.10

whois -h whois.afrinic.net-l 80.35.92.10

CHATHA ...

80.35.92/29

CHATHA-2

80.35.92.8/29

CHATHA-8


30/82

AfricanNetwo

rkInformationcentre

Inverse Lookups: -i

To find all objects that contain references to other objects

Whois -h whois.afrinic.net -i {attribute} {value}

Inverse keys

mnt-by, mnt-lower, admin-c, etc

whois -h whois.afrinic.net i tech-c TM125-AFRINIC

whois -h whois.afrinic.net -i admin-c,tech-c,zone-c TM125- AFRINIC or

whois -h whois.afrinic.net -ipn TM125-AFRINIC whois -h whois.afrinic.net -i mnt-by KARIBU-MNT

Whois -h whois.afrinic.net -i org ORG-PIE1-AFRINIC


31/82

AfricanNetwo

rkInformationcentre

Non-recursive Lookups: -r

whois -h whois.afrinic.net 80.35.64.82 => inetnum,person(s)

whois -h whois.afrinic.net-r80.35.64.82

=> inetnum whois -h whois.afrinic.net -Tinetnum 80.35.64.82

=> inetnum,person(s)

whois -h whois.afrinic.net -r -Tinetnum 80.35.64.82 => inetnum

To prevent being blocked for too many person objectqueries, as DB has limits!


32/82

AfricanNetwo

rkInformationcentre

Using mntner Objects

mntner: protects objects in DB (via mnt-by)

Creating a mntner:

fill out template (whois -h whois.afrinic.net-t mntner)

send to

Forgot/lost authentication? (Password, PGPkey) send fax to AfriNIC to modify authentication

Fax explaining situation on company letter paper

signed: admin-c of mntner or any other authority.

Inverse: whois -h whois.afrinic.net -i mnt-by XYZ-MNT finds all objectthat are maintained by (mnt-by:) that mntner


33/82

AfricanNetwo

rkInformationcentre

Authentication Methods

1. auth: CRYPT-PW

2. auth: MD5-PW

3. auth: PGPKEY-

Can use multiple authentication methods & multiplemntners .

There is a web-based tool on the AfriNIC website forgeneratingmd5-pw andcrypt-pw encryptedpasswords for use in maintainer objects ('auth'attribute)


34/82

AfricanNetwo

rkInformationcentre

Auth: Attribute CRYPT-PW (easiest to crack) & MD5-PW : (more secure)

Encrypted password can be created via web interface https://www.afrinic.net/tools/whois_crypt.htm

to update objects, include:password:

PGP : safer, but much more complex

1: create mntnerwith otherauth: line

2: create a key-pair http://www.gnupg.org/3:create key-cert object (includes public key)

4: modify the mntnerto include

auth: PGPKEY- to update objects, include: PGP signature.

P t ti DB Obj t


35/82

AfricanNetwo

rkInformationcentre

unprotectedperson object

Protecting DB Objects

password: cleartext_password

encrypted password

if update successful

mnt-by: MATATU-MNT

person: Mario Murillo

...

nic-hdl: MAMU...

if update fails

Includeauthentication ofmntner in e-mailif updating object

via e-mail

person objectprotected by mntner

MATATU-MNT

mntner: MATATU-MNT

descr: maintainer for all matatu objectsadmin-c: MAMU

tech-c: MAMU

auth: MD5-PW $1$5Uapud4ydfMWhgo/upd-to: afrinic_db_oops@matatu.aomnt-nfy: afrinic_changes@gmail.com

mnt-by: MATATU-MNT

changed: hostmaster@bodaboda.bj 20050401

source: AFRINIC

auth: CRYPT-PW q5nd!~Sfhk0#a

-h whois.afrinic.net


36/82

AfricanNetwo

rkInformationcentre

Hierarchical Authorisation

mnt-by(mandatory in DB) protects the object in which it appears and can... authenticate creation / deletion of more specificinetnum, route, domain objects

mnt-lower(optional in inetnum template) mandatory in: allocation inetnum objects recommended in sub-allocation inetnum objects authenticates creation of more specific inetnum, domain objects

mnt-domains(optional in inetnum template) optional for:allocation and PI inetnumobjects recommended ininetnum objects authenticates creation ofdomain objects


37/82

AfricanNetwo

rkInformationcentre

More Hierachical Authorisationinetnum: 193.27/16

status: ALLOCATED PA

mnt-by: AFRINIC-HM-MNT

mnt-lower: A-MNT

inetnum:193.27.128/22

status: SUB-ALLOCATED PA

mnt-by: A-MNT

mnt-lower: B-MNT

inetnum:193.27.130/24

status: ASSIGNED PA

mnt-by: B-MNT

allocation

sub-allocation

assignment


38/82

AfricanNetworkInformationcentre DB Update Procedure

Modifying an object: get exact copy, make changes to it keep same primary key add new changed line in chronological order

changed: didier@drogba.ci

Deleting an object: add delete line to exact copy (with some explanation)

delete: thierry@henry.fr overlapping inetnum Subject: DELETE does not delete object!

In both cases: Include authentication (e.g. password)


39/82

AfricanNetworkInformationcentre

whois -h test-whois.afrinic.net

Non-production whois database

Interface same as real whois DB syntax check + error reports

test-dbm@afrinic.net nic-hdl:AUTO1-TEST source: TEST referral-by: TEST-DBM-MNT mnt-by: TEST-DB-MNT (only for allocations)

For testing: authorisation schemes, scripts, etc


40/82


Questions?


41/82

AfriNIC - 2005


First IPv4 Allocation


42/82


Membership First!

Fax/Email +Courier/Post the following documents toAfriNIC: RSA (Registration Services Agreement)

Membership Form All on www.afrinic.net.

E-Mail new-member@afrinic.net for follow-up.

E-Mail Address Space Request Template tohostmaster@afrinic.net.

Online Membership Application coming soon!
http://www.afrinic.net/http://www.afrinic.net/


43/82


First Allocations

IPv4 First Allocation Request Form Which includes:

LIR First PA Assignment Request Form

Must show efficient utilization of IP addresses inaddressing plan template

Minimum allocation size: /22 Slow start mechanism for first allocations


44/82


First allocation template

1st allocation template please see:

www.afrinic.net/documents.htm

* Requesting via online forms will be available

soon.


45/82


Additional IPv4 Allocation


46/82


Evaluation of Allocation Request

Previous allocation used up ~ 80%? status: ASSIGNED PA or SUB-ALLOCATED PA

do LIRs records match RS records/DB? AfriNIC asks for documentation on 3 or more

assignments

All renumbered networks returned? Quality of AFRINIC DB records Broadband usage verifiable?


47/82


Making New Allocations

If inconsistencies foundLIR corrects data before receiving new

allocation

When data corrected:AfriNIC allocates new block to LIRupdates the DB.


48/82


Allocation inetnum Object

inetnum: 80.35.64.0 - 80.35.127.255

netname: EG-NILEONLINE-20050401

org: ORG-NILE32-AFRINIC

country: EG

admin-c: NILE-AFRINICtech-c: NILE-AFRINIC

status: ALLOCATED PA

notify: sphinx@nile.eg

mnt-by: AFRINIC-HM-MNTmnt-lower: NILE-MNT

changed: hostmaster@afrinic.net 20040503

source: AFRINIC


49/82


End-User /PI Requests


50/82


PA vs. PI Assignments

ProviderAggregatable End User addresses out of LIRs allocation must be returned when changing providers Can be made with involving AfriNIC

ProviderIndependent End User addresses directly from AfriNIC can be kept when changing providers

Routability of PI addresses not RIR's responsibility Some ISPs may have a policy against routing IP addresses not issued/assigned by the

ISP.


51/82


Requesting PI Space

Organization must first become a member

organisation object created if successful.

IPv4 End-User Assignment Request Form (PI)

Every PI assignment has to be requested

separately

There will be an evaluation and processing fee

for each new End-user assignment. **


52/82

AfricanNetworkInformatio

ncentre

After the PI Assignment Approval

AfriNIC will assign a PI block

create assignment object in DB

PI holder must not assign further

Upstream usually assists PI holder with

reverse DNS and route object


53/82


ncentre

Example PI DB Object

inetnum: 194.1.208.0 - 194.1.209.255 netname: ClaudeSports

descr: Claude Sports retail network

descr: Kinshasa, DRC

org: ORG-CS4-AFRINIC

country: CD

admin-c: KANU

tech-c: DIOUF

status: ASSIGNED PI


mnt-lower: MAKE-MNT

mnt-domains: MAKELELE-MNTchanged: hostmaster@afrinic.net 20050421

source: AFRINIC


54/82


ncentre

PA Assignments

IPs issued by LIR to customers/end-sites IPs issued by LIR to own infrastructure:

Dial-In pool ADSL pool NOC, Staff LAN, etc

Must be recorded in the whois database Recommended: 4 or more IPs

A pool of dynamically assigned IPs can be

recorded as one range of IPs. 80% utilization needed before requesting

more IPs from AfriNIC.


55/82


ncentre

Assignment inetnum object

inetnum: 196.0.80.0 - 196.0.80.127

netname: JAMBO-NET

descr: KaribuWeb customer

country: KE

org: ORG-JA123-AFRINIC

admin-c: AB231-AFRINIC

tech-c: JJ125-AFRINIC

status: ASSIGNED PA

mnt-by: Karibuweb-MNT

mnt-lower: Karibuweb-MNTmnt-domains: Jambo-MNT

changed: peter@karibu.ke 20050411

source: AFRINIC


56/82


ncentre Sub-allocations

Sub-allocation: From LIR to ISP Sub-allocation window: What the LIR can sub-

allocate without AfriNICs approval. (Unless2nd opinion is needed).

If a sub-allocation > Sub-Alloc. Window, IPv4 sub-allocation Request Form

Minimum sub-allocation size: /24


57/82


ncentre

Using Sub-allocations

LIR must register sub-allocation in DB LIR has final responsibility for whole sub-allocation

(mntners)

inetnum object: status:SUB-ALLOCATED PA

use ISPs mntner inmnt-lower/domains,

and LIRs mntner in mnt-by

Assignments from sub-allocations From ISP to itself or to End Users/Customers


58/82


ncentre

Why Register IPs in the DB?

contact info in case of trouble overview of usage (*when requesting for more)

Address space considered in use only if registered in

DB.

* or else delays in: additional allocation,* Identified as Bogon address and blocked by ISPs (in

case of allocations)

Responsibility of the LIR to register assignments.

Responsibility of the RIR to register allocations and PIassignments.


59/82


ncentre

Questions?


60/82

AfriNIC - 2005


ncentre

Reverse Delegation Procedure


61/82


ncentre

What is Reverse Delegation?

The DNS provides forward (name-to-number) andreverse (number-to-name) resolutions. Reverse delegation allows applications to map a

domain name from an IP address. Achieved by use of special domain names:

IPv4: in-addr.arpa. IPv6: ip6.arpa

IANA centrally administers and delegatescorresponding reverse zones for all /8s allocated toAfriNIC.


62/82


ncentre

Why Do You Need Reverse?

All host to IP mappings in the DNS (A record)should have a corresponding IP-host mapping(PTR record)

Otherwise users blocked from various services (ftp, mail, IRC,

etc)


63/82


ncentre

Decide what range you want reversed

(whole allocation or specific assignments?)

Decide who will be responsible

Yourself (LIR)? End User/Customer?

Request Procedure

Who Can Request and What?


64/82


ncentre

First - Set up the zones (on your name servers) !!

Then create domain objects in the AfriNIC whoisdb. The domain object contains info about your

zone and the associated name servers.

Possible domain boundaries: /24, /16. (Multiples of course possible*)

(IPv6: /32, /36)

How to set up Reverse Delegation


65/82


ncentre Example domain Object

Template: whois h whois.afrinic.net -t domain

Domain: 32.3.196.in-addr.arpa

descr: Reverse delegation for

descr: Karibus Customer Jambo

descr: Internet Services Ltd.

admin-c: JJ231-AFRINICtech-c: SULU-AFRINIC

zone-c: WF2121-AFRINIC

nserver: ns.karibu.ke

nserver: ns2.mtn.za

mnt-by: KARIBU-MNTchanged: badru@jambo.ug 20050417

source: AFRINIC


66/82


ncentre

Checking DB syntax

Checking authentication (passwords) (mnt-domains/mnt-lower in inetnum)

Checking if nameserver setup is correct Delegation checker Web UI on AfriNIC Tools

Website.

The appropriate NS lines will be entered into the

parent zone file after about 5 hrs) Domain object in DB successful reverse

Use nslookup or dig or whatever tools to verify setup.

Steps Performed by the System


67/82


ncentre

Delegation Sizes

Multiple /24delegations: several domain objects can be sent in one e-mail

Shorthand notation for consecutive zones

/16 delegation


68/82

AfricanNetw

orkInformatio

ncentre

Problems with Reverse ?

Database and DNS diagnostics sent tothe requestercorrect errors and re-send to:

auto-dbm@afrinic.net

If problems continue

include full errorreport


69/82

AfricanNetw

orkInformatio

ncentre

Questions?


70/82

AfriNIC - 2005

AfricanNetw

orkInformatio

ncentre

Autonomous System Numbers


71/82

AfricanNetw

orkInformatio

ncentre

Autonomous System

Definition:

A unique number that defines an Autonomous System

on the Internet. An Autonomous System is a collection of IP networks under

control of a single entity typically, ISPs (or other orgs) thatadhere to a single and clearly defined routing policy.

IANA allocates AS numbers to RIRs

RIR assigns AS number to LIRs or to End Users.

2-byte, eg AS34567 4-byte, eg AS5.234 (nomenclature agreed by IESG)


72/82

AfricanNetw

orkInformatio

ncentre How to Get an AS Number ?

Autonomous System (AS) NumberRequest Template:

address prefix to be announced with thisrequested ASN or ticket # of pending IP addressrequest (if applicable)

peering contacts (2 or more: **policyrequirement that stipulates a need to be

multihomed before requesting an ASN).


73/82

AfricanNetw

orkInformatio

ncentre

aut-num: NEW

as-name: WEAH

descr: Georges AS#org: ORG-WEAH77-AFRINICremarks: import: from AS2 action pref=20; accept AS2

remarks: import: from AS3 action pref=100; accept ANY

remarks: import: from AS2 action pref=200; accept ANY

remarks: export: to AS2 announce NEW

remarks: export: to AS3 announce NEW

admin-c: ETOO-AfriNIC

tech-c: HADJI-AfriNIC


changed: hostmaster@afrinic.net

source: AFRINIC

aut-num object:

AS30999

AS30999

AS30999

20050229


74/82

AfricanNetw

orkInformatio

ncentre

Internet Routing Registry

Globally distributed DB with routing data AfriNIC Db does NOT have a IRR component

Create route object in RIPE NCC Db

use mnt-by: RIPE-NCC-RPSL-MNT ** (unsafe!) password=RPSL

Create a maintainer object in the RIPE DB foruse along with the RIPE NCCs genericmaintainer! Else, someone else can delete or modify your

data!


75/82

AfriNIC - 2005

AfricanNetw

orkInformatio

ncentre

IPv6


76/82

AfricanNetw

orkInformatio

ncentre

Get IPv6 Addresses From:

Use of the 2002: prefix to use on an IPv4-only network/uplink: "6to4" transition mechanism

V6 addresses derived fromexisting v4 addresses.

Another LIR IPv6 has more levels

of hierarchy

RIR

Tunnel broker


77/82

AfricanNetw

orkInformatio

ncentre

Common IPv6 Policy Principles

Address space not property leased automatically renewed, if criteria still

fulfilled Minimum Allocation

easier prefix-based filtering

Different priority of goals aggregation rather than conservation minimise administration


78/82

AfricanNetw

orkInformatio

ncentre

First IPv6 Allocation

Criteria must be LIR / must not be an End Site

plan to provide connectivity to aggregatedcustomers

Size: /32 (bigger if justified)

IPv4 infrastructure and users considered IPv6 First Allocation Template

Subsequent allocation: HD ratio > 0.8 ***

(eg. 10.9% usage for /32)

*** This is being proposed to 0.94


79/82

AfricanNetw

orkInformatio

ncentre

IPv6 Assignments

Assignment size - /48 for all (no approval needed)

smaller size: /64 just one subnet /128 just one device

Assignment to operator's infrastructure

/48 per PoP or in-house operations

Multiple /48s for very large End Users

Register every /48 assigned into the whois db

Reverse delegation: ip6.arpa.


80/82

AfricanNetw

orkInformatio

ncentre

inet6num Object

inet6num: 2001:0888::/32netname: SA-XS4ALL-20050317

descr: Xs4all Internet

org: ORG-XS4A1-AFRINIC

country: ZA

admin-c: XS-AFRINICtech-c: XS-AFRINIC

status: ALLOCATED-BY-RIR


mnt-lower: XS4ALL-MNT

mnt-domains: XS4ALL-MNTchanged: hostmaster@afrinic.net 20050317

source: AFRINIC


81/82

AfricanNetw

orkInformatio

ncentre

Questions?


82/82

AfricanNetw

orkInformatio

ncentre

Comments? Suggestions? Feedback?

afrinic training

Documents

afrinic update - ripe60.ripe.net · afrinic update adiel a....

afrinic stakeholder satisfaction survey 2012

iana update - afrinic · iana update leo vegoda number...

apnic update - afrinic 25

apnic update afrinic 15, cameroon louise flynn, marketing...

afrinic 101

afrinic activity update adiel a. akplogan ceo, afrinic...

afrinic-update-apnic30 · title: afrinic-update-apnic30.pdf...

afrinic - ripe network coordination centre · page 1...

spearheading internet technology and policy development in...

african network information centre march 2 nd, 2007 ©...

afrinic update christchurch 2008

afrinic update adiel a. akplogan ceo, afrinic ripe-68,...

rpki deployment at afrinic status update · arin ripe ncc...

afrinic update · afrinic update alan barrett ceo thursday...

afrinic : collaboration with ixps 1

afrinic update · afrinic update alain aina acting ceo,...

converged communication and ipv6 - afrinic

afrinic internet routing registry public guide · afrinic...

mwirima byaruhanga-afrinic update.r0ao