People usually get little confused when they need to request IP addresses from an Internet number registry. Why is that? Because engineers speak a different language to policy people. Isn’t it interesting? In this post, I’ll try and translate…
When you build your network, which will be connected to the Internet, you probably need a public IP address. Where can you get those address from? From two sources:
- Your upstream ISP
- From an Internet Number Registry (i.e. APNIC if in Asia Pacific region).
Wherever you get the address from you will have four different options to build your network and IP routing arrangement. Here are those options:
1. Your network is single home and you are using non-portable prefix
You are connected to one ISP only and receiving your public IP address from your upstream ISP. You are not a member of APNIC yet.
2. Your network is single home and you are using portable prefixes
You are connected to one ISP only and receiving your public IP address from and Internet Number Registry i.e. APNIC Member. According to IP Address management policy, for this option you need to be an ISP to be able to become an APNIC member.
3. Your network is multihome and you are using non-portable prefix
You are connected to more then one ISP and receiving your public IP address from any of your upstream ISP. Not an APNIC Member yet but you are already qualified to become APNIC Member.
4. Your network is multihome and you are using portable prefixes
You are connected to more then one ISP and receiving your public IP address from an Internet Number Registry i.e. Member of APNIC.
Out of those four available options, the last option (Option 4) is very popular now.
An enterprise organization (i.e. Bank, University etc) can also choose this option to build their network with public IP address. The benefit of this option is the enterprise does not need to renumber their network even if they change their upstream transit provider. They will be able to do their end-to-end routing path (AS-Path) manipulation if they need. Their prefix will be visible to the global Internet originated from their own AS number. Routing policy implementation is very flexible. Any of the non-portable prefix option will not give these flexibly.
In my next blog I will try to cover the best operational practice (BCOP) on doing Legitimacy of Address (LoA) check on those four options and to secure your IP core network. So that we can stop what happened in the well-known Youtube case.
Any questions or comments? I’d be pleased to hear from you.
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.