Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
|
||
|
||
Beginning in April 2011, using economic incentives, the transfer market began with the reallocation of Internet Protocol network resources between entities that had excess number resources and internet services providers, network operators, cloud service providers and now emerging artificial intelligence (AI) companies, with the registry system acting as a record keeper of the transfers.
We now approach the quindecinnial of the start of the legitimate and registry recognized transfer market which continues to provide access new companies to owning their own address space to provide their services. This achievement should be heralded as a successful market-based approach to a global problem, yet there are still pockets of resistance that linger in the registry communities, silent on the immense impact that this safety valve provided.
Practically speaking, the rise of the transfer market came about because the Internet Registry system had no more unallocated network resources to lease to its members. Once all of the registry’s address space given to it by Internet Assigned Numbers Authority (IANA) had been issued to its members, the registry could no longer meet the demands for additional address blocks. There being literally thousands of entities with excess network resources, all it took was an economic incentive to either clear or renumber their addresses and sell their rights.
Yet, at the same time, numerous network engineers chided the internet registries for not taking the action to reclaim these early registrations. Additionally, many of these well-meaning community members chortled that, instead, entities should be shamed into giving their resources back if the registry system wasn’t going to reclaim them. Lastly, some community voices came out loudly against this solution as they proposed it would hinder or halt the transition to IPv6.
Now we can all put this to rest, as it is clear that overall, the creation of and growth of the global transfer market has been a massive success and provided the ability for the underlying core internet infrastructure to grow unabated. There are still a few small fallacies and flaws that remain, which are as follows.
The sole criteria when accepting a transfer from any owner should be driven by whether the transfer of the network resource registration will be accepted, acknowledged and permitted to be maintained in the buyer’s account by the chosen Internet Registry. Where the registration comes from is of zero importance and has no effect on the usefulness of received resources.
As an example, if a validated owner proposes to transfer their rights from the Latin American and Caribbean Internet Addresses Registry (LACNIC) to a qualified buyer that maintains its own other registrations in the American Registry for Internet Numbers (ARIN), then once the buyer receives them and they are updated into their ARIN organization, they are equal to and are no different than ones already held in that account, whether they were directly issued by ARIN or came from another source.
To understand why this matters, it is the stated collective shared goal of the Internet Registry system managers to encourage and foster entities to establish a one holder—one Internet Registry relationship, as this simplifies maintenance of resources, simplifies reverse delegations maintenance, the need to know two sets of procedures, work with a registry in extremely different time zone and reduces the legal/financial requirements by only contracting with a single registry. Therefore, once brought into a registry account, it was always the goal to make all network resources equal to any others in the account.
The registry system original position that transfers were “illegal” gave way to realizing that they could insert themselves both in the approval process and more so in the financial value chain. This led to the development of variable fees where the registry fee is uncoupled from the cost of performance but linked to the “size” of the IPv4 number block using Classless Inter-Domain Routing (CIDR) size notation, which is silly, because the amount of cost for the registry for each registration is the same whether it is a larger block, like a large /16 or /24 ( a block 1/256th the size). This is simply price gouging to force the buyer to pay more to the registry otherwise the registry will not “approve” the transfer. This flawed approach drives registry shopping.
Here registries like ARIN and APNIC really do insert themselves into the value chain by forcing payments that are not commensurate with the value of their work, but with their “toll taker” position of enforcement. LACNIC at least only has a two-level fee structure that isn’t as obvious and isn’t nearly as expensive.
Yet, here again, the RIPE NCC stands alone for being fair and treating their role as not a gatekeeper but a legitimate recorder of these transfers by not charging any fees, other than typical membership fees if the buyer does not already belong. Buyers are beginning to take notice.
Reading the various versions of what are the “needs assessment policy” are for each of the internet registries and it is very clear that each “community” has gone on vastly different paths. The assessments are still opaque and performed by the registry staff. The wording of the policies gives those staffs wide latitude in how to interpret what use “is”, as the policy doesn’t differentiate whether simply announcing prefixes in the global routing table is enough or whether detailed customer sub-delegations must be provided too.
Here again, the RIPE NCC gets the nod for instead of wasting staff resources on being the jury and judge, only limits the buying entity from “flipping” the network resources for two-years, while ARIN, LACNIC & APNIC demand detailed plans for use.
Why? There are several competing theories when walking through the halls of their respective member meetings and most revolve around artificially suppressing the potential buyer pools. Maybe someone within each community can justify this still, but after almost 15 years, it’s getting harder and harder to see how this doesn’t inject immense artificial controls over an efficient market.
In reality, this practice began, and made sense, when the internet registry was given its massive /8 blocks by the Internet Assigned Numbers Authority (IANA) and then leased portions to its members. An entire process and regime developed on how to game the needs assessment process by many, as was the internal staff of the registries created. This deeply faulty premise is based upon the reed thin belief that it needed to ... pick your reasons. Nonetheless, it remains an unnecessary colossal waste of time, for both the buying entities and the registry staff.
Each registry provides a basic set of post-transfer services, besides its primary function of maintaining the accuracy of the public whois of the specified transferred registration. All five internet registries seem to provide an easy-to-use web portal to manage members resources where they all offer versions of these core services: Resource Certification, DNS Security, an Internet Routing Registry, Customer Network Provisioning, and Public Whois Search. How each registry provides these essential core services varies greatly.
Rating the registry system varying services is a task in itself, but with that have been the breakout role of authentication of the owner’s rights may be the most interesting, only because of the circular process of the registry certifying its own work.
How they provide these services seems to be the differentiator. The larger internet registries seem to have generated positive reviews by being excellent customer focused, but still the online portals remain clunky and lag well behind typical commercial providers. Hopefully the advent of A.I. assistance will be integrated into the platforms in a manner that leapfrogs current online capabilities.
This myth continues against all evidence to the contrary. When looking at the largest 50 buyers between 2011 and 2021, nearly all had fully deployed and supported the implementation of IPv6 in their customer platforms. Interestingly, some of the loudest advocates for IPv6 became brokers and consultants for the transfer market, often times couching it as part of the transition phase. Here’s to hoping that this one finally comes to a close as its still cited by too many well-meaning advocates for IPv6.
It has been well over a decade since the transfer market came into existence and took over nearly every internet registry community, yet the registry system has become a modern-day Tower of Babel where each registry has zigged out into different paths. From fee structures to policies and how they look at their customers. Maybe this is good because each internet registry should be more responsive to their members, but also maybe its time for them to start to compete with each other and drop those artificial geographic restrictions.
The net result that no one wants to say out loud, least of all the stalwarts at any of the internet registries is that once the network resource is transferred into a new organization and is recognized by the internet’s routing system and that whom ever recently held the network resources matter not one bit. Buyers should realize this and embrace it.
Sponsored byRadix
Sponsored byIPv4.Global
Sponsored byVerisign
Sponsored byVerisign
Sponsored byDNIB.com
Sponsored byCSC
Sponsored byWhoisXML API
A World-Renowned Source for Internet Developments. Serving Since 2002.
The central question is whether transfer policy is set through the community-driven process, and in your review there does not appear to be any claim that it is not or should not be.
The particulars of transfer policy – including whether and how needs-based assessments are applied – are determined by each regional community. To date, those communities have consistently supported some form of needs-based review for recipients. One may agree or disagree with that outcome, but the key point is that these policies are openly proposed, debated, and adopted through established multistakeholder processes.
Beyond the question of needs-based policy, your post raises a number of additional concerns regarding efficiency, market behavior, and fairness. Those are reasonable topics for discussion, but they do not alter the fundamental point: transfer policy exists to manage a scarce resource within a functioning registry system and is established through community process. Disagreement with specific outcomes does not, by itself, demonstrate that the underlying framework is flawed, nor do regional differences indicate dysfunction, but rather differences in conditions in each region.
Of course, your analysis completely ignores that needs-based conditions are a standard feature of resource governance across many industries – including spectrum licenses, mineral leases, water rights, airport slots, fisheries, etc. – precisely because scarce resources will otherwise be hoarded, speculated upon, or withdrawn from productive use. The fact that the Internet number registry community arrived at a similar outcome should not be surprising.
Applying needs-based constraints to IPv4 is therefore neither unusual nor logically flawed. It is a well-established mechanism for keeping allocation aligned with actual operational requirements, and your framing it as an anomaly overlooks the fact that comparable systems are deliberately designed to function effectively under conditions of scarcity and have proven quite successful across a variety of industries.
“...precisely because scarce resources will otherwise be hoarded, speculated upon, or withdrawn from productive use. “
We have had a natural experiment in more than a decade of RIPE transfers of these assets without a needs-test being required. If it is the needs-test that is protecting us, we should see some measurable results from its absence over more transfers than any other registry in that time.
We don’t have to compare to “spectrum licenses, mineral leases, water rights, airport slots, fisheries, etc.” We can make a direct comparison here.
The RIPE transfer experience is exactly why the “needs-based” argument no longer works as a technical justification. If removing the needs-test from transfers was supposed to produce visible harm through hoarding, speculation, or withdrawal from productive use, then after more than a decade and more transfers than any other registry, we should be able to point to clear, measurable damage. We cannot. That is why needs-based policy now looks less like a protection for routing or operational stability, and more like another example of running-code betrayal: an ever-expanding, self-authorizing mandate layered on top of already functioning networks and active assets. In simple English, this is no longer about whether there is a real need for IP addresses. It is about whether the registry still wants the power to decide who is legitimate, on what terms, and under what theory. So the real “need” being defended here is not need for IPs. It is need for power.https://circleid.com/posts/running-code-betrayal-how-the-rir-system-turned-consensus-against-the-technical-community
Lu Heng – Your comment repeats a premise that my 28 March response already addressed. You suggest, “If removing the needs-test from transfers was supposed to produce visible harm through hoarding, speculation, or withdrawal from productive use, then after more than a decade and more transfers than any other registry, we should be able to point to clear, measurable damage,” but alas, RIPE has not operated without a needs-test. It may be applied with relatively low friction, but it is not absent. The absence of large-scale hoarding or financial accumulation does not prove needs-based policy is unnecessary, because even a minimal operational need requirement continues to act as a gating mechanism. It limits participation to entities with demonstrable deployment intent, as purely financial actors would have to assume significant risk by making false representations in order to engage in using IPv4 number resources as an investable asset...
John, once every minimal eligibility check or anti-fraud screen is relabeled a “needs-test,” the term has lost its analytic content. RIPE’s own transfer policy within its service region allows transfers by “any legitimate resource holder”; the explicit recipient use-plan requirement appears in specified inter-RIR cases tied to compatibility with regions that still demand needs-based rules. So your fallback is no longer a defense of operational-need allocation in any meaningful sense. It is a defense of preserving a discretionary gate. A fraud rule against false representations is one thing; an open-ended power to decide which holders, motives, or capital structures are sufficiently “operational” is another. The first targets misrepresentation. The second preserves permissioned control. That is why need-based policy keeps revealing itself not as need for IP, but as need for power. In an unequal world, such rules do not neutralize inequality; they read existing scale, capital, and institutional capacity, and turn them into administratively respectable outcomes. And once the uniqueness layer is used as a pretext for that thicker gatekeeping function above operator-held assets, the registry is no longer merely coordinating uniqueness; it is claiming authority from procedure. As I wrote in “Mandate Laundering: From RIR Fantasy to Transition Architecture,” (https://circleid.com/posts/mandate-laundering-from-rir-fantasy-to-transition-architecture)“Private power goes in. Quasi-public legitimacy comes out.” Your comment is demonstrating that mechanism in real time.
The characterization of RIPE as having operated for more than a decade without a needs-test is not correct. RIPE NCC has indeed required recipients in IPv4 transfers to demonstrate operational need. I understand that the requirement may be applied with a lighter touch than in some other regions and is easily met by network operators – but that is definitely not the same as being absent.
That distinction is important, because the argument being made depends on the existence of a “no-needs” environment as a natural experiment. In practice, no such environment exists within the RIR system. What RIPE provides is a long-running example of a lower-friction, needs-based regime, not the elimination of needs-based policy.
If RIPE had truly operated without any operational need requirement, one would expect to see materially different market behavior. In particular, the absence of such a boundary condition would have enabled numerous purely financial actors to acquire and hold rights to IPv4 address blocks as an investment asset class – for example, through structured funds accumulating address space without any intent to deploy it in networks. That has not emerged in any meaningful way, and the reason is straightforward: even when the operational need test is a relatively low bar – and one that is readily satisfied by legitimate network operators – it still serves as a gating mechanism against purely financial speculation, as no credible financial institution will undertake the huge risk of loss of capital that would result from making fraudulent representations to complete transfers.
As nominal as the operational need requirement is, it still effectively limits participation to entities with demonstrable deployment intent, rather than opening the transfer market to unconstrained financial speculation. This is why one cannot point to RIPE’s experience as informative as to what would actually happen if needs-based requirements for transfers were eliminated, even if folks fondly wish it were so…