Assignment window FAQ

Contents

• What is an assignment window (AW)?
• What is the second opinion request?
• Why does APNIC require the second opinion requests?
• Do I need to send in a second opinion request for assignments to my own infrastructure?
• Can I assign more than my assignment window?
• What size assignment window is given to new members?
• How long do I have to wait before my assignment window increases?
• How long do I have to wait for a second opinion request to be approved by APNIC?
• What will happen if I do not follow the second opinion process?
• Can I see an example of what a second opinion request should include?

What is an assignment window (AW)?

An assignment window refers to the amount of IP address space that you can assign or sub-allocate to your customers without the need to send in a second opinion request form for APNIC's approval.

Example 1:

Your organisation has been given an assignment window of 0 IP addresses. 

Therefore, you cannot assign any IP addresses to your customers without 

first receiving approval from APNIC.

Example 2:

Your organisation has been given an assignment window 

of 32(/27). Therefore, you can assign up to and including 

32 IP addresses without the need to seek approval from 

APNIC. But if a customer requests more than 32 IP 

Addresses, you must first seek APNIC's approval.

What is the second opinion request?

A second opinion request is the process that is used to seek APNIC's approval for assignments or sub-allocations that exceed your AW. On the second opinion request form, you outline how you are going to assign IP addresses to your customer networks. The information you need to supply on this form is similar to what you need to provide on the IPv4 ISP Request form except that the second opinion request relates only to customer assignments and sub-allocations, not assignments for your own infrastructure. You must receive APNIC's approval of the second opinion request before you can make assignments or sub-allocations exceeding your assignment window.

Why does APNIC require the second opinion requests?

APNIC applies the assignment window and second opinion process to all members. This is to ensure that all members are familiar with APNIC's policies and follow the correct procedures and practices when assigning IP addresses.

You can find more information on APNIC's Policies for address space management in the Asia Pacific region.

Do I need to send in a second opinion request for assignments to my own infrastructure?

No, you do not need to send in a second opinion request for your infrastructure; however, you do need to ensure that you assign IP addresses conservatively and only on justifiable technical needs (not simply for administrative convenience). Please remember, when you wish to obtain additional IP addresses from APNIC you have to demonstrate that you have used 80% or more of your previous allocation and that you have used them in accordance with APNIC's policies.

Can I assign more than my assignment window?

Yes, you can assign or sub-allocate as many IP addresses as it is necessary for your customers to implement their networks. However, before you assign or sub-allocate to your customers, you must submit the second opinion request form and receive APNIC's approval.

What size assignment window is given to new members?

All new members will be given an assignment window of 0 IP addresses when they first join. As the member gains experience, this will be raised.

How long do I have to wait before my assignment window increases?

APNIC will review your assignment window following every third second opinion request. However, this does not mean that your assignment window will be automatically increased to the next level. In deciding whether or not to raise the assignment window, APNIC will apply the following criteria:

1. Whether the second opinion form is always completed with the details necessary for APNIC's hostmasters to evaluate it without requesting additional information.
2. Whether the member has been correctly and accurately updating all previously approved second opinion requests in APNIC's database.
3. Whether the member has been assigning or sub-allocating IP addresses conservatively and following the current Internet best practice. For example, the current best practice includes: assigning IP addresses for 25% immediate usage and 50% usage within one year; and using Variable Length Subnet Masking (VLSM).

How long do I have to wait for a second opinion request to be approved by APNIC?

All requests sent to APNIC will get a reply within one working day (Monday to Friday). This does not necessarily mean that your requests will be approved the first time, as this depends on whether your request is complete, accurate, and contains sufficient information for APNIC's hostmasters to understand and evaluate. Therefore, you should read the second opinion request form carefully and obtain all the necessary information from your customers before submitting the form to APNIC.

What will happen if I do not follow the second opinion process?

APNIC will request an explanation as to why you have not followed the second opinion process. Provided your explanation is reasonable, APNIC will continue to allocate resources to your organisation. Depending on the circumstances, APNIC may also advise you of any action that may be taken if your organisation does not follow the process in future.

Can I see an example of what a second opinion request should include?

Following is an example of what you might need to provide in your second opinion requests.

#[SECOND OPINION REQUEST FORM TEMPLATE]#

#[REQUESTOR TEMPLATE]#

name: John Doe

email: john@sparky.net

acct-name: SPARKYNET-MY

org-relationship: consultant

#[SECOND OPINION TEMPLATE]#

address-type: IPv4

opinion-type: assignment

#[IPv4 ASSIGNMENT TEMPLATE V:1.0]#

netname: GLOBALNET

descr: Globalnet Inc.

descr: Software Company

descr: Kuala Lumpur

country: MY

prefix: /26

network-plan:  0.0.0.0/28   /29, /29, /28  Router, Mail, Web, DNS, 10 workstations

network-plan:  0.0.0.16/28  /30, /28, /28  Research and Development 

network-plan:  0.0.0.32/27  /29, /29, /27  Wireless Network 

old-network: 202.5.10.0/29    1 router and 4 Workstations

old-network: 202.5.10.8/29    Application Servers

#[ADDITIONAL INFORMATION]#

The customer will renumber and return the existing IP address to their 

upstream once this request gets approved.

Below is  a diagram on how the customer will connect to the ISP's network.

                         +-------------------+

                         | Our router        |

                         +-------------------+

                                   |

                                   |

                                   | 2M link

                                   |

                        +---------------------+

                        | Customer router     | A-BRAND2543

                        +---------------------+

                                   |

                                   |

                  +----------------+-----------------------+

                  |                                      |

                  | B-brand5421                          | C-Brand5200

       +------------------+            +-------------------------------------+

       | Dial-up router   |            |  Distribution Router (Leased Line)  |

       +------------------+            +-------------------------------------+

                  |                                   |

                  |                                   | 126Kbps

 +------------+   |                              +----------+

 |3 Servers   |---+                              | LL Cust  |

 +------------+   |                              +----------+

 email,DNS,News   |  +-+                          Existing cust

                  |  | |    +---------------+     30 IP addresses

                  +--| |----| 20 PCs        |

                  |  | |    +---------------+

                  |  +-+     PC using private IP addresses

 +------+         | Firewall

 | NAS  |---------+

 +------+

 120 Dial-up lines (90 digital and 30 analogue)

 (2 NAS XXX brand )

 ( each has 60 ports)

#[TEMPLATES END]#

What is virtual web hosting?

Virtual web hosting refers to the process of running multiple "virtual" web servers on a single physical host computer. Using this technique, a single computer can host thousands of independent web sites. Commercial web hosting service providers often use this technique to allow better manageability, efficiency and scalability of their service infrastructure.

Most virtual web hosting applications rely on virtual DNS resolution, so that a specific domain name (such as a customer's own registered domain name) may be associated with each independent virtual web server. This can be achieved through either name-based or IP-based virtual web hosting. These techniques are explained below.

What is name-based web hosting?

Name-based web hosting is a technique that can be used when providing virtual web hosting services. Each web site that is hosted on a single machine shares a single public IP address. All HTTP GET requests received by this web server are answered according to the domain name supplied by the requesting client, enabling the web server to differentiate between multiple virtual sites on the one IP address.

What is IP-based web hosting?

IP-based hosting is a technique that can be used when providing virtual web hosting services. Each web site that is hosted on a single machine is given its own separate public IP address. The HTTP GET requests are resolved by using the IP address instead of the name.

Operating system limitations may also limit the maximum number of IP addresses that can be assigned to a single machine, especially if separate log files are used.

What is the 'Host:' header field?

The definition of a Host: header is taken from section 14.23 of RFC 2616

The Host request-header field specifies the Internet host and port number of the resource being requested, as obtained from the original URI given by the user or referring resource (generally an HTTP URL, as described in section 3.2.2). The Host field value MUST represent the naming authority of the origin server or gateway given by the original URL. This allows the origin server or gateway to differentiate between internally ambiguous URLs, such as the root "/" URL of a server for multiple host names on a single IP address).

Under what circumstances is name-based web hosting possible?

Name-based web hosting is generally possible for web sites that do not have any special security requirements. For example, name-based hosting would be appropriate for personal web sites or servers that need to be accessible via more than one domain name.

Under what circumstances is name-based web hosting not possible?

There are a few technical limitations to name-based hosting. The most common one is some websites requirements of using SSL (Secure Sockets Layer) for e-commerce services, particularly if a separate certificate is used for each virtual domain, and for anonymous login functionality with virtual FTP services.

Can browsers that are only HTTP/1.0 compliant view websites that are hosted by a name-based virtual hosting system?

Browsers that are HTTP/1.0 compliant can view websites that are hosted by name if their version of the browser issues requests with an additional Host: header field. (This is a required header in HTTP/1.1, but all current HTTP/1.0 browsers also issue this header)

The justification of browsers not being HTTP1.0 compliant is not sufficient to warrant large scale IP-based hosting. Statistics collected by APNIC over a four month period show that almost all browsers visiting www.apnic.net provide the Host: header field (98.9% of HTTP1.0 and 99.8% HTTP1.1).