After the first article of this series talked about why you might want to run your own AS, we will now take a look at getting an ASN and some IP space to announce. For that, some background on how the Internet came to be is necessary. However, instead of repeating the excellent article by APNIC on the history of the Internet, I will just point you there and summarize some of the key-points here. I will then focus on the RIPE region (as that is where I am located), and talk a bit about how I got my ASN, and what might work for you if you are in the RIPE region.

IANA RIR LIR

So, as the APNIC article tells us, in ‘the beginning of the Internet’, you may have gone to a party, gotten a couple of drinks, and woken up with an IP allocation ‘a guy’ (read: Jon Postel) you met there scribbled in his notebook. This, of course, was not a sustainable solution. Hence, in 1996, a new allocation framework for IP addresses and ASes was agreed upon. In best computer engineering manner (EVERYTHING is a tree), address allocations would follow a tree-shaped structure. IANA (Internet Assigned Numbers Authority) would remain the root-responsible entity for number allocations. However, instead of allocating addresses directly, each geographic region would self-organize address allocations of IP blocks and AS numbers received from IANA via RIRs (Regional Internet Registries). These five RIRs are ARIN (North America), LACNIC (South America), AFRINIC (Africa), APNIC (Asia-Pacific), and RIPE (Europe, Russia, and the Middle-East). Members in these organizations would then be LIRs (Local Internet Registries), which can make further allocations to end-users. Apart from this idea, some RIRs also introduced NIRs (National Internet Registries) as an additional layer in the tree.

RIPE Region: Sponsored resources vs. becoming a LIR

In the RIPE region, there are generally two ways of getting resources (IP addresses and ASNs): Either you find a LIR which can sponsor you an application for ‘PI’ space and an ASN, or your become a LIR yourself and request an ASN and a ‘PA’ address block (from which you can then make allocations to users, but also use it for your own infrastructure). PA space is ‘Provider Aggregatable’, and is allocated to LIRs so they can make sub-allocations from that space to users. If you, as an end-user, receive an assignment from a LIR’s PA space, you may very well get your own objects in the RIRs database for the network. However, the covering block remains allocated to the LIR, and you can not take ‘your’ netblock with you when you end your bussiness relationship with the LIR. Also, usually, you are not allowed to announce PA space you got from a LIR yourself. PI stands for ‘Provider Independent’, and is called like that because you can freely migrate it to another provider, or even another sponsoring LIR.

To become a LIR, you have to become a RIPE member. Princing-wise, as of 2022, this costs you EUR1.400 in an annual fee, and an additional EUR1.000 in a sign-up fee for the first year, both plus VAT if applicable.

This is of course relatively pricy. Instead, you can also decide to ask a LIR to sponsor resources for you. The RIPE NCC helpfully maintains a list of members for each country in their region. They then submit a request for IP addresses and an ASN to the RIPE NCC and they hold these resources on your behalf. For each PI IP addressblock, the LIR pays EUR50 (again, plus tax) per year, while ASNs are excluded from this. You, of course, have to enter into a contractual relationship with the LIR, and they may actually charge you more than the EUR50 fee per independent resource they have to pay.

Prefixes and prefix sizes

The first important thing for your network are prefix sizes. Prefixes and network sizes are expressed using the (non-drinkable) CIDR (Classless Inter Domain Routing) notation. With CIDR, we identify networks by their prefix (length), i.e., by the number of bits in the beginning of an IP address that ‘stay the same’. With for IPv4, prefix sizes that are routable on the Internet are /8-/24. For IPv6, the longest prefix (=smallest network) that can be announced is a /48.

No more v4

Another thing to consider is that IPv4 addresses are running out (or rather: mostly have run out). Following its policy, the RIPE NCC now operates a waiting list, via which new LIRs that never received an IPv4 allocation of any size can queue up for receiving one /24 IPv4 block as these become available. However, with the current waiting list size, it is rather unlikely that you will see an IPv4 allocation in the near future if you become a LIR now. This also means that there is no longer a process for assigning IPv4 PI space to end-users. You can, of course, try to buy IPv4 addresses–or rather buy a transfer of those addresses to your LIR–on the IP address market. Be prepared, however, to pay upward of $60 per address for that, i.e., easily upward of $15.000 for a single /24. IPv6 is–naturally–unaffected by this, and you can still request PI assignments.

16bit vs. 32bit ASNs

Something to keep in mind is that, similar to IP address space, the number of available ASNs was rather conservative concerning the expected growth of the Internet. Initially, ASNs would be 16bit long, i.e., numbers from 0 to 65536. With a number of those ASNs reserved, This leaves a little more than 60k networks that could participate on the Internet with their own ASN. Obviously, the growth of the Internet was bound to exceed this number. Hence, 32bit ASNs were introduced, giving us enough space for the forseeable future. Currently, the only problem with 32bit ASNs is that they a) cannot be used in BGP communities, and instead require large communities, and b) might not be supported by very old network equipment. Visibility on the Internet for 32bit ASN was fine over a decade ago, and has improved since then. So, in general, you should be pretty much fine with a 32bit ASN.

What I did

As initially mentioned, I had requested IPv4 PI space in 2010. Back then, I was a student running–much like today again–far too much infrastructure, but–being a student–on a slightly smaller budget. As such, I did not get my own AS, and had my sponsoring LIR announce the network for me. My LIR then routed the network for me to my server(s).

Having a job now, and wanting to revive my hobby, I recently decided to become a RIPE NCC Member. This also allowed me to apply for an AS and additional IPv6 network. It also means that I can technically sponsor resources for people, so if you need a sponsor, let me know. Becoming a member also allowed me to request a larger IPv6 allocation than with PI space (up to /29 without justification; I went for a /32). Furthermore, I requested a 16bit ASN, as I do have some plans to also toy with really old hardware, which most likely will not support 32bit ASNs.

What you should do

For most of you reading this, if you want to run an AS as a hobby, will most likely be that of finding a sponsoring LIR who can request an IPv6 PI allocation and ASN for you. The size of the PI block will be based on your needs, i.e., the number of hosts and locations your network should be used for. Typical IPv6 PI sizes range between /48 and /56, but if you can demonstrate higher needs, you can also receive a larger assignment. The costs for this should remain feasible, and–at the moment–apart from the hobby factor, running an IPv6 only AS will most likely not give you the greatest reachability on the Internet. You can of course always gamble and hope for succesfully queing on the waiting list. Also, in other regions–most notably APNIC and AFRINIC, there are still available netblocks for new LIRs. So, if you are living in one of these regions, membership with your RIR might be a more feasible option.

What’s next?

So, after we got our IP addresses and ASN–either as a LIR or by finding a sponsor and applying for PI space–we will look at what it takes to bring our first router online in the next post. That will finally be (partially) OpenBSD/OpenBGPd centric, but also include some text on route objects and finding an upstream.