North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: ARIN Policy on IP-based Web Hosting

  • From: jlewis
  • Date: Tue Aug 29 18:46:11 2000

On Tue, 29 Aug 2000 [email protected] wrote:

> Gentle readers who might happen to be using unique IP addresses for your
> Web hosting customers, or for other virtualized services such as FTP,
> POP3/IMAP, SSL, etc, you need to be aware of ARIN's recent policy change.
> Basically, they won't give you addresses anymore.  They're accepting
> comments.  A lively discussion has begun, as usual.

ARIN's site says:

  Where security is a concern, name-based hosting is capable of
  supporting the transmission of sensitive materials
  with some servers.
  When an ISP submits a request for IP address space, ARIN will not accept
  IP-based webhosting as justification for an allocation, unless an
  exception is warranted. Along with the request, organizations must
  provide appropriate details demonstrating their virtual webhosting
  customer base.  Exceptions may be made for ISPs that provide
  justification for requiring static addresses. ARIN will determine, on a
  case-by-case basis, whether an exception is appropriate.

Unless something's changed recently, SSL still requires IP based virtual
hosting.  Here's a clipping from the Stronghold FAQ:

  Should I use name-based or IP-based virtual hosts? 
  Name-based virtual hosts do not work with SSL because certificates are
  sent before server names are established. Secure virtual hosts must be
  either IP-based or port-based. IP-based virtual hosts are more
  convenient, as users would have to remember the port numbers for
  port-based virtual hosts.

ARIN's new policy looks kind of vague to me.  I can read it and conclude
if I were starting a web hosting company today, and wanted to use "I'm
hosting a few thousand web sites, but only have a few dozen
actual servers/routers/etc.", I'm not going to qualify for an allocation.

But, if I already have a big chunk of space allocated by ARIN, next time I
apply for more space, will they look at my IP usage and say "we think you
should reuse all those /24's you burned up on web hosting and then come
back to us for more space."?  That would really suck. 

 Jon Lewis *[email protected]*|  I route
 System Administrator        |  therefore you are
 Atlantic Net                |  
_________ for PGP public key_________