North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Has PSI been assigned network 1?
Vadim, > Well, there is a big _if_: if things will work w/o RADB (and they > will, for no sane provider will use RADB as the sole source of > exterior information at peering points, not for at least before > it became the proven and stable service) -- people will forget > to update things, cut the corners, etc. You're right: a database that is not used becomes out of date. There are a few things that will encourage ISPs to maintain up-to-date data in the IRR registries: 1) The availability of useful tools (such as prtraceroute) that will only work correctly across you network if your data is registered correctly. (Even if you don't use these tools, your neighbor ISPs may start sending you prtraceroutes across your network that show your routing or your policy description is wrong). 2) The registry is the method by which you specify your policy for the Route Servers (if you use them). 3) Some other major ISPs will not route nets that are not registered. (Note: the RADB is one portion of the Internet Routing Registry (IRR), which is composed of the RADB, RIPE, MCI, and CANET so far. Registering in one database will soon be sufficient for all purposes globally). > NACRs were so big headache that our implementation people dance > around when they hear that there won't be any NACRs. > > RADB got to be easy to use to become real. The e-mail interface > of NACRs is close to uselessness, and too big headache to deal with. The email interface to the RADB and IRR is one that has been running at RIPE for a couple of years (also an email/template interface). RIPE's user community lists improving the user interface as a rather low priority. Nonetheless, the code is structured in such a way that telnet, web, or other interfaces would be extremely easy to integrate (once authentication was established). What kind of interface would you like to see? > Waiting time on processing is simply ridiculous. > > There should be a host accepting telnet sessions for on-line > updates (which have to be installed *immediately*, so whoever > added a network can test connectivity and go ahead). Updates to the registries are processed and confirmed within a few seconds, and are immediately verifiable by whois query. How often ISPs choose to regenerate their config files is a separate question. (I think everyone is planning updates more frequently than twice per week now). If you want to add a net to the IRR and then have that change immediately reflected in the configuration files of all ISPs who do full net-based filtering, you may have to have some discussions with them. (But the data will be there and waiting in the registry). > There should be well-defined and useful interface to service > providers databases. I'm not sure what you mean by this. If you issue the command: "whois -h whois.ra.net <net>" right now, you get the registrations for that net from the PRDB, the RADB, the RIPE database, MCI's database, and CANET's database. If you register in the RADB (or the PRDB, for the moment), then your data is available at the other registries as well. > It should be secure. This has lots of aspects. We have implemented PGP for the interface (not yet released), and are working with the CERT to establish that other security concerns are addressed. More specific discussion is welcome on a smaller list. > RADB should be able to implement _existing_ routing policies, > not the subset which can be defined in RIPE-81 (it currently > can't, there are places which use a lot of _very_ hairy stuff). Yes, we were listening in Boulder. Some enhancements (to support AS-path expressions) have all ready been coded, and Cengiz Alaettinoglu and Daniel Karrenberg have all ready set up an IETF working group with an aggressive schedule for implementing for an enhanced language. (An early version of the implementation is started, I believe). > Without that i do not see RADB being successful or useful beyond the > point of filtering updates from particularly obnoxious peers. > > --vadim > > From: Guy Middleton <email@example.com> > To: firstname.lastname@example.org, email@example.com, firstname.lastname@example.org > Subject: Re: Has PSI been assigned network 1? > Cc: email@example.com, firstname.lastname@example.org > Message-Id: <95Apr18.email@example.com> > Date: Tue, 18 Apr 1995 21:30:28 -0400 > > > Curtis, you are able to do that only because all others were > > legally bound to fill your database. > > > > I'm not sure people will be spending their resources on > > populating database for somebody else's benefit. > > > > (And RADB already has lots of garbadge in it). > > Once the RADB is in general use, we can expect that networks other than ANS > will use it to generate route-filters. There is an interconnect point already > using the CA*net registry, for example. Any active use of the RADB creates an > incentive to ensure that it is accurate. --Dale