North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Has PSI been assigned network 1?

  • From: Dale S. Johnson
  • Date: Wed Apr 19 16:46:45 1995

Vadim,

> Well, there is a big _if_:  if things will work w/o RADB (and they
> will, for no sane provider will use RADB as the sole source of
> exterior information at peering points, not for at least before
> it became the proven and stable service) -- people will forget
> to update things, cut the corners, etc.

You're right:  a database that is not used becomes out of date.
There are a few things that will encourage ISPs to maintain up-to-date
data in the IRR registries:  

  1) The availability of useful tools (such as prtraceroute) that will 
     only work correctly across you network if your data is registered
     correctly.  (Even if you don't use these tools, your neighbor ISPs
     may start sending you prtraceroutes across your network that show your 
     routing or your policy description is wrong).

  2) The registry is the method by which you specify your policy for
     the Route Servers (if you use them).

  3) Some other major ISPs will not route nets that are not registered.

(Note:  the RADB is one portion of the Internet Routing Registry (IRR),
which is composed of the RADB, RIPE, MCI, and CANET so far.  Registering
in one database will soon be sufficient for all purposes globally).

> NACRs were so big headache that our implementation people dance
> around when they hear that there won't be any NACRs.
>
> RADB got to be easy to use to become real.  The e-mail interface
> of NACRs is close to uselessness, and too big headache to deal with.

The email interface to the RADB and IRR is one that has been running at
RIPE for a couple of years (also an email/template interface).  RIPE's
user community lists improving the user interface as a rather low
priority.  Nonetheless, the code is structured in such a way that
telnet, web, or other interfaces would be extremely easy to integrate
(once authentication was established).   What kind of interface would
you like to see?

> Waiting time on processing is simply ridiculous.
>
> There should be a host accepting telnet sessions for on-line
> updates (which have to be installed *immediately*, so whoever
> added a network can test connectivity and go ahead).

Updates to the registries are processed and confirmed within a few
seconds, and are immediately verifiable by whois query.  How often
ISPs choose to regenerate their config files is a separate question.
(I think everyone is planning updates more frequently than twice per
week now).

If you want to add a net to the IRR and then have that change immediately
reflected in the configuration files of all ISPs who do full net-based
filtering, you may have to have some discussions with them.  (But the
data will be there and waiting in the registry).

> There should be well-defined and useful interface to service
> providers databases.

I'm not sure what you mean by this.  If you issue the command:  "whois
-h whois.ra.net <net>" right now, you get the registrations for that
net from the PRDB, the RADB, the RIPE database, MCI's database, and
CANET's database.  If you register in the RADB (or the PRDB, for the
moment), then your data is available at the other registries as well.

> It should be secure.

This has lots of aspects.  We have implemented PGP for the interface
(not yet released), and are working with the CERT to establish that
other security concerns are addressed.  More specific discussion is
welcome on a smaller list.

> RADB should be able to implement _existing_ routing policies,
> not the subset which can be defined in RIPE-81  (it currently
> can't, there are places which use a lot of _very_ hairy stuff).

Yes, we were listening in Boulder.  Some enhancements (to support
AS-path expressions) have all ready been coded, and Cengiz Alaettinoglu
and Daniel Karrenberg have all ready set up an IETF working group with
an aggressive schedule for implementing for an enhanced language.
(An early version of the implementation is started, I believe).

> Without that i do not see RADB being successful or useful beyond the
> point of filtering updates from particularly obnoxious peers.
> 
> --vadim
> 
> From: Guy Middleton <guy@ghost.uunet.ca>
> To: avg@sprint.net, curtis@ans.net, jerry@fc.net
> Subject: Re: Has PSI been assigned network 1?
> Cc: nanog@merit.edu, prs@isi.edu
> Message-Id: <95Apr18.213028edt.53028-1@ghost.uunet.ca>
> Date: Tue, 18 Apr 1995 21:30:28 -0400
> 
> > Curtis, you are able to do that only because all others were
> > legally bound to fill your database.
> > 
> > I'm not sure people will be spending their resources on
> > populating database for somebody else's benefit.
> > 
> > (And RADB already has lots of garbadge in it).
> 
> Once the RADB is in general use, we can expect that networks other than ANS
> will use it to generate route-filters.  There is an interconnect point already
> using the CA*net registry, for example.  Any active use of the RADB creates an
> incentive to ensure that it is accurate.

--Dale