[126266] in North American Network Operators' Group
Re: Securing the BGP or controlling it?
daemon@ATHENA.MIT.EDU (Joe Abley)
Mon May 10 14:22:38 2010
From: Joe Abley <jabley@hopcount.ca>
In-Reply-To: <4BE838EB.3000000@foobar.org>
Date: Mon, 10 May 2010 14:22:15 -0400
To: Nick Hilliard <nick@foobar.org>
X-SA-Exim-Mail-From: jabley@hopcount.ca
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 2010-05-10, at 12:48, Nick Hilliard wrote:
> - there are some endemic data reliability problems with the IRRDBs,
> exacerbated by the fact that on most of the widely-used IRRDBs, there =
is no
> link between the RIR and the IRRDB, which means that anyone can =
register
> any address space. whois.ripe.net doesn't allow this, but lots of =
other
> IRRDBs do.
The RIPE db doesn't allow that for routes corresponding to address space =
assigned by the RIPE NCC. For other routes, you can register whatever =
you want (so long as nobody else got there first).
I'm not complaining about this (I routinely recommend that people use =
the RIPE db for their non-RIPE address space because as far as I can =
tell it's about the best-maintained option, and it avoids all kinds of =
headaches trying to peer in Europe and send routes whose addresses were =
assigned elsewhere) but in the global context the idea that *everything* =
in the RIPE db has been subject to strong correlation with =
assignment/allocation data is false.
Joe
inetnum: 0.0.0.0 - 255.255.255.255
netname: IANA-BLK
descr: The whole IPv4 address space
country: EU # Country is really world wide
org: ORG-IANA1-RIPE
admin-c: IANA1-RIPE
tech-c: IANA1-RIPE
status: ALLOCATED UNSPECIFIED
remarks: The country is really worldwide.
remarks: This address space is assigned at various other places in
remarks: the world and might therefore not be in the RIPE database.
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: RIPE-NCC-HM-MNT
mnt-routes: RIPE-NCC-RPSL-MNT
source: RIPE # Filtered
inet6num: 0::/0
netname: ROOT
descr: Root inet6num object
country: EU
org: ORG-IANA1-RIPE
admin-c: IANA1-RIPE
tech-c: CREW-RIPE
tech-c: OPS4-RIPE
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: RIPE-NCC-HM-MNT
mnt-routes: RIPE-NCC-RPSL-MNT
status: ALLOCATED-BY-RIR
remarks: This network in not allocated.
This object is here for Database
consistency and to allow hierarchical
authorisation checks.
source: RIPE # Filtered
mntner: RIPE-NCC-RPSL-MNT
descr: This maintainer may be used to create objects to =
represent
descr: routing policy in the RIPE Database for number resources =
not
descr: allocated or assigned from the RIPE NCC.
admin-c: RD132-RIPE
auth: MD5-PW $1$ScJSM7nN$Xw3aAduCRZx4QUEq8QjR5/
remarks: *******************************************************
remarks: * The password for this object is 'RPSL', without the *
remarks: * quotes. Do NOT use this maintainer as 'mnt-by'. *
remarks: *******************************************************
mnt-by: RIPE-DBM-MNT
referral-by: RIPE-DBM-MNT
source: RIPE # Filtered
