[135869] in North American Network Operators' Group
Re: Level 3's IRR Database
daemon@ATHENA.MIT.EDU (Nick Hilliard)
Sun Jan 30 12:16:01 2011
X-Envelope-To: nanog@nanog.org
Date: Sun, 30 Jan 2011 17:15:02 +0000
From: Nick Hilliard <nick@foobar.org>
To: Jeff Wheeler <jsw@inconcepts.biz>
In-Reply-To: <AANLkTi=ZhLT0HeWkZ1f57vu6sistskj_rgibEzDiBe3Y@mail.gmail.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 30/01/2011 09:08, Jeff Wheeler wrote:
> This brings me to my point, which is that IRR is very good for
> preventing accidents and automating some common tasks. It should be
> "secure" to a point, but just because a route: object exists does not
> mean that mntner: really has authority over that address space.
Depends on which IRR you use. The IRRDBs run by RIPE, APNIC and AfriNIC
implement hierarchical object ownership, which means that if you're
registering their address space, you can only do so if that address space
legitimately belongs to you. This isn't the case on third party IRRDBs
like RADB, L3 and AltDB.
Nick
