What are the authorisation rules for route object creation?

There are three phases of authentication checks when creating a route object:

  • a check with the relevant aut-num object,
  • a check with the "IP address space"
  • a check with the "mnt-by:" attribute of the route object itself.

All of these three phases must be passed individually. If any of them fails, the route object creation is rejected.

 

 

GET AUTHORISATION FROM AUT-NUM OBJECT
(click to see the flow chart)

GET AUTHORISATION FROM IP ADDRESS SPACE (route AND inetnum OBJECTS)
(click to see the flow chart)

GET AUTHORISATION FROM ROUTE OBJECT'S OWN "MNT-BY" ATTRIBUTE