[db-wg] Re: Hierarchical authorisation failed, request forwarded to maintaine r ???
- Previous message (by thread): [db-wg] RE: Hierarchical authorisation failed, request forwarded to maint aine r ???
- Next message (by thread): [db-wg] RE: Hierarchical authorisation failed, request forwarded to maintainer ???
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Engin Gunduz
engin at ripe.net
Tue Nov 5 10:49:50 CET 2002
Dear Harald, On 2002-11-04 17:58:37 +0100, Harald.Singer at tesion.de wrote: > Hello, > > i have the problem to create a route-object for a customer of me. The > customer will transfer his PI-Network (192.109.176.0/24, I´m CNSPLUS-MNT) > from another ISP into my AS. And of course a mnt-routes:CNSPLUS-MNT exists. > I need to create the new route-object, but i get the error: "Hierarchical > authorisation failed, request forwarded to maintainer." The problem at that point is that an exact match route object already exists: route: 192.109.176.0/24 descr: Wind Internethaus GmbH origin: AS13054 mnt-by: FREINET-MNT notify: ripe-notify at freinet.de changed: bochmann at freinet.de 20020627 source: RIPE In this case, this route object will be used during hierarchical authorisation checks, and the inetnum object will not taken into account. Please see http://www.ripe.net/ripencc/faq/database/qa4.html#5 for a graphical representation of route creation authorisation rules. > I think I should be > able to create such an object without assistance from another ISP. > > - As the ISP and I are using Crypt-PW I don´t want to send a mail with my > password to this ISP (like the proposal from Daniel in this WG). This is not needed. mnt-routes attribute's main purpose is to allow users to create route objects in other parties' IP space. Please see below. > > - Some time ago i was able to create such objects without any assistance, > what was the reason to change this behaviour? I guess at that time the route object I mentioned above did not exist. > > - The discussion some weeks ago doesn´t have any hints for a solution, or i > missed it. The solution could be: - Contact the owner of FREINET-MNT and ask them to delete this route object from RIPE Routing Registry, if 192.109.176.0/24 is not annouced any more from AS13054 (it sounds like this is the case). After deletion, your inetnum object will be used for hierachical authorisation checks. - Or, if this route is to be announced from both AS13054 and your AS, then again contact the owner of FREINET-MNT and ask them to put your maintainer in this route object's mnt-routes attribute. If you have any more questions, please do not hesitate to contact <ripe-dbm at ripe.net>. Best regards, -- Engin Gunduz RIPE NCC Database Group > > - Do you have any proposal to create the object? > > Regards > > Harald > > -- > Harald Singer Telefon: +49 (0)711/2021-847 > tesion )) Telekommunikation Telefax: +49 (0)711/2021-93-847 > Systemingenieur / CCIE #7326 Mobil: +49 (0)178/2021-847 > Kriegsbergstrasse 11 Mail: harald.singer at tesion.de > D-70174 Stuttgart Web: http://www.tesion.de
- Previous message (by thread): [db-wg] RE: Hierarchical authorisation failed, request forwarded to maint aine r ???
- Next message (by thread): [db-wg] RE: Hierarchical authorisation failed, request forwarded to maintainer ???
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]