About RIPE | Contact  | Search | Sitemap    
Homepage RIPE  
RIPE Community Mail Archives
search  
     
Next Sectionyou are here: RIPE -> RIPE Maillists > Archives
RIPE Navigation Ends
About RIPE Maillists
Maillists Archive
Global Lists
Non Active Lists
RIPE NCC Navigation Ends
Next Section
<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: The Cidr Report (fwd)

  • From: Curtis Villamizar < >
  • Date: Wed, 28 May 1997 12:01:54 -0400
  • Cc:
  • Reply-to: 
In message <19970528090307.29708.qmail@localhost>, Tony Barber writes:
> >
> >Tony,
> >
> >A lot of these are registered in the IRR as aggregates.  Most of the
> >more specifics are not registered.  Filtering on IRR content would
> >also keep aggregation leaks out if you have routers that can do it.
> >
> 
> Curtis, sure
> but as Janos said there is nothing to stop people registering daft
> routes :-/
> 
> Tony


Wouldn't hierarchical authorization optionally based on the IP number
registry where that information was readily available be a nice
feature.  :)

The idea behind filtering on IRR registered prefixes is you filter on
what each provider intended to announce.  If they leak components from
an aggregate no harm is done as long as the aggregate is properly
formed by at least one of their border routers.  If a provider
announces something they shouldn't (or their customer does and they
pass it along) and never intended to (as in the recent well know
incident) it does no harm.

The cases cited in the prior mail on this thread look like broken
aggregates, that is ones that someone wanted to configure but somehow
didn't get it right or somehow broke it along the way.  We try to
summarize what looks like broken aggregates.  The latest is at:

  http://engr.ans.net/route-dumps/970528/overlap-summary.html

If you filter on IRR registered prefixes you will eliminate about
5,000 to 7,500 prefixes that are overlapped by announced aggregates.
The report above (overlap-summary.html) lists 205 aggregates that are
registered in the IRR but are not being announced, these overlap 832
prefixes that are not registered in the IRR.  If these 205 aggregates
get announced, the 832 prefixes (that aren't registered) truly aren't
needed.

Curtis


btw - the latest list of announced but unregistered prefixes is at:

  http://engr.ans.net/route-dumps/970528/ 

There are 417 origin AS covering 2,559 unregistered but announced
prefixes (actually prefixes with more than one origin are counted
twice - consider that a bug).  In the latest routing dump there were
50,556 prefix/as-path pairs and 43,307 unique prefixes, up from 44,147
and 40,478.  This seems to be mostly aggregates that were recently
broken.  The "overlapped by announced aggregates" count dropped from
7,523 to 5,811.  This seems to indicate that quite a few aggregates
got broken.  There were also 813 prefix lengths > 24 and 15 announced
prefixes overlapping reserved prefixes or unallocated space.  It seems
that if the increase from 40,478 to 43,307 are broken aggregates, a
lot of the broken aggregates must have the components registered in
the IRR as well.  (This might be motivation for a "is this component
really needed" report).
  • Post To The List:
<<< Chronological >>> Author    Subject <<< Threads >>>
 

Next Section
     About RIPE | Site Map | LIR Portal | About the RIPE NCC | Contact | © RIPE Community. All rights reserved.
RIPE.NET Homepage LIR Portal RIPE Community