Minutes
Chairman: Rob Blokzijl
Scribe: Sylvana Wenderhold
1. Opening and Welcome
Rob Blokzijl welcomed the attendees to the RIPE 38 meeting.
2. Agenda
The RIPE Meeting participants approved the agenda.
3. Minutes RIPE 37
The minutes were approved.
4. From the Chair
Rob did not have any general remarks.
5. Report from the RIPE NCC (Axel Pawlik)
RIPE NCC Status Report
There have been as few staff changes:
- John Crain has left RIPE NCC and joined ICANN.
- Joao Damas has become Chief Technical Officer and is now responsible for the engineering groups: Database, Software and Operations Department.
- Nurani Nimpuno, the Registration Services manger, reports directly to Axel.
- Daniel Diaz has become the manager of the Operations Department.
- Olaf Kolkman, has joined the New Projects Group as Scientific Programmer.
Registration Services
The waitqueue is down to a level that may be considered normal. The week before the RIPE meeting the wait was four days and on the Monday of the meeting it was five days. Over Christmas it did shoot up again, but after the holidays it went right back down.
At the RIPE 37 meeting the RIPE NCC introduced an IP tutorial at the end of the week. As it was well attended, it will take place again at RIPE 38. Also back by popular demand is the Hostmaster Centre.
This year the RIPE NCC is planning to do 50 LIR training courses. We have found several dedicated trainers within the RIPE NCC who are a great addition to the existing training team.
The RIPE NCC has new staff in the Registration Services department. Recruiting more employees to guard against a sudden rise of the waitqueue will still continue.
There is still a steady growth in the number of LIRs. Most of the growth is in Europe and Central Asia with nearly 800 new LIRs in 2000. The middle East had 30 and the African region had 8 new LIRs in 2000.
Address Space Usage
The RIPE NCC has allocated more address space over the last months than in previous months. Even though this is not an immediate threat, Axel explained that the RIPE NCC will closely monitor this.
Consumption Rates
There is quite an increase in consumption between 1999 and 2000. The RIPE NCC has not found particular reasons for this increase. This will be closely monitored by the RIPE NCC and co-ordinated with the other RIRs.
IPv6
There is activity, but it is still fairly slow. Germany and Sweden are the most active to date. The RIPE NCC has allocated approximately double the amount of IPv6 address space to commercial companies than it has to academic organisations.
Achievements within Registration Services
- RIPE NCC is giving some direct attention to correctly filled out requests.
- More responsibility is put on the LIRs to fill out the requests properly.
- The helpdesk, lir-help@localhost is used for general questions preventing these questions from being queued together with Internet resource requests.
- The RIPE NCC tools have been continually updated.
- The FAQ continues to be updated.
- The RIPE NCC has worked on a form that will succeed RIPE-141.
Our priorities are:
- to continue to increase the staff in the Registration Services department. This is to ensure that the waitqueue remains at an acceptable level.
- Build more tools to improve the service.
Database
Version 3.0 of the RIPE database will be launched in April 2001. The main change is the introduction of RPSL.
New Projects
The Test Traffic Measurements service is now available to the entire community. New hardware is easy to install. Axel expects substantial growth in the number of boxes that are distributed. Brochures have been designed and each attendee has received one in his/her package.
Routing Information Service
Currently two route collectors in operation. Two additional collectors are planned.
The PAM2001 workshop will be hosted in April 2001 in Amsterdam. Registration is open.
In October, the general meeting of the RIPE NCC association was held. The members approved the financial figures for 1999 and the budget and activity plan for 2001. The RIPE NCC Executive board remains unchanged as Frode Greisen was re-elected to the Board during the AGM 2000.
Communications
- 50 training courses are planned for 2001
- Outreach activities / RIPE NCC awareness
- ENUM
ICANN ASO
As the ASO secretariat function rotates among the RIRs, for the year 2001 the ASO secretariat will be located at the RIPE NCC. This includes the website, the hosting of the AC telephone conferences and general administrative tasks.
Co-ordination between RIRs
Axel welcomed staff from ARIN, LACNIC and APNIC. A small retreat has been planned again this year.
RIPE NCC short term goals:
- the migration to the new database
- adding resilience to Registration Services
- enlargement TTM network
- finalising contract with ICANN
RIPE NCC priorities:
- Ensure and further improve stable, reliable and high quality services
- Respond to members' needs and develop and propose services as needed
- Further increase RIPE NCC and RIPE awareness
Questions:
Christian Panigl: Do you have any statistics on how many LIRs have left during the last years?
Axel: We will have more data during the next meeting. We want to focus more on providing general statistics.
6. DISI, a new project at the RIPE NCC
Henk Uijterwaal gave a presentation on DISI. DISI stands for Deployment of Internet Security Infrastructures.
What is the purpose of DISI:
- Security technologies need to be deployed in the Internet infrastructure and its operations.
- Some of those technologies need to be deployed in a co-ordinated way to be effective at all.
Goals:
- DISI will help to deploy existing security technologies within the RIPE NCC and its operations to the outside world (i.e. PGP and DNSsec)
- DISI will document deployment experiences of security technologies
- DISI will assist the RIPE community in deployment of security technologies
- DISI will co-ordinate deployment and operation of security technologies where necessary
We may set up training courses to help the community use these tools, not unlike the LIR training courses.
Initial focus:
- DNSsec
- Deployment on the in-addr tree
- Deployment assistance
- Implementation of PGP in communication between hostmasters and LIRs: "PGP4HM"
- Public Key Infrastructure
- Implementation of PGP in communication with HMs and LIRs: PGP4HM
- Applicability of PKI in RIPE/RIPE NCC context
Progress so far:
- RIPE 36 first ideas
- Summer 2000
- Hire Scientific Programmer to lead this effort
- Proposal in the Activity Plan 2001
Plans:
- April 2001: Draft Project Proposal
- May 2001/RIPE 39: BOF
- Securing the in-addr tree
- DNSsec implementation
- Public Key Infrastructure
- Finish PGP4HM Project
- RIPE document describing the implementation
- Applicability statement
- White paper on "how to use this in your organisation"
Contact Information
- Internal email alias: disi@localhost
- Webpage: http://www.ripe.net/disi
- Announcement on the RIPE list until there is a public mailing list
7. Reports from APNIC and ARIN
Paul Wilson - APNIC
Ray Plzak - ARIN
8. Report from LACNIC (German Valdez)
9. Report from ASO/AC (Wilfried Woeber)
10. Election of AC member
The term of Sabine Jaume expired in December 2000. The RIPE NCC issued a public Call for Nominations to fill the vacant seat on the Address Council. There were three candidates nominated for the AC elections: Sabine Jaume, Khaled Moh'd Abu Mallouh and Francesco Ravanelli. Sabine was the only candidate in attendence. She introduced herself.
This is the result of the election:
Sabine Jaume - 147
Khaled Moh'd Abu Mallouh - 1
Francesco Ravanelli - 5
Blank votes - 2
11. AS Number Exhaustion (Scott Marcus)
12. Report from ICANN (Andrew McLaughlin)
Andrew introduced John Crain as the new Technical Manager at ICANN and provided a status update.
Questions:
Fay Howard - During the presentation from people proposing to run a new registry in Brussels recently, some of them mentioned they were making a voluntary reservation in the second level of two letter codes. Others said they were in negotiations with ICANN. Has ICANN got a policy on this issue?
Andrew - There are no hard and fast rules on this issue.
Wilfried Woeber - We recently had to resolve the problem of duplicate names in the small backyard of a Local Registry. It is difficult to make those names unique. Does anybody have a good idea on how to solve this problem?
Andrew - You want to take a look at the .name proposal on the ICANN website.
13. Reports from the Working Groups
Routing
Minutes: RIPE 38
Chair: Joachim Schmitz
Scribe: Engin Gunduz
Attendees: 96
There were no questions.
Database
Minutes: RIPE 38
Chair: Wilfried Woeber
Scribe: Nigel Titley
Attendees: 50
DB-SW version 3 implementation and migration to RPSL is going to affect all users. Target date agreed: 23 April 2001 (unless there is a well-documented reason to postpone the transition)
Current level of protection is preserved, the method might be different, though.
Question: Retire orphaned person:/role: objects?
Work Items:
- IRT object spec & last call
- Globally unique handles -> target: ARIN meeting, April 2001
- Finish preparations for RPSL/version 3
Question from Wilfried to the audience: Do you support the idea to simply get rid of these useless objects?
There were no comments made.
CENTR / DNR
Chair: Fay Howard
Scribe: Kevin Meynell
Attendees: 48
There were no questions.
LIR
Minutes: RIPE 38
Chair: Hans Petter Holen
Scribe: Roger Arcilla
Attendees: 102
There were no questions.
DNS
Chair: Ruediger Volk
Scribe: Lee Wilmot
Attendees: 81
There were no questions.
IPv6
Minutes: RIPE 38
Chair: David Kessens
Scribe: Vesna
Attendees: 134
There were no questions.
EIX
Report by Nic Lewis
Chair: Faerghas McKay
Scribe: Vanessa Evans
Attendees: 128
1. Switching wish list - Mike Hughes
A document detailing the features desired in switch equipment with particular regard to use in Internet Exchanges. Draft version should be available on EIX-WG mailing list next week. Comments invited
2. IXP BCP - Nic Lewis
A document to assist the IXP operators in running IXPs, and hence help ISPs wishing to connect to IXPs. It was noted that there are many aspects to this document, some of which may not fit as part of a BCP, and it was suggested that the work be documented and broken down into several BCPs, FYIs FAQs as appropriate.
ACTION: to circulate an initial breakdown of the document(s) on EIX-WG Mailing list for discussion
Comments asked from the community as to whether this was valuable work since it was turning into a wider project than originally scoped. Community agreed that it was
3. IX Reports
- TIX - Andre Opperman
Was Telehouse IX, now part of IXEurope - VIX - Christian Panigl
ACTION: add multicast as an agenda item for net EIX-WG - DE-CIX - Arnold Nipper
- AMS-IX - Job Witteman
- NIX-CZ - Josef Chomyn
Welcome presentations from Eastern Europe - SFINX - Franck Simon
Two new pops finally up and running - Netnod IX (formerly Stockholm D-GIX) - Lars-Johan Liman
Described the FDDI/DPT architecture - LONAP - Raza Rizvi
First presentation at RIPE - LINX - Mike Hughes
- XchangePoint - Keith Mitchell
New IX roll out across EU
There were no questions
Anti spam
Chair: Rodney Tillotson
Scribe: Dave Wilson
Attendees: about 40
Europe is quite good about spam. Need to make some difference elsewhere.
Spamwhack http://www.spamwhack.com/
Track down spammers to individual people so that further action (i.e. lawsuits) could be taken if necessary. The service keeps anonymised checksum info on customer information provided on sign up.
Developments on spam
Little change
UUNET dialups the biggest source. China, Korea, Japan increasing. Need active and relevant contacts in both places; will contact APNIC and some Far East CERTs, and UUNET's IRT.
Collateral spam.
Actual user addresses being used as from: or Reply to: forged in spam.
Developments in spam
No news
Open Relay Products
Nothing has changed very much. Exchange 5.5 ships relaying, you have to apply SP2 and then secure for relay. RIPE-206 BCP specifies relationships with your customers to enforce anti-relaying. Almost superfluous in the RIPE community.Discussion of open relay scanning and testing products, to be forwarded after meeting.
Advice
OPT-IN lists (work item) Advise for well-meaning bulk marketers, establishing what is good practice for direct mail. Will follow LINX BCP (coming soon; http://www.ja.net/mail/juk/save/lists.html is broadly similar). Marketers are the key audience, but they have opt-OUT tradition.
Report spam
Very few people report every single piece of spam they get. SpamCop will help them but is not ideal. Some evidence that ISPs take reports more seriously if they come from another ISP's abuse address.
Response to spam reports
Usually you hear nothing from the remote ISP; this doesn't mean they've done nothing, but it's hard to encourage our customers. The major (US) ISPs could do forensic work tracking down abusive individuals and, perhaps, taking legal action.
Techical measures
Signed messages or headers - hard to deploy Hashbusters seen - spam with gibberish characters on a line at the end or at the end of the subject line to try to beat checksum filtering. Port 25 (587) blocking - most IPSs prefer not to do this. UUNET? SMTP authentication - reported as not being difficult. POP-before-SMTP also simple and valuable. We should keep a list of contributed URLs on the RIPE NCC web as a central resource of email security.
Advice on reading mail headers (work item)
Ongoing; contributions still welcome.
What are we actually doing?
Should we describe the work of this group in more aggressive terms? Europe is fixing a problem it hasn't got; we need a broader consensus, including US ISPs. The other RIRs also need a platform to support this kind of work in their meetings. Considering adapting RIPE-206 to make it look more like a policy which we might encourage RIRs to accept. Follow up on the list.
Might the RIPE NCC run its own RBL containing only RIPE addresses? Certainly not at this stage and probably not at all. However, it is a reminder of the second part of the WG charter, to produce a European mail abuse response centre.
There were no questions
Test Traffic
Minutes: RIPE 38
Chair: Keith Godber
Scribe: Rene Wilhelm
Attendees: 50
TT boxes production service
Since 10.10.00
46 boxes
30 active
5 new boxes
The ease of setting up a test-box was demonstrated at RIPE 38 and only took 34 minutes to set-up.
Future plans
- Bandwith analysis
- Trends
There were no questions.
NetNews
Minutes: RIPE 38
Chair: Dave Wilson
Scribe: Felix Kugler
Attendees: 30
NHNS (Daniel Diaz)
Daniel has submitted an Internet Draft about the NHNS system to the IETF.
[1] is an individual publication and valid until April 2001. So far only one comment was received concerning the draft.
Setup of the public NHNS cloud:
- primary nameserver for usenet.nhns.net hosted by Satec (ES)
- secondary nameserver hosted by Dave Wilson, HeaNet (IE)
All info about NHNS is available on [2]http://nh.nhns.net.
Next steps:
- move primary nameserver to a RIPE platform and restart the public pilot
- rewrite some of the tools, especially the dynamic update script
- update the Internet draft
- strive towards an operational, stable service
Flowmaps (Kai Siering)
No progress since RIPE-37 meeting.
The flowmaps software is available for download on [3]http://newsbone.uu.org/RIPE-38, example pictures can be found there as well.
The tool requires "inpath"-like raw data collected on a news server. Visualisation is done using Cyclic software. Processing one day of data needs approx. 10 minutes on a modern Pentium hardware. Real time visualisation would require a dedicated, very fast machine.
Visualisation features:
- 3D-view of news flows around the target machine where the raw data was collected
- zoom in/out
- change viewpoint
- nodes and links are clickable, small windows pop up showing details
It seems valuable to be able to visualise traffic volume instead of the number of articles in future. Other suggestions and comments from test users regarding new features are welcome.
References:
- http://sunsite.cnlab-switch.ch/ftp/mirror/internet-drafts/draft-diaz-nhns
- http://nh.nhns.net/
- http://newsbone.uu.org/RIPE-38
There were no questions.
Tool BoF
Chair: Maldwyn Morris
Attendees: 92
- Existing tools
- Net::IP: Perl Library for the Manipulation of IPv4 and IPv6 Addresses (Manuel Valente, RIPE NCC)
Look for Net::IP on CPAN, or just go here:
http://www.cpan.org/authors/id/M/MA/MANU/ - AS Request Checking and the Hostmaster Mail Robot (Timur Bakeyev, RIPE NCC)
- Asused Allocation Checks (Timur Bakeyev, RIPE NCC)
http://www.ripe.net/cgi-bin/webasused.pl.cgi
- Net::IP: Perl Library for the Manipulation of IPv4 and IPv6 Addresses (Manuel Valente, RIPE NCC)
- Tools in development
- Robo-Bijal(Guy Vegoda, Level 3)
Nice demonstration and explanation of a useful tool for IP address Management. - RIPE DB version 3.0 and RPSL Migration (Andrei Robachevski, RIPE NCC)
Yes, you will be affected.
http://www.ripe.net/ripencc/pub-services/db/rpsl/index.html - Secure Web pages (Maldwyn Morris, RIPE NCC)
Demonstration of plans for RIPE NCC Member-only web pages.
- Robo-Bijal(Guy Vegoda, Level 3)
- Proposal for tools
- Chair will bring up co-operative development of IP Address and Request Management Tool for LIRs in a mail on the lir-wg mailing list.
- Survey
- Chair asked the attendees what they wanted from the BOF
- Most seemed fairly happy with current level of presentations.
- Members are encouraged to try the tools, especially asused and stt.
They should all work on most modern, Unix-like OSes
There were no questions.
Rob suggested creating a new working group: Tools-WG.
14. Next meetings
- RIPE 39 Bologna 30 April - 4 May, 2001
- RIPE 40 Prague 1 - 5 October, 2001
15. AOB
Rob sincerely thanked the RIPE 38 sponsors: Squire, Sanders and Dempsey / CentralNic BandX Exchange Xchange Point Carrier 1