You are here: Home > Participate > Policy Development > Policy Proposals > RIPE NCC IRR Database Non-Authoritative Route Object Clean-up

RIPE NCC IRR Database Non-Authoritative Route Object Clean-up

Summary of Proposal

The goal of this proposal is to change the business rules for the RIPE Internet Routing Registry (IRR) database to allow for a better hierarchy and to document this. This will give the resource holder the ability to update / fix their intention regarding which AS will announce their resources.

Using this update, the various tools will produce a much cleaner filter set with a high level of trust in the actual resource holder’s intent on the routing of their resources.

Only non-RIPE resources in the RIPE Database will be affected by this policy.

Policy Text

New policy text

1.0 Introduction

Routing information can be found within the authoritative RIPE Internet Routing Registry (IRR), the RPKI ROA database, and the non-authoritative RIPE IRR. Incorrect routing information can be problematic for Internet operations, specifically in context of the non-authoritative RIPE IRR, as the holder of a resource might have never consented to the creation of RIPE-NONAUTH route/route6 objects.

2.0 Policy Text

If a non-authoritative object stored in the RIPE IRR conflicts with an RPKI ROA issued by one of the five RIRs, then the IRR object must be deleted by the RIPE NCC.

3.0 Attribution

This document is developed by the RIPE community.

Rationale

a. Arguments supporting the proposal

Presently routing registry data can be found within both the RIPE IRR and the RPKI ROA database. To-date, there has been no way to ensure consistency or allow clean-up between the two data sources.

This proposal will allow a cleaner and consistent method of creating and updating IRR data for the usage of filtering by using the authoritative nature of RPKI ROAs.

Over time, lots of information has been stored in the various IRRs and little to no clean-up has been done, resulting in a blurred view of the prefixes that have been authorised by a resource holder. Due to the way authorisation (or lack of authorisation) is currently set up, there is room for abuse in the RIPE Database, by creating out-of-region inetnums and out-of-region ASN’s without the consent of the resource holder.

Resource holders can reliably establish their intent by using RPKI ROAs if this proposal is implemented.

No attempt is made to modify non-RIPE IRRs, except where the non-RIPE IRR is using replicated RIPE data.

RIPE members need only update one database (i.e. RPKI ROAs) to have both the legacy-IRR database and the going-forward RPKI database fully updated and synchronised.

RIPE-managed resources that are already properly authorised will not be affected by this procedure.

b. Arguments opposing the proposal

none

Get Involved

The Routing Working Group defined the RIPE Routing Registry and promoted it worldwide. The WG exchanges information about the various Routing Registries. It is concerned with the growth of routing tables on the Internet and is working to decrease their size in Europe. Anyone with an interest in routing is welcome to observe and participate. To post a message to the list, send an email to routing-wg@ripe.net. Please note that only subscribers can post messages.

RIPE Forum

The RIPE Forum is an additional way to participate in RIPE community mailing list discussions using a web-based interface rather than an email client.

Check out the forum

Please contact if you need more information.

Stay up to date!

Follow @PDO_RIPE_NCC on Twitter.