- Legend
- Added
- Deleted
Abstract
This document describes the policies for the assignment of globally unique Autonomous System (AS) Numbers within the RIPE NCC service region. These policies are developed by the RIPE Community following the RIPE Policy Development Process.
Contents
1.0 Definition
Link: #Definition 2.0 Assignment Criteria
Link: #AssignmentCriteria 3.0 Returning AS Numbers
Link: #Returning 4.0 Transferring AS Numbers
Link: #Transferring 5.0 32-bit AS Numbers
Link: #ASnumbers 6.0 Registration
Link: #Registration 7.0 References
Link: #References 8.0 Attribution Link: #Attribution
1.0 Definition
An Autonomous System (AS) is a group of IP networks run by one or more network operators with a single clearly defined routing policy. When exchanging exterior routing information, each AS is identified by a unique number. Exterior routing protocols such as BGP, described in RFC1771 Link: ftp://ftp.ripe.net/rfc/rfc1771.txt , "A Border Gateway Protocol 4 (BGP-4)", are used to exchange routing information between Autonomous Systems. An AS will normally use some interior gateway protocol to exchange routing information on its internal networks.
2.0 Assignment Criteria
In order to help decrease global routing complexity, a new AS Number provide a reliable service some procedures have been agreed
and must be followed in order to avoid confusion and inconsistencies.
These procedures are covered in the procedure section.
The registration of the reverse zones for individual class C net-
works will usually be done by the registry administering the
class C block this network has been assigned from.
If the subdomain has not yet been delegated to the registry con-
cerned the RIPE NCC will register the individual networks. However
this service is only provided at a "best-effort" level and no ser-
vice guarantees are given. The local registries should whenever
possible provide this service locally.
Responsibilities for the DNS administrator of a reverse block delegation:
As with all domain name space, running the reverse server for class C
blocks does not imply that one controls that part of the reverse domain.
It only implies that one administers that part of the reverse domain. If
after repeated complaints the delegated name space is still not
administered properly the RIPE NCC has to revoke the delegation.
Before adding individual nets, the administrator of a reverse domain must
check whether all servers to be added for these nets are indeed set up
properly.
There are some serious implications when a customer that uses
address space out of the service provider class C blocks, moves
to another service provider. The previous service provider
cannot force its ex-customer to change network addresses, and
will have to continue to provide the appropriate delegation
records for reverse mapping of these addresses, even though
they are no longer belonging to a customer.
The registration of the reverse zones for individual class C
networks will usually be done by the registry administering
the class C block this network has been assigned from. The
registry will make the necessary changes to the zone files.
The registry will also make sure that the network objects in
the RIPE database for these networks are updated with the
correct "rev-srv" attributes.
In case the RIPE NCC receives a request for the reverse zone of
an individual class C network out of a block that has been
delegated, the request will be forwarded to the mailbox speci-
field in the SOA RR for the zone concerned and to the zone-
contact registered in the RIPE database for that zone.
The NCC also suggests that similar procedures are set up for the
delegation of reverse zones for individual class C networks from
the registries to individual organisations.
Procedures
The procedure for asking the reverse delegation of a block (256 C's) of
addresses or network (1 or more C's) addresses is quite similar but there
are some differences. Therefor they are described as one procedure with
clear remarks when something only applies for block or network delegations.
Note that we will be a little bit more stringent on the rules for block
delegations since we need to be sure that other people can rely on you
for proper operation of the DNS system.
Above procedures are defined to ensure the necessary high availabil- ity
for the reverse domains, and to minimise confusion. The NCC will ensure
fast response times for addition requests, and will in principle update
the 193.IN-ADDR.ARPA domain at least once per working day, if needed. Any
problems regarding the reverse zones in 193.IN-ADDR.ARPA should be
reported to <inaddr@ripe.net>.
1. We only reverse delegate when all addresses are assigned to you.
2. Your nameservers should be configured and running and should have
good reachability on the internet. Nameservers for block delegations
must meet similar connectivity requirements as top-level domain
servers.
The NCC recommends to use the following timers and counters (as
advised by RFC1537):
28800 ;refresh period (8 hours)
7200 ;retry interval (2 hours)
604800 ;expire time (1 week)
86400 ;default ttl (1 day)
It is mandatory for network (C) reverse delegations:
- ns.ripe.net is NOT one of the secondary/primary nameservers
- at least two nameservers should be used
- only if a new external routing policy is required, see RFC1930 Link: ftp://ftp.ripe.net/rfc/rfc1930.txt .
A network must be multihomed in order to qualify for an AS Number.
When requesting an AS Number the routing policy of the Autonomous System must be provided. The new unique routing policy should be defined in RPSL language, as used in the RIPE Database.
The RIPE NCC will assign the AS Number directly to the End User upon a request properly submitted to the RIPE NCC either directly or through a sponsoring LIR. AS Number assignments are subject to the policies described in the RIPE NCC document entitled “Contractual Requirements for Provider Independent Resource Holders in the RIPE NCC Service Region Link: http://www.ripe.net/publications/docs/contract-req ”.
3.0 Returning AS Numbers
If an organisation no longer uses the AS Number, it should be returned to the public pool of AS Numbers. The RIPE NCC can then reassign the AS Number to another organisation.
4.0 Transferring AS Numbers
The transfer of Internet number resources is governed by the RIPE Document, "RIPE Resource Transfer Policies Link: http://www.ripe.net/publications/docs/transfer-policies ".
5.0 32-bit AS Numbers
The RIPE NCC assigns 32-bit AS Numbers according to the following timeline:
From 1 January 2007 the RIPE NCC will process applications that specifically request 32-bit only AS Numbers (AS Numbers that can not be represented with 16 bits) and assign such AS Numbers as requested by the applicant. In the absence of any specific- We need a RIPE database 'inetnum' object with 'rev-srv:' attributes for the name (not IP address) of each nameserver. It is mandatory for block reverse delegations: - ns.ripe.net is one the secondary (never primary) nameservers - at least two other nameservers that don't reside on the same ethernet are required - Operators of the primary nameservers should be familiar with RFC1537 and this document - We need a RIPE database 'domain' object for each delegation with 'nserver:' attributes for the name (not IP address) of each nameserver 3. Send an E-mail request to <auto-inaddr@ripe.net> with: - In the header (or body if not possible) of your E-mail message: X-NCC-RegID: Country.RegistryName This is not required, though easy for keeping track of the requests. Of course, we don't need your local registry ID if you are not from a RIPE local registry. For network (C) reverse delegations: - We need a RIPE database 'inetnum' object with 'rev-srv:' attributes for the name (not IP address) of each nameserver For block reverse delegations: - State in your request that you know about RFC1537 & this document - A RIPE database 'domain' object for each delegation with 'nserver:' attributes for the name (not IP address) of each nameserver 4. Your request will first go through to an automatic checking program. The program will check your zone files and report you about errors (that should be fixed), warnings (that you might want to change), or that no errors have been found. If errors are found, you will be asked to fix them and resubmit your request and the automatic checks will be done again. If no errors (warnings are allowed, but we strongly suggest that you at least take a look at them) are found your request will be acknowledged and your request will be forwarded to the person in charge of the reverse delegation requests. He/she processes the request further. If no additional problems are found the object will included in the database and the block/network reverse delegated. You will always receive an acknowledgment when the delegation has been done or an explanation why not. Example of a network delegation request: From: "Anne X. Ample" <anne.x.ample@ample.nl> To: RIPE Hostmaster <auto-inaddr@ripe.net> Subject: LONGACK 2.1.193.in-addr.arpa delegation please Please delegate 2.1.193.in-addr.arpa as specified below. Thank you! For the AMPLE Corporation Anne X. Ample inetnum: 193.1.2.0 - 193.1.3.255 netname: AMPLE descr: AMPLE Corporation descr: Amsterdam, Netherlands country: NL admin-c: Anne X. Ample tech-c: G. E. K. Ample aut-sys: 4711 rev-srv: ns.ample.nl rev-srv: ns.elpma.ln changed: anne.x.ample@ample.nl 930101 source: RIPE Example of a block (256 C's) reverse delegation: From: Marten Terpstra <marten@in.ter.net> To: RIPE Hostmaster <auto-inaddr@ripe.net> Subject: LONGACK 202.193.in-addr.arpa delegation please Dear NCC people, I have read and understood ripe-105++ and RFC1537. Could you please delegate 202.193.in-addr.arpa as specified below. Thank you! Marten Terpstra domain: 202.193.in-addr.arpa descr: Pan European Organisations class C block admin-c: Daniel Karrenberg tech-c: Marten Terpstra zone-c: Marten Terpstra nserver: ns.eu.net nserver: sunic.sunet.se nserver: ns.ripe.net changed: marten@ripe.net 930319 source: RIPE Some notes on the automatic checking program: You can use some keywords in the 'Subject:' line of your E-mail to control the checking process. The use of the LONGACK keyword is very recommended. For changing an existing delegation put the keyword CHANGE in the 'Subject:' line of your E-mail message. HELP - will send you this document CHANGE - is needed if you want to change an existing reverse delegation LONGACK - will give you the most verbose output as possible TEST - will only test your zone files without actually doing the request When you want to to arequest for a 32-bit only AS Number, the RIPE NCC will assign a 16-bit AS Number.- From 1 January 2009 the RIPE NCC will process applications that specifically request 16-bit AS Numbers and assign such AS Numbers as requested by the applicant. In the absence of any specific request for a 16-bit AS Number, the RIPE NCC will assign a 32-bit only AS Number.
- From 1 January 2010 the RIPE NCC will cease to make any distinction between 16-bit AS Numbers and 32-bit only AS Numbers, and it will operate AS Number assignments from an undifferentiated 32-bit AS Number allocation pool.
6.0 Registration
The RIPE NCC will register the resources issued in the RIPE Database.
7.0 References
[RFC1771] "A Border Gateway Protocol 4 (BGP-4)" http://www.ietf.org/rfc/rfc1771.txt Link: http://www.ietf.org/rfc/rfc1771.txt
[RFC1930] " Guidelines for creation, selection, and registration of an Autonomous System (AS)" http://www.ietf.org/rfc/rfc1930.txt Link: http://www.ietf.org/rfc/rfc1930.txt
[RFC2026] "The Internet Standards Process -- Revision 3 IETF Experimental RFC http://www.ietf.org/rfc/rfc2026.txt Link: http://www.ietf.org/rfc/rfc2026.txt see Sec. 4.2.1
8.0 Attribution
This document is compiled from policies developed by the RIPE community.
The following people actively contributed by making proposals through the RIPE Policy Development Process:
Nick Hilliard, Geoff Huston