From Daniel.Karrenberg at ripe.net Mon Mar 1 18:29:58 1993 From: Daniel.Karrenberg at ripe.net (Daniel Karrenberg) Date: Mon, 01 Mar 93 18:29:58 +0100 Subject: Synchronisation between RIPE and NIC databases Message-ID: <9303011729.AA21367@ncc.ripe.net> To keep you up to date, the NIC database is still not updated automatically from the RIPE database when you make changes. The RIPE NCC has everything in place to send update notices in the agreed exchange format to the NIC. The NIC is working on software to accept them. We are waiting for them. If you have problems with inconsistencies like when registering EASInet or NSFnet routing, please tell the people you register with that they should trust the RIPE data over the NIC data for the time being. Daniel From Daniel.Karrenberg at ripe.net Mon Mar 1 18:26:45 1993 From: Daniel.Karrenberg at ripe.net (Daniel Karrenberg) Date: Mon, 01 Mar 93 18:26:45 +0100 Subject: in-addr.arpa zone data in RIPE database Message-ID: <9303011726.AA21353@ncc.ripe.net> Folks, since we have observed many inconsistencies between the RIPE database and the DNS regarding reverse mapping zones in in-addr.arpa we have developed a little checking script. The current output can be found in ftp.ripe.net:ripe/ripe-op/in-addr.check It lists all networks for which discrepancies have been detected as follows: First the RIPE database entry in short format: *in: 128.131.0.0 *na: TUNET-F *de: LAN Technical University of Vienna *cy: AT *ac: Johannes Demel *tc: Johannes Demel *co: LOCAL *as: 697 *rz: tunamea.tuwien.ac.at tunameb.tuwien.ac.at *ch: demel at noc.tuwien.ac.at 930202 *so: RIPE Then a list of all reverse servers as listed in the database: DB servers: tunamea.tuwien.ac.at tunameb.tuwien.ac.at Then a list of all reverse servers found in the DNS: DNS servers: Then a diagnostic each server which has something wrong: tunamea.tuwien.ac.at: only in DB and not reverse server for 128.131.0.0! tunameb.tuwien.ac.at: only in DB and not reverse server for 128.131.0.0! Then a list of suggested actions to resolve the inconsistency: DB remove 128.131.0.0: tunamea.tuwien.ac.at tunameb.tuwien.ac.at Note that the recommended actions are not the only way to resolve the problem. In the example above one could also set up the name servers and register them in the DNS. The script tries the shortes path. Please go through the list and see wether any of your nets needs action. Questions: Should we automatically make the suggested changes in the RIPE database? Or should we send mail to the technical contacts asking them to change things? We have asked the NIC accept change notices from us, so that registration of reverse servers in the database would be enough to get them into the DNS. Is this desirable? Daniel By way of example here is the start of the current file: *in: 128.131.0.0 *na: TUNET-F *de: LAN Technical University of Vienna *cy: AT *ac: Johannes Demel *tc: Johannes Demel *co: LOCAL *as: 697 *rz: tunamea.tuwien.ac.at tunameb.tuwien.ac.at *ch: demel at noc.tuwien.ac.at 930202 *so: RIPE DB servers: tunamea.tuwien.ac.at tunameb.tuwien.ac.at DNS servers: tunamea.tuwien.ac.at: is only in DB and is not reverse server for 128.131.0.0! tunameb.tuwien.ac.at: is only in DB and is not reverse server for 128.131.0.0! DB remove 128.131.0.0: tunamea.tuwien.ac.at tunameb.tuwien.ac.at *in: 129.177.0.0 *na: BERGEN-NET *de: Bergen University, Norway *cy: NO *ac: Kenneth Hostland *tc: Kenneth Hostland *co: NORDU RIPE NSF *as: 224 *gw: kth *rz: alf.uib.no eik.ii.uib.no aun.uninet.no *ch: ripe-dbm at ripe.net 920914 *so: RIPE DB servers: alf.uib.no aun.uninet.no eik.ii.uib.no DNS servers: alf.uib.no aun.uninett.no eik.ii.uib.no aun.uninet.no: is only in DB and does not exist! aun.uninett.no: is only in DNS and is OK DB add 129.177.0.0: aun.uninett.no DB remove 129.177.0.0: aun.uninet.no note: obiously a spelling error in the database *in: 129.206.0.0 *na: HD-NET *de: University of Heidelberg *de: BelWue *cy: DE *ac: Michael Hebgen *tc: Lothar Binding *tc: Peter Merdian *co: RIPE NSF WIN *rl: HEPNET *bl: DESY *as: 553 *gw: crn *rz: sun0.URZ.Uni-Heidelberg.DE sun1.URZ.Uni-Heidelberg.DE noc.BelWue.DE ns.Germany.EU.net deins.Informatik.Uni-Dortmund.DE *ch: rv at Informatik.Uni-Dortmund.DE 920530 *ch: ar at deins.Informatik.Uni-Dortmund.DE 920601 *ch: ripe-dbm at ripe.net 920602 *so: RIPE DB servers: deins.informatik.uni-dortmund.de noc.belwue.de ns.germany.eu.net sun0.urz.uni-heidelberg.de sun1.urz.uni-heidelberg.de DNS servers: sun0.urz.uni-heidelberg.de sun1.urz.uni-heidelberg.de deins.informatik.uni-dortmund.de: is only in DB and is OK noc.belwue.de: is only in DB and is OK ns.germany.eu.net: is only in DB and is OK DNS add 129.206.0.0: deins.informatik.uni-dortmund.de noc.belwue.de ns.germany.eu.net note: the DNS is missing some servers *in: 130.37.0.0 *na: VU-NET *de: Vrije Universiteit Amsterdam *de: Amsterdam *cy: NL *ac: Jacques Schuurman *tc: Jacques Schuurman *co: RIPE NSF SARA SURF *gw: cwi *rz: ohrid.cca.vu.nl *rz: star.cs.vu.nl *ch: dfk at cwi.nl 900802 *ch: Erik-Jan.Bos at surfnet.nl 920708 *ch: Erik-Jan.Bos at surfnet.nl 920708 *ch: ripe-dbm at ripe.net 920708 *ch: martijn at nluug.nl 921110 *so: RIPE DB servers: ohrid.cca.vu.nl star.cs.vu.nl DNS servers: hardy.nat.vu.nl ohrid.cca.vu.nl star.cs.vu.nl hardy.nat.vu.nl: is only in DNS and is OK DB add 130.37.0.0: hardy.nat.vu.nl *in: 130.192.0.0 *na: TORINO-IT-LAN *de: Politecnico di Torino *de: CISIP *cy: IT *ac: Silvano Gai *tc: Antonio Lioy *co: GARR *as: 137 *rz: 130.192.2.91 leonardo.polito.it *rz: 130.192.2.117 galileo.polito.it *rz: 130.192.3.1 ercole.polito.it *rz: 192.12.192.5 dns.nis.garr.it *rm: LAN's and MAN connecting University departments and *rm: research institutes located in or near Torino *rm: fully managed *ch: ip-reg at nis.garr.it 930115 *so: RIPE DB servers: dns.nis.garr.it ercole.polito.it galileo.polito.it jolly.nis.garr.it leonardo.polito.it DNS servers: dns.nis.garr.it ercole.polito.it galileo.polito.it leonardo.polito.it jolly.nis.garr.it: is only in DB and is OK DNS add 130.192.0.0: jolly.nis.garr.it note: the addresses in the database are not conforming to the database format, but the script resolves them and deletes duplicate entries *in: 130.231.0.0 *na: OUNET *de: University Ethernet network *de: Oulu University *de: Oulu *cy: FI *ac: Kaisu Ranta *tc: Raimo Salo *co: NORDU RIPE NSF FUNET *as: 1741 *rz: ousrvr.oulu.fi *ch: lk-kr at finou.oulu.fi 930119 *so: RIPE DB servers: ousrvr.oulu.fi DNS servers: hydra.helsinki.fi ousrvr.oulu.fi hydra.helsinki.fi: is only in DNS and is OK DB add 130.231.0.0: hydra.helsinki.fi *in: 130.251.0.0 *na: GENUANET *de: Universita' degli Studi di Genova *cy: IT *ac: Pier Paolo Puliafito *tc: Tiziana Podesta' *co: GARR *as: 137 *rz: 192.148.193.8 sun.cisi.unige.it SUN UNIX *rz: 130.251.1.4 dist.dist.unige.it SUN UNIX *rm: Multiple interconnected LANs of academic institutes *rm: located in Genoa *ch: ip-reg at nis.garr.it 930210 *so: RIPE DB servers: dist.dist.unige.it sun sun.cisi.unige.it unix DNS servers: carla.dist.unige.it dist.dist.unige.it nameserver.cnr.it carla.dist.unige.it: is only in DNS and is not responding! nameserver.cnr.it: is only in DNS and is OK sun: is only in DB and does not exist! sun.cisi.unige.it: is only in DB and is OK unix: is only in DB and does not exist! DB add 130.251.0.0: nameserver.cnr.it DNS add 130.251.0.0: sun.cisi.unige.it DB remove 130.251.0.0: sun unix note: "interesting" syntax server data seems out of date *in: 131.114.0.0 *na: PISA-NET *de: Consiglio Nazionale delle Ricerche *de: Pisa *cy: IT *ac: Marco Sommani *tc: Vittorio Miori *co: GARR *as: 137 *rz: 192.12.192.4 nameserver.cnr.it *rz: 128.84.254.152 odin.cs.cornell.edu *rz: 131.114.1.32 itgbox.cnuce.cnr.it *rz: 192.65.81.6 ns.surfnet.nl *rz: 131.114.21.10 serra.unipi.it *rm: Multiple-Lan of CNR institutes and University departments in Pisa *rm: This net belongs to the nation-wide CNRnet, coordinated *rm: thru the cnr-core working group. CNRnet is member of GARR. *ch: ip-reg at nis.garr.it 930204 *so: RIPE DB servers: itgbox.cnuce.cnr.it nameserver.cnr.it ns.surfnet.nl odin.cs.cornell.edu serra.unipi.it survey.surfnet.nl DNS servers: itgbox.cnuce.cnr.it nameserver.cnr.it ns.surfnet.nl odin.cs.cornell.edu serra.unipi.it survey.surfnet.nl: is only in DB and is OK DNS add 131.114.0.0: survey.surfnet.nl *in: 131.155.0.0 *na: TUENET1 *de: Technische Universiteit Eindhoven *de: Eindhoven *cy: NL *ac: Joop Schillemans *tc: Joep Brand *co: RIPE NSF SURF *ni: 1=590 *rz: tuegate.tue.nl *ch: piet at cwi.nl 910501 *so: RIPE DB servers: tuegate.tue.nl DNS servers: rc6.urc.tue.nl tuegate.tue.nl rc6.urc.tue.nl: is only in DNS and is OK DB add 131.155.0.0: rc6.urc.tue.nl *in: 131.174.0.0 *na: NUNET *de: Universiteit Nijmegen *de: Nijmegen *cy: NL *ac: Jos Alsters *ac: Peter van Campen *tc: Jos Alsters *tc: Peter van Campen *co: RIPE NSF SURF *ni: 1=590 *rz: wn1.sci.kun.nl *rz: wn3.sci.kun.nl *ch: piet at cwi.nl 910501 *so: RIPE DB servers: wn1.sci.kun.nl wn3.sci.kun.nl DNS servers: wn0.sci.kun.nl wn3.sci.kun.nl wn0.sci.kun.nl: is only in DNS and is OK wn1.sci.kun.nl: is only in DB and does not exist! DB add 131.174.0.0: wn0.sci.kun.nl DB remove 131.174.0.0: wn1.sci.kun.nl *in: 131.211.0.0 *na: RUUNET *de: Universiteit Utrecht *de: Utrecht *cy: NL *ac: Dre Hopmans *tc: Dre Hopmans *co: RIPE NSF SURF *ni: 1=590 *rz: accucx.cc.ruu.nl *rz: praxis.cs.ruu.nl *ch: piet at cwi.nl 910501 *so: RIPE DB servers: accucx.cc.ruu.nl praxis.cs.ruu.nl DNS servers: accucx.cc.ruu.nl infix.cs.ruu.nl kali.cc.ruu.nl infix.cs.ruu.nl: is only in DNS and is OK kali.cc.ruu.nl: is only in DNS and is OK praxis.cs.ruu.nl: is only in DB and is not responding! DB add 131.211.0.0: infix.cs.ruu.nl kali.cc.ruu.nl From Piet.Beertema at mcsun.EU.net Tue Mar 2 11:03:09 1993 From: Piet.Beertema at mcsun.EU.net (Piet.Beertema at mcsun.EU.net) Date: Tue, 02 Mar 1993 11:03:09 +0100 Subject: in-addr.arpa zone data in RIPE database In-Reply-To: Your message of Mon, 01 Mar 93 18:26:45 +0100 . <9303011726.AA21353@ncc.ripe.net> Message-ID: <9303021003.AA26628@mcsun.EU.net> Questions: Should we automatically make the suggested changes in the RIPE database? No. Or should we send mail to the technical contacts asking them to change things? Yes. We have asked the NIC accept change notices from us, so that registration of reverse servers in the database would be enough to get them into the DNS. Is this desirable? NO!! These actions would bring RIPE on the edge of interfering with the responsabilities of the authoritative persons for a given zone, be it for "forward" or reverse mapping. The best RIPE can do is to send a notification to the authority of a given zone in case of obvious *errors*, NOT if servers are missing in the DB, since there may be good reason why they are "missing". Suppose I would be in foo.XX and I would have a large network with, say, 10 internal and 2 external nameservers for my domain; if I would loose connectivity to the outside world, those 10 internal nameservers would be unreachable and it would be pointless to have nameservers all over the Internet try to query them all. Therefore I would have only, say, 2 internal and the 2 external servers listed for foo.XX in the XX zone file and in the RIPE DB and I would absolutely not appreciate it if RIPE would send me time and again a notification that there are more servers for foo.XX than actually listed in the XX zone or the DB. Piet From woeber at cc.univie.ac.at Tue Mar 2 17:12:16 1993 From: woeber at cc.univie.ac.at (Wilfried Woeber, UniVie/ACOnet, +43 1 436111 355) Date: Tue, 02 Mar 1993 11:12:16 EST Subject: in-addr.arpa zone data in RIPE database Message-ID: <00968E73.FF7A8080.7422@cc.univie.ac.at> >Questions: Should we automatically make the suggested changes in the > RIPE database? No. > Or should we send mail to the technical contacts asking them > to change things? Yes, however it could be a good idea to CC to the local-ir contacts. At least for ".AT" I'd like to have this information. >DB remove 129.177.0.0: aun.uninet.no > > note: obiously a spelling error in the database :-)) Wilfried. From bonito at nis.garr.it Tue Mar 2 13:00:57 1993 From: bonito at nis.garr.it (Antonio_Blasco Bonito) Date: Tue, 2 Mar 93 13:00:57 MET Subject: in-addr.arpa zone data in RIPE database In-Reply-To: <9303021003.AA26628@mcsun.EU.net>; from "Piet.Beertema@mcsun.EU.net" at Mar 2, 93 11:03 am Message-ID: <9303021200.AA15094@jolly.nis.garr.it> > > Questions: > Should we automatically make the suggested changes in the > RIPE database? > No. I agree because there could be some cases which are not properly detected by the automated scripts or other cases where a dns-manager is voluntarily keeping things disalligned > > Or should we send mail to the technical contacts asking them > to change things? > Yes. I agree because many dns-managers do not even know of their registration problems. > > We have asked the NIC accept change notices from us, so that > registration of reverse servers in the database would be > enough to get them into the DNS. Is this desirable? > NO!! I do not agree, I think it would be very useful to the European networking community to interact with RIPE-NCC only instead of having to interact with both RIPE-NCC and the US NIC I don't see the point in what Piet says: > > These actions would bring RIPE on the edge of interfering > with the responsabilities of the authoritative persons for > a given zone, be it for "forward" or reverse mapping. The > best RIPE can do is to send a notification to the authority > of a given zone in case of obvious *errors*, NOT if servers > are missing in the DB, since there may be good reason why > they are "missing". Suppose I would be in foo.XX and I would > have a large network with, say, 10 internal and 2 external > nameservers for my domain; if I would loose connectivity to > the outside world, those 10 internal nameservers would be > unreachable and it would be pointless to have nameservers > all over the Internet try to query them all. Therefore I > would have only, say, 2 internal and the 2 external servers > listed for foo.XX in the XX zone file and in the RIPE DB > and I would absolutely not appreciate it if RIPE would send > me time and again a notification that there are more servers > for foo.XX than actually listed in the XX zone or the DB. If you "have only, say, 2 internal and the 2 external servers listed for foo.XX in the XX zone file" how could the RIPE-NCC script discover the other 8 internal servers? Looking in glass ball? ---------- ---------- Antonio_Blasco Bonito E-Mail: bonito at nis.garr.it GARR - Network Information Service c=it;a=garr;p=garr;o=nis;s=bonito c/o CNUCE - Istituto del CNR Tel: +39 (50) 593246 Via S. Maria, 36 Telex: 500371 CNUCE I 56126 PISA Italy Fax: +39 (50) 904052 ---------- ---------- From Piet.Beertema at mcsun.EU.net Tue Mar 2 13:12:05 1993 From: Piet.Beertema at mcsun.EU.net (Piet.Beertema at mcsun.EU.net) Date: Tue, 02 Mar 1993 13:12:05 +0100 Subject: in-addr.arpa zone data in RIPE database In-Reply-To: Your message of Tue, 2 Mar 93 13:00:57 MET . <9303021200.AA15094@jolly.nis.garr.it> Message-ID: <9303021212.AA01817@mcsun.EU.net> > > We have asked the NIC accept change notices from us, so tha t > registration of reverse servers in the database would be > enough to get them into the DNS. Is this desirable? > NO!! I do not agree, I think it would be very useful to the European networking community to interact with RIPE-NCC only instead of having to interact with both RIPE-NCC and the US NIC Interaction is fine. But RIPE stepping into someone else's authority is quite something different! I don't see the point in what Piet says: ..... If you "have only, say, 2 internal and the 2 external servers listed for foo.XX in the XX zone file" how could the RIPE-NCC script discover the other 8 internal servers? Looking in glass ball? Reread the original message: it explicitly contained a sentence: Then a list of all reverse servers found in the DNS: which implies that DNS is queried to find all (in this case reverse) nameservers. How that's done is irrelevant. Piet From bonito at nis.garr.it Tue Mar 2 14:35:57 1993 From: bonito at nis.garr.it (Antonio_Blasco Bonito) Date: Tue, 2 Mar 93 14:35:57 MET Subject: in-addr.arpa zone data in RIPE database In-Reply-To: <9303021212.AA01817@mcsun.EU.net>; from "Piet.Beertema@mcsun.EU.net" at Mar 2, 93 1:12 pm Message-ID: <9303021335.AA15428@jolly.nis.garr.it> > > > > > We have asked the NIC accept change notices from us, so tha > t > > registration of reverse servers in the database would be > > enough to get them into the DNS. Is this desirable? > > NO!! > I do not agree, I think it would be very useful to the European > networking community to interact with RIPE-NCC only instead of > having to interact with both RIPE-NCC and the US NIC > Interaction is fine. But RIPE stepping into someone > else's authority is quite something different! I don't see any problem with that as long as we (european networking people) agree to send update to the RIPE-NCC instead of sending them to the NIC. This is exactly what we already do when registering new networks. Is there anybody who liked more the previous situation (having to wait many days, frequent errors in the database, etc) than the present one? I don't see any difference between registering a new network and registrering inverse nameservers for a network. I only need a place where to send my updates that can guarantee that they are put in the proper servers... > > I don't see the point in what Piet says: > ..... > If you "have only, say, 2 internal and the 2 external servers > listed for foo.XX in the XX zone file" how could the RIPE-NCC script > discover the other 8 internal servers? Looking in glass ball? > Reread the original message: it explicitly contained > a sentence: > Then a list of all reverse servers found in the DNS: > which implies that DNS is queried to find all (in this > case reverse) nameservers. How that's done is irrelevant. If you do not list server in the authoritative zone file they ARE NOT FOUND in the DNS. In fact it makes no sense to list Internet unreachable servers in a zone file which is exported to the world by an Internet connected server ---------- ---------- Antonio_Blasco Bonito E-Mail: bonito at nis.garr.it GARR - Network Information Service c=it;a=garr;p=garr;o=nis;s=bonito c/o CNUCE - Istituto del CNR Tel: +39 (50) 593246 Via S. Maria, 36 Telex: 500371 CNUCE I 56126 PISA Italy Fax: +39 (50) 904052 ---------- ---------- From Piet.Beertema at mcsun.EU.net Tue Mar 2 14:47:08 1993 From: Piet.Beertema at mcsun.EU.net (Piet.Beertema at mcsun.EU.net) Date: Tue, 02 Mar 1993 14:47:08 +0100 Subject: in-addr.arpa zone data in RIPE database In-Reply-To: Your message of Tue, 2 Mar 93 14:35:57 MET . <9303021335.AA15428@jolly.nis.garr.it> Message-ID: <9303021347.AA06706@mcsun.EU.net> Interaction is fine. But RIPE stepping into someone else's authority is quite something different! I don't see any problem with that as long as we (european networking people) agree to send update to the RIPE-NCC instead of sending them to the NIC. RIPE-DB and DNS are entirely different objects. I would like RIPE to notify me *in some cases* about discrepancies between my entries in the RIPE-DB and my DNS entries, but I do *NOT* want RIPE to step into my authority by asking or telling the NIC to change *MY* DNS info because they found discrepancies: I may well have good reason why those discrepancies exist. Piet From bonito at nis.garr.it Tue Mar 2 15:44:09 1993 From: bonito at nis.garr.it (Antonio_Blasco Bonito) Date: Tue, 2 Mar 93 15:44:09 MET Subject: in-addr.arpa zone data in RIPE database In-Reply-To: <9303021347.AA06706@mcsun.EU.net>; from "Piet.Beertema@mcsun.EU.net" at Mar 2, 93 2:47 pm Message-ID: <9303021444.AA15669@jolly.nis.garr.it> > > Interaction is fine. But RIPE stepping into someone else's > authority is quite something different! > I don't see any problem with that as long as we (european > networking people) agree to send update to the RIPE-NCC > instead of sending them to the NIC. > RIPE-DB and DNS are entirely different objects. Yes, indeed. Nonetheless I think it would be extremely useful for network managers in Europe to send their DNS updates to the RIPE-NCC only, knowing that they interface the NIC about the DNS root servers updates. Daniel, you can poll RIPErs on this, can you? > I would > like RIPE to notify me *in some cases* about discrepancies > between my entries in the RIPE-DB and my DNS entries, but > I do *NOT* want RIPE to step into my authority by asking > or telling the NIC to change *MY* DNS info because they > found discrepancies: I may well have good reason why those > discrepancies exist. If someone in Europe likes to have discrepancies, for whatever reason, he can certainly tell to RIPE-NCC: please do not forward my updates to the NIC! ---------- ---------- Antonio_Blasco Bonito E-Mail: bonito at nis.garr.it GARR - Network Information Service c=it;a=garr;p=garr;o=nis;s=bonito c/o CNUCE - Istituto del CNR Tel: +39 (50) 593246 Via S. Maria, 36 Telex: 500371 CNUCE I 56126 PISA Italy Fax: +39 (50) 904052 ---------- ---------- From Anne.Lord at ripe.net Tue Mar 2 16:10:48 1993 From: Anne.Lord at ripe.net (Anne Lord) Date: Tue, 02 Mar 93 16:10:48 +0100 Subject: draft IP request template Message-ID: <9303021510.AA03144@ncc.ripe.net> Dear All, Below is the reworked version of the eu.doc5 proposed European template for IP network numbers. It was agreed in Prague to incorporate the comments from the working group session (and others) and circulate the template to the list one last time for final comments (welcome). Regards, Anne --------------------------------------------------------------- DRAFT EUROPEAN IP NETWORK NUMBER eu.doc6 APPLICATION FORM & SUPPORTING NOTES To whom it may concern. Thank you for your request for an IP network number. Please ensure that you read the information below carefully before submitting your application for an IP number. The form appended to this letter will be accepted by local Internet Registries across Europe. The previously centralised procedures for obtaining IP network numbers from the Global Internet Registry (aka hostmaster at nic.ddn.mil) has been replaced by a distributed system whereby applications for IP network numbers across Europe are processed by Local Internet Registries (local IR's). The diagram below shows the distributed hierarchy of IR`s. The global IR delegates blocks of IP numbers to the RIPE NCC, who in turn delegates blocks of IP numbers to local IR's. Note that local IR's are of two types; "service providers" and "non-service providers". An IP service provider is an organisation that supplies Internet connectivity (examples are academic network providers and commercial network providers . Global IR (DDN-NIC now known as Internic) | | Regional IR (RIPE NCC) | ________________________________|____________________________ | | | | Local IR Local IR Local IR Local IR \ \ / / ( "NON SERVICE" (SERVICE PROVIDERS) (SERVICE PROVIDER) PROVIDER") <"Non-service provider local IR's are organisations that are prepared to handle all requests from organisations that have no connection to the Internet at present or planned. If you are NOT a customer of a service provider, then you should send your completed application form to the "Non Service Provider" local IR. Only one of this type of registry exists per country in Europe. If you do not know whether a local non-provider IR exists for your country then you should contact the RIPE NCC (address below). If however, you are already a customer of an IP provider, then you should contact them for your IP network number. > Regardless of whether you are applying for class B or C addresses you should always make your application in the first instance to a local IR. However, class B addresses are only assigned by a Regional Internet Registry (in Europe this is the RIPE NCC located in the Netherlands), so if your application is felt justified, it will be forwarded by your local-IR for the RIPE NCC to review. If you have any queries, please do not hesititate to contact the who will be able to advise you. Our contact details are given below: Most countries should drop the leading zero when specifying their area code. More than one telephone number is fine. Each telephone number should be put on a separate line and written in order of the most appropriate number for the contact person eg: phone: +31 20 1233 4676 phone: +31 20 1233 4677 ext. 4711 fax-no: Please complete with the telefax number of the person specified above. Follow with the same rules as specified for telephone number above eg: fax-no: +31 20 12334678 e-mail: Please supply the appropriate electronic mail address for the contact. If you DO NOT have e-mail connectivity, please insert . Please ensure that this is a valid domain address please eg: e-mail: johndoe at terabit.nl or e-mail: nic-hdl: This refers to a NIC handle which is a unique identifier assigned and used by the US NIC to unambiguously refer to Internet people. If you do not have a NIC handle, then please leave blank eg: nic-hdl: JD0401 changed: Who and when changed this last. Please complete with your e-mail address followed by the current date in the format which is shown below. If you do not have e-mail connectivity, please leave blank and we will complete this on your behalf eg: changed: johndoe at terabit.nn 930225 source: Source of the information. This will always be RIPE and is a required field so it has been added Part B - Technical Details Information supplied below helps us to evaluate and process your request.It will be kept IN CONFIDENCE by us for internal use only. It will NOT be entered into the RIPE Network Management Database. TECHNICAL TEMPLATE request-type: Please specify the quantity and class of your request for network numbers. In making the application, please be guided by the following EXAMPLES of number of hosts which relate to the quantity of network numbers requested eg: 1 class C number (maximum 254 hosts) 2 class C numbers (maximum 508 hosts) 4 class C numbers (maximum 1016 hosts) 8 class C numbers (maximum 2032 hosts) 16 class C numbers (maximum 4064 hosts) 32 class C numbers (maximum 8128 hosts) a single class B number other (please specify) machine-0: Please state the number of machines in your organisation that currently require a unique IP address. Do not forget to include terminal servers and network numbers needed for transit networks when calculating this figure eg: machine-0: 100 machine-1: machine-2: As above for machine-0 but estimate for 1 and 2 years time. subnet-0: Please state the number of subnets required for the current network. A subnet refers to the physical parts of the network which need a unique (sub)net number eg: subnet-0: 10 subnet-1: subnet-2: As above for subnet-0 but estimate for the number of subnets in 1 and 2 years time. inet-connect: Please state whether you plan to connect to the Internet. Please answer with whichever of the following options most closely describes the position of your organisation eg: - will never connect - already connected - plan to connect If you are "already connected" to the Internet, please state which service provider you are connected to. If you answer with "plan to connect" then please make an estimation on the date that you hope to connect, specifying the month, the year (if possible) and through whom if known eg: inet-connect: plan to connect December 1993 A N Other Provider exist-IP-net: Has your organisation already obtained an IP network number or numbers? If so, please give the network number(s) and the network name if known. If not, then please complete with .Format: complete with the network number only - four numbers separated by dots, as shown below. If known, please also add the network name entry as shown below. This must be specified in exactly the same way as it appears below eg: exist-IP-net: 193.87.45.0 TBIT or exist-IP-net: iso-cc: Please give the ISO 3166 country code which describes where the network will be located. If more than one country applies, then give the names of the countries which will be covered by the network. Format: complete with the country name(s) using the ISO 3166 country code. If you are unsure about the code, write the name of the country in full. iso-cc: NL, SE EXAMPLE COMPLETED NETWORK, PERSON and TECHNICAL TEMPLATE netname: TBIT descr: Terabit Labs Inc. descr: Network Bugs Feeding Facility descr: Northtown country: NL admin-c: John E Doe tech-c: John E Doe changed: johndoe at terabit.nl 930225 source: RIPE person: John E Doe address: Terabit Labs Inc. address: Industrial Estate North address: North Perpendicular Road 12 address: NL-1234 Northtown address: The Netherlands phone: +31 20 987 6542 ext. 4711 fax-no: +31 20 123 3467 e-mail: johndoe at terabit.nn nic-hdl: JD0401 changed: johndoe at terabit.nl 930225 source: RIPE request-type: 1 class C machine-0: 100 machine-1: 134 machine-2: 250 subnet-0: 10 subnet-1: 40 subnet-2: 60 inet-connect: plan to connect 930401 A.N Other.Provider exist-IP-net: 193.87.45.0 TBIT iso-cc: NL Part C - Technical Details Please complete this section on a separate page if you are applying for more than 2 Class C network numbers. The more numbers you are requesting, the more detailed your technical description will need to be. Furthermore, the more detail you provide, the quicker we will be able to process your application. Please include an overview of the size of your subnets, ensuring that you do not forget transit networks, terminal servers etc. when calculating your needs. Before you complete this section you should read the `Helpful Hints' document (currently under preparation) which will guide you. It is particularly important to read this document if you are applying for a class B network number, as it provides additional hints. It is available from: .Local language versions also exist. Please contact your local registry for copies. If you are applying for a Class B network number please send your completed application to the local registry who will review your case. If it is felt that a Class B network number is justified, your application will be forwarded to your the RIPE NCC who will review your application. Please be reminded that Class B network numbers are extremely scarce and are rarely allocated. Part D - Contact Details This section should be completed *ONLY IF* you are making an application on behalf of another organisation. Please indicate who the application is being made by and on behalf of whom, giving all the contact details requested. COMPLETE FORM BELOW AND DETACH HERE 8< ----------------------------------- EUROPEAN INTERNET NUMBER REQUEST FORM Email is preferred if you have it. If not, then it is preferred if you send in your template by fax. This will help us to process your request more quickly. Once completed, please return this document to:
IMPORTANT NOTE This document is valid until . An updated document can be obtained from: email: fax: Part A - Administrative Details The information supplied for this section together with the assigned network numbers will be entered into a database of European network numbers and their contact information which is accessible by the whole Internet community. NETWORK TEMPLATE inetnum: __________________________________________________________ number: __________________________________________________________ netname: __________________________________________________________ descr: __________________________________________________________ descr: __________________________________________________________ country: __________________________________________________________ admin-c: __________________________________________________________ tech-c: __________________________________________________________ connect: __________________________________________________________ changed: __________________________________________________________ source: RIPE PERSON TEMPLATE person: __________________________________________________________ address: __________________________________________________________ address: __________________________________________________________ address: __________________________________________________________ address: __________________________________________________________ phone: __________________________________________________________ fax-no: __________________________________________________________ e-mail: __________________________________________________________ nic-hdl: __________________________________________________________ changed: __________________________________________________________ source: RIPE PERSON TEMPLATE person: __________________________________________________________ address: __________________________________________________________ address: __________________________________________________________ address: __________________________________________________________ address: __________________________________________________________ phone: __________________________________________________________ fax-no: __________________________________________________________ e-mail: __________________________________________________________ nic-hdl: __________________________________________________________ changed: __________________________________________________________ source: RIPE Please note that you will have to include a separate person template for each person referenced as a contact unless the information about the person in the RIPE database is still valid. The information given above will be entered into a database of European network contacts which is accessible by the whole Internet community. Part B - Technical Details Information supplied below helps us to evaluate and process your request.It will be kept in strict CONFIDENCE and is for internal use only. It will NOT be entered into the RIPE Network Management Database. TECHNICAL TEMPLATE request-type: __________________________________________________________ machine-0: __________________________________________________________ machine-1: __________________________________________________________ machine-2: __________________________________________________________ subnet--0: __________________________________________________________ subnet-1: __________________________________________________________ subnet-2: __________________________________________________________ inet-connect: __________________________________________________________ exist-IP-net: __________________________________________________________ iso-cc: __________________________________________________________ Part C - Technical Details If you are applying for more than 2 Class C network numbers then on this page, please submit a description of your network plans. Current network layout : Future network plans : (next 2 years) Part D - Contact Details Complete the section below *ONLY IF* you are making an application on behalf of another organisation. This application is made by:- name: __________________________________________________________ organisation: __________________________________________________________ country: __________________________________________________________ phone: __________________________________________________________ fax-no: __________________________________________________________ e-mail: __________________________________________________________ On behalf of the following organisation: name: __________________________________________________________ organisation: __________________________________________________________ country: __________________________________________________________ phone: __________________________________________________________ fax-no: __________________________________________________________ e-mail: __________________________________________________________ From keith at pipex.net Tue Mar 2 16:27:31 1993 From: keith at pipex.net (Keith Mitchell) Date: Tue, 2 Mar 1993 15:27:31 GMT Subject: in-addr.arpa zone data in RIPE database In-Reply-To: Piet.Beertema@mcsun.EU.net "Re: in-addr.arpa zone data in RIPE database" (Mar 2, 2:47pm) References: <9303021347.AA06706@mcsun.EU.net> Message-ID: <9303021527.AA12207@brimstone.unipalm.co.uk> In <9303021347.AA06706 at mcsun.EU.net>, wrote: > Interaction is fine. But RIPE stepping into someone else's > authority is quite something different! > I don't see any problem with that as long as we (european > networking people) agree to send update to the RIPE-NCC > instead of sending them to the NIC. > RIPE-DB and DNS are entirely different objects. I would > like RIPE to notify me *in some cases* about discrepancies > between my entries in the RIPE-DB and my DNS entries, but > I do *NOT* want RIPE to step into my authority by asking > or telling the NIC to change *MY* DNS info because they > found discrepancies: I may well have good reason why those > discrepancies exist. This is a bit of an aside to the debate above, but there is something that has struck me as obvious which would make the management of in-addr.arpa much easier for everyone, and help with the above issue. Why not get all of 193.in-addr.arpa delegated to the RIPE NCC, and have it in turn delegate xx.193.in-addr.arpa to the service providers ? That way we don't have to deal directly with the creaking NIC, but authority is still delineated clearly by existing DNS mechanisms. This has not been possible in the past, due to the restriction of in-addr DNS delegations needing to be on byte boundaries, *but* that is exactly how the RIPE supernet block is being assigned. Or have I missed a good reason why this won't work ? Keith Mitchell Network Manager Public IP Exchange keith at pipex.net 216 The Science Park keith at unipalm.co.uk Cambridge, UK Phone: +44 223-424616 Fax: +44 223-426868 From Daniel.Karrenberg at ripe.net Tue Mar 2 16:38:36 1993 From: Daniel.Karrenberg at ripe.net (Daniel Karrenberg) Date: Tue, 02 Mar 93 16:38:36 +0100 Subject: in-addr.arpa zone data in RIPE database In-Reply-To: Your message of Tue, 02 Mar 93 15:27:31 GMT. <9303021527.AA12207@brimstone.unipalm.co.uk> Message-ID: <9303021538.AA03257@ncc.ripe.net> > keith at pipex.net (Keith Mitchell) writes: > > Why not get all of 193.in-addr.arpa delegated to the RIPE NCC, and > have it in turn delegate xx.193.in-addr.arpa to the service > providers ? We are working on this one too! It will be in place soon, NIC permitting. But a lot of nets are not in 193 ..... Daniel From Marten.Terpstra at ripe.net Tue Mar 2 16:42:32 1993 From: Marten.Terpstra at ripe.net (Marten Terpstra) Date: Tue, 02 Mar 93 16:42:32 +0100 Subject: in-addr.arpa zone data in RIPE database In-Reply-To: Your message of Tue, 02 Mar 93 15:27:31 GMT. <9303021527.AA12207@brimstone.unipalm.co.uk> Message-ID: <9303021542.AA03273@ncc.ripe.net> keith at pipex.net (Keith Mitchell) writes: * * This is a bit of an aside to the debate above, but there is * something that has struck me as obvious which would make the * management of in-addr.arpa much easier for everyone, and help with * the above issue. * * Why not get all of 193.in-addr.arpa delegated to the RIPE NCC, and * have it in turn delegate xx.193.in-addr.arpa to the service * providers ? * * That way we don't have to deal directly with the creaking NIC, but * authority is still delineated clearly by existing DNS mechanisms. * This has not been possible in the past, due to the restriction of * in-addr DNS delegations needing to be on byte boundaries, *but* * that is exactly how the RIPE supernet block is being assigned. * * Or have I missed a good reason why this won't work ? You have not missed anything. Even better yet, currently there is a dummy 193.in-addr.arpa server running at the NCC all in preparation of the full delegation of 193.in-addr.arpa from the NIC. We are indeed planning to further delegate blocks down to service providers. So, good idea, and almost implemented. We are just waiting for the NIC to officially delegate the zone, then all of that will be done. We are in the process of writing some guidelines for further delegation of blocks, because there are things like: a customer of yours has IP numbers from your block, and has properly registered in-addr through you (you have the block in-addr). What happens with the in-addr for this customer if he decides to go to the provider next door, because he is much cheaper ? Of course you will have to continue providing the delegateion RRs for this customer, but then what if the other provider cannot or will not talk to you (IP wise). There is more of these things that need to be written down carefully. Still, there are the issues of the DNS versus the DB, but I feel that others are already dealing with that one ;-) -Marten From Havard.Eidnes at runit.sintef.no Tue Mar 2 18:02:41 1993 From: Havard.Eidnes at runit.sintef.no (Havard Eidnes) Date: Tue, 02 Mar 1993 18:02:41 +0100 Subject: in-addr.arpa zone data in RIPE database In-Reply-To: Your message of "Tue, 02 Mar 1993 15:44:09 +0700." <9303021444.AA15669@jolly.nis.garr.it> Message-ID: <9303021702.AA06545@spurv> Hi, I think that the current apparent disagreement between Piet Beertema and Antonio Blasco Bonito is no real disagreement. What I think Piet objects to, is that the RIPE NCC, after querying the DNS (which in far, far too many cases is misconfigured), would take the results and automatically 1) carry out a database update in the RIPE DB 2) forward a change request to the US NIC on the basis of the DNS information I fully agree with Piet that this is a bad idea. Nevertheless, I think it is a good idea to sometimes carry out a "consistency check" between what is in the RIPE database and what is actually registered in the DNS. In that case, it would probably be nice to register "known inconsistencies" (in the vein that Piet suggested, and which is in use for eg. dec.com -- use your favourite lookup tool), so that one is not reminded of the same "error" lots of times. What I think Antonio is saying, is that it would be nice to only have to send in registration for a network to the RIPE NCC, and include the "rev-srv" attribute, and that this information could be forwarded to the US NIC for them to do the corresponding addition/change in in-addr.arpa. I also happen to agree with Antonio that this is a good idea. As for the 129.177 network, umm... :-) I'll send in an update. Regards, - Havard From bonito at nis.garr.it Tue Mar 2 19:06:17 1993 From: bonito at nis.garr.it (Antonio_Blasco Bonito) Date: Tue, 2 Mar 93 19:06:17 MET Subject: in-addr.arpa zone data in RIPE database In-Reply-To: <9303021751.AA01517=piet@kraai.cwi.nl>; from "Piet Beertema" at Mar 2, 93 6:51 pm Message-ID: <9303021806.AA16584@jolly.nis.garr.it> > > What I think Piet objects to, is that the RIPE NCC, after querying > the DNS (which in far, far too many cases is misconfigured), would > take the results and automatically > 1) carry out a database update in the RIPE DB > 2) forward a change request to the US NIC on > the basis of the DNS information > That's indeed exactly what I'm objection to, since > that comes down to RIPE stepping into the authority > of the really responsible persons. > > Nevertheless, I think it is a good idea to sometimes carry out a > "consistency check" between what is in the RIPE database and what > is actually registered in the DNS. In that case, it would probably > be nice to register "known inconsistencies" (in the vein that Piet > suggested, and which is in use for eg. dec.com -- use your favourite > lookup tool), so that one is not reminded of the same "error" lots > of times. > Fully agreed. > > What I think Antonio is saying, is that it would be nice to only > have to send in registration for a network to the RIPE NCC, and > include the "rev-srv" attribute, and that this information could > be forwarded to the US NIC for them to do the corresponding addition/ > change in in-addr.arpa. I also happen to agree with Antonio that > this is a good idea. > I agree that this would indeed be a good idea, on the > provision that not RIPE, but the person submitting > the registrations/changes is taken to be authoritative > in the NIC's database. > > > Piet > > Many thanks to Havard !!! I agree on everything above. ---------- ---------- Antonio_Blasco Bonito E-Mail: bonito at nis.garr.it GARR - Network Information Service c=it;a=garr;p=garr;o=nis;s=bonito c/o CNUCE - Istituto del CNR Tel: +39 (50) 593246 Via S. Maria, 36 Telex: 500371 CNUCE I 56126 PISA Italy Fax: +39 (50) 904052 ---------- ---------- From Piet.Beertema at cwi.nl Tue Mar 2 18:51:03 1993 From: Piet.Beertema at cwi.nl (Piet Beertema) Date: Tue, 02 Mar 1993 18:51:03 +0100 Subject: in-addr.arpa zone data in RIPE database In-Reply-To: Your message of Tue, 02 Mar 1993 18:02:41 +0100 . <9303021702.AA06545@spurv> Message-ID: <9303021751.AA01517=piet@kraai.cwi.nl> What I think Piet objects to, is that the RIPE NCC, after querying the DNS (which in far, far too many cases is misconfigured), would take the results and automatically 1) carry out a database update in the RIPE DB 2) forward a change request to the US NIC on the basis of the DNS information That's indeed exactly what I'm objection to, since that comes down to RIPE stepping into the authority of the really responsible persons. Nevertheless, I think it is a good idea to sometimes carry out a "consistency check" between what is in the RIPE database and what is actually registered in the DNS. In that case, it would probably be nice to register "known inconsistencies" (in the vein that Piet suggested, and which is in use for eg. dec.com -- use your favourite lookup tool), so that one is not reminded of the same "error" lots of times. Fully agreed. What I think Antonio is saying, is that it would be nice to only have to send in registration for a network to the RIPE NCC, and include the "rev-srv" attribute, and that this information could be forwarded to the US NIC for them to do the corresponding addition/ change in in-addr.arpa. I also happen to agree with Antonio that this is a good idea. I agree that this would indeed be a good idea, on the provision that not RIPE, but the person submitting the registrations/changes is taken to be authoritative in the NIC's database. Piet From Anne.Lord at ripe.net Wed Mar 3 10:39:22 1993 From: Anne.Lord at ripe.net (Anne Lord) Date: Wed, 03 Mar 93 10:39:22 +0100 Subject: draft IP request template In-Reply-To: Your message of Wed, 03 Mar 93 09:56:16 +0700. <9303030856.AA00529@jolly.nis.garr.it> Message-ID: <9303030939.AA05469@ncc.ripe.net> > > I have only one remark which I already made in Prague, I think. > iso-cc is not a good name for the network location tag, it is far too > criptic. I propose net-country. accepted and changed. > I have a comment on: > > This document is valid until . An updated document can be > We need to define a revision schedule to be able to specify an expiry date, > I think. I would try to avoid different expiry dates for different countrie > s > or different service providers. We all need to know which is the right > version of template to be given to requestors at a certain date. Well i would be responsible for sending out to all local registries via the local-ir list, the updated copy both .lpr and .ps versions at say 3 monthly intervals (just after RIPE meetings I propose). I would also of course ensure that the most up to date document is in the document store. It would be up to each local registry to maintain their local language versions. However, the NCC version of the template will be slightly different from the one that will be used by local registries (it is more verbose), so either we maintain two documents : the RIPE NCC template and one for local registries OR local registries delete the parts that dont apply. It would probably be less confusing to have 2 separate documents. But you will in any case have to add your own contact details to the template. > > > Then, I found some typos; look below for replacement lines beginning with $ > $ corrected all the typos. Many thanks for your comments. Anne. From jalm at spirou.puug.pt Wed Mar 3 19:34:21 1993 From: jalm at spirou.puug.pt (Jose Legatheaux Martins) Date: Wed, 3 Mar 93 10:34:21 PST Subject: in-addr.arpa zone data in RIPE database Message-ID: <9303031834.AA02000@spirou.puug.pt> ...... Still, there are the issues of the DNS versus the DB, but I feel that others are already dealing with that one ;-) In the previous discussion concerning DNS and RIPE database coherence, I think that we should try to keep separate different issues (DNS and RIPE dbm). 1) We have a system designed to deal with addressing, naming servers, etc. the DNS. We should concentrate on this system for this purpose. It should be considered the real source of information for the data it as been designed to deal with. So, the place were I can find the information about servers, addresses, etc. is in the DNS. Well, DNS has been designed to be managed in a decentralized way. This is a very good point but it has a very bad point: in general it contains lots of errors and inconsistencies. Conclusion: we should invest in tools to detect such errors and notify the administrators concerned. There are some of these tools available in the archive of RIPE. Anyway, I, as an administrator, would prefer to have a single point of focus for stating which are the servers running authoritative for my domain or for the reverse mapping of my network and that is the DNS, nothing more. 2) We have the RIPE database: this is a very good tool to deal with some administrative data. Well, lets use it for this purpose. Anyway, we should avoid to have to deal manually with DUPLICATE data. So, we should avoid to have information about servers and addresses of those servers in the RIPE dbm. My suggestion is: use the RIPE dbm to deal * only * with those informations that cannot be effectively registered in the DNS. If we decide to maintain in the RIPE dbm information about DNS servers, those fields should be automatically updated from the DNS on a (for example) monthly basis. And its semantics should be seen as "the vison about this subject that the tools of the RIPE NCC have been able to extract from the DNS some XXX days ago". I do not believe on centralized repositories and management unless I have no other way to avoid it. I do not believe in consistency maintained mannually by hundreds (thousands ?) of administrators. Jose' From Daniel.Karrenberg at ripe.net Wed Mar 3 12:02:51 1993 From: Daniel.Karrenberg at ripe.net (Daniel Karrenberg) Date: Wed, 03 Mar 93 12:02:51 +0100 Subject: in-addr.arpa zone data in RIPE database In-Reply-To: Your message of Tue, 02 Mar 93 18:02:41 +0100. <9303021702.AA06545@spurv> Message-ID: <9303031102.AA05793@ncc.ripe.net> To summarise and conclude from the discussion: All comments -also the ones sent to me privately- were unanimous on this: There will be no automatic updates of the RIPE DB. If database information is believed to be inconsistent the rechnical contact persons will be notified together with suggested corrections. They can then decide whether to send in the suggested corrections. What remains open is the question on whether in-addr.arpa zone registrations should be effected automatically by registering the 'rev-srv' field in the RIPE database. I have had quite a few comments from people who want this and I personally agree it would be a nice feature. Some people actually assumed this was the way it was working already and complained that they had to register in-addr.arpa separately with the NIC! I do not see Piet's argument that this would mean a loss of authority of the network contacts. They have the same authority for changing the RIPE database than they have for changing the NIC database which then generates the in-addr.arpa zone information. Just the procedure would be different, and easier: One stop shopping with no additional cost (and no warranty of agency :-), sorry inside joke). So my proposal would be to do this in steps: First clean up the inconsistencies in the RIPE database using the procedure above. Then populate the database with the current in-addr.arpa information, notifying the tech contacts of each change. After these two steps the information in in-addr.arpa and both the NIC and RIPE databases is consistent. Then initiate changes of in-addr.arpa whenever the 'rev-srv' attribute in the RIPE DB is changed. This means the one stop shopping is effective. Until confidence is built we can notify the tech contacts whenever such a change is made. Is this acceptable? Daniel From Daniel.Karrenberg at ripe.net Wed Mar 3 12:18:35 1993 From: Daniel.Karrenberg at ripe.net (Daniel Karrenberg) Date: Wed, 03 Mar 93 12:18:35 +0100 Subject: in-addr.arpa zone data in RIPE database In-Reply-To: Your message of Wed, 03 Mar 93 10:34:21 PST. <9303031834.AA02000@spirou.puug.pt> Message-ID: <9303031118.AA05845@ncc.ripe.net> > jalm at spirou.puug.pt (Jose Legatheaux Martins) writes: > Conclusion: we should invest in tools to detect such errors and > notify the administrators concerned. There are some of these > tools available in the archive of RIPE. Anyway, I, as an administrator, > would prefer to have a single point of focus for stating which > are the servers running authoritative for my domain or for > the reverse mapping of my network and that is the DNS, nothing more. Fully agree and the proposal is to use the RIPE DB for this in Eurpe. > 2) We have the RIPE database: this is a very good tool to deal > with some administrative data. Well, lets use it for this purpose. > Anyway, we should avoid to have to deal manually with DUPLICATE > data. So, we should avoid to have information about servers > and addresses of those servers in the RIPE dbm. Of course there is a chicken and egg problem here. In order to use the DNS for anything, the appropriate NS RRs have to be put in somewhere. One has to keep a record of which NS RRs go where. Currently in-addr.arpa is centralised and this means that we need a centralised registry. > My suggestion is: use the RIPE dbm to deal * only * with those > informations that cannot be effectively registered in the DNS. Wholeheartedly agree. Remember I proposed to get rid of the domain object in the RIPE DB? Well I was told that there is some information in those objects that connot be represented in the DNS. So we kept it. > If we decide to maintain in the RIPE dbm information about > DNS servers, those fields should be automatically updated from > the DNS on a (for example) monthly basis. See "chicken and egg" above. > I do not believe on centralized repositories and management unless > I have no other way to avoid it. In general you are right. > I do not believe in consistency maintained mannually by hundreds > (thousands ?) of administrators. That's why you are right only "in general". Daniel From bonito at nis.garr.it Wed Mar 3 13:13:52 1993 From: bonito at nis.garr.it (Antonio_Blasco Bonito) Date: Wed, 3 Mar 93 13:13:52 MET Subject: in-addr.arpa zone data in RIPE database In-Reply-To: <9303031102.AA05793@ncc.ripe.net>; from "Daniel Karrenberg" at Mar 3, 93 12:02 pm Message-ID: <9303031213.AA01094@jolly.nis.garr.it> Daniel Karrenberg says: > What remains open is the question on whether in-addr.arpa zone > registrations should be effected automatically by registering the > 'rev-srv' field in the RIPE database. I have had quite a few > comments from people who want this and I personally agree it would be a > nice feature. Some people actually assumed this was the way it was working > already and complained that they had to register in-addr.arpa separately > with the NIC! > > I do not see Piet's argument that this would mean a loss of authority of > the network contacts. They have the same authority for changing the > RIPE database than they have for changing the NIC database which then > generates the in-addr.arpa zone information. Just the procedure would > be different, and easier: One stop shopping with no additional cost > (and no warranty of agency :-), sorry inside joke). > > So my proposal would be to do this in steps: > > First clean up the inconsistencies in the RIPE database using the > procedure above. > > Then populate the database with the current in-addr.arpa information, > notifying the tech contacts of each change. > > After these two steps the information in in-addr.arpa and both the NIC > and RIPE databases is consistent. > > Then initiate changes of in-addr.arpa whenever the 'rev-srv' attribute > in the RIPE DB is changed. This means the one stop shopping is > effective. Until confidence is built we can notify the tech contacts > whenever such a change is made. > > Is this acceptable? YES, I very much agree with this plan. I have to say, commenting some other mail on the subject, that the DNS is a distributed database BUT the in-addr.arpa registration is indeed a centralized service, so I prefer very much to have the RIPE-NCC as my counterpart in this tedious matter, rather than the US NIC. The NCC has proven to much more efficient and responsive than the US NIC. Full stop. ---------- ---------- Antonio_Blasco Bonito E-Mail: bonito at nis.garr.it GARR - Network Information Service c=it;a=garr;p=garr;o=nis;s=bonito c/o CNUCE - Istituto del CNR Tel: +39 (50) 593246 Via S. Maria, 36 Telex: 500371 CNUCE I 56126 PISA Italy Fax: +39 (50) 904052 ---------- ---------- From Piet.Beertema at mcsun.EU.net Wed Mar 3 13:44:18 1993 From: Piet.Beertema at mcsun.EU.net (Piet.Beertema at mcsun.EU.net) Date: Wed, 03 Mar 1993 13:44:18 +0100 Subject: in-addr.arpa zone data in RIPE database In-Reply-To: Your message of Wed, 03 Mar 93 12:02:51 +0100 . <9303031102.AA05793@ncc.ripe.net> Message-ID: <9303031244.AA28816@mcsun.EU.net> What remains open is the question on whether in-addr.arpa zone registrations should be effected automatically by registering the 'rev-srv' field in the RIPE database. I have had quite a few comments from people who want this and I personally agree it would be a nice feature. I do not see Piet's argument that this would mean a loss of authority of the network contacts. This form of "indirect registration" would indeed not mean loss of authority. The problem remains though that separate functions - DB and DNS - become intermixed here. And then whom do you contact/tell/flame if the root servers contain wrong information? An indirect way of correcting things via submissions to the RIPE DB in my view is far from ideal, as it may well introduce unnecessary delays. And once you start doing such things for the reverse servers, the next step may well be doing the same for "forward servers"; then how can e.g. a top level domain registrar determine whether a given change is valid, e.g. comes from an authoritative person? Piet From Havard.Eidnes at runit.sintef.no Wed Mar 3 14:36:09 1993 From: Havard.Eidnes at runit.sintef.no (Havard Eidnes) Date: Wed, 03 Mar 1993 14:36:09 +0100 Subject: in-addr.arpa zone data in RIPE database In-Reply-To: Your message of "Wed, 03 Mar 1993 13:44:18 +0100." <9303031244.AA28816@mcsun.EU.net> Message-ID: <9303031336.AA18977@spurv> > An indirect way of correcting things via submissions to the RIPE DB in my > view is far from ideal, as it may well introduce unnecessary delays. Soon this argument will be moot for at least 193.in-addr.arpa... > And once you start doing such things for the reverse servers, the next > step may well be doing the same for "forward servers"; then how can e.g. > a top level domain registrar determine whether a given change is valid, > e.g. comes from an authoritative person? Call (ie. phone) the supplied administrative contact person? How do you ensure authority today? - Havard From Piet.Beertema at cwi.nl Wed Mar 3 15:55:29 1993 From: Piet.Beertema at cwi.nl (Piet Beertema) Date: Wed, 03 Mar 1993 15:55:29 +0100 Subject: in-addr.arpa zone data in RIPE database In-Reply-To: Your message of Wed, 03 Mar 1993 14:36:09 +0100 . <9303031336.AA18977@spurv> Message-ID: <9303031455.AA02871=piet@kraai.cwi.nl> An indirect way of correcting things via submissions to the RIPE DB in my view is far from ideal, as it may well introduce unnecessary delays. Soon this argument will be moot for at least 193.in-addr.arpa... True. Now if only the world consisted solely of 193.in-addr.arpa... ....then how can e.g. a top level domain registrar determine whether a given change is valid, e.g. comes from an authoritative person? How do you ensure authority today? By checking against my TLD admin files. Piet From bonito at nis.garr.it Wed Mar 3 19:09:48 1993 From: bonito at nis.garr.it (Antonio_Blasco Bonito) Date: Wed, 3 Mar 93 19:09:48 MET Subject: in-addr.arpa zone data in RIPE database In-Reply-To: <9303031244.AA28816@mcsun.EU.net>; from "Piet.Beertema@mcsun.EU.net" at Mar 3, 93 1:44 pm Message-ID: <9303031809.AA03972@jolly.nis.garr.it> > > What remains open is the question on whether in-addr.arpa zone > registrations should be effected automatically by registering the > 'rev-srv' field in the RIPE database. I have had quite a few > comments from people who want this and I personally agree it would > be a nice feature. > I do not see Piet's argument that this would mean a loss of authority > of the network contacts. > This form of "indirect registration" would indeed not mean > loss of authority. The problem remains though that separate > functions - DB and DNS - become intermixed here. And then > whom do you contact/tell/flame if the root servers contain > wrong information? An indirect way of correcting things via > submissions to the RIPE DB in my view is far from ideal, as > it may well introduce unnecessary delays. And once you start > doing such things for the reverse servers, the next step may > well be doing the same for "forward servers"; then how can > e.g. a top level domain registrar determine whether a given > change is valid, e.g. comes from an authoritative person? There no need to do that for forward servers because they are structured as a distributed three and the authority is delegated at each level. In practice today the US NIC does not check at all if a rev-srv change comes from an "authoritative person" because they do not check where the mail request comes from and it is practically impossible for them to pick a phone an call someone in Europe. So this is not the point. ---------- ---------- Antonio_Blasco Bonito E-Mail: bonito at nis.garr.it GARR - Network Information Service c=it;a=garr;p=garr;o=nis;s=bonito c/o CNUCE - Istituto del CNR Tel: +39 (50) 593246 Via S. Maria, 36 Telex: 500371 CNUCE I 56126 PISA Italy Fax: +39 (50) 904052 ---------- ---------- From Anne.Lord at ripe.net Fri Mar 5 14:37:18 1993 From: Anne.Lord at ripe.net (Anne Lord) Date: Fri, 05 Mar 93 14:37:18 +0100 Subject: Internet connection wanted Message-ID: <9303051337.AA12372@ncc.ripe.net> Dear Mr Gleave, The RIPE NCC is an impartial organisation, so we are not able to recommend any particular service provider to you. We do however keep a mailing list to which any service provider can subscribe, and to which we forward all queries like yours. Someone from the list should be in touch with you shortly. If you have any further queries do not hesitate to contact us. Regards, Anne Lord RIPE NCC ------- Forwarded Message Date: Fri, 5 Mar 93 13:30:17 +0100 From: gleave at bouncr.enet.dec.com (05-Mar-1993 1226) To: ncc at ripe.net cc: gleave at VboRMC.vbo.dec.com Subject: How to obtain a connection to the Internet ? Hi, Just received this (>)paragraph as part of a response from NIC to my attached query. Anything further you can add ? Many thanks, John Gleave - ------------------------------------------------------------------------------- - ------------------ >I am attaching the latest list of Internet service providers. All address >registration for Europe is handled by the Network Coordination Center at >RIPE in The Netherlands. Their E-mail is "ncc at ripe.net". They may be able >to give additional assistance on providers. - ------------------------------------------------------------------------------- - ------------------ To: nm%vbormc::"nic at nic.ddn.mil" CC: gleave Subj: How to obtain a connection to the Internet ? Hi, I've just been checking through several of the documents available on "the Inte rnet" but can't seem to find any information on how to set up a physical connection. I have several customers here in the UK who would like to establish a connectio n (after obtaining official addresses of course). What are the options available to them ? Do they have to negotiate with a local education site (university, college) whi ch has access, or is there a commercial connection service available in the UK ? Are there other options available for private individuals ? I'd be grateful for any advice/pointers. Thanks in advance, John Gleave. UK CSO Service Centre, Digital Equipment Corporation ------- End of Forwarded Message From ncc at ripe.net Fri Mar 5 14:26:37 1993 From: ncc at ripe.net (RIPE NCC Staff) Date: Fri, 05 Mar 93 14:26:37 +0100 Subject: RIPE NCC Outage Today at 18:00 GMT+1 Message-ID: <9303051326.AA12342@ncc.ripe.net> Colleagues, All NCC machines will be out of service today Friday March 5th at 18:00 GMT+1 for installation of additional disks and major file system rearrangements For this purpose, which we cannot just do in single user mode for those wondering, we will shutdown the complete NCC ethernet to avoid the loss of database updates or other messages when moving filesystems around. We think this whole operation will take some 2 hours, after which we will be back on the air. Apologies for any inconvenience, NCC Staff From Daniel.Karrenberg at ripe.net Tue Mar 9 14:19:04 1993 From: Daniel.Karrenberg at ripe.net (Daniel Karrenberg) Date: Tue, 09 Mar 93 14:19:04 +0100 Subject: Corrections in the RIPE Database Message-ID: <9303091319.AA08982@ncc.ripe.net> Folks, we have done some cleaning up of the RIPE database in order to preserve only information which the whois server actually displays and to prevent future update errors. The inconsistencies found were mainly unofficial *gd: fields which have been removed. The entries below have been modified in conjunction with the cleanup. Please note this in your records. Daniel *pn: Carmelo Lodato *ad: Centro Universitario di Calcolo (CUC) *ad: Viale delle Scienze *ad: I-90128 Palermo *ph: +39 91 6571984 *fx: +39 91 485872 *em: inox at ipacuc.cuc.unipa.it *ch: staff at nis.garr.it 930308 *so: RIPE *de: Italy deleted *pn: Giuseppe Puleo *ad: Centro Universitario di Calcolo (CUC) *ad: Viale delle Scienze *ad: I-90128 Palermo *ph: +39 91 6571984 *fx: +39 91 485872 *em: rpcmaint at ipacuc.cuc.unipa.it *ch: staff at nis.garr.it 930308 *so: RIPE *de: Italy deleted *pn: Massimo Tartamella *ad: Centro Universitario di Calcolo (CUC) *ad: Viale delle Scienze *ad: I-90128 Palermo *ph: +39 91 6571984 *fx: +39 91 485872 *em: max at ipacuc.cuc.unipa.it *ch: staff at nis.garr.it 930308 *so: RIPE *de: Italy deleted *pn: Maria Tortorici *ad: Centro Universitario di Calcolo (CUC) *ad: Viale delle Scienze *ad: I-90128 Palermo *ph: +39 91 6571984 *fx: +39 91 485872 *em: tortox at ipacuc.cuc.unipa.it *ch: staff at nis.garr.it 930308 *so: RIPE *de: Italy deleted *dn: nl *de: Top level domain for the Netherlands *de: c/o CWI, Kruislaan 413, NL 1098 SJ Amsterdam *ac: P.C. Baayen *tc: Piet Beertema *zc: Daniel Karrenberg *ns: sering.cwi.nl mcsun.eu.net sunic.sunet.se *ns: brouilly.inria.fr ns.uu.net aos.brl.mil *sd: 400net *sd: aasup abd ace agro agrobtc aha ahold aie akam alliant amolf and *sd: antenna archis artmediatech ascad ashton-tate asml asser atcmp *sd: audacter azn azr *sd: baan baltzer bazis bimbv bmc borsu brinkman bso bssi bull *sd: can cbm cbs cbsc ccsom chess chw cipher comcons compunication comtecno *sd: consul convex cpb cpu cri ctg cti-software cwi *sd: dasc dataman dcmr delftgeot delgeo dg digicash digitalis diho dobdh *sd: dupaco *sd: ecn eim elsevier encore esa eur *sd: fokker fom force5 fourc fousupp foxim frame franciscus *sd: gbsp gbu getronics geveke ghbo gig gli gobe group gti-ia *sd: hacktic harris hbg hbo-raad hcsvt hen hes-rdam hhg hhs hivnet *sd: hkl hku hmb hny hobby hro hsa hsbos hsdehorst hse hut hwb hzeeland *sd: iaf iahl iamcr ibmx400 ice icgned icim icin icl icodo ict idg ifla *sd: ihe impact inducom ingres integrity ioo irdeto isc island ita itc *sd: ittpub ixonet *sd: jason jrc *sd: kap kema khzeist kim kitlv knaw-bibl kncv knmi koha konbib ksepl *sd: ksla ktibv kub kun kvi *sd: leidenuniv li logos *sd: marin meteocon mey mh minow mmph motorola mpi *sd: nacee nbd nblc nboi ncs neabbs neddata nedlloyd neogeo nfra nhl nhtv *sd: nias nidi nih nijenrode nikhef nimex niob nioz nki nlbb nlbc nlr nluug *sd: nmi nota nrv ns nuclint nucphys nwo *sd: oba obdov obr obtilburg oce oceonics olivetti open-i oracle origin ouh *sd: pact parcom pbf pecoma pggm philips pica positronika prismia propell *sd: prvnh psyline ptt pttnwb pttrnl *sd: q8 *sd: rabo radix raet rare rcc-ivev rdm repko rgd rhg rhij rigo rijnh riks *sd: rivm rodelco rtm rug rulimburg ruu rvb rws *sd: sagan sara scp serc sgi sierra signaal skferc source spc spex stam stc *sd: stegge stork stw suaa sun surfbureau surfdiensten surfnet suub svo swets *sd: swidoc swov syllogic *sd: tasking technolution term1 thijssen thu-k tmu tno tpsc transfer *sd: translogic trc trendbox tudelft tue txbase *sd: uniface unisys univforhuman usn utwente uva *sd: valkieser vdl vdvalk vimec vmx vsnu vu *sd: wau west wkap wldelft wlink wmt wsf *sd: xelion xirion *sd: y-net yaupon *rm: fully-managed *ch: piet at cwi.nl 930303 *so: RIPE *em: hostmaster at cwi.nl deleted *in: 146.48.0.0 *na: CNR-FRASCATI *cy: IT *ac: Antonio_Blasco Bonito *tc: Pierluigi Zangari *co: CNR GARR RIPE EASI NSF *as: 137 *gw: cern *rz: 146.48.1.2 titan.ias.fra.cnr.it *rz: 192.12.192.4 nameserver.cnr.it *rm: Network of the CNR institutes in Frascati (Roma) *rm: Multiple-lan *rm: This net belongs to the nation-wide CNRnet, coordinated *rm: thru the cnr-core working group. CNRnet is member of GARR. *ch: ip-reg at nis.garr.it 920927 *ch: ripe-dbm at ripe.net 920927 *so: RIPE *zc: Pierluigi Zangari deleted From Tony.Bates at ripe.net Thu Mar 11 15:39:18 1993 From: Tony.Bates at ripe.net (Tony Bates) Date: Thu, 11 Mar 93 15:39:18 +0100 Subject: ripe-81 work Message-ID: <9303111439.AA15756@ncc.ripe.net> As part of the work we are doing with the ripe-81 database format and tools we have been looking at various aspects of the RIPE database as it stands as compared to what we see within the "real world" (in this case we use the BGP routing table of Amsterdam-EBS1.ebone.net) in terms of autonoumous system numbers. We have a program that generates lists of networks assigned to an AS currently in the database and also one that will "on the fly" do the same thing for a cisco BGP routing table. We have found some interesting results and some we wish to share with you at this stage to maybe get some of this corrected. We compared the BGP derived information with what is in the database. Obviously, a lot of non-Europe routes are not in the database so these are not flagged. The main things of interest are the following. 1) networks in the database flagged as LOCAL and being routing. Can the providers look at these please. Often, people forget to update there entry when they start routing them. 2) networks having an existing AS-number in database but reflected differently in the routing tables (the can sometimes be a config error, even typos in databse ny the looks of it). 3) networks being routed but not yet allocated (here we only look at 193 networks). Please check if you forgot to send in an update/assignment. 4) networks in BGP routing tables with more than more originating AS. These need to be look at and configured accordingly. See Section 5 on Autonomous systems in ripe-81 for reasoning as to why these should only originate in one AS. We intend soon to generate this information daily on our ftp archive for both the database information and router derived information. We will have a more extensive progress report fairly soon as the various other aspects of the ripe-81 work including a "call for policy" information. However, work is progressing extremely well. Sorry if the distribution is quite large but I feel there is information that has relevence to all these groups in the mail. --Tony Bates, RIPE NCC 1) networks in the database flagged as LOCAL and being routing 141.22.0.0 is flagged LOCAL (database) and announced by AS1275 (BGP) 141.56.0.0 is flagged LOCAL (database) and announced by AS517 (BGP) 145.41.0.0 is flagged LOCAL (database) and announced by AS1103 (BGP) 146.105.0.0 is flagged LOCAL (database) and announced by AS1849 (BGP) 164.15.0.0 is flagged LOCAL (database) and announced by AS2111 (BGP) 192.12.54.0 is flagged LOCAL (database) and announced by AS1103 (BGP) 192.16.183.0 is flagged LOCAL (database) and announced by AS1104 (BGP) 192.16.183.0 is flagged LOCAL (database) and announced by AS1890 (BGP) 192.26.121.0 is flagged LOCAL (database) and announced by AS790 (BGP) 192.36.33.0 is flagged LOCAL (database) and announced by AS1653 (BGP) 192.36.34.0 is flagged LOCAL (database) and announced by AS1653 (BGP) 192.36.149.0 is flagged LOCAL (database) and announced by AS1257 (BGP) 192.70.55.0 is flagged LOCAL (database) and announced by AS701 (BGP) 192.70.56.0 is flagged LOCAL (database) and announced by AS701 (BGP) 192.71.15.0 is flagged LOCAL (database) and announced by AS1257 (BGP) 192.71.28.0 is flagged LOCAL (database) and announced by AS1729 (BGP) 192.71.39.0 is flagged LOCAL (database) and announced by AS1257 (BGP) 192.71.85.0 is flagged LOCAL (database) and announced by AS1729 (BGP) 192.71.168.0 is flagged LOCAL (database) and announced by AS1257 (BGP) 192.71.194.0 is flagged LOCAL (database) and announced by AS1257 (BGP) 192.76.147.0 is flagged LOCAL (database) and announced by AS1270 (BGP) 192.83.13.0 is flagged LOCAL (database) and announced by AS544 (BGP) 192.84.13.0 is flagged LOCAL (database) and announced by AS1930 (BGP) 192.84.15.0 is flagged LOCAL (database) and announced by AS1930 (BGP) 192.102.158.0 is flagged LOCAL (database) and announced by AS517 (BGP) 192.108.72.0 is flagged LOCAL (database) and announced by AS786 (BGP) 192.121.25.0 is flagged LOCAL (database) and announced by AS1257 (BGP) 192.121.70.0 is flagged LOCAL (database) and announced by AS1257 (BGP) 192.121.163.0 is flagged LOCAL (database) and announced by AS1257 (BGP) 192.124.249.0 is flagged LOCAL (database) and announced by AS1275 (BGP) 192.129.8.0 is flagged LOCAL (database) and announced by AS786 (BGP) 192.133.1.0 is flagged LOCAL (database) and announced by AS760 (BGP) 192.138.204.0 is flagged LOCAL (database) and announced by AS1930 (BGP) 192.165.173.0 is flagged LOCAL (database) and announced by AS1257 (BGP) 192.165.191.0 is flagged LOCAL (database) and announced by AS1257 (BGP) 192.173.65.0 is flagged LOCAL (database) and announced by AS760 (BGP) 193.59.1.0 is flagged LOCAL (database) and announced by AS1887 (BGP) 193.59.8.0 is flagged LOCAL (database) and announced by AS1887 (BGP) 193.59.9.0 is flagged LOCAL (database) and announced by AS1887 (BGP) 193.59.10.0 is flagged LOCAL (database) and announced by AS1887 (BGP) 193.59.11.0 is flagged LOCAL (database) and announced by AS1887 (BGP) 193.63.65.0 is flagged LOCAL (database) and announced by AS786 (BGP) 193.84.60.0 is flagged LOCAL (database) and announced by AS1902 (BGP) 193.84.61.0 is flagged LOCAL (database) and announced by AS1902 (BGP) 193.87.96.0 is flagged LOCAL (database) and announced by AS1922 (BGP) 193.96.9.0 is flagged LOCAL (database) and announced by AS1270 (BGP) 193.96.10.0 is flagged LOCAL (database) and announced by AS1270 (BGP) 193.96.11.0 is flagged LOCAL (database) and announced by AS1270 (BGP) 193.98.97.0 is flagged LOCAL (database) and announced by AS1270 (BGP) 193.166.24.0 is flagged LOCAL (database) and announced by AS1739 (BGP) 193.166.25.0 is flagged LOCAL (database) and announced by AS1739 (BGP) 193.166.31.0 is flagged LOCAL (database) and announced by AS1741 (BGP) 2) networks having an existing AS-number in database but reflected differently in the routing tables (the can sometimes be a config error). 128.86.0.0 in AS786 (database) and AS1755 (BGP) 128.130.0.0 in AS697 (database) and AS679 (BGP) 131.130.0.0 in AS590 (database) and AS760 (BGP) 131.173.0.0 in AS590 (database) and AS1754 (BGP) 132.146.0.0 in AS1752 (database) and AS1290 (BGP) 132.165.0.0 in AS590 (database) and AS777 (BGP) 132.166.0.0 in AS590 (database) and AS777 (BGP) 132.167.0.0 in AS590 (database) and AS777 (BGP) 132.168.0.0 in AS590 (database) and AS777 (BGP) 132.230.0.0 in AS553 (database) and AS1754 (BGP) 134.47.0.0 in AS1770 (database) and AS224 (BGP) 134.214.0.0 in AS590 (database) and AS789 (BGP) 138.70.0.0 in AS137 (database) and AS1717 (BGP) 139.92.0.0 in AS590 (database) and AS1754 (BGP) 139.128.0.0 in AS137 (database) and AS1717 (BGP) 139.191.0.0 in AS1267 (database) and AS1717 (BGP) 139.191.0.0 in AS1267 (database) and AS559 (BGP) 140.77.0.0 in AS590 (database) and AS789 (BGP) 141.28.0.0 in AS174 (database) and AS517 (BGP) 141.43.0.0 in AS1324 (database) and AS517 (BGP) 141.47.0.0 in AS174 (database) and AS517 (BGP) 141.54.0.0 in AS1324 (database) and AS517 (BGP) 141.137.0.0 in AS137 (database) and AS1717 (BGP) 143.169.0.0 in AS590 (database) and AS1717 (BGP) 143.205.0.0 in AS760 (database) and AS1111 (BGP) 143.224.0.0 in AS760 (database) and AS2036 (BGP) 146.110.0.0 in AS760 (database) and AS2012 (BGP) 147.196.0.0 in AS1899 (database) and AS1717 (BGP) 151.89.0.0 in AS1267 (database) and AS1717 (BGP) 151.90.0.0 in AS1267 (database) and AS1717 (BGP) 153.96.0.0 in AS1324 (database) and AS517 (BGP) 153.97.0.0 in AS1324 (database) and AS517 (BGP) 156.18.0.0 in AS590 (database) and AS789 (BGP) 157.24.0.0 in AS1714 (database) and AS1741 (BGP) 158.152.0.0 in AS1849 (database) and AS1290 (BGP) 159.84.0.0 in AS1717 (database) and AS789 (BGP) 160.103.0.0 in AS1717 (database) and AS789 (BGP) 161.3.0.0 in AS590 (database) and AS789 (BGP) 161.41.0.0 in AS1923 (database) and AS719 (BGP) 192.12.193.0 in AS137 (database) and AS513 (BGP) 192.35.150.0 in AS1274 (database) and AS1275 (BGP) 192.41.218.0 in AS137 (database) and AS1717 (BGP) 192.42.143.0 in AS174 (database) and AS1754 (BGP) 192.44.2.0 in AS174 (database) and AS517 (BGP) 192.44.11.0 in AS174 (database) and AS517 (BGP) 192.44.15.0 in AS174 (database) and AS517 (BGP) 192.44.32.0 in AS174 (database) and AS517 (BGP) 192.44.33.0 in AS174 (database) and AS517 (BGP) 192.44.34.0 in AS174 (database) and AS517 (BGP) 192.44.35.0 in AS1324 (database) and AS517 (BGP) 192.54.104.0 in AS174 (database) and AS517 (BGP) 192.54.197.0 in AS590 (database) and AS789 (BGP) 192.55.105.0 in AS2004 (database) and AS1890 (BGP) 192.58.53.0 in AS1741 (database) and AS544 (BGP) 192.65.184.0 in AS513 (database) and AS1755 (BGP) 192.65.185.0 in AS513 (database) and AS1755 (BGP) 192.70.69.0 in AS789 (database) and AS513 (BGP) 192.70.89.0 in AS1899 (database) and AS1717 (BGP) 192.70.90.0 in AS1899 (database) and AS1717 (BGP) 192.76.246.0 in AS1274 (database) and AS1755 (BGP) 192.82.157.0 in AS760 (database) and AS1112 (BGP) 192.92.104.0 in AS137 (database) and AS1717 (BGP) 192.92.105.0 in AS137 (database) and AS1717 (BGP) 192.92.106.0 in AS137 (database) and AS1717 (BGP) 192.93.155.0 in AS590 (database) and AS789 (BGP) 192.101.28.0 in AS174 (database) and AS517 (BGP) 192.102.147.0 in AS1324 (database) and AS517 (BGP) 192.102.176.0 in AS1324 (database) and AS517 (BGP) 192.106.1.0 in AS1267 (database) and AS1717 (BGP) 192.106.207.0 in AS1267 (database) and AS1717 (BGP) 192.106.217.0 in AS1267 (database) and AS1717 (BGP) 192.106.222.0 in AS1267 (database) and AS1717 (BGP) 192.106.223.0 in AS1267 (database) and AS1717 (BGP) 192.106.228.0 in AS1267 (database) and AS1717 (BGP) 192.106.229.0 in AS1267 (database) and AS1717 (BGP) 192.106.235.0 in AS1267 (database) and AS1717 (BGP) 192.106.239.0 in AS1267 (database) and AS1717 (BGP) 192.106.240.0 in AS1267 (database) and AS1717 (BGP) 192.106.244.0 in AS1267 (database) and AS1717 (BGP) 192.106.249.0 in AS1267 (database) and AS1717 (BGP) 192.106.250.0 in AS1267 (database) and AS1717 (BGP) 192.134.29.0 in AS590 (database) and AS789 (BGP) 192.134.91.0 in AS1899 (database) and AS1717 (BGP) 192.153.173.0 in AS1853 (database) and AS1755 (BGP) 193.1.192.0 in AS2110 (database) and AS1213 (BGP) 193.1.193.0 in AS2110 (database) and AS1213 (BGP) 193.48.8.0 in AS590 (database) and AS777 (BGP) 193.48.137.0 in AS1717 (database) and AS789 (BGP) 193.48.140.0 in AS1717 (database) and AS789 (BGP) 193.48.145.0 in AS1717 (database) and AS789 (BGP) 3) networks being routing but not yet allocated (here we only look at 193 networks). 193.0.0.0 not in database 193.0.1.0 not in database 193.0.2.0 not in database 193.0.4.0 not in database 193.0.5.0 not in database 193.59.44.0 not in database 193.59.45.0 not in database 193.59.46.0 not in database 193.59.47.0 not in database 193.61.100.0 not in database 193.61.101.0 not in database 193.64.34.0 not in database 193.68.160.0 not in database 193.74.254.0 not in database 193.84.50.0 not in database 193.84.51.0 not in database 193.112.27.0 not in database 193.120.248.0 not in database 193.128.85.0 not in database 193.166.40.0 not in database 193.166.64.0 not in database 193.166.66.0 not in database 193.196.9.0 not in database 4) networks in BGP routing tables with more than more originating AS. *** conflict 129.247.0.0 in AS1270 *** conflict 129.247.0.0 in AS1275 *** conflict 134.93.0.0 in AS1270 *** conflict 134.93.0.0 in AS1754 *** conflict 134.104.0.0 in AS1270 *** conflict 134.104.0.0 in AS1754 *** conflict 134.106.0.0 in AS1270 *** conflict 134.106.0.0 in AS1754 *** conflict 134.107.0.0 in AS1270 *** conflict 134.107.0.0 in AS1754 *** conflict 134.222.0.0 in AS286 *** conflict 134.222.0.0 in AS701 *** conflict 138.199.0.0 in AS1104 *** conflict 138.199.0.0 in AS1270 *** conflict 139.191.0.0 in AS1717 *** conflict 139.191.0.0 in AS559 *** conflict 141.2.0.0 in AS1275 *** conflict 141.2.0.0 in AS1754 *** conflict 147.196.0.0 in AS1717 *** conflict 147.196.0.0 in AS1899 *** conflict 148.6.0.0 in AS1955 *** conflict 148.6.0.0 in AS513 *** conflict 158.152.0.0 in AS1290 *** conflict 158.152.0.0 in AS1849 *** conflict 159.72.0.0 in AS1257 *** conflict 159.72.0.0 in AS1729 *** conflict 192.16.183.0 in AS1104 *** conflict 192.16.183.0 in AS1890 *** conflict 192.16.188.0 in AS1103 *** conflict 192.16.188.0 in AS1755 *** conflict 192.16.189.0 in AS1103 *** conflict 192.16.189.0 in AS1104 *** conflict 192.16.192.0 in AS1104 *** conflict 192.16.192.0 in AS786 *** conflict 192.42.129.0 in AS1103 *** conflict 192.42.129.0 in AS1104 *** conflict 192.70.89.0 in AS1717 *** conflict 192.70.89.0 in AS1899 *** conflict 192.70.90.0 in AS1717 *** conflict 192.70.90.0 in AS1899 *** conflict 192.87.4.0 in AS1104 *** conflict 192.87.4.0 in AS1755 *** conflict 192.124.28.0 in AS1275 *** conflict 192.124.28.0 in AS1754 *** conflict 192.134.91.0 in AS1717 *** conflict 192.134.91.0 in AS1899 From boss at sunet.se Thu Mar 11 20:19:19 1993 From: boss at sunet.se (Bernhard Stockman) Date: Thu, 11 Mar 93 20:19:19 +0100 Subject: ripe-81 work In-Reply-To: Your message of Thu, 11 Mar 93 15:39:18 +0100. <9303111439.AA15756@ncc.ripe.net> Message-ID: <199303111919.AA12276@sunic.sunet.se> Is there a table translating from AS number to AS name somewhere? Bernhard. From Daniel.Karrenberg at ripe.net Fri Mar 12 18:01:39 1993 From: Daniel.Karrenberg at ripe.net (Daniel Karrenberg) Date: Fri, 12 Mar 93 18:01:39 +0100 Subject: Autonomous Systems Available via RIPE WHOIS Message-ID: <9303121701.AA19415@ncc.ripe.net> Autonomous System (AS) information is now available from the RIPE whois server. The server will accept queries for AS. Very basic information about most existing ASes from the NIC and other sources has been entered with a source attribute of INTERNIC and will only be found if the -a flag is passed to the whois server. This information is also available as file from ftp.ripe.net in file ripe/dbase/asn.db.Z. In order to get things going some instances of the new RIPE AS object have also been entered already. For example whois as786 will produce aut-num: AS786 descr: The JANET IP Service descr: UK as-in: AS60 50 AS60 as-in: AS766 100 AS766 as-in: AS1263 45 DEFAULT as-in: AS1275 100 AS1275 as-in: AS1290 50 AS1290 as-in: AS1755 102 RIPE-DB AND NOT (LOCAL AS786) as-in: AS1849 50 AS1849 as-in: AS1930 100 AS1930 as-in: AS2107 100 AS2107 as-in: AS2111 100 AS2111 as-out: AS60 AS786 AS766 as-out: AS766 AS786 AS1755 as-out: AS1263 AS786 AS766 AS1930 AS2107 AS2111 as-out: AS1275 AS786 AS1755 as-out: AS1290 AS786 as-out: AS1755 AS786 AS766 AS1275 AS1930 AS2107 AS2111 as-out: AS1849 AS786 AS1755 as-out: AS1930 AS786 AS1755 as-out: AS2107 AS786 AS1755 as-out: AS2111 AS786 AS1755 default: AS1263 1 guardian: jips-nosc at noc.ulcc.ac.uk admin-c: Duncan Rogerson admin-c: Kevin Hoadley tech-c: Duncan Rogerson tech-c: Kevin Hoadley remarks: AS2111 link is not yet active, coming soon. changed: D.Rogerson at nosc.ja.net 930226 source: RIPE A description of the AS object can be found in appendix A of document ripe-81. We also accept updates and additions of AS objects in the RIPE database at . We urge everyone to send in AS objects a.s.a.p.. They do not necessarily need to include the routing policy information (as-in, as-out, default and guardian). If you want to jump in at the deep end you could read ripe-81 and generate the routing policy as well. We will be happy to help you with this. However don't put off sending in the basic information because of this. There is a real benefit in this being available too. Further plans: The NCC will generate AS objects for all ASes being used in the European Internet and not present in the database during the next week and send them to the suspected contact persons for validation. Shortly after these are installed, a new update procedure for the aut-sys tag of network objects will be anabled. This procedure is described in ripe-81. Basically it means that aut-sys tags will be generated from information supplied by the AS guardians. Initially the NCC will be guardian for all ASes which do not have a guardian yet and process change requests manually. Please do not hesitate to contact us if you have any questions about this. The NCC Staff PS: A new ripe document containing all database templates and update procedures is being prepared and will be released shortly. From Marten.Terpstra at ripe.net Fri Mar 12 19:42:41 1993 From: Marten.Terpstra at ripe.net (Marten Terpstra) Date: Fri, 12 Mar 93 19:42:41 +0100 Subject: Autonomous Systems Available via RIPE WHOIS In-Reply-To: Your message of Fri, 12 Mar 93 18:01:39 +0100. <9303121701.AA19415@ncc.ripe.net> Message-ID: <9303121842.AA19728@ncc.ripe.net> Daniel Karrenberg writes: * * Autonomous System (AS) information is now available from the RIPE whois * server. The server will accept queries for AS. Very basic * information about most existing ASes from the NIC and other sources has * been entered with a source attribute of INTERNIC and will only be found if * the -a flag is passed to the whois server. This information is also * available as file from ftp.ripe.net in file ripe/dbase/asn.db.Z. Folks, from the whois log I saw that a lot of people queried the whois daemon for AS numbers that gave no results. For clarity, AS objects that are not in the ripe-81 format (meaning the ones that are generated from asn.txt) should be asked for with the "-a" flag to indicate you want to search all databases. This because they are entered in the database with source "INTERNIC" and not "RIPE". Leaving out the "-a" flag would only give results if the AS objects are in the database that were send in as a normal update and NOT generated from asn.txt. So for people with the "RIPE" whois client: % whois -a as200 aut-num: AS200 descr: BARRNET-AS admin-c: VAF remarks: generated from updated asn.txt source: INTERNIC person: Vince Fuller phone: +1 415 723 6860 e-mail: VAF at STANFORD.EDU nic-hdl: VAF changed: networks.txt/network-contacts.txt 930218/930219 source: NIC People with a standard whois client: % whois -h whois.ripe.net "-a as200" [would produce the same output] -Marten From Marten.Terpstra at ripe.net Tue Mar 16 12:45:46 1993 From: Marten.Terpstra at ripe.net (Marten Terpstra) Date: Tue, 16 Mar 93 12:45:46 +0100 Subject: 193.in-addr.arpa block delegation procedures (draft) Message-ID: <9303161145.AA25881@ncc.ripe.net> Folks, It seems that the delegation of the 193.in-addr.arpa domain will take place during the root zone update of today. In order to be able to delegate class C blocks in this zone, we have drafted some procedures for this. Please read the paper below and comment within one week. We will finalize this paper next week, and then start delegating blocks of Cs in the domain. Cheers, -Marten Guidelines for the delegation of class C blocks in the 193.in-addr.arpa domain Marten Terpstra March 1993 1.0 Introduction This document describes the procedures for the delegation of authority of zones in the 193.in-addr.arpa domain. As of March 16th 1993 the RIPE NCC has been delegated the authority for the 193.in-addr.arpa domain from the root. Due to the fact that in the 193.x.y address space blocks of 256 class C network numbers are further delegated to local registries and national registries, the possibility exists to also delegate the zone for these blocks in the 193.in-addr.arpa domain. This document describes some guidelines and procedures for this type of delegation. A bit more explained With the assignment of class C network numbers following the CIDR (RFC 1338) model, in which large chunks of the address space are delegated to one region, and within that region blocks of class C network numbers are delegated to service providers and national registries, some hierarchy in the address space is created, similar to the hierarchy in the domain name space. Due to this hierarchy the reverse Domain Name System mapping can also be delegated in a similar model as used for the normal Domain Name System. For instance, the RIPE NCC has been delegated the complete class C address space starting with 193. It is therefore possible to delegate the 193.in-addr.arpa domain completely to the RIPE NCC, in stead of each and every reverse mapping in the 193.in-addr.arpa domain to be registered with the INTERNIC. This implies that all 193.in-addr.arpa resistrations will be done by the RIPE NCC. Even better, since service providers receive complete class C network blocks from the RIPE NCC, the RIPE NCC can delegate the reverse registrations for such complete blocks to these local registries. This implies that customers of these service providers no longer have to register their reverse domain mapping with the root, but the service provider have authority over that part of the reverse mapping. This decreases the workload on the INTERNIC and the RIPE NCC, and at the same time increase the service a provider can offer its customers and response times for such additions. However there are some things that need to be examined a bit more closely to avoid confusion and inconsistencies. These issues are covered in the next section. Procedures 1. A secondary nameserver at ns.ripe.net is mandatory for all blocks of class C network numbers delegated in the 193.in-addr.arpa domain. 2. Because of the increasing importance of correct reverse address mapping, for all delegated blocks a good set of secondaries must be defined. There should be at least 2 nameservers for all blocks delegated, excluding the RIPE NCC secondary. 3. All reverse servers for blocks must be reachable from the whole of the Internet. In short, all servers must meet similar connectivity requirements as top-level domain servers. 4. Running the reverse server for class C blocks does not imply that one controls that part of the reverse domain, it only implies that one administers that part of the reverse domain. 5. Before adding individual nets, the administrator of a reverse domain must check wether all servers to be added for these nets are indeed setup properly. 6. There are some serious implications when a customer of a service provider that uses address space out of the service provider class C blocks, moves to another service provider. The service provider cannot force its ex-customer to change network addresses, and will have to continue to provide the appropriate delegation records for reverse mapping of these addresses, even though it is no longer a customer of his. Above procedures are defined to ensure the necessary high availability for the 193 reverse domains, and to minimize confusion. The NCC will ensure fast repsonse times for addition requests, and will in principle update the 193.in-addr.arpa domain at least once per working day. The NCC also suggests that similar procedures are set up for the delegation of reverse zones from the registries to individual organisations. From Havard.Eidnes at runit.sintef.no Tue Mar 16 15:58:01 1993 From: Havard.Eidnes at runit.sintef.no (Havard Eidnes) Date: Tue, 16 Mar 1993 15:58:01 +0100 Subject: 193.in-addr.arpa block delegation procedures (draft) In-Reply-To: Your message of "Tue, 16 Mar 1993 12:45:46 +0100." <9303161145.AA25881@ncc.ripe.net> Message-ID: <9303161458.AA28212@spurv> > It seems that the delegation of the 193.in-addr.arpa domain will take place > during the root zone update of today. In order to be able to delegate class C > blocks in this zone, we have drafted some procedures for this. Good! > Please read the paper below and comment within one week. We will finalize > this paper next week, and then start delegating blocks of Cs in the domain. The paper looks just fine. My only comment is that perhaps there are a few things left unsaid? Anyway, I am left with the following questions: - how do one request delegation of a subdomain of 193.in-addr.arpa. Contact hostmaster at ripe.net with a free-form text message, or should we bother to create a form? - How will the domain administrators for the subdomains of 193.in-addr.arpa be made aware of a desire to have delegation installed for a subdomain? There was some talk about doing this semi-automatically with the nic when a RIPE network registration form was sent in to ripe-dbm at ripe.net or assign at ripe.net, could this be used here (in addition to other means)? Regards, - H}vard From Daniel.Karrenberg at ripe.net Tue Mar 16 18:51:15 1993 From: Daniel.Karrenberg at ripe.net (Daniel Karrenberg) Date: Tue, 16 Mar 93 18:51:15 +0100 Subject: NCC Funding - Second Round Message-ID: <9303161751.AA26839@ncc.ripe.net> Folks, below is the next round on the NCC funding model. You will note that a) all suggestions we received have been incorporated b) "Some General Observations" have turned into a concrete model with few open points c) there is a plan of action on how to implement the plan d) Some more explanatory have been added and the scope clarified What we are primarily interested in in this round are reactions from service providers. Please tell us even if you think it is all fine. We need some feedback. Please look at the action plan in the back. Of course general comments from everyone are welcome as always. Daniel RIPE NCC Funding Rob Blokzijl Daniel Karrenberg Version 0.7 (DRAFT) DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT 1. Introduction RIPE (Reseaux IP Europeens) is a collaborative organisation open to all European Internet service providers. The objective of RIPE is to ensure the necessary administrative and technical coordination to allow the operation of a pan- European IP network. RIPE does not operate a network of its own. The RIPE Network Coordination Centre supports all those RIPE activities which cannot be effectively performed by volunteers from the participating organisations. The RIPE NCC currently has 3 permanent staff members and started operation in the second quarter of 1992. The RARE association provides the formal framework for the NCC. Funding for the first year of operation of the NCC has been provided by EARN, the full national members of RARE, Israel and EUnet. These organisations have agreed to guarantee funding of NCC operation during the remaining three quarters of 1993. At the same time they have expressed that -while they guarantee continued funding- it is imperative that the remaining European Internet service providers start contributing to NCC funding as soon as possible. Because of this RIPE seeks to establish agreement about a funding model among European Internet service providers and other organisations interested in contributing. March 16, 1993 - 2 - 2. Scope In this paper, an attempt is made to analyse the problem by categorising the services and user communities of the NCC, discuss some of the possible options, and to arrive at an agreed framework for RIPE NCC funding. Funding of local registries in general and local "non- provider" registries in particular is outside the scope of this paper. Also the actual level of charges is to be agreed at a later stage once there is consensus about the model outlined in this paper. 2.1. Categories of NCC Services When approaching the problem from the NCC user angle one can identify several classes of users according to the different services the NCC offers. Therefore we present the main services presently provided by the NCC first. For details about these services, please see the RIPE NCC Quarterly reports. 2.2. Information Service - RIPE Document Store The biggest and most diverse group of NCC users are those making use of the NCC information services. The information services consist of various ways to retrieve information from what is called the "RIPE Document Store". Despite the name this carries not only documents but also software tools related to network management. The scope is wider than just RIPE but restricted to information relevant to Internet and RIPE activities. For instance the document store contains mirror images of the RARE, EBONE and IETF document stores including all RFC and all Internet draft documents. In the Internet tradition the document store is available to all sites on the Internet and additionally accessible from the public X.25 networks as well as Europanet(IXI). Users do not need to register before using this information service. Logs are kept about usage and summaries are published in the RIPE NCC Quarterly Reports. The user community of this service is the whole worldwide Internet. 2.3. RIPE Network Management Database The RIPE network management database holds information about European IP networks (network in the sense of IP network numbers), DNS Domains, Autonomous Systems and contact persons for these. Further it contains routing policy information. Users do not need to register before querying March 16, 1993 - 3 - the RIPE database. Logs are kept about usage and summaries are published in the RIPE NCC Quarterly Reports. The database is available to the whole worldwide Internet community. The community represented in the database itself is limited to European organisations. 2.4. European Regional Internet Registry The RIPE NCC functions as the European regional registry for Internet numbers. The most important such numbers are the IP network numbers, which constitute the IP address space. The NCC provides a mechanism which enables European organisations to obtain the address space they need in an efficient manner without the need to refer to the global registry in the US. At the same time the NCC ensures that usage of the address space is fair and address space is not wasted. The user community for the regional registry functions is all European organisations using TCP/IP protocols and desiring unique addresses. Note that this is larger than the community connected to what we call the European part of the Internet. In principle the NCC achieves the above by working through local registries. These are IP service providers assigning address space to their customers. Those who are not customers of an IP service provider (yet) ar served by local "non-provider" registries. Looking at it in this hierarchical fashion the direct user community are the European IP service providers and the "non-provider" registries which handle the vast majority of the registry actions locally without involvement of the NCC. Wherever a local registry has not been established the NCC assigns address space directly. The NCC also handles all requests for larger amounts of address space directly, especially those for class B numbers. 2.5. RIPE Support The RIPE NCC supports RIPE activities in general. This includes providing mailing list service as well as some secretarial service to RIPE and the RIPE working groups, preparation and logistics for three RIPE meetings a year in varying locations for an increasing amount of attendees. The last meeting was attended by approximately 90 people. The NCC also participates in global activities such as the IETF on behalf RIPE. The direct user community of these services are the organisations participating in RIPE. The indirect user March 16, 1993 - 4 - community are all organisations connected to the European part of the Internet because RIPE is the organisation coordinating the European Internet. 2.6. General Coordination The NCC also performs a host of small and/or incidental coordination functions related to the European part of the Internet which are not easy to categorise. This is normal for a focal point of distributed activities like the RIPE NCC. 3. Categories of RIPE NCC Users Based on the different services offered one can distinguish different categories of NCC users. We will do this in a hierarchical fashion by defining a number of user categories which are progressively smaller subsets of each other. 3.1. The Internet at Large The most general category is users of the Internet worldwide. The information and database querying services of the NCC are open to the whole global Internet community. Charging for these services is next to impossible in the current Internet framework because users do not need to register before using these services. The sheer number of users makes traditional billing methods unworkable as well. Even if it was practicable to bill for these services it would probably be counterproductive because their usage helps keeping the Internet coordinated and keeps quite a bit of load off the NCC itself as well as the help desks of the service providers. 3.2. European Internet Users The next category is all organisations connected to (some parts of) the European Internet. This obviously is a subset of the global Internet users. In addition to the services used by the previous category these organisations depend more on the RIPE database registration service because of the role the database plays in distributing routing policy information. Because these organisations are connected they are also more likely to benefit from the general coordination activities March 16, 1993 - 5 - of the RIPE NCC. Charging these users could be done in form of a periodical database registration charge. However this could work out counterproductive to the goal of manageability of the European Internet if organisations or service providers find ways of achieving the desired connectivity without registering. Also the measurement of use and the charging model will be hard to agree. The number of entities to bill is still large. An alternative that has been discussed in the past is to charge based on the address space assigned to an organisation. Once could charge either per assignment or one could "rent out" address space. The latter would provide an incentive to use address space prudently. The limits of practicability here are the number of organisations, the legal implications, especially with holders of already assigned address space. Another prerequisite is global agreement on the charges to prevent "grey imports". Our conclusion is that this is impractical for the time being but could be valuable in the future, especially as a tool to rationalise address space usage. It remains doubtful however whether it will ever become practicable and economical to do. 3.3. European Internet Service Providers Each organisation in the previous category either is connected through a service provider or is itself such a service provider. The service providers make use of all NCC services the previous category uses. However they do so much more directly than their customers. The service providers interact directly with the NCC for the registry function, as members of RIPE and when using the RIPE database for trouble shooting and routing. For many interactions with the NCC the service providers act on behalf of their customers. Charging the service providers could be achieved in the same way as above through a database registration charge and/or a registration charge with the same drawbacks. An alternative charging model which becomes viable when charging via the providers is to charge a fixed annual fee depending on the rough size of the provider. This way a reasonably fair distribution of the costs can be achieved without spending a lot of resources defining and collecting the usage data used for charging. The big benefit of funding via the service providers in general is that the number of entities to bill is relatively small and -even more importantly- there is a chance to come March 16, 1993 - 6 - to a consensus about the charging model. This way the wider European user community will be funding the NCC services from which they benefit via the providers. So the users having a direct benefit pay, albeit indirectly. 3.4. Individual TCP/IP Users A category outside of the previous hierarchy are all organisations using TCP/IP in Europe who are not customers of a service provider. Typically these are organisations operating local area networks, but some are operating substantial networks inside their organisation. This community uses the regional Internet registry and database registration services in order to obtain unique addresses in case they want to connect to the Internet at large or to other organisations later on. The only basis for billing which is obvious for this group is the registry service. 4. Proposed Model for 1993/1994 Looking at the services and the user communities the most practical general model is funding via the service providers. Looking at the problems described above it is clear that it will be next to impossible to agree quickly -if at all- on the metrics for charging. Therefore we propose to establish three categories of service providers with associated charges in ECU. The charging levels below are indicative and are expected to change during the ongoing discussions. Category Annual Charge (1994) Charge Q2-4 1993 Large 10000 7500 Medium 6000 4500 Small 3000 2250 The service providers may select their category themselves. Some international organisations may find it appropriate to make commitments above the level of "Large" and indeed this has happened already. Also interested organisations who are not service providers have indicated their willingness to contribute and the level of their contributions will be independent from the categories for service providers. The level of all contributions will be published. We expect March 16, 1993 - 7 - this model to work and the result be accepted as being as fair as possible with a minimum of overhead. During preliminary discussions at the 14th RIPE meeting there was a rough consensus on this and further discussion was agreed since some of the service providers were not present. 4.1. Possible problems with the charging model One problem is to convince all service providers to contribute to NCC funding. Given the spirit of RIPE cooperation and the obvious benefit service providers derive from NCC services and the relatively low charges, we expect this to be achievable. The only group that would not be charged this way but directly benefiting from NCC services is the individual TCP/IP users. There are two possibilities to deal with this. Either there is consensus among the service providers that a large part of these are future customers and thus "covered" or a separate charging model needs to be developed for registration services for this group. As described above charging for registration based on either a per assignment charge or "rental" address space is not really practicable at this point. Appendix A contains some material about possible models for this. 5. Conclusions The European Internet service providers will commonly fund the RIPE NCC according to a charging scheme based on a small number of provider categories. Service providers will select their own category and the level of all contributions will be published. 6. Further Actions RIPE and RARE will commonly approach all service providers immediately with this draft proposal and ask them to make voluntary contributions in 1993 so that the 1993 income can be assessed quickly. At the same time the service providers will be asked whether they can make formal commitments for funding according to the scheme in 1994 were it agreed. RIPE will discuss the details of this model and formally agree on this document at the 15th meeting in April. At the same time RIPE will formally ask RARE to continue providing March 16, 1993 - 8 - the financial and legal umbrella for the RIPE NCC. Once RARE has agreed to this all service providers not having committed already will again be asked for formal commitments for 1994 funding, based on the then agreed model. DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT March 16, 1993 - 9 - Appendix A - Some ideas about charging for registry service The material in this appendix is intended to act as a base for discussion in case there is consensus that individual organisations need to be charged for registry service. It has not previously been discussed in a wider forum and thus cannot be more as a means to focus the discussion. The registry services are used by individual organisations as well as by service providers acting on behalf of their clients. As described above charging based on registration actions or rental of address space is very difficult if not impossible to get right. When one looks at the resources used by registry actions it is the requests for large amounts of address space from individual organisations which take most of the time. These organisations cannot rely on the resources provided by a service provider to help them develop an appropriate addressing plan and provide the necessary information to the registry concisely. Consequently they use the resources of the registry to arrive at these goals. Thus is is reasonable to charge for this resource usage while well presented requests for small amounts of address space should probably be covered as an overhead. Details of this would need to be discussed and worked out further. DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT March 16, 1993 From Daniel.Karrenberg at ripe.net Wed Mar 17 09:47:59 1993 From: Daniel.Karrenberg at ripe.net (Daniel Karrenberg) Date: Wed, 17 Mar 93 09:47:59 +0100 Subject: NCC Funding - Second Round In-Reply-To: Your message of Wed, 17 Mar 93 10:26:39 +0700. <9303170835.AA28101@ncc.ripe.net> Message-ID: <9303170847.AA28108@ncc.ripe.net> > Hank Nussbacher writes: > On Tue, 16 Mar 93 18:51:15 +0100 you said: > > Category Annual Charge (1994) Charge Q2-4 1993 > > > > Large 10000 7500 > > Medium 6000 4500 > > Small 3000 2250 > > > > > >The service providers may select their category themselves. > > Huh? Almost every service provider will select small. >From previous experience with similar schemes I do not expect that. > You need > some guidelines so organizations can try to see where they fit > at least if you want to make this a 'you choose' decision. These are difficult to give and usually the cause of many arguments. Whereas informal guidance usually works very well. A provider who is not sure can always check with me or the RIPE chairman. Let me assure you that I'd consider "Small" an appropriate category for ILAN if you slected it. :-) :-) :-) :-) :-) :-) :-) :-) ;-) Daniel From HANK at VM.TAU.AC.IL Wed Mar 17 10:26:39 1993 From: HANK at VM.TAU.AC.IL (Hank Nussbacher) Date: Wed, 17 Mar 93 10:26:39 IST Subject: NCC Funding - Second Round In-Reply-To: Message of Tue, 16 Mar 93 18:51:15 +0100 from Message-ID: <9303170835.AA28101@ncc.ripe.net> On Tue, 16 Mar 93 18:51:15 +0100 you said: > Category Annual Charge (1994) Charge Q2-4 1993 > > Large 10000 7500 > Medium 6000 4500 > Small 3000 2250 > > >The service providers may select their category themselves. Huh? Almost every service provider will select small. You need some guidelines so organizations can try to see where they fit at least if you want to make this a 'you choose' decision. Hank Nussbacher From Marten.Terpstra at ripe.net Wed Mar 17 10:26:38 1993 From: Marten.Terpstra at ripe.net (Marten Terpstra) Date: Wed, 17 Mar 93 10:26:38 +0100 Subject: FYI: 193.in-addr.arpa delegation Message-ID: <9303170926.AA28244@ncc.ripe.net> Folks, the delegation of 193.in-addr.arpa is a fact. % host -vt any 193.in-addr.arpa 193.in-addr.arpa 518400 IN SOA ns.ripe.net hostmaster.ripe.net ( 100010 ;serial (version) 28800 ;refresh period 7200 ;retry refresh time 604800 ;expiration period 518400 ;default ttl ) 193.in-addr.arpa 518400 IN NS ns.ripe.net 193.in-addr.arpa 518400 IN NS ns.eu.net 193.in-addr.arpa 518400 IN NS ns.uu.net 193.in-addr.arpa 518400 IN NS layon.inria.fr 193.in-addr.arpa 518400 IN NS sunic.sunet.se 193.in-addr.arpa 518400 IN NS munnari.oz.au -Marten ------- Forwarded Message Date: Tue, 16 Mar 93 20:06:13 PST From: bobm at nic.ddn.mil (Bob McCollum ) To: Marten.Terpstra at ripe.net (Marten Terpstra) cc: markk at nic.ddn.mil (Mark Kosters), scottw at nic.ddn.mil (Scott Williamso n) Subject: Re: 193.in-addr.arpa updated at the NCC > Ready to go ! > > -Marten Marten, The release has gone out. Everything looked ok from our end. We have made internet history. ;^) Please let us know if you see anything unusual! Thanks! Bob Mc ------- End of Forwarded Message From bonito at nis.garr.it Wed Mar 17 11:23:58 1993 From: bonito at nis.garr.it (Antonio_Blasco Bonito) Date: Wed, 17 Mar 93 11:23:58 MET Subject: 193.in-addr.arpa block delegation procedures (draft) In-Reply-To: <9303161458.AA28212@spurv>; from "Havard Eidnes" at Mar 16, 93 3:58 pm Message-ID: <9303171023.AA10135@jolly.nis.garr.it> > > Please read the paper below and comment within one week. We will finalize > > this paper next week, and then start delegating blocks of Cs in the domain. > > The paper looks just fine. My only comment is that perhaps there are a few > things left unsaid? Anyway, I am left with the following questions: > > - how do one request delegation of a subdomain of 193.in-addr.arpa. > Contact hostmaster at ripe.net with a free-form text message, or should we > bother to create a form? > > - How will the domain administrators for the subdomains of 193.in-addr.arpa > be made aware of a desire to have delegation installed for a subdomain? > There was some talk about doing this semi-automatically with the nic when > a RIPE network registration form was sent in to ripe-dbm at ripe.net or > assign at ripe.net, could this be used here (in addition to other means)? > > Regards, > > - H}vard I had the same questions in my mind while reading the paper. I have thought some answers: 2a. The names of the reverse nameserver which are delegated by RIPE-NCC to act as authoritative servers for a 256-class C block are sent to the RIPE-NCC and registered in the RIPE db using a template like this: inetnum: 193.x.0.0 (where x is the block number) zone-c: rev-srv: rev-srv: rev-srv: ns.ripe.net as soon as the Local IR receives from RIPE-NCC a new block to administer. 7. Usually the registration of reverse servers for individual class C nets or class C subblocks is done by the service provider who is administering the whole 256-class C block who in turn notifies the RIPE-NCC sending an updated network template for inclusion in the RIPE db. However should the RIPE-NCC receive any template for a single class C net or subblock not from the service provider, they must forward the template to the authoritative zone-c for the 256-class C block. Please note that I am using the zone-c tag in a network template: this is presently not allowed by the RIPE db rules, but I think we need to precisely qualify this kind of contact information. ---------- ---------- Antonio_Blasco Bonito E-Mail: bonito at nis.garr.it GARR - Network Information Service c=it;a=garr;p=garr;o=nis;s=bonito c/o CNUCE - Istituto del CNR Tel: +39 (50) 593246 Via S. Maria, 36 Telex: 500371 CNUCE I 56126 PISA Italy Fax: +39 (50) 904052 ---------- ---------- From roll at bsd.stupi.se Wed Mar 17 15:02:44 1993 From: roll at bsd.stupi.se (Peter Lothberg) Date: Wed, 17 Mar 93 15:02:44 MET Subject: ripe-81 work In-Reply-To: Your message of Thu, 11 Mar 93 15:39:18 +0100 Message-ID: > 2) networks having an existing AS-number in database but reflected differently > in the routing tables (the can sometimes be a config error). > > 128.86.0.0 in AS786 (database) and AS1755 (BGP) This is due to the fact that 128.86.0.0 is used as the London DMZ, and even if the EBS receives if with AS786 from the Janet RBS, it will prefer the cheapest route, locally connected to the EBS when announced to the outside world. -Peter From roll at bsd.stupi.se Wed Mar 17 16:17:37 1993 From: roll at bsd.stupi.se (Peter Lothberg) Date: Wed, 17 Mar 93 16:17:37 MET Subject: ripe-81 work In-Reply-To: Your message of Wed, 17 Mar 93 16:11:11 +0100 Message-ID: > > > Peter Lothberg writes: > > > 2) networks having an existing AS-number in database but reflected differ > > ently > > > in the routing tables (the can sometimes be a config error). > > > > > > 128.86.0.0 in AS786 (database) and AS1755 (BGP) > > > > This is due to the fact that 128.86.0.0 is used as the London DMZ, and > > even if the EBS receives if with AS786 from the Janet RBS, it will > > prefer the cheapest route, locally connected to the EBS when announced > > to the outside world. > > >From ripe-81: > > ... > o An IP network number can and must only belong to one > AS. This is a direct consequence of the fact that at > each point in the Internet there can be exactly one > routing policy for traffic destined to each network. In > the case of the IP network which is used in neighbor > peering between two ASes, say at the border between two > ASes, a conscious decision must be made as to which AS > this IP network number actually resides in. > ... > > So either the JANET RBS or the EBS should stop injecting this > net into EBONE. Any problems with that? Technical problem, if we announce it with the Janet RBS, other boxes on that DMZ might be dependent on the RBS. Political problem, they might not want to change the network number of that network. Suggestion, use the Ebone network for the DMZ... -Peter From Daniel.Karrenberg at ripe.net Wed Mar 17 16:11:11 1993 From: Daniel.Karrenberg at ripe.net (Daniel Karrenberg) Date: Wed, 17 Mar 93 16:11:11 +0100 Subject: ripe-81 work In-Reply-To: Your message of Wed, 17 Mar 93 15:02:44 +0700. Message-ID: <9303171511.AA29773@ncc.ripe.net> > Peter Lothberg writes: > > 2) networks having an existing AS-number in database but reflected differ > ently > > in the routing tables (the can sometimes be a config error). > > > > 128.86.0.0 in AS786 (database) and AS1755 (BGP) > > This is due to the fact that 128.86.0.0 is used as the London DMZ, and > even if the EBS receives if with AS786 from the Janet RBS, it will > prefer the cheapest route, locally connected to the EBS when announced > to the outside world. >From ripe-81: ... o An IP network number can and must only belong to one AS. This is a direct consequence of the fact that at each point in the Internet there can be exactly one routing policy for traffic destined to each network. In the case of the IP network which is used in neighbor peering between two ASes, say at the border between two ASes, a conscious decision must be made as to which AS this IP network number actually resides in. ... So either the JANET RBS or the EBS should stop injecting this net into EBONE. Any problems with that? Daniel From Tony.Bates at ripe.net Wed Mar 17 16:30:36 1993 From: Tony.Bates at ripe.net (Tony Bates) Date: Wed, 17 Mar 93 16:30:36 +0100 Subject: ripe-81 work In-Reply-To: Your message of Wed, 17 Mar 93 16:11:11 +0100. <9303171511.AA29773@ncc.ripe.net> Message-ID: <9303171530.AA29885@ncc.ripe.net> Daniel Karrenberg writes: * * > Peter Lothberg writes: * > > 2) networks having an existing AS-number in database but reflected di * ffer * > ently * > > in the routing tables (the can sometimes be a config error). * > > * > > 128.86.0.0 in AS786 (database) and AS1755 (BGP) * > * > This is due to the fact that 128.86.0.0 is used as the London DMZ, and * > even if the EBS receives if with AS786 from the Janet RBS, it will * > prefer the cheapest route, locally connected to the EBS when announced * > to the outside world. * * >From ripe-81: * * ... * o An IP network number can and must only belong to one * AS. This is a direct consequence of the fact that at * each point in the Internet there can be exactly one * routing policy for traffic destined to each network. In * the case of the IP network which is used in neighbor * peering between two ASes, say at the border between two * ASes, a conscious decision must be made as to which AS * this IP network number actually resides in. * ... * * So either the JANET RBS or the EBS should stop injecting this * net into EBONE. Any problems with that? * * Daniel Yep and in this case the RBS should advertise it. Remember this is part of a transition I started for the DMZs. However, it does highlight that people at RBSs should also watch the network statements in their configurations. --Tony. From Daniel.Karrenberg at ripe.net Wed Mar 17 16:36:40 1993 From: Daniel.Karrenberg at ripe.net (Daniel Karrenberg) Date: Wed, 17 Mar 93 16:36:40 +0100 Subject: ripe-81 work In-Reply-To: Your message of Wed, 17 Mar 93 16:17:37 +0700. Message-ID: <9303171536.AA29961@ncc.ripe.net> > Peter Lothberg writes: > > So either the JANET RBS or the EBS should stop injecting this > > net into EBONE. Any problems with that? > > Technical problem, if we announce it with the Janet RBS, other boxes > on that DMZ might be dependent on the RBS. ACK that. So it should be injected from the EBS. As an aside: ---- When writing ripe-81 we did consider similar cases and came up with a generic one: DMZ1 DMZ2 AS A ------ AS B ------ AS C You have to decide into which ASes to put the DMZ networks. One thing that is worth considering here is that if ASA and ASC touch in one and the same router in ASC in traceroutes only the nets DMZ1 and DMZ2 are visible. If DMZ1 is in AS A and DMZ2 is in AS C the traceroute might show: ... DMZ1 (in AS A) DMZ2 (in AS C) ... And it is by no means obvious from this that traffic has crossed AS B. > Suggestion, use the Ebone network for the DMZ... Looks right. From roll at bsd.stupi.se Wed Mar 17 17:06:06 1993 From: roll at bsd.stupi.se (Peter Lothberg) Date: Wed, 17 Mar 93 17:06:06 MET Subject: ripe-81 work In-Reply-To: Your message of Wed, 17 Mar 93 16:11:11 +0100 Message-ID: > So either the JANET RBS or the EBS should stop injecting this > net into EBONE. Any problems with that? I don't se a problem, Duncan runs both boxes and he can fix it.. I do have a suggestion, it should be announced as 786/Janet by the RBS, as all routing to networks that are internal to 1755 is actually really vired seen from the outside. -Peter From roll at bsd.stupi.se Wed Mar 17 17:47:33 1993 From: roll at bsd.stupi.se (Peter Lothberg) Date: Wed, 17 Mar 93 17:47:33 MET Subject: ripe-81 work In-Reply-To: Your message of Wed, 17 Mar 93 17:25:38 +0100 Message-ID: > However, there are only a few cases in the world > where this is an issue. The GIX net is the most interesting of course. > Basically, a decision has to be made as to who announces it. The GIX is no problem, either we assign an AS for the network, and we use (not yet avaliable) tools to make our routers announce it in the correct AS, or, my suggestion is, don't announce MAE-East interconnect network to the outside world at all... (To avoid the multihop-ebgp routing loop problem...) -Peter From Tony.Bates at ripe.net Wed Mar 17 17:25:38 1993 From: Tony.Bates at ripe.net (Tony Bates) Date: Wed, 17 Mar 93 17:25:38 +0100 Subject: ripe-81 work In-Reply-To: Your message of Wed, 17 Mar 93 16:17:37 +0700. Message-ID: <9303171625.AA00345@ncc.ripe.net> Peter Lothberg writes: * > * > > Peter Lothberg writes: * > > > 2) networks having an existing AS-number in database but reflected * differ * > > ently * > > > in the routing tables (the can sometimes be a config error). * > > > * > > > 128.86.0.0 in AS786 (database) and AS1755 (BGP) * > > * > > This is due to the fact that 128.86.0.0 is used as the London DMZ, an * d * > > even if the EBS receives if with AS786 from the Janet RBS, it will * > > prefer the cheapest route, locally connected to the EBS when announce * d * > > to the outside world. * > * > >From ripe-81: * > * > ... * > o An IP network number can and must only belong to one * > AS. This is a direct consequence of the fact that at * > each point in the Internet there can be exactly one * > routing policy for traffic destined to each network. In * > the case of the IP network which is used in neighbor * > peering between two ASes, say at the border between two * > ASes, a conscious decision must be made as to which AS * > this IP network number actually resides in. * > ... * > * > So either the JANET RBS or the EBS should stop injecting this * > net into EBONE. Any problems with that? * * Technical problem, if we announce it with the Janet RBS, other boxes * on that DMZ might be dependent on the RBS. * * Political problem, they might not want to change the network number of * that network. * * Suggestion, use the Ebone network for the DMZ... * * -Peter Okay, You are right we need to make note of these implications in the revision of ripe-81. In the 128.86.0.0 case this is not a problem politically or otherwise and the DMZ is an ebone net so not problem but the interconnect network is still an interesting one. However, there are only a few cases in the world where this is an issue. The GIX net is the most interesting of course. Basically, a decision has to be made as to who announces it. --Tony. From Tony.Bates at ripe.net Wed Mar 17 17:57:19 1993 From: Tony.Bates at ripe.net (Tony Bates) Date: Wed, 17 Mar 93 17:57:19 +0100 Subject: ripe-81 work In-Reply-To: Your message of Wed, 17 Mar 93 17:06:06 +0700. Message-ID: <9303171657.AA00434@ncc.ripe.net> Peter Lothberg writes: * > So either the JANET RBS or the EBS should stop injecting this * > net into EBONE. Any problems with that? * * I don't se a problem, Duncan runs both boxes and he can fix it.. * * I do have a suggestion, it should be announced as 786/Janet by the * RBS, as all routing to networks that are internal to 1755 is actually * really vired seen from the outside. * * -Peter * * Already asked for. As I said this one is just an example and is fixed easily. The interconnect net need a little bit of thought of engineering or some new tools as you said in another message. I will make sure there is discussion of this in the revised ripe-81 text. We should take this discussion off all these lists as well I think. Many people including me are getting this 4 times. -Tony. From D.Rogerson at nosc.ja.net Wed Mar 17 19:25:37 1993 From: D.Rogerson at nosc.ja.net (Duncan Rogerson) Date: Wed, 17 Mar 1993 18:25:37 +0000 (GMT) Subject: ripe-81 work In-Reply-To: <9303171657.AA00434@ncc.ripe.net> from "Tony Bates" at Mar 17, 93 05:57:19 pm Message-ID: <9303171825.AA13597@tarquin.ja.net> > Already asked for. As I said this one is just an example and is fixed easily. This is now done - you should only see 128.86.0.0 announced from AS786. Dunc From Marten.Terpstra at ripe.net Thu Mar 18 16:01:21 1993 From: Marten.Terpstra at ripe.net (Marten Terpstra) Date: Thu, 18 Mar 93 16:01:21 +0100 Subject: 193.in-addr.arpa block delegation procedures (draft) In-Reply-To: Your message of Tue, 16 Mar 93 15:58:01 +0100. <9303161458.AA28212@spurv> Message-ID: <9303181501.AA03643@ncc.ripe.net> [Comments from Havard] * - how do one request delegation of a subdomain of 193.in-addr.arpa. * Contact hostmaster at ripe.net with a free-form text message, or should we * bother to create a form? Ahh, no extra forms please !!! All we need to know is class C block, and all the servers. I do not think we need another form for that ... Please just contact hostmaster at ripe.net with the needed information. We will be able to parse it ;-) Or maybe the suggestions below ... * - How will the domain administrators for the subdomains of 193.in-addr.arpa * be made aware of a desire to have delegation installed for a subdomain? * There was some talk about doing this semi-automatically with the nic when * a RIPE network registration form was sent in to ripe-dbm at ripe.net or * assign at ripe.net, could this be used here (in addition to other means)? In fact we have the following in mind. For blocks that are not yet delegated, we intend to use the information people supply in the "rev-srv:" field to update the 193.in-addr.arpa domain. For blocks that have been delegated, the people that have been assigned class C nets from such a block should be made aware that reverse registration should be done by either the NCC is the local registry does NOT run the delegated block, or by the local registry. We could look into extending our "rev-srv:" program to notify maintainers of blocks in 193.in-addr.arpa if the information in the database has changed. They could then update their zones if needed. This however does imply that the "rev-srv:" field becomes authoritative for reverse mapping (and not vice versa) [Suggestions from Blasco] * 2a. The names of the reverse nameserver which are delegated by RIPE-NCC * to act as authoritative servers for a 256-class C block are sent * to the RIPE-NCC and registered in the RIPE db using a template * like this: * * inetnum: 193.x.0.0 (where x is the block number) * * zone-c: * rev-srv: * rev-srv: * rev-srv: ns.ripe.net * * as soon as the Local IR receives from RIPE-NCC a new block to * administer. I do not quite like this idea. 193.x.0.0 is a normal class C network number that just could be used (although we recommend not to do so) and I hate having information in the database with "some special meaning you have to know". The other thing would be to just have an extra entry for the complete block in the database (so you would get two answers if you queried a network inside the block), but that I do not like because you are not responsible for individual nets inside the block... If you really want to put it in the database, why not send in an object like: domain: 204.193.in-addr.arpa descr: blah zone-c: nserver: nserver: nserver: ns.ripe.net .... It is a domain, so why not pick the right object for it ? * 7. Usually the registration of reverse servers for individual class C nets * or class C subblocks is done by the service provider who is administering * the whole 256-class C block who in turn notifies the RIPE-NCC sending * an updated network template for inclusion in the RIPE db. * However should the RIPE-NCC receive any template for a single class C net * or subblock not from the service provider, they must forward the template * to the authoritative zone-c for the 256-class C block. Totally agree. We will not "overrule" delegations by putting them directly in 193.in-addr.arpa, like we expect hostmaster at nic.ddn.mil to do the same. We will of course forward such requests. I will update the document with regard to the last point, and the other point if we can each agreement on the "how to notify I want a block delegated". An object like above could be used as a request for delegation of a block. -Marten From bonito at nis.garr.it Thu Mar 18 17:30:30 1993 From: bonito at nis.garr.it (Antonio_Blasco Bonito) Date: Thu, 18 Mar 93 17:30:30 MET Subject: 193.in-addr.arpa block delegation procedures (draft) In-Reply-To: <9303181501.AA03643@ncc.ripe.net>; from "Marten Terpstra" at Mar 18, 93 4:01 pm Message-ID: <9303181630.AA18345@jolly.nis.garr.it> Uhmmm, may be I'm wrong but I see some inconsistencies in your considerations: > * - How will the domain administrators for the subdomains of 193.in-addr.arpa > * be made aware of a desire to have delegation installed for a subdomain? > * There was some talk about doing this semi-automatically with the nic when > * a RIPE network registration form was sent in to ripe-dbm at ripe.net or > * assign at ripe.net, could this be used here (in addition to other means)? > > In fact we have the following in mind. For blocks that are not yet delegated, > we intend to use the information people supply in the "rev-srv:" field to > update the 193.in-addr.arpa domain. For blocks that have been delegated, the > people that have been assigned class C nets from such a block should be made > aware that reverse registration should be done by either the NCC is the local > registry does NOT run the delegated block, or by the local registry. > We could look into extending our "rev-srv:" program to notify maintainers of > blocks in 193.in-addr.arpa if the information in the database has changed. > They could then update their zones if needed. This however does imply that > the "rev-srv:" field becomes authoritative for reverse mapping (and not vice > versa) Here you are saying to use rev-srv which is a network tag in the database. > [Suggestions from Blasco] > > * 2a. The names of the reverse nameserver which are delegated by RIPE-NCC > * to act as authoritative servers for a 256-class C block are sent > * to the RIPE-NCC and registered in the RIPE db using a template > * like this: > * > * inetnum: 193.x.0.0 (where x is the block number) > * > * zone-c: > * rev-srv: > * rev-srv: > * rev-srv: ns.ripe.net > * > * as soon as the Local IR receives from RIPE-NCC a new block to > * administer. > > I do not quite like this idea. 193.x.0.0 is a normal class C network number > that just could be used (although we recommend not to do so) and I hate > having information in the database with "some special meaning you have to > know". The other thing would be to just have an extra entry for the complete > block in the database (so you would get two answers if you queried a network > inside the block), but that I do not like because you are not responsible for > individual nets inside the block... If you really want to put it in the > database, why not send in an object like: > > domain: 204.193.in-addr.arpa > descr: blah > zone-c: > nserver: > nserver: > nserver: ns.ripe.net > .... > > It is a domain, so why not pick the right object for it ? Here you say that the nserver (domain tag) should be used. What you say is right, so I can agree to use domains in the database to give reverse servers information but then we should always use them to be consistent. In this case the decision should be to avoid the usage of rev-srv network tags in the future and to use nserver domain tag instead for each network regardless of being it class B, single or block class C. Moreover it makes no sense to register reverse servers for a block of class C because the DNS doesn't have any knowledge of blocks: any nameserver manager has to register every single network in a block in the DNS. If we adopt this way of registering reverse-servers it would be wise to issue a recommendation to convert old rev-srv network tags into domain entries with nserver tags. ---------- ---------- Antonio_Blasco Bonito E-Mail: bonito at nis.garr.it GARR - Network Information Service c=it;a=garr;p=garr;o=nis;s=bonito c/o CNUCE - Istituto del CNR Tel: +39 (50) 593246 Via S. Maria, 36 Telex: 500371 CNUCE I 56126 PISA Italy Fax: +39 (50) 904052 ---------- ---------- From Marten.Terpstra at ripe.net Thu Mar 18 17:48:18 1993 From: Marten.Terpstra at ripe.net (Marten Terpstra) Date: Thu, 18 Mar 93 17:48:18 +0100 Subject: 193.in-addr.arpa block delegation procedures (draft) In-Reply-To: Your message of Thu, 18 Mar 93 17:30:30 +0700. <9303181630.AA18345@jolly.nis.garr.it> Message-ID: <9303181648.AA04267@ncc.ripe.net> bonito at nis.garr.it (Antonio_Blasco Bonito) writes: * Uhmmm, may be I'm wrong but I see some inconsistencies in your consideration * of * > blocks in 193.in-addr.arpa if the information in the database has changed. * > They could then update their zones if needed. This however does imply that * > the "rev-srv:" field becomes authoritative for reverse mapping (and not vi * ce * > versa) * * Here you are saying to use rev-srv which is a network tag in the database. * * > nserver: ns.ripe.net * > .... * > * > It is a domain, so why not pick the right object for it ? * * Here you say that the nserver (domain tag) should be used. * * What you say is right, so I can agree to use domains in the database to give * reverse servers information but then we should always use them to be consist * ent. * * In this case the decision should be to avoid the usage of rev-srv network ta * gs * in the future and to use nserver domain tag instead for each network * regardless of being it class B, single or block class C. * Moreover it makes no sense to register reverse servers for a block of class * C * because the DNS doesn't have any knowledge of blocks: any nameserver * manager has to register every single network in a block in the DNS. * * If we adopt this way of registering reverse-servers it would be wise * to issue a recommendation to convert old rev-srv network tags into * domain entries with nserver tags. Yes and no inconsistent. I was just brainstorming a bit here, and since it would be nice for some people to have the delegated blocks in the database I was looking for a way to include them in the database. I do NOT want to suggest here that all the rev-srv fields should be changed by sending in in-addr,arpa domains for individual nets, just for the blocks. This might be a bit confusing. I am just looking for possibilities that are both easy and clear ... -Marten From woeber at cc.univie.ac.at Fri Mar 19 00:06:32 1993 From: woeber at cc.univie.ac.at (Wilfried Woeber, UniVie/ACOnet, +43 1 436111 355) Date: Thu, 18 Mar 1993 18:06:32 EST Subject: 193.in-addr.arpa block delegation procedures (draft) Message-ID: <00969B40.855A53A0.9816@cc.univie.ac.at> > individual nets inside the block... If you really want to put it in the > database, why not send in an object like: > > domain: 204.193.in-addr.arpa > descr: blah > zone-c: > nserver: > nserver: > nserver: ns.ripe.net > .... > I'm really in favour of this approach, because it seems to fit nicely into the system and we can access the information with tools that need not have any special knowledge, as Marten pointed out already. Wilfried. From bonito at nis.garr.it Thu Mar 18 17:58:50 1993 From: bonito at nis.garr.it (Antonio_Blasco Bonito) Date: Thu, 18 Mar 93 17:58:50 MET Subject: 193.in-addr.arpa block delegation procedures (draft) In-Reply-To: <9303181648.AA04267@ncc.ripe.net>; from "Marten Terpstra" at Mar 18, 93 5:48 pm Message-ID: <9303181658.AA18479@jolly.nis.garr.it> > Yes and no inconsistent. I was just brainstorming a bit here, and since it > would be nice for some people to have the delegated blocks in the database I > was looking for a way to include them in the database. I do NOT want to > suggest here that all the rev-srv fields should be changed by sending in > in-addr,arpa domains for individual nets, just for the blocks. This might be > a bit confusing. I am just looking for possibilities that are both easy and > clear ... > > -Marten OK, but at least we have to decide about 193.something networks. Either we use rev-srv network tags or we use nserver domain tags. Using both is certainly tedious and confusing. ---------- ---------- Antonio_Blasco Bonito E-Mail: bonito at nis.garr.it GARR - Network Information Service c=it;a=garr;p=garr;o=nis;s=bonito c/o CNUCE - Istituto del CNR Tel: +39 (50) 593246 Via S. Maria, 36 Telex: 500371 CNUCE I 56126 PISA Italy Fax: +39 (50) 904052 ---------- ---------- From Tony.Bates at ripe.net Thu Mar 18 17:45:23 1993 From: Tony.Bates at ripe.net (Tony Bates) Date: Thu, 18 Mar 93 17:45:23 +0100 Subject: ripe-81 work In-Reply-To: Your message of Thu, 11 Mar 93 15:39:18 +0100. Message-ID: <9303181645.AA04248@ncc.ripe.net> Last week I mailed out some statistics about some conflicts between the RIPE database and what we see in the European BGP routing tables. This is now totally automated and a job runs once a day which produces both the RIPE derived networks assigned to an AS and the router derived netwroks assigned to an AS. The conflicts are then checked between the two pieces of information. All the information is available from the RIPE filestore at ftp.ripe.net in directory ripe/as This contains three sub-directories: db - AS information derived from RIPE database. router - AS information derived from BGP routing table. conflicts - Comparison of the information in the dbm and router directories. Here follows the README from each directory. README (ripe/as/db/README) 15/3/93 ------ This directory contains information regarding Autonomous System information derived from the RIPE database. The files are as follows:- status -- Contains info of time the derivation was done. as.list -- Full list of networks and AS numbers There is also a sub-directory "as-dir". This contains lists of networks assigned to an AS. Each file is named as follows:- AS- where num is the AS number itself. There are also two special files. NONE - This contains networks in the database with a connectivity flag and no aut-sys tag. NONE-LOCAL - This contains networks in the database with a connectivity tag of LOCAL in the RIPE database. These networks should not have have an aut-sys entry. README (ripe/as/router/README) 15/3/93 ------ This directory contains information regarding Autonomous System information derived from a European routers BGP table. The files are as follows:- status -- Contains info of router used and time the derivation was done. as.list -- Full list of networks and AS numbers bogus -- Any possible bogus network entries found. conflict -- Any conflicts found. A network can only originate in one AS. There is also a sub-directory "as-dir". This contains lists of networks assigned to an AS (note -- This may contain conflicts). Each file is named as follows:- AS- where num is the AS number itself. README (ripe/as/conflicts/README) 15/3/93 ------ This directory contains some analysis of the RIPE and Router derived AS information. The files are as follows:- notin.db -- European networks in the BGP routing tables and not in the RIPE database. local.routed -- Networks being announced in the BGP routing tables and flagged as LOCAL in the RIPE database. db-conf-bgp -- Conflicts between the AS registered for a network in the RIPE database and what is being announced. Please can everyone check these to see where simple updates can be made. It is our intention to eliminate as many of these conflicts or inconsistencies as possible. My idea behind this is the service providers and local registries should be able to regularly pull this information to make sure things are up to date. Please let me know if there are other useful peieces of information felt useful to derive regularly. --Tony. From Marten.Terpstra at ripe.net Fri Mar 19 12:17:22 1993 From: Marten.Terpstra at ripe.net (Marten Terpstra) Date: Fri, 19 Mar 93 12:17:22 +0100 Subject: 193.in-addr.arpa block delegation procedures (draft) In-Reply-To: Your message of Thu, 18 Mar 93 17:58:50 +0700. <9303181658.AA18479@jolly.nis.garr.it> Message-ID: <9303191117.AA06591@ncc.ripe.net> bonito at nis.garr.it (Antonio_Blasco Bonito) writes: * > Yes and no inconsistent. I was just brainstorming a bit here, and since it * > would be nice for some people to have the delegated blocks in the database * I * > was looking for a way to include them in the database. I do NOT want to * > suggest here that all the rev-srv fields should be changed by sending in * > in-addr,arpa domains for individual nets, just for the blocks. This might * be * > a bit confusing. I am just looking for possibilities that are both easy an * d * > clear ... * > * > -Marten * * OK, but at least we have to decide about 193.something networks. * Either we use rev-srv network tags or we use nserver domain tags. * Using both is certainly tedious and confusing. Blasco, I agree and I do not agree here (maybe I should make up my mind ;-) I agree that using both can be confusing, but they are used for different purposes. I would not like to see individual nets as in-addr.arpa domains in the database, because that information is superfluous in my view. There are no delegated blocks in the database yet, so I kind of like the idea of putting them (and only them) as in-addr.arpa domains in the db. The only ones that have to deal with these domains are registries, who I hope are not too easily confused. I could be wrong here. Anyone else with bright ideas ? Another thing would be to create YADO (Yet Another Database Object) for delegated blocks only, but I do not quite like that idea either. -Marten From bonito at nis.garr.it Fri Mar 19 13:29:36 1993 From: bonito at nis.garr.it (Antonio_Blasco Bonito) Date: Fri, 19 Mar 93 13:29:36 MET Subject: 193.in-addr.arpa block delegation procedures (draft) In-Reply-To: <9303191117.AA06591@ncc.ripe.net>; from "Marten Terpstra" at Mar 19, 93 12:17 pm Message-ID: <9303191229.AA25316@jolly.nis.garr.it> > > bonito at nis.garr.it (Antonio_Blasco Bonito) writes: > * > Yes and no inconsistent. I was just brainstorming a bit here, and since it > * > would be nice for some people to have the delegated blocks in the database > * I > * > was looking for a way to include them in the database. I do NOT want to > * > suggest here that all the rev-srv fields should be changed by sending in > * > in-addr,arpa domains for individual nets, just for the blocks. This might > * be > * > a bit confusing. I am just looking for possibilities that are both easy an > * d > * > clear ... > * > > * > -Marten > * > * OK, but at least we have to decide about 193.something networks. > * Either we use rev-srv network tags or we use nserver domain tags. > * Using both is certainly tedious and confusing. > > Blasco, > > I agree and I do not agree here (maybe I should make up my mind ;-) > I agree that using both can be confusing, but they are used for different > purposes. I would not like to see individual nets as in-addr.arpa domains in > the database, because that information is superfluous in my view. Maybe, but: - some individual net has already been registered in ripe db as in-addr.arpa domain and you have no way to avoid that, I guess. - when using inetnum entries and rev-srv tags an important information is missing: the zone-contact. > There are > no delegated blocks in the database yet, so I kind of like the idea of > putting them (and only them) as in-addr.arpa domains in the db. The only ones > that have to deal with these domains are registries, who I hope are not too > easily confused. What you are suggesting is to store in the database only one level of delegation (between RIPE-NCC and local registries). OK but the registries need to further delegate reverse resolution. If the ripe db cannot store the information about individual nets, local registries have to use some other tool, likely to be different for each registry. > I could be wrong here. Anyone else with bright ideas ? I don't think is a bright idea, but at this point I'm in favour of definining rev-srv tags obsolete and use only in-addr.arpa domains at any level. > Another thing would be to create YADO (Yet Another Database Object) for > delegated blocks only, but I do not quite like that idea either. me too. ---------- ---------- Antonio_Blasco Bonito E-Mail: bonito at nis.garr.it GARR - Network Information Service c=it;a=garr;p=garr;o=nis;s=bonito c/o CNUCE - Istituto del CNR Tel: +39 (50) 593246 Via S. Maria, 36 Telex: 500371 CNUCE I 56126 PISA Italy Fax: +39 (50) 904052 ---------- ---------- From Marten.Terpstra at ripe.net Fri Mar 19 15:19:25 1993 From: Marten.Terpstra at ripe.net (Marten Terpstra) Date: Fri, 19 Mar 93 15:19:25 +0100 Subject: 193.in-addr.arpa block delegation procedures (draft) In-Reply-To: Your message of Fri, 19 Mar 93 13:29:36 +0700. <9303191229.AA25316@jolly.nis.garr.it> Message-ID: <9303191419.AA07083@ncc.ripe.net> bonito at nis.garr.it (Antonio_Blasco Bonito) writes: * > * > the database, because that information is superfluous in my view. * * Maybe, but: * - some individual net has already been registered in ripe db as in-addr.arpa * domain and you have no way to avoid that, I guess. Noop, if people have the need to send in in-addr.arpa domains for individual nets, please do so. No way we can and will avoid that ... * - when using inetnum entries and rev-srv tags an important information * is missing: the zone-contact. This is even more confusing if you ask me. Because the zone-c would only have a meaning relative to the rev-srv fields, not to the inetnum itself. I bet you a lot of people will fill in wrong information here, or simply not even understand what to put in here. * What you are suggesting is to store in the database only one level * of delegation (between RIPE-NCC and local registries). OK but the registries * need to further delegate reverse resolution. If the ripe db cannot store * the information about individual nets, local registries have to use * some other tool, likely to be different for each registry. In my opinion the rev-srv entry is enough information to store. Do you really want to generate an extra object for the reverse domains, where all the information (except the zone-c) is already in the inetnum object. You are of course free to do so. * > Another thing would be to create YADO (Yet Another Database Object) for * > delegated blocks only, but I do not quite like that idea either. After some in-house discussion here we would like to following: - requests for delegation of a block in 193.in-addr.arpa should be done by sending in the xxx.193.in-addr.arpa domain object to HOSTMASTER. - we will then forward all entries that are already in the 193.in-addr.arpa zone that belong to this block - we will check that the existing entries are put into the delegated zone. - we will delegate authority, and pass object to the database - we will forward any request for reverse registration inside this block to the zone-c for this reverse block. The question about zone-c in the inetnum object and/or removing the rev-srv field and replace it by an individual net.block.193.in-addr.arpa domain is something for the database and dns working group. We really would like to get the block delegation going. If noone has strong objections against the above procedure for block delegation (not the net things), I will update the document and send out a new version later today (probably tonight). -Marten From woeber at cc.univie.ac.at Fri Mar 19 22:01:10 1993 From: woeber at cc.univie.ac.at (Wilfried Woeber, UniVie/ACOnet, +43 1 436111 355) Date: Fri, 19 Mar 1993 16:01:10 EST Subject: 193.in-addr.arpa block delegation procedures (draft) Message-ID: <00969BF8.2C4C7000.9910@cc.univie.ac.at> | * > Another thing would be to create YADO (Yet Another Database Object) for | * > delegated blocks only, but I do not quite like that idea either. | |After some in-house discussion here we would like to following: | |- requests for delegation of a block in 193.in-addr.arpa should be done | by sending in the xxx.193.in-addr.arpa domain object to HOSTMASTER. |- we will then forward all entries that are already in the 193.in-addr.arpa | zone that belong to this block |- we will check that the existing entries are put into the delegated zone. |- we will delegate authority, and pass object to the database |- we will forward any request for reverse registration inside this block | to the zone-c for this reverse block. I like it. |The question about zone-c in the inetnum object and/or removing the rev-srv |field and replace it by an individual net.block.193.in-addr.arpa domain is |something for the database and dns working group. We really would like to get |the block delegation going. I think this is the essential thing. I propose to go ahead _doing_ it. Otherwise I'd even like to suggest a "back to square one" approach for the DB issues. I think we have to back up and figure out/define _what_ we want to organize for _which_ group of people. Generally my feeling is that we should try to - use _existing_ procedures wherever possible without "bending" them - invent new and _simple_ things if there is a need (the KISS principle) - keep the procedure for the "users" as simple as possible. Personally I prefer additional "small" objects that can be cross-checked automatically for consistency against "huge" multi-purpose objects with a lot of options and implied semantics. But that's probably a question of taste... |If noone has strong objections against the above procedure for block |delegation (not the net things), I will update the document and send out a |new version later today (probably tonight). My vote in favour. wilfried. -------------------------------------------------------------------------------- Wilfried Woeber : E-m: Wilfried.Woeber at CC.UniVie.ac.at (Internet) Computer Center - ACOnet : Z00WWR01 at AWIUNI11.BITNET (EARN) Vienna University : [ woeber at can.aconet.ada.at (X.400) ] Universitaetsstrasse 7 : [ S O P A C ] A-1010 Vienna, Austria, Europe : Tel: +43 1 436111 355, Fax: +43 1 436111 170 -------------------------------------------------------------------------------- From Marten.Terpstra at ripe.net Fri Mar 19 16:33:28 1993 From: Marten.Terpstra at ripe.net (Marten Terpstra) Date: Fri, 19 Mar 93 16:33:28 +0100 Subject: Typos in assignments Message-ID: <9303191533.AA07465@ncc.ripe.net> Dear Registries, We have found that the number of typos made in assignments and database updates is increasing too much lately. Especially mixing 192.x.y and 193.x.y is very popular. Also, we see a lot of 193 assignments send to , and normal updates send in to We have for that purpose put some more strict checking on entries send in to . For each net that is being send in the we now check whether or not that network is already in the RIPE/MERIT/DDN database. If it is, it will be initially rejected and an error will be send to the NCC staff. The NCC staff will find out whether this is a typo, or just usage of the wrong e-mail address. In the latter case, we will forward the update to ripe-dbm at ripe.net, and it will be processed. If however a typo seems to be made, we will contact the person that send in the entry and try to resolve the issue. Long story short: - only NEW 193.x.y assignments to - ALL updates and other new entries to -Marten From rv at deins.informatik.uni-dortmund.de Sun Mar 21 15:04:47 1993 From: rv at deins.informatik.uni-dortmund.de (rv at deins.informatik.uni-dortmund.de) Date: Sun, 21 Mar 93 15:04:47 N Subject: Typos in assignments In-Reply-To: Your message of Fri, 19 Mar 93 16:33:28 +0100. <9303191533.AA07465@ncc.ripe.net> Message-ID: <9303211404.AA08417@seins.informatik.uni-dortmund.de> Marten, > We have found that the number of typos made in assignments and database > updates is increasing too much lately. Especially mixing 192.x.y and 193.x.y > is very popular. unfortunately typos are hitting all of the data bases:-( > - only NEW 193.x.y assignments to > - ALL updates and other new entries to The initial announcement for probably was not perfectly clear to restrict the use of this address to 193.x.y AND I remember that for some other reassignments (well, not my own) sent directly to DDN-NIC it was requested to channel all European reassignments via the NCC. Thus I have been using assign at RIPE.net for updates which I intended to "write-through" to DDN-NIC (all messages including records for "old" blocks included a remark telling so). If we would know a little more about the state of how data base alignment between DDN-NIC and RIPE-NCC actually works or what the intended ways are, it might become easier for local registries to avoid misinterpretation of procedures. Sure, I know, that unfortunately progress on the data base alignement/exchange issue has been lagging far behind behind our hopes and needs for improvement, and I sure can appreciate some of the problems standing in the way (including the courtesy not explain all the problems in public). Well, we hope that with the INTERNIC service contracts now in place t will get easier to establish a smooth data flow - and make it known to the registries. Probably some folks will be discussing some of this somewhere in Ohio in a weeks time... (unapproved, closed mini-BOF in the 1:00 to 3:30 AM time after the social event? :-) CU, Ruediger Ruediger Volk Universitaet Dortmund, Informatik IRB DE-NIC Postfach 500 500 D-W-4600 Dortmund 50 Germany E-Mail: rv at Informatik.Uni-Dortmund.DE Phone: +49 231 755 4760 Fax: +49 231 755 2386 From Marten.Terpstra at ripe.net Mon Mar 22 09:49:49 1993 From: Marten.Terpstra at ripe.net (Marten Terpstra) Date: Mon, 22 Mar 93 09:49:49 +0100 Subject: Blocks in 193.in-addr.arpa domain document Message-ID: <9303220849.AA11902@ncc.ripe.net> Folks, Here's the updated document. I was planning on sending this out over the weekend, but forgot the modem cable ;-( Anyway, let's see if we can get agreement on this. Please note that the database specific things I do not want to spend too much on, this should be done at the RIPE meeting. A few more days to comment. Want to start delegating blocks end of the week, and during next week (although I will be at the IETF). -Marten Guidelines for the delegation of class C blocks in the 193.in-addr.arpa domain Marten Terpstra March 1993 V1.1 Introduction This document describes the procedures for the delegation of authority of zones in the 193.in-addr.arpa domain. As of March 16th 1993 the RIPE NCC has been delegated the authority for the 193.in-addr.arpa domain from the root. Due to the fact that in the 193.x.y address space blocks of 256 class C network numbers are further delegated to local registries and national registries, the possibility exists to also delegate the zone for these blocks in the 193.in-addr.arpa domain. This document describes some guidelines and procedures for this type of delegation. A bit more explained With the assignment of class C network numbers following the CIDR (RFC 1338) model, in which large chunks of the address space are delegated to one region, and within that region blocks of class C network numbers are delegated to service providers and national registries, some hierarchy in the address space is created, similar to the hierarchy in the domain name space. Due to this hierarchy the reverse Domain Name System mapping can also be delegated in a similar model as used for the normal Domain Name System. For instance, the RIPE NCC has been delegated the complete class C address space starting with 193. It is therefore possible to delegate the 193.in-addr.arpa domain completely to the RIPE NCC, in stead of each and every reverse mapping in the 193.in-addr.arpa domain to be registered with the INTERNIC. This implies that all 193.in-addr.arpa resistrations will be done by the RIPE NCC. Even better, since service providers receive complete class C network blocks from the RIPE NCC, the RIPE NCC can delegate the reverse registrations for such complete blocks to these local registries. This implies that customers of these service providers no longer have to register their reverse domain mapping with the root, but the service provider have authority over that part of the reverse mapping. This decreases the workload on the INTERNIC and the RIPE NCC, and at the same time increase the service a provider can offer its customers and response times for such additions. However there are some things that need to be examined a bit more closely to avoid confusion and inconsistencies. These issues are covered in the next section. Procedures 1. A secondary nameserver at ns.ripe.net is mandatory for all blocks of class C network numbers delegated in the 193.in-addr.arpa domain. 2. Because of the increasing importance of correct reverse address mapping, for all delegated blocks a good set of secondaries must be defined. There should be at least 2 nameservers for all blocks delegated, excluding the RIPE NCC secondary. 3. The delegation of a class C block in the 193.in-addr.arpa domain can be requested by sending in a domain object for the RIPE database to with all necessary contact and nameserver information. The RIPE NCC will then forward all current reverse zones inside this block to the registry, and after addition by the registry, the NCC will check the working of the reverse server. Once everything is setup properly, the NCC will delegate the block, and submit the database object for inclusion in the database. An example domain object can be at the end of this document. 4. All reverse servers for blocks must be reachable from the whole of the Internet. In short, all servers must meet similar connectivity requirements as top-level domain servers. 5. Running the reverse server for class C blocks does not imply that one controls that part of the reverse domain, it only implies that one administers that part of the reverse domain. 6. Before adding individual nets, the administrator of a reverse domain must check wether all servers to be added for these nets are indeed setup properly. 7. There are some serious implications when a customer of a service provider that uses address space out of the service provider class C blocks, moves to another service provider. The service provider cannot force its ex-customer to change network addresses, and will have to continue to provide the appropriate delegation records for reverse mapping of these addresses, even though it is no longer a customer of his. 8. The registration of the reverse zones for individual class C networks will usually be done by the registry administering the class C block this network has been assigned from. The registry will make the necessary changes to the zone, and update the network objects in the RIPE database for these networks, to reflect the correct "rev-srv" fields. In case the RIPE NCC receives a request for the reverse zone of an individual class C network out of a block that has been delegated, the request will be forwarded to the zone contact for this reverse block. Above procedures are defined to ensure the necessary high availability for the 193 reverse domains, and to minimize confusion. The NCC will ensure fast repsonse times for addition requests, and will in principle update the 193.in-addr.arpa domain at least once per working day. The NCC also suggests that similar procedures are set up for the delegation of reverse zones from the registries to individual organisations. Example domain object to request a block delegation domain: 202.193.in-addr.arpa descr: Pan European Organisations class C block admin-c: Daniel Karrenberg tech-c: Marten Terpstra zone-c: Marten Terpstra nserver: ns.eu.net nserver: sunic.sunet.se nserver: ns.ripe.net changed: marten at ripe.net 930319 source: RIPE From Marten.Terpstra at ripe.net Mon Mar 22 10:53:35 1993 From: Marten.Terpstra at ripe.net (Marten Terpstra) Date: Mon, 22 Mar 93 10:53:35 +0100 Subject: Typos in assignments In-Reply-To: Your message of Sun, 21 Mar 93 15:04:47 +0100. <9303211404.AA08417@seins.informatik.uni-dortmund.de> Message-ID: <9303220953.AA12208@ncc.ripe.net> rv at deins.informatik.uni-dortmund.de writes: * The initial announcement for probably was not perfectly cl * ear * to restrict the use of this address to 193.x.y AND I remember that for som * e * other reassignments (well, not my own) sent directly to DDN-NIC it was reque * sted * to channel all European reassignments via the NCC. * * Thus I have been using assign at RIPE.net for updates which I intended to * "write-through" to DDN-NIC (all messages including records for "old" * blocks included a remark telling so). * * If we would know a little more about the state of how data base alignment * between DDN-NIC and RIPE-NCC actually works or what the intended ways are, * it might become easier for local registries to avoid misinterpretation * of procedures. Sure, I know, that unfortunately progress on the data base * alignement/exchange issue has been lagging far behind behind our hopes * and needs for improvement, and I sure can appreciate some of the problems * standing in the way (including the courtesy not explain all the problems * in public). OK, here;s a small update. The database alignment is in a stage where the exchange format is finished, and first tests with incorporating each others information in exchange format has begun. This week we will start using the exchange format database that MERIT generates in the RIPE database, to replace the current information with source MERIT. The NIC has had a big file with all 193 nets and contact people a few weeks ago from the NCC to test the interaction tools they have written for their databases. We have not yet had any results from those tests. The procedure for aligning databases has not yet been established. We are not quite sure whether to do this incremental or just a full update. My guess is that this will be discussed at the SWIP BOF at the IETF next week. If people have problems that result from the fact that the different databases are not aligned we would like to hear from them, so we can take action. * Well, we hope that with the INTERNIC service contracts now in place Not yet. They start 1st of April. * t will get easier to establish a smooth data flow - and make it known to the * registries. Probably some folks will be discussing some of this somewhere * in Ohio in a weeks time... (unapproved, closed mini-BOF in the 1:00 to 3:3 * 0 AM * time after the social event? :-) Fine with me ;-) -Marten From rv at deins.informatik.uni-dortmund.de Mon Mar 22 11:21:10 1993 From: rv at deins.informatik.uni-dortmund.de (rv at deins.informatik.uni-dortmund.de) Date: Mon, 22 Mar 93 11:21:10 N Subject: Typos in assignments In-Reply-To: Your message of Mon, 22 Mar 93 10:53:35 +0100. <9303220953.AA12208@ncc.ripe.net> Message-ID: <9303221021.AA28425@deins.informatik.uni-dortmund.de> Marten, thanks for the status report. > The procedure for aligning databases has not yet been established. We are > not quite sure whether to do this incremental or just a full update. My > guess is that this will be discussed at the SWIP BOF at the IETF next week. > If people have problems that result from the fact that the different > databases are not aligned we would like to hear from them, so we can take > action. The one thing I would like to be able is to send a list of NIC handles, or person names, or network numbers and trigger DDN-NIC (or INTERNIC) to align to the current RIPE records (including reverse mapping servers if present in the records). If the lists specified at our end are carefully definied this would limit the danger of overwriting large parts of the target data base unexpectedly (which easily can happen with complete alignment - in presence of any number of typos in all data bases). So I think we could improve much by just starting to have some way of incremental update. > * Well, we hope that with the INTERNIC service contracts now in place > > Not yet. They start 1st of April. I think a major problem was uncertainty of potentially involved parties during the time that it was known that NSF would issue an RFP and the time the contracts were awarded... Sure not everybody is yet up to speed... Cheers, Ruediger Ruediger Volk Universitaet Dortmund, Informatik IRB DE-NIC Postfach 500 500 D-W-4600 Dortmund 50 Germany E-Mail: rv at Informatik.Uni-Dortmund.DE Phone: +49 231 755 4760 Fax: +49 231 755 2386 From bonito at nis.garr.it Tue Mar 23 18:56:07 1993 From: bonito at nis.garr.it (Antonio_Blasco Bonito) Date: Tue, 23 Mar 93 18:56:07 MET Subject: Blocks in 193.in-addr.arpa domain document In-Reply-To: <9303220849.AA11902@ncc.ripe.net>; from "Marten Terpstra" at Mar 22, 93 9:49 am Message-ID: <9303231756.AA08801@jolly.nis.garr.it> > > > Folks, > > Here's the updated document. I was planning on sending this out over the > weekend, but forgot the modem cable ;-( Anyway, let's see if we can get > agreement on this. Please note that the database specific things I do not > want to spend too much on, this should be done at the RIPE meeting. > > A few more days to comment. Want to start delegating blocks end of the week, > and during next week (although I will be at the IETF). Sorry, but I think the document is still missing some detail. Altough implicit I think it should clearly say that delegation can be done either for each single class-C net or for a 256-block. Unfortunately no delegation is possible for smaller blocks. > 8. The registration of the reverse zones for individual class C networks > will usually be done by the registry administering the class C block > this network has been assigned from. The registry will make the > necessary changes to the zone, and update the network objects in the > RIPE database for these networks, to reflect the correct "rev-srv" > fields. In case the RIPE NCC receives a request for the reverse zone of > an individual class C network out of a block that has been delegated, > the request will be forwarded to the zone contact for this reverse > block. OK, but it is not said how the RIPE-NCC should receive (in a network template?) a request for a network belonging to a block which has not been delegated to any local registry and what happens then. Suppose you get: inetnum: 193.204.64.0 - 193.204.67.0 rev-srv: rev-srv: But server1 and server2 only have data for 64.204.193.in-addr.arpa. because the remaining three nets in the block are not yet active. What will you do? > Above procedures are defined to ensure the necessary high availability for > the 193 reverse domains, and to minimize confusion. The NCC will ensure fast > repsonse times for addition requests, and will in principle update the > 193.in-addr.arpa domain at least once per working day. > > The NCC also suggests that similar procedures are set up for the delegation > of reverse zones from the registries to individual organisations. I think this sentence should be expanded/clarified: no block delegation is possible from a local registry to individual organization, only single networks are under a 256-block. > > Example domain object to request a block delegation > > domain: 202.193.in-addr.arpa > descr: Pan European Organisations class C block > admin-c: Daniel Karrenberg > tech-c: Marten Terpstra > zone-c: Marten Terpstra > nserver: ns.eu.net > nserver: sunic.sunet.se > nserver: ns.ripe.net > changed: marten at ripe.net 930319 > source: RIPE > ---------- ---------- Antonio_Blasco Bonito E-Mail: bonito at nis.garr.it GARR - Network Information Service c=it;a=garr;p=garr;o=nis;s=bonito c/o CNUCE - Istituto del CNR Tel: +39 (50) 593246 Via S. Maria, 36 Telex: 500371 CNUCE I 56126 PISA Italy Fax: +39 (50) 904052 ---------- ---------- From Marten.Terpstra at ripe.net Wed Mar 24 12:03:09 1993 From: Marten.Terpstra at ripe.net (Marten Terpstra) Date: Wed, 24 Mar 93 12:03:09 +0100 Subject: Blocks in 193.in-addr.arpa domain document In-Reply-To: Your message of Tue, 23 Mar 93 18:56:07 +0700. <9303231756.AA08801@jolly.nis.garr.it> Message-ID: <9303241103.AA18700@ncc.ripe.net> bonito at nis.garr.it (Antonio_Blasco Bonito) writes: * > * * Sorry, but I think the document is still missing some detail. * Altough implicit I think it should clearly say that delegation can be * done either for each single class-C net or for a 256-block. Unfortunately * no delegation is possible for smaller blocks. No need to be sorry, this is what comment periods are for ;-) I will only put in that this document deals with the 256 class C delegation. As you can make up from the title, this only deals with blocks delegations, not with single C delegations. We have to write a short document how we handle single class C delegations (probably just a description that we will use the rev-srv fields. * > 8. The registration of the reverse zones for individual class C networks * > will usually be done by the registry administering the class C block * > this network has been assigned from. The registry will make the * > necessary changes to the zone, and update the network objects in the * > RIPE database for these networks, to reflect the correct "rev-srv" * > fields. In case the RIPE NCC receives a request for the reverse zone of * > an individual class C network out of a block that has been delegated, * > the request will be forwarded to the zone contact for this reverse * > block. * OK, but it is not said how the RIPE-NCC should receive (in a network templat * e?) * a request for a network belonging to a block which has not been delegated to * any local registry and what happens then. * Suppose you get: * inetnum: 193.204.64.0 - 193.204.67.0 * * rev-srv: * rev-srv: * But server1 and server2 only have data for 64.204.193.in-addr.arpa. because * the remaining three nets in the block are not yet active. * What will you do? My gut feeling would be we add them anyway. If the nets are not yet active, there is probably no need to do reverse lookups anyway, so noone would notice. On the other hand this would clash with the constraint that we would like to see all servers working before we add them ... I think we can put some intelligence in the rev-srv field to DNS record generator to get around these things. Daniel ? * > Above procedures are defined to ensure the necessary high availability for * > the 193 reverse domains, and to minimize confusion. The NCC will ensure fa * st * > repsonse times for addition requests, and will in principle update the * > 193.in-addr.arpa domain at least once per working day. * > * > The NCC also suggests that similar procedures are set up for the delegatio * n * > of reverse zones from the registries to individual organisations. * I think this sentence should be expanded/clarified: no block delegation is * possible from a local registry to individual organization, only single * networks are under a 256-block. OK, has been changed to: The NCC also suggests that similar procedures are set up for the delegation of reverse zones for individual class C networks from the registries to individual organisations. From Daniel.Karrenberg at ripe.net Wed Mar 24 13:32:25 1993 From: Daniel.Karrenberg at ripe.net (Daniel Karrenberg) Date: Wed, 24 Mar 93 13:32:25 +0100 Subject: Blocks in 193.in-addr.arpa domain document In-Reply-To: Your message of Wed, 24 Mar 93 12:03:09 +0100. <9303241103.AA18700@ncc.ripe.net> Message-ID: <9303241232.AA18931@ncc.ripe.net> > Marten Terpstra writes: > * Suppose you get: > * inetnum: 193.204.64.0 - 193.204.67.0 > * > * rev-srv: > * rev-srv: > * But server1 and server2 only have data for 64.204.193.in-addr.arpa. beca > use > * the remaining three nets in the block are not yet active. > * What will you do? > > My gut feeling would be we add them anyway. If the nets are not yet active, > there is probably no need to do reverse lookups anyway, so noone would > notice. On the other hand this would clash with the constraint that we woul > d > like to see all servers working before we add them ... I think we can put > some intelligence in the rev-srv field to DNS record generator to get aroun > d > these things. Daniel ? We could but the standard answer of course is: Multiple networks can only be folded into one RIPE DB object if all their attributes are the same. So either the reverse servers are up, or there need to be two objects: 193.204.64 and 192.204.65 - 192.204.67. Daniel From Anne.Lord at ripe.net Wed Mar 24 16:32:35 1993 From: Anne.Lord at ripe.net (Anne Lord) Date: Wed, 24 Mar 93 16:32:35 +0100 Subject: ripe-83 IP template Message-ID: <9303241532.AA19583@ncc.ripe.net> Revised RIPE Document Announcement ---------------------------------- A revised document is now available from the RIPE document store. Ref: ripe-83 Title: European Internet Network Number Application Form Title: and Supporting Notes Author: Anne Lord, Daniel Karrenberg Date: 24 March 1993 Format: PS=59527 TXT=25163 bytes Obsoletes: ripe-48.txt Thanks to all those who commented on the recirculated "draft European IP tempate (eu.doc7). The comments were incorporated and the modified template has been put in the document store in directory: ripe/docs/ripe-docs/ripe-83.txt ripe/docs/ripe-docs/ripe-83.ps The new templates carry an expiry date of June 30th, 1993. The documents will require a small amount of editing to add your own local contact details. One thing to note is that the "Additional Hints" document is still being prepared. For this reason I have included the current "Additional Hints" with some explanatory text. This part of the template will be replaced before the expiry date is due. Regards, Anne From Marten.Terpstra at ripe.net Thu Mar 25 11:02:07 1993 From: Marten.Terpstra at ripe.net (Marten Terpstra) Date: Thu, 25 Mar 93 11:02:07 +0100 Subject: 193.in-addr.arpa procedures V1.3 Message-ID: <9303251002.AA22167@ncc.ripe.net> Folks, One last go. I think we folded in most of the comments from Blaso and others. We have included the procedures for single class C reverse zones, not via block zones. We are already doing our first trials with block delegations, all seems to work fine. Please let's get this document accepted and delegate these blocks. -Marten Guidelines for the delegation of zones in the 193.in-addr.arpa domain Marten Terpstra March 1993 V1.3 Introduction This document describes the procedures for the delegation of authority of zones in the 193.in-addr.arpa domain. As of March 16th 1993 the RIPE NCC has been delegated the authority for the 193.in-addr.arpa domain from the root. Due to the fact that in the 193.x.y address space blocks of 256 class C network numbers are further delegated to local registries , the possibility exists to also delegate the zone for these blocks in the 193.in-addr.arpa domain. This document describes some guidelines and procedures for this type of delegation and the delegation of reverse zones for individual class C networks in 193.x.y. A bit more explained With the assignment of class C network numbers following the CIDR (RFC 1338) model, in which large chunks of the address space are delegated to one region, and within that region blocks of class C network numbers are delegated to service providers and non-provider registries, some hierarchy in the address space is created, similar to the hierarchy in the domain name space. Due to this hierarchy the reverse Domain Name System mapping can also be delegated in a similar model as used for the normal Domain Name System. For instance, the RIPE NCC has been assigned the complete class C address space starting with 193. It is therefore possible to delegate the 193.in-addr.arpa domain completely to the RIPE NCC, instead of each and every reverse mapping in the 193.in-addr.arpa domain to be registered with the INTERNIC. This implies that all 193.in-addr.arpa resistrations will be done by the RIPE NCC. Even better, since service providers receive complete class C network blocks from the RIPE NCC, the RIPE NCC can delegate the reverse registrations for such complete blocks to these local registries. This implies that customers of these service providers no longer have to register their reverse domain mapping with the root, but the service provider have authority over that part of the reverse mapping. This decreases the workload on the INTERNIC and the RIPE NCC, and at the same time increase the service a provider can offer its customers by improve response times for reverse mapping changes . However there are some things that need to be examined a bit more closely to avoid confusion and inconsistencies. These issues are covered in the next section. Procedures for the delegation of direct subdomains of 193.in-addr.arpa 1. A secondary nameserver at ns.ripe.net is mandatory for all blocks of class C network numbers delegated in the 193.in-addr.arpa domain. 2. Because of the increasing importance of correct reverse address mapping, for all delegated blocks a good set of secondaries must be defined. There should be at least 2 nameservers for all blocks delegated, excluding the RIPE NCC secondary. 3. The delegation of a class C block in the 193.in-addr.arpa domain can be requested by sending in a domain object for the RIPE database to with all necessary contact and nameserver information. The RIPE NCC will then forward all current reverse zones inside this block to the registry, and after addition of these by the registry, the NCC will check the working of the reverse server. Once everything is setup properly, the NCC will delegate the block, and submit the database object for inclusion in the database. An example domain object can be found at the end of this document. 4. All reverse servers for blocks must be reachable from the whole of the Internet. In short, all servers must meet similar connectivity requirements as top-level domain servers. 5. Running the reverse server for class C blocks does not imply that one controls that part of the reverse domain, it only implies that one administers that part of the reverse domain. 6. Before adding individual nets, the administrator of a reverse domain must check wether all servers to be added for these nets are indeed setup properly. 7. There are some serious implications when a customer of a service provider that uses address space out of the service provider class C blocks, moves to another service provider. The previous service provider cannot force its ex-customer to change network addresses, and will have to continue to provide the appropriate delegation records for reverse mapping of these addresses, even though it they are no longer belonging to a customer. 8. The registration of the reverse zones for individual class C networks will usually be done by the registry administering the class C block this network has been assigned from. The registry will make the necessary changes to the zone, and update the network objects in the RIPE database for these networks, to reflect the correct "rev-srv" fields. In case the RIPE NCC receives a request for the reverse zone of an individual class C network out of a block that has been delegated, the request will be forwarded to the zone contact for this reverse block. Above procedures are defined to ensure the necessary high availability for the 193 reverse domains, and to minimize confusion. The NCC will ensure fast repsonse times for addition requests, and will in principle update the 193.in-addr.arpa domain at least once per working day. Example domain object to request a block delegation domain: 202.193.in-addr.arpa descr: Pan European Organisations class C block admin-c: Daniel Karrenberg tech-c: Marten Terpstra zone-c: Marten Terpstra nserver: ns.eu.net nserver: sunic.sunet.se nserver: ns.ripe.net changed: marten at ripe.net 930319 source: RIPE Procedures for the delegation of individual network zones The registration of the reverse zones for individual class C networks will usually be done by the registry administering the class C block this network has been assigned from. In case the zone corresponding to the class C block has not been delegated, the RIPE NCC will automatically add the reverse nameserver as specified in the "rev-srv" attribute of the RIPE database object for this network, using the following procedures: 1. Because of the increasing importance of correct reverse address mapping, for all delegated networks a good set of secondaries must be defined. There should be at least two nameservers for all networks delegated. 2. The "rev-srv" field should ONLY contain one fully qualified domain name of a nameserver which is authoritative for the reverse zone for this network. 3. At least two reverse servers must be reachable from the whole of the Internet. In short, these servers must meet similar connectivity requirements as top-level domain servers. 4. The checking and addition of the reverse zones for single networks is completely automated at the RIPE NCC. Although we do our best to check the setup of the nameservers, these does not receive the same level of scrutiny as nameservers for blocks of class C network numbers. It is the responsibility of the network contacts to ensure proper operation. 5. Any problems regarding the reverse zones in 193.in-addr.arpa should be directed to . The NCC also suggests that similar procedures are set up for the delegation of reverse zones for individual class C networks from the registries to individual organisations. From rv at deins.informatik.uni-dortmund.de Thu Mar 25 11:57:35 1993 From: rv at deins.informatik.uni-dortmund.de (rv at deins.informatik.uni-dortmund.de) Date: Thu, 25 Mar 93 11:57:35 N Subject: 193.in-addr.arpa procedures V1.3 In-Reply-To: Your message of Thu, 25 Mar 93 11:02:07 +0100. <9303251002.AA22167@ncc.ripe.net> Message-ID: <9303251057.AA29123@meins.informatik.uni-dortmund.de> Hi Marten, > One last go. I think we folded in most of the comments from Blaso and others. In general looks fine. There is one point where I ould make use of a bit more options. I have been working on how to use the data base to generate some parts of my name server configuration (and in particular preparing for this by inserting *rev-srv: fields in quite a number of records). > 2. The "rev-srv" field should ONLY contain one fully qualified domain > name of a nameserver which is authoritative for the reverse zone for > this network. I suggest to change the rule here slightly; I would find it useful to allow the single domain name to be followed by optional dotted-quad IP address(es) that can be used as glue. Sure, reverse mapping zones never should carry glue records - but the addresses are needed for generating named.boot on secondaries, and I see cases where I would like to have the address[es] from the data base. However please note, I'm saying "CAN be used" not "will/should/are"! Also I assume you are quietly implying (a) that the primary server will be listed first, or rather that secondaries configured automatically out of the data base will hook up to the first listed server as their source (b) that the database software will keep the relative order of fields with the same tag. Assumptions/assertions like these need to be made explicit. BTW the rules for "rev-srv:" and "nserver:" should be the same; however I think the proposed new rules for "nserver:" differ from documented rules - but IMHO make **much** more sense (for a long time I intended to suggest changing the rules in this direction). BTW, I will not be able to reformat my "segment" of the database according to the new rules before leaving for Columbus (though I'm quite well prepared for such tasks). Cheers, Ruediger Ruediger Volk Universitaet Dortmund, Informatik IRB DE-NIC Postfach 500 500 D-W-4600 Dortmund 50 Germany E-Mail: rv at Informatik.Uni-Dortmund.DE Phone: +49 231 755 4760 Fax: +49 231 755 2386 From Daniel.Karrenberg at ripe.net Thu Mar 25 14:47:38 1993 From: Daniel.Karrenberg at ripe.net (Daniel Karrenberg) Date: Thu, 25 Mar 93 14:47:38 +0100 Subject: RIPE NCC Funding Message-ID: <9303251347.AA22830@ncc.ripe.net> Thank you for your comments on the funding paper. They have been incorporated and the paper has now been released as document ripe-84 for approval by the 15th RIPE meeting. Once it has been approved, changes will be incorporated and the document released with a new document ID. Regards Daniel From Daniel.Karrenberg at ripe.net Thu Mar 25 14:44:58 1993 From: Daniel.Karrenberg at ripe.net (Daniel Karrenberg) Date: Thu, 25 Mar 93 14:44:58 +0100 Subject: New RIPE document announcement: ripe-84 "RIPE NCC Funding" Message-ID: <9303251344.AA22824@ncc.ripe.net> RIPE Document Announcement ---------------------------------- A new document is now available from the RIPE document store. Ref: ripe-84 Title: RIPE NCC Funding Author: Rob Blokzijl, Daniel Karrenberg Date: 25 March 1993 Format: PS=45393 TXT=18595 bytes Short content description ------------------------- The RIPE Network Coordination Centre supports all those RIPE activities which cannot be effectively performed by volunteers from the participating organisations. The RIPE NCC started operation in the second quarter of 1992 and currently has 3 permanent staff members. The RARE association provides the legal and financial framework for the NCC. Funding for the first year of operation of the NCC has been provided by EARN, the full national members of RARE, Israel and EUnet. These organisations have agreed to guarantee funding of NCC operation during the remaining three quarters of 1993. At the same time they have expressed that -while they guarantee continued funding- it is imperative that the remaining European Internet service providers start contributing to NCC funding as soon as possible. As all European Internet service providers benefit from NCC services, the costs should be shared appropriately. Because of this RIPE seeks to establish agreement about a funding model among European Internet service providers and other organisations interested in contributing. In this paper, an attempt is made to analyse the problem by categorising the services and user communities of the NCC, discuss some of the possible options, and to arrive at an agreed framework for RIPE NCC funding. FTP Access ---------- All RIPE documents and Internet RFC`s are available via anonymous FTP from host ftp.ripe.net. Type "ftp ftp.ripe.net". Login with username "anonymous" supplying your email address as the password. After logging in, type "cd ripe/docs/ripe-docs" followed by the command "get ". For example "get ripe-84.txt". Electronic Mail Retrieval of Documents -------------------------------------- Documents can also be retrieved from the RIPE document store using a mail server program. For more information on how to use the program, send email to: mail-server at ripe.net with "send HELP" in the body text. RIPE NCC Interactive Information Server --------------------------------------- Type "telnet host info.ripe.net". This is a menu driven service allows the document store to be browsed. After reading documents you are prompted as to whether you would like to receive an email copy of the document you have just read. If you would, you simply enter your email address and the document will be mailed to you. Below are details of alternative methods of access. Gopher Access ------------- The same documents are available via a "gopher" server at "gopher gopher.ripe.net". WAIS Access ----------- There is also a "WAIS" server at wais.ripe.net, where there is a WAIS index for RIPE documents "ripe-docs.src" WWW Access ---------- For those who wish to add this home page at the RIPE NCC to their own customized home pages, it can be accessed as: http://www.ripe.net./local/spool/www/default.html MIME Mail Reader ---------------- Below is the data which will enable a MIME compliant Mail Reader implementation to automatically retrieve the ASCII version of the RIPE document. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mail-server at ripe.net" Content-Type: text/plain SEND ripe-84.txt --OtherAccess Content-Type: Message/External-body; name="ripe-84.txt"; site="ftp.ripe.net"; access-type="anon-ftp"; directory="ripe-docs/docs" Content-Type: text/plain --OtherAccess-- --NextPart-- If you have any queries regarding any of the above, then please send email to ncc at ripe.net. From bonito at nis.garr.it Thu Mar 25 18:29:04 1993 From: bonito at nis.garr.it (Antonio_Blasco Bonito) Date: Thu, 25 Mar 93 18:29:04 MET Subject: 193.in-addr.arpa procedures V1.3 In-Reply-To: <9303251002.AA22167@ncc.ripe.net>; from "Marten Terpstra" at Mar 25, 93 11:02 am Message-ID: <9303251729.AA17389@jolly.nis.garr.it> > > > Folks, > > One last go. I think we folded in most of the comments from Blaso and others. > We have included the procedures for single class C reverse zones, not via > block zones. > > We are already doing our first trials with block delegations, all seems to > work fine. Please let's get this document accepted and delegate these blocks. Sorry for this late comment, but it has come now to my mind: I think it would be wise to include recommended values for SOA fields (refresh, retry, etc). This could save problems to ns.ripe.net when acting as secondary. Blasco From Daniel.Karrenberg at ripe.net Fri Mar 26 09:42:39 1993 From: Daniel.Karrenberg at ripe.net (Daniel Karrenberg) Date: Fri, 26 Mar 93 09:42:39 +0100 Subject: RFC1400 on Transition of Registration Services In-Reply-To: Your message of Thu, 25 Mar 93 13:24:26 PST. <199303252124.AA16212@zephyr.isi.edu> Message-ID: <9303260842.AA25135@ncc.ripe.net> Scott, Jon, I am extremely concerned that RFC1400, titled Transition and Modernization of the Internet Registration Service has been written and published without any reference to the European part of the Internet Registration Service. This will cause unnecessary confusion among European users and result in more rather than less mis-directed registration requests. I suggest that a revised version describing the distributed nature of the Internet Registration Service and clearly directing European users to the RIPE NCC be published within days rather than weeks. I will have to leave for Columbus shortly. I wil suggest some changes to you there and like to discuss this with both of you. Daniel From Marten.Terpstra at ripe.net Fri Mar 26 14:30:58 1993 From: Marten.Terpstra at ripe.net (Marten Terpstra) Date: Fri, 26 Mar 93 14:30:58 +0100 Subject: 193.in-addr.arpa procedures V1.3 In-Reply-To: Your message of Thu, 25 Mar 93 18:29:04 +0700. <9303251729.AA17389@jolly.nis.garr.it> Message-ID: <9303261330.AA26493@ncc.ripe.net> bonito at nis.garr.it (Antonio_Blasco Bonito) writes: * > * > * > Folks, * > * > One last go. I think we folded in most of the comments from Blaso and othe * rs. * > We have included the procedures for single class C reverse zones, not via * > block zones. * > * > We are already doing our first trials with block delegations, all seems to * > work fine. Please let's get this document accepted and delegate these bloc * ks. * * Sorry for this late comment, but it has come now to my mind: * I think it would be wise to include recommended values for SOA fields * (refresh, retry, etc). This could save problems to ns.ripe.net * when acting as secondary. What do you think recommended values are ? I know have for everything in 193.in-addr.arpa: @ IN SOA ns.ripe.net. hostmaster.ripe.net. ( 1.20 ; Serial 14400 ; Refresh 4 hours 3600 ; Retry 1 hours 604800 ; Expire 7 days 518400 ; TTL 6 days ) which in my view is reasonable, since these things (just delegations) do not change too often. For the actual class C zones, we have for 45.87.192.in-addr.arpa (RIPE NCC net): @ IN SOA ns.ripe.net. hostmaster.ripe.net. ( 1.4 ; Serial 28800 ; Refresh 8 hours 7200 ; Retry 2 hours 604800 ; Expire 7 days 86400 ; Minimum 1 day ) Are these fine to be recommended ? -Marten From scottw at internic.net Fri Mar 26 15:39:07 1993 From: scottw at internic.net (Scott Williamson) Date: Fri, 26 Mar 93 9:39:07 EST Subject: RFC1400 on Transition of Registration Services In-Reply-To: <9303260842.AA25135@ncc.ripe.net>; from "Daniel Karrenberg" at Mar 26, 93 9:42 am Message-ID: <9303261439.AA16109@internic.net> Daniel, When I brief the InterNIC Registration Services I alway reference delegated registries. The RIPE NCC is the example that I give of one that is correctly operated. Somehow when writing this RFC I got caught-up in the operation of our facility and unintentionally failed to say anything about the RIPE NCC. I feel you are correct about the potential for mis-directed request. I will work with you either to add to RFC1400 or document the delegation of services to the RIPE NCC. I plan to be at the IETF most of the week. Scott > > Scott, Jon, > > I am extremely concerned that RFC1400, titled > > Transition and Modernization > of the Internet Registration Service > > has been written and published without any reference to the > European part of the Internet Registration Service. This will > cause unnecessary confusion among European users and result in > more rather than less mis-directed registration requests. > > I suggest that a revised version describing the distributed nature > of the Internet Registration Service and clearly directing European > users to the RIPE NCC be published within days rather than weeks. > I will have to leave for Columbus shortly. I wil suggest some changes > to you there and like to discuss this with both of you. > > Daniel > From postel at ISI.EDU Fri Mar 26 17:00:49 1993 From: postel at ISI.EDU (Jon Postel) Date: Fri, 26 Mar 1993 08:00:49 -0800 Subject: RFC1400 on Transition of Registration Services Message-ID: <199303261600.AA03887@zephyr.isi.edu> Daniel: Hmm. I read the memo as describing a transition from DDN-NIC to the Internic registration service. I didn't assume that that implied any change to existing delegations, but then maybe i know too much to see how the uninitiated would interpret it. In any case, we can certainly have another memo to clarify the delegation aspect of things. --jon. From Daniel.Karrenberg at ripe.net Fri Mar 26 17:29:43 1993 From: Daniel.Karrenberg at ripe.net (Daniel Karrenberg) Date: Fri, 26 Mar 93 17:29:43 +0100 Subject: RFC1400 on Transition of Registration Services In-Reply-To: Your message of Fri, 26 Mar 93 08:00:49 PST. <199303261600.AA03887@zephyr.isi.edu> Message-ID: <9303261629.AA27083@ncc.ripe.net> > postel at ISI.EDU (Jon Postel) writes: > > > Daniel: > > Hmm. I read the memo as describing a transition from DDN-NIC to the > Internic registration service. I didn't assume that that implied any > change to existing delegations, but then maybe i know too much to see > how the uninitiated would interpret it. The problem is that the uninitiated reading just that memo will infer that there is only one registry and consequently that they have to go there. > In any case, we can certainly have another memo to clarify the delegation > aspect of things. I'm afraid that won't be sufficient unless that other memo is at least clearly referenced in 1400. Daniel From jkrey at ISI.EDU Fri Mar 26 22:35:58 1993 From: jkrey at ISI.EDU (Joyce Reynolds) Date: Fri, 26 Mar 1993 13:35:58 -0800 Subject: RFC1400 on Transition of Registration Services Message-ID: <199303262135.AA14658@zephyr.isi.edu> Folks, What we need to do is to write a memo on the entire delegation function, including the IANA, IR, DDN NIC, RIPE NCC, InterNICs, the APNIC, etc...PLUS any other delegations we need to include. Joyce From bonito at nis.garr.it Mon Mar 29 15:41:44 1993 From: bonito at nis.garr.it (Antonio_Blasco Bonito) Date: Mon, 29 Mar 93 15:41:44 MET DST Subject: 193.in-addr.arpa procedures V1.3 In-Reply-To: <9303261330.AA26493@ncc.ripe.net>; from "Marten Terpstra" at Mar 26, 93 2:30 pm Message-ID: <9303291341.AA25803@jolly.nis.garr.it> > > > bonito at nis.garr.it (Antonio_Blasco Bonito) writes: > * > > * > > * > Folks, > * > > * > One last go. I think we folded in most of the comments from Blaso and othe > * rs. > * > We have included the procedures for single class C reverse zones, not via > * > block zones. > * > > * > We are already doing our first trials with block delegations, all seems to > * > work fine. Please let's get this document accepted and delegate these bloc > * ks. > * > * Sorry for this late comment, but it has come now to my mind: > * I think it would be wise to include recommended values for SOA fields > * (refresh, retry, etc). This could save problems to ns.ripe.net > * when acting as secondary. > > What do you think recommended values are ? I know have for everything in > 193.in-addr.arpa: > > @ IN SOA ns.ripe.net. hostmaster.ripe.net. > ( > 1.20 ; Serial > 14400 ; Refresh 4 hours > 3600 ; Retry 1 hours > 604800 ; Expire 7 days > 518400 ; TTL 6 days > ) > > which in my view is reasonable, since these things (just delegations) do not > change too often. For the actual class C zones, we have for > 45.87.192.in-addr.arpa (RIPE NCC net): > > @ IN SOA ns.ripe.net. hostmaster.ripe.net. > ( > 1.4 ; Serial > 28800 ; Refresh 8 hours > 7200 ; Retry 2 hours > 604800 ; Expire 7 days > 86400 ; Minimum 1 day > ) > > Are these fine to be recommended ? > > -Marten > I think the following could be reasonable values and rules to recommended. Refresh and retry have a direct impact on how much ns.ripe.net will have to do when acting as secondary for delegated 256-Cblocks. Maybe Piet Berteema has something more to say on this subject. ( yymmddv ; Serial 28800 ; Refresh 8 hours 3600 ; Retry 1 hour 604800 ; Expire 7 days 172800 ; Default TTL 2 days ) where yyddmmv is the recommended way to hold the update serial number with yy being the two-digit year number (to become four-digits on year 2000) mm being the two-digit month number dd being the two-digit day number v being a one digit serial number ---------- ---------- Antonio_Blasco Bonito E-Mail: bonito at nis.garr.it GARR - Network Information Service c=it;a=garr;p=garr;o=nis;s=bonito c/o CNUCE - Istituto del CNR Tel: +39 (50) 593246 Via S. Maria, 36 Telex: 500371 CNUCE I 56126 PISA Italy Fax: +39 (50) 904052 ---------- ---------- From Piet.Beertema at cwi.nl Mon Mar 29 16:11:55 1993 From: Piet.Beertema at cwi.nl (Piet Beertema) Date: Mon, 29 Mar 1993 16:11:55 +0200 Subject: 193.in-addr.arpa procedures V1.3 In-Reply-To: Your message of Mon, 29 Mar 93 15:41:44 MET DST . <9303291341.AA25803@jolly.nis.garr.it> Message-ID: <9303291411.AA00571=piet@kraai.cwi.nl> > What do you think recommended values are ? I know have for everything > in 193.in-addr.arpa: > > @ IN SOA ns.ripe.net. hostmaster.ripe.net. > ( > 1.20 ; Serial > 14400 ; Refresh 4 hours > 3600 ; Retry 1 hours > 604800 ; Expire 7 days > 518400 ; TTL 6 days > ) > > which in my view is reasonable, since these things (just delegations) > do not change too often. For the actual class C zones, we have for > 45.87.192.in-addr.arpa (RIPE NCC net): > > @ IN SOA ns.ripe.net. hostmaster.ripe.net. > ( > 1.4 ; Serial > 28800 ; Refresh 8 hours > 7200 ; Retry 2 hours > 604800 ; Expire 7 days > 86400 ; Minimum 1 day > ) > > Are these fine to be recommended ? > > -Marten > I think the following could be reasonable values and rules to recommended. Refresh and retry have a direct impact on how much ns.ripe.net will have to do when acting as secondary for delegated 256-Cblocks. Maybe Piet Berteema has something more to say on this subject. For the real name of the sender see the From: line... ;-) ( yymmddv ; Serial 28800 ; Refresh 8 hours 3600 ; Retry 1 hour 604800 ; Expire 7 days 172800 ; Default TTL 2 days ) where yyddmmv is the recommended way to hold the update serial number - Serial: I can't recommend a specific format for the Serial, since what people choose for it depends amongst other things on the means they use to maintain the zone file. As long as: - the Serial is incremented with each change, - the Serial doesn't become too large (after conversion to an integer when maintained in dotted decimal notation) so it becomes negative on queries and on secondaries, it's all fine with me. - Refresh: 8 hours is fine with me; for 193.in-addr.arpa itself 1 day would even be enough. - Retry: could be 2 hours, to be brought down in case of lousy connectivity, but I'd say not less than 30 mins. - Expire: 7 days is fine, but for 193.in-addr.arpa I'd suggest to raise it to 30 days. - Default TTL: depends on how frequent the expected changes are; anywhere between 1 day ("subdomain") and 7 days (193.in-addr) should be fine. Piet