From colitti at dia.uniroma3.it Tue Mar 1 19:52:42 2005 From: colitti at dia.uniroma3.it (Lorenzo Colitti) Date: Tue, 01 Mar 2005 19:52:42 +0100 Subject: [ris-int] [Fwd: Heads up: Long AS-sets announced in the next few days] Message-ID: <4224B9FA.4040700@dia.uniroma3.it> FYI: Here is a copy of the announcement I sent out to NANOG, the routing-wg, and ris-users warning them of impending long AS-sets. After discussion we felt that it was best to proceed with a little more caution. :-) Cheers, Lorenzo -------- Original Message -------- Subject: Heads up: Long AS-sets announced in the next few days Date: Tue, 01 Mar 2005 19:49:50 +0100 From: Lorenzo Colitti To: nanog at merit.edu, routing-wg at ripe.net, ris-users at ripe.net Hi, as announced to the RIPE routing working group mailing list [1] and elsewhere, over the next few days the Computer Networks research group at Roma Tre University, in collaboration with the RIPE NCC RIS project, will be performing experiments involving announcements with large AS-sets in the AS-path. We are doing this to test innovative network discovery methodologies we developed to allow ISPs to determine how their prefixes are seen by the rest of the Internet. The announcements will be for prefixes 84.205.73.0/24 and 84.205.89.0/24 and will originate in AS12654. We have been performing similar experiments over IPv6, in collaboration with the NAMEX internet exchange, since December 2004 with no ill effects; furthermore, our announcements are standard BGP, so conformant implementations should be able to process them, and very long AS-sets have already been observed in the past (e.g. [2], [3]). However, we want to be careful to avoid router bugs on legacy devices, old firmware versions and the like, so we are first sending out test announcements with progressively longer AS-sets. Should you encounter a problem with these advertisements, please let us know and we will withdraw them. The proposed timetable of the test announcements is as follows. 2005-03-04: 14:00 UTC: 10-element AS-set 14:30 UTC: withdrawal 16:00 UTC: 25-element AS-set 16:30 UTC: withdrawal and, if there are no problems: 2005-03-07: 14:00 UTC: 50-element AS-set 14:30 UTC: withdrawal 16:00 UTC: 100-element AS-set 16:30 UTC: withdrawal Note: For reference, the AS-sets already observed in [2] and [3] contained 123 and 124 ASes respectively. For questions/comments, please contact compunet at dia.uniroma3.it or lorenzo at ripe.net. Regards, Lorenzo Colitti On behalf of the Roma Tre Computer Networks Research group [1] http://www.ripe.net/ripe/maillists/archives/routing-wg/2005/msg00021.html [2] http://www.ripe.net/projects/ris/Talks/0101_RIPE38_AA/sld003.html [3] http://www.ripe.net/maillists/ncc-archives/ris-users/2002/msg00044.html -- --------------------------------------------------------- Lorenzo Colitti Ph.D student Computer Networks research group Roma Tre University colitti at dia.uniroma3.it +39-0655173215 --------------------------------------------------------- From sw-bugs at ripe.net Thu Mar 3 13:47:16 2005 From: sw-bugs at ripe.net (RIPE SW Bugs) Date: Thu, 03 Mar 2005 13:47:16 +0100 Subject: [ris-int] Re: NCC#2005024029 query parameters missing from RIS cgi URLs In-Reply-To: <200502231710.j1NHAaet011339@birch.ripe.net>; from Rene Wilhelm on Wed, 23 Feb 2005 18:10:36 +0100 References: <200502231710.j1NHAaet011339@birch.ripe.net> Message-ID: <200503031247.j23ClGE9004064@x12.ripe.net> Hi Rene, I made those changes you asked for including RISwhois and Cookie check. Please have a look and let me know if you would have any comments. Arife Link for URL with args, cookie check and On Wed, 23 Feb 2005 18:10:36 +0100, Rene Wilhelm wrote: > Hi, > > The new CGIs on www.ris.ripe.net have one important thing missing: > they do not support entering parameters via the URL and they do > not report the entered parameters either. > > For example, something like > > http://www.ris.ripe.net/perl-risapp/risearch.html?net=192.228.79.201&preftype=lspec&action=Search&startDay=20050222&startHour=13&startMin=00&startSec=00&endDay=20050222&endHour=16&endMin=30&endSec=00&rrcb=all&peer=all&type=%25&sortby=stime&outype=html&.cgifields=type > > no longer works, it just comes back with the default form. > > This makes it impossible to discuss RIS results via e-mail, something we > will need and have used in the past when reporting on routing incidents > (e.g. triggered by users' request to explain DNSMon or TTM observations). > In the absence of URLs with query params, it is also difficult for network > engineers to share RIS observations with their colleagues. > > So, could you have a look and fix the CGIs? might be as trivial as > adding a method="get" to the html code. > > Thanks, > > -- Rene > > P.S. and while you're at it, you might want to run your pages through > the validator at http://validator.w3.org/ Currently, risearch.html > is not valid XHTML 1.0 Transitional. From wilhelm at ripe.net Thu Mar 3 15:39:43 2005 From: wilhelm at ripe.net (Rene Wilhelm) Date: Thu, 03 Mar 2005 15:39:43 +0100 Subject: [ris-int] Re: NCC#2005024029 query parameters missing from RIS cgi URLs In-Reply-To: Message from RIPE SW Bugs of "Thu, 03 Mar 2005 13:47:16 +0100." <200503031247.j23ClGE9004064@x12.ripe.net> Message-ID: <200503031439.j23Edhet032250@birch.ripe.net> Hi Arife, > I made those changes you asked for including RISwhois and Cookie check. > Please have a look and let me know if you would have any comments. The results in the case blocked cookies is short and to the point. perhaps the standard header and footer should be added to the page, but the message itself is clear, no confusion possible. The links to IPv6 RIS DB queries from RISwhois work like a charm, even when cookies were still blocked :-) As for the referencing URL, that's still a bit problematic. The risearch-result page includes the line "Copy the link ..." and when you point the mouse to it, you see first part of the URL in the bottom of netscape's window, but when you click on it, the query gets executed and you again get a risearch-result page. Persistent users can find the URL by checking the source of the page (so a big improvement already!), but perhaps it's a bit more user friendly if the "copy the link" part would take you to a page which lists the /risearch.do URL instead of executing it? -- Rene P.S. Don't forget to announce the new CGIs when you're finished; Some folk out there will be happy to see IPv6 queries to the RIS DB are now possible! From arife at ripe.net Thu Mar 3 16:19:42 2005 From: arife at ripe.net (Arife Vural) Date: Thu, 3 Mar 2005 16:19:42 +0100 Subject: [ris-int] Re: NCC#2005024029 query parameters missing from RIS cgi URLs In-Reply-To: <200503031439.j23Edhet032250@birch.ripe.net> References: <200503031247.j23ClGE9004064@x12.ripe.net> <200503031439.j23Edhet032250@birch.ripe.net> Message-ID: <20050303151942.GH26848@ripe.net> > > The results in the case blocked cookies is short and to the point. > perhaps the standard header and footer should be added to the page, > but the message itself is clear, no confusion possible. > > The links to IPv6 RIS DB queries from RISwhois work like a charm, Good to hear that :-) > even when cookies were still blocked :-) > Hm, I'm using another module WWW::Mechanize to run risearch for riswhois. It looks it's doing something strange. > As for the referencing URL, that's still a bit problematic. > > The risearch-result page includes the line "Copy the link ..." > and when you point the mouse to it, you see first part of the URL > in the bottom of netscape's window, but when you click on it, > the query gets executed and you again get a risearch-result page. > > Persistent users can find the URL by checking the source of the > page (so a big improvement already!), but perhaps it's a bit more > user friendly if the "copy the link" part would take you to a > page which lists the /risearch.do URL instead of executing it? With Firefox it looks ok, gives all the URL at the bottom. I thought it would be more convenient for user just click left mouse button, and copy the link if they like to get the URL. > P.S. Don't forget to announce the new CGIs when you're finished; > Some folk out there will be happy to see IPv6 queries > to the RIS DB are now possible! Sure, first like to finalize the things you asked. Probably, next week I will send it out. Arife From wilhelm at ripe.net Thu Mar 3 16:41:47 2005 From: wilhelm at ripe.net (Rene Wilhelm) Date: Thu, 03 Mar 2005 16:41:47 +0100 Subject: [ris-int] Re: NCC#2005024029 query parameters missing from RIS cgi URLs In-Reply-To: Message from Arife Vural of "Thu, 03 Mar 2005 16:19:42 +0100." <20050303151942.GH26848@ripe.net> Message-ID: <200503031541.j23Fflet025943@birch.ripe.net> >> The links to IPv6 RIS DB queries from RISwhois work like a charm, >> even when cookies were still blocked :-) >> > Hm, I'm using another module WWW::Mechanize to run risearch for > riswhois. It looks it's doing something strange. isn't it that in the case of riswhois, the query is done by halfweg, so no need to set a cookie in user's browser? >> The risearch-result page includes the line "Copy the link ..." >> and when you point the mouse to it, you see first part of the URL >> in the bottom of netscape's window, but when you click on it, >> the query gets executed and you again get a risearch-result page. > With Firefox it looks ok, gives all the URL at the bottom. I thought > it would be more convenient for user just click left mouse button, > and copy the link if they like to get the URL. but _how_ do you copy the link from the bottom? the left mouse button just takes me to a new risearch-result.html page. Am I overlooking something? -- Rene From arife at ripe.net Thu Mar 3 16:48:34 2005 From: arife at ripe.net (Arife Vural) Date: Thu, 3 Mar 2005 16:48:34 +0100 Subject: [ris-int] Re: NCC#2005024029 query parameters missing from RIS cgi URLs In-Reply-To: <200503031541.j23Fflet025943@birch.ripe.net> References: <20050303151942.GH26848@ripe.net> <200503031541.j23Fflet025943@birch.ripe.net> Message-ID: <20050303154834.GI26848@ripe.net> > > With Firefox it looks ok, gives all the URL at the bottom. I thought > > it would be more convenient for user just click left mouse button, > > and copy the link if they like to get the URL. > > but _how_ do you copy the link from the bottom? the left mouse button > just takes me to a new risearch-result.html page. Am I overlooking something? I do not know how to copy from the bottom of the page, I do not think there is a way to do .. I was talking to go "Copy the link" and click "the link" with left button and choose "Copy link location" option and copy the URL. Arife From wilhelm at ripe.net Thu Mar 3 16:58:21 2005 From: wilhelm at ripe.net (Rene Wilhelm) Date: Thu, 03 Mar 2005 16:58:21 +0100 Subject: [ris-int] Re: NCC#2005024029 query parameters missing from RIS cgi URLs In-Reply-To: Message from Arife Vural of "Thu, 03 Mar 2005 16:48:34 +0100." <20050303154834.GI26848@ripe.net> Message-ID: <200503031558.j23FwLet031930@birch.ripe.net> >> but _how_ do you copy the link from the bottom? the left mouse button >> just takes me to a new risearch-result.html page. Am I overlooking something? > I do not know how to copy from the bottom of the page, I do not think > here is a way to do .. > was talking to go "Copy the link" and click "the link" with left button > and choose "Copy link location" option and copy the URL. ah, but that's the *right* button for me! :) indeed, a good and easy way to get the URL, but perhaps a few extra words that the copy should be done via browser's popup menu? -- Rene From arife at ripe.net Thu Mar 3 17:05:53 2005 From: arife at ripe.net (Arife Vural) Date: Thu, 3 Mar 2005 17:05:53 +0100 Subject: [ris-int] Re: NCC#2005024029 query parameters missing from RIS cgi URLs In-Reply-To: <200503031558.j23FwLet031930@birch.ripe.net> References: <20050303154834.GI26848@ripe.net> <200503031558.j23FwLet031930@birch.ripe.net> Message-ID: <20050303160552.GJ26848@ripe.net> > > was talking to go "Copy the link" and click "the link" with left button > > and choose "Copy link location" option and copy the URL. > > ah, but that's the *right* button for me! :) :-) > indeed, a good and easy way to get the URL, but perhaps a few extra words > that the copy should be done via browser's popup menu? I have not introduced pop-up menus for the RIS, by now. I prefer to leave it like that, later if we will get any feedback or questions about it, then we could add pop up or more explanation either help pages or the form itself. Arife From wilhelm at ripe.net Thu Mar 3 17:20:00 2005 From: wilhelm at ripe.net (Rene Wilhelm) Date: Thu, 03 Mar 2005 17:20:00 +0100 Subject: [ris-int] Re: NCC#2005024029 query parameters missing from RIS cgi URLs In-Reply-To: Message from Arife Vural of "Thu, 03 Mar 2005 17:05:53 +0100." <20050303160552.GJ26848@ripe.net> Message-ID: <200503031620.j23GK0et007407@birch.ripe.net> > > indeed, a good and easy way to get the URL, but perhaps a few extra words > > that the copy should be done via browser's popup menu? > I have not introduced pop-up menus for the RIS, by now. I prefer to > leave it like that, later if we will get any feedback or questions > about it, then we could add pop up or more explanation either help > pages or the form itself. no, no, I was not talking about pop ups done by RIS website; only about the menu that appears when right clicking on a URL, the one where you can choose "copy link location". I thought of mentioning something like "copy ... using right mouse button" But then again, this is only my view; now that I know how to copy, it's fine with me. Maybe other users don't have problems and are already experienced in copying URLs this way? -- Rene From lorenzo at ripe.net Fri Mar 4 00:55:09 2005 From: lorenzo at ripe.net (Lorenzo Colitti) Date: Fri, 04 Mar 2005 00:55:09 +0100 Subject: [ris-int] Re: URGENT Re: Heads up: Long AS-sets announced in the next few days In-Reply-To: <20050303095907.GD564@guest182.ripe.net> References: <4224B94E.7040404@ripe.net> <1109823128.2665.25.camel@je.nets.com> <6.2.0.14.2.20050303073423.02be3de8@localhost> <4226D931.5070900@ripe.net> <20050303095907.GD564@guest182.ripe.net> Message-ID: <4227A3DD.7050906@ripe.net> [ris in CC field changed to ris-int to avoid replies being ticketized. Also CCing my co-authors in Rome] Daniel Karrenberg wrote: > If there is resistance like that, even uninformed resistance, we > cannot push things like this. I agree. Obviously the NCC is the least appropriate entity to push anything in the face of the community, since its charter is to do what the community wants it to do. And since it will be AS12654 doing the announcements, the buck stops here. I do think that Henk's message lacked finesse though. This is not me being overenthusiastic, this is a serious research project from a group with a proven record in the field of network discovery and a history of providing useful services to the community. Of course you can debate whether it is a good idea or not; every new technique has its fair share of detractors. And we wouldn't have gone ahead with the experiments in the face of such resistance either. But writing this off with a simple "On this occasion, he became a bit overenthusiastic though" is a little demeaning of the group's work. Anyway, with that behind us: > I beleive you should compose a very well drafted message explaining exactly > > - what we are proposing to do > - what effects we expect > - why the effects people are concerned about will not occur > > and ask for comments. This message should be OKed by Henk and maybe it > would be good to have it signed by both Henk and Lorenzo. We should do > this relatively quickly but without loosing the "well drafted". I would be happy to do this if you think it stands a chance. The issue I fear is that people in favour or neutral to these experiments won't reply to the thread and only a (possibly small number of) more conservative and/or uninformed people will be quick to criticize and opt-out. How much detail do you think we need? Do you think that to convince people we need to describe all our algorithms (some of which we haven't even fully developed yet), or do you think a more general description would be enough? Of course we would still provide much more detail on the principles we want to use and how we are trying to accomplish it. Cheers, Lorenzo From henk at ripe.net Fri Mar 4 07:41:12 2005 From: henk at ripe.net (Henk Uijterwaal) Date: Fri, 04 Mar 2005 07:41:12 +0100 Subject: [ris-int] Re: URGENT Re: Heads up: Long AS-sets announced in the next few days In-Reply-To: <4227A3DD.7050906@ripe.net> References: <4224B94E.7040404@ripe.net> <1109823128.2665.25.camel@je.nets.com> <6.2.0.14.2.20050303073423.02be3de8@localhost> <4226D931.5070900@ripe.net> <20050303095907.GD564@guest182.ripe.net> <4227A3DD.7050906@ripe.net> Message-ID: <6.2.0.14.2.20050304073314.02c3c610@localhost> At 00:55 04/03/2005, Lorenzo Colitti wrote: > But writing this off with a simple "On this occasion, he became a bit > overenthusiastic though" is a little demeaning of the group's work. It was not intended as such, this is indeed serious research by people who know what they are doing. Where you became overenthousiastic was when you wanted to experiment with other people's resources without their explicit approval. >The issue I fear is that people in favour or neutral to these experiments >won't reply to the thread and only a (possibly small number of) more >conservative and/or uninformed people will be quick to criticize and opt-out. That's why I suggested opt-out rather than opt-in. We tell people what we want to do and why it won't have any negative effects. If somebody is still not convinced, he can opt-out. The people neutral or in favour do not have to do anything. Henk ------------------------------------------------------------------------------ Henk Uijterwaal Email: henk.uijterwaal(at)ripe.net RIPE Network Coordination Centre http://www.amsterdamned.org/~henk P.O.Box 10096 Singel 258 Phone: +31.20.5354414 1001 EB Amsterdam 1016 AB Amsterdam Fax: +31.20.5354445 The Netherlands The Netherlands Mobile: +31.6.55861746 ------------------------------------------------------------------------------ Look here junior, don't you be so happy. And for Heaven's sake, don't you be so sad. (Tom Verlaine) From daniel.karrenberg at ripe.net Fri Mar 4 09:53:25 2005 From: daniel.karrenberg at ripe.net (Daniel Karrenberg) Date: Fri, 4 Mar 2005 09:53:25 +0100 Subject: [ris-int] Re: URGENT Re: Heads up: Long AS-sets announced in the next few days In-Reply-To: <4227A3DD.7050906@ripe.net> References: <4224B94E.7040404@ripe.net> <1109823128.2665.25.camel@je.nets.com> <6.2.0.14.2.20050303073423.02be3de8@localhost> <4226D931.5070900@ripe.net> <20050303095907.GD564@guest182.ripe.net> <4227A3DD.7050906@ripe.net> Message-ID: <20050304085325.GW564@guest182.ripe.net> On 04.03 00:55, Lorenzo Colitti wrote: > ... > I do think that Henk's message lacked finesse though. To the contrary; I consider it very appropriate and well formulated. > >I beleive you should compose a very well drafted message explaining exactly > > > > - what we are proposing to do > > - what effects we expect > > - why the effects people are concerned about will not occur > > > >and ask for comments. This message should be OKed by Henk and maybe it > >would be good to have it signed by both Henk and Lorenzo. We should do > >this relatively quickly but without loosing the "well drafted". > > I would be happy to do this if you think it stands a chance. > > The issue I fear is that people in favour or neutral to these > experiments won't reply to the thread and only a (possibly small number > of) more conservative and/or uninformed people will be quick to > criticize and opt-out. At the moment the nay-sayers have it clearly because we proposed to use their resources without their consent. > How much detail do you think we need? Do you think that to convince > people we need to describe all our algorithms (some of which we haven't > even fully developed yet), or do you think a more general description > would be enough? Exactly what I wrote: """""" - general description of the routes announced - prefixes - as paths / as sets - what do we expect to see in general terms - routing table effects - forwarding table effects - do they matter with these prefixes ? no! - concerns we have heared - c1; why it is not an issue - c2; why it is not an issue - ... Are there any other concerns? """""""" > Of course we would still provide much more detail on the principles we > want to use and how we are trying to accomplish it. That's optional but some of it may help to convince people. Daniel From gdb at dia.uniroma3.it Fri Mar 4 18:47:36 2005 From: gdb at dia.uniroma3.it (Giuseppe Di Battista) Date: Fri, 04 Mar 2005 18:47:36 +0100 Subject: [ris-int] experiments on AS-sets cancelled Message-ID: <42289F38.7090308@dia.uniroma3.it> Dear all, I am sending this e-mail with the purpose of stating the position of the Computer Networks Research Group (in the following CNRG) at Roma Tre University about the AS-SET experiments. This mail covers only organization issues and is not on technical stuff. We shall address technical problems in a separate e-mail in the next few days. Until now, the relationship between RIS and CNRG has been maintained by Lorenzo. We have complete confidence in Lorenzo and he will continue to be the interface between our two groups. This e-mail does not intend to bypass him. 1. A group of researchers at CNRG, including Lorenzo, has developed new techniques for network discovery, at BGP level. Several experiments have already been done in the labs and in the ipv6 network. 2. We were interested in carrying on experiments on the ipv4 network. 3. Lorenzo discussed the issue with people at RIS. There was an agreement to use 84.205.73.0/24 and 84.205.89.0/24, originated in AS12654, for the experiments. 4. Around Feb 20 Lorenzo prepared an e-mail to be sent to a couple of mailing lists announcing the experiments. The e-mail was explicitely approved by, at least, Henk, Arife, Shane. 5. The e-mail was sent on Feb 25 to a large audience. There were a few reactions. 6. We scheduled the experiments for Feb 28- Mar 1. 7. Since we knew that the experiments could have been perceived with some suspect from the network operators, we decided to be more cautious than the RIS itself. Hence, we asked further advice by calling people at RIS on Feb 28. The answer was essentially: "people shouldn't get upset". Also, we decided to post an even more explicit message on the nanog mailing list. 8. There were many reactions, most negative. 9. Henk decided to stop the experiments. I fully agree with the decision. I do not agree with the contents of the e-mail that was sent at nanog. In my opinion the e-mail put in a bad light Lorenzo, CNRG, and RIS: - Lorenzo was presented as an "overenthusiastic student" that behaves irresponsibly. This is clearly not true (see above). - CNRG and RIS are presented as a light-heart organizations that put extremely important issues in the hands of a student without control. I also disagree on the method. Since Lorenzo was in charge of announcing the experiments, he was the one to announce their cancellation. Sincerely, Pino From henk at ripe.net Sat Mar 5 21:52:37 2005 From: henk at ripe.net (Henk Uijterwaal) Date: Sat, 05 Mar 2005 21:52:37 +0100 Subject: [ris-int] experiments on AS-sets cancelled In-Reply-To: <42289F38.7090308@dia.uniroma3.it> References: <42289F38.7090308@dia.uniroma3.it> Message-ID: <6.2.0.14.2.20050305212551.02c39a48@localhost> Dear All, >3. Lorenzo discussed the issue with people at RIS. There was an >agreement to use 84.205.73.0/24 and 84.205.89.0/24, originated in >AS12654, for the experiments. > >4. Around Feb 20 Lorenzo prepared an e-mail to be sent to a couple of >mailing lists announcing the experiments. The e-mail was >explicitely approved by, at least, Henk, Arife, Shane. When I approved the mail, I did not realize (anymore) that the experiment would involve other AS# than 12654. Whether this is because Lorenzo didn't tell me, I didn't hear it, I forgot or whatever, I do not know. Fact is, shortly after the mail, people started sending mails objecting to using their AS# for this experiment. >9. Henk decided to stop the experiments. I fully agree with the >decision. I do not agree with the contents of the e-mail that was sent >at nanog. I was doing my mail on Thursday morning and saw dozens of mails with negative comments, including a couple of private ones, and a discussion that was rapidly getting out of hand. Lorenzo was not reachable at that time. So, I decided to stop this experiment and send a mail to the lists about this, before any more harm was done. > In my opinion the e-mail put in a bad light Lorenzo, CNRG, and RIS: >- Lorenzo was presented as an "overenthusiastic student" that behaves >irresponsibly. This is clearly not true (see above). I only said overenthousiastic. I do not think that he behaved irresponsible. The experiment was carefully thought out and will not do any damage, the only problem was in the presentation of the experiment and the fact that we're using other people's resources without informing them (and giving them a chance to opt-out). I believe that we did the best we could to control the damage by cancelling the experiment as soon as things appeared to go out of control. Yes, this did not give the best impression for CNRG and RIPE NCC, but I believe letting this discussion continue for a few more hours, would have caused more damage. I might be wrong. Finally, I think we can discuss this forever, but I doubt that much good will come out of it. What we should learn from this, is that we should think twice when announcing a new experiment and not use other people's resources without their permission. I hope that CNRG and RIS can go back to work on BGP, Kind regards, Henk ------------------------------------------------------------------------------ Henk Uijterwaal Email: henk.uijterwaal(at)ripe.net RIPE Network Coordination Centre http://www.amsterdamned.org/~henk P.O.Box 10096 Singel 258 Phone: +31.20.5354414 1001 EB Amsterdam 1016 AB Amsterdam Fax: +31.20.5354445 The Netherlands The Netherlands Mobile: +31.6.55861746 ------------------------------------------------------------------------------ Look here junior, don't you be so happy. And for Heaven's sake, don't you be so sad. (Tom Verlaine) From gdb at dia.uniroma3.it Mon Mar 7 15:28:56 2005 From: gdb at dia.uniroma3.it (Giuseppe Di Battista) Date: Mon, 07 Mar 2005 15:28:56 +0100 Subject: [ris-int] experiments on AS-sets cancelled In-Reply-To: <6.2.0.14.2.20050305212551.02c39a48@localhost> References: <42289F38.7090308@dia.uniroma3.it> <6.2.0.14.2.20050305212551.02c39a48@localhost> Message-ID: <422C6528.80800@dia.uniroma3.it> Dear Henk, thanks a lot for your e-mail. > I hope that CNRG and RIS > can go back to work on BGP, Sure, we are making a great work together and I hope it will continue. At this point I would like to ask Lorenzo to answer the following e-mail by Randy Bush (sent to the nanog mailing list) > i think we're ratholing here. can you tell us in simple words > > o what you are trying to learn with your experiment and why > it will help us understand or better manage our networks > (thanks rodney) > > o why the way you are doing it is safe and will not affect > the packets we're trying to move for our customers in negative > ways with an e-mail (in the same thread) that says that we are currently working on a brief document that tries to address the two issues and that will be available soon. We shall write it in two or three weeks (hopefully). Best, Pino From arife at ripe.net Fri Mar 11 10:59:58 2005 From: arife at ripe.net (Arife Vural) Date: Fri, 11 Mar 2005 10:59:58 +0100 Subject: [ris-int] RIS meeting on Mon Message-ID: <20050311095958.GC28281@ripe.net> Hi, Does anybody have any agenda item for Mon? Arife From arife at ripe.net Sun Mar 13 18:32:52 2005 From: arife at ripe.net (Arife Vural) Date: Sun, 13 Mar 2005 18:32:52 +0100 Subject: [ris-int] There is no RIS meeting on Monday! In-Reply-To: <20050311095958.GC28281@ripe.net> References: <20050311095958.GC28281@ripe.net> Message-ID: <20050313173252.GA5959@ripe.net> All in subject. From arife at ripe.net Tue Mar 15 10:17:17 2005 From: arife at ripe.net (Arife Vural) Date: Tue, 15 Mar 2005 10:17:17 +0100 Subject: [ris-int] nice site Message-ID: <20050315091717.GB15383@ripe.net> Just saw this site, it's pretty good. Maybe, we should ask them to create links for RIS tools. RIS Looking Glass is already there. http://www.bgp6.com/tools/ Arife From henk at ripe.net Tue Mar 15 11:28:50 2005 From: henk at ripe.net (Henk Uijterwaal) Date: Tue, 15 Mar 2005 11:28:50 +0100 Subject: [ris-int] nice site In-Reply-To: <20050315091717.GB15383@ripe.net> References: <20050315091717.GB15383@ripe.net> Message-ID: <6.2.0.14.2.20050315112831.02cbafd0@localhost> At 10:17 15/03/2005, Arife Vural wrote: >Just saw this site, it's pretty good. Maybe, we should ask them to create >links for RIS tools. Yes, we should, the more publicity, the better. Henk > RIS Looking Glass is already there. > >http://www.bgp6.com/tools/ > >Arife ------------------------------------------------------------------------------ Henk Uijterwaal Email: henk.uijterwaal(at)ripe.net RIPE Network Coordination Centre http://www.amsterdamned.org/~henk P.O.Box 10096 Singel 258 Phone: +31.20.5354414 1001 EB Amsterdam 1016 AB Amsterdam Fax: +31.20.5354445 The Netherlands The Netherlands Mobile: +31.6.55861746 ------------------------------------------------------------------------------ Look here junior, don't you be so happy. And for Heaven's sake, don't you be so sad. (Tom Verlaine) From wilhelm at ripe.net Tue Mar 15 14:06:13 2005 From: wilhelm at ripe.net (Rene Wilhelm) Date: Tue, 15 Mar 2005 14:06:13 +0100 (CET) Subject: [ris-int] nice site In-Reply-To: <20050315091717.GB15383@ripe.net> References: <20050315091717.GB15383@ripe.net> Message-ID: On Tue, 15 Mar 2005, Arife Vural wrote: > > Just saw this site, it's pretty good. Yes, I've seen it before. The presentations section is also very complete (including some of mine ;-) > Maybe, we should ask them to create > links for RIS tools. RIS Looking Glass is already there. > > http://www.bgp6.com/tools/ a link to www.ripe.net/ris already exists under the heading "Routing Information Service" BGPlay is also there, higher up on the (alphebatically ordered) page. -- Rene From ris-request at ripe.net Wed Mar 16 12:33:40 2005 From: ris-request at ripe.net (RIPE NCC RIS) Date: Wed, 16 Mar 2005 12:33:40 +0100 Subject: [ris-int] Fw: NCC#2005030185 [Request for BGP Data] Message-ID: <200503161133.j2GBXet8028975@x45.ripe.net> Hello all, What do you think about this request? Cheers, Vasco ----- Begin forwarded message ----- Date: Tue, 1 Mar 2005 19:17:02 -0600 From: Dave Deitrich To: rispeering at ripe.net Subject: NCC#2005030185 Request for BGP Data Cc: bruce.campbell at ripe.net, Rob Thomas Message-Id: <9c251485ff037119c294a661ebc8f84c at cymru.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greetings, My name is Dave Deitrich and I'm a member of Team Cymru (http://www.cymru.com). We were wondering if it would be possible to establish a BGP peering session with you in order to receive copies of some of the routing data that you use for the RIPE RIS project. The prefix data will be used to help enhance our Internet monitoring utilities. These utilities look for general aberrations such as routing instability, worm outbreaks, prefix hijackings, etc. so the more peering data we have the better. We recently posted a request for more peers to a security list and Bruce Campbell suggested that you might be able to help us. If so we would love to discuss this with you. Please let us know if you think that this would be feasible. Thanks very much for your attention. - -- DAVE DEITRICH deitrich at cymru.com -----BEGIN PGP SIGNATURE----- Version: PGP 8.1 iQA/AwUBQiUEXkiQQdywQH32EQJnQQCg5Zhq+yGLvrkGpTfPcqA8G1h/vrQAoIY8 77nM12Obk8qE4o1+Dtj9jD1W =9cP9 -----END PGP SIGNATURE----- ------ End forwarded message ------ -- From daniel.karrenberg at ripe.net Wed Mar 16 16:19:41 2005 From: daniel.karrenberg at ripe.net (Daniel Karrenberg) Date: Wed, 16 Mar 2005 16:19:41 +0100 Subject: [ris-int] Fw: NCC#2005030185 [Request for BGP Data] In-Reply-To: <200503161133.j2GBXet8028975@x45.ripe.net> References: <200503161133.j2GBXet8028975@x45.ripe.net> Message-ID: <20050316151941.GB2548@reifer-karrenberg-net.local> On 16.03 12:33, RIPE NCC RIS wrote: > Hello all, > > What do you think about this request? This needs a chat between Henk and myself. They should get an answer immediately that we are considering it seriously. Daniel From ris-request at ripe.net Wed Mar 16 17:04:47 2005 From: ris-request at ripe.net (RIPE NCC RIS) Date: Wed, 16 Mar 2005 17:04:47 +0100 Subject: [ris-int] Re: NCC#2005030185 Request for BGP Data In-Reply-To: <9c251485ff037119c294a661ebc8f84c@cymru.com>; from Dave Deitrich on Tue, 1 Mar 2005 19:17:02 -0600 References: <9c251485ff037119c294a661ebc8f84c@cymru.com> Message-ID: <200503161604.j2GG4lY8021754@x45.ripe.net> Hello Dave, Thanks for your e-mail. We are discussing this request internally. We will let you know as soon as we have some more information about it. Best regards, Vasco Asturiano -------------------------- Software Engineering Dept. RIPE-NCC On Tue, 1 Mar 2005 19:17:02 -0600, Dave Deitrich wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > Greetings, > > My name is Dave Deitrich and I'm a member of Team Cymru > (http://www.cymru.com). We were wondering if it would be possible to > establish a BGP peering session with you in order to receive copies of > some of the routing data that you use for the RIPE RIS project. The > prefix data will be used to help enhance our Internet monitoring > utilities. These utilities look for general aberrations such as > routing instability, worm outbreaks, prefix hijackings, etc. so the > more peering data we have the better. > > We recently posted a request for more peers to a security list and > Bruce Campbell suggested that you might be able to help us. If so we > would love to discuss this with you. Please let us know if you think > that this would be feasible. > > Thanks very much for your attention. > > - -- > DAVE DEITRICH > deitrich at cymru.com > > > -----BEGIN PGP SIGNATURE----- > Version: PGP 8.1 > > iQA/AwUBQiUEXkiQQdywQH32EQJnQQCg5Zhq+yGLvrkGpTfPcqA8G1h/vrQAoIY8 > 77nM12Obk8qE4o1+Dtj9jD1W > =9cP9 > -----END PGP SIGNATURE----- -- From henk at ripe.net Wed Mar 16 18:08:56 2005 From: henk at ripe.net (Henk Uijterwaal) Date: Wed, 16 Mar 2005 18:08:56 +0100 Subject: [ris-int] Fw: NCC#2005030185 [Request for BGP Data] In-Reply-To: <200503161133.j2GBXet8028975@x45.ripe.net> References: <200503161133.j2GBXet8028975@x45.ripe.net> Message-ID: <6.2.0.14.2.20050316174538.02ca86a8@localhost> Hi, >What do you think about this request? In general, I think we should try to honor this request, cymru does useful work and it is a valid application of the data that we have. On the technical side, I wonder why they need a BGP feed. This will be multihop BGP over a large number of intermediate nodes, with all stability issues related to that. It would also involve peerings with all RRC's. OTOH, the raw data does have the same info, is already downloadable, and does not suffer from stability problems. I might miss something here. I do think that we should set them up. If we do, I think we should ask them to put appropriate credtis on their site. We should also ask them, when they present, to tell people to peer with us. And, obviously, we can give a link to them from our site. Henk >Cheers, >Vasco > >----- Begin forwarded message ----- > >Date: Tue, 1 Mar 2005 19:17:02 -0600 >From: Dave Deitrich >To: rispeering at ripe.net >Subject: NCC#2005030185 Request for BGP Data >Cc: bruce.campbell at ripe.net, Rob Thomas >Message-Id: <9c251485ff037119c294a661ebc8f84c at cymru.com> > > >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > > >Greetings, > >My name is Dave Deitrich and I'm a member of Team Cymru >(http://www.cymru.com). We were wondering if it would be possible to >establish a BGP peering session with you in order to receive copies of >some of the routing data that you use for the RIPE RIS project. The >prefix data will be used to help enhance our Internet monitoring >utilities. These utilities look for general aberrations such as >routing instability, worm outbreaks, prefix hijackings, etc. so the >more peering data we have the better. > >We recently posted a request for more peers to a security list and >Bruce Campbell suggested that you might be able to help us. If so we >would love to discuss this with you. Please let us know if you think >that this would be feasible. > >Thanks very much for your attention. > >- -- >DAVE DEITRICH >deitrich at cymru.com > > >-----BEGIN PGP SIGNATURE----- >Version: PGP 8.1 > >iQA/AwUBQiUEXkiQQdywQH32EQJnQQCg5Zhq+yGLvrkGpTfPcqA8G1h/vrQAoIY8 >77nM12Obk8qE4o1+Dtj9jD1W >=9cP9 >-----END PGP SIGNATURE----- >------ End forwarded message ------ > >-- ------------------------------------------------------------------------------ Henk Uijterwaal Email: henk.uijterwaal(at)ripe.net RIPE Network Coordination Centre http://www.amsterdamned.org/~henk P.O.Box 10096 Singel 258 Phone: +31.20.5354414 1001 EB Amsterdam 1016 AB Amsterdam Fax: +31.20.5354445 The Netherlands The Netherlands Mobile: +31.6.55861746 ------------------------------------------------------------------------------ Look here junior, don't you be so happy. And for Heaven's sake, don't you be so sad. (Tom Verlaine) From henk at ripe.net Wed Mar 16 17:31:49 2005 From: henk at ripe.net (Henk Uijterwaal) Date: Wed, 16 Mar 2005 17:31:49 +0100 Subject: [ris-int] Fw: NCC#2005030185 [Request for BGP Data] In-Reply-To: <20050316151941.GB2548@reifer-karrenberg-net.local> References: <200503161133.j2GBXet8028975@x45.ripe.net> <20050316151941.GB2548@reifer-karrenberg-net.local> Message-ID: <6.2.0.14.2.20050316173124.02c716b8@localhost> At 16:19 16/03/2005, Daniel Karrenberg wrote: >On 16.03 12:33, RIPE NCC RIS wrote: > > Hello all, > > > > What do you think about this request? > >This needs a chat between Henk and myself. >They should get an answer immediately that we are considering it >seriously. I agree, please write back that we'll get back to them soon, Henk >Daniel ------------------------------------------------------------------------------ Henk Uijterwaal Email: henk.uijterwaal(at)ripe.net RIPE Network Coordination Centre http://www.amsterdamned.org/~henk P.O.Box 10096 Singel 258 Phone: +31.20.5354414 1001 EB Amsterdam 1016 AB Amsterdam Fax: +31.20.5354445 The Netherlands The Netherlands Mobile: +31.6.55861746 ------------------------------------------------------------------------------ Look here junior, don't you be so happy. And for Heaven's sake, don't you be so sad. (Tom Verlaine) From colitti at dia.uniroma3.it Wed Mar 16 22:23:14 2005 From: colitti at dia.uniroma3.it (Lorenzo Colitti) Date: Wed, 16 Mar 2005 22:23:14 +0100 Subject: [ris-int] Fw: NCC#2005030185 [Request for BGP Data] In-Reply-To: <6.2.0.14.2.20050316174538.02ca86a8@localhost> References: <200503161133.j2GBXet8028975@x45.ripe.net> <6.2.0.14.2.20050316174538.02ca86a8@localhost> Message-ID: <4238A3C2.7020002@dia.uniroma3.it> Henk Uijterwaal wrote: >> What do you think about this request? > > In general, I think we should try to honor this request, cymru does useful > work and it is a valid application of the data that we have. > > On the technical side, I wonder why they need a BGP feed. This will be > multihop BGP over a large number of intermediate nodes, with all stability > issues related to that. It would also involve peerings with all RRC's. > OTOH, the raw data does have the same info, is already downloadable, and > does not suffer from stability problems. I might miss something here. I don't understand either. You can get nothing from a feed that you can't get from the BGP data, and actually, you get much less, because the RRCs themselves perform route selection. So, for every prefix, instead of getting one route per peer, you get one route per RRC. There is also the question of what they are going to do with the data. Do we have permission from our peers to pass their routes on to someone else? The RIS peerings were set up with the assurance that the data would be made public and used to create services for the community. Just a couple of thoughts. Cheers, Lorenzo -- --------------------------------------------------------- Lorenzo Colitti Ph.D student Computer Networks research group Roma Tre University colitti at dia.uniroma3.it +39-0655173215 --------------------------------------------------------- From arife at ripe.net Wed Mar 16 23:04:27 2005 From: arife at ripe.net (Arife Vural) Date: Wed, 16 Mar 2005 23:04:27 +0100 Subject: [ris-int] Fw: NCC#2005030185 [Request for BGP Data] In-Reply-To: <6.2.0.14.2.20050316174538.02ca86a8@localhost> References: <200503161133.j2GBXet8028975@x45.ripe.net> <6.2.0.14.2.20050316174538.02ca86a8@localhost> Message-ID: <20050316220427.GA18846@ripe.net> > On the technical side, I wonder why they need a BGP feed. This will be That's also one thing I wonder as well. I have the concerns Lorenzo pointed. We say our peers we just set up peering sessions to collect BGP data, and not to pass any other peers even if it's research purpose. Like last AS-set issue, if somebody says that they do not want to involve such a thing, that would put us into difficult situation. My feelings say that just tell them to no, and point them to use RIB snapshots. Arife From wilhelm at ripe.net Thu Mar 17 00:13:59 2005 From: wilhelm at ripe.net (Rene Wilhelm) Date: Thu, 17 Mar 2005 00:13:59 +0100 Subject: [ris-int] Fw: NCC#2005030185 [Request for BGP Data] In-Reply-To: Message from Arife Vural of "Wed, 16 Mar 2005 23:04:27 +0100." <20050316220427.GA18846@ripe.net> Message-ID: <200503162313.j2GNDxet006299@birch.ripe.net> > I have the concerns Lorenzo pointed. We say our peers we just set up peering > sessions to collect BGP data, and not to pass any other peers even if it's > research purpose. I don't see that as an issue; in terms of data disclosure, it hardly matters if you pass the routing information via eBGP or via RIB dumps/updates. BGP feeds will even give them less data. > My feelings say that just tell them to no, and point them to use RIB snapshots. They probably just want to add RIS peering sessions to the 17 they already have and use their existing tools to prepare reports and (quoting the original message) "look for general aberrations such as routing instability, worm outbreaks, prefix hijackings, etc." RIB dumps and updates would require special processing, more difficult to use in their analysis. I don't think setting Team Cymru up with feeds will hit back on us, on the contrary, if we would not set them up, we could be seen as being overly possesive, not wanting to collaborate. However, I do agree with Henk that we should insist on being given proper credit. Looking at http://www.cymru.com/BGP/ there's no information whatsoever on who are 'donating' Team Cymru's current 17 eBGP peering sessions. -- Rene From daniel.karrenberg at ripe.net Thu Mar 17 09:59:14 2005 From: daniel.karrenberg at ripe.net (Daniel Karrenberg) Date: Thu, 17 Mar 2005 09:59:14 +0100 Subject: [ris-int] Trip Report: DHS Routing Security Workshop Message-ID: <20050317085914.GE3098@reifer-karrenberg-net.local> (Homeland Security) HSARPA: - requirements driven research - very flexible contract instruments - small, agile group www.hsarpabaa.com (note .com) www.hsarpabsbir.com HSARPA CYBER PGMS: DNSSEC (Steve Crocker, Russ Mundy, mentions DISI, Olaf) SPRI Routing Security - economics, incentives, deployability This is the first of 5 workshops. Next is probably being after NANOG Seattle, operational requirements. 12 mo (may , summer, sept, nov) HSARPA is about Development, Deployment, less about Research. Want to accelerate processes already happening. Quicker than IETF pace. I'll leave all the discussions to a reference to the position papers which I do not have yet. I'll forward it as soon as I get it. Main points: The main problem remains lack of ISP motivation to do routing security. Business cases are not clear and current level of incidents is clearly below the nuisance level. There appears to be a strong perception that address allocation registries are not accurate, especially for older assignments. Then there is a registry nereded to link address space to routes and their origin addresses. Minor points: There continues to be a need for reliable data about "irregular routes". Idea (Crocker): Intelligently filter routing data and make an "interesting bogon" list. Something for the RIS. Once we get squatting on unallocated addresses dealt with, addresses allocated but not routed will be targeted. RIS mentioned several times as "more accurate and better" than route views. Still route views used most of the time. RIRs mentioned several times as natural places for registries supporting routing security: address space (we do), route origination (new), other policies (maybe). Major consequences for us: We need to quantify the quality of RS data somehow and give a more clear picture of what still needs to be cleaned up and the plan for achieving this including time frames. Appraently we are being too vague. Better do this proactively than in response to an increasing level of questions. We need to keep the RIPE community informed and "in the loop" of routing security developments. We need to consider the route origin registry more stringent and separate from the current routing registry and the address allocation registry. Maybe we want to run things. Minor consequences: Consider a "not routed on the public Internet" attribute for the address space registry. "irregular routes" sifting of RIS. Miscellaneous: RS (still) does not use RIS when it could. (re ASNs). Ginny Listman to chair a group looking into address registries. We need to have someone there. From henk at ripe.net Fri Mar 18 10:20:50 2005 From: henk at ripe.net (Henk Uijterwaal) Date: Fri, 18 Mar 2005 10:20:50 +0100 Subject: [ris-int] Fw: NCC#2005030185 [Request for BGP Data] In-Reply-To: <4238A3C2.7020002@dia.uniroma3.it> References: <200503161133.j2GBXet8028975@x45.ripe.net> <6.2.0.14.2.20050316174538.02ca86a8@localhost> <4238A3C2.7020002@dia.uniroma3.it> Message-ID: <6.2.0.14.2.20050318101844.02cb53f8@localhost> At 22:23 16/03/2005, Lorenzo Colitti wrote: >There is also the question of what they are going to do with the data. Do >we have permission from our peers to pass their routes on to someone else? >The RIS peerings were set up with the assurance that the data would be >made public and used to create services for the community. Well, the agreement we have is that we would make the data publicly available. We never said that we'd limit ourselves to only MySQL queries to a database, only raw files or whatever. A BGP feed is, in this respect, still in scope. Henk >Just a couple of thoughts. > > >Cheers, >Lorenzo > >-- >--------------------------------------------------------- >Lorenzo Colitti Ph.D student >Computer Networks research group Roma Tre University >colitti at dia.uniroma3.it +39-0655173215 >--------------------------------------------------------- ------------------------------------------------------------------------------ Henk Uijterwaal Email: henk.uijterwaal(at)ripe.net RIPE Network Coordination Centre http://www.amsterdamned.org/~henk P.O.Box 10096 Singel 258 Phone: +31.20.5354414 1001 EB Amsterdam 1016 AB Amsterdam Fax: +31.20.5354445 The Netherlands The Netherlands Mobile: +31.6.55861746 ------------------------------------------------------------------------------ Look here junior, don't you be so happy. And for Heaven's sake, don't you be so sad. (Tom Verlaine) From henk at ripe.net Fri Mar 18 10:30:35 2005 From: henk at ripe.net (Henk Uijterwaal) Date: Fri, 18 Mar 2005 10:30:35 +0100 Subject: [ris-int] Fw: NCC#2005030185 [Request for BGP Data] In-Reply-To: <20050316220427.GA18846@ripe.net> References: <200503161133.j2GBXet8028975@x45.ripe.net> <6.2.0.14.2.20050316174538.02ca86a8@localhost> <20050316220427.GA18846@ripe.net> Message-ID: <6.2.0.14.2.20050318102212.02c598c0@localhost> Arife, others, > > On the technical side, I wonder why they need a BGP feed. This will be > >That's also one thing I wonder as well. > >I have the concerns Lorenzo pointed. We say our peers we just set up peering >sessions to collect BGP data, and not to pass any other peers even if it's >research purpose. > >Like last AS-set issue, if somebody says that they do not want to involve >such >a thing, that would put us into difficult situation. I think this is different. People peering with the RIS already agreed that we'd collect the data and make it available for research purposes. It comes essentially down to listening and write down what we hear. The AS-set thing was different. There we'd actively use AS# under somebody else's control for experiments. >My feelings say that just tell them to no, and point them to use RIB >snapshots. I'd rephrase this a bit: offer them the data, but ask why they need a BGP feed and cannot simply mirror the data that we already make available on our website. If there is a valid technical reason why they need a feed, I like to know and we should consider this. If they are just too lazy to read the RIBs, then it is a different matter. Henk ps. Arife: is this what you wanted to talk to me about yesterday, before the music made all further conversation impossible? Feel free to drop by if you want to discuss further by voice. >Arife ------------------------------------------------------------------------------ Henk Uijterwaal Email: henk.uijterwaal(at)ripe.net RIPE Network Coordination Centre http://www.amsterdamned.org/~henk P.O.Box 10096 Singel 258 Phone: +31.20.5354414 1001 EB Amsterdam 1016 AB Amsterdam Fax: +31.20.5354445 The Netherlands The Netherlands Mobile: +31.6.55861746 ------------------------------------------------------------------------------ Look here junior, don't you be so happy. And for Heaven's sake, don't you be so sad. (Tom Verlaine) From daniel.karrenberg at ripe.net Fri Mar 18 11:36:06 2005 From: daniel.karrenberg at ripe.net (Daniel Karrenberg) Date: Fri, 18 Mar 2005 11:36:06 +0100 Subject: [ris-int] Fw: NCC#2005030185 [Request for BGP Data] In-Reply-To: <6.2.0.14.2.20050318102212.02c598c0@localhost> References: <200503161133.j2GBXet8028975@x45.ripe.net> <6.2.0.14.2.20050316174538.02ca86a8@localhost> <20050316220427.GA18846@ripe.net> <6.2.0.14.2.20050318102212.02c598c0@localhost> Message-ID: <20050318103606.GE454@reifer-karrenberg-net.local> On 18.03 10:30, Henk Uijterwaal wrote: > > I'd rephrase this a bit: offer them the data, but ask why they need a > BGP feed and cannot simply mirror the data that we already make available > on our website. If there is a valid technical reason why they need a feed, > I like to know and we should consider this. If they are just too lazy > to read the RIBs, then it is a different matter. Agree! From arife at ripe.net Mon Mar 21 10:02:41 2005 From: arife at ripe.net (Arife Vural) Date: Mon, 21 Mar 2005 10:02:41 +0100 Subject: [ris-int] Fw: NCC#2005030185 [Request for BGP Data] In-Reply-To: <6.2.0.14.2.20050318102212.02c598c0@localhost> References: <200503161133.j2GBXet8028975@x45.ripe.net> <6.2.0.14.2.20050316174538.02ca86a8@localhost> <20050316220427.GA18846@ripe.net> <6.2.0.14.2.20050318102212.02c598c0@localhost> Message-ID: <20050321090241.GD30237@ripe.net> > >My feelings say that just tell them to no, and point them to use RIB > >snapshots. > > I'd rephrase this a bit: offer them the data, but ask why they need a > BGP feed and cannot simply mirror the data that we already make available > on our website. If there is a valid technical reason why they need a feed, > I like to know and we should consider this. If they are just too lazy > to read the RIBs, then it is a different matter. That makes sense. Vasco, can you get back to user with these questions? If you need any help, we can look at together. > ps. Arife: is this what you wanted to talk to me about yesterday, before > the music made all further conversation impossible? Feel free to drop > by if you want to discuss further by voice. Yes. Your reply is quite clear. Thanks. Arife From henk at ripe.net Tue Mar 22 10:05:12 2005 From: henk at ripe.net (Henk Uijterwaal) Date: Tue, 22 Mar 2005 10:05:12 +0100 Subject: [ris-int] Re: Trip Report: DHS Routing Security Workshop In-Reply-To: <20050317085914.GE3098@reifer-karrenberg-net.local> References: <20050317085914.GE3098@reifer-karrenberg-net.local> Message-ID: <6.2.0.14.2.20050322100404.02c8a108@localhost> Daniel, >(Homeland Security) HSARPA: > >This is the first of 5 workshops. Next is probably being after NANOG Seattle, [...] >We need to have someone there. I was planning to go to NANOG anyway, so can add this to my schedule. Henk ------------------------------------------------------------------------------ Henk Uijterwaal Email: henk.uijterwaal(at)ripe.net RIPE Network Coordination Centre http://www.amsterdamned.org/~henk P.O.Box 10096 Singel 258 Phone: +31.20.5354414 1001 EB Amsterdam 1016 AB Amsterdam Fax: +31.20.5354445 The Netherlands The Netherlands Mobile: +31.6.55861746 ------------------------------------------------------------------------------ Look here junior, don't you be so happy. And for Heaven's sake, don't you be so sad. (Tom Verlaine) From wilhelm at ripe.net Tue Mar 22 20:52:44 2005 From: wilhelm at ripe.net (Rene Wilhelm) Date: Tue, 22 Mar 2005 20:52:44 +0100 Subject: [ris-int] LFT traceroute & RISwhois Message-ID: <200503221952.j2MJqiet001437@birch.ripe.net> Following last week's thread on nanog re: "traceroute with asn" the author of LFT traceroute, Victor Oppleman, approached me offering to add riswhois lookups to the next version of LFT. (see attached e-mail). Replacing "one-connection/one-query" lookups to RADB by lookups to RISwhois was done in a jiffy, but recognizing the potential of RISwhois, he continued spending time adding support for bulk queries (all queries over one connection) In this process it turned out there was a need for an additional riswhois option: a "-1" flag which restricts the output to one and only one route object per prefix. In combination with -M this flag ensures LFT receives at most one origin for each IP. Having checked various prefixes on the Moas page (http://www.ris.ripe.net/moas/moas.html), it does make sense to report only 1 origin for each IP: most of the time the second origin is either one with a handfull of ris peers, or a private AS. As the required modifications in riswhoisd weren't too difficult and I wanted to keep the momentum going ("het ijzer smeden als het heet is"), I took care of adapting riswhoisd last sunday and for testing purposes started it on halfweg's port 4444. Of course, I overlooked the default deny-all firewall rules, so had to wait 'till monday for Ops to punch a temporary hole to allow Victor to test his LFT-with-RISwhois development. (thanks Emil!) All tests were succesful, so now it's time to follow a proper installation procedure for new riswhoisd (will create a ticket with ris at ripe.net for that) Last but not least, I leave you with this quote from Victor: [...] I have things to attend to also, but I was just excited seeing as though the RIS is a cool (very cool) service/infrastructure and I think it may be the most trustworthy way of attaining this information with regard to the LFT user community. I really appreciate what you guys have done and I'm glad we can interoperate. -- Rene ========================================== From: Victor Oppleman Subject: LFT & RISwhois Date: Tue, 15 Mar 2005 15:48:16 -0700 To: wilhelm at ripe.net Hi Rene, I just saw this note (a friend just forwarded to me). The new (as yet unreleased) version of LFT supports querying not only the RADB/IRR (formerly the default when using the -A (asn lookup) option), but also the pWhoIs project (sounds like the same thing RISwhois is doing--we wrote one too) OR Cymru (another source of prefix-based whois data). If you're using pWhoIs or Cymru, it's *really* fast because it can grab the ASNs in bulk (one connection/query) instead of one connection per each query. If you'd like, I'm happy to code in an option to use data from your project (RISwhois), I just hadn't heard of it yet. Does it support bulk queries or should I do it like I do with RADB/IRR and hit it once for each query? Thanks! > From: Rene Wilhelm > Date: Tue, 15 Mar 2005 05:57:03 -0700 > To: > Cc: Ziggy David Lubowa , Joe Shen > , Raymond Dijkxhoorn , > NANGO > > Subject: Re: Traceroute with ASN > > > >> | Doesnt look like you have to, below is the link to the tarball >> | >> | http://oppleman.com/dl/?file=lft-2.3.tar.gz >> | >> >> >> According to the doc, it relies on RADB for its info, so it *might* >> not be >> as accurate as an actual BGP feed. > > Indeed. That's why we've created "RISwhois" [1], a whois interface to > the BGP data collected by RIPE NCC's RIS project [2]. You query > riswhois.ripe.net like you'd query whois.ra.net, but the data > returned are from active BGP feeds, not manually registered objects. > > Since RISwhois uses the same format as RADB, it's trivial to have lft > consult the RIS BGP tables: simply replace the string "whois.ra.net" > by "riswhois.ripe.net" in the whois.c file and recompile. > > -- Rene > > [1] > http://www.ripe.net/ripe/meetings/ripe-47/presentations/ripe47-eof- > riswhois.pd > f > > [2] http://www.ripe.net/projects/ris/index.html > > > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > Rene Wilhelm RIPE Network Coordination Centre > Email: wilhelm at ripe.net Amsterdam, the Netherlands > Phone: +31 20 535 4417 Fax: +31 20 535 4445 > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- From ris-request at ripe.net Thu Mar 24 12:15:23 2005 From: ris-request at ripe.net (RIPE NCC RIS) Date: Thu, 24 Mar 2005 12:15:23 +0100 Subject: [ris-int] Fw: NCC#2004081420 [RE: RIPE beacon request!] Message-ID: <200503241115.j2OBFO8W005091@x12.ripe.net> Hi guys, What do you think about this request? James, what does OPS think to run named on RRCs? Arife ----- Begin forwarded message ----- Date: Thu, 10 Mar 2005 03:56:08 -0500 From: "Hitesh Ballani" To: "RIPE NCC RIS" Subject: RE: NCC#2004081420 RIPE beacon request! Message-Id: <2EE48095D8C21643B0B70EC95F9BFBAF0A3174 at EXCHVS1.cs.cornell.edu> Hello Arife, Thanks for your help with my last experiment - but I need an even bigger favor now. I am going to describe my requirements below - if you do not find them feasible, please feel free to tell me so. Also, if you have stopped leasing out beacons to external researchers, I totally understand. I need a prefix to be advertised to many RRCs (as many as possible) for the duration of a week or so. However, this time I also need the RRCs to run a nameserver and answer queries for a particular domain. My friend here at Cornell owns a domain name (guha.cc) and hence, I can point anycast.guha.cc to the anycast address you assign to me. So for example, assume you assign a prefix a.b.c.0/24 to my experiment and it is advertised by 8 RRCs. I want all the 8 RRCs to run a nameserver and answer DNS queries (type A) for anycast.guha.cc - each RRC will answer with a different address. Hence, the first RRC will answer with a.b.c.1, the second with a.b.c.2 and so on. The purpose of this is that such an arrangement allows me to use thousands of DNS servers which have recursion enabled to perform my measurements and hence, adds a lot of value to my anycast study. The above mentioned approach for measurement is known as KING and was developed at U.Wash (described here http://www.cs.toronto.edu/~stefan/publications/imw/2002/imw.html). In case this sounds vaguely feasible, I would be more than happy to give you more details or clarify any doubts you may have. We have used the King approach for anycast measurements against the anycasted root-servers - and so, have some sense of what is required. You might have security concerns regarding running a name-server on your RRCs. I think there are standard techniques (eg. running BIND in a chroot JAIL) by which we can ensure that this experiment does not add any vulnerabilities to the RRCs - again, I can provide with more information/help in case you are interested. Thanks for your time, Hitesh > -----Original Message----- > From: RIPE NCC RIS [mailto:ris-request at ripe.net] > Sent: Monday, September 20, 2004 8:13 AM > To: Hitesh Ballani > Subject: Re: NCC#2004081420 RIPE beacon request! > > Hi Hitesh, > > > Lets start off with a prefix (I presume 195.80.238.0/24) being > advertised as > > normal (i.e. no periodic withdrawals) from 6 locations : RRC01 (Lon,UK), > > RRC02 (Paris,UK), RRC05 (Vienna,AT), RRC06 (Otemcahi, JP), RRC08 (San > > Jose,US), RRC11(NY,USA). As I mentioned earlier, the purpose is to get > > baseline measurements for an anycasted prefix when there are no flaps > (at > > least, no intentional flaps). Then, later we can introduce flaps for > other > > experiments. > > I configured on rrc01, rrc02, rrc05, rrc06, and rrc11. rrc08 is offline > by now. It's replacement would be rrc14 at PAIX, but it's not online > yet. > > > Actually, what I would like to do is to have the prefix advertised in a > > stable fashion (i.e. no intentional withdrawals) from 7 RRC locations > with > > the locations changing every couple of days .... i.e. of the 13 RRCs, 7 > are > > always advertising the prefix but the set of seven changes every couple > of > > days ...since, I would like the non-european sites (3 of them) to always > be > > part of the advertising set, so we are left with choose(13 - 3, 7 -3) = > > choose(10,4) = 1260 combinations ... while this is not certainly not > > possible, I was wondering if we could try out 5-7 odd combinations so > that > > the entire experiment finishes in a couple of weeks and then, we can > move > > onto the experiments with periodic withdrawals ... however, I am not > sure if > > this can be automated (I would be happy to write any scripts needed for > this) > > because it would be a pain for you to do this manually .. if this is > > possible, then I would be more than happy to send you a chart of the 5-7 > sets > > of 7 RRCs, each set advertising the prefix for 2 (or whatever u are > > comfortable with) days .. However, if this is not feasible, then we > could > > start with the pattern mentioned in the previous paragraph and make 1 or > 2 > > changes (2 weeks, one change a week gives us 2 combinations to try out). > > Comments?? > > I do not have any comments by now. Should think about it. > > Thanks for offer. We will see how much of time is required from our side. > Then, we can do something about it. We have already some scripts that > do the config changes on zebra/bgd. We can modify that one. > > > > > By the way, are you going to set up interfaces on these machines so that > I > > can also do end-to-end experiments? > > I've configured an interface on those RRCs, IP address, 195.80.238.1. You > can try to ping that address. In a few minutes, I will send an e-mail to > those IXs mailinglists also to allow transit that prefix. > > Regards. > Arife ------ End forwarded message ------ From henk at ripe.net Tue Mar 29 11:49:09 2005 From: henk at ripe.net (Henk Uijterwaal) Date: Tue, 29 Mar 2005 11:49:09 +0200 Subject: [ris-int] Fw: NCC#2004081420 [RE: RIPE beacon request!] In-Reply-To: <200503241115.j2OBFO8W005091@x12.ripe.net> References: <200503241115.j2OBFO8W005091@x12.ripe.net> Message-ID: <6.2.0.14.2.20050329114620.02cc3db8@localhost> At 13:15 24/03/2005, RIPE NCC RIS wrote: >Hi guys, > >What do you think about this request? I would be against this. The RRC's are set up as route collectors, not as machines to run named or whatever for 3rd parties. We have our agreements with hosts, let's not do things we have not agreed just because a student somewhere asks. Henk >James, what does OPS think to run named on RRCs? > >Arife > > >----- Begin forwarded message ----- > >Date: Thu, 10 Mar 2005 03:56:08 -0500 >From: "Hitesh Ballani" >To: "RIPE NCC RIS" >Subject: RE: NCC#2004081420 RIPE beacon request! >Message-Id: <2EE48095D8C21643B0B70EC95F9BFBAF0A3174 at EXCHVS1.cs.cornell.edu> > > >Hello Arife, > >Thanks for your help with my last experiment - but I need an even bigger >favor now. I am going to describe my requirements below - if you do not find >them feasible, please feel free to tell me so. Also, if you have stopped >leasing out beacons to external researchers, I totally understand. > >I need a prefix to be advertised to many RRCs (as many as possible) for the >duration of a week or so. However, this time I also need the RRCs to run a >nameserver and answer queries for a particular domain. My friend here at >Cornell owns a domain name (guha.cc) and hence, I can point anycast.guha.cc >to the anycast address you assign to me. So for example, assume you assign a >prefix a.b.c.0/24 to my experiment and it is advertised by 8 RRCs. I want all >the 8 RRCs to run a nameserver and answer DNS queries (type A) for >anycast.guha.cc - each RRC will answer with a different address. Hence, the >first RRC will answer with a.b.c.1, the second with a.b.c.2 and so on. The >purpose of this is that such an arrangement allows me to use thousands of DNS >servers which have recursion enabled to perform my measurements and hence, >adds a lot of value to my anycast study. The above mentioned approach for >measurement is known as KING and was developed at U.Wash (described here >http://www.cs.toronto.edu/~stefan/publications/imw/2002/imw.html). > >In case this sounds vaguely feasible, I would be more than happy to give you >more details or clarify any doubts you may have. We have used the King >approach for anycast measurements against the anycasted root-servers - and >so, have some sense of what is required. You might have security concerns >regarding running a name-server on your RRCs. I think there are standard >techniques (eg. running BIND in a chroot JAIL) by which we can ensure that >this experiment does not add any vulnerabilities to the RRCs - again, I can >provide with more information/help in case you are interested. > >Thanks for your time, >Hitesh > > > -----Original Message----- > > From: RIPE NCC RIS [mailto:ris-request at ripe.net] > > Sent: Monday, September 20, 2004 8:13 AM > > To: Hitesh Ballani > > Subject: Re: NCC#2004081420 RIPE beacon request! > > > > Hi Hitesh, > > > > > Lets start off with a prefix (I presume 195.80.238.0/24) being > > advertised as > > > normal (i.e. no periodic withdrawals) from 6 locations : RRC01 (Lon,UK), > > > RRC02 (Paris,UK), RRC05 (Vienna,AT), RRC06 (Otemcahi, JP), RRC08 (San > > > Jose,US), RRC11(NY,USA). As I mentioned earlier, the purpose is to get > > > baseline measurements for an anycasted prefix when there are no flaps > > (at > > > least, no intentional flaps). Then, later we can introduce flaps for > > other > > > experiments. > > > > I configured on rrc01, rrc02, rrc05, rrc06, and rrc11. rrc08 is offline > > by now. It's replacement would be rrc14 at PAIX, but it's not online > > yet. > > > > > Actually, what I would like to do is to have the prefix advertised in a > > > stable fashion (i.e. no intentional withdrawals) from 7 RRC locations > > with > > > the locations changing every couple of days .... i.e. of the 13 RRCs, 7 > > are > > > always advertising the prefix but the set of seven changes every couple > > of > > > days ...since, I would like the non-european sites (3 of them) to always > > be > > > part of the advertising set, so we are left with choose(13 - 3, 7 -3) = > > > choose(10,4) = 1260 combinations ... while this is not certainly not > > > possible, I was wondering if we could try out 5-7 odd combinations so > > that > > > the entire experiment finishes in a couple of weeks and then, we can > > move > > > onto the experiments with periodic withdrawals ... however, I am not > > sure if > > > this can be automated (I would be happy to write any scripts needed for > > this) > > > because it would be a pain for you to do this manually .. if this is > > > possible, then I would be more than happy to send you a chart of the 5-7 > > sets > > > of 7 RRCs, each set advertising the prefix for 2 (or whatever u are > > > comfortable with) days .. However, if this is not feasible, then we > > could > > > start with the pattern mentioned in the previous paragraph and make 1 or > > 2 > > > changes (2 weeks, one change a week gives us 2 combinations to try out). > > > Comments?? > > > > I do not have any comments by now. Should think about it. > > > > Thanks for offer. We will see how much of time is required from our side. > > Then, we can do something about it. We have already some scripts that > > do the config changes on zebra/bgd. We can modify that one. > > > > > > > > By the way, are you going to set up interfaces on these machines so that > > I > > > can also do end-to-end experiments? > > > > I've configured an interface on those RRCs, IP address, 195.80.238.1. You > > can try to ping that address. In a few minutes, I will send an e-mail to > > those IXs mailinglists also to allow transit that prefix. > > > > Regards. > > Arife >------ End forwarded message ------ ------------------------------------------------------------------------------ Henk Uijterwaal Email: henk.uijterwaal(at)ripe.net RIPE Network Coordination Centre http://www.amsterdamned.org/~henk P.O.Box 10096 Singel 258 Phone: +31.20.5354414 1001 EB Amsterdam 1016 AB Amsterdam Fax: +31.20.5354445 The Netherlands The Netherlands Mobile: +31.6.55861746 ------------------------------------------------------------------------------ Look here junior, don't you be so happy. And for Heaven's sake, don't you be so sad. (Tom Verlaine)