[routing-wg] Analysis tool for RIPE Proposal 2018-06
- Previous message (by thread): [routing-wg] Analysis tool for RIPE Proposal 2018-06
- Next message (by thread): [routing-wg] Analysis tool for RIPE Proposal 2018-06
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Jared Mauch
jared at puck.nether.net
Wed Mar 6 16:38:03 CET 2019
This almost looks like a typo, I can’t find any historical information tying this route to Akamai going back to at least 2009. It would be nice if this object could go away :-) - Jared > On Mar 6, 2019, at 9:55 AM, Jay Borkenhagen <jayb at braeburn.org> wrote: > > Hi, > > I support this clean-up of RIPE-NONAUTH IRR using information > published in the RPKI. > > AT&T has been allocated 99.112.0.0/12, and we have not sub-allocated > 99.122.224.0/21 to Akamai, CW-EUROPE-GSOC, AS1273, or anyone. Folks > are encouraged to use the ROA we have published for 99.112.0.0/12 > authorizing origination in our as7018 in all ways that make sense, > including removing bogus / obsolete route objects from the IRR. > > Thanks! > > Jay B. > > > On 06-March-2019, Job Snijders writes: >> Dear all, >> >> I wrote a small tool to help understand the effects if RIPE Policy >> Proposal 2018-06 is accepted by the community. This is the "Let's use >> RPKI ROAs to clean up the non-authoritative RIPE-NONAUTH IRR >> source!"-proposal (source: https://www.ripe.net/participate/policies/proposals/2018-06). >> The tool can also be used by RIPE NCC staff to validate their >> implementation or help their impact analysis. >> >> Quick reminder: this proposal does *not* impact any RIPE Managed space, >> this does *not* impact IP space for which no RPKI ROAs have or can be >> created, and it does *not* impact route objects where the route object >> and the RPKI ROA are match each other. >> >> Currently there are 793 IRR "route:" objects and 17 "route6:" objects >> that conflict with published RPKI ROAs. Out of those ~ 800, roughly 33 >> prefixes are visible in the BGP DFZ as exact matches between what is >> registered in RIPE-NONAUTH and in BGP (note: this means these 33 >> announcements are "RPKI Invalid", and the likes of Cloudflare / AT&T >> probably aren't accepting those announcements anyway)... >> >> You can install the tool through 'pip3 install ripe-proposal-2018-06', or >> download the source from https://github.com/job/ripe-proposal-2018-06 >> >> Usage example: >> >> $ ripe-proposal-2018-06 -a 7018 >> Downloading https://rpki.gin.ntt.net/api/export.json >> Downloading https://ftp.ripe.net/ripe/dbase/split/ripe-nonauth.db.route.gz >> >> INVALID! The 99.122.224.0/21AS1273 RIPE-NONAUTH route object has conflicts: >> >> route: 99.122.224.0/21 >> descr: route for customer Akamai International >> origin: AS1273 >> created: 2008-09-08T14:40:49Z >> last-modified: 2018-09-04T15:54:45Z >> source: RIPE-NONAUTH >> mnt-by: CW-EUROPE-GSOC >> >> Above non-authoritative IRR object is in conflict with this ROA: >> ROA: 99.112.0.0/12, MaxLength: 12, Origin AS7018 (ARIN) >> >> Note that AT&T has no method of getting this erroneous "route:" object >> removed, other than to beg & plead with maintainer 'CW-EUROPE-GSOC'. >> >> We're working on an updated version of RIPE Policy Proposal 2018-06 to >> incorporate feedback from the community, such as an attempt to send >> notifications and a grace period before the object is actually removed. >> >> All in all it appears that if this policy proposal is deployed *now*, >> the operational impact is virtually non-existent; and after deploying >> this the global community has an industry-standard way to get rid of >> stale proxy route registrations. With every published ROA the >> "RIPE-NONAUTH" source becomes cleaner! >> >> Kind regards, >> >> Job
- Previous message (by thread): [routing-wg] Analysis tool for RIPE Proposal 2018-06
- Next message (by thread): [routing-wg] Analysis tool for RIPE Proposal 2018-06
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]