Presentation is loading. Please wait.

Presentation is loading. Please wait.

Internet2 Routing Working Group Merit Route Registry Update July 30, 2002 Larry Blunk.

Published byMyles Leonard Modified over 8 years ago

Similar presentations

Presentation on theme: "Internet2 Routing Working Group Merit Route Registry Update July 30, 2002 Larry Blunk."— Presentation transcript:

1 Internet2 Routing Working Group Merit Route Registry Update July 30, 2002 Larry Blunk

2 Merit Route Registry Update Internet2 Routing Working Group July 30, 2002 Agenda Introductions I2RR Status IRRd Update RADB Status RPSL Issues (RPSLng/Authorization) Web interface for Registry Timelines Web interface demo Questions

3 Merit Route Registry Update Internet2 Routing Working Group July 30, 2002 Merit route registry staff Deb Evans - project manager Engineers Larry Blunk - lead engineer Jake Khuon - lead architect Not present - Dale Fay, Chris Frazier University of Michigan NOC provides 24x7 frontline support Introductions - Merit staff

4 Merit Route Registry Update Internet2 Routing Working Group July 30, 2002 I2RR Status I2RR introduced in September 2000 Web page at www.radb.net/i2rr Has not been actively embraced by Internet2 community Merit staff departures in 2000/2001 led to lack of responsiveness Has restaffed project over the last 12 months Merit would like to get clarity regarding the role of the I2RR in the Internet2 community. Merit believes the service is important, but needs to understand Internet2's commitment to using it going forward

5 Merit Route Registry Update Internet2 Routing Working Group July 30, 2002 IRRd Update Reviewed state of code in June 2001 Initial goals Fix memory leaks and other significant bugs (zombie processes) Portability enhancements Targeted Linux and FreeBSD in addition to Solaris Code clean-up (compiler warnings, etc.) RFC 2622 RPSL compliance Mandatory attributes and parsing correctness

6 Merit Route Registry Update Internet2 Routing Working Group July 30, 2002 IRRd Update... Initial goals cont'd... Documentation updates Support for GnuPG Performance issues IRRd 2.1 released in September 2001 Several releases since (now at 2.1.4) Next release to support inverse lookups on maintainer names and performance improvements Available at www.irrd.net

7 Merit Route Registry Update Internet2 Routing Working Group July 30, 2002 RADB Status RPSL compliance has been addressed Objects missing mandatory attributes Attributes with invalid values Orphaned objects cleaned up Maintainers deleted, but objects remain in the database with mnt-by referring to maintainer Approximately 1600 paid maintainers Around 3000 maintainers at start of year Source of stale data (defunct/acquired companies) New maintainers continue to be added daily

8 Merit Route Registry Update Internet2 Routing Working Group July 30, 2002 RADB Consistency RADB consistency checks currently an ongoing project Route objects with prefixes which have been aggregated, announced by another AS, unrouted Announced prefixes not registered in RADB Aut-num objects with import/export policy which does not match observed policy in annouced prefixes (for example, AS PATH)

9 Merit Route Registry Update Internet2 Routing Working Group July 30, 2002 RADB Consistency Analysis Recent analysis of route object consistency with global routing tables 75530 route objects - compare prefix/originAS 50.8% exact or less specific prefix/match AS 35.8% exact or less specific prefix/different AS 13.4% no match (exact or less specific prefix)

10 Merit Route Registry Update Internet2 Routing Working Group July 30, 2002 Registry Maintainer reports Developing per maintainer reports Details number and type of objects Consistency with observed routing policy Route object prefix/originAS correctness Aut-num policy compared with AS Path info Provide an optional monthly email report as well as web based reports Allow maintainers to easily correct discrepancies Working with RIPC NCC to coordinate development efforts on consistency checking tools

11 Merit Route Registry Update Internet2 Routing Working Group July 30, 2002 RPSLng Ipv6/Multicast support not defined in RFC2622 RPSLng task force formed to address issue Mailing list - rpslng@ripe.net Archive - www.ripe.net/ripe/mail-archives/rpslng Internet Draft submitted by Florent Parent in January (draft-parent-multiprotocol-rpsl-00.txt) Draft addresses the following classes: route, route-set, peering-set, aut-num, inet-rtr, filter-set Attempted to extend the syntax of existing attributes rather than creating new attribute names

12 Merit Route Registry Update Internet2 Routing Working Group July 30, 2002 RPSLng... There was considerable concern that simply extending attributes may break existing tools Informal meeting held at March 2002 IETF Consensus reached on RPSLng attributes Will create new attribute names to avoid breaking tools

13 Merit Route Registry Update Internet2 Routing Working Group July 30, 2002 RPSLng examples Example of new route object for IPv6 mp-route: afi ipv6 3ffe:ffff::/28 origin: AS1 Example of aut-num object aut-num: AS2 mp-import: afi ipv6.unicast from AS1 accept {3FFE:FFFF::/35};

14 Merit Route Registry Update Internet2 Routing Working Group July 30, 2002 RPSL Authentication security PGP is currently strongest mechanism MAIL-FROM is very weak due to ease of mail spoofing Confirmation messages provides some assurance CRYPT-PW suffers from short password support (8 characters) and dictionary attack vulnerability Email submission of RPSL objects protected by CRYPT-PW requires sending cleartext password

15 Merit Route Registry Update Internet2 Routing Working Group July 30, 2002 RPSL Authentication updates RIPE 41 meeting addressed current weaknesses in RPSL authentication RIPE to phase out support of MAIL-FROM New password-based auth mechanism based on FreeBSD's MD5-CRYPT Allows passwords much longer than 8 characters and more dictionary attack resistent Merit to move to Web-based form with SSL encryption and phase-out of MAIL-FROM Considering hiding password hashes to prevent dictionary attacks Will continue to support PGP for mail based updates

16 Merit Route Registry Update Internet2 Routing Working Group July 30, 2002 Registry Web interface Augment existing mail update process with a web based interface Provides a more intuitive interface (particularly for new users unfamiliar with email based submissions) Security improvement for maintainers with password based authentication (SSL encryption instead of cleartext in email)

17 Merit Route Registry Update Internet2 Routing Working Group July 30, 2002 Timelines Web interface to be completed by August 31 RPSLng to be discussed at RIPE 43 meeting in early September and should be finalized by end of September Merit targeting RPSLng implementation by the end of October Consistency checking tools being coordinated with RIPE. Ongoing effort with initial maintainer reports to be available in November

Download ppt "Internet2 Routing Working Group Merit Route Registry Update July 30, 2002 Larry Blunk."

Similar presentations

ARIN XIMemphis, TN April 2003 ARIN DBWG Tim Christensen Authentication Update.

ARIN XIMemphis, TN April 2003 ARIN DBWG Tim Christensen Authentication Update.
Whois Database Clean Up Project Report Database SIG APNIC 16, Seoul, Korea 20 August 2003.

Whois Database Clean Up Project Report Database SIG APNIC 16, Seoul, Korea 20 August 2003.
Database Update Johan Åhlén Assistant Manager and Denis Walker Business Analyst.

Database Update Johan Åhlén Assistant Manager and Denis Walker Business Analyst.
Database Update Kaveh Ranjbar Database Department Manager, RIPE NCC.

Database Update Kaveh Ranjbar Database Department Manager, RIPE NCC.
Database Update Kaveh Ranjbar Database Group Manager, RIPE NCC.

Database Update Kaveh Ranjbar Database Group Manager, RIPE NCC.
Routing Registries What are they, how do they work, and why should I care? Larry Blunk, Merit Network, Inc.The Quilt Peering Workshop, Fall 2006.

Routing Registries What are they, how do they work, and why should I care? Larry Blunk, Merit Network, Inc.The Quilt Peering Workshop, Fall 2006.
APNIC Internet Routing Registry An introduction to the IRR TWNIC Meeting, 3 December 2003 Nurani Nimpuno, APNIC.

APNIC Internet Routing Registry An introduction to the IRR TWNIC Meeting, 3 December 2003 Nurani Nimpuno, APNIC.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E 36th RIPE Meeting Budapest 2000 APNIC Certificate Authority Status Report.

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E 36th RIPE Meeting Budapest 2000 APNIC Certificate Authority Status Report.
Long-term Archive Service Requirements draft-ietf-ltans-reqs-00.txt.

Long-term Archive Service Requirements draft-ietf-ltans-reqs-00.txt.
The RPLS ‘via’ attributes IETF89, London RPLS-VIA - IETF89 - Job Snijders Hibernia Networks.

The RPLS ‘via’ attributes IETF89, London RPLS-VIA - IETF89 - Job Snijders Hibernia Networks.
Andrei Robachevsky, Shane Kerr. APNIC/APRICOT2001, February 2001, Kuala Lumpur, Malaysia. 1 Routing Registry Consistency Check Presented.

Andrei Robachevsky, Shane Kerr. APNIC/APRICOT2001, February 2001, Kuala Lumpur, Malaysia. 1 Routing Registry Consistency Check Presented.
Planning. SDLC Planning Analysis Design Implementation.

Planning. SDLC Planning Analysis Design Implementation.
Update on RIPE NCC Inter- RIR Transfer proposal Adam Gosling APNIC 38 Policy SIG Meeting 18 September 2014.

Update on RIPE NCC Inter- RIR Transfer proposal Adam Gosling APNIC 38 Policy SIG Meeting 18 September 2014.
Anne Lord & Mirjam Kühne. AfNOG Workshop, 10 May 2001. The whois Database Introduction and Usage.

Anne Lord & Mirjam Kühne. AfNOG Workshop, 10 May The whois Database Introduction and Usage.
Scaling IXPs Scalable Infrastructure Workshop. Objectives  To explain scaling options within the IXP  To introduce the Internet Routing Registry at.

Scaling IXPs Scalable Infrastructure Workshop. Objectives  To explain scaling options within the IXP  To introduce the Internet Routing Registry at.
Internet Research Task Force Crypto Forum Research Group IETF 89 March 3, 2014 London List: Chairs:

Internet Research Task Force Crypto Forum Research Group IETF 89 March 3, 2014 London List: Chairs:
Copyright © 2011 Japan Network Information Center JPNIC ’ s RQA and Routing Related Activities JPNIC IP Department Izumi Okutani APNIC32 Aug 2011, Busan.

Copyright © 2011 Japan Network Information Center JPNIC ’ s RQA and Routing Related Activities JPNIC IP Department Izumi Okutani APNIC32 Aug 2011, Busan.
Database Update Paul Palse Database Manager, RIPE NCC.

Database Update Paul Palse Database Manager, RIPE NCC.
PDO Activities Emilio Madaio Policy Development Officer RIPE NCC RIPE 63 31 Oct - 4 Nov 2011, Vienna.

PDO Activities Emilio Madaio Policy Development Officer RIPE NCC RIPE Oct - 4 Nov 2011, Vienna.
DWINSA 2007 Website. www.DWNeeds.com Website Purpose Allow states to track status of questionnaires Allow systems >100K or states to upload project data.

DWINSA 2007 Website. Website Purpose Allow states to track status of questionnaires Allow systems >100K or states to upload project data.

Similar presentations

Ads by Google