nanog mailing list archives
Re: ARIN / RIR Pragmatism (WAS: Re: RADB)
From: Bill Woodcock <woody () pch net>
Date: Sat, 25 Oct 2014 22:01:56 +0900
On Oct 25, 2014, at 9:38 PM, Danny McPherson <danny () tcb net> wrote:
On 2014-10-24 15:24, Christopher Morrow wrote:it seems to me that there are a couple simple issues with IRR data (historically): 1) no authority for it (really, at least in the ARIN region) 2) no common practice of keeping it updated 3) proxy-registration issues (probably part of cleanup and authority issues) 4) lack of widespread use due to the above issues.I think that's a subset of the issues. Those and others are captured here: <https://tools.ietf.org/html/draft-ietf-grow-irr-routing-policy-considerations-05> Ironically, many of the issues that lead to decay in IRR use have been resolved, while others exist in RPKI, even. Baldur's RIPE IRR point is a fair one and worthy of consideration, I'm all for low-hanging fruit.I was/am hopeful that providing some path from IANA (eventually) on down through RIR to LIR to end-user for 'authority to use' ip resources would help in letting people use the IRR data cleansed of insanity by the data from this path, and then into routers for route filters.And datapath filters for inter-domain anti-spoofing, perhaps, as it's largely the same policy (I know there are corner cases people that don't want to do this point out).The RPKI system looks like the path in question, to me.I know you're an RPKI fan, I'm at peace with that :-) However, unless you can fortify the systems that RPKI (or any other resource certification infrastructure) would inform, operators have little incentive to use it as all the systems that are already deployed and still have to use (e.g., whois, in-addr.arpa, IRR, etc.) still have to be used and managed and operated. RPKI adds considerable complexity, costs, scaling challenges, new external dependencies, etc.. I actually think it'd have been a challenge to design something _more complicated than RPKI to address the problem space, but that's just me.
I had dinner with Russ and Wes during the LA ICANN meeting, and asked, in passing, whether RPKI conferred any benefits
that just throwing appropriate IRR records into a signed in-addr didn’t, and they had an answer in the affirmative, but
I can’t remember the details now, because I was jet-lagged and it was in the middle of a conversation about something
else. Russ, Wes, anyone else with an interest, could you explain that again?
-Bill
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
Current thread:
- Re: RADB, (continued)
- Re: RADB Charles Gucker (Oct 08)
- ARIN / RIR Pragmatism (WAS: Re: RADB) Danny McPherson (Oct 23)
- Re: ARIN / RIR Pragmatism (WAS: Re: RADB) Christopher Morrow (Oct 23)
- Re: ARIN / RIR Pragmatism (WAS: Re: RADB) Danny McPherson (Oct 23)
- Re: ARIN / RIR Pragmatism (WAS: Re: RADB) John Sweeting (Oct 24)
- Re: ARIN / RIR Pragmatism (WAS: Re: RADB) Christopher Morrow (Oct 24)
- Re: ARIN / RIR Pragmatism (WAS: Re: RADB) Baldur Norddahl (Oct 24)
- Re: ARIN / RIR Pragmatism (WAS: Re: RADB) Sandra Murphy (Oct 25)
- Re: ARIN / RIR Pragmatism (WAS: Re: RADB) Danny McPherson (Oct 25)
- Re: ARIN / RIR Pragmatism (WAS: Re: RADB) Danny McPherson (Oct 25)
- Re: ARIN / RIR Pragmatism (WAS: Re: RADB) Bill Woodcock (Oct 25)
- Re: ARIN / RIR Pragmatism (WAS: Re: RADB) John Curran (Oct 25)
- Re: ARIN / RIR Pragmatism (WAS: Re: RADB) Danny McPherson (Oct 25)
- Re: ARIN / RIR Pragmatism (WAS: Re: RADB) Randy Bush (Oct 25)
- Re: ARIN / RIR Pragmatism (WAS: Re: RADB) Ca By (Oct 25)
- Re: ARIN / RIR Pragmatism (WAS: Re: RADB) John Curran (Oct 25)
- Re: ARIN / RIR Pragmatism (WAS: Re: RADB) Randy Bush (Oct 26)
- Re: ARIN / RIR Pragmatism (WAS: Re: RADB) John Curran (Oct 26)
- Re: ARIN / RIR Pragmatism (WAS: Re: RADB) Dmitry Burkov (Oct 26)
- Re: ARIN / RIR Pragmatism (WAS: Re: RADB) Dmitry Burkov (Oct 26)
- Re: ARIN / RIR Pragmatism (WAS: Re: RADB) Randy Bush (Oct 26)