[ARIN-consult] Community Consultation on IRR Route Validation
Job Snijders
job at ntt.net
Wed Mar 18 11:36:27 EDT 2015
Hi David,
On Wed, Mar 18, 2015 at 01:15:37PM +0000, David Huberman wrote:
> My viewpoint is AS8075 will not use it. Like hundreds|thousands of
> others operators, we use RADB (a paid service with an SLA that works)
> for our IRR entries.
Which part works? You realise that anybody can register anything for any
prefix in RADB right? ARIN now has a chance to step their game up and
make it possible to offer better quality data.
Why should anybody else then Microsoft, be allowed to create
route-objects that cover Microsoft space?
> My viewpoint is ARIN should not offer an IRR anymore, as there is too
> much garbage data in it, and the cost of re-development efforts
> strongly outweighs the benefits to the operational community.
This is one example how RADB can be abused:
http://www.bgpmon.net/using-bgp-data-to-find-spammers/
Tying together RIR & IRR data allows operators to programmatically
assess which parts of IRR we subsume into route-filters, and which parts
we ignore because there is zero guarantee that the information is
authorised.
Third party IRRs like RADB (or NTTCOM) cannot verify who is authorised
to create route-objects or not.
Regarding cost: ARIN could be the fourth RIR to do RIR<>IRR coupling,
after, other RIRs who offer this today: Afrinic, APNIC & RIPE. This is
not a new concept and code already exists. An undertaking like this of
course has a pricetag, however I'd be hesitant to claim that the cost
will outweight the benefits.
Kind regards,
Job
More information about the ARIN-consult
mailing list