[ARIN-consult] Community Consultation on IRR Route Validation

Job Snijders job at ntt.net
Wed Mar 18 11:36:27 EDT 2015


Hi David,

On Wed, Mar 18, 2015 at 01:15:37PM +0000, David Huberman wrote:
> My viewpoint is AS8075 will not use it.  Like hundreds|thousands of
> others operators, we use RADB (a paid service with an SLA that works)
> for our IRR entries.

Which part works? You realise that anybody can register anything for any
prefix in RADB right? ARIN now has a chance to step their game up and
make it possible to offer better quality data.

Why should anybody else then Microsoft, be allowed to create
route-objects that cover Microsoft space?

> My viewpoint is ARIN should not offer an IRR anymore, as there is too
> much garbage data in it, and the cost of re-development efforts
> strongly outweighs the benefits to the operational community. 

This is one example how RADB can be abused:
http://www.bgpmon.net/using-bgp-data-to-find-spammers/

Tying together RIR & IRR data allows operators to programmatically
assess which parts of IRR we subsume into route-filters, and which parts
we ignore because there is zero guarantee that the information is
authorised.

Third party IRRs like RADB (or NTTCOM) cannot verify who is authorised
to create route-objects or not.

Regarding cost: ARIN could be the fourth RIR to do RIR<>IRR coupling,
after, other RIRs who offer this today: Afrinic, APNIC & RIPE. This is
not a new concept and code already exists. An undertaking like this of
course has a pricetag, however I'd be hesitant to claim that the cost
will outweight the benefits.

Kind regards,

Job



More information about the ARIN-consult mailing list