[ARIN-consult] Consultation Now Open on the Future of ARIN’s IRR

Job Snijders job at fastly.com
Mon Mar 1 12:05:45 EST 2021


On Mon, Mar 01, 2021 at 03:00:46PM +0000, John Curran wrote:
> On 12 Feb 2021, at 2:54 PM, Rob Seastrom
> <rs at seastrom.com<mailto:rs at seastrom.com>> wrote:
> 
> > I urge that Job's thoughts for orderly burndown be given heavy
> > consideration.  Upon further discussion with Job I have the
> > following points to make:
> 
>>  * Of the total of 62,352 entries in ARIN-NONAUTH about 10k of those
>>  routes show up in the DFZ and about 1,933 are rpki invalid.  ...
>>  RIPE has had over a year of operational experience with RIPE-731
>>  deployed to remove RPKI-invalid routes from their non-auth (since
>>  January 2020) and nothing has blown up...  so maybe we can start by
>>  doing the same thing.  If you haven't read RIPE-731, please do -
>>  it's short and to the point.
>>  https://www.ripe.net/publications/docs/ripe-731
>> 
>> RS -
> 
> Presuming RIPE-731 deployment and per your data above, we would
> presumably see removal of approximately two thousand of the 10K routes
> in the DFZ which correspond to ARIN-NONAUTH objects - is that correct?
> If that’s the case, once the conflicting ARIN-NONAUTH objects were
> deleted, how does that affect the necessary wait time for a full
> shutdown of ARIN-NONAUTH?

The 10K and 2K are disjoint sets. The 2K was brought up as it is the
lowest hanging fruit, the first step really, towards cleaning up the
source.

In order to shut down ARIN-NONAUTH, one has to *first* perform clean-up,
and after multiple clean-up steps (at each step trying to measure
impact), the community will have clear visiblity into what still is in
ARIN-NONAUTH and what its importance is.

> You suggested that if ARIN does an aggressive outreach campaign and
> then waited a full year to “pull the plug” that might be reasonable -
> my question is whether your suggestion for a one wait period changes
> to a date substantially sooner if RIPE-731 style IRR object grooming
> is also utilized?

That is not what is being suggested. Waiting a full year still is an
incredibly aggressive timeline which to me doesn't seem warranted.

I would appreciate if ARIN takes their feet off the gaspedal on this
project. ARIN would do well to perform an 'impact analysis' and share
their conclusions with the community before proceeding. Use Routeviews,
use IRR data from other registries, intersect those with each other...
this is the same work I've been doing.

The answer to "can we just delete all of ARIN-NONAUTH?" is a firm "NO!".

The answer to "can we delete stale & invalid bits and pieces from
ARIN-NONAUTH?" is "yes... but lets talk about methodology, go/nogo
criteria, community communication, timelines..."

Kind regards,

Job


More information about the ARIN-consult mailing list