<div dir="ltr">Job,<div><br></div><div>thank you for the clarification on source=ARIN, vs ARIN-OLD.</div><div><br></div><div>makes sense now.</div><div><br></div><div>I also agree we should stay away from unsing "Legacy" </div><div>unless we are trying to specificly note the resource is </div><div>"ARIN Legacy space" (meaning it is not currently under </div><div>any ARIN RSA, and therefor the provenance is not clear</div><div>to ARIN).</div><div><br></div><div>I like alignment.. so ARIN-NONAUTH seems like a good choice.</div><div><br></div><div><br></div><div><br></div><div>___Jason</div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Feb 23, 2018 at 11:18 AM, Job Snijders <span dir="ltr"><<a href="mailto:job@ntt.net" target="_blank">job@ntt.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="HOEnZb"><div class="h5">On Thu, Feb 22, 2018 at 04:42:02PM -0600, David Farmer wrote:<br>
> On Thu, Feb 22, 2018 at 3:19 PM, Job Snijders <<a href="mailto:job@ntt.net">job@ntt.net</a>> wrote:<br>
><br>
> > On Thu, Feb 22, 2018 at 04:06:28PM -0500, Jason Schiller wrote:<br>
> > > I am confused...<br>
> > ><br>
> > > the current ARIN IRR is <a href="http://rr.arin.net" rel="noreferrer" target="_blank">rr.arin.net</a><br>
> ><br>
> > ARIN manages an IRR database called "ARIN" in a daemon running on host<br>
> > <a href="http://rr.arin.net" rel="noreferrer" target="_blank">rr.arin.net</a>. You can publish data from multiple databases via a single<br>
> > fqdn like '<a href="http://rr.arin.net" rel="noreferrer" target="_blank">rr.arin.net</a>'. I think what David Farmer is talking about is<br>
> > the "source: ARIN" aspect of the data you show:<br>
> ><br>
> > $ whois -h <a href="http://rr.arin.net" rel="noreferrer" target="_blank">rr.arin.net</a> <a href="http://199.43.0.0/24" rel="noreferrer" target="_blank">199.43.0.0/24</a> | grep source<br>
> > source: ARIN # Filtered<br>
> ><br>
> > RIPE is developing something similar, where non-authoritative data will<br>
> > be marked with "source: RIPE-NONAUTH" rather than "source: RIPE" to show<br>
> > which objects came into existance because of the chain of trust from the<br>
> > RIR data to the IRR data, and some didn't.<br>
> ><br>
> > With an example from the ARIN IRR:<br>
> ><br>
> > job@vurt ~$ whois -h <a href="http://rr.arin.net" rel="noreferrer" target="_blank">rr.arin.net</a> -- "-B <a href="http://192.0.2.0/24" rel="noreferrer" target="_blank">192.0.2.0/24</a>" | egrep<br>
> > "route:|source:"<br>
> > route: <a href="http://192.0.2.0/24" rel="noreferrer" target="_blank">192.0.2.0/24</a><br>
> > source: ARIN<br>
> > route: <a href="http://192.0.2.0/24" rel="noreferrer" target="_blank">192.0.2.0/24</a><br>
> > source: ARIN<br>
> ><br>
> > <a href="http://192.0.2.0/24" rel="noreferrer" target="_blank">192.0.2.0/24</a> is a Special Use IPv4 prefix (RFC 3330 / RFC 5735) and not<br>
> > owned by either of the organisations that created a route object for it<br>
> > in the ARIN IRR. It is crazy that there even are route objects for this<br>
> > prefix.<br>
> ><br>
> > In my opinion, IRR 'route:' objects covering prefixes like <a href="http://192.0.2.0/24" rel="noreferrer" target="_blank">192.0.2.0/24</a><br>
> > should either be purged from the ARIN IRR - or should be clearly marked<br>
> > by changing the "source: ARIN" to "source: ARIN-OLD" (or perhaps "source:<br>
> > ARIN-NONAUTHORITATIVE-LEGACY-<wbr>GARBAGE" ;-))<br>
><br>
</div></div><span class="">> Yep, that is what I was trying to get at. I didn't know if "-" was a valid<br>
> character, since none of the current IRRs have a "-" in their source<br>
> field. Therefore it was just easier to assume "-" wasn't valid.<br>
><br>
> But if "-" is valid then "ARIN-OLD" is what I really thought of first, but<br>
> better yet is "ARIN-LEGACY" (and "ARIN-NONAUTHORITATIVE-LEGACY-<wbr>GARBAGE" is<br>
> fine with me too;-)).<br>
><br>
> And, then after a year or so all the "ARIN-NONAUTHORITATIVE-LEGACY-<wbr>GARBAGE"<br>
> magically just disappears.<br>
<br>
</span>I'd avoid the term "LEGACY" as that may confuse some because we also<br>
have the concept of "Legacy IP space".<br>
<br>
Perhaps "ARIN-NONAUTH" to align somewhat with the work being done in<br>
RIPE?<br>
<br>
If a subset of the data in ARIN's IRR can be validated, and the set of<br>
objects that are not validated are tagged with "ARIN-NONAUTH" (since<br>
those objects are not authoritative due to lack of validation) - we'll<br>
be in much better shape.<br>
<br>
I maintain that no new "ARIN-NONAUTH" objects should be allowed to come<br>
into existence.<br>
<br>
Kind regards,<br>
<br>
Job<br>
</blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature"><font color="#555555" face="'courier new', monospace"><div><span style="color:rgb(0,0,0);font-family:arial"><font color="#555555" face="'courier new', monospace">_______________________________________________________<br></font><div><font face="'courier new', monospace">Jason Schiller|NetOps|<a href="mailto:jschiller@google.com" target="_blank">jschiller@google.com</a>|571-266-0006</font></div><div><font face="'courier new', monospace"><br></font></div></span></div></font></div>
</div>