Hi all, On Wed, Jun 24, 2015 at 10:59:45AM +0000, snash wrote: > Thanks for comments. My interest was to continue the discussion that > Job hosted at RIPE70, and to get to some guidelines for those that > need to exploit temporary redirection with BGP; whether customers or > providers of services.
Welcome! :-) Just a note (applicable to all db-wg participants): please send emails in PLAIN TEXT, rather then HTML. This will make it easier for others to digest your information and respond. For instance I do not see colored text in my terminal based mail client. The mailing-list archive also works better with just plain text messages. Also use in-line replies rather then top quoting. > Job, thanks for your observation that "the RIPE database supports > this, you can create multiple route-objects covering the same prefix > but with different "origin:" values.". Randy states agreement. > However, this does conflict with some other Internet documents, like > BCP-6. That can only be confusing and may inhibit global consensus. > If IETF BCP documents are inaccurate then the RIPE community has some > responsibility to point it out. I don't see how this is confusing. The BCP states "Generally, a prefix can should belong to only one AS", and generally, this is true. > The dual authorisation that RIPE requires on a ROUTE object seems an > unnecessary hurdle, and gives rise to the cross-border concern that > Job raised in the BoF. For historical perspective and discussion you could review these two threads: https://www.ripe.net/ripe/mail/archives/routing-wg/2006-September/000719.html https://www.ripe.net/ripe/mail/archives/db-wg/2015-May/004597.html > The consensus from RPKI seems to be that the inetnum maintainer has > the authority to grant ROA. I do not know the history of why RIPE asks > for AS maintainer also. Is there still some good reason? (If so, I am > puzzled that it does not apply to RPKI, but that is a separate > discussion). Removing the AS maintainer from the route object Creation > authorisation seems to solve the cross-region problem. Are there > reasons not to do this? All of the above are valid questions. > Job mentioned that RaDB seems to have neither authorisation requirement, so > creating a global view of the IRR is challenging without policy agreement > leading to trust on these things. I have trouble understanding what you mean with the above paragraph. Can you rephrase or provide examples? > Summary: > 1/ ask IETF to update BCP-6. Is this something RIPE NCC should do? Anybody can propose a change. But this proces might be long and challenging. Please review https://www.ietf.org/newcomers.html > 2/ discuss why AS maintainer authorisation is required for RIPE ROUTE > object Creation. I encourage discussion on this subject. Kind regards, Job
