Minutes
Dublin City University, Ireland 20-22 May, 1997
Chair: Rob Blokzijl
Scribe: Mirjam Kuehne
1. Opening
155 people registered
Local Host: Business Center of DCU
Opening words from local host John Boland from DCU
2. Agenda
3. Minutes RIPE 26
4. Actions
- 22.10 on Joachim Schmitz trigger discussion in routing WG, which focus to choose for a future tool development project and come to consensus about it ... DONE
- 25.R1 on Daniel Karrenberg route aggreation analysis report at next meeting OPEN
- 26.R1 on the RIPE NCC add link to CIDRD FAQ on Web server DONE
- 26.R2 on Joachim Schmitz trigger discussion about implementation of first elements of hierarchical authorisation for route objects DONE
- 26.R3 on Joachim Schmitz finalise hierarchical authorisation for route objects together with RIPE routing WG ONGOING
- 26.R4 on Eric Jan Bos circulate URL of his analysis of routing table size: DONE ftp://ftp.surfnet.nl/surfnet/net-management/ip/nets.ps
- 26.R5 on Christian Panigel collect reasonable route dampening parameter values DONE
- on Geert Jan de Groot to write up recommendations for managing nameserver configurations OPEN
- on Lars Johan Liman To circulate a minimal set of requirements for TLDs on documenting their procedures OPEN
- on Daniele Bovio try to find ISP's that are willing to install test traffic measurement OPEN
- on RIPE NCC To create a mailinglist for discussing the definition of a network performance index, and to send out an announcement to the RIPE mailinglist DONE
- on Rob Blokzijl To restart activity in the Mbone WG DONE
5. TLD BoF report (Nial O'Reilly)
5.1. agenda reenigineered during meeting
it was recognised that general things need to be clarified first:
- what should BoF be doing?
- what should WG be doing?
- what kind of cooperation of TLD admins in the RIPE community can and should be done?
- should we also discuss gTLD's?
As result of this discussion it was decided to form a committee to produce terms of reference (on the committee are Marcel Schneider, Lars Johan Limann, Willi Black, Nial O'Reilly)
Rob Blokzijl proposed to open a new WG with Nial O'Reilly as chairman; noone objected, everyone welcomed the WG During second half of BoF mainly two issues were discussed:
5.2. Position of IANA
concerned with 4 issues related to IANA:
- funding
- authority
- legal protection
- recognition of authority and importance of IANA (it is recognised by the Internet community, but not yet by governmental authorities)
5.3. Reaction on IAHC, IPOC
IPOC process needs to be visible to outside world, also to people who did not sign the MoU
- we need to be involved in IPOC process:
- 29th meeting in Brussel between respresentatives of EC and IPOC
- next day hopefully meeting between IPOC and new WG representativs
- some people from WG intend to participate in the WIPO meeting in Geneva
Christopher Wilkinson from DG13 in EC welcomed RIPE to this new WG
Wilfried Woeber: will you discuss issue of property of names?
Peter Lothberg: What is the relation between RIPE and the EC?
What conclusion will EC take home from this meeting?
Rob Blokzijl: open platform, everybody is welcomed hopes, first contact is created to further discuss Internet issues
Christopher Williamson: RIPE members have trained EC quite a lot, is not an exclusive EC thing, discussion are also done with US or other organisations and ISPs, there is program to support Internet developments There is still a lot to learn, it would be great if one or two from RIPE could come and give a quick inventory for the EC about what kind of WGs exist, what is discussed where (action point for Rob to appoint people to do this?)
6. RIPE NCC Report (RIPE NCC)
explains meaning of T-Shirt
not a complete detailed report, only highlights (see WWW)
6.1. Registration issues:
- very stable service
- 691 LIR's (70% small, % medium, % large, % enterprise)
- quality management:
- internal - better documentation
- external auditing & monitoring (John appointed to this position, John also deputy registration service manager)
- LIR Training Courses:
- 2 or more per months
- new "no-show" policy
- new regional registries
- some delay in white house (OMB) in ARIN developments
- but everyone agrees that this should go forward
- IANA developments
- assign Internet numbers
- protocol identifiers
- dot nameserver administration
- run at ISI at USC
- was funded by DARPA
- end of March this suddenly was not continued
- IANA asked regional registries to fund activities of IANA
- APNIC contributed 50k$
- RIPE NCC contributed 25k$
- new structure is needed for IANA
- summary/rough thinking:
- US government?
- ITU?
- Bottom-Up?
- Daniel's preferred solution
- IP numbers and protocol identifiers task would be well funded and advised by the regional registries
- however, there is also "." nameserver task (-> some representation for this (CORE?))
- advisory bodies
Questions
Keith Mitchell: do you still see the same growth in number of LIR's?
Daniel Karenberg: difficult to answer; have the feeling that it is somewhat slowing down, but we can't really prove this because we cleaned up registry database and can't really compare old numbers with actual figures
6.2. enginering developments
- new database documentation
- fully automation of inaddr robot
- test traffic measurement activity started (see BoF on this)
- DNS root server at LINX
- "." servers common resource
- done on request of RIPE from last meeting
- time schedule:
- 22.1.1997 requested RIPE NCC to install nameserver
- 24.3.1997 machines installed
- 19.5.1997 operational
6.3. Organisational issues
- seperate financial administration
- own bookkeeper
- procedures and accounts separable from TERENA
- admin support in place
- for RIPE Meeting support
- much better to have admin people doing admin stuff instead of engineers
- preparing separation from TERENA
- see Pauls report
- de-facto structure (see ripe-156)
- new RIPE NCC offices
- no space at NIKHEF anymore
- cheaper to go to center of Amsterdam, because no parking space
- will move at 6th June and 9th June
- NCC will be closed those two days
6.4. Things to come, new activities
- new structure of NCC
- revised document will be published
- write tax plan
- lawyers will draft articles of association
- how to select initial executive board
- elected by Contributors Committee in September
- input from RIPE appreciated
- new developments in registration services, engineering and admin departememts
Questions
Lars Johan Limann: for how long are you planning to grow?
Daniel Karrenberg: the next 1 year probably
Keith Mitchell: where will the next RIPE meetings in Amsterdam be held?
Daniel Karrenberg: first in NIKHEF, but if attendees grow we must find something else
7. RIPE NCC - New Structure (Paul Ridley)
see http://www.ripe.net###
8. Report from the IETF (Joyce Reynolds)
see http:// (exact location will be published later)
IANA web page has now an "announcement" link, where official statements of the IANA about all kind of issues can be found
9. Technical Reports
TEN-34 (Steven Bakker)
Impromptu presentation by Steven Bakker. A map of the current TEN-34 network was shown. Many countries now connected, network is operational and works. see http://www.dante.net for more information plans to start a new project done by smaller subset of National Research Networks (NRN's)
Questions
Peter Galvaby: what are the peering policies?
Steven Bakker: basically no policies, no real peering. Must be careful to coordinate with European Commission on peering agreements. European Commission has restrictions on usage of network. AT&T Unisource gives them transit as part of IP service they offer. BT also gives them transit. Many of networks themselves have bi-lateralarrangements with other networks. In discussion too peer with EBONE. This will replace the European network 2 remaining "customers" in Czech Republic and Hungary.
How many overhead from ATM?
Steven Bakker: about 17%
Marten Terpstra: Will the network actually reach 34Mbps in all countries before the project will finish (2 year project)
Mike Norris: they reached "10" :-)
Steven explained main problem is to do with prices/availability of 34Mbps in each country. In some cases this doesn't make sense since ACONEt is hooked up to DFN who have to share this with other networks...
Rob Blokzijl: Too little, too late. Took 2 year organisation to get a network going for a year..what about a follow-up? Organising too late. commercial business is moving ahead with the development of bandwith in Europe before R&D organisations are.. Rob says there are plans for 622Mbps to come into AMS-IX
i-Pass (Glen Kowack)
- 80-120 million Internet users, user base growing
- global Internet roaming - instant local dial up access to Internet
- services from all urban centers worlwide; so they created:
- i-pass wizard (in cooperation iwth microsoft)
- i-pass authentification protocol
- i-pass regional authentication servers
- works with all major authentication protocols and most of major platforms
- URL:http://www.ipass.com/
Has a box between home providers and roaming provider to pass authentication requests back and forth. Windows specific software for dialup, but based around userIDs of [email protected] - if local auth systems get a login from mail address, passes it back to the i-pass server. i-pass server is going to be major interconnect points around the world - right now at PAIX in the US and one in Asia, there will be one in Europe soon.
10. Test Traffic Measurements (Henk Uijterwaal)
see http://www.ripe.net/ripencc/mem-services/ttm/index.html
11. WG and BoF reports
Netnews WG (Felix Kugler):
- 48 attendees
- minutes by Razo Rizvi
- presentation of Newsbone docs, WWW pages, templates http://www.switch.ch/switch/netnews/wg/nb/newsbone.html
- Newsbone deployment now!
- announced: ACONET, DEMON, DFN, EASYNET, GARR-NIS, REDIRIS, SWITCH
- required tools for INN-based servers mostly available
- ACTION on nwtnws-WG:
- to share experiences with non-INN servers in backbone environment
- to adopt existing tools to non-INN servers
- Optional access restriction to information and monitoring pages shall be based on IP addresses; all newsbone servers with published information page get access right
- ACTION on Newtnews-WG:
- check if backbone servers can be integrated into Newsbone
- upgrade Newsbone servers to fully meet the requirements
- Discussion about News Servers Software and Hardware confoguration
Routing WG (Joachim Schmitz)
Minutes: RIPE 27
- 57 attendees
- minutes by Anne Lord
- see his slide
- three major topics:
I. (hierarchical) authorisation/notification with route objects
- presentation by Carol Orange on implementations of first results from the Routing WG
- good discussion, new elements included
- presented at Database WG, again input
- final decisions on
- authorisation of route objects in aut-num objects
- notification of overlapping route objects
- The direction is clear and implementation will be done asap
- -> Still much work to do regarding hierarchical authorisation, we will continue on this
II. A future tool development project
- old action on the chairman of the Routing WG
- presentation by Joachim Schmitz:
- overview of what is currently available
- identify areas for a possible tool development project
- as it turned out after some discussion
- Merit and the RA team (including ISI) have covered or are currently covering areas of interest
- no real topics for a future tool development project could be found
- this does not mean that this area should completely be closed We think that the area shall be reviewed regularily but no immediate action is needed
III. Route Flap Dampening Parameters
- presentation by Christian Panigl based upon action from last RIPE Meeting
- compilation of issues regarding route flap dampening and values for parametrs
- goal to come to recommendations
- a small task force has been set up with Christian Panigl, Tony Barber, Sean Doran, Daniel Karrenberg. They will come up with a ripe document before the Munich IETF in August
remaining actions for routing WG (5 previous actions closed)
- 25.R1 on Daniel Karrenberg route aggregation analysis
- 26.R3 on Joachim Schmitz finalise hierarchical authorisation for route objects together with Routing WG
- 27.R1 on Carol Orange & the RIPE NCC implement authorisation and notification in the RIPE DB
DNS-WG (Ruediger Volk)
- 49 attendees
- minutes by Wilhelm Koehler
- new root nameserver at the LINX
- report from carol Orange: new robot in in-addr
- report from Carol Orange; Planned DB Referral Mechanisms
- short report from DNSIND WG on the IETF (also RIPE WG should pay more attention on security)
- status of BIND
- review charter
- what are the possibilities and goals and activities
- review 'recommendations' in particular
IPv6-WG (Francis Dupont)
Minutes: RIPE 27
- no chairman
- reports on the following issues
- 6bone WG in IETF
- 8+8 proposal discusseed last time, now called GSE?
- two proposals to split A record in DNS:
- aAA
- with roputing part in address
- new routing protocols
- RIPng, OSPFng, BGP4+
- other earlier proposals seem to be dead
- implementations
- RIPE & address assignments
- coordination with DB-WG on new IPv6 address object in RIPE DB
- IPv6 demo on JENC last week in Edinburgh
- summary of draft-ietf-ipng-unicast-aggr-00.txt
- RFC2073 provide based addressing (see his slide)
Database WG (Wilfried Woeber)
- admin
- participants: 17 (was in parallel with TLD BoF)
- minutes by Joachim Schmitz
- reports
- - Gerald Winter (Merit): Merging rwhois demon SW as currently developed by Merit with the RIPE whois client
- whois interface must be developed
- Carol Orange (RIPE NCC):
I. DB referral mechanism
II. improvements of consistency in RIPE DB
III. status report on RIPE DB - Joachim Schmitz:
summary of security/authentication
- decisions
- implement referral mechanism for domain object
- proceed with all necessary steps to improve consistency in DB
- make inconsistency data publicly available
- implement cross notification according to the concept as discussed in routing WG and as soon as some minor details are sorted out (waiting for final decision of routing WG on exact mechanism)
- things done recently:
- better help facilities
- some rules have been defined
- others are to come very soon
- updated DB documentation (new version ripe-157) PLEASE, get a copy, read it, think about it, comment on it (also when you are satisfied!!!)
- person and role object require nic-hdl now!
- things to come
- data consistency efforts in second half of 1997
- to define new security and authentication mechanisms - hopefully something ready for IETF in Munich and for RIPE-28
- Feedback on RIPE-DB Workshop
- participants (ask Carol or Ambrose)
- should be repeated
Question Philip Bridge: difficulties to express routing policies in RIPE DB. Will there be a transition from RIPE-181 to RPSL (IETF-WG)
Answer Joachim Schmitz: new rpsl draft available, David Kessens from ISI is busy with implementation of test db, will probably be available in Munich
Wilfried Woeber: touches also on issue of general coordination between RIPE and other developments like IETF
Joachim Schmitz repeated his report from the db-wg on security:
- need for security? YES
- some history
- active security
- maintainer
- hierarchical authorisation
- passive security
- AUP for use of database
- restricted readaccess to prevent SPAMs
- this is not enough however
- we must understand that this is an important issue
- collect example incidents
- RIPE NCC and routiong and DB-wg will put more effort in this
- (open) issues
- strong authentication needed
- inventory: PGP, MD5, PEM, alternatives
- PGP implementation: http:// www.ra.net/RADB.tools.doc/pgp.html
- PGP licensing: http://www.ascom.ch/Web/systec/policy/normal/policy.html
- user platforms
- key signing
- problem of distributed databases (multiple routing registries like RADB, RIPE DB etc.)
- what are possible security mechanisms
- integrity and consistency
- how to make progress:
- build a task force
- collect information
- define projects
- next RIPE Meeting: present a proposal how to get this task force going
- we still need people to join to this task force, specially people who have knowledge about security
Paul Ridley thanked all local helpers and Mike Norris for organising the meeting
Local-IR WG (Mike Norris)
- chairman: mn131
- minutes by pc111-ripe
- attendees: 48
- minutes of previous meeting accepted
- all actions done
- report from RIPE NCC
- staffing: 9 full-time, 1 part-time
- workload fine
- activities:
- training new staff, LIR courses
- allocation of 62/8
- internal quality control started
- external auditing started
- plans
- continue these efforts, specially w.r.t. quality
- report from local registries Justin Kerry from Cerbernet about starting new registries in Kenya
- report from David Conrad from APNIC
- incorporated last year
- 3 full time staff plus contractors
- membership distribution and fees similar to RIPE NCC
- new category needed for confederations
- will relocate because of 51.7 % tax
- statistics about distribution of address space and AS numbers, also per country
- report from APRICOT circulated on [email protected] and on [email protected] (not yet published as ripe document)
- report from Daniel Karrenberg about developments in US region
- ARIN (American registry for Internet Numbers) will go ahead
- very similar structure to RIPE NCC
- currently delayed in White House, but consensus that it will be established
- IANA
- DARPA funding stopped in March
- APNIC and RIPE NCC contributed amount to continue operations
- new structure of IANA is needed
- ARIN (American registry for Internet Numbers) will go ahead
- IP address space assignments
- some loose ends will be removed from policy document (ripe-140)
- describe procedures for de-assignment of address space and AS numbers
- confidentiality statement slightly stronger
- use of historic A space
- supplemantary document (ripe-155)
- there are problems with routing subnets of former A's, B's, however this is also the case with subnets of c space
- monitoring and auditing
- reports of non-compliance must be substantiated before investigations are taken
- NCC has opportunities to take actions again non-compliant behaviour
- NCC will report on incidents and actions taken
- some loose ends will be removed from policy document (ripe-140)
- Local IR Training Courses
- schedules, past and future
- new technololgies (Powerpoint)
- no-show policy
- registries get allocated places, you use the place, if you attend or not
- FAQ on forms and other assignment and allocaion issues
- web interface in preparation for form (ripe-141)
- Tools
- betteer user interface needed
- use web more
- Justin Kerry will initiate discussion on list by making suggestions on better use of Web
- Reverse Delegations (previous action on Daniel Karrenberg)
- no serious pollution in European DNS
- AOB
- mailing list changed:
- [email protected] only open for contributing LIR's
- lir-wg open for anyone
- people can unsubscribe from lir-wg (also when they are mandatory on local-ir)
- local-ir monitored now
- advice on PA space and renumbering (grace period); will be written up in ripe-140
- web will be used for all announcements for RIPE Meetings and LIR Training Courses (venue of Meetings will also appear in announcement on mailing list)
- mailing list changed:
MBONE BoF (Wilfried Woeber)
- Goal:
- investigate and propose changes to the european MBONE structure to achieve a better alignment with the line and unicast topology
- Results:
- lists of proposed changes
- fan-out count
- line load
- other constraints
- Implementation:
- write up an circulation at [email protected]
- coordination of set-up (Nils den Otter, Steven Bakker)
- additional issues:
- coordination with non-### to be improved
- we might want to have MBone-WG ###
Report from secret limerick working group (Ambrose Magee)
12. Next Meetings
- September in Amsterdam
- KTH invited us for the spring meeting to Stockholm
- exact dates will be published