This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[db-wg] remove bogon prefixes in the RIPE IRR NON-AUTH DB?

Previous message (by thread): [db-wg] remove bogon prefixes in the RIPE IRR NON-AUTH DB?
Next message (by thread): [db-wg] remove bogon prefixes in the RIPE IRR NON-AUTH DB?

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Edward Shryane eshryane at ripe.net
Mon Oct 8 16:44:10 CEST 2018

Hi Job, Colleagues,


> On 4 Sep 2018, at 12:46, Job Snijders via db-wg <db-wg at ripe.net> wrote:
> 
> Dear WG,
> 
> I'd like to raise the issue of bogon prefixes in the RIPE IRR, and ask
> RIPE NCC to remove all "bogon" route object registrations from the
> "RIPE-NONAUTH" IRR database.
> 
> Today I was made aware of this example:
> 
> 	$ whois -h whois.ripe.net -- "-Troute6 2001:db8::/32" | egrep -v "%|^$"
> 	route6:         2001:db8::/32
> 	origin:         AS25375
> 	descr:          AS25375
> 	mnt-by:         ch-stafag-1-mnt
> 	mnt-by:         LEUNET-SECURITY-MNT
> 	created:        2018-08-25T15:27:50Z
> 	last-modified:  2018-08-25T15:27:50Z
> 	source:         RIPE
> 

I confirmed this is the only route(6) object with a bogon prefix in the RIPE-NONAUTH datasource.

As this is non-routable space, this object shouldn't exist, and given agreement from the WG, we will ensure this object is removed.


> I'd consider the following prefixes, and any more-specifics of these to
> be bogons prefixes:
> 
>    0.0.0.0/8       # RFC 1122 'this' network
>    10.0.0.0/8      # RFC 1918 private space
>    100.64.0.0/10   # RFC 6598 Carrier grade nat space
>    127.0.0.0/8     # RFC 1122 localhost
>    169.254.0.0/16  # RFC 3927 link local
>    172.16.0.0/12   # RFC 1918 private space 
>    192.0.2.0/24    # RFC 5737 TEST-NET-1
>    192.168.0.0/16  # RFC 1918 private space
>    198.18.0.0/15   # RFC 2544 benchmarking
>    198.51.100.0/24 # RFC 5737 TEST-NET-2
>    203.0.113.0/24  # RFC 5737 TEST-NET-3
>    224.0.0.0/4     # Multicast
>    240.0.0.0/4     # Reserved
>    ::/8            # RFC 4291 IPv4-compatible, loopback, et al 
>    0100::/64       # RFC 6666 Discard-Only
>    2001:2::/48     # RFC 5180 BMWG
>    2001:10::/28    # RFC 4843 ORCHID
>    2001:db8::/32   # RFC 3849 documentation
>    3ffe::/16       # RFC 3701 old 6bone
>    fc00::/7        # RFC 4193 unique local unicast
>    fe80::/10       # RFC 4291 link local unicast
>    fec0::/10       # RFC 3879 old site local unicast
>    ff00::/8        # RFC 4291 multicast
> 

> Any route/route6 objects covered by the above prefixes should be deleted
> from the database, and the software should be extended in such a way
> that nobody can register new route/route6 objects covered by the above
> list.
> 

As all of this space is already "out of region" (i.e. not allocated or delegated to the RIPE region), it is already not possible to create any more route(6) objects in this space.

Regardless, we will add a specific validation for bogons in the next Whois feature release (1.93), which will return an error message in this case.


> Kind regards,
> 
> Job
> 

Regards
Ed Shryane
RIPE NCC

Previous message (by thread): [db-wg] remove bogon prefixes in the RIPE IRR NON-AUTH DB?
Next message (by thread): [db-wg] remove bogon prefixes in the RIPE IRR NON-AUTH DB?

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ db-wg Archives ]