This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/db-wg@ripe.net/
[db-wg] RIPE Policy Proposal 2018-06 Aims to Delete Conflicting Non-authorative IRR Objects
- Previous message (by thread): [db-wg] RIPE Policy Proposal 2018-06 Aims to Delete Conflicting Non-authorative IRR Objects
- Next message (by thread): [db-wg] RIPE Policy Proposal 2018-06 Aims to Delete Conflicting Non-authorative IRR Objects
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Alexander Azimov
aa at qrator.net
Mon Oct 15 17:21:09 CEST 2018
Why don't delete RIPE-NONAUTH at all? If there is no legal use of it - there is no need to maintain it. If there are legal use cases - you would create unpredictable operational problems, when the customer will set up an ROA, forgetting for a moment that provider is advertising its prefix for him, then he will fix ROA - but the route object will be already gone. You have NTTCOM to register objects for your customers, some other Tier1 telcos also have similar service. The lock of RIPE-NONAUTH and this policy forces smaller ISPs to pay an additional fee to RADB. I agree with the idea to drop (freeze) 'invalids', but only if you are able to restore 'valids'. пн, 15 окт. 2018 г. в 17:43, Job Snijders <job at instituut.net>: > On Mon, Oct 15, 2018 at 16:35 Alexander Azimov via db-wg <db-wg at ripe.net> > wrote: > >> There is only one good thing about mistakes - if you can fix it. >> Here if one fails to properly configure ROAs it may lead to ongoing >> operational problems, that can't be fixed even after fixing ROAs, since >> RIPE-NONAUTH database is locked. >> I think, that it's ok to delete route objects that conflict with ROAs >> only if you are able to create new. Otherwise, the only winning party will >> be commercial IRRs. >> > > Alex - just create the route object in the correct database. > > Why help proliferate rogue or stale route announcements? It is outside > RIPE’s scope to facilitate hijacks and increased risk to one business’ > operations through incorrect routing information registration. > > If you can’t create the route object, perhaps you aren’t authorized by the > owner of the resource and have no business creating such objects. > > This is no different than configuring the wrong DS records at the domain > registry level, or generating TLS certs for the wrong hostname, or > misconfiguring your firewalls or routers. Misconfigurations lead to issues > - news at 11. > > Kind regards, > > Job > -- | Alexander Azimov | HLL l QRATOR | tel.: +7 499 241 81 92 | mob.: +7 915 360 08 86 | skype: mitradir | visit: radar.qrator.net -------------- next part -------------- An HTML attachment was scrubbed... URL: </ripe/mail/archives/db-wg/attachments/20181015/36e824a3/attachment.html>
- Previous message (by thread): [db-wg] RIPE Policy Proposal 2018-06 Aims to Delete Conflicting Non-authorative IRR Objects
- Next message (by thread): [db-wg] RIPE Policy Proposal 2018-06 Aims to Delete Conflicting Non-authorative IRR Objects
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]