This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/db-wg@ripe.net/
[db-wg] RIPE DB Route Object fails creation
- Previous message (by thread): [db-wg] RIPE DB Route Object fails creation
- Next message (by thread): [db-wg] RIPE DB Route Object fails creation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Job Snijders
job at instituut.net
Thu Jun 11 15:30:23 CEST 2020
On 11/06/2020 03:26, ripedenis--- via db-wg wrote: > If there is an existing, exact matching ROUTE object the creation of the > new ROUTE object must be authorised by the existing object. There is a > flow chart here explaining the sequence of checks: > https://www.ripe.net/support/training/material/bgp-operations-and-security-training-course/route-object-creation-flowchart.pdf Ah - great pointer. thanks. Denis, do you remember *why* that is the rule? I don't see a lot of benefit to requiring the existing object to authorise the creation of a *new* object, when the new object is authorised by the inetnum (in this case both through mnt-routes: and mnt-by:). >> ***Error: Authorisation for [route] 194.76.156.0/22AS20676 failed >> using "mnt-by:" not authenticated by: PLUSNET-NOC > > Could we reduce the confusion, and/or spread some more clue, by being > more specific with this error? e.g. > > Authorisation for [blah] failed using "mnt-by:" > - matching route object already exists > - not authenticated by: PLUSNET-NOC Perhaps instead of an error message, the operation that Sasha tried to do should just be allowed? Kind regards, Job
- Previous message (by thread): [db-wg] RIPE DB Route Object fails creation
- Next message (by thread): [db-wg] RIPE DB Route Object fails creation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]