This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/db-wg@ripe.net/
[db-wg] RIPE DB Route Object fails creation
- Previous message (by thread): [db-wg] RIPE DB Route Object fails creation
- Next message (by thread): [db-wg] RIPE DB Route Object fails creation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Cynthia Revström
me at cynthia.re
Thu Jun 11 15:42:54 CEST 2020
Hi, I have to agree with Job, I don't see any real benefit to requiring the existing route's maintainer's authorization if the creation is authorized by mnt-routes on the inetnum. - Cynthia On Thu, Jun 11, 2020 at 3:30 PM Job Snijders via db-wg <db-wg at ripe.net> wrote: > On 11/06/2020 03:26, ripedenis--- via db-wg wrote: > > If there is an existing, exact matching ROUTE object the creation of the > > new ROUTE object must be authorised by the existing object. There is a > > flow chart here explaining the sequence of checks: > > > https://www.ripe.net/support/training/material/bgp-operations-and-security-training-course/route-object-creation-flowchart.pdf > > Ah - great pointer. thanks. > > Denis, do you remember *why* that is the rule? > > I don't see a lot of benefit to requiring the existing object to > authorise the creation of a *new* object, when the new object is > authorised by the inetnum (in this case both through mnt-routes: and > mnt-by:). > > >> ***Error: Authorisation for [route] 194.76.156.0/22AS20676 failed > >> using "mnt-by:" not authenticated by: PLUSNET-NOC > > > > Could we reduce the confusion, and/or spread some more clue, by being > > more specific with this error? e.g. > > > > Authorisation for [blah] failed using "mnt-by:" > > - matching route object already exists > > - not authenticated by: PLUSNET-NOC > > Perhaps instead of an error message, the operation that Sasha tried to > do should just be allowed? > > Kind regards, > > Job > > -------------- next part -------------- An HTML attachment was scrubbed... URL: </ripe/mail/archives/db-wg/attachments/20200611/8ebcaf44/attachment.html>
- Previous message (by thread): [db-wg] RIPE DB Route Object fails creation
- Next message (by thread): [db-wg] RIPE DB Route Object fails creation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]