Home page logo
/

nanog logo nanog mailing list archives

Re: So -- what did happen to Panix?
From: Richard A Steenbergen <ras () e-gerbil net>
Date: Mon, 30 Jan 2006 05:02:53 -0500


On Mon, Jan 30, 2006 at 09:48:13AM +0000, Michael.Dillon () btradianz com wrote:

Wouldn't a well-operated network of IRRs used by 95% of
network operators be able to meet all three of your
requirements?

We have such a database (used by Verio and others), but the Panix 
incident 
happened anyway due to bit rot.  We've got to find a way to fix the 
layer 8 
problems before we can make improvements at layer 3.

If an IRR suffers from bit-rot, then I don't consider
it to be "well-operated" and therefore it cannot be
considered to be part of a well-operated network of
IRRs.

The point is that the tools exist. The failing is in
how those tools are managed. In other words this is
an operational problem on both the scale of a single
IRR and on the scale of the IRR system. Is this
what you mean by a "layer 8" problem?

Take it up with the people putting data into the system, not the IRR 
operators. Anyone who is behind an IRR-based provider (like Verio) has 
motivation to put data into the system ("hey look I do this and now 
routing works"), but there is no motivation to take stale data OUT of the 
system.

I can't even begin to count the number of networks I know who 
theoretically "use" IRR who don't even know HOW to remove data, let alone 
make any active attempt to do so when a customer leaves or a route is 
returned. Combine this with the idiots who run around proxy registering 
routes for other people based on everything they see in the table (gee 
theres a good idea, define filters for what is allowed in the table based 
on what we see people trying to put into the table, brilliant!) and you 
quickly see how IRR data becomes stale and eventually worthless.

I'll save the rest of my rant for the presentation on the subject in 
Dallas. :)

-- 
Richard A Steenbergen <ras () e-gerbil net>       http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]