Database Update Kaveh Ranjbar Database Group Manager, RIPE NCC Outline • Short introduction to the Database Group • Status of APs and outstanding deliverables • Projects completed between.
Download ReportTranscript Database Update Kaveh Ranjbar Database Group Manager, RIPE NCC Outline • Short introduction to the Database Group • Status of APs and outstanding deliverables • Projects completed between.
Database Update Kaveh Ranjbar Database Group Manager, RIPE NCC Outline • Short introduction to the Database Group • Status of APs and outstanding deliverables • Projects completed between RIPE 61 and 62 • RIPE Labs publication highlights • Q&A RIPE NCC Database Group - 27 April 2011 2 RIPE Database Service • Public Internet Resource Information for RIPE service region • Internet Routing Registry • Repository for resource holder information • Global Resource Information in RIPE RPSL • Tools on http://www.db.ripe.net • Prototypes on http://labs.ripe.net/ripe-database RIPE NCC Database Group - 27 April 2011 3 The Database Group Agoston Benedetto Bogdan Denis Erik Kaveh RIPE NCC Database Group - 27 April 2011 4 RIPE Database statistics • Operational stats: http://www.ripe.net/info/stats/db/ripedb.html RIPE NCC Database Group - 27 April 2011 5 Action Points Denis Walker Database Business Analyst, RIPE NCC Action Points & Projects • AP57.2 Cleanup forward domain data • AP59.1: Reverse Delegation Safeguards • AP61.1: “pingable:” attribute • AP61.2: To investigate the next appropriate level of password hash • The RIPE community approved RIPE Policy Proposal 2010-06 • Policy 2007-01 • Dash ‘-’ notation in reverse DOMAIN RIPE NCC Database Group - 27 April 2011 7 AP57.2: Cleanup forward domain data • Started with DOMAIN objects in the RIPE Database for 43 ccTLDs • 3 are still actively using the RIPE Database – All 4 working on alternative solutions • 40 deleted – TLD object with all sub domains • Users cannot create new TLD objects • Syntax will be changed when last 3 deleted RIPE NCC Database Group - 27 April 2011 8 AP59.1: Reverse Delegation Safeguards The week commencing 13 December 2010 the RIPE NCC deployed a version of the RIPE Database that implements these rules and cleaned-up the existing data. It is no longer possible to create a reverse DNS DOMAIN object in the RIPE Database if either a more or less specific object already exists. RIPE NCC Database Group - 27 April 2011 9 AP59.1: Reverse Delegation Safeguards (cont’d) Objects that were cleaned up all had a less specific DOMAIN object in the database; therefore these objects did not have any operational effect on reverse DNS. RIPE NCC Database Group - 27 April 2011 10 AP61.1: “pingable:” attribute st 21 • On the of February the RIPE NCC implemented the "pingable:" and "ping-hdl:" attributes according to the specification in RFC 5943. • They can now be used in ROUTE and ROUTE6 objects in the RIPE Database. • RFC 5943 describes the syntax and explains how to use them: http://tools.ietf.org/html/rfc5943 RIPE NCC Database Group - 27 April 2011 11 AP61.1: “pingable:” attribute (cont’d) • The "pingable:" addresses are already active for beacons, anchors and debogon routes announced by the RIPE NCC Routing Information Service (RIS). • For an example of how these are announced, see the ROUTE object for 84.205.81.0/24. • For more information about RIS beacons and anchors, please see: http://www.ripe.net/datatools/stats/ris/ris-routing-beacons RIPE NCC Database Group - 27 April 2011 12 AP61.2: Appropriate level of password hash • This action point was for the RIPE NCC to investigate using SHA2 for passwords. • Proposal sent to mailing list • Discussion can follow this update. RIPE NCC Database Group - 27 April 2011 13 Policy 2010-06 • The RIPE community approved RIPE Policy Proposal 2010-06, "Registration Requirements for IPv6 End User Assignments". • The proposal is available at: http://www.ripe.net/ripe/policies/proposals/2010-06 RIPE NCC Database Group - 27 April 2011 14 Policy 2010-06 (cont’d) • On the 15th of February the RIPE NCC deployed a version of the RIPE Database that implements the policy in the RIPE Database and other RIPE NCC processes, where necessary. • Details of how to use the new aggregation feature of the RIPE Database can be found at: http://www.ripe.net/data-tools/support/documentation/ documenting-ipv6-assignments-in-the-ripe-database • Currently 53340 INET6NUM objects in RIPE Database • 75 have status AGGREGATED-BY-LIR RIPE NCC Database Group - 27 April 2011 15 Policy 2007-01 • 2007-01 is Contractual Requirements for Provider Independent Resource Holders in the RIPE NCC Service Region • As part of the 2007-01 policy implementation the RIPE NCC has to: – Add RIPE-NCC-END-MNT to all AUT-NUM objects – Change RIPE-NCC-HM-PI-MNT to RIPE-NCC-ENDMNT on PI assignment objects or add where necessary RIPE NCC Database Group - 27 April 2011 16 Dash notation in reverse DOMAIN • Proposal sent to mailing list • Drop current dash ‘-’ syntax and expansion from third octet (1-100.2.10.in-addr.arpa) • Causes problems with DNSSEC • Allow dash in fourth octet for classless delegations (6-25.1.2.10.in-addr.arpa) • Stored in RIPE Database with dash • Expansion done by DNS provisioning RIPE NCC Database Group - 27 April 2011 17 Geolocating Kaveh Ranjbar Database Group Manager, RIPE NCC The Problem • No mechanism to link IP addresses to a location • No internationalisation information • Establishing this is difficult and error prone: • – Finding out a postal address is hard – Translating the address to a geolocation is hard – Knowing the language at that location is not always clear User services based on location and internationalisation may be mismatched – Access to certain services could be blocked – Content could be delivered in the wrong language RIPE NCC Database Group - 27 April 2011 19 The Solution • Location and internationalisation details can be optionally linked to IP addresses – • • Resolution determined by LIR The holder of an IP address block is: – The authority on where the block is used – Knows the preferred language – Maintainer of the IP address data The RIPE NCC can provide the mechanism through the RIPE Database to establish this link RIPE NCC Database Group - 27 April 2011 20 Everybody Benefits • • End Users – Providers can serve content in the desired language – and related to the user’s location LIRs – More control over location based services supplied – • Content Providers – • Less End User complaints Easier to address their target audience RIPE Database – Holds more accurate location data RIPE NCC Database Group - 27 April 2011 21 The Way Forward • Interest expressed from Google, MaxMind, IP2Location – If location data is added to your RIPE Database objects, it can be automatically included in their data sets – higher • priority input, authoritative source RIPE NCC will develop simple prototype on RIPE Labs RIPE NCC Database Group - 27 April 2011 22 Development & Innovation highlights Bogdan Dumitrescu Software Engineer Prototypes and new services on RIPE Labs • • • GRS Sources and the RIPE Database API - RIPE-GRS, APNIC-GRS, ARIN-GRS, LACNIC-GRS, RADB-GRS - No personal data, no query limits, data may include non RPSL attributes RIPE Database REST API: Query + CRUD - New interfaces to the RIPE Database (HTTPS, XML, JSON, XLink, XPath, etc.) - Reusable building blocks for other services and tools - http://labs.ripe.net/Members/bfiorell/api-documentation Search forms and tools – ready for production - • Search, Lookup, Free-text Search, Abuse Finder Work in progress - Update Forms, Crypt Utils, Change Maintainer Authorisation - REST CRUD API, new services for power users RIPE NCC Database Group - 27 April 2011 24 Demo Bogdan Dumitrescu Software Engineer Questions?