Powerpoint - Workshops

Download Report

Transcript Powerpoint - Workshops

So, you want to apply for address
space
(or your customers are asking you)
AfNOG Workshop, May 2002
Lome, Togo
Overview
•
•
•
•
•
•
Definitions: IR, LIR, RIR
Registry system requirements
Network plan
Becoming a LIR
Policy mechanism
WHOIS database
Disclaimer
• This presentation uses materials from the
Registries
• I used to for for one of the Regional
Registries
• I am not speaking on behalf of the
Registries!
• This is about numbers
– not about domain names
Who are involved?
IANA
/8
RIR
 /20
LIR
(ISP/Enterprise)
 /32
ISP / End Users
(ARIN, APNIC, RIPE)
Definition:Internet Registry (IR)
• organisation which allocates, assigns and
registers Internet resources (IP addresses,
ASNs)
Definition: Regional Internet
Registry (RIR)
• organisation with regional responsibility for
management of Internet resources
• allocates address space to LIRs
• address registration services, co-ordination
and policy development
• APNIC, ARIN, RIPE-NCC
• AfriNIC, LACNIC in formation
• Must be neutral and consensus-based
RIR Service Regions
AfriNIC
LACNIC
Definition: Local Internet
Registry (LIR)
– Gets allocated address space from RIR
– assigns address space to its customers
– Usually an ISP
• Very small ISPs get IP address space from their
upstream provider
Definition:
Allocation /Assignment
• Allocation
– A block of address space held by an IR for
subsequent allocation or assignment
• Not yet used to address any networks
• Assignment
– A block of address space used to address an
operational network
– May be provided to LIR customers, or used for
an LIR’s infrastructure (‘self-assignment’)
Definition: Allocation and
Assignment
RIR
Allocates IP addresses
LIR
LIR
Assigns IP addresses
Customer
Registry system requirements
• Assignment of globally unique (IP) address
space
• Registration
• Conservation of address space
• Minimize routing information (aggregation)
• Scalable
• Fair
Conservation
• A few years ago, consensus was that IPv4
address space would run out in the near
future
• Classless assignments causes this problem to
be a medium-term problem now
– Conservative address policies help
– NAT and other tricks help too
• but are not (and should not be) mandatory
• you will get the address space you need,
you may not get the address space you want
Aggregation
• Growth of global routing table faster than
Moore’s law
• Very serious concern for the growth of the
Internet
• Currently addressed through aggregation
– of multiple customers of the same ISP
– of different pieces of the same organisation
Growth of Global Routing
Table
Projected routing table
growth without CIDR
But they cannot be
relied on forever
CIDR made it work
for a while
Deployment
Period of CIDR
http://www.telstra.net/ops/bgptable.html
Aggregation and LIRs
• LIRs obtain block of allocated address
space from RIRs and assign from this block
• Different assignments by same LIR can be
part of the same routing prefix
– ‘Natural’ aggregation of multiple customers
• Assignments of ISP LIRs typically match
allocated block received from RIR
Definition: PI and PA
• Provider Independent (Portable)
•
•
•
•
Customer holds addresses independent from ISP
Customer keeps addresses when changing ISP
Bad for size of routing tables
Bad for QOS: routes may be filtered, flap-dampened
• Provider Aggregatable (Non-portable)
• Customer uses ISP’s address space
• Customer must renumber if changing ISP
• Only way to effectively scale the Internet
Ask for how much space?
• Where do you need the space for?
• Guessing on amount of space needed won’t
work:
– Not getting enough space doesn’t work
– Getting too much space leaves unused space
go to waiste
• Need an addressing plan
Addressing Plan
• Identify components of network
• Customer services
• ISP internal infrastructure
• Identify phases of deployment
• Starting off, 6 months, 12 months
• Identify equipment and topology changes
• Need for redundancy
• Need for increased scale
Network Plan
’
• Starting off
Interconnected resilience
Upstream
ISP
Leased line services
5-8 customers
10 hosts
Internal DNS,Web
Mail servers
5 hosts
Virtual web
(name based)
Customer services
Dialup services
16 modems
ISP Infrastructure
15 hosts
NOC
operations
Network Plan
one loopback interface per
assigned router /32
‘ip unnumbered’
to upstream ISP
5-8 leased line
customers
Upstream
ISP
10 hosts
WAN point to point /30
15 hosts
5 hosts
‘ip unnumbered’
to customers
16 dialup
modems
Addressing Plan
Initial addressing plan
•
-numbers of host addresses (interfaces)
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
16
5
128
15
10
4
2
analogue dialup modems, vendor ‘x’
LAN -web hosting (Name-based hosting)
5-8 leased line customers (/28)
LAN -NOC and Ops management
LAN -mail,DNS, web servers internal
loopback router interfaces
router WAN ports (x 5 lines)
Network Plan
• 6 months later
increased number of
leased line customers
• scale increased
• redundancyUpstream
ISP
increased number of
hosts on all LANs
30 leased line
customers
16 hostsServers
11 hosts
namebased
added new dial up
equipment
60 dialup
modems (2PRI)
added new router and
LAN for redundancy
replaced original
modem
60 dialup
modems (2PRI)
25 hostsNOC
8 hosts2ndary
Servers
Addressing Plan
• Network plan at 6 months
-increases in hosts (interfaces)
Changed description
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
16/ 60
5/ 11
128/ 512
15/ 25
10/ 16
4/ 6
2/ 2
network-plan:
network-plan:
0/
0/
60
8
2 PRI dialup modems, vendor ‘y’
LAN -web hosting (Name-based hosting)
30 leased line customers (pool)
LAN -NOC and Ops management
LAN -mail,DNS, web servers internal
loopback router interfaces
router WAN ports (x 8 lines)
2 PRI dialup modems
LAN-secondary servers
New hardware
Network Plan
• 12 months total
redundancy of WAN connections
now numbered links for BGP4
– site redundancy
– greater complexity
Upstream
– efficiency
ISP B
added new
customer router
Upstream
ISP A
60 leased line
customers
ip unnumbered
35 host
240 dialup
modems (8PRI)
11 hosts
240 dialup
modems (8PRI)
40 hosts
two pieces of
essential equipment
8 hosts
Addressing Plan
• Network plan at 12 months
-increases in hosts (interfaces)
-one year total
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
16/60/
0/60/
5/11/
128/512/
15/25/
10/16/
0/8/
2/2/
4/6
240
240
11
1020
40
35
8
2
12
8 PRI dialup modems, vendor x
8 PRI dialup modems, vendor y
LAN -web hosting (Name-based hosting)
60 leased line customers (pool)
LAN -NOC and Ops management
LAN -mail,DNS, web servers internal
LAN-secondary servers
router WAN ports (x 8 lines)
loopback router interfaces
Addressing Plan
• Can now determine subnet sizes
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
256
256
16
1024
64
64
8
4
16
16/60/240
0/60/240
5/11/11
128/512/1020
15/25/40
10/16/35
0/8/8
2/2/2
4/6/12
8 PRI dialup modems, vendor x
8 PRI dialup modems, vendor y
LAN -web hosting (Name-based hosting)
60 leased line customers (pool)
LAN -NOC and Ops management
LAN -mail,DNS, web servers internal
LAN-secondary servers
router WAN ports (x 8 lines)
loopback router interfaces
Addressing Plan
–Addressing plan for network-plan
– re-ordered large to small according to relative subnet size
– determination of relative subnet addresses
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
0.0.0.0
0.0.4.0
0.0.5.0
0.0.6.0
0.0.6.64
0.0.6.128
0.0.6.144
0.0.6.160
0.0.6.176
1024
256
256
64
64
16
16
16
4
128/512/1020
16/60/240
0/60/240
10/16/35
15/25/40
5/11/11
0/8/8
4/6/12
2/2/2
– cumulative total 0.0.6.208
60 leased line customers (pool)
8 PRI dial up modems, vendor x
8 PRI dial up modems, vendor y
LAN -mail,DNS, web internal
LAN -NOC and Ops management
LAN -web hosting (Name-based hosting)
LAN -secondary servers
loopback router interfaces
router WAN ports (x8)
Addressing Plan
–Addressing plan for network-plan
– determination of subnet masks
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
0.0.0.0
0.0.4.0
0.0.5.0
0.0.6.0
0.0.6.64
0.0.6.128
0.0.6.144
0.0.6.160
0.0.6.176
255.255.252.0 1024 128/512/1020 60 leased line customers
255.255.255.0
256 16/60/240 8 PRI dial up modems, vendor x
255.255.255.0
256 0/60/240
8 PRI dial up modems, vendor y
255.255.255.192
64 10/16/35
LAN -mail,DNS, web internal
255.255.255.192
64 15/25/40
LAN -NOC & Ops management
255.255.255.240
16 5/11/11
LAN -web hosting (Name-based)
255.255.255.240
16 0/8/8
LAN -secondary servers
255.255.255.240
16 4/6/12
loopback router interfaces
255.255.255.252
4
2/2/2
router WAN ports (x 8 )
Addressing Plan
– Addressing plan for network-plan
– connect to the Internet (full-time, part-time)?
network-plan: 0.0.0.0
network-plan: 0.0.4.0
network-plan: 0.0.5.0
network-plan: 0.0.6.0
network-plan: 0.0.6.64
network-plan: 0.0.6.128
network-plan: 0.0.6.144
network-plan: 0.0.6.160
network-plan: 0.0.6.176
255.255.252.0 YES 1024 128/512/1020
255.255.255.0
PART 256 16/60/240
255.255.255.0
PART 256 0/60/240
255.255.255.192 YES 64
10/16/35
255.255.255.192 YES 64
15/25/40
255.255.255.240 YES 16
5/11/11
255.255.255.240 YES 16 0/8/8
255.255.255.240 YES 16 4/6/12
255.255.255.252 YES 4
2/2/2
60 leased customers
8 PRI dial up modems..
8 PRI dial up modems..
LAN -mail,DNS, web internal
LAN -NOC & Ops management
LAN -web hosting (Name-based)
LAN -secondary servers
loopback router interfaces
router WAN ports (x 8 )
Addressing Plan
–Addressing plan complete
– total planned for customer assignments /22
– total planned for ISP infrastructure /24 + /23
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
network-plan:
0.0.0.0
0.0.4.0
0.0.5.0
0.0.6.0
0.0.6.64
0.0.6.128
0.0.6.144
0.0.6.160
0.0.6.176
255.255.252.0
255.255.255.0
255.255.255.0
255.255.255.192
255.255.255.192
255.255.255.240
255.255.255.240
255.255.255.240
255.255.255.252
YES
PART
PART
YES
YES
YES
YES
YES
YES
–detailed, efficient and accurate
1024
256
256
64
64
16
16
16
4
128/512/1020
16/60/240
0/60/240
10/16/35
15/25/40
5/11/11
0/8/8
4/6/12
2/2/2
60 leased line customers
8 PRI dial up modems..
8 PRI dial up modems..
LAN -mail,DNS, web internal
LAN -NOC & Ops management
LAN -web hosting (Name-based)
LAN -secondary servers
loopback router interfaces
router WAN ports (x 8 lines )
Minimizing space requirements
• Dynamic addresses for dialups
• Classless assignments
• Utilisation and efficiency guidelines
– 25% immediately, 50% in one year
– operational needs; no reservations
• RFC1918
• Name-based web hosting
• Unnumbered interfaces
Private Address Space
• RFC1918
– 10/8, 172.16/12, 192.168/16
– saves public address space
– allows for more flexibility
• Suitable when
– hosts do not require access to other networks
– access to outside services through application
layer GW
• Not a solution for address space shortage!
Web Hosting
• Name based hosting
– single IP address assigned to physical server
that hosts several virtual hosts
• IP based hosting
– single unique IP address assigned to each
virtual host
Name Based Hosting
• Conserves Address Space
• Requires
– support of “Host:” header in HTTP requests
– HTTP1.1 compliant browsers
• Technical Exceptions
– SSL certificates
• work ongoing at IETF to support name based
hosting
– Virtual ftp domains with anonymous login
IP Unnumbered
• R1 and R2 form a "virtual router"
• The serial link has no ip address
– All packets arriving at S0 of either router immediately
go to its E0
– All packets generated at E0 go onto serial link
• Conserves addresses but makes management harder
Whom to ask for address space
• Ask LIR of your (upstream) ISP
• Become LIR yourself! When?
– you have customers who need addresses
– you need more than a /21 in 1 year
Becoming an LIR?
• Advantages
– independent allocation
from RIR
– independent from LIR
of upstream provider
• Disadvantages
– has overhead
– costs resources
– costs $$$ (CFA,
cedis, ...)
– possible need to
renumber from
upstream LIR block
Responsibilities of an LIR
• Be familiar with latest IP policies
• Follow goals of Registry System
– conservation
– aggregation
– registration
• Manage allocations responsibly
• Keep up to date records
– internally
– WHOIS database
Influencing the RIR
• LIRs become member of association
controlling LIR
– LIR’s control RIR, RIR doesn’t control LIRs
•
•
•
•
Policies developed in open forums
Co-ordinated between RIRs and with IANA
Based on consensus rather than rules
Assures fair and open process
Policy Development Process
• Policy (changes) can be suggested by
– RIR Members/Local IRs
– RIR staff
– Public at large
• Policy must be
– fair to all
– ‘good’ for the Internet
– consistent with global policies
The whois Database
Introduction and Usage
Overview
•
•
•
•
•
What is the whois database?
Why use it?
Who uses it?
Database query process
Database update process
What is the whois Database?
• Network Management Database
• Contains information about
–
–
–
–
address space
DNS domains
IP routing policies
contact information
Why use the Database?
• Queries
– Ascertain custodianship of a resource
– Obtain details of technical contacts for a
network
– Investigate security incidents
– Track source of network abuse or “spam” email
Who uses the Database?
• Queries
– Internet Service Providers
– Site network managers and engineers
– Any Internet user
• Updates
– Internet registries (RIRs, LIRs)
– Internet Service Providers
– Anyone who holds an Internet resource
Database Objects
• Database object types
OBJECT
person
role
inetnum
inet6num
aut-num
as-macro
domain
route
mntner
PURPOSE
contact persons
contact groups/roles
IPv4 address allocations/assignments
IPv6 address allocations/assignments
autonomous system number
group of autonomous systems
reverse domains
prefixes being announced
(maintainer) database authorisation
Contact Information
Example object - ‘person’
Values
Attributes
person:
address:
address:
country:
phone:
fax-no:
e-mail:
nic-hdl:
mnt-by:
changed:
source:
Brajesh Jain
B 115 SARVODAYA ENCLAVE
NEW DELHI 110017
TH
+91-11-6864138
+91-11-6865888
[email protected]
BJ16-AP
MAINT-IN-ESTEL-BCJ
[email protected] 20000429
APNIC
Network Information
Example object - ‘inetnum’
Attributes
inetnum:
netname:
descr:
descr:
country:
admin-c:
tech-c:
mnt-by:
mnt-lower:
changed:
source:
Values
203.113.0.0 - 203.113.31.255
TOTNET-AP
Telephone Organization of THAILAND(TOT)
Telephone and IP Network Service Provider
TH
NM18-AP
RC80-AP
APNIC-HM
MAINT-TH-SS163-AP
[email protected] 19990922
APNIC
Database Query - Search Keys
OBJECT TYPE
person
role
mntner
inetnum
domain
aut-num
as-macro
route
inet6num
*
ATTRIBUTES - SEARCH KEYS
name, nic-hdl, e-mail
name, nic-hdl, e-mail
maintainer name
network number, name
domain name
as number
as-macro name
route value
network number, name
whois supports queries on any of these objects/keys
Database Query - Inetnum
% whois 203.127.128.0 - 203.127.159.255
% whois 202.127.128.0/19
% whois SINGNET-SG
inetnum:
203.127.128.0 - 203.127.159.255
netname:
SINGNET-SG
descr:
Singapore Telecommunications Ltd
descr:
31, Exeter Road, #02-00, Podium Block
descr:
Comcentre, 0923
country:
SG
admin-c:
CWL3-AP
tech-c:
CWL3-AP
mnt-by:
APNIC-HM
changed:
[email protected] 19990803
source:
APNIC
• Notes
• Incomplete addresses padded with “.0”
• Address without prefix interpreted as “/32”
Database Query - Inetnum
• RIPE extended whois client
ftp://ftp.ripe.net/ripe/dbase/software/ripe-dbase-3.0.tar.gz
• Flags used for inetnum queries
None
-L
-m
-M
-r
find exact match
find all less specific matches
find first level more specific matches
find all More specific matches
turn off recursive lookups
Database Query - Inetnum
inetnum hierarchy: whois 210.8.0.0/16
All less
specifics (-L)
Exact match
0/0
210/7
210.8/16
1st level
more
Specific (-m)
210.8.30/23
All more
specifics (-M)
Database Query - Inetnum
‘-M’ will find all assignments in a range in the database
% whois -M 202.144.0.0/19
inetnum:
netname:
descr:
.....
inetnum:
netname:
descr:
.....
inetnum:
descr:
descr:
.....
202.144.0.0 - 202.144.31.255
SILNET-AP
Satyam Infoway Pvt.Ltd.,
202.144.13.104 - 202.144.13.111
SOFTCOMNET
SOFTCOM LAN (Internet)IP.
202.144.1.0 - 202.144.1.255
SILNET
Satyam Infoway's Chennai LAN