The Internet Registry System
Download
Report
Transcript The Internet Registry System
The Internet Registry System
How to run a Local IR
NATO Workshop Tartu
June 2000
John Crain
John Crain
.
NATO Workshop, June 2000
.
1
http://www.ripe.net
Overview
• RIPE
• RIPE NCC
• Internet Registry System
• Running a Local Internet Registry
– IP address distribution & registration
– Reverse Delegation
– RIPE database
John Crain
.
NATO Workshop, June 2000
.
2
http://www.ripe.net
Questions always welcome!
John Crain
.
NATO Workshop, June 2000
.
3
http://www.ripe.net
Reseaux IP Européens
John Crain
.
NATO Workshop, June 2000
.
4
http://www.ripe.net
What is RIPE?
• Reseaux IP Européens (1989)
– forum for network engineers to discuss technical issues
• RIPE is
–
–
–
–
–
–
–
service provider forum
open for everybody
voluntary participation, no fees
works by consensus
encourages face-to-face discussion
acts like an “interest group” supporting Internet community
but has NO legal power
John Crain
.
NATO Workshop, June 2000
.
5
http://www.ripe.net
How RIPE Works
• RIPE chair <[email protected]>
– Chair: Rob Blokzijl (Nikhef)
• How does it work?
– Working groups
– Mailing lists
– Meetings
John Crain
.
NATO Workshop, June 2000
.
6
http://www.ripe.net
Join RIPE Working Groups
•
•
•
•
•
•
•
•
•
•
Local Internet Registries (LIR)
RIPE Database (DB)
IP version 6 (IPv6)
European Internet Exchange Forum (EIX)
Routing / MBONE
Domain Name System (DNS)
NETNEWS Co-ordination
Anti-Spam
Test-Traffic Project
European Operators Forum (EOF)
RIPE does NOT develop Internet Standards
John Crain
.
NATO Workshop, June 2000
.
7
http://www.ripe.net
Subscribe to RIPE Mailing Lists
• General announcement list
– <[email protected]>
• Working group lists
– <[email protected]>
– <[email protected]>
– etc.
• For more information
– Send “help” to <[email protected]>
• Join the mailing lists and get informed
http://www.ripe.net/info/maillists.html
John Crain
.
NATO Workshop, June 2000
.
8
http://www.ripe.net
RIPE Meetings
• 3 times a year
• ~3.5 day long
• 300+ participants
•
•
•
•
•
Working group meetings
Plenary
Presentations
Long breaks
Informal chats
John Crain
.
NATO Workshop, June 2000
.
9
http://www.ripe.net
Come to RIPE Meetings
•
•
•
•
Keep up to date with Internet developments
Meet others in the business
Gather information, tips, ideas
Influence directions in Internet administration
– in RIPE NCC service region and beyond
• Next meeting RIPE 37
– Amsterdam, 12-15. September 2000
– <[email protected]>
John Crain
.
NATO Workshop, June 2000
.
10
http://www.ripe.net
RIPE Meeting Attendees in 1999
AT
UNK
DK
FR
ES
SE
IT
US
FI
BE
other
RU
CH
HU
EU
CZ
PT
IE
NL
GB
DE
NO
UK
Total 857
John Crain
.
NATO Workshop, June 2000
.
11
http://www.ripe.net
RIPE Meeting Attendance per Organisational Category
1999
EDU
14%
GOV Unkown
8%
0%
Assoc.
14%
COM
64%
John Crain
.
NATO Workshop, June 2000
.
12
http://www.ripe.net
Global Context
World-wide Internet
Technical Development & Standards Body
IETF
World-wide Operators Forum
IEPG
EU Operators
USA Operators
RIPE
NANOG
Asian Operators
APRICOT
John Crain
.
NATO Workshop, June 2000
.
13
http://www.ripe.net
RIPE
Network Coordination Centre
John Crain
.
NATO Workshop, June 2000
.
14
http://www.ripe.net
What is the RIPE NCC?
• Not-for-profit association under Dutch law
• 8 years of history
• 2000+ members (mainly ISPs, but open to
anyone)
• Co-ordination and support services for ISPs
John Crain
.
NATO Workshop, June 2000
.
15
http://www.ripe.net
Why a NCC ?
• RIPE participation was increasing
• Too much RIPE work done on a voluntary basis
• Activities require continuity & co-ordination
• Neutrality and impartiality is important
• Contact point inside & outside RIPE region
John Crain
.
NATO Workshop, June 2000
.
16
http://www.ripe.net
RIPE NCC History
• April 1992: Birth of the RIPE NCC
– TERENA legal umbrella
• September 1992: RIR Function
• 1995: Contributing Local IRs
• 1998: Independent Organisation
– not-for-profit association under Dutch law
– General Assembly of all members
– Executive Board of elected nominees
http://www.ripe.net/annual-report/99ar.html
John Crain
.
NATO Workshop, June 2000
.
17
http://www.ripe.net
Vital Statistics
• Statistics 1992
–
–
–
–
3 staff members
No Local IR’s
182,528 hosts in European Internet
7,955 objects in RIPE database (June ‘92)
• Statistics Now
–
–
–
–
60 staff (21 nationalities)
2,000+ participating Local IR’s
11,000,000+ hosts in the “European” Internet
5,000,000+ objects in the database
John Crain
.
NATO Workshop, June 2000
.
18
http://www.ripe.net
RIPE NCC Membership
2,000
1,800
1,600
1,400
1,200
1,000
800
600
400
200
0
1993
John Crain
1994
.
1995
1996
1997
NATO Workshop, June 2000
1998
.
1999
May
15,
2000
19
http://www.ripe.net
New LIRs per Region 1999
Europe : 551
(Including Turkey, Georgia and Kyrgyz Republic)
Middle-East: 31
(including Israel and Iran)
Africa: 8
John Crain
.
NATO Workshop, June 2000
.
20
http://www.ripe.net
y
K
N
y
et us
h s
er ia
la
n
d
s
S
p
ai
F
S ra n
w n
it c
ze e
rl
an
P d
o
la
n
T d
u
rk
U ey
kr
ai
F ne
in
la
n
G d
re
e
N ce
o
r
B wa
el y
g
iu
m
E
D gyp
en t
m
C
ze P ar
ch or k
t
R ug
ep al
u
H bli
u c
n
g
S ar
lo y
ve
n
ia
al
U
an
It
m
R
er
G
New LIRs in 2000
120
109
100
80
80
60
50
47
40
28 27
20
20 20 19
John Crain
.
16 16
11 11
NATO Workshop, June 2000
.
9
8
6
5
http://www.ripe.net
5
4
4
4
0
21
RIPE NCC Activities (1)
Member Services
• Registration Services
– IPv4 addresses
– IPv6 addresses
– AS numbers
– Reverse domain name delegation
– LIR Training Courses
John Crain
.
NATO Workshop, June 2000
.
22
http://www.ripe.net
RIPE NCC Activities (2)
Public Services
• Co-ordination
–
–
–
–
RIPE support
RIPE database maintenance
Routing Registry Maintenance (RR)
Liaison with:
• LIRs / RIRs / ICANN / etc …
– Information dissemination
• New Projects
– Test Traffic
– Routing Information Service (RIS)
– Routing Registry Consistency (RR)
John Crain
.
NATO Workshop, June 2000
.
23
http://www.ripe.net
Formal Decision Making
“Consensus” Model
RIPE proposes activity plan
RIPE NCC proposes budget to accompany
activity plan
General Assembly votes on both
activities and budget at yearly meeting
John Crain
.
NATO Workshop, June 2000
.
24
http://www.ripe.net
Global Internet Registry System
John Crain
.
NATO Workshop, June 2000
.
25
http://www.ripe.net
Authority in the Net??
• The Internet Corporation for Assigned Names and Numbers
(ICANN) is the non-profit corporation that was formed to assume
responsibility for the IP address space allocation, protocol
parameter assignment, domain name system management, and
root server system management functions now performed under
U.S. Government contract by IANA and other entities.
John Crain
.
NATO Workshop, June 2000
.
26
http://www.ripe.net
Structure of ICANN
The Internet Corporation for Assigned Names and Numbers
ICANN
3 Supporting
Organizations
Protocols
IETF,
ITU,
WWWC,
ETSI
DNS
Addresses
www.dnso.org
APNIC
ARIN
RIPE NCC
http://www.icann.org
John Crain
.
NATO Workshop, June 2000
.
27
http://www.ripe.net
Address Supporting Organization
•
•
•
•
•
RIR agreed on a proposal
“Simple model”
MoU between ICANN and RIRs
Policies set through existing regional processes
Address Council established
– oversee policy development processes
– select ICANN directors (open process)
http://www.aso.icann.org
John Crain
.
NATO Workshop, June 2000
.
28
http://www.ripe.net
RIR Service Regions
ARIN
John Crain
.
RIPE NCC
NATO Workshop, June 2000
.
APNIC
29
http://www.ripe.net
Goals of the Internet Registry
System
• Fair distribution of address space
• Conservation
– prevention of stockpiling of addresses
• Aggregation
– hierarchical distribution of globally unique address space
– permits aggregation of routing information
• Registration
– provision of public registry
– ensures uniqueness and enables troubleshooting
John Crain
.
NATO Workshop, June 2000
.
30
http://www.ripe.net
Address Distribution
Global Authority
/8
RIR
/20 +
LIR
/32 +
End Users
John Crain
.
RIPE NCC Members
Anybody with a network/host
NATO Workshop, June 2000
.
31
http://www.ripe.net
Running a Local Internet Registry
John Crain
.
NATO Workshop, June 2000
.
32
http://www.ripe.net
How to get IP addresses?
• Go to your Local Internet Registry.
– Your provider is probably one or is connected to one
http://www.ripe.net/lir/registries/europe.html
• If you are a provider and think you may need to
be an LIR? Contact NCC <[email protected]>
John Crain
.
NATO Workshop, June 2000
.
33
http://www.ripe.net
Becoming a LIR
• Complete application form (ripe-160)
• Provide Reg-ID & contact persons
– <[email protected]>
• Read relevant RIPE documents
• Sign service agreement (ripe-191)
– agreed to follow policies and procedures
• Pay sign-up & yearly fee
– <[email protected]>
John Crain
.
NATO Workshop, June 2000
.
34
http://www.ripe.net
Address Space Usage
100,000,000
213/8
212/8
62/8
195/8
194/8
193/8
80,000,000
60,000,000
98%
97%
96,5%
40,1%
40,000,000
97%
20,000,000
60%
.
.
4
Q / 99
1/
20
Q 00
2/
20
00
99
Q
Q
3/
99
Q
2/
99
Q
1/
98
4/
98
Q
3/
98
NATO Workshop, June 2000
Q
2/
98
Q
Q
1/
97
Q
4/
97
Q
3/
97
2/
97
Q
1/
96
Q
4/
96
John Crain
Q
Q
3/
96
Q
2/
96
1/
Q
Q
4/
95
0
35
http://www.ripe.net
IPv6
• Draft allocation guidelines
– currently under revision by community
• Address allocation started
– 17 sub-TLAs allocated by RIPE NCC
http://www.ripe.net/ripencc/mem-services/registration/ipv6/ipv6.html
John Crain
.
NATO Workshop, June 2000
.
36
http://www.ripe.net
DNS Activities
John Crain
.
NATO Workshop, June 2000
.
37
http://www.ripe.net
RIPE NCC Hostcount per Quarter
12,000,000
10,000,000
8,000,000
6,000,000
4,000,000
2,000,000
John Crain
.
NATO Workshop, June 2000
.
Q1/2000
Q3/99
Q1/99
Q3/98
Q1/98
Q3/97
Q1/97
Q3/96
Q1/96
Q3/95
Q1/95
Q3/94
Q1/94
0
38
http://www.ripe.net
DNS Management
• Goals
– ensure proper operation of name servers
– minimise “pollution” of DNS
• Services
– manage reverse delegations of networks in 193/8, 194/8, 195/8,
212/8, 213/8 and 62/8 in-addr.arpa domain
– support local IR’s with feedback
– secondary name servers for ccTLDs
• RIPE NCC DOES NOT register domain names
John Crain
.
NATO Workshop, June 2000
.
39
http://www.ripe.net
Why Do You Need Reverse
Delegation ?
• All host-IP mappings in the DNS (A record)
should have a corresponding IP-host mapping
(PTR record)
• Failure to have this will likely
– block users from various services (ftp, mail)
– make troubleshooting more difficult
– produce more useless network traffic in general
John Crain
.
NATO Workshop, June 2000
.
40
http://www.ripe.net
Request Reverse Delegation
• Send domain object to <[email protected]>
– an automatic mailbox
• Tool will
– check if zone is correctly setup
– check assignment validity
– (try to) enter object to RIPE DB
• Questions, Comments to <[email protected]>
John Crain
.
NATO Workshop, June 2000
.
41
http://www.ripe.net
Reverse DNS Quality Report
•
•
•
•
80% of delegating zones good
Quality improving
~500 new zones /week
52.3% of eligible /24 zones are delegated
http://www.ripe.net/inaddr/statistics
John Crain
.
NATO Workshop, June 2000
.
42
http://www.ripe.net
The RIPE Database
Its usage and its usefulness
John Crain
.
NATO Workshop, June 2000
.
43
http://www.ripe.net
RIPE Database
• Network Management Database
• Data Management
– Local IR’s, other ISPs and RIPE NCC
• Software Management
– RIPE NCC with Database Working Group
– Re-implementation in progress
John Crain
.
NATO Workshop, June 2000
.
44
http://www.ripe.net
RIPE Database
• RIPE whois server
whois.ripe.net
• RIPE whois client
ftp://ftp.ripe.net/ripe/dbase/software/ripe-dbase-2.2.1.tar.gz
• Glimpse full text search
http://www.ripe.net/db/index.html
• Database documentation
http://www.ripe.net/docs/ripe-157.html
http://www.ripe.net/docs/ripe-189.html
John Crain
.
NATO Workshop, June 2000
.
45
http://www.ripe.net
Some Database Objects
–
–
–
–
–
–
–
–
–
–
person:
role:
inetnum:
mntner:
domain:
route:
aut-num:
as-macro:
community:
inet6num:
John Crain
contact persons
contact groups/roles
address assignments & networks
authorisation of objects
forward and reverse domains
announced routes
autonomous system
group of autonomous systems
group of routes
experimental object for IPv6 addresses
.
NATO Workshop, June 2000
.
46
http://www.ripe.net
Ja
nM 97
ar
M 97
ay
-9
Ju 7
lS e 97
pNo 97
v9
Ja 7
nM 98
ar
M 98
ay
-9
Ju 8
lS e 98
pNo 98
v9
Ja 8
nM 99
ar
-9
Ap 9
r-9
Ju 9
nA u 99
g9
O 9
ct
D 99
ec
F e 99
b0
Ap 0
r-0
0
Almost 5 Million Objects
6,000,000
5,000,000
4,885,891
4,000,000
3,000,000
2,000,000
1,000,000
0
John Crain
.
NATO Workshop, June 2000
.
http://www.ripe.net
47
‘person’ Object
person:
address:
address:
address:
address:
phone:
fax-no:
e-mail:
nic-hdl:
notify:
changed:
changed:
source:
John Crain
Mirjam Kuehne
RIPE NCC
Singel 258
NL - 1016 AB Amsterdam
Netherlands
+31 20 535 4444
+31 20 535 4445
[email protected]
MK16-RIPE
[email protected]
[email protected] 19950411
[email protected] 19970616
RIPE
.
NATO Workshop, June 2000
.
48
http://www.ripe.net
‘role’ Object
role:
address:
address:
address:
phone:
e-mail:
trouble:
trouble:
admin-c:
tech-c:
notify:
nic-hdl:
changed:
source:
John Crain
RIPE NCC Hostmaster
RIPE Network Coordination Centre
Singel 258
NL - 1016 AB Amsterdam, Netherlands
+31 20 535 4444
[email protected]
Work days 0900-1800 CET: phone XXX
Outside Business Hours: phone YYY
JLC2-RIPE
MK16-RIPE
[email protected]
RNH124-RIPE
[email protected] 19971002
RIPE
.
NATO Workshop, June 2000
.
49
http://www.ripe.net
Network Object
inetnum:
netname:
descr:
descr:
country:
admin-c:
tech-c:
status:
mnt-by:
changed:
source:
193.0.0.0 - 193.0.0.255
RIPE-NCC
RIPE Network Co-ordination Centre
Amsterdam, Netherlands
NL
JLC2-RIPE
MK16-RIPE
ASSIGNED PA
RIPE-NCC-MNT
[email protected] 19970310
RIPE
• “/” notation possible for inetnum value
John Crain
.
NATO Workshop, June 2000
.
50
http://www.ripe.net
Querying the Database
• Search keys (Look-up Keys)
–
–
–
–
–
–
–
–
–
person
role
maintainer
inetnum
domain
aut-num
as-macro
community
route
name, nic-hdl, e-mail
name, nic-hdl, e-mail
maintainer name
network number, network name
domain name
AS number
AS-macro name
community name
route value
• Network number and route value are classless
• Network name is a search key, but not unique
John Crain
.
NATO Workshop, June 2000
.
51
http://www.ripe.net
Queries Reach 7/sec Average
7/sec
20,000,000
15,000,000
10,000,000
5,000,000
John Crain
.
NATO Workshop, June 2000
.
Apr-00
Feb-00
Dec-99
Oct-99
Aug-99
Jun-99
Apr-99
Feb-99
Dec-98
Oct-98
Aug-98
Jun-98
Apr-98
Feb-98
Dec-97
Oct-97
Aug-97
Jun-97
Apr-97
Feb-97
Dec-96
0
52
http://www.ripe.net
Example query
whois 193.0.0.0
inetnum:
netname:
admin-c:
tech-c:
193.0.0.0 - 193.0.0.255
RIPE-NCC
DK58
OPS4-RIPE
route:
descr:
193.0.0.0/24
RIPE-NCC
role:
address:
nic-hdl:
RIPE NCC Operations
Singel 258
OPS4-RIPE
person:
address:
nic-hdl:
Daniel Karrenberg
RIPE Network Coordination Centre (NCC)
DK58
John Crain
.
NATO Workshop, June 2000
.
53
http://www.ripe.net
whois -h and -a
• whois -h query a specific host
– whois -h whois.ripe.net
– whois -h whois.arin.net
• whois -a includes the following sources
–
–
–
–
–
–
–
RADB
CANET
MCI
ANS
APNIC
ARIN
RIPE
John Crain
.
NATO Workshop, June 2000
.
54
http://www.ripe.net
whois -t (person)
person:
address:
phone:
fax-no:
e-mail:
nic-hdl:
remarks:
notify:
mnt-by:
changed:
[mandatory]
[mandatory]
[mandatory]
[optional]
[optional]
[mandatory]
[optional]
[optional]
[optional]
[mandatory]
source:
[mandatory] [single]
John Crain
.
[single]
[multiple]
[multiple]
[multiple]
[multiple]
[single]
[multiple]
[multiple]
[multiple]
[multiple]
[primary/look-up key]
[]
[]
[]
[look-up key]
[primary/look-up key]
[]
[inverse key]
[inverse key]
[]
[]
NATO Workshop, June 2000
.
55
http://www.ripe.net
whois -i
• Inverse lookup for special arguments
• Examples:
–
–
–
–
whois -i tech-c,admin-c,zone-c MK16-RIPE
whois -i notify [email protected]
whois -i origin AS1234
whois -i mnt-by AS1234-MNT
John Crain
.
NATO Workshop, June 2000
.
56
http://www.ripe.net
Example Query
0/0
All less
specifics (-L)
193/8
Exact /
1st less specific
(default)
193.1/16
1st level
more
specific (-m)
All more
specifics (-M)
Example query : 193.1.0.0/16
John Crain
.
NATO Workshop, June 2000
.
57
http://www.ripe.net
RIPE whois Flags
•
•
•
•
•
•
i
L
m
M
r
T
inverse lookup for specified attributes
find all Less specific matches
find first level more specific matches
find all More specific matches
turn off recursive lookups
type only look for objects of type (inetnum,
route, etc..)
John Crain
.
NATO Workshop, June 2000
.
58
http://www.ripe.net
More RIPE whois Flags
•
•
•
•
•
a
h
s
t
v
search all databases
hostname search alternate server
search databases with source “source”
show template for object of type “type”
verbose information for object of type “type”
• and don’t forget whois help
(how to query the database)
John Crain
.
NATO Workshop, June 2000
.
59
http://www.ripe.net
DB Update Procedure
• Changing an object
– add the changed line to the new version of object
• value: email address and date
– keep the same primary key
* do not forget authentication (password, PGP key)
• Deleting an object
– add delete line to the exact copy of current object
– value: email address, reason and date
– submit to <[email protected]>
John Crain
.
NATO Workshop, June 2000
.
60
http://www.ripe.net
DB Update Procedure
• Unique Keys (Primary Keys)
– person
name + nic-hdl
– role
name + nic-hdl
– maintainer
maintainer name
– inetnum
network number
– domain
domain name
– aut-num
AS number
– as-macro
AS-macro name
– community
community name
– route
route value + origin
• Uniquely identifies object
• Updating an existing object will overwrite the old entry
hence need unique key
John Crain
.
NATO Workshop, June 2000
.
61
http://www.ripe.net
E-mail Interface
• <[email protected]>
– automatic mailbox
– send all updates to this mailbox
– can use HELP in subject line
• <[email protected]>
– send questions and comments to this mailbox
• Test Database
– test-whois.ripe.net
– <[email protected]>
John Crain
.
NATO Workshop, June 2000
.
62
http://www.ripe.net
Syntax Checking
• Successful update
• Warnings
– object corrected and accepted
– notification of action taken in acknowledgement
• Errors
– object NOT corrected and NOT accepted
– diagnostics in acknowledgement
– if not understandable send e-mail to
• <[email protected]>
– please include object and error reports
John Crain
.
NATO Workshop, June 2000
.
63
http://www.ripe.net
Example Error Message
Update FAILED: [person] Mirjam Kuehne
person:
address:
address:
address:
phone:
fax-no:
e-mail:
changed:
source:
Mirjam Kuehne
RIPE NCC
Singel 258, NL-1016 AB, Amsterdam
The Netherlands
+31 20 535 4444
+31 20 535 4445
[email protected]
[email protected] 19980828
RIPE
WARNING: date in "changed" (980828) changed to 19980828
*ERROR*: mandatory field "nic-hdl" missing
John Crain
.
NATO Workshop, June 2000
.
64
http://www.ripe.net
Deleting an Object
• Add delete attribute to copy of current object
person:
address:
address:
address:
address:
phone:
fax-no:
e-mail:
nic-hdl:
changed:
source:
delete:
Mirjam Kuehne
RIPE NCC
Singel 258
NL - 1016 AB Amsterdam
Netherlands
+31 20 535 4444
+31 20 535 4445
[email protected]
MK16-RIPE
[email protected] 19980911
RIPE
[email protected] late for training
• Submit to database
John Crain
.
NATO Workshop, June 2000
.
65
http://www.ripe.net
Nic-hdl’s (Example)
person: John F. Doe
………
JFD304-RIPE
nic-hdl: AUTO-1JFD
person: Anne Smith
………
nic-hdl: AUTO-2
AS519-RIPE
inetnum: ………
………
admin-c: AUTO-1JFD
JFD304-RIPE
tech-c:
AUTO-2
AS519-RIPE
John Crain
.
NATO Workshop, June 2000
.
66
http://www.ripe.net
Questions?
John Crain
.
NATO Workshop, June 2000
.
67
http://www.ripe.net
Organizations
AFRINIC
African Network Information Centre
http://www.afrinic.org
Asian Pacific Network Information Centre
http://www.apnic.net
American Registry for Internet Numbers
http://www.arin.net
Central and Eastern European Networking Association
http://www.ceenet.org
Council of European National Top level domain Registries
http://www.centr.org
Commercial Internet Exchange
http://www.cix.org
European Telecommunications Standards Institute
http://www.etsi.org
European Internet Service Providers Association
http://www.euroispa.org
Internet Assigned Numbers Authority
http://www.iana.org
APNIC
ARIN
CEENet
CENTR
CIX
ETSI
EuroISPA
IANA
John Crain
.
NATO Workshop, June 2000
.
68
http://www.ripe.net
Organizations
ICANN
Internet Corporation for Assigned Numbers and Names
http://www.icann.net
Internet Engineering Task Force
http://www.ietf.org
International Telecommunications Union
http://www.itu.int
North American Network Operators Group
http://www.nanog.org
Reseaux IP European Network
http://www.ripe.net
RIPE Network Coordination Centre
http://www.ripe.net
World Wide Web Consortium
http://www.w3.org
IETF
ITU
NANOG
RIPE
RIPE NCC
W3C
John Crain
.
NATO Workshop, June 2000
.
69
http://www.ripe.net