NATO Advanced Networking Workshop. Ljubljana, 19 September “How to Run a Local Internet Registry” or all your IPs are belong to us! RIPE Network Coordination Centre

NATO Advanced Networking Workshop. Ljubljana, 19 September Objectives –to make participants familiar with terminology of Internet resources distribution –to broadly/quickly describe procedures and policies –to point to references (documents, tools…) Assumption about audience –clients of existing Local Internet Registries –will soon be employed by a Registry –will want to establish LIR themselves Scope –mostly administrative –no technical details about running an ISP ALWAYS ASK QUESTIONS!

NATO Advanced Networking Workshop. Ljubljana, 19 September Schedule RIPE & RIPE NCC IP Address Space Distribution –obtaining the Address Spaceobtaining the Address Space through the existing LIR Being an LIR –setting up an LIR –requesting assignment approval –how to manage your allocation Additional Policies and Procedures –assignment window & evaluation –additional allocation –Provider Independent address space Reverse DNS AS Numbers and Routing Registry IPv6 Next: RIPE whois Database

NATO Advanced Networking Workshop. Ljubljana, 19 September Introduction to RIPE and RIPE NCC Réseaux IP Européens (1989) –RIPE is a collaborative organisation open to all parties interested in Internet administration, development and operations of IP networks RIPE Network Co-ordination Centre –membership organisation which supports its members and RIPE community –one of 3 Regional Internet Registries (RIR)

NATO Advanced Networking Workshop. Ljubljana, 19 September How RIPE Works RIPE works as –open forum –voluntary participation –decisions made by consensus –meetings –working groups mailing lists web archived –not a legal entity –does NOT develop Internet Standards RIPE chair

NATO Advanced Networking Workshop. Ljubljana, 19 September Join RIPE Working Groups Local Internet Registries (LIR) –join the open process of making address space policies! RIPE Database (DB) IP version 6 (IPv6) European Internet Exchange Forum (EIX) Routing / MBONE Domain Name System (DNS) NETNEWS Co-ordination Anti-Spam European Operators Forum (EOF) Tools (new) Technical security (new)

NATO Advanced Networking Workshop. Ljubljana, 19 September RIPE Meetings 3 times a year RIPE 40, Prague, Czech Republic, 1-5 Oct to 5 day long 300+ participants Working group meetings Plenary Long breaks / social events Connectivity (IPv4, IPv6, wireless)

NATO Advanced Networking Workshop. Ljubljana, 19 September Why a NCC? RIPE participation was increasing Too much RIPE work to be done on a voluntary basis Activities require continuity and co-ordination Neutrality and impartiality are needed Contact point inside and outside RIPE region From ’92 till ’98 part of TERENA –In ’98 registered as not-for-profit association Since ’95 funded by contributing members

NATO Advanced Networking Workshop. Ljubljana, 19 September Vital Statistics Statistics 1992 –3 staff members –No Local IRs –182,528 hosts in European Internet –7,955 objects in RIPE database (June ‘92) Statistics Now –70 staff (23 nationalities) –2,900+ participating Local IRs –15,200,000+ countable hosts in the RIPE NCC region –3,500,000+ objects in the database

NATO Advanced Networking Workshop. Ljubljana, 19 September Formal Decision Making “Consensus” Model RIPE proposes activity plan RIPE NCC proposes budget to accompany activity plan (ripe-213) At Annual General Meeting membership votes on both activities and budget

NATO Advanced Networking Workshop. Ljubljana, 19 September RIPE NCC in Global Context PSOASODNSO RIPE NCC ARIN APNIC ICANN RIPEAPNIC mtg.ARIN mtg. At Large IETF, w3c, ETSI,...

NATO Advanced Networking Workshop. Ljubljana, 19 September Service Regions

NATO Advanced Networking Workshop. Ljubljana, 19 September RIPE NCC Services Member Services Registration Services –IPv4 addresses –IPv6 addresses –AS numbers –LIR Training Courses Reverse domain delegation –NOT registering domain names Test Traffic Measurements Public Services RIPE whois DB maintenance –Routing Registry Maintenance Co-ordination and liaison –RIPE support Information dissemination New Projects –RIS, R2C2, DISI Maintenance of tools

NATO Advanced Networking Workshop. Ljubljana, 19 September RIPE NCC R&D Test Traffic Measurements ( ) –independent measurements of connectivity parameters (delays and routing-vectors) in the Internet. Routing Information Service ( ) –collect information about BGP routing much like the "looking glass" services, not only in real time but also for user selectable time periods in the past & at different locations around the Internet DISI ( ) –Deployment of Internet Security Infrastructures –e.g. DNSSEC

NATO Advanced Networking Workshop. Ljubljana, 19 September Questions?

NATO Advanced Networking Workshop. Ljubljana, 19 September IP Address Space Distribution

NATO Advanced Networking Workshop. Ljubljana, 19 September Problems and Solutions History: –Classfull (A,B,C; fast depletion, routing table growth) –Subnetting –Supernetting –Variable Length Subnet Mask Classless Inter Domain Routing (‘94) –flexible boundary between network and host part source and destination address in the prefix format –route aggregation Hierarchical registry structure –topologically significant address allocation

NATO Advanced Networking Workshop. Ljubljana, 19 September Classless Notation (CIDR) AddressesPrefixClassfulNet Mask... 8 / / / / / /241 C /2016 C’s /1932 C’s /18 /17 /16 64 C’s 128 C’s 1 B

NATO Advanced Networking Workshop. Ljubljana, 19 September Global Registries Structure Global Authority RIR /8 LIR (ISP/Enterprise) /20 +RIPE NCC Members ISP / End Users /32 + Anybody with a network / host

NATO Advanced Networking Workshop. Ljubljana, 19 September Goals of the Registry Structure Fairness Conservation Aggregation Registration

NATO Advanced Networking Workshop. Ljubljana, 19 September Terminology / Jargon Local Internet Registry (LIR) –organisation which assigns address space to end-users –member of RIPE NCC, receives membership services Allocation –address space given to registries which is held by LIRs to assign to customers or LIR’s own organisation Assignment –address space given to end-users for use in operational networks

NATO Advanced Networking Workshop. Ljubljana, 19 September Even More Terminology Assignment Window –maximum amount of address space an LIR can assign to each of its customers (and itself) per 12 months –initially set to 0 (ZERO)  LIR needs to REQUEST approval from RIPE NCC for any assignment Policies and procedures ripe-185 for IPv4 space ripe-196 for IPv6 space rfc-2050 for global policies –all of them being in the process of re-writing!

NATO Advanced Networking Workshop. Ljubljana, 19 September … Address Space Provider Aggregatable... good for routing tables  customer must renumber if changing ISP/LIR Provider Independent... customer takes addresses when changing ISP/LIR  possible routing problems (ripe-222) Private... –rfc-1918 (10/8, /12, /16) Portable... –PI assignment, PA allocation, IPv6 subTLA –RIPE NCC responsible for the reverse DNS delegation

NATO Advanced Networking Workshop. Ljubljana, 19 September Terms Illustrated IANA / ICANN RIPE NCC Enterprise LIR Local IR Registry ISP End User Allocating Assigning PI assignment

NATO Advanced Networking Workshop. Ljubljana, 19 September Obtaining the Address Space through the existing LIR

NATO Advanced Networking Workshop. Ljubljana, 19 September PA Assignment Process LIR Evaluates Request Approach RIPE NCC ( * ) request > AW? need 2nd opinion? yes no yes LIR Updates RIPE Database LIR Updates Local Records LIR Chooses Addresses RIPE NCC evaluates & approves ( * ) Total size of the request plus any other address space assigned within last 12 months inetnum object: netname, size, date client

NATO Advanced Networking Workshop. Ljubljana, 19 September Providing Information (1)  Overview of organisation –name and location of the company? –activities? –structure? does it have subsidiaries and where? for what part of the company are the addresses requested? Current Address Space Usage –renumbering and returning? (encouraged!) Additional Information –deployment plan, purchase receipts –topology map

NATO Advanced Networking Workshop. Ljubljana, 19 September Providing Information (2) Design of the network –how many physical segments will network consist of? –what is each segment going to be used for? including equipment used –how many hosts are in each segment? –expectations of growth Efficient utilisation –25% immediately, 50% in one year –operational needs; no reservations Can address space be conserved by using: –different subnet sizes? –avoiding padding between subnets?

NATO Advanced Networking Workshop. Ljubljana, 19 September dynamic dial-up Amsterdam web/mail/ftp servers Amsterdam customers’ servers Amsterdam training room LAN Amsterdam Amsterdam office LAN (*1) dynamic dial-up Utrecht web/mail/ftp servers Utrecht Inet cafe Utrecht training room LAN Utrecht Totals (*1) Office LAN = workstations, router, 2 printers and 1 fileserver Relative Subnet Mask Size Imm 1yr 2yr Description Prefix Example: #[ Addressing Plan Template ]# Cumulative, total numbers Real needs Concrete plans

NATO Advanced Networking Workshop. Ljubljana, 19 September Questions?

NATO Advanced Networking Workshop. Ljubljana, 19 September Being an LIR Setting up an LIR First Allocation Requesting Assignment Approval Managing Allocated Address Space

NATO Advanced Networking Workshop. Ljubljana, 19 September Setting up an LIR Completed application form  Provided Reg-ID & contact persons –  Read relevant RIPE documents –ripe-185 etc Signed contract - “Service agreement” –agreed to follow policies and procedures  Paid the sign-up & yearly fee –

NATO Advanced Networking Workshop. Ljubljana, 19 September Registry Identification (Reg-ID) Distinguishes between member registries and individuals Format. Include with every message Suggestion - modify mail header X-NCC-RegID: nl.bluelight

NATO Advanced Networking Workshop. Ljubljana, 19 September LIR Contact Persons  Stored in RIPE NCC internal (“Reg”) file for each registry –confidential –only registered contact persons can send requests to hostmasters change contact information To keep contact info up-to-date –write to –for each contact person create person object in the RIPE DB –possible to use role object –“Reg” file not automatically updated from the RIPE Database! Always sign your messages –PGP optional (soon)

NATO Advanced Networking Workshop. Ljubljana, 19 September First Allocation LIR requires a block of IP addresses –send an “assignment request” –no need to justify usage of the whole allocation  do not ask for PI space as first request –soon: criteria for first allocation - /22 already used With the first ASSIGNMENT approved, RIPE NCC also makes an ALLOCATION (PA) –default minimum size /20 (4096 addresses) Whole allocated range can be announced immediately

NATO Advanced Networking Workshop. Ljubljana, 19 September Requesting Assignment Approval  If the needed address space is bigger then AW Separate request forms needed: –for each customer using more than /30 –for LIR’s own infrastructure extensions of LIR internal network combine many clients with up to 4 IPs into one block –e.g. leased lines, dial-up, p2p links, web hosting, server housing –for ISP-client’s infrastructure  for each one of ISP-client’s customers

NATO Advanced Networking Workshop. Ljubljana, 19 September Sending the Request RIPE-219 : (ex ripe-141) Web form (example)example –filling in the requests & syntax check source: ftp://ftp.ripe.net/tools/web141.pl.cgiftp://ftp.ripe.net/tools/web141.pl.cgi Frequently asked questions Short tips and tricks All data kept strictly confidential Documentation has to be in English

NATO Advanced Networking Workshop. Ljubljana, 19 September Approval Approval message is sent to LIR –size NOT the address range!!! –“netname” name of the RIPE DB network object –date “Assignment is only valid as long as original criteria remain valid” (ripe-185) Next steps: –choosing the address range within the allocation –registering network object in the RIPE DB

NATO Advanced Networking Workshop. Ljubljana, 19 September Internal Administration LIR decides on the range of addresses –classless assignment on bit boundary Update local records for later reference –archive original documents with assignment  Be careful when choosing the size of “internal reservations” e.g. BL-LAIKA: /24 & /25 & /26 (448) Amsterdam Utrecht /24 BlueLight Infrastructure /24 BlueLight reserved /25 Laika Dialup + /25 reserved Laika Infrastructure /25 /25 Laika Dialup + /25 reserved /26 Laika Infrastructure

NATO Advanced Networking Workshop. Ljubljana, 19 September Aggregate within allocation Sensible internal “reservations” –keep free space for some customers to grow –but - might never be claimed –fragments allocated address space => Divide allocation based on types of services Divide allocation based on locations But - LIR can have only one “open” allocation –open = more than 20% unused space How to Manage Allocation

NATO Advanced Networking Workshop. Ljubljana, 19 September Assignments to (Small) ISPs LIR can not allocate address space to an ISP If an LIR’s customer is an ISP, distinguish –ISP’s infrastructure –ISP’s customers Separate assignments need to be –requested –evaluated / approved –registered in the RIPE Database  Avoid overlapping assignments –i.e. “big” assignment/object for ISP & all its customers, plus for separate customers

NATO Advanced Networking Workshop. Ljubljana, 19 September Non-Overlapping Assignments /26 ENGO-infrastr /29 ENGO-rgb /29 ENGO-cmyk wrong  Assignment for ISP ENGOS & all its (future) customers Overlapping (second level) assignments for separate customers of ENGOS right Internal Reservations for ENGOS’s customers /22 ENGOS-and-all Assignments for separate customers of ENGOS BlueLight’s Allocation

NATO Advanced Networking Workshop. Ljubljana, 19 September Registering Address Space in the RIPE Database Assignment is considered “valid” by RIPE NCC only if (correctly) registered to provide contact info for troubleshooting to enable overview of address space used  invalid DB objects influence procedures with: reverse DNS, AW, additional allocations, audit… All end-user networks need to be registered separately –if bigger then 4 IPs (/29+) –avoid overlapping inetnum objects

NATO Advanced Networking Workshop. Ljubljana, 19 September Additional Policies and Procedures Assignment Window evaluation policies Additional Allocations PI Assignments

NATO Advanced Networking Workshop. Ljubljana, 19 September Assignment Window Policy Assignment Window –maximum amount of address space LIR can assign without prior approval of the RIPE NCC –AW is for LIR, and not for person or company –AW is per 12 months per each customer Why necessary? –support to LIRs during start up –familiarisation with RIPE NCC procedures –align criteria for request evaluation –maintain contact between LIRs and RIPE NCC

NATO Advanced Networking Workshop. Ljubljana, 19 September LIR Responsibilities with the AW Evaluate all the requests within LIR AW size –based on the ripe-185 policies Keep the documentation about LIR assignments –useful for administration, and if client comes back –RIPE NCC may ask for it later Register all the assigned networks in RIPE DB –choosing appropriate netname Remind the customer’s previous ISP after renumbering –to delete the outdated DB objects

NATO Advanced Networking Workshop. Ljubljana, 19 September Evaluating Client’s Requests Efficient utilisation –25% immediately, 50% in one year No “reservations” Dynamic addressing solutions preferred over static –Dynamic dial-up is preferred over static –Name-based virtual web hosting is preferred over IP-based known exceptions are accepted (SSL, ftp&mail servers..) –Special verification methods apply for more then /22 to: discourage and control wasteful (static) usage also for xDSL, cable, GPRS… –DHCP recommended to make renumbering easier Mandatory renumbering and returning of PA space

NATO Advanced Networking Workshop. Ljubljana, 19 September Allocation Policies ‘Slow Start’ –default minimum first allocation /20 LIR announces the whole prefix –size of future allocations depends on current usage rate presumably enough for next two years not always contiguous Next allocation when previous used ~ 80% ! –LIR can not have two “open” blocks Motivation for ‘slow start’ –fair distribution of address space –keeps pace with customer base growth –slows down exhaustion of IPv4 address space

NATO Advanced Networking Workshop. Ljubljana, 19 September PA vs. PI Assignments Provider Aggregatable customer uses addresses out of LIR’s allocation good for routing tables  customer must renumber if changing ISP Provider Independent customer receives range of addresses from RIPE NCC customer takes addresses when changing ISP  possible routing problems (ripe-222)  impossible to get contiguous range in the future Make contractual agreements (ripe-127) –the only way to distinguish PA and PI space –check with other LIR before accepting clients with PA

NATO Advanced Networking Workshop. Ljubljana, 19 September Questions?

NATO Advanced Networking Workshop. Ljubljana, 19 September Reverse Delegation Procedures /24 zone multiple /24 zones /16 zone zone smaller then /24 assuming basic DNS knowledge assuming LIR perspective

NATO Advanced Networking Workshop. Ljubljana, 19 September What is the Difference Between Forward and Reverse DNS Delegation ? Forward DNS –enables naming of IP hosts on the Internet –hierarchical authority for domain registration organisational structure Reverse DNS –enables association of IP addresses with domain names –hierarchical authority delegation for reverse zone depends on who distributed the address space –reverse delegation takes place on octet boundaries

NATO Advanced Networking Workshop. Ljubljana, 19 September IN-ADDR.ARPA Domain. (ROOT) edu arpa com net nl in-addr = in-addr.arpa bluelight www Forward mapping Reverse mapping (A ) (PTR amsterdam RIPE NCC

NATO Advanced Networking Workshop. Ljubljana, 19 September Why Do You Need Reverse DNS Delegation ? All host-IP mappings in the DNS (A record) should have a corresponding IP-host mapping (PTR record) Failure to have this will likely –block users from various services (ftp, mail) –make troubleshooting more difficult (traceroute) –produce more useless network traffic in general

NATO Advanced Networking Workshop. Ljubljana, 19 September Overview of the Request Procedure LIRs have to request reverse delegation /24 zones are delegated –to LIR / end-user –as the address space gets assigned Steps  valid assignments of address space  /24 reverse zone setup  on LIR or end-users nameserver(s), or both  send domain object to always include Reg-ID –e.g. X-NCC-Regid: nl.bluelight

NATO Advanced Networking Workshop. Ljubljana, 19 September “Valid” Assignment According to ripe-185 policies Within “Assignment Window” -or approved from RIPE NCC Hostmaster inetnum object registered in RIPE Database –netname attribute is RIPE NCC's only reference of approved assignment do NOT change netname without notifying this is mentioned when we approve your IP requests –registered after the approval date

NATO Advanced Networking Workshop. Ljubljana, 19 September /24 Reverse Zone Setup Recommendations At least two nameservers required –one nameserver setup as primary –at least one another nameserver as secondary SOA values reasonably RFC1912 compliant Nameservers not on same physical subnet –preferably with another provider Serial numbers YYYYMMDDnn format Use name of nameserver instead of IP address Do NOT use rev-srv attribute in inetnum object Do NOT put a dot at the end of domain or nserver attributes –the RIPE DB does not support them

NATO Advanced Networking Workshop. Ljubljana, 19 September Example domain Object whois -t domain domain: in-addr.arpa descr: Reverse delegation for Bluelight Customers SPLITBLOCK admin-c: JJ231-RIPE tech-c: JAJA1-RIPE zone-c: WF2121-RIPE nserver: ns.bluelight.nl nserver: ns2.bluelight.nl mnt-by: BLUELIGHT-MNT changed: source: RIPE Notice: DB SW will add date!

NATO Advanced Networking Workshop. Ljubljana, 19 September Request the Delegation Send domain template to “Marvin” will 1.check if zone is correctly setup 2.check assignments’ validity 3.(try to) enter object to RIPE DB RIPE NCC systems enter NS lines into the parent zone file

NATO Advanced Networking Workshop. Ljubljana, 19 September Problems with inaddr Robot? Error report will be sent to requester –correct errors and re-send to For questions, see FAQ – If error reports continue –for any technical questions contact please include the full error report –for address space validity issues contact

NATO Advanced Networking Workshop. Ljubljana, 19 September Reverse Delegation of Multiple /24 Shorthand notation for domain attribute –for (sub)range of consecutive zones (compound object) –if represented in single inetnum object, e.g. inetnum: domain: in-addr.arpa –submit as one domain object processed separately separate response –recommended and preferred method! will not work with auth: PGPKEY Possible to include up to 100 reverse domain objects in one message even if they are not consecutive

NATO Advanced Networking Workshop. Ljubljana, 19 September Reverse Delegation of /16 Allocation If an LIR has a /16 allocation, the RIPE NCC can delegate the entire reverse zone to the LIR Requirements and procedures the same as /24, except –/16 domain object –three nameservers needed –ns.ripe.net a mandatory secondary After delegation, LIR should –continue to check sub-zone setup before further delegation (usage of the inaddr robot TEST keyword or web check is recommended)

NATO Advanced Networking Workshop. Ljubljana, 19 September Changing the Delegation Change the nserver lines in the domain object –submit domain object to include RIPE DB authentication, if the object is protected –NOT enough to update the object in RIPE DB! Deleting a delegation is automatic –include delete attribute to the exact copy of the object value: address, reason, date include RIPE DB authentication, if the object is protected –send to To change contact details in domain object –submit updated object to

NATO Advanced Networking Workshop. Ljubljana, 19 September < /24 Delegations Reverse delegation is also possible for a /24 shared by more customers => NOT reason for classfull assignments RIPE NCC reverse delegate authority for the entire /24 to LIR –procedure and requirements the same as for /24 If customer wants to run own primary nameserver –LIR delegates parts as address space gets assigned –use CNAME to create an extra point of delegation (RFC 2317)

NATO Advanced Networking Workshop. Ljubljana, 19 September $ORIGIN in-addr.arpa IN NS ns.goody2shoes.nl IN NS ns2.bluelight.nl IN NS ns.cyberfalafel.nl IN NS ns2.bluelight.nl. 0 IN CNAME IN CNAME IN CNAME IN CNAME IN CNAME IN CNAME IN PTR CNAME Example Zonefile at Provider Primary Nameserver

NATO Advanced Networking Workshop. Ljubljana, 19 September CNAME Example Zonefiles at Customers’ Nameservers $ORIGIN IN NS IN NS ns2.bluelight.nl. 1INPTRwww.goody2shoes.nl. 2INPTRmail.goody2shoes.nl INPTRkantoor.goody2shoes.nl. $ORIGIN IN NS IN NS ns2.bluelight.nl. 33INPTRwww.cyberfalafel.nl INPTRcafe3.cyberfalafel.nl.

NATO Advanced Networking Workshop. Ljubljana, 19 September Questions?

NATO Advanced Networking Workshop. Ljubljana, 19 September Autonomous System Numbers and the Routing Registry It is assumed that attendee is familiar with BGP routing, and have interest in obtaining public ASN

NATO Advanced Networking Workshop. Ljubljana, 19 September Autonomous System Definition: a group of IP networks run by one or more network operators which has a unique and clearly defined routing policy RIR is allocated a range of AS numbers by IANA RIR assigns unique AS number –for LIR or for the customer  AS number, routing policy and originating routes are registered in the Routing Registry

NATO Advanced Networking Workshop. Ljubljana, 19 September How to Get an AS Number ? Complete request form: –aut-num object template contact person(s) mntner object template –address space to be announced with this AS# Send to –web syntax check:

NATO Advanced Networking Workshop. Ljubljana, 19 September Criteria for Evaluation of ASN Request Being multihomed and specifying routing policy are mandatory requirements –how long will it take you to achieve multihomed status? –please provide addresses of peers Is it feasible to peer with specified ASNs? Is it possible to use private ASN? – to 65535

NATO Advanced Networking Workshop. Ljubljana, 19 September RPSL Routing Policy Specification Language (RFC 2622) –replacing RIPE-181 language RPS Security (RFC 2725) –stronger and hierarchical authorisation and authentication Syntax aut-num: NEW export: to AS3 announce NEW import: from AS2 action pref=120; accept ANY –the lower the value of “pref”, the more preferred route RPSL!

NATO Advanced Networking Workshop. Ljubljana, 19 September AS2 aut-num: AS2 import: from AS2 action pref=20; accept AS2 export: to NEW announce AS2 AS Example NEW aut-num: NEW export: to AS2 announce NEW Internet aut-num: AS3 AS3 export: to NEW announce ANY import: from NEW action pref=200; accept NEW import: from AS3 action pref=100; accept ANY import: from NEW action pref=120; accept NEW export: to AS3 announce NEW ANY import: from AS2 action pref=200; accept ANY

NATO Advanced Networking Workshop. Ljubljana, 19 September Registration in RIPE Database RIPE NCC hostmaster - creates aut-num object (and maintainer) - informs requester User is responsible for keeping up to date –routing policy (aut-num, route objects) –referenced contact info (person/role, mntner) RIPE NCC hostmaster regularly checks consistency of data in Routing Registry –

NATO Advanced Networking Workshop. Ljubljana, 19 September aut-num: NEW as-name: BLUELIGHT descr: Bluelight AS# import: from AS2 action pref=20; accept AS2 import: from AS3 action pref=100; accept ANY import: from AS2 action pref=200; accept ANY export: to AS2 announce NEW export: to AS3 announce NEW admin-c: JJ231-RIPE tech-c: JAJA1-RIPE mnt-by: BLUELIGHT-MNT mnt-routes: BLUELIGHT-MNT changed: source: RIPE aut-num Template AS42 Object RPSL!

NATO Advanced Networking Workshop. Ljubljana, 19 September The Route Object route: /20 descr: BLUELIGHT-NET origin: AS42 mnt-by: BLUELIGHT-MNT mnt-routes: BLUELIGHT-MNT changed: source: RIPE To create route object, send completed template to Authorisation required when creating/changing the object –mntner of the address space block –mntner of the originating ASN –mntner of the encompassing route object –mntner referenced in the object itself New in RPSS!

NATO Advanced Networking Workshop. Ljubljana, 19 September Internet Routing Registry Globally distributed DB with routing policy information –provides a map of global routing policy (ASExplorer) –shows routing policy between any two ASes (prpath) –allows simulation of routing policy effects –enables creation of aut-num based on router conf (aoe) –enables router configuration (rtconfig) –provides contact information (whois) RIPE Routing Registry –subset of information in RIPE database  See “The DB Transition Handout” RPSL!

NATO Advanced Networking Workshop. Ljubljana, 19 September aut-num Changes in RPSL aut-num: [mandatory] [single] [primary/look-up key] as-name: [mandatory] [single] descr: [mandatory] [multiple] as-in: [optional] [multiple] [ ] as-out: [optional] [multiple] [ ] interas-in: [optional] [multiple] [ ] interas-out: [optional] [multiple] [ ] as-exclude: [optional] [multiple] [ ] member-of: [optional] [multiple] [inverse key] *** New in RPSL *** import: [optional] [multiple] *** as-in in RIPE 181 *** export: [optional] [multiple] *** as-out in RIPE 181 *** default: [optional] [multiple] remarks: [optional] [multiple] admin-c: [mandatory] [multiple] [inverse key] tech-c: [mandatory] [multiple] [inverse key] cross-mnt: [optional] [multiple] [inverse key] cross-nfy: [optional] [multiple] [inverse key] notify: [optional] [multiple] [inverse key] mnt-lower: [optional] [multiple] [inverse key] *** RPS auth *** mnt-routes: [optional] [multiple] [inverse key] *** RPS auth *** mnt-by: [mandatory] [multiple] [inverse key] changed: [mandatory] [multiple] source: [mandatory] [single] automatically translated, new, preserved, deprecated RPSL!

NATO Advanced Networking Workshop. Ljubljana, 19 September Questions?

NATO Advanced Networking Workshop. Ljubljana, 19 September IPv6

NATO Advanced Networking Workshop. Ljubljana, 19 September Why IPv6? Next generation protocol –scalability bits addresses –security –dynamic hosts numbering –QoS Interoperable with IPv4 simple and smooth transition –hardware vendors –applications

NATO Advanced Networking Workshop. Ljubljana, 19 September Get IPv6 Addresses From: Using 2002::/16 prefix 6bone (sub)TLA holder RIR

NATO Advanced Networking Workshop. Ljubljana, 19 September IPv6 Introduction Current format boundaries |-3|--13-|--13-|-6-|--13-|--16--| bits-----| |FP|-TLA-|-sub-|Res|-NLA-|--SLA-|---Interface ID---| |--|-ID--|-TLA-|---|--ID-|--ID--| | |----public topology ----|-site-|-----Interface----| /23 /29 /35 /48 /64 Classfull; another level of hierarchy –(sub)TLA –NLA –SLA Hexadecimal representation of addresses

NATO Advanced Networking Workshop. Ljubljana, 19 September IPv6 Allocation Policies "Provisional IPv6 Assignment and Allocation Policy Document” (ripe-196) –discussion on and “Bootstrap Phase” Criteria A) Peering with 3  Autonomous Systems (in Default Free Zone) AND B) Plan to provide IPv6 services within 12 months C)  40 IPv4 customers AND either OR D) 6bone experience

NATO Advanced Networking Workshop. Ljubljana, 19 September IPv6 Allocations Request form (ripe-195) ”Slow start” –first allocation to a TLA Registry will be a /35 block representing 13 bits of NLA space –additional 6 bits reserved by RIR for the allocated sub-TLA for subsequent allocations Reverse Delegation of an IPv6 Sub-TLA – IANA allocations –APNIC 2001:0200::/23(33+ subTLAs) –ARIN 2001:0400::/23(20+ subTLAs) –RIPE NCC 2001:0600::/23(42+ subTLAs) –

NATO Advanced Networking Workshop. Ljubljana, 19 September IPv6 Database Object inet6num: 2001:0600::/23 netname: EU-ZZ descr: RIPE NCC descr: European Regional Registry country: EU admin-c: NN32-RIPE tech-c: CREW-RIPE tech-c: OPS4-RIPE status: SUBTLA mnt-by: RIPE-NCC-HM-MNT mnt-lower: RIPE-NCC-HM-MNT changed: changed: source: RIPE Generated by the DB!

NATO Advanced Networking Workshop. Ljubljana, 19 September Questions?