Would it be safe to assume that squatting wouldn't happen in the RIR's authenticated IRRs? And that if multiple entries exist among them, that keeping them in sync or free of bad data would be on the individual participant? If so placing the authenticated RIRs above everything else seems a pretty safe bet. Order among them wouldn't really matter. Personally given that I would love to see us grab the sets from the aut-num object for the participants ASN. Seems like ignoring the routing policy in the aut-num object in favor of PeeringDB or a manual process is only half using the IRR system. (That said I understand that bgpq3 doesn't use the aut-num object.) Tom Krenn Network Architect Enterprise Architecture - Information Technology -----Original Message----- From: MICE Discuss <MICE-DISCUSS@LISTS.IPHOUSE.NET> On Behalf Of Chris Wopat Sent: Thursday, May 11, 2023 10:30 AM To: MICE-DISCUSS@LISTS.IPHOUSE.NET Subject: [External] Re: [MICE-DISCUSS] IRR Mandatory at MICE / New Route Servers CAUTION: This email was sent from outside of Hennepin County. Unless you recognize the sender and know the content, do not click links or open attachments. Can't folks just specify which IRR in their IRR entry if desired? Ie ARIN::AS1234 FWIW we only use RADB but are fine if the common IRR's (but not legacy arin) are used. Also is there any reason at all to use non-ARIN teritory IRR data? Do any MICE participants have anything in RIPE for example? --Chris On 5/11/23 10:01, Jeremy Lumby wrote:
External
I do not see a need for per participant IRR, I would rather that they all just default to your example below.
*From:*MICE Discuss <MICE-DISCUSS@LISTS.IPHOUSE.NET> *On Behalf Of *Richard Laager *Sent:* Thursday, May 11, 2023 3:58 AM *To:* MICE-DISCUSS@LISTS.IPHOUSE.NET *Subject:* Re: [MICE-DISCUSS] IRR Mandatory at MICE / New Route Servers
On 2023-05-09 14:01, August Yang wrote:
Should I reorder RADB,ARIN to be ARIN,RADB?
Definitely. We have objects registered in all databases feasible to prevent AS-SET squatting, which has occurred in the past, while only RADB has the actual members listed. Turns out correct prefix list can be generated using bgpq4 regardless of the order, so it's better to prioritize authenticated sources.
In thinking about this some more... Is IXP Manager's behavior of per-participant IRR sources actually useful? In other words, what's wrong with just setting everyone to: ARIN,RIPE,LACNIC,APNIC,AFRINIC,RADB,LEVEL3?
--
Richard
---------------------------------------------------------------------- --
To unsubscribe from the MICE-DISCUSS list, click the following link: https://gcc02.safelinks.protection.outlook.com/?url=http%3A%2F%2Flists .iphouse.net%2Fcgi-bin%2Fwa%3FSUBED1%3DMICE-DISCUSS%26A%3D1&data=05%7C 01%7Ctom.krenn%40HENNEPIN.US%7C2f7c1b8d95af410486a008db5234a38e%7C8aef df9f878046bf8fb74c924653a8be%7C0%7C0%7C638194158303151171%7CUnknown%7C TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVC I6Mn0%3D%7C3000%7C%7C%7C&sdata=hdjzW0mk8Kd2pgvauE5I0544Xhlox3CaSJ%2FaF NQAWWg%3D&reserved=0 <https://gcc02.safelinks.protection.outlook.com/?url=http%3A%2F%2Flist s.iphouse.net%2Fcgi-bin%2Fwa%3FSUBED1%3DMICE-DISCUSS%26A%3D1&data=05%7 C01%7Ctom.krenn%40HENNEPIN.US%7C2f7c1b8d95af410486a008db5234a38e%7C8ae fdf9f878046bf8fb74c924653a8be%7C0%7C0%7C638194158303151171%7CUnknown%7 CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXV CI6Mn0%3D%7C3000%7C%7C%7C&sdata=hdjzW0mk8Kd2pgvauE5I0544Xhlox3CaSJ%2Fa FNQAWWg%3D&reserved=0>
---------------------------------------------------------------------- --
To unsubscribe from the MICE-DISCUSS list, click the following link: https://gcc02.safelinks.protection.outlook.com/?url=http%3A%2F%2Flists .iphouse.net%2Fcgi-bin%2Fwa%3FSUBED1%3DMICE-DISCUSS%26A%3D1&data=05%7C 01%7Ctom.krenn%40HENNEPIN.US%7C2f7c1b8d95af410486a008db5234a38e%7C8aef df9f878046bf8fb74c924653a8be%7C0%7C0%7C638194158303151171%7CUnknown%7C TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVC I6Mn0%3D%7C3000%7C%7C%7C&sdata=hdjzW0mk8Kd2pgvauE5I0544Xhlox3CaSJ%2FaF NQAWWg%3D&reserved=0 <https://gcc02.safelinks.protection.outlook.com/?url=http%3A%2F%2Flist s.iphouse.net%2Fcgi-bin%2Fwa%3FSUBED1%3DMICE-DISCUSS%26A%3D1&data=05%7 C01%7Ctom.krenn%40HENNEPIN.US%7C2f7c1b8d95af410486a008db5234a38e%7C8ae fdf9f878046bf8fb74c924653a8be%7C0%7C0%7C638194158303151171%7CUnknown%7 CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXV CI6Mn0%3D%7C3000%7C%7C%7C&sdata=hdjzW0mk8Kd2pgvauE5I0544Xhlox3CaSJ%2Fa FNQAWWg%3D&reserved=0>
-- Chris Wopat Network Engineer, WiscNet wopat@wiscnet.net 608-210-3965 Disclaimer: If you are not the intended recipient of this message, please immediately notify the sender of the transmission error and then promptly permanently delete this message from your computer system.