RIPE Database Operations Update

1
RIPE Database Operations Update

• Shane Kerr
• RIPE NCC
• ltshane_at_ripe.netgt

2
Outline
3
Facts and Figures

• 1.9 M objects, 42 inetnum, 47 person
• 28 q/s on average, spikes of 200 q/s
• 2.3 updates/min, 61 inetnum, 28 person
• Object counts, query loads, etc. available
  on-line
• http//www.ripe.net/db/dbconstat
• http//www.ripe.net/db/mrtg/whois.html

4
Database ContentsHistorical
5
Database ContentsRecent Big Movers
6
Updates by Method
7
Synchronous Update Usage
8
How Many Queries are There?
Number of Queries
Queries/Second
9
What are the Queries For?
10
What are Queries Returning?
11
Where are the Queries From?
12
Outline
13
Database Operations

• Smooth sailing
• average response time is well below 1 second
• load approximately 70 higher than last year
• New ARIN mirroring scheme next week
• Use difference to generate NRTM, rather than full
  load
• No down-time, includes allocations and
  assignments
• Tertiary (i.e. off-site) server in planning
  phases
• Withstand catastrophic, city-wide failures
• Manual failover by updating DNS for
  whois.ripe.net
• Part of larger project to increase critical
  service reliability

14
How Responsive is the Server?
Unoptimised MySQL
InnoDB table type goes on-line
Domain mining (heavy referrals)
Query time in seconds (logarithmic)
Desktop Upgrade
RIPE NCC DDoS
15
Unreferenced Person Cleanup

• Protect privacy of users
• Person objects remain undeleted when contacts
  change
• Person objects unreferenced for 90 will be
  deleted
• A modify of the object resets the counter
• E-mail sent after 60 days
• Limit to 2000/day to avoid overwhelming users
  server
• Deletions begin 29 May 2003
• http//www.ripe.net/db/unref-cleanup-200304.html

16
IPv6 query proxy status

• Operational issues resolved
• Solaris patches and move to Sun box
• DNS update hid AAAA record for 10 days
• Moving to standard monitoring and failover
• Source code public release made
• 90 of queries come from only 7 IP addresses
• Still see more 6bone than RIR addresses

17
RIPE Database Administration
Tiago Antao
Can Bican
Engin Gündüz
Katie Petrusha
Denis Walker
18
Recent RIPE DBM Activity

• Tickets, tickets, tickets
• About 90/day
• Spam becoming a larger problem
• Planning move to SpamAssassin
• Will reply if filtered no e-mails dropped!
• Hostmaster taking over 20 of RIPE DBM
• Closer co-ordination between groups
• ripe-dbm_at_ripe.net is an open, general help
  mailbox
• Please e-mail Questions or Problems!

19
ERX Update

• 4 /8s transferred
• 141.0.0.0/8 and 151.0.0.0/8, RIPE NCC-majority
• 150.0.0.0/8 and 163.0.0.0/8, APNIC-majority
• Multiple transfers, with overlapping start/end
  dates
• One more trial to finalise processing
• Long burn scheduled to start afterwards
• No large issues
• Complete ordering, tentative scheduling TBD
• Moving to regular RIPE DBM and HM activity

20
Outline
21
New Update Processing

• Improved acknowledgement messages
• Software maintenance eased
• Presentations at RIPE 45
• Developer POV at Tools Working Group
• User POV at Database Working Group
• http//www.ripe.net/db/dbupdate/

22
RPSLng

• IPv6 and multicast RPSL objects
• Prototype server on-line
• Based on last RPSLng draft
• Throw-away copy of RIPE Database
• Latest draft to be integrated Real Soon Now
• IRRToolSet changes
• More complicated than server changes
• Coming soon!
• http//www.ripe.net/ripencc/pub-services/db/rpslng
  /

23
Semantic Changes

• Lots of mostly minor changes proposed
• default to protected inetnum/inet6num/domain
• notification for more-specific
• removal of cross notifications
• "reclaim"-like functionality
• "mnt-lower" on set objects
• Little discussion
• Will be on-line soon

24
Outline
25
Future Plans

• RPSLng IRRToolSet support
• Update processing semantic changes
• status attribute changes?
• Deprecating NONE?

26
PKI

• Draft RIPE document, Improved Secure
  Communication System for RIPE NCC Members
• LIR-Portal ready, time for Database integration
• New features needed
• X.509 authentication
• Proxy authentication
• Proposals coming to mailing list

27
Outline
28