Welcome to the first APNIC Training Course

About This Presentation

Title:

Welcome to the first APNIC Training Course

Description:

Public discussion lists. Services. 7. What is APNIC? ... any item of discussion relevant to APNIC and its members is welcome on the list eg. ... – PowerPoint PPT presentation

Number of Views:352

Avg rating:3.0/5.0

Slides: 159

Provided by: annelordpa

Category:

more less

Transcript and Presenter's Notes

Title: Welcome to the first APNIC Training Course

1
Welcometo the first APNIC Training Course

Address Policies and AdministrationAPRICOT
992 March 1999, Singapore

2
Introduction

Presenters
Paul Wilson Director General
pwilson_at_apnic.net
Anne Lord Manager - Member Services
anne_at_apnic.net
Paul Gampe Technical Services Manager
paulg_at_apnic.net
Please ask questions

3
Todays schedule

Introduction to APNIC Internet Registry system
IR policies and the policy environment
APNIC allocation assignment procedures
lunch break
Database procedures
ISP operational issues
End
short breaks between each section

4
Course background

Why a training course?
to familiarise with policies
to understand procedures
to understand environment
to improve communication
to cover specialised subject matter

5
Introduction to APNIC

Asia Pacific Network Information Centre

6
Overview

What is APNIC?
Internet Registry structure
Open membership
Self regulatory environment
Public discussion lists
Services

7
What is APNIC?

Regional Internet Registry for the Asia Pacific
one of three RIRs
Not-for-profit, membership based
Provides allocation and registration services
Not operations forum
Not standards development

8
Regional Registry areas
9
Regional Registry structure
IANA
AP Regional IRAPNIC
EU Regional IRRIPE NCC
Americas Regional IRARIN
10
Definitions

Local Internet Registry (LIR)
is an organisation that primarily assigns address
space to its customers
National Internet Registry (NIR)
primarily allocates address space to its members,
which are generally ISPs organised at a national
level

11
Registry hierarchy
12
APNIC organisation
APNIC Membership(235 members)
Executive Council (EC)(5 members)
Director General (DG)
Technical Services
Administration Services
Member Services
Hostmaster
Manager
Manager
Manager
Jnr Sysadm
Mship Officer
Tech Writer
13
Membership

Membership is open
Benefits of membership
use of resource registration services
use of resource allocation services
free attendance and voting at meetings
free attendance at training courses
participation in policy development
But membership does not mean automatic or easier
allocations of resources

14
Self regulatory environment

Consensus model
Open door
meetings all welcome
mailing list discussions
Policy making
membership debates policy
membership vote on policy decisions
Policy implementation
Secretariat implements policy
membership implements policy

15
APNIC Activity plan

Membership provides input to APNIC activity
plan
APNIC Secretariat proposes activity plan
budget
APNIC Executive Council and membership vote on
the activity plan
APNIC Secretariat implements activity plan

16
Mailing lists

apnic-talk
any item of discussion relevant to APNIC and its
members is welcome on the list eg. policies
apnic-announce
announcements of interest to the AP community
ipv6-registry
items relating to IPv6 allocation and assignment
policies
confederations
items relating to the operation of confederations
subscribe via majordomo_at_apnic.net
archives at http//ftp.apnic.net/apnic/mailing-lis
ts

17
APNIC core services

Resource allocation
IP allocations
approval of IP assignments
AS number assignments
Resource registration
APNIC database objects
person, inetnum, AS number, domains etc
DNS management
in-addr.arpa domains

18
APNIC support services

DNS management
secondary for ccTLDs
Representation
regional representation at Internet meetings
Coordination
ARIN, RIPE NCC, IANA
Information dissemination
APNIC meetings
web and ftp site
Training courses (from 1999)

19
APNIC Mailboxes

Administration services
Employment applications
employment_at_apnic.net
Pre-membership
member-apply_at_apnic.net
Invoicing
billing_at_apnic.net
General enquiries
info_at_apnic.net

20
APNIC mailboxes (contd)

Member services
Resource requests
hostmaster_at_apnic.net
Web site comments
webmaster_at_apnic.net
Technical Services
Database
apnic-dbm_at_apnic.net
auto-dbm_at_apnic.net
In-addr.arpa
inaddr_at_apnic.net

21
Internet Registry allocation and assignment

Policies

22
Overview

Definitions
Policy documentation
Goals
Policy environment
Policies
Procedures

23
Definitions

Allocation
address space held by IRs for subsequent
distribution
Assignment
address space used in operational networks
including IRs infrastructure (self-assignment)

24
Definitions (contd)

Classless
network boundaries no longer fixed at A, B,
or C
Prefix
the number of contiguous bits of the IP address
used to define a network
eg /19 is represented in binary as
11111111.11111111.11100000.00000000
the more 1s the longer the prefix
counted from left to right

25
Policy documentation

Policies for Address Space Management in the Asia
Pacific Region
http//www.apnic.net/policydraft.html
RFC 2050 Internet Registry Allocation Guidelines
http//ftp.apnic.net/ietf/rfc/rfc2000/rfc2050.txt

26
Goals of public address space management

Uniqueness
public hosts must be uniquely identifiable by IP
address
Registration
ensures uniqueness of address space
ensures users of resources can be found
public registry provided
Aggregation
hierarchical and topological distribution
limits growth of routable prefixes

27
Goals of public address space management (contd)

Conservation
addresses to be distributed on the basis of
demonstrated need
Fairness
addresses to be distributed fairly
policies to be applied equitably to all
Conflict of goals acknowledged
aggregation vs conservation
needs of individuals to be balanced with needs of
Internet community

28
Policy environment

Routability not guaranteed
ISPs determine routability
Unpredictable growth rates
IPv4 deployment levels unanticipated
routing problems
Collective responsibility
to develop policies to meet goals
to make appropriate customer agreements
to operate in good faith

29
Policy environment (contd)

APNIC responsibility
to represent interests of members
to represent interests in the region
to ensure collective responsibilities are met
Impartiality
APNIC to operate without bias
Varying levels of expertise
technical challenge lack of training
staff turnover in IRs
flexible policies to support IRs

30
Policy environment (contd)

IP addresses not considered freehold property
assignments allocations on lease basis
ownership is contrary to goals
Confidentiality security
APNIC to operate in ways to protect trust
relationship
non-disclosure agreement signed by staff

31
Policies

Documentation
accurate, detailed and complete
Registration
APNIC database updated to end user level
responsibility to maintain in-addr.arpa
must be kept up-to-date
Processing of requests
dependent upon documentation registration
policies
no special treatment

32
Policies (contd)

Stockpiling not permitted
declare all address space held
obtain address space from one source
routing considerations apply
Aggregation promoted
renumbering encouraged
no questions asked policy

33
Policies (contd)

Slow start mechanism for new allocations
minimum practical allocation (/19)
practice agreed by Internet and registry
communities
Subsequent allocations
compliance with APNIC policies
depend on past usage rate and network plans
allocate sufficient for up to 1 year
Assignment window
determines amount LIR can assign to customers
without second-opinion from RIR

34
Policies (contd)

Efficiency
past and future assignments 25 used, 50
one/two years
topological exceptions
allowance made for past classful inefficiency
Conservation
must use up previous allocation
not more than 20 of total unused
reservations not supported

35
Policies (contd)

Registering contact persons
must be up to date for both allocations
assignments
Validity of allocations and assignments
according to lease duration
according to criteria of original assignment
Transfer of address space
not recognised by registries (mergers excepted)
return unused address space to appropriate IR

36
Policies (contd)

Effects of mergers, acquisitions take-overs
will require contact with IR
contact details may change
effect on membership aggreement
new agreement may be required
consequences for allocations
outcome depends on new network structure
Closure of LIR
return unused address space
advise customers to renumber

37
Policies (contd)

Best current practice
will change over time as technology changes
For example
static assignments discouraged
dial up
virtual hosts
exception for one-way cable networks
address conservation considered
ip unnumbered
private address space (rfc1918)
Network Address Translation (NAT)

38
Internet Registry allocation and assignment

Procedures

39
Overview

IP address application procedures
Step 1 - Complete the documentation
Step 2 - Evaluation
Step 3 - Assignment
AS number procedures
Routing policy

40
Request life cycle
Documentation completed?
More documentation and clarification
Step 1
no
yes
Evaluation of request OK?
Step 2
no
yes
update local records
update APNIC database
notify customer
Step 3
Allocation or assignment
41
Step 1 Complete the documentation
42
Step 1 Complete documentation

Allocations
APNIC Internet Service Provider ISP Address
Request Form (apnic-065)
APNIC Confederation Internet Address Request Form
(apnic-075)
Assignments
APNIC Second Opinion Request Form (apnic-073)
APNIC End User Internet Address Request Form
(apnic-067)
No questions asked
The No Questions Asked Prefix Return Policy
(apnic-072)

43
Worked example

ISP Address Request Form (apnic-065)
example only looks at
network-plan fields
principles described here apply everywhere
anytime you make an assignment

44
ISP request form Network

Four parts to the form - examine each
PART I NETWORK TEMPLATE V5.0
network organisational details

45
ISP request form Network

netname APNIC-ISP
descr Asia Pacific Network Information Centre
descr Non profit, membership based ISP
country AU
admin-c PW35-AP
tech-c AL25-AP
remarks service provider
changed anne_at_apnic.net 1999302
mnt-by APNIC-MNT
source APNIC
will be used for INETNUM object in database

46
ISP request form - Person

PART II PERSON TEMPLATE V4.0
technical and administrative contacts

47
APNIC-IR liaison

admin and tech contacts for APNIC
responsibility
legal authority (admin-c)
technical management
network planning, backbone design
deployment, capacity, and upgrade planning
expertise
routing, aggregation, BGP, etc
addressing, subnetting, CIDR, etc

48
ISP request form Person

person Paul Wilson
address Level 1, 33 Park Road,
address Milton, QLD 4064
country AU
phone 61 7 3367 0490
fax-no 61 7 3367 0482
e-mail pwilson_at_apnic.net
nic-hdl PW35-AP
remarks Director General, APNIC
remarks No out of hours service
mnt-by MAINT-APNIC-AP
changed pwilson_at_apnic.net 19981120
source APNIC
Person object relates to admin-c tech-c in
network object

49
ISP request form Technical

PART III ISP TECHNICAL TEMPLATE V4.0
detailed core of request

50
ISP request form Technical

acct-name APNIC-AP
connectivity Service Provider
conn-provider Telstra
all-0s-subnets YES
all-1s-subnets YES
supernets YES
subnets YES
portable NO
Is equipment able to support classless
technologies?
APNIC expectation is yes
Is address space portable?
APNIC requirement is no

51
ISP request form Technical (contd)

ISP TECHNICAL TEMPLATE V4.0

Max hosts/ subnet
No. of subnets
No.of hosts
Subnet Mask
Network name
IP address
Date of assignment
Detailed description
Connects to Internet
Cumulative relative IP address
52
Designing addressing architectures

What is the problem to be solved?
Importance of addressing in network design
Documenting the architecture of the present
Documenting the architecture of the goal

53
Developing a strategy

Senior management goals, budgets, expectations
Analysis design
Application topology
Internal topology
Infrastructure (security)
Hardware/software selection
Deployment planning

54
Some Icons
Router (layer 3, IP datagram forwarding)
Network Access Server (layer 3, IP datagram
forwarding )
Ethernet switch (layer 2, packet forwarding)
55
Addressing plan

Addressing plan example
looks at infrastructure network-plan
principles apply everywhere
Phased and planned requirements
shows now, 6 months, and one year plans

56
Addressing plan (contd)

components of the network
dial up
analogue dialup modems (initially)
2 PRI dial up pools x2 (later)
8 PRI dial up pools x2 (even later)
servers PCs
mail, DNS, web
secondary servers redundancy (later)
operations management servers, helpdesk PCs
routers
loopback router interfaces
WAN ports
customer connections

57
Network plan example

Starting off

5 leased line customersip unnumbered
UpstreamISP
5 hosts
10 hosts
16 dialup modems

Key elements

15 hosts

one loopback interface per assigned router /32
WAN point to point /30
LANs can have address space they require
ip unnumbered to upstream ISP

58
Addressing plan (contd)

Initial addressing plan
numbers of host addresses (interfaces)
network-plan 16 analogue dialup modems
network-plan 5 mail, DNS, web servers
network-plan 10 ops management servers
network-plan 15 customer support PCs
network-plan 4 loopback router interfaces
network-plan 2 router WAN ports
network-plan 2 router WAN ports (5 in total)

59
Network plan example

6 months later

Key features

scale increased

60
Addressing plan (contd)

Network Plan at 6 months
host addresses added
note additional hardware
network-plan 16/60/ 2 PRI dial up modems
network-plan 0/60/ 2 PRI dial up modems
network-plan 5/11/ mail, DNS, web servers
network-plan 4/6/ loopback router interfaces
network-plan 10/16/ ops management servers
network-plan 15/25/ customer support PCs
network-plan 0/8/ secondary servers
network-plan 2/2/ router WAN ports (x8)

61
Network plan

12 months total

Key features

site redundancy
greater complexity
efficiency

62
Addressing plan (contd)

Network Plan at 12 months
numbers of host addresses (interfaces)
now, 6 months and one year
network-plan 256 16/60/240 8 PRI dial up modems
network-plan 256 0/60/240 8 PRI dial up modems
network-plan 16 5/11/11 mail, DNS, web servers
network-plan 16 4/6/12 loopback router
interfaces
network-plan 64 10/16/35 ops management servers
network-plan 64 15/25/40 customer support PCs
network-plan 16 0/8/8 secondary DNS Mail
servers
network-plan 4 2/2/2 router WAN ports (x8)
Can now determine subnet sizes

63
Addressing plan (contd)

Addressing plan for network-plan
determination of relative subnet addresses
re-ordered large to small according to relative
subnet size
network-plan 0.0.0.0 256 16/60/240 8 PRI dial up
modems
network-plan 0.0.1.0 256 0/60/240 8 PRI dial up
modems
network-plan 0.0.2.0 64 10/16/35 ops management
servers
network-plan 0.0.2.64 64 15/25/40 customer
support PCs
network-plan 0.0.2.128 16 5/11/11 mail, DNS, web
servers
network-plan 0.0.2.142 16 0/8/8 secondary DNS
Mail servers
network-plan 0.0.2.158 16 4/6/12 loopback router
interfaces
network-plan 0.0.2.174 4 2/2/2 router WAN ports
(x8)
cumulative total

64
Variable length subnet table

to determine subnet mask sizes
/24 255.255.255.0 256 1 C
/25 255.255.255.128 128 1/2 C
/26 255.255.255.192 64 1/4 C
/27 255.255.255.224 32 1/8 C
/28 255.255.255.240 16 1/16 C
/29 255.255.255.248 8 1/32 C
/30 255.255.255.252 4 1/64 C
/31 255.255.255.254 2 1/128 C
/32 255.255.255.255 This is a single host
route
source
http//ftp.apnic.net/ietf/rfc/rfc1000/rfc1878.txt

65
Addressing plan (contd)

Addressing plan for network-plan
determination of subnet masks
network-plan 0.0.0.0 255.255.255.0 256
16/60/240 8 PRI dial up modems
network-plan 0.0.1.0 255.255.255.0 256
0/60/240 8 PRI dial up modems
network-plan 0.0.2.0 255.255.255.192 64 10/16/35
ops management servers
network-plan 0.0.2.64 255.255.255.192 64 15/25/40
customer support PCs
network-plan 0.0.2.128 255.255.255.240 16 5/11/11
mail, DNS, web servers
network-plan 0.0.2.142 255.255.255.240
16 0/8/8 secondary DNS Mail servers
network-plan 0.0.2.158 255.255.255.240 16 4/6/12
loopback router interfaces
network-plan 0.0.2.174 255.255.255.252 4 2/2/2 ro
uter WAN ports (x 8 )

66
Addressing plan (contd)

Addressing plan for network-plan
connect to the Internet (full-time, part-time)?
network-plan 0.0.0.0 255.255.255.0 PART 256 16/60
/240 8 PRI dial up modems
network-plan 0.0.1.0 255.255.255.0 PART 256 0/60/
240 8 PRI dial up modems
network-plan 0.0.2.0 255.255.255.192 YES 64 10/16
/35 ops management servers
network-plan 0.0.2.64 255.255.255.192 YES 64 15/2
5/40 customer support PCs
network-plan 0.0.2.128 255.255.255.240 YES 16 5/1
1/11 mail, DNS, web servers
network-plan 0.0.2.142 255.255.255.240 YES
16 0/8/8 secondary DNS Mail svr
network-plan 0.0.2.158 255.255.255.240 YES 16 4/6
/12 loopback router interfaces
network-plan 0.0.2.174 255.255.255.252 YES 4 2/2/
2 router WAN ports (x8)

67
Addressing plan (contd)

Addressing plan for network-plan
total addresses required
assigned recommended /22 including customer
projection
network-plan 0.0.0.0 255.255.255.0 PART 256 16/60
/240 8 PRI dial up modems
network-plan 0.0.1.0 255.255.255.0 PART 256 0/60/
240 8 PRI dial up modems
network-plan 0.0.2.0 255.255.255.192 YES 64 10/16
/35 ops management servers
network-plan 0.0.2.64 255.255.255.192 YES 64 15/2
5/40 customer support PCs
network-plan 0.0.2.128 255.255.255.240 YES 16 5/1
1/11 mail, DNS, web servers
network-plan 0.0.2.142 255.255.255.240
YES 16 0/8/8 secondary DNS Mail
network-plan 0.0.2.158 255.255.255.240 YES 16 4/6
/12 loopback router interfaces
network-plan 0.0.2.174 255.255.255.252 YES 4 2/2/
2 router WAN ports (x8)

68
Additional information

Final part of request form
Additional Information
network topology maps
deployment plans
Often useful to include

69
Additional information

Deployment plan
to support large network growth
describe type of equipment, planned operational
date, location, communication circuits, and
bandwith
Network topology map
shows network structure
can also show POP design
Hardware details
equipment specification, number of ports, etc
Service details
details of how implement services (eg, web
hosting)
dial up services

70
Step 2 Evaluation
71
Evaluation

Example presented
shows evaluation by APNIC
illustrates detail that should be collected at
all levels
ie. LIR with customer, LIR for NIR, LIR for APNIC
General principles
detailed, accurate complete
syntactically correct
understandable legible
otherwise delays in service will be incurred

72
Evaluation (contd)

Consistency with policy goals
uniqueness
registration
aggregation
conservation
fairness

73
Evaluation (contd)

Summary
ISP address request form consists of
Network template
Person template
ISP technical template
addressing plans
Additional information

74
Evaluation (contd)

Technical information
contributing APNIC member?
variable length subnet masks used?
address space non-portable?
private address space considered ?

75
Evaluation (contd)

Addressing plans - general
is all address space declared?
use whois to research previous allocations
is 80 used up?
are subnet masks real?
are assignments classless?
non-CIDR boundary assignments can be repeated on
form
is it efficient?
can addresses be conserved with different subnet
mask?
what are the usage rates
how much was used in what time frame?

76
Evaluation (contd)

Customer-network fields
what is the prefix distribution?
are customer assignments recorded accurately in
database?
are the cust-network name the network name the
same?

77
Evaluation (contd)

Infrastructure fields
are efficient technologies used?
research archived history
has 80 of address space been used?
sum of infrastructure and cust-network fields is
equal to the total of used address space

78
Evaluation (contd)

Network-plan fields
is plan detailed enough?
is plan efficient?
are dynamic technologies planned?
do customer projections match infrastructure
plans?
Additional information supplied
does deployment plan match information in
network-plan fields?
does network topology description correlate with
addressing plan?
larger requests require additional documentation
Other considerations
is the customer renumbering?
what are the timeframes?

79
Step 3 - Assignments allocations
80
Considerations
Assignment Allocation

Assignment window 0
determines maximum amount of address space a LIR
can assign without approval from APNIC
increases when procedures criteria are
understood

Slow start /19
determines an initial allocation size that is
consistent and fairly applied to all
increases when usage rate increases

81
Considerations

Motivation
support the LIR during start up
familiarise the LIR with APNIC procedures
standardise criteria for request evaluation
treat everyone the fairly

82
Assignment Window
Assignment window AW0 AW/25 AW/24 AW/23 AW
/22 AW/21 AW/20 AW/19
LIR Assignment limit (host addresses) Limit is
zero requests lt 128 requests lt 256 requests lt
512 requests lt 1024 etc
Increasing responsibilty of LIR
Maximum islt/19

Most impact during start-up phase
start at minimum
Not raised automatically

83
Assignment window
Step 1 - Complete the documentation Step 2 -
Evaluation OK
Step 3 - Assignment
Request gt AW
No
Yes
LIR adds comments recommendations
LIR makes assignment, updates DB local records
Send to APNIC hostmaster_at_apnic.net
No
Yes
APNIC approves request
84
Assignment and allocations

LIR can only make assignments not allocations
Update local records
archive original documents
Clarify status of address space
Provider Aggregatable or Provider Independent
more explanation next slide

85
PA and PI assignments

Provider Aggregatable (PA)
customer uses addresses out of registrys
allocation
good for minimising size of routing tables
but customer has to renumber if changing ISP
Provider Independent (PI)
customer gets separate range of addresses
customer keeps addresses when changing ISP
customer may experience routing problems
bad for routing tables
APNIC requires Provider Aggregatable

86
Database information

Update the database
send person inetnum objects to database
wait for database acknowledgement
inetnum 202.2.0.0 - 202.2.0.255
netname APNIC-CUST
descr Asia Pacific Network Information
Centre
descr Non profit, membership based
Organisation
country AU
admin-c PW35-AP
tech-c AL25-AP
remarks Not for profit
changed anne_at_apnic.net 19990302
mnt-by APNIC-MNT
source APNIC

87
One last thing..

Ticket Numbers
hostmaster mailbox is tracked
subject line contains ticket number
automatically assigned with every new request
format APNIC, hash sign number
eg. Re APNIC 3634 ...
facilitates easier retrieval and referral

88
Autonomous System Numbers

Procedures

89
Overview

Autonomous system numbers
AS number assignments
guidelines and procedures
application form (documentation)
Policy expression
syntax
examples of policy description

90
Autonomous systems

Definition of an AS
collection of networks with the same routing
policy, usually under single ownership, trust
administrative control
Recommended reading
RFC1930 Guidelines for creation, selection and
registration of an Autonomous System
RFC1997 BGP Communities attribute
RC2270 Using dedicated AS for sites homed to a
single provider

91
ASN guidelines

When do I need an AS?
multi-homed network to different providers
routing policy different to external peers
Factors that dont count
transition
future proofing
history
multi-homing to the same upstream
service differentiation

92
Requesting an ASN

complete the request form (apnic-066)
http//ftp.apnic.net/apnic/docs/asn-request
must include routing policy
is checked for accuracy
verified by query routing table
http//nitrous.digex.net
http//nms.kren.ne.kr/kren-xp/kren-lg.html
send to hostmaster_at_apnic.net

93
The AS object

An example

aut-num AS4777 as-name APNIC-NSPIXP2-AS desc
r Asia Pacific Network Information
Centre descr AS for NSPIXP2, remote facilities
site as-in from AS2500 100 accept
ANY as-in from AS2524 100 accept
ANY as-in from AS2514 100 accept ANY as-out
to AS2500 announce AS4777 as-out to AS2524
announce AS4777 as-out to AS2514 announce
AS4777 default
AS2500 admin-c PW35-AP tech-c
NO4-AP remarks Filtering prefixes longer
than /24 mnt-by MAINT-APNIC-AP changed
paulg_at_apnic.net 19981028 source APNIC
POLICY
94
Representation of AS policy
Basic concept
AS 1
AS 2
aut-num AS1 ltadministrivia go heregt as-in from
AS2 accept AS2 as-out to AS2 announce AS1
Aut-num AS2 ltadministrivia go heregt as-in
from AS1 accept AS1 as-out to AS1 announce AS2
95
Representation of routing policy
Transit for AS5 by AS4
AS5
AS4
AS 123

cost per AS shows preference. Lower
value preferred aut-num AS4 as-in
from AS123 100 accept AS123
as-in from AS5 100 accept AS5
as-out to AS123 announce AS4 AS5
Not a path as-out to AS5 announce
ANY
Can use to indicate full routing
96
Representation of an AS
link2
AS123
AS4
link3
link1
AS6

More complex example
AS4 and AS6 private link1
AS4 and AS123 main transit link2
backup all traffic over link1 in event of link2
failure

97
Representation of an AS
link2
AS123
AS4
link3
link1
AS6
AS representation
aut-num AS4 as-in from AS123 100 accept
ANY full routing received as-in from AS6 50
accept AS6 as-in from AS6 200 accept
ANY higher cost for backup route as-out to
AS6 announce AS4 as-out to AS123 announce
AS4
98
The APNIC Whois Database
99
Overview

What is the APNIC database?
Why use it?
How to update it
How to query it
Summary

100
What is the APNIC database?

Network Management Database
whois database
collection of objects with attributes which
contain information on
IP address allocations
IP address assignments
AS number assignments
routing policies
in-addr.arpa domains
contact information

101
Why use the APNIC database?

Registration of Internet resources
Assists with operational support
Contact information
Problem diagnosis
Examples to follow...

102
Why use the APNIC database?

Tracing origin of network abuse (spam)
Troubleshooting performance problems
Investigating security breaches

103
Definitions objects attributes

An object is a collection of attributes
An attribute is a key, value pair
nic-hdl PG6-AP
Each attribute has a specific syntax
Some are mandatory, some are optional
Some keys are lookup keys for queries
Some are inverse keys for queries

104
Obtaining an object format

List of attributes for an object available via
whois
the -t flag lists attribute requirements for
object
whois -h whois.apnic.net -t person
person mandatory single primary/look-up
key
address mandatory multiple
country optional single
phone mandatory multiple
fax-no optional multiple
e-mail optional multiple look-up key
nic-hdl mandatory single primary/look-up
key
remarks optional multiple
notify optional multiple inverse key
mnt-by optional multiple inverse key
changed mandatory multiple
source mandatory single

105
Database objects

as-macro group of autonomous systems
aut-num autonomous system
route announced routes
inetnum address assignments networks
inet6num experimental object for IPv6 addresses
domain reverse domains
mntner (maintainer) authorisation of objects
person contact persons
role contact groups/roles

106
Person Object

person Paul Gampe
address Level 1 - 33 Park Road
address Milton, QLD, 4064
country AU
phone 61-7-3367-0490
fax-no 61-7-3367-0482
e-mail paulg_at_apnic.net
nic-hdl PG6-AP
mnt-by MAINT-APNIC-AP
changed paulg_at_apnic.net 19990206
source APNIC

107
Role Object

role APNIC DNS Administration
address 33 Park Road
address Milton QLD 4064
phone 61 7 3367 0490
fax-no 61 7 3367 0482
e-mail dns-admin_at_apnic.net
admin-c PW35-AP
tech-c NO4-AP
nic-hdl DNS3-AP
mnt-by MAINT-APNIC-AP
changed paulg_at_apnic.net 19990203
source APNIC

108
Network Object

inetnum 203.37.255.96 - 203.37.255.127
netname APNIC-AP-1
descr Asia Pacific Network Information Center,
descr Level 1 - 33 Park Road.
descr Milton QLD 4064
descr Australia
country AU
admin-c PW35-AP
tech-c NO4-AP
mnt-by MAINT-APNIC-AP
changed paulg_at_apnic.net 19981007
source APNIC

109
The update process

Email objects to ltauto-dbm_at_apnic.netgt

Database User
110
Who should update the database?

APNIC database is a public repository for APNIC
database users
Data is owned and maintained by those users
APNIC runs the server
Allocations are dependent on accurate data

111
Sending updates
Parser

auto-dbm_at_apnic.net
automatic mailbox
send all database updates to this mailbox
can use LONGACK in the subject line
can use HELP in the subject line
apnic-dbm_at_apnic.net
human mailbox
questions on the database process

112
If the object is wrong

Syntax checking
Warnings
object corrected then accepted
notification of action taken in acknowledgment
Errors
object NOT corrected and NOT accepted
explanatory text returned automatically via email
if problems continue contact ltapnic-dbm_at_apnic.netgt

113
Authorisation
Authentication

mnt-by attribute and mntner object
mnt-by attribute should be included in every
object
objects that contain mnt-by must pass
authentication
notify attribute
sends notification to email address specified
mnt-lower attribute
hierarchical authorisation for inetnum and domain
objects

114
Successful update

If syntax and authorisation OK then database
updated
Mirroring process may take up to 10 minutes
before object is visible
Types of transactions
insert create a new object
update change attributes of an object
delete remove an object

115
Nic-hdls

Acronym to uniquely identify person
Mandatory requirement
must be a nic-hdl present in person object
format ltinitialsgt-regional registry
eg MK16-AP, JLC2-AP
Obtaining a nic-hdl
nic-hdl AUTO-1
nic-hdl AUTO-2 INITIALS
Note nic-hdl can be added to existing person
object

116
Nic-hdl (examples)
Results
person John F. Doe nic-hdl AUTO-1JFD person
Anne Smith nic-hdl AUTO-2 inetnum 202.12.
28 admin-c AUTO-1JFD tech-c AUTO-2
person John F. Doe nic-hdl JFD304-AP person
Anne Smith nic-hdl AS519-AP inetnum 202.1
2.28 admin-c JFD304-AP tech-c AS519-AP
117
Inserting a new object

Email maintainer to ltauto-dbm_at_apnic.netgt
OR use APNIC Web form for maintainers
http//www.apnic.net/apnic-bin/maintainer.pl
mntner MAINT-APNIC-AP
descr Asia Pacific Network Information Centre
admin-c HM20-AP
tech-c NO4-AP
upd-to technical_at_apnic.net
auth CRYPT-PW apf52H7ktBFyw
remarks Maintainer object for APNIC allocations
and objects
notify technical_at_apnic.net
mnt-by MAINT-APNIC-AP
changed paulg_at_apnic.net 19981028
source APNIC

118
Updating an existing object

Mail aut-num object to auto-dbm_at_apnic.net
Add password for maintainer authentication
aut-num AS4777
as-name APNIC-NSPIXP2-AS
descr AS for NSPIXP2, Remote facilities site.
as-in from AS2500 100 accept ANY
as-out to AS2524 announce AS4777
admin-c HM20-AP
tech-c NO4-AP
mnt-by MAINT-APNIC-AP
changed paulg_at_apnic.net 19981028
source APNIC
password password_goes_here
Primary key cannot be modified

119
Deleting an object

Send domain object to auto-dbm_at_apnic.net
add attribute delete
domain 28.12.202.in-addr.arpa
descr APNIC in-addr.arpa delegation for
nspixpii
admin-c HM20-AP
tech-c BC666-AP
zone-c DNS3-AP
...
mnt-by MAINT-DNS-AP
mnt-lower MAINT-DNS-AP
changed paulg_at_apnic.net 19990203
source APNIC
delete paulg_at_apnic.net no longer required

120
Querying the APNIC database

RIPE extended whois client available
http//ftp.apnic.net/apnic/dbase/tools/ripe-dbase-
client.tar.gz
Query via the website
http//www.apnic.net/apnic-bin/whois.pl

121
Search keys

person name, nic-hdl, e-mail
role name, nic-hdl, e-mail
maintainer maintainer name
inetnum network number, name
domain domain name
aut-num as number
as-macro as-macro name
route route value

122
Example query

whois 203.37.255.96
inetnum 203.37.255.96 - 203.37.255.127
netname APNIC-AP-1
admin-c PW35-AP
tech-c NO4-AP
person Paul Wilson
e-mail pwilson_at_apnic.net
nic-hdl PW35-AP
person APNIC Network Operations
nic-hdl NO4-AP

123
Whois -h and -a

whois -h
query a specific host
whois -h whois.apnic.net
whois -h whois.arin.net
whois -a
includes the following sources
APNIC
JPNIC
TWNIC
KRNIC
CCAIR

124
Whois -i

Whois -i
inverse lookup for special arguments
whois -i person PG6-AP
inetnum 202.139.192.0 - 202.139.207.255
netname TWICS
descr TWICS Co. Ltd.
descr Tokyo Internet Service Provider
descr Tokyo
country JP
admin-c PG6-AP
tech-c PG6-AP
remarks service provider
changed yoshiko_at_apnic.net 980310
source APNIC
finds all occurences of PG6-AP

person Paul Gampe address Level 1 -
33 Park Road address Milton, QLD,
4064 country AU phone
61-7-3367-0490 fax-no 61-7-3367-0482 e-ma
il paulg_at_apnic.net nic-hdl
PG6-AP mnt-by MAINT-APNIC-AP changed
paulg_at_apnic.net 19990206 source APNIC
125
Example Query
0/0
All less specifics (-L)
202/8
Exact / 1st less specific
202.1/16
1st level more Specific (-m)
All more specifics (-M)
Example query 202.1.0.0/16
126
APNIC Whois flags

i inverse lookup for specified attributes
L find all Less specific matches
m find first level more specific matches
M find all More specific matches
r turn off recursive lookups
T type only look for objects of type
(inetnum, route, etc.)
v verbose information for object of type type
whois -h whois.apnic.net HELP

127
Conversion to RPSL

RIRs to support RPSL
Basic conversion very simple
Transition plan
httpwww.ietf.org/internet-drafts/draft-ietf-rps-t
ransition-02.txt

128
Conversion tool

http//www.isi.edu/ra/rps/transition/

Welcome to the RPSL Transition Page
This page presents the latest information on the
transition from RIPE-181 to the new Routing
Policy Specification Language. The information
will be updated frequently visit often to stay
up-to-date.
Query a mirrored copy of the Internet Routing
Registry
Query a mirrored copy of the IRR that has been
converted to RPSL
Convert RIPE-181 objects to RPSL / Perform RPSL
syntax checks
Access ISI's RPSL-capable database server
Download the RIPE-to-RPSL converter tool
Transition Plan
RPSL Transition Presentation to NANOG, October
1997

129
ISP Operational Issues
130
Overview

Current operational problems
growing number of routes
many prefixes announced
the swamp
routing instabililty
What can ISPs do?
aggregate filter
dampen flapping routes
renumber
NAT

131
Current operational problems

Growing number of routes
unaggregated Internet would exceed 200,000 routes

Source http//www.employees.org/tbates/cidr.hist
.plot.html
132
Current operational problems (contd)

Large number of long prefixes announced
mostly /24s

Source http//www.merit.edu/ipma/routing_table/ma
e-east/prefixlen.990213.html
133
Current operational problems (contd)

The swamp
areas of poor aggregation
192/8 space uses 6248 networks
Block Networks Block Networks Block Networks Block
Networks
192/8 6248 198/8 4031 204/8 2708 210/8 402
193/8 2389 199/8 3504 205/8 2577 211/8 0
194/8 2855 200/8 1330 206/8 2858 212/8 672
195/8 1415 201/8 0 207/8 2401 213/8 1
196/8 517 202/8 2269 208/8 1570 214/7 5
197/8 1 203/8 3609 209/8 1151 216/8 905

134
Current operational problems (contd)

Swamp persists
lazy or technically unaware ISPs
perceived market impact
technical solutions keep ahead of problem so far
(faster routers, bigger memory and CIDR)
PI address space

Write a Comment

User Comments (0)