On Thu, Jan 6, 2011 at 2:03 PM, Kevin Oberman <oberman@es.net> wrote:
Date: Thu, 06 Jan 2011 14:24:01 +0900 From: Randy Bush <randy@psg.com>
I think ACLs here means prefix-lists ... or I hope that's what Randy meant?
sorry. yes, irr based prefix lists. and, sad to say, data which have sucked for 15+ years. i was the poster child for the irr, and it just never took off.
[ irr data are pretty bad except for some islands where there is culture of maintining them. and, as it is a global internet, islands don't help much. europe and japan are two islands with better than the average irr data quality. and they have rpki rolling to varied degrees. ]
The day of reasonable accuracy of the IRR ended when UUnet bought ANI. Since ANI actually used the IRR to generate there router configs
s/NI/NS/g
and ANI was pretty big, people were really forced to register. Curtis
s/NI/NS/
had a lot of excellent software that did all sorts of impressive stuff with the IRR, but I guess that all went into the bit bucket when UUnet took over.
we did require you to email nacr-list@ :) that didn't help? All sed jokes aside, would having attestations that the route you see is part of a block assigned by IANA to ARIN and from ARIN to UUNET and from UUNET to JoesCrabShuckers make sense to you? (and to your router policy provided the router policy engine and code worked) The efficacy of the IRR isn't at question, the ability to assure with some level of reasonableness that the thing you see (and eventually it's path to get to you) is "valid" is what the RPKI system is building toward. -Chris
Very, very sad!
(tears were shed)
-- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751