2. Each RIR should operate one or more routers with an open
peering
policy which will perform the following functions:
Apologies if this has been discussed before, but, it seems to me that
I agree that the RIR is the right source for the data but I think that BGP is the wrong protocol for publishing the data. Would you give a BGP feed to all of your customers so that they can inject up-to-date bogons into their firewall configs? Probably not and besides, the enterprise folks wouldn't have a clue what to do with BGP in the first place. That's why I have suggested using LDAP to publish the data. this
is the easiest way to make the data readily available to the community directly from the maintainers of the databases in a fashion which is automatically up to date.
At this point a lot if people agree that the data needs to come directly from the database maintainers, in our case that's ARIN. And people also seem to agree that keeping the data automatically up to date is a good thing. We still have some discussion as to which protocol to use for publishing the data. I suggest that what is needed now is to engage ARIN in the discussion and get this on the agenda with them. Technical details can be worked out later, but now we need a commitment from ARIN that they can and will make this data available and keep it up to date. --Michael Dillon
--On Tuesday, March 11, 2003 11:18 AM +0000 Michael.Dillon@radianz.com wrote:
2. Each RIR should operate one or more routers with an open peering policy which will perform the following functions:
I agree that the RIR is the right source for the data but I think that BGP is the wrong protocol for publishing the data. Would you give a BGP feed to all of your customers so that they can inject up-to-date bogons into their firewall configs? Probably not and besides, the enterprise folks wouldn't have a clue what to do with BGP in the first place. That's why I have suggested using LDAP to publish the data.
Nothing in my proposal precludes the data from being published via LDAP, but, if you think the enterprise wouldn't know how to handle the data via BGP, I gotta tell you, LDAP is much more difficult in my experience. As to publishing the data to customers, sure. Why not. See my previous post about all-comers BGP peer-groups.
Apologies if this has been discussed before, but, it seems to me that this is the easiest way to make the data readily available to the community directly from the maintainers of the databases in a fashion which is automatically up to date.
At this point a lot if people agree that the data needs to come directly from the database maintainers, in our case that's ARIN. And people also seem to agree that keeping the data automatically up to date is a good thing. We still have some discussion as to which protocol to use for publishing the data. I suggest that what is needed now is to engage ARIN in the discussion and get this on the agenda with them. Technical details can be worked out later, but now we need a commitment from ARIN that they can and will make this data available and keep it up to date.
I don't see any reason we have to pick _A_ protocol. As far as I'm concerned, it could easily be published via LDAP, DNS, _AND_ BGP. I am already working on drafting a policy proposal. Owen
--Michael Dillon
participants (2)
-
Michael.Dillon@radianz.com
-
Owen DeLong