Re: Has PSI been assigned network 1?
We don't trust our peers. We only accept routes which they are registered as providing transit for in the PRDB. When the RADB is in use, unless PSI has a route object for 1.0.0.0/8 in the RADB, we still won't trust them when they try to pass us 1/8.
Curtis, you are able to do that only because all others were legally bound to fill your database. I'm not sure people will be spending their resources on populating database for somebody else's benefit. (And RADB already has lots of garbadge in it). --vadim
In message <199504190050.UAA04306@titan.sprintlink.net>, Vadim Antonov writes:
We don't trust our peers. We only accept routes which they are registered as providing transit for in the PRDB. When the RADB is in use, unless PSI has a route object for 1.0.0.0/8 in the RADB, we still won't trust them when they try to pass us 1/8.
Curtis, you are able to do that only because all others were legally bound to fill your database.
No one was ever legally bound to submit NACRs but most did. ICM and others perhaps were bound by the contract they signed with their customer, particularly if one of their key customers was the NSF, as ICM's was.
I'm not sure people will be spending their resources on populating database for somebody else's benefit.
Its for your benefit too if you are smart enough to use it.
(And RADB already has lots of garbadge in it).
We are already generating configs and diffing against our existing configs. If cleanup is required, we'll help do it.
--vadim
Curtis
I'm not sure people will be spending their resources on populating database for somebody else's benefit.
Vadim, Trust is not transitive. The IRR provides the only mechanism currently available to validate the contents of a BGP session and the mapping of AS number to list of networks. If you think of the IRR as a system that models the registration process of valid address space between "consumer" and "seller" all the way along the chain, then it becomes a prime tool that you can use to ensure only authorized things come through a BGP connection. Without a validation check on the contents of the BGP connection, you are subject to all the "diseases" that come with transitive trust relationships. Routing registries are, in my opinion, the main technology we currently have to ensure safe routing exchange. Eric Carroll University of Toronto Network & Operations Services External Networking Facilities Management CA*net Network Engineering
participants (3)
-
Curtis Villamizar
-
Eric M. Carroll
-
Vadim Antonov