[lacnog] IRR @LACNIC

Rubens Kuhl rubensk en gmail.com
Mie Mayo 2 22:29:38 BRT 2018 

On Wed, May 2, 2018 at 9:15 PM, Luis Balbinot <luis en luisbalbinot.com> wrote:

> I think RPKI-based solutions are more elegant and reliable. Objects
> stored in a IRR database are not really verified and/or validated and
> we have *a lot* of proxy entries for those that do not use it. It's a
> big mess really, but we get along with it.
>

There is a solution to that, which is an RPKI object (or PeeringDB, or
WHOIS, or -insert option-) that says who is the trusted IRR for that ASN.
That way one doesn't have to get all IRR DBs and try figuring out what is
authoritative and what is not.



> But I don't see RPKI moving forward in the LAC region before Brazil
> adopts it :-)
>

While there are some LAC networks connected to the Brazilian IX,
inter-country traffic is usually not high in Latin America. It's everyone
pushing traffic to Miami...


>
> For now I think it's a good idea to deploy an IRR service. It's quick
> and easy if we're going to manage objects only by e-mail. But we need
> to get some people from the LACNIC to speak with major tier-1 and
> tier-2 providers because there are several of them that won't trust
> objects from lesser-known sources (e.g. ALTDB and TC).
>

Which is curious because TC is very strict in associating who can manage
objects with IP allocations. But it is more of a "I know RADB, I don't know
you" kind of thinking, possibly.


Rubens


>
> Luis
>
> On Wed, May 2, 2018 at 7:36 PM, Job Snijders <job en ntt.net> wrote:
> > Dear all,
> >
> > As discussed in my presentation today I am not entirely sure whether a
> > real "IRR" for LACNIC is the best path forward.
> >
> > In a way, a lot of the concepts in IRR are very old-fashioned compared
> > to the reliablity of RPKI. I think it makes more sense to invest in
> > porting the necessary features from IRR to RPKI (such as RPKI AS-Cones,
> > perhaps more things are missing), than to take a step back in time and
> > create an IRR database.
> >
> > If LACNIC (as a convenience service) offers an "IRR interface" to query
> > the RPKI data, that of course can be useful for legacy tools. Reudiger
> > Volk wrote an excellent opinion piece on related IRR/RPKI efforts in the
> > ARIN region, and I think much of what is said there can be applied to
> > the LACNIC region as well: https://lists.arin.net/
> pipermail/arin-consult/2018-April/001080.html
> >
> > Summary:
> >
> >     Please invest time and money to improve modern technologies (RPKI),
> >     rather than invest in legacy technologies such as IRR!
> >
> > Kind regards,
> >
> > Job
> > _______________________________________________
> > LACNOG mailing list
> > LACNOG en lacnic.net
> > https://mail.lacnic.net/mailman/listinfo/lacnog
> > Cancelar suscripcion: https://mail.lacnic.net/mailman/options/lacnog
> _______________________________________________
> LACNOG mailing list
> LACNOG en lacnic.net
> https://mail.lacnic.net/mailman/listinfo/lacnog
> Cancelar suscripcion: https://mail.lacnic.net/mailman/options/lacnog
>
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: <https://mail.lacnic.net/pipermail/lacnog/attachments/20180502/7ca3c129/attachment.html>

Más información sobre la lista de distribución LACNOG