Скачать презентацию The Internet Registry System How to run a
528516747a4e957aeb2544f68090d93f.ppt
- Количество слайдов: 69
The Internet Registry System How to run a Local IR NATO Workshop Tartu June 2000 John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 1
Overview • RIPE NCC • Internet Registry System • Running a Local Internet Registry – IP address distribution & registration – Reverse Delegation – RIPE database John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 2
Questions always welcome! John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 3
Reseaux IP Européens John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 4
What is RIPE? • Reseaux IP Européens (1989) – forum for network engineers to discuss technical issues • RIPE is – – – – service provider forum open for everybody voluntary participation, no fees works by consensus encourages face-to-face discussion acts like an “interest group” supporting Internet community but has NO legal power John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 5
How RIPE Works • RIPE chair
Join RIPE Working Groups • • • Local Internet Registries (LIR) RIPE Database (DB) IP version 6 (IPv 6) European Internet Exchange Forum (EIX) Routing / MBONE Domain Name System (DNS) NETNEWS Co-ordination Anti-Spam Test-Traffic Project European Operators Forum (EOF) RIPE does NOT develop Internet Standards John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 7
Subscribe to RIPE Mailing Lists • General announcement list –
RIPE Meetings • 3 times a year • ~3. 5 day long • 300+ participants • • • Working group meetings Plenary Presentations Long breaks Informal chats John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 9
Come to RIPE Meetings • • Keep up to date with Internet developments Meet others in the business Gather information, tips, ideas Influence directions in Internet administration – in RIPE NCC service region and beyond • Next meeting RIPE 37 – Amsterdam, 12 -15. September 2000 –
RIPE Meeting Attendees in 1999 other Total 857 John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 11
RIPE Meeting Attendance per Organisational Category 1999 John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 12
Global Context World-wide Internet Technical Development & Standards Body IETF World-wide Operators Forum IEPG EU Operators USA Operators RIPE NANOG Asian Operators APRICOT John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 13
RIPE Network Coordination Centre John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 14
What is the RIPE NCC? • Not-for-profit association under Dutch law • 8 years of history • 2000+ members (mainly ISPs, but open to anyone) • Co-ordination and support services for ISPs John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 15
Why a NCC ? • RIPE participation was increasing • Too much RIPE work done on a voluntary basis • Activities require continuity & co-ordination • Neutrality and impartiality is important • Contact point inside & outside RIPE region John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 16
RIPE NCC History • April 1992: Birth of the RIPE NCC – TERENA legal umbrella • September 1992: RIR Function • 1995: Contributing Local IRs • 1998: Independent Organisation – not-for-profit association under Dutch law – General Assembly of all members – Executive Board of elected nominees http: //www. ripe. net/annual-report/99 ar. html John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 17
Vital Statistics • Statistics 1992 – – 3 staff members No Local IR’s 182, 528 hosts in European Internet 7, 955 objects in RIPE database (June ‘ 92) • Statistics Now – – 60 staff (21 nationalities) 2, 000+ participating Local IR’s 11, 000+ hosts in the “European” Internet 5, 000+ objects in the database John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 18
RIPE NCC Membership John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 19
New LIRs per Region 1999 Europe : 551 (Including Turkey, Georgia and Kyrgyz Republic) Middle-East: 31 (including Israel and Iran) Africa: 8 John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 20
New LIRs in 2000 John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 21
RIPE NCC Activities (1) Member Services • Registration Services – IPv 4 addresses – IPv 6 addresses – AS numbers – Reverse domain name delegation – LIR Training Courses John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 22
RIPE NCC Activities (2) Public Services • Co-ordination – – RIPE support RIPE database maintenance Routing Registry Maintenance (RR) Liaison with: • LIRs / RIRs / ICANN / etc … – Information dissemination • New Projects – Test Traffic – Routing Information Service (RIS) – Routing Registry Consistency (RR) John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 23
Formal Decision Making “Consensus” Model RIPE proposes activity plan RIPE NCC proposes budget to accompany activity plan General Assembly votes on both activities and budget at yearly meeting John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 24
Global Internet Registry System John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 25
Authority in the Net? ? • The Internet Corporation for Assigned Names and Numbers (ICANN) is the non-profit corporation that was formed to assume responsibility for the IP address space allocation, protocol parameter assignment, domain name system management, and root server system management functions now performed under U. S. Government contract by IANA and other entities. John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 26
Structure of ICANN The Internet Corporation for Assigned Names and Numbers ICANN 3 Supporting Organizations Protocols DNS www. dnso. org IETF, ITU, WWWC, ETSI Addresses APNIC ARIN RIPE NCC http: //www. icann. org John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 27
Address Supporting Organization • • • RIR agreed on a proposal “Simple model” Mo. U between ICANN and RIRs Policies set through existing regional processes Address Council established – oversee policy development processes – select ICANN directors (open process) http: //www. aso. icann. org John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 28
RIR Service Regions ARIN John Crain . RIPE NCC NATO Workshop, June 2000 . APNIC http: //www. ripe. net 29
Goals of the Internet Registry System • Fair distribution of address space • Conservation – prevention of stockpiling of addresses • Aggregation – hierarchical distribution of globally unique address space – permits aggregation of routing information • Registration – provision of public registry – ensures uniqueness and enables troubleshooting John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 30
Address Distribution Global Authority /8 RIR /20 + LIR /32 + End Users John Crain . RIPE NCC Members Anybody with a network/host NATO Workshop, June 2000 . http: //www. ripe. net 31
Running a Local Internet Registry John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 32
How to get IP addresses? • Go to your Local Internet Registry. – Your provider is probably one or is connected to one http: //www. ripe. net/lir/registries/europe. html • If you are a provider and think you may need to be an LIR? Contact NCC
Becoming a LIR • Complete application form (ripe-160) • Provide Reg-ID & contact persons –
Address Space Usage 98% 97% 96, 5% 40, 1% 97% 60% John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 35
IPv 6 • Draft allocation guidelines – currently under revision by community • Address allocation started – 17 sub-TLAs allocated by RIPE NCC http: //www. ripe. net/ripencc/mem-services/registration/ipv 6. html John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 36
DNS Activities John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 37
RIPE NCC Hostcount per Quarter John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 38
DNS Management • Goals – ensure properation of name servers – minimise “pollution” of DNS • Services – manage reverse delegations of networks in 193/8, 194/8, 195/8, 212/8, 213/8 and 62/8 in-addr. arpa domain – support local IR’s with feedback – secondary name servers for cc. TLDs • RIPE NCC DOES NOT register domain names John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 39
Why Do You Need Reverse Delegation ? • All host-IP mappings in the DNS (A record) should have a corresponding IP-host mapping (PTR record) • Failure to have this will likely – block users from various services (ftp, mail) – make troubleshooting more difficult – produce more useless network traffic in general John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 40
Request Reverse Delegation • Send domain object to
Reverse DNS Quality Report • • 80% of delegating zones good Quality improving ~500 new zones /week 52. 3% of eligible /24 zones are delegated http: //www. ripe. net/inaddr/statistics John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 42
The RIPE Database Its usage and its usefulness John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 43
RIPE Database • Network Management Database • Data Management – Local IR’s, other ISPs and RIPE NCC • Software Management – RIPE NCC with Database Working Group – Re-implementation in progress John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 44
RIPE Database • RIPE whois server whois. ripe. net • RIPE whois client ftp: //ftp. ripe. net/ripe/dbase/software/ripe-dbase-2. 2. 1. tar. gz • Glimpse full text search http: //www. ripe. net/db/index. html • Database documentation http: //www. ripe. net/docs/ripe-157. html http: //www. ripe. net/docs/ripe-189. html John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 45
Some Database Objects – – – – – person: role: inetnum: mntner: domain: route: aut-num: as-macro: community: inet 6 num: John Crain contact persons contact groups/roles address assignments & networks authorisation of objects forward and reverse domains announced routes autonomous system group of autonomous systems group of routes experimental object for IPv 6 addresses . NATO Workshop, June 2000 . http: //www. ripe. net 46
Almost 5 Million Objects 4, 885, 891 0 00 , . . m p 0 30 : ate R John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 47
‘person’ Object person: address: phone: fax-no: e-mail: nic-hdl: notify: changed: source: John Crain Mirjam Kuehne RIPE NCC Singel 258 NL - 1016 AB Amsterdam Netherlands +31 20 535 4444 +31 20 535 4445 mir@ripe. net MK 16 -RIPE mir@ripe. net 19950411 mir@ripe. net 19970616 RIPE . NATO Workshop, June 2000 . http: //www. ripe. net 48
‘role’ Object role: address: phone: e-mail: trouble: admin-c: tech-c: notify: nic-hdl: changed: source: John Crain RIPE NCC Hostmaster RIPE Network Coordination Centre Singel 258 NL - 1016 AB Amsterdam, Netherlands +31 20 535 4444 hostmaster@ripe. net Work days 0900 -1800 CET: phone XXX Outside Business Hours: phone YYY JLC 2 -RIPE MK 16 -RIPE hostmaster@ripe. net RNH 124 -RIPE hostmaster@ripe. net 19971002 RIPE. NATO Workshop, June 2000 . http: //www. ripe. net 49
Network Object inetnum: netname: descr: country: admin-c: tech-c: status: mnt-by: changed: source: 193. 0. 0. 0 - 193. 0. 0. 255 RIPE-NCC RIPE Network Co-ordination Centre Amsterdam, Netherlands NL JLC 2 -RIPE MK 16 -RIPE ASSIGNED PA RIPE-NCC-MNT Geert. Jan. de. Groot@ripe. net 19970310 RIPE • “/” notation possible for inetnum value John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 50
Querying the Database • Search keys (Look-up Keys) – – – – – person role maintainer inetnum domain aut-num as-macro community route name, nic-hdl, e-mail maintainer name network number, network name domain name AS number AS-macro name community name route value • Network number and route value are classless • Network name is a search key, but not unique John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 51
Queries Reach 7/sec Average 7/sec John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 52
Example query whois 193. 0. 0. 0 inetnum: netname: admin-c: tech-c: 193. 0. 0. 0 - 193. 0. 0. 255 RIPE-NCC DK 58 OPS 4 -RIPE route: descr: 193. 0. 0. 0/24 RIPE-NCC role: address: nic-hdl: RIPE NCC Operations Singel 258 OPS 4 -RIPE person: address: nic-hdl: Daniel Karrenberg RIPE Network Coordination Centre (NCC) DK 58 John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 53
whois -h and -a • whois -h query a specific host – whois -h whois. ripe. net – whois -h whois. arin. net • whois -a includes the following sources – – – – RADB CANET MCI ANS APNIC ARIN RIPE John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 54
![whois -t (person) person: address: phone: fax-no: e-mail: nic-hdl: remarks: notify: mnt-by: changed: [mandatory]](https://present5.com/presentation/528516747a4e957aeb2544f68090d93f/image-55.jpg "whois -t (person) person: address: phone: fax-no: e-mail: nic-hdl: remarks: notify: mnt-by: changed: [mandatory]")
whois -t (person) person: address: phone: fax-no: e-mail: nic-hdl: remarks: notify: mnt-by: changed: [mandatory] [optional] [optional] [mandatory] source: [mandatory] [single] John Crain . [single] [multiple] [multiple] [primary/look-up key] [] [look-up key] [primary/look-up key] [] [inverse key] [] [] NATO Workshop, June 2000 . http: //www. ripe. net 55
whois -i • Inverse lookup for special arguments • Examples: – – whois -i tech-c, admin-c, zone-c MK 16 -RIPE whois -i notify mir@ripe. net whois -i origin AS 1234 whois -i mnt-by AS 1234 -MNT John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 56
Example Query 0/0 All less specifics (-L) 193/8 Exact / 1 st less specific (default) 193. 1/16 1 st level more specific (-m) All more specifics (-M) Example query : 193. 1. 0. 0/16 John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 57
RIPE whois Flags • • • i L m M r T inverse lookup for specified attributes find all Less specific matches find first level more specific matches find all More specific matches turn off recursive lookups type only look for objects of type (inetnum, route, etc. . ) John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 58
More RIPE whois Flags • • • a h s t v search all databases hostname search alternate server search databases with source “source” show template for object of type “type” verbose information for object of type “type” • and don’t forget whois help (how to query the database) John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 59
DB Update Procedure • Changing an object – add the changed line to the new version of object • value: email address and date – keep the same primary key * do not forget authentication (password, PGP key) • Deleting an object – add delete line to the exact copy of current object – value: email address, reason and date – submit to
DB Update Procedure • Unique Keys (Primary Keys) – person name + nic-hdl – role name + nic-hdl – maintainer name – inetnum network number – domain name – aut-num AS number – as-macro AS-macro name – community name – route value + origin • Uniquely identifies object • Updating an existing object will overwrite the old entry hence need unique key John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 61
E-mail Interface •
Syntax Checking • Successful update • Warnings – object corrected and accepted – notification of action taken in acknowledgement • Errors – object NOT corrected and NOT accepted – diagnostics in acknowledgement – if not understandable send e-mail to •
![Example Error Message Update FAILED: [person] Mirjam Kuehne person: address: phone: fax-no: e-mail: changed:](https://present5.com/presentation/528516747a4e957aeb2544f68090d93f/image-64.jpg "Example Error Message Update FAILED: [person] Mirjam Kuehne person: address: phone: fax-no: e-mail: changed:")
Example Error Message Update FAILED: [person] Mirjam Kuehne person: address: phone: fax-no: e-mail: changed: source: Mirjam Kuehne RIPE NCC Singel 258, NL-1016 AB, Amsterdam The Netherlands +31 20 535 4444 +31 20 535 4445 mir@ripe. net 19980828 RIPE WARNING: date in "changed" (980828) changed to 19980828 *ERROR*: mandatory field "nic-hdl" missing John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 64
Deleting an Object • Add delete attribute to copy of current object person: address: phone: fax-no: e-mail: nic-hdl: changed: source: delete: Mirjam Kuehne RIPE NCC Singel 258 NL - 1016 AB Amsterdam Netherlands +31 20 535 4444 +31 20 535 4445 mir@ripe. net MK 16 -RIPE mir@ripe. net 19980911 RIPE training@ripe. net late for training • Submit to database John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 65
Nic-hdl’s (Example) person: John F. Doe ……… JFD 304 -RIPE nic-hdl: AUTO-1 JFD person: Anne Smith ……… nic-hdl: AUTO-2 AS 519 -RIPE inetnum: ……… admin-c: AUTO-1 JFD 304 -RIPE tech-c: AUTO-2 AS 519 -RIPE John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 66
Questions? John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 67
Organizations AFRINIC African Network Information Centre http: //www. afrinic. org Asian Pacific Network Information Centre http: //www. apnic. net American Registry for Internet Numbers http: //www. arin. net Central and Eastern European Networking Association http: //www. ceenet. org Council of European National Top level domain Registries http: //www. centr. org Commercial Internet Exchange http: //www. cix. org European Telecommunications Standards Institute http: //www. etsi. org European Internet Service Providers Association http: //www. euroispa. org Internet Assigned Numbers Authority http: //www. iana. org APNIC ARIN CEENet CENTR CIX ETSI Euro. ISPA IANA John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 68
Organizations ICANN Internet Corporation for Assigned Numbers and Names http: //www. icann. net Internet Engineering Task Force http: //www. ietf. org International Telecommunications Union http: //www. itu. int North American Network Operators Group http: //www. nanog. org Reseaux IP European Network http: //www. ripe. net RIPE Network Coordination Centre http: //www. ripe. net World Wide Web Consortium http: //www. w 3. org IETF ITU NANOG RIPE NCC W 3 C John Crain . NATO Workshop, June 2000 . http: //www. ripe. net 69