Operational question: Building filters from IRRdbs

Alex Bligh amb at gxn.net
Sun Jan 3 01:02:14 UTC 1999


Here's a couple of operational questions for those who build
filters from IRRdb's.

Background:

* peval / rpsl.merit.edu *may* be incorrectly evaluating
  RIPE database entries currently - but this isn't my main
  thrust. The scary thing is suddenly what I'm 99% sure used
  to work (expanding AS Macros) now silently fails if they
  are in RIPE. [for details see the end]

* I'm not saying the server is broken (I guess it has something to
  do with the 'server is running at low priority' line), but if I had
  this in an automatic filter generating run, it would generate
  the RADB stuff just fine, and silently filter out all RIPE based
  peerings. Even if it's working perfectly correctly, the questions
  are still interesting, at least to me.

Questions:

* Does anyone actually do build filters without running
  their own complete database mirror, i.e. do they rely real
  time on a database working. If so, which one?

* Does anyone let this config their routers automatically? To peers
  customers, transits, or all three? Or do you rely on humans to
  reinstall the lists once autogenerated?

* If it's just a fact of life that occasionally this thing turns up duff
  data, and if people are in general doing automatic installation, what
  data validation heuristics are used?

I'll summarize to the list any off-list replies that are interesting.

--

Alex Bligh
GX Networks (formerly Xara Networks)

Boring details:

[ If anyone from merit/isi is interested this is peval (RAToolSet v4.3.1)
  binaries from the isi site running on Solaris 2.5.1 and I'm
  sure it was working a little while ago.

  I can't get peval to produce anything sensible at the moment
  for anything in a database other than RADB. For instance:

    opal[amb].158$ ./peval -no-as -T all AS-EUNET
    Whois: Open rpsl.merit.edu, 43, RADB,MCI,RIPE,ANS,CANET
    Whois: WriteQuery -V RAToolSet4.3.1 --single --silent -k -r -s
       RADB,MCI,RIPE,ANS,CANET -u -T as-set AS-EUNET
 
    Whois: Response 
    % RIPEdb(3.0.0a13) with ISI RPSL extensions
 
    % Server is running at low priority for -M, -m and -k queries
 
    % No entries found in RADB, MCI, RIPE, ANS and CANET database.
 
    NOT ANY

  A 'whois -h whois.ripe.net AS-EUNET' demonstrates that this isn't
  in fact the case.

  Works for anything in RADB, including my macros which are in both.

  As I said, I'm not saying the server is broken (I guess it has something to
  do with the 'server is running at low priority' line), but if I had
  this in an automatic filter generating run, it would generate
  the RADB stuff just fine, and silently filter out all RIPE based
  networks

]

-- 
Alex Bligh
GX Networks (formerly Xara Networks)





More information about the NANOG mailing list