Summary: Operational question: Building filters from IRRdbs

Alex Bligh amb at gxn.net
Wed Jan 13 01:03:05 UTC 1999


As promised, an anonymized summary:

I asked:
>* Does anyone actually do build filters without running
>  their own complete database mirror, i.e. do they rely real
>  time on a database working. If so, which one?
>
>* Does anyone let this config their routers automatically? To peers
>  customers, transits, or all three? Or do you rely on humans to
>  reinstall the lists once autogenerated?
>
>* If it's just a fact of life that occasionally this thing turns up duff
>  data, and if people are in general doing automatic installation, what
>  data validation heuristics are used?

A good few responses.
1. I was foolishly using version 4 which relies on RPSL servers which are
   not yet in production, rather than version 3 which uses RIPE-183.
   Currently all users who mentioned it use version 3 tools, and
   whois.ra.net as a serer, except one who uses RIPE and 'internal databases'.
   Noone mentioned running a mirror server.

2. Everybody claimed they sanity checked the output from peval, either
   manually, or automatically. Substantial changes in length were mentioned
   as indicators to 'pass to manual processing'. Some respondants also
   suggested that when automatically updating routers, substantial
   config-length changes were also detected, and caused a passing to manual
   processing. Some reasonable algorithmic detail was documented, which
   differed substantially between respondants. Amusingly there were also
   differences between two staff members of the same ISP.

3. In general, filtering was restricted to customers or customer-like entities.
   Some respondants suggested they used the same technology for small peers
   or ones they couldn't trust.

4. Noone suggested their techniques (including whatever level of human
   validation) were sufficiently fallible to cause increased chance of
   'fact of life' breakages.

Thanks to all who responded.

-- 
Alex Bligh
GX Networks (formerly Xara Networks)





More information about the NANOG mailing list