arin and ops fora

Simon Leinen simon.leinen at
Sat Jan 8 05:41:07 CST 2011

Randy Bush writes:
> one difference in north america from the other 'regions' is that there
> is a strong and very separate operator community and forum.  this does
> not really exist in the other regions.  ripe ate the eof years ago.
> apops is dormant aside from [...]


> observe that the main north american irr, radb, is not run by the rir,
> unlike in other regions.  and i like that there are a number of
> diverse rir services in the region.  it's healthy.
          ^^^ you mean "rr" I think.

> so i would be perfectly happy if arin discussed operational matters
> here on nanog with the rest of us ops.  i would not be pleased to see
> ops start to be subsumed by the rir here.

I'm sympathetic with that, but, like David said, the separation
(NANOG/ARIN) you have in North America does lead to issues such as not
being able to trust what's in the RR(s).

So I'm quite happy with the situation here in Europe, where RIPE
(deliberately ignoring the difference between RIPE NCC and the RIPE
community for a second) takes care of both running the address registry,
and running a routing registry that can leverage the same
authentication/authorization substrate.  This makes the RR much more
trustworthy, and should really make the introduction of something like
RPKI much easier (albeit with the temptation to set it up in a more
centralized way than we might like).

Randy, what is the model you have in mind for running a routing registry
infrastructure that is sustainable and trustworthy enough for uses such
as RPKI, i.e. who could/should be running it? I guess I'm arguing that
from my non-North-American perspective, an ARIN with a carefully
extended mandate could be of much help here.  So even if you're unhappy
with the current ARIN governance, maybe it would still be worthwhile for
the community to fix that issue - unless there are credible alternatives.

More information about the NANOG mailing list