1.7k likes | 1.84k Views
Welcome to the Local Internet Registry Tutorial. 15 September 2000 Grand Ball Room, 14:00-17:30. RIPE Network Co-ordination Centre Vesna Manojlovic <BECHA@ripe.net>, Eamonn McGuinness <eamonn@ripe.net> http://www.ripe.net/ripe/meetings/archive/ripe-37/presentations/lir-tutorial/
E N D
Welcome to theLocal Internet Registry Tutorial 15 September 2000 Grand Ball Room, 14:00-17:30 RIPE Network Co-ordination Centre Vesna Manojlovic <BECHA@ripe.net>, Eamonn McGuinness <eamonn@ripe.net> http://www.ripe.net/ripe/meetings/archive/ripe-37/presentations/lir-tutorial/ ftp://ftp.ripe.net/ripe/presentations/lir-tutorial-ripe37
Schedule • Requesting Address Space • Introduction to RIPE NCC • Global Registry System • Initial Administrivia of Becoming LIR • First Request • Completing the request form • Communication with hostmasters • Customer’s Request • Elementary evaluation • RIPE Database • Evaluation of specific assignment cases • Large request • PI request • Renumbering • Assignment Window • New allocation
What is the RIPE NCC? • Network Co-ordination Centre • The RIPE NCC is a “co-ordination” and support service for its members and RIPE community • One of 3 Regional Internet Registries (RIR) • Why a NCC ? Actions agreed in RIPE community needed • continuity and professionalism • neutrality and impartiality
Vital Statistics • Statistics 1992 • 3 staff members • No Local IR’s • 182,528 hosts in European Internet • 7,955 objects in RIPE database (June ‘92) • Statistics Now • 62 staff (22 nationalities) • 2,018+ participating Local IR’s • 11,390,000+ countable hosts in the RIPE NCC region • 3,041,650+ objects in the database
RIPE NCC Activities (1) Member Services • Registration Services • IPv4 addresses • IPv6 addresses • AS numbers • LIR Training Courses • <hostmaster@ripe.net> • Reverse domain name delegation • NOT registering domain names
RIPE NCC Activities (2) Public Services • RIPE database maintenance • Routing Registry Maintenance (RR) • Co-ordination • RIPE support • Liaison with: • LIRs / RIRs / ICANN / etc … • Information dissemination • New Projects • Test Traffic Measurements • Routing Information Service (RIS) • Routing Registry Consistency (RR)
RIPE Database (1) • Public Network Management Database • Information about objects IP address space inetnum, inet6num reverse domains domain routing policies route, aut-num contact details person, role • Server whois.ripe.net • UNIX command line queries • http://www.ripe.net/ripencc/pub-services/db/
RIPE Database (2) • Software Management • server and client • NOT relational • RIPE NCC • Database Working Group (RIPE community) • Data Management • LIRs • other users • RIPE NCC • Information content not responsibility of RIPE NCC • Protection mechanisms not default, but strongly encouraged
Summary: RIPE & RIPE NCC Two separate organisations, closely interdependent • RIPE • open forum for discussing policies • RIPE NCC • legitimate, not-for-profit association • formal membership • neutral and impartial
Terminology • Global Registry System
Terminology • Allocation • address space given to registries which is held by them to assign to customers • Assignment • address space given to end-users for use in operational networks /20 allocation = 4096 addresses assignment assignment
24 110 256 192.0.0.0 - 223.255.255.255 Classful Notation network host 8 0 16,777,216 Class A 0.0.0.0 - 127.255.255.255 16 10 65,536 Class B 128.0.0.0 - 191.255.255.255 Class C • Obsolete because of • depletion of B space • too many routes from C space • Solution • Classless Inter Domain Routing • hierarchical address space allocation
Classless Notation Addresses Prefix Classful Net Mask ... ... ... ... /29 8 255.255.255.248 16 /28 255.255.255.240 32 /27 255.255.255.224 64 /26 255.255.255.192 128 /25 255.255.255.128 256 /24 1 C 255.255.255.0 ... ... ... ... 4096 /20 16 C’s 255.255.240.0 8192 /19 32 C’s 255.255.224 16384 /18 64 C’s 255.255.192 32768 /17 128 C’s 255.255.128 65536 /16 1 B 255.255.0.0 ... ... ... ...
Goals of the Internet Registry System • Aggregation • Conservation • Registration • uniqueness
Local IR Regional Registry Structure IANA / ICANN ARIN RIPE NCC APNIC Local IR / ISP Enterprise Local IR ISP ISP / End user End user
Becoming LIR • Completed application form (ripe-212) • Provided Reg-ID & contact persons • <new-lir@ripe.net> • Read relevant RIPE documents • Signed contract (ripe-191) • agreed to follow policies and procedures • Paid the sign-up & yearly fee • <billing@ripe.net>
Contact Persons • Stored in RIPE NCC internal file for each registry • confidential • Only registered contact persons can • send requests to hostmasters • change contact information • PGP optional (soon) • Use ‘role’ object • for multiple admin-c and tech-c • Members’ mailing lists • <local-ir@ripe.net> • <ncc-co@ripe.net>
Registry Identification (RegID) • Distinguishes between contributing registries and individuals • Format • <country code> . <registry name> • Include with every message • Suggestion - modify mail header • X-NCC-RegID: nl.bluelight
New Registry’s First Request • Completing the request form • Communication with the hostmaster
Sample First Request • Example: Blue Light Internet • LIR wants a block of IP addresses • e.g. for own network / infrastructure • do not include needs of customers yet Steps: • Complete request form ripe-141 • Send request to <hostmaster@ripe.net> • RIPE NCC evaluate and approve request With first assignment LIR automatically receives /20 allocation
Request Formripe-141 I. General Information Overview of Organisation Contact Information Current Address Space Usage II. The Request Request Overview Addressing Plan III. Database Information IV. Optional Information
Completing the Request Form (starting from Addressing Plan)Gathering Information • Design of the network • how many physical segments it will consist of • what is each segment going to be used for • including equipment used • how many hosts are in each segment • expectations of growth
#[ Addressing Plan Template ]# dynamic dial-up Amsterdam web/mail/ftp servers Amsterdam customers’ servers Amsterdam training room LAN Amsterdam Amsterdam office LAN (*1) dynamic dial-up Utrecht web/mail/ftp servers Utrecht Inet cafe Utrecht training room LAN Utrecht 0.0.0.0 0.0.0.128 0.0.0.160 0.0.0.176 0.0.0.192 0.0.1.0 0.0.1.128 0.0.1.160 0.0.1.176 255.255.255.128 255.255.255.224 255.255.255.240 255.255.255.240 255.255.255.192 255.255.255.128 255.255.255.224 255.255.255.240 255.255.255.240 128 32 16 16 64 128 32 16 16 448 Relative Subnet Mask Size Imm 1yr 2yr Description Prefix 100 10 8 14 24 0 0 14 0 100 12 10 14 35 100 12 14 0 100 16 13 14 50 100 25 14 10 170 297 342 Totals (*1) Office LAN = workstations, router, 2 printers and 1 fileserver
Totals: 448 170 297 342 #[ Request Overview Template ]# request-size: 448 addresses-immediate: 170 addresses-year-1: 297 addresses-year-2: 342 subnets-immediate: 6 subnets-year-1: 8 subnets-year-2: 9 inet-connect: YES, already connected to “UpstreamISP” country-net: NL private-considered: Yes request-refused: NO PI-requested: NO address-space-returned: 195.20.42.0/25, to UpstreamISP, “in 3 months”
#[ Current Address Space Usage Template ]# Prefix Subnet Mask Size Imm 1yr 2yr Description 195.20.42.0 255.255.255.192 64 16 30 50 Dynamic dial-up A’dam 195.20.42.64 255.255.255.224 32 10 22 29 Amsterdam office LAN 195.20.42.96 255.255.255.240 16 4 6 8 Utrecht office LAN 195.20.42.112 255.255.255.240 16 6 10 13 Mail servers 128 36 68 100 Totals Actual addresses
#[Person template]# Jan Jansen Blue Light Internet Oudezijds Achterburgwal 13 Amsterdam The Netherlands jan@bluelight.nl +31-20-555 5555 AUTO-1 BLUELIGHT-MNT jan@bluelight.nl 19990906 RIPE person: address: address: address: address: e-mail: phone: nic-hdl: mnt-by: changed: source: * *
* * #[Network template]# inetnum: netname: descr: descr: country: admin-c: tech-c: status: mnt-by: changed: source: x.x.x.x/23 BLUELIGHT-1 Company infrastructure in both locations NL AB231-RIPE AUTO-1 ASSIGNED PA BLUELIGHT-MNT jan@bluelight.nl 19990906 RIPE
Ticketing System • Unique ticket number • facilitates retrieval / archiving • NCC#YYYYMMXXXX • e.g. NCC#2000053280 • Check status of ticket on the web • http://www.ripe.net/cgi-bin/rttquery • open ncc • open reg • closed
Hostmaster-robot • Checks request form • Reg-ID, contact persons • syntax • policy problems • Acknowledgement & diagnostics • LONGACK • Error message • correct & re-send the request • use same ticket number • NOAUTO • No errors: hostmaster wait-queue • “ongoings” directly to hostmasters
Request Approved • With the first ASSIGNMENT approved LIR automatically gets an ALLOCATION • /20 (4096 addresses) • Hostmaster enters allocation and assignment objects into the RIPE database at this time • /24 & /25 & /26 instead of /23 • Whole allocated range can be announced immediately • Every request has to be sent for approval to RIPE NCC • addresses for LIRs own infrastructure • all customers’ request
Customer’s Request Evaluation Basic Database Issues
Assignment Process Gathering information Completing ripe-141 Customer no Documentation completed? yes RIPE NCC evaluation no Documentation completed? approval notify customer update local records update RIPE database Assignment
Gathering Information • One request form per customer • Ask the same questions RIPE NCC asks LIR • enough information to complete ripe-141 • Add comments • Example: Goody 2 Shoes
Before Submitting the Request • Syntax check the request on the Web • Complete documentation reduces need for iteration • All the data communicated with RIPE NCC is kept strictly confidential • Documentation for RIPE NCC has to be in English
Evaluation -- General Information • #[Overview of organisation template]# • information relevant to the address space request • Name and location of the company? • What are the company activities? • What is the structure? • Does it have subsidiaries and where? • For what part of the company are the addresses requested? • #[Requester Template]# • LIR contact for RIPE NCC • #[User Template]# • customer’s contact for LIR
Evaluation -- Addressing Plan • Do totals in “Addressing Plan” match numbers in “Request Overview”? • Are all subnets classless? • are the subnet masks real? • Utilisation and efficiency guidelines: 25% immediately, 50% in one year • Can address space be conserved by using • different subnet sizes? • avoiding padding between subnets?
Evaluation -- Network Template • inetnum value • specifies the size of assignment • actual range is not necessary • Relevant netname • descriptive; uppercase letters, numbers & “-” • RIPE NCC’s only reference to LIR’s assignment • Contact persons • can be multiple • reference nic-hdls (may be a role object) • admin-c • responsible for the network, able to make decisions • tech-c • technical setup of the network
Assignment for customer’s network Assignment for LIR’s network Internal Administration • Wait for approval from <hostmaster@ripe.net>prior to assignment and registration • Decide on the range of within your address space • classless assignment on bit boundary • Update local records • archive original documents with assignment
Creating person Object • Check if person object exists in RIPE DB • whois {person’s name; email address} • only one object per person • Obtain and complete a template • whois -t person • -v (verbose) • Send to <auto-dbm@ripe.net> • Each person object has unique nic-hdl
whois -t person person: [mandatory] [single] [primary/look-up key] address: [mandatory] [multiple] [ ] e-mail: [optional] [multiple] [look-up key] phone: [mandatory] [multiple] [ ] notify: [optional] [multiple] [inverse key] nic-hdl: [mandatory] [single] [primary/look-up key] changed: [mandatory] [multiple] [ ] source: [mandatory] [single] [ ]
nic-hdl • Mandatory attribute • Only way to clear ambiguity in person objects • Format: <initials><number>-<regional registry> • e.g. AB123-APNIC, CD567-RIPE • Combination of person nameandnic-hdl is the primary key for person object • Use “AUTO-#” placeholders person: Piet Bakker ... nic-hdl: AUTO-1 person: Jan van der Bruk ... nic-hdl: AUTO-#initials PB1234-RIPE AUTO-1JVDB JVDB1-RIPE