North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Yahoo outage summary

  • From: Joe Abley
  • Date: Mon Jul 09 16:53:37 2007

On 9-Jul-2007, at 16:13, Jared Mauch wrote:

Some have automated systems, but they're dependent on IRR data
being correct. There are even tools to automate population of IRR data.

Building customer filters from the IRR seems like it should fall in the "easy" bucket, given how long people have been doing it, and for how long. It's the lack of a way to trust the data that's published in the IRR that always seems to be the stumbling block.

Various ops-aware people have been attacking the correctness issue in the SIDR working group. The work seems fairly well-cooked to me, and I seem to think that Geoff Huston has wrapped some proof-of-concept tools around the crypto.

SIDR is only of any widespread use if it is coupled with policy/ procedures at the RIRs to provide certificates for resources that are assigned/allocated. However, this seems like less of a hurdle than you'd think when you look at how many RIR staff are involved in working on it.

So, if you consider some future world where there are suitably machine-readable repositories of number resources (e.g. IRRs) are combined with machine-verifiable certificates affirming a customer's right to use them, how far out of the woods are we? Or are we going to find out that the real problem is some fundamental unwillingness to automate this stuff, or something else?