1 / 24

New Version of the RIPE Database

New Version of the RIPE Database. Andrei Robachevsky RIPE NCC < andrei@ripe.net >. Outline. Current status of the RIPE Database New database software RIPE Database migration. RIPE Database Status. Contains IP allocations/assignments Domain registry Routing registry

keilah
Télécharger la présentation

New Version of the RIPE Database

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. New Version of the RIPE Database Andrei Robachevsky RIPE NCC <andrei@ripe.net>

  2. Outline • Current status of the RIPE Database • New database software • RIPE Database migration

  3. RIPE Database Status • Contains • IP allocations/assignments • Domain registry • Routing registry • More than 4 Million objects • 84% person, 11% inetnum, 0.66% route • 6,700 updates/day • Up to 1.5 Mqueries/day (15 queries/s) • 38% IP addresses, 1% IP prefixes • Up to 15% are denied

  4. Distribution by object type(August 2001)

  5. Queries reached 15 q/s average(35q/s max)

  6. % of queries by object type

  7. Updates 7 per min

  8. Database Software v3 • Functionality • Architecture • Performance

  9. New version of the RIPE Database • Supports RPSL (RFC2622) • Extended syntax • New objects and attributes • Supports RPSS (RFC2725) • New authorization rules • Supports RAToolset • RtConfig -protocol ripe • Code is completely rewritten

  10. RPSL features • Provides rich syntax for expressing routing policies • router configuration ready • RPSL syntax extensions apply to all object types • end of line comments • line continuation • order of attributes • New objects • as-block, as-set (as-macro), route-set (community) • peering-set, filter-set, rtr-set • New attributes • member-of, mbrs-by-ref • mnt-routes: <mnt_name> [ rpsl list of prefixes | ANY] • referral-by: <mnt_name>

  11. Security features • Provides strong security mechanisms • Protection of individual objects • Protection of IP address space • Protection of ASN space • Protection of route space • Protection of set membership • Protection of hierarchical set names • Protection of domain object space • 4 supported auth schemes • GPG public keys are supported

  12. New software • Mainly in C, multithreaded • CPU: 70% idle • RDBMS as a back-end • MySQL, customized transaction support • In-memory radix tree for IP lookups • also more and less specific lookups for reverse delegation domains • MIME and GPG support • correct PGP keys are also accepted • Automatic access control • separate accounting for public and contact data

  13. RDBMS Update FE Core Server Update FE Mirror Server NRTM clients RDBMS Server architecture Queue rules Message queues Syntax checks, acks, notifications queries E-mail

  14. Query Performance (I) Query rate, q/s V3 operational zone V3 V2 V2 operational zone # of concurrent clients

  15. Query Performance (II) Responsetime,s V3 operational zone V3 V2 V2 operational zone # of concurrent clients

  16. Transition phases • Pre-migration period • Conversion to RPSL • Prototype servers • Transition period • 23 April: Migration Night • RIPE-181 compatibility mode • Finalizing the migration • ftp site structure • deprecating legacy stuff

  17. Pre-migration: RIPE181 -> RPSL • Sets • as-macro: <macro_name> => as-set: <macro_name> • community: <comm_name> => route-set: RS-<comm_name> • Reserved prefixes (RP) • AS-, RS-, RTRS-, FLTR-, PRNG- • mntner: <RP><mt_name> - 9 cases, all resolved by the owners • as-name: <RP><name> => ASN-<name> • Mandatory attribute: mnt-by (except dn, pn, ro) • no mnt-by => mnt-by: RIPE-NCC-NONE-MNT • no mnt-by (aut-num’s) => mnt-by: RIPE-NCC-AN-MNT • New attribute: referral-by • => referral-by: RIPE-DBM-MNT

  18. Pre-migration: prototype servers • Near real-time mirror of the RIPE Database • whois -h rpsl.ripe.net • contains live RIPE Database in RPSL format • Test server for submissions • mail <auto-rip@ripe.net> • whois -h rpsl.ripe.net -p 4343 • NRTM • rpsl.ripe.net, port 4444 • please contact <ripe-dbm@ripe.net>

  19. Pre-migration: milestones • April 5 ripe-dbase-3.0 release • April 12 Advised mirrors’ switchover • 4 servers switched to the RPSL mirror • April 19 Migration if the TESTDatabase • dress rehearsal of the migration

  20. Transition: Compatibility mode • RIPE-181 updates • can be sent to a separate mail robot • automatically converted to RPSL • PGP authentication • cannot be used • RPSL syntax rules • empty attributes are not allowed • optional -> mandatory • no aliases • no prefix notation

  21. Transition: issues • Routing Policy System Security (RFC2725) • new authorisation rules for route creation • need to duplicate objects in the RIPE DB • encompassing inetnum with NONE auth for mnt-routes • as-blocks for non RIPE space with NONE auth for mnt-lower • low level of security in non RIPE space • still apply in RIPE-181 compatibility mode • V2 undocumented features • leading white space stripping • correcting misspelled attributes • filtering out empty attributes

  22. Production Prototype/Compatibility Transition timeline Updates in RIPE-181 to <auto-dbm@ripe.net> Updates in RIPE-181 to <auto-dbm@ripe.net> Updates in RPE-181 to <auto-181@ripe.net> RIPE181 Updates in RPSL to <auto-rpsl@ripe.net> Updates in RPSL to <auto-dbm@ripe.net> RPSL Updates in RPSL to <auto-rip@ripe.net> Updates in RPSL to <test-dbm@ripe.net> TEST X=23 April Y=14 May Z=15 October

  23. Future Plans • Provide support for several platforms • Solaris (SPARC & Intel) • Linux (RedHat) • FreeBSD • New features • DB and object schema/syntax, object library • extensions to RFC2725 implementation

  24. More Information • RIPE-181 to RPSL Migration page • http://www.ripe.net/rpsl • Documentation • RIPE Database Reference Manual http://www.ripe.net/ripe/docs/databaseref-manual.html • RIPE Database User Manual (coming soon) • RIPE Database Operation Manual (coming soon) • Software • New whois client ftp://ftp.ripe.net/tools/ripe-whois-3.0.tar.gz • Server software v3 ftp://ftp.ripe.net/ripe/dbase/software/ripe-dbase-3.0.1.tar.gz

More Related