ripe ncc lir tutorial · 2010. 12. 23. · (end user, downstream isp or lir’s own...
TRANSCRIPT
![Page 1: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/1.jpg)
1RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Welcome to the
RIPE NCCLIR Tutorial
![Page 2: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/2.jpg)
2RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Overview - LIR Basics
• Being an LIR• RIPE Database• Assignment Window• Making Assignments• PI Address Space• AS Numbers• IPv6 Address Space
![Page 3: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/3.jpg)
3RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Being an LIR
![Page 4: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/4.jpg)
4RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
What is an LIR?
• Local Internet Registry- responsible for obtaining, distributing and registering
IP resources, according to the RIPE policies
• Member of the RIPE NCC- receiving resources directly from the RIPE NCC
• Benefits- flexibility- independence (BGP multihoming)
![Page 5: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/5.jpg)
5RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Classless Addressing
• Classful addressing (’80-’93) now obsolete- waste of addresses; routing table growth
• ’93: Classless Inter Domain Routing (CIDR)– flexible allocation / assignment sizes– w.x.y.z/nn notation
• CIDR implemented in all modern routing protocols• CIDR used for address space distribution
![Page 6: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/6.jpg)
6RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Terminology
• Allocation- address space set apart, by the RIPE NCC for LIR’s and its customers’
future use
• Assignment- address space in use in networks
(End User, downstream ISP or LIR’s own infrastructure)- made from allocation or sub-allocation
• Assignment Window - maximum nr of addresses an LIR can assign without RIPE NCC’s
approval. New LIR: AW=0
![Page 7: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/7.jpg)
7RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
/8
RIPE NCC Allocation
Allocation and Assignment
/24
/21LIR Allocation
End User Assignments
/25 /26+ LIR’s Infrastructure
![Page 8: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/8.jpg)
8RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
LIR Set-up Process
• Steps- read policy documents- apply for membership
• RegID, contacts
- pay the fees- sign the contract
• Next steps- LIR: register RIPE Database contact data - RIPE NCC: “Reg” file, “organisation” object- LIR: activate LIR Portal account
![Page 9: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/9.jpg)
9RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Sources of Contact Information
Reg File
RIPE DatabaseLIR Portal
• Public info- access by anyone- updates by anyone
• Operational contacts- troubleshooting
• Responsibility over registered resources
• Use: nic-handle• Additional authorisation: using “maintainer”
• RIPE NCC confidential- access only by “users”
• “admin” creates “users”• “users” create “contacts”• Use: Reg-ID, user, pwd
• RIPE NCC “contacts” can: - request resources- update contact info
• Use: Reg-ID, name
![Page 10: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/10.jpg)
10RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
First IPv4 Allocation
• If you- want independent addresses- have an estimate of usage for two years- know how much space needed in first six months
• Send us- “IPv4 first allocation request form”- PA assignment request form for infrastructure- PA assignment request form for each customer
• Slow start: minimum initial allocation size /21
![Page 11: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/11.jpg)
11RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Questions?
Summary
• You are part of the global Registry System• Think CIDR!• LIR Portal: main interface
![Page 12: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/12.jpg)
12RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
RIPE Database
![Page 13: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/13.jpg)
13RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
RIPE Database
• Public Network Management Database• All LIRs must have-person object- maintainer (mntner) object-organisation object
-role object is convenient
![Page 14: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/14.jpg)
14RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
DB Object Syntax
person: John Smithaddress: Singel 258
Amsterdamphone: +31 20 535 1234 # 9-17 CETnic-hdl: JS1-RIPEchanged: [email protected] 20030306source: RIPE
Attribute value
Comment (after #)
Attribute name
Continuation(line starts with white character)
![Page 15: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/15.jpg)
15RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Querying the RIPE Database
• Object types:- Resource info- Contact info- Protection
• Command-line client• Web interface
- https://www.ripe.net/whois
• “Glimpse”: full text search• http://www.ripe.net/db/whois-free.html
![Page 16: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/16.jpg)
16RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Updating Objects
• Updating = creating, modifying, deleting
• Web, sync, e-mail- Mind the primary key!
• Use new for creating objects
- Add “changed:” line
• Ack, error and warning messages returned
![Page 17: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/17.jpg)
17RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Protection of DB Objects
• “mnt-by”: attribute refers to mntner object- Checked at every update
• Password: - CRYPT-PW, MD5-PW,
• https://www.ripe.net/cgi-bin/crypt.cgi• Private key/Public key
• PGPKEY-<id> & key-cert object• X.509-<id> & key-cert object
• Multiple auth / mnt-by / mntner-s are OR-ed
![Page 18: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/18.jpg)
18RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Multiple Protection Illustrated
mntner: ONE-MNT mntner: TWO-MNT
aut-num: AS3003
mnt-by: ONE-MNT
mnt-by: TWO-MNT
• In order to update the object AS3003, need to have:– Either the (crypt) password– Or the MD5 password– Or the PGP key
auth: PGPKEY-AE6FBBF7
auth: CRYPT-PW: bla34^&$% auth: MD5-PW: $bla34^&$%bla.
![Page 19: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/19.jpg)
19RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Hierarchical Authorisation
inetnum: 85.118.184.0/21status: ALLOCATED PAmnt-by: RIPE-NCC-HM-MNTmnt-lower: LIR-MNT
inetnum: 85.118.186.0/24status: ASSIGNED PAmnt-by: LIR-MNT
Allocation
Assignment
![Page 20: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/20.jpg)
20RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
TEST Database
• Playground Database: “source: TEST”- whois –h test-whois.ripe.net- mailto: [email protected]
• http://www.ripe.net/db/syncupdates/syncupdate-test-minimal.html
• http://www.ripe.net/webupdates-test
• Differences from RIPE Database:- Can create ASN objects automatically- Does not contain same info as operational RIPE
Database
![Page 21: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/21.jpg)
21RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Questions?
Summary
• RIPE Database• Maintainers• Hierarchical authorisation
![Page 22: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/22.jpg)
22RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Assignment Window
![Page 23: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/23.jpg)
23RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Assignment Window Concept
• Maximum number of IP addresses the LIR can assign without approval from the RIPE NCC
• For each End User, within any 12 months
• New LIR, AW = zero
• RIPE NCC increases AW gradually
![Page 24: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/24.jpg)
24RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Infrastructure versus End User
• LIR / ISP infrastructure- blocks for co-location: server housing, web hosting - blocks for connection to End Users (dial-up, P2P)
• End User network- their equipment, their location- separate subnet(s)
![Page 25: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/25.jpg)
25RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Assignments for LIRs’ Infrastructure
• LIR can make multiple assignments to own infrastructure. Each assignment = or < AW
• In inetnum object: separate attribute:
remarks: INFRA-AW • Only if assignment hasn’t been requested!• Cannot be merged
• Keep documentation to justify assignments
• Assignments > AW : send request to the RIPE NCC !
![Page 26: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/26.jpg)
26RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Ask for Approval if…
• Request is above AW:
– This request and all previous assignments you made without the RIPE NCC to the same End User in the last 12 months
– New LIR’s AW=0 – need approval for everyassignment!
![Page 27: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/27.jpg)
27RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Questions?
Summary
• New LIR: AW=0• Assignment > AW: send request for approval• Assignment < AW: evaluate & assign yourself
![Page 28: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/28.jpg)
28RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Making Assignments
![Page 29: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/29.jpg)
29RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Get it Right
• Before sending PA request, read:- FAQ, “Quick Tips”- “IPv4 Address Assignment and Allocation Policies”- “The LIR Handbook”
• Request online via LIR Portal- or “PA Assignment Request Form”- or “PA Assignment Wizard” via LIR Portal
• Not more than 5 requests at a time
![Page 30: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/30.jpg)
30RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Step 1: LIR Collects Information
• Why?- To determine the operational need - To justify the decision
• Info needed- Contact details- Network setup- Current address space usage - Address space requirements- Future plans
• Confidential, local language
![Page 31: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/31.jpg)
31RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Step 2: LIR Evaluates Request
• Current address space
• Returning addresses? –Renumbering encouraged!
• All subnets classless
• Planning of growth two years ahead maximum- utilisation: 25% now, 50% in one year
![Page 32: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/32.jpg)
32RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Step 3: LIR Makes Decision
• Size- Based on demonstrated need
• For End User? For own Infrastructure?
• Classless- “/23 & /25” or /27… not always /24
• Range- Your choice
![Page 33: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/33.jpg)
33RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Assignment Process
LIR Evaluates Request
Approach RIPE NCC
request > AW?
need 2nd opinion?
yes
no
no
yesRIPE NCCevaluates
LIR Collects Information
LIR Registers in RIPE DB
LIR Keeps Documentation
LIR Chooses Addresses
![Page 34: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/34.jpg)
34RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Step 4: Request Form
• General Information• Address Space User• Addressing Plan• Equipment description• Network description• Network diagram
![Page 35: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/35.jpg)
35RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Questions?
Portal Communication
Real time syntax checks
RIPE NCCEvaluation
Use the same ticket number
Portal Request Form
Ticket created Request queued
yesno
Approval
LIR answers Human (analyst)
![Page 36: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/36.jpg)
36RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Email Communication
Syntax checks
correct?
Human (analyst)
Questions?RIPE NCCEvaluation
Use the same ticket number
PA AssignmentRequest Form (ripe-315)
Ticket created Request queued
yesno
yesno
Approval
Always include:- Reg-ID- your name
<[email protected]>LIR fixes errors
LIR answers
![Page 37: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/37.jpg)
37RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
RIPE NCC Evaluates Requests
• Based on “IPv4 Address Policies” document- Dynamic assigning encouraged
• not static
- More than /20: usage statistics verification• Always-on technologies: xDSL, cable, GPRS…
- Name-based virtual web hosting encouraged • not IP-based• exceptions: SSL, ftp & mail servers...
![Page 38: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/38.jpg)
38RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Approval
• RIPE NCC sends approval message to LIR- Size- “netname:”- Date
• ticket closed
• LIR keeps approval message• keep all original documents too
• Next steps- LIR chooses addresses- LIR creates inetnum object
![Page 39: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/39.jpg)
39RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Step 5: LIR Registers in RIPE DB
• Validity• Uniqueness • Overview
- range- netname
• Contact info- admin-c- tech-c
• inetnum must match internal documentation
![Page 40: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/40.jpg)
40RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Registering End Users Separately
• Obligatory
• Benefits:- Abuse complaints can go directly to End User - Network operators can block End User prefix
![Page 41: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/41.jpg)
41RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Questions?
Summary
• Evaluate End User needs• Always register End Users separately
![Page 42: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/42.jpg)
42RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
PI Address Space
![Page 43: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/43.jpg)
43RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
PA versus PI Assignments
• Provider Aggregatable assignments- LIR assigns to End User- Must renumber when changing providers - Only way to effectively scale the Internet!
• Provider Independent assignments- RIPE NCC assigns to End User- Portable- Can be difficult to route- Next assignment not aggregatable- Affects yearly fee- Increases size of the routing tables
![Page 44: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/44.jpg)
44RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
PI versus PA Assignments
Aggregation
Provider Aggregatable
(Non-portable Assignments)
BGP Announcement (1)
LIR Allocation
Customer Assignments
Provider Independent
(Portable Assignments)
No Aggregation
BGP Announcements (4)
Customer Assignments
ISP
![Page 45: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/45.jpg)
45RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Requesting PI Space
• Explain consequences to End User
• Create RIPE Database objects-person/role, mntner, organisation
• Send request on behalf of End User- LIR Portal, or- “PI Assignment Request Form”
![Page 46: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/46.jpg)
46RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Evaluation of PI requests
• Additional questions - Why does End User want PI (and not PA)?- Requesting extra address space for routing?- Aware of consequences?
• Same criteria as for PA assignments- Conservative estimates- Classless
• Assignment is only valid as long as original criteria remain valid
![Page 47: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/47.jpg)
47RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
PI Responsibilities• RIPE NCC
- Assigns to End User- Creates inetnum
• LIR- Makes contracts with End Users- Helps End Users with reverse DNS, route objects- Helps End Users if changing provider
• End User - Maintains objects- Must not assign further
![Page 48: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/48.jpg)
48RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Questions?
Summary
• PA recommended• LIR requests PI space for End User• Shared responsibilities
![Page 49: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/49.jpg)
49RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Autonomous System Numbers
![Page 50: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/50.jpg)
50RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Autonomous System
• RFC 1930: - “An AS is a connected group of … IP prefixes … which
has a single and clearly defined routing policy.”
• LIR can request an ASN - For own network, or for another organisation
• Assignment criteria: multihomed- Unique routing policy- E-mail addresses of peers
![Page 51: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/51.jpg)
51RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Multihomed Routing Policy
ASNEW
First PeerAS64512
Second PeerAS64513
![Page 52: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/52.jpg)
52RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
aut-num in ASN Request Form
aut-num: ASNEW
as-name: <add name for the AS>
descr: <add AS Number User name>
org: <add org-ID>
import: <specify the outgoing routing policy for the first peer>
export: <specify the incoming routing policy for the first peer>
import: <specify the outgoing routing policy for the second peer>
export: <specify the incoming routing policy for the second peer>
[... ]
Bluelight-ASN Bluelight Ltd ORG-Bb2-RIPE
from AS64512accept ANYto AS64512 announce ASNEWfrom AS64513accept ANYto AS64513 announce ASNEW
action pref=20;
action pref=80;
![Page 53: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/53.jpg)
53RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
aut-num Object
• RIPE NCC creates aut-num object-mnt-by: LIR-MNT-mnt-routes: End-User-MNT (or LIR)-org: ORG-End-User-RIPE (or LIR)
• When the peering is established, LIR should update routing policy
• AS Number assignment is only valid as long as the original criteria remain valid
![Page 54: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/54.jpg)
54RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
route Object
• route objects: part of Routing Registry
• LIR creates route/route6 objects for any (new) allocations they announce- Both “route:” and “origin:” are primary key
- Complex hierarchical authorisation for creation - Used for prefix filtering by some ISPs
• “How do I find IPv6 prefixes that originate from a certain AS Number?”
![Page 55: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/55.jpg)
55RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
ASN: Learning Points
• If you want to be multihomed• Describe your routing policy• Route object recommended
Questions
![Page 56: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/56.jpg)
56RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
IPv6 Address Space
![Page 57: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/57.jpg)
57RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
First IPv6 Allocation
• If you- a) are an LIR- b) not an End Site- c) plan to provide IPv6 connectivity to aggregated
‘customers’, who are assigned /48s- d) plan to assign 200 /48s within two years
• Send us “IPv6 first allocation request form”• Minimum initial allocation size /32
–Assignment policy being discussed
![Page 58: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/58.jpg)
58RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
IPv6 Assignments
• Usual assignment size - /48 for each “site”- End User network- LIR infrastructure (per PoP)- No approval needed
• Smaller size- /64 just one subnet- /128 just one device
• Multiple /48 for very large End Users - Approval needed
![Page 59: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/59.jpg)
59RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
New IPv6 Allocation
• HD ratio = 0.8 usage of previous allocation- 7132 /48s assignments in a /32
• Correct registrations (all /48s registered)
• New allocation’s size: the same as the first- Resulting in IPv6 prefix one bit shorter- Or bigger if justified (sufficient for two years)
![Page 60: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/60.jpg)
60RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
Tutorial Summary
• To get the resources you need, use LIRPortal
• To keep your LIR info up-to-date, use LIRPortal
• To register for RIPE NCC courses, use LIRPortal- LIR course- Routing Registry course- DNS for LIRs course
• E-Learning
![Page 61: RIPE NCC LIR Tutorial · 2010. 12. 23. · (End User, downstream ISP or LIR’s own infrastructure)-made from allocation or sub-allocation • Assignment Window -maximum nr of addresses](https://reader036.vdocuments.site/reader036/viewer/2022071502/61224d51ed3283123d24642a/html5/thumbnails/61.jpg)
61RIPE NCC LIR Tutorial RIPE 53, Amsterdam http://www.ripe.net/training/
The End!
FinSfârşit
Ende
KpajKonec
SonFine
Baigti
Einde
Fim
FinisKрай
Koniec
Lõpp
Конeц
KrajVége
Kiнець
Slutt
Loppu
لنهايةاFund
SlánСоңы
Liðugt
Τέλος
Amaia
Tmiem
Endir
Slut
Críochnaithe