1Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net

RIPE Database Operations Update

Shane KerrRIPE NCC

<shane@ripe.net>

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 2

Outline

Statistics

Operations

Developments

Plans

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 3

Facts and Figures

• 1.9 M objects, 42% inetnum, 47% person• 28 q/s on average, spikes of 200 q/s• 2.3 updates/min, 61% inetnum, 28% person

Object counts, query loads, etc. available on-line:

http://www.ripe.net/db/dbconstat

http://www.ripe.net/db/mrtg/whois.html

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 4

Database ContentsHistorical

0

1000000

2000000

3000000

4000000

5000000

6000000

person/role

domain

inetnum

other

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 5

Database ContentsRecent “Big Movers”

24%

15%

13%

9%

6%6%

4%3%

3%

3%

3%2%

2%

2%

2%

1%

0%

10%

irt (+6)

rtr-set (+1)

inet6num (+305)

filter-set (+4)

key-cert (+157)

route-set (+32)

peering-set (+6)

as-set (+161)

inetnum (+43972)

mntner (+442)

route (+1309)

aut-num (+278)

domain (+6571)

person/role (+32905)

limerick (+4)

inet-rtr (+2)

as-block (-1)

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 6

Updates by Method

0

1000

2000

3000

4000

5000

6000

7000

8000

2003

-02-

01

2003

-02-

08

2003

-02-

15

2003

-02-

22

2003

-03-

01

2003

-03-

08

2003

-03-

15

2003

-03-

22

2003

-03-

29

2003

-04-

05

2003

-04-

12

2003

-04-

19

2003

-04-

26

Nu

mb

er

of

Up

da

tes

DIRECT

SYNC

MAIL

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 7

Synchronous Update Usage

0

5

10

15

20

25

30

35

40

45

50

20

03

-02

-01

20

03

-02

-08

20

03

-02

-15

20

03

-02

-22

20

03

-03

-01

20

03

-03

-08

20

03

-03

-15

20

03

-03

-22

20

03

-03

-29

20

03

-04

-05

20

03

-04

-12

20

03

-04

-19

20

03

-04

-26

Pe

rce

nta

ge

of

Up

da

tes

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 8

How Many Queries are There?

0

500000

1000000

1500000

2000000

2500000

3000000

3500000

4000000

4500000

0

10

20

30

40

50

60

Number of Queries Queries/Second

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 9

What are the Queries For?

Query Types 2003-02-01 to 2003-04-30

59%

4%

18%

19%

IP

Domain

Domain Referral

Other

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 10

What are Queries Returning?

0

1000000

2000000

3000000

4000000

5000000

6000000

7000000

8000000

9000000

10000000

Private Objects

Public Objects

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 11

Where are the Queries From?

Unique IP's for Whois Queries/Day

0

10000

20000

30000

40000

50000

60000

70000

80000

2003

-02-

0120

03-0

2-08

2003

-02-

1520

03-0

2-22

2003

-03-

0120

03-0

3-08

2003

-03-

1520

03-0

3-22

2003

-03-

2920

03-0

4-05

2003

-04-

1220

03-0

4-19

2003

-04-

26

Real + Proxy IP

Real IP

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 12

Outline

Statistics ✓

Operations

Developments

Plans

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 13

Database Operations

• Smooth sailing– average response time is well below 1 second– load approximately 70% higher than last year

• New ARIN mirroring scheme next week– Use difference to generate NRTM, rather than full load– No down-time, includes allocations and assignments

• Tertiary (i.e. off-site) server in planning phases– Withstand catastrophic, city-wide failures– Manual failover by updating DNS for whois.ripe.net– Part of larger project to increase critical service reliability

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 14

How Responsive is the Server?Q

uery

tim

e in

sec

onds

(log

arith

mic

)

InnoDB table type goes on-line

Desktop Upgrade

Unoptimised MySQL

RIPE NCC DDoS

Dom

ain mining (heavy referrals)

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 15

Unreferenced Person Cleanup

• Protect privacy of users– Person objects remain undeleted when contacts change

• Person objects unreferenced for 90 will be deleted– A modify of the object “resets” the counter

• E-mail sent after 60 days – Limit to 2000/day to avoid overwhelming users & server

• Deletions begin 29 May 2003

http://www.ripe.net/db/unref-cleanup-200304.html

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 16

IPv6 query proxy status

• Operational issues resolved– Solaris patches and move to Sun box– DNS update hid AAAA record for 10 days– Moving to standard monitoring and failover

• Source code public release made• 90% of queries come from only 7 IP addresses• Still see more 6bone than RIR addresses

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 17

RIPE Database Administration

Can Bican

Engin Gündüz

Tiago Antao

Katie Petrusha

Denis Walker

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 18

Recent RIPE DBM Activity

• Tickets, tickets, tickets– About 90/day

• Spam becoming a larger problem– Planning move to SpamAssassin– Will reply if filtered – no e-mails dropped!

• Hostmaster taking over 20% of RIPE DBM– Closer co-ordination between groups

• ripe-dbm@ripe.net is an open, general help mailbox

Please e-mail Questions or Problems!

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 19

ERX Update

• 4 /8’s transferred– 141.0.0.0/8 and 151.0.0.0/8, RIPE NCC-majority– 150.0.0.0/8 and 163.0.0.0/8, APNIC-majority– Multiple transfers, with overlapping start/end dates

• One more trial to finalise processing• “Long burn” scheduled to start afterwards

– No large issues– Complete ordering, tentative scheduling TBD

• Moving to regular RIPE DBM and HM activity

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 20

Outline

Statistics ✓

Operations ✓

Developments

Plans

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 21

New Update Processing

• Improved acknowledgement messages• Software maintenance eased• Presentations at RIPE 45:

– Developer POV at Tools Working Group – User POV at Database Working Group

http://www.ripe.net/db/dbupdate/

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 22

RPSLng

• IPv6 and multicast RPSL objects• Prototype server on-line

– Based on last RPSLng draft– Throw-away copy of RIPE Database– Latest draft to be integrated Real Soon Now

• IRRToolSet changes– More complicated than server changes– Coming soon!

http://www.ripe.net/ripencc/pub-services/db/rpslng/

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 23

Semantic Changes

• Lots of mostly minor changes proposed:– default to protected inetnum/inet6num/domain– notification for more-specific– removal of cross notifications– "reclaim:"-like functionality– "mnt-lower:" on set objects

• Little discussion• Will be on-line soon

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 24

Outline

Statistics ✓

Operations ✓

Developments ✓

Plans

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 25

Future Plans

• RPSLng IRRToolSet support

• Update processing semantic changes

• “status:” attribute changes?

• Deprecating NONE?

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 26

PKI

• Draft RIPE document, Improved Secure Communication System for RIPE NCC Members

• LIR-Portal ready, time for Database integration• New features needed:

– X.509 authentication– Proxy authentication

• Proposals coming to mailing list

Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 27

Outline

Statistics ✓

Operations ✓

Developments ✓

Plans ✓

28Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net