- db-wg - mailman.ripe.net

Re: Problems with putting a bl (futur as) in a block
by Marten Terpstra 22 Apr '93

22 Apr '93

farrache(a)ccpnxt5.in2p3.fr (Gilles Farrache) writes: * * If I have (or you or anyone else) to ask a NIC (Italien or not) to modify a * * block for routing problems it is completly illogical. In fact we decide to * put a bl flag manage by the routing operator in order to be able not to * depend on national NICS, so if to split a block for routing problems we have * * to ask the national NIC, what has been put in place is completly useless. Gilles, The flags are controlled by guardians, but should only be put in a network number on request of one of the contact persons of a network (or the organisation that represents them). This same person or organisation controls the data in the database. If they decide to put a block in the database, they make clear that they want the block treated as one unit. If they then want to have some of these nets routed seperately or have different information for these nets, THEY are responsible for splitting the block, not you. They have the control over their data in the database, and can change it themselves. The fact that a national NIC (like GARR NIS) manages the data, does not mean that they control the data. The responsible for a network can still change the data themselves, although the GARR NIS would like to get these changes as well to keep their own database in sync with the RIPE database. It is not that ONLY the GARR NIS (or any other NIC, just using GARR NIS as an example) can change the data, by no means. -Marten

1 0

Proposed agenda DB-WG for the RIPE Mtg
by Wilfried Woeber, UniVie/ACOnet, +43 1 436111 355 20 Apr '93

20 Apr '93

Raw proposal for the DB-WG meeting in Amsterdam. I'd like to have a 1.5 hour slot allocated. Any comments/additions welcome! Wilfried. ________________________________________________________________________________ RIPE Database WG Proposed agenda for RIPE 15 meeting - Review of recently introduced and proposed DB objects - Review of basic documents describing the DB objects and operational procedures. - Discussion of requests from other WGs - AoB ________________________________________________________________________________

1 0

193.in-addr.arpa procedures V1.3
by Marten Terpstra 29 Mar '93

29 Mar '93

Folks, One last go. I think we folded in most of the comments from Blaso and others. We have included the procedures for single class C reverse zones, not via block zones. We are already doing our first trials with block delegations, all seems to work fine. Please let's get this document accepted and delegate these blocks. -Marten Guidelines for the delegation of zones in the 193.in-addr.arpa domain Marten Terpstra March 1993 V1.3 Introduction This document describes the procedures for the delegation of authority of zones in the 193.in-addr.arpa domain. As of March 16th 1993 the RIPE NCC has been delegated the authority for the 193.in-addr.arpa domain from the root. Due to the fact that in the 193.x.y address space blocks of 256 class C network numbers are further delegated to local registries , the possibility exists to also delegate the zone for these blocks in the 193.in-addr.arpa domain. This document describes some guidelines and procedures for this type of delegation and the delegation of reverse zones for individual class C networks in 193.x.y. A bit more explained With the assignment of class C network numbers following the CIDR (RFC 1338) model, in which large chunks of the address space are delegated to one region, and within that region blocks of class C network numbers are delegated to service providers and non-provider registries, some hierarchy in the address space is created, similar to the hierarchy in the domain name space. Due to this hierarchy the reverse Domain Name System mapping can also be delegated in a similar model as used for the normal Domain Name System. For instance, the RIPE NCC has been assigned the complete class C address space starting with 193. It is therefore possible to delegate the 193.in-addr.arpa domain completely to the RIPE NCC, instead of each and every reverse mapping in the 193.in-addr.arpa domain to be registered with the INTERNIC. This implies that all 193.in-addr.arpa resistrations will be done by the RIPE NCC. Even better, since service providers receive complete class C network blocks from the RIPE NCC, the RIPE NCC can delegate the reverse registrations for such complete blocks to these local registries. This implies that customers of these service providers no longer have to register their reverse domain mapping with the root, but the service provider have authority over that part of the reverse mapping. This decreases the workload on the INTERNIC and the RIPE NCC, and at the same time increase the service a provider can offer its customers by improve response times for reverse mapping changes . However there are some things that need to be examined a bit more closely to avoid confusion and inconsistencies. These issues are covered in the next section. Procedures for the delegation of direct subdomains of 193.in-addr.arpa 1. A secondary nameserver at ns.ripe.net is mandatory for all blocks of class C network numbers delegated in the 193.in-addr.arpa domain. 2. Because of the increasing importance of correct reverse address mapping, for all delegated blocks a good set of secondaries must be defined. There should be at least 2 nameservers for all blocks delegated, excluding the RIPE NCC secondary. 3. The delegation of a class C block in the 193.in-addr.arpa domain can be requested by sending in a domain object for the RIPE database to <hostmaster(a)ripe.net> with all necessary contact and nameserver information. The RIPE NCC will then forward all current reverse zones inside this block to the registry, and after addition of these by the registry, the NCC will check the working of the reverse server. Once everything is setup properly, the NCC will delegate the block, and submit the database object for inclusion in the database. An example domain object can be found at the end of this document. 4. All reverse servers for blocks must be reachable from the whole of the Internet. In short, all servers must meet similar connectivity requirements as top-level domain servers. 5. Running the reverse server for class C blocks does not imply that one controls that part of the reverse domain, it only implies that one administers that part of the reverse domain. 6. Before adding individual nets, the administrator of a reverse domain must check wether all servers to be added for these nets are indeed setup properly. 7. There are some serious implications when a customer of a service provider that uses address space out of the service provider class C blocks, moves to another service provider. The previous service provider cannot force its ex-customer to change network addresses, and will have to continue to provide the appropriate delegation records for reverse mapping of these addresses, even though it they are no longer belonging to a customer. 8. The registration of the reverse zones for individual class C networks will usually be done by the registry administering the class C block this network has been assigned from. The registry will make the necessary changes to the zone, and update the network objects in the RIPE database for these networks, to reflect the correct "rev-srv" fields. In case the RIPE NCC receives a request for the reverse zone of an individual class C network out of a block that has been delegated, the request will be forwarded to the zone contact for this reverse block. Above procedures are defined to ensure the necessary high availability for the 193 reverse domains, and to minimize confusion. The NCC will ensure fast repsonse times for addition requests, and will in principle update the 193.in-addr.arpa domain at least once per working day. Example domain object to request a block delegation domain: 202.193.in-addr.arpa descr: Pan European Organisations class C block admin-c: Daniel Karrenberg tech-c: Marten Terpstra zone-c: Marten Terpstra nserver: ns.eu.net nserver: sunic.sunet.se nserver: ns.ripe.net changed: marten(a)ripe.net 930319 source: RIPE Procedures for the delegation of individual network zones The registration of the reverse zones for individual class C networks will usually be done by the registry administering the class C block this network has been assigned from. In case the zone corresponding to the class C block has not been delegated, the RIPE NCC will automatically add the reverse nameserver as specified in the "rev-srv" attribute of the RIPE database object for this network, using the following procedures: 1. Because of the increasing importance of correct reverse address mapping, for all delegated networks a good set of secondaries must be defined. There should be at least two nameservers for all networks delegated. 2. The "rev-srv" field should ONLY contain one fully qualified domain name of a nameserver which is authoritative for the reverse zone for this network. 3. At least two reverse servers must be reachable from the whole of the Internet. In short, these servers must meet similar connectivity requirements as top-level domain servers. 4. The checking and addition of the reverse zones for single networks is completely automated at the RIPE NCC. Although we do our best to check the setup of the nameservers, these does not receive the same level of scrutiny as nameservers for blocks of class C network numbers. It is the responsibility of the network contacts to ensure proper operation. 5. Any problems regarding the reverse zones in 193.in-addr.arpa should be directed to <hostmaster(a)ripe.net>. The NCC also suggests that similar procedures are set up for the delegation of reverse zones for individual class C networks from the registries to individual organisations.

4 5

Blocks in 193.in-addr.arpa domain document
by Marten Terpstra 24 Mar '93

24 Mar '93

Folks, Here's the updated document. I was planning on sending this out over the weekend, but forgot the modem cable ;-( Anyway, let's see if we can get agreement on this. Please note that the database specific things I do not want to spend too much on, this should be done at the RIPE meeting. A few more days to comment. Want to start delegating blocks end of the week, and during next week (although I will be at the IETF). -Marten Guidelines for the delegation of class C blocks in the 193.in-addr.arpa domain Marten Terpstra March 1993 V1.1 Introduction This document describes the procedures for the delegation of authority of zones in the 193.in-addr.arpa domain. As of March 16th 1993 the RIPE NCC has been delegated the authority for the 193.in-addr.arpa domain from the root. Due to the fact that in the 193.x.y address space blocks of 256 class C network numbers are further delegated to local registries and national registries, the possibility exists to also delegate the zone for these blocks in the 193.in-addr.arpa domain. This document describes some guidelines and procedures for this type of delegation. A bit more explained With the assignment of class C network numbers following the CIDR (RFC 1338) model, in which large chunks of the address space are delegated to one region, and within that region blocks of class C network numbers are delegated to service providers and national registries, some hierarchy in the address space is created, similar to the hierarchy in the domain name space. Due to this hierarchy the reverse Domain Name System mapping can also be delegated in a similar model as used for the normal Domain Name System. For instance, the RIPE NCC has been delegated the complete class C address space starting with 193. It is therefore possible to delegate the 193.in-addr.arpa domain completely to the RIPE NCC, in stead of each and every reverse mapping in the 193.in-addr.arpa domain to be registered with the INTERNIC. This implies that all 193.in-addr.arpa resistrations will be done by the RIPE NCC. Even better, since service providers receive complete class C network blocks from the RIPE NCC, the RIPE NCC can delegate the reverse registrations for such complete blocks to these local registries. This implies that customers of these service providers no longer have to register their reverse domain mapping with the root, but the service provider have authority over that part of the reverse mapping. This decreases the workload on the INTERNIC and the RIPE NCC, and at the same time increase the service a provider can offer its customers and response times for such additions. However there are some things that need to be examined a bit more closely to avoid confusion and inconsistencies. These issues are covered in the next section. Procedures 1. A secondary nameserver at ns.ripe.net is mandatory for all blocks of class C network numbers delegated in the 193.in-addr.arpa domain. 2. Because of the increasing importance of correct reverse address mapping, for all delegated blocks a good set of secondaries must be defined. There should be at least 2 nameservers for all blocks delegated, excluding the RIPE NCC secondary. 3. The delegation of a class C block in the 193.in-addr.arpa domain can be requested by sending in a domain object for the RIPE database to <hostmaster(a)ripe.net> with all necessary contact and nameserver information. The RIPE NCC will then forward all current reverse zones inside this block to the registry, and after addition by the registry, the NCC will check the working of the reverse server. Once everything is setup properly, the NCC will delegate the block, and submit the database object for inclusion in the database. An example domain object can be at the end of this document. 4. All reverse servers for blocks must be reachable from the whole of the Internet. In short, all servers must meet similar connectivity requirements as top-level domain servers. 5. Running the reverse server for class C blocks does not imply that one controls that part of the reverse domain, it only implies that one administers that part of the reverse domain. 6. Before adding individual nets, the administrator of a reverse domain must check wether all servers to be added for these nets are indeed setup properly. 7. There are some serious implications when a customer of a service provider that uses address space out of the service provider class C blocks, moves to another service provider. The service provider cannot force its ex-customer to change network addresses, and will have to continue to provide the appropriate delegation records for reverse mapping of these addresses, even though it is no longer a customer of his. 8. The registration of the reverse zones for individual class C networks will usually be done by the registry administering the class C block this network has been assigned from. The registry will make the necessary changes to the zone, and update the network objects in the RIPE database for these networks, to reflect the correct "rev-srv" fields. In case the RIPE NCC receives a request for the reverse zone of an individual class C network out of a block that has been delegated, the request will be forwarded to the zone contact for this reverse block. Above procedures are defined to ensure the necessary high availability for the 193 reverse domains, and to minimize confusion. The NCC will ensure fast repsonse times for addition requests, and will in principle update the 193.in-addr.arpa domain at least once per working day. The NCC also suggests that similar procedures are set up for the delegation of reverse zones from the registries to individual organisations. Example domain object to request a block delegation domain: 202.193.in-addr.arpa descr: Pan European Organisations class C block admin-c: Daniel Karrenberg tech-c: Marten Terpstra zone-c: Marten Terpstra nserver: ns.eu.net nserver: sunic.sunet.se nserver: ns.ripe.net changed: marten(a)ripe.net 930319 source: RIPE

3 3

Typos in assignments
by Marten Terpstra 22 Mar '93

22 Mar '93

Dear Registries, We have found that the number of typos made in assignments and database updates is increasing too much lately. Especially mixing 192.x.y and 193.x.y is very popular. Also, we see a lot of 193 assignments send to <ripe-dbm>, and normal updates send in to <assign> We have for that purpose put some more strict checking on entries send in to <assign(a)ripe.net>. For each net that is being send in the <assign(a)ripe.net> we now check whether or not that network is already in the RIPE/MERIT/DDN database. If it is, it will be initially rejected and an error will be send to the NCC staff. The NCC staff will find out whether this is a typo, or just usage of the wrong e-mail address. In the latter case, we will forward the update to ripe-dbm(a)ripe.net, and it will be processed. If however a typo seems to be made, we will contact the person that send in the entry and try to resolve the issue. Long story short: - only NEW 193.x.y assignments to <assign(a)ripe.net> - ALL updates and other new entries to <ripe-dbm(a)ripe.net> -Marten

2 3

Re: 193.in-addr.arpa block delegation procedures (draft)
by Wilfried Woeber, UniVie/ACOnet, +43 1 436111 355 19 Mar '93

19 Mar '93

| * > Another thing would be to create YADO (Yet Another Database Object) for | * > delegated blocks only, but I do not quite like that idea either. | |After some in-house discussion here we would like to following: | |- requests for delegation of a block in 193.in-addr.arpa should be done | by sending in the xxx.193.in-addr.arpa domain object to HOSTMASTER. |- we will then forward all entries that are already in the 193.in-addr.arpa | zone that belong to this block |- we will check that the existing entries are put into the delegated zone. |- we will delegate authority, and pass object to the database |- we will forward any request for reverse registration inside this block | to the zone-c for this reverse block. I like it. |The question about zone-c in the inetnum object and/or removing the rev-srv |field and replace it by an individual net.block.193.in-addr.arpa domain is |something for the database and dns working group. We really would like to get |the block delegation going. I think this is the essential thing. I propose to go ahead _doing_ it. Otherwise I'd even like to suggest a "back to square one" approach for the DB issues. I think we have to back up and figure out/define _what_ we want to organize for _which_ group of people. Generally my feeling is that we should try to - use _existing_ procedures wherever possible without "bending" them - invent new and _simple_ things if there is a need (the KISS principle) - keep the procedure for the "users" as simple as possible. Personally I prefer additional "small" objects that can be cross-checked automatically for consistency against "huge" multi-purpose objects with a lot of options and implied semantics. But that's probably a question of taste... |If noone has strong objections against the above procedure for block |delegation (not the net things), I will update the document and send out a |new version later today (probably tonight). My vote in favour. wilfried. -------------------------------------------------------------------------------- Wilfried Woeber : E-m: Wilfried.Woeber(a)CC.UniVie.ac.at (Internet) Computer Center - ACOnet : Z00WWR01(a)AWIUNI11.BITNET (EARN) Vienna University : [ woeber(a)can.aconet.ada.at (X.400) ] Universitaetsstrasse 7 : [ S O P A C ] A-1010 Vienna, Austria, Europe : Tel: +43 1 436111 355, Fax: +43 1 436111 170 --------------------------------------------------------------------------------

1 0

Re: Use of RIPE DNS registration form
by Marten Terpstra 19 Mar '93

19 Mar '93

Havard Eidnes <Havard.Eidnes(a)runit.sintef.no> writes: * Hi, * * a question has recently arisen concerning the use of the RIPE form for * registering DNS domains in relation to registering names which only have MX * records associated with themselves. In this case, several of the mandatory * fields defined in the RIPE document ripe-49. In particular, we wonder what * we should do about these fields: Questions have been raised before. I have put in some comments given by people: * zone-c: * Should be zone contact of closest parent domain with a separate SOA * record? Why duplicate the information? According to some the zone-c for the closest SOA should be mentioned here. Other suggest that for MX only domains have no zone-c. * nserver: * Same as above? Each domain has a nserver, even an MX only domain. The MX records must be somewhere. This domain has no SOA though. * sub-dom: * Is it really necessary to list the sub-names in use (this also goes * for the general case, but also for the MX-only case) If you wish so. Most people do. Last meeting the DNS working group decided that the first level of useful domain names should be stored in the database, below that is for your own choice. You van in this way restrict the number of objects you have. Most useful level is usually 2, 3 in cases where co, ac and other second level domains are used: Useful: nikhef.nl ulcc.ac.uk ... Database and DNS working group, what say you ? -Marten

3 3

193.in-addr.arpa block delegation procedures (draft)
by Marten Terpstra 19 Mar '93

19 Mar '93

Folks, It seems that the delegation of the 193.in-addr.arpa domain will take place during the root zone update of today. In order to be able to delegate class C blocks in this zone, we have drafted some procedures for this. Please read the paper below and comment within one week. We will finalize this paper next week, and then start delegating blocks of Cs in the domain. Cheers, -Marten Guidelines for the delegation of class C blocks in the 193.in-addr.arpa domain Marten Terpstra March 1993 1.0 Introduction This document describes the procedures for the delegation of authority of zones in the 193.in-addr.arpa domain. As of March 16th 1993 the RIPE NCC has been delegated the authority for the 193.in-addr.arpa domain from the root. Due to the fact that in the 193.x.y address space blocks of 256 class C network numbers are further delegated to local registries and national registries, the possibility exists to also delegate the zone for these blocks in the 193.in-addr.arpa domain. This document describes some guidelines and procedures for this type of delegation. A bit more explained With the assignment of class C network numbers following the CIDR (RFC 1338) model, in which large chunks of the address space are delegated to one region, and within that region blocks of class C network numbers are delegated to service providers and national registries, some hierarchy in the address space is created, similar to the hierarchy in the domain name space. Due to this hierarchy the reverse Domain Name System mapping can also be delegated in a similar model as used for the normal Domain Name System. For instance, the RIPE NCC has been delegated the complete class C address space starting with 193. It is therefore possible to delegate the 193.in-addr.arpa domain completely to the RIPE NCC, in stead of each and every reverse mapping in the 193.in-addr.arpa domain to be registered with the INTERNIC. This implies that all 193.in-addr.arpa resistrations will be done by the RIPE NCC. Even better, since service providers receive complete class C network blocks from the RIPE NCC, the RIPE NCC can delegate the reverse registrations for such complete blocks to these local registries. This implies that customers of these service providers no longer have to register their reverse domain mapping with the root, but the service provider have authority over that part of the reverse mapping. This decreases the workload on the INTERNIC and the RIPE NCC, and at the same time increase the service a provider can offer its customers and response times for such additions. However there are some things that need to be examined a bit more closely to avoid confusion and inconsistencies. These issues are covered in the next section. Procedures 1. A secondary nameserver at ns.ripe.net is mandatory for all blocks of class C network numbers delegated in the 193.in-addr.arpa domain. 2. Because of the increasing importance of correct reverse address mapping, for all delegated blocks a good set of secondaries must be defined. There should be at least 2 nameservers for all blocks delegated, excluding the RIPE NCC secondary. 3. All reverse servers for blocks must be reachable from the whole of the Internet. In short, all servers must meet similar connectivity requirements as top-level domain servers. 4. Running the reverse server for class C blocks does not imply that one controls that part of the reverse domain, it only implies that one administers that part of the reverse domain. 5. Before adding individual nets, the administrator of a reverse domain must check wether all servers to be added for these nets are indeed setup properly. 6. There are some serious implications when a customer of a service provider that uses address space out of the service provider class C blocks, moves to another service provider. The service provider cannot force its ex-customer to change network addresses, and will have to continue to provide the appropriate delegation records for reverse mapping of these addresses, even though it is no longer a customer of his. Above procedures are defined to ensure the necessary high availability for the 193 reverse domains, and to minimize confusion. The NCC will ensure fast repsonse times for addition requests, and will in principle update the 193.in-addr.arpa domain at least once per working day. The NCC also suggests that similar procedures are set up for the delegation of reverse zones from the registries to individual organisations.

1 0

Re: 193.in-addr.arpa block delegation procedures (draft)
by Wilfried Woeber, UniVie/ACOnet, +43 1 436111 355 19 Mar '93

19 Mar '93

> individual nets inside the block... If you really want to put it in the > database, why not send in an object like: > > domain: 204.193.in-addr.arpa > descr: blah > zone-c: <person> > nserver: <first server> > nserver: <second server> > nserver: ns.ripe.net > .... > I'm really in favour of this approach, because it seems to fit nicely into the system and we can access the information with tools that need not have any special knowledge, as Marten pointed out already. Wilfried.

1 0

FYI: 193.in-addr.arpa delegation
by Marten Terpstra 17 Mar '93

17 Mar '93

Folks, the delegation of 193.in-addr.arpa is a fact. % host -vt any 193.in-addr.arpa 193.in-addr.arpa 518400 IN SOA ns.ripe.net hostmaster.ripe.net ( 100010 ;serial (version) 28800 ;refresh period 7200 ;retry refresh time 604800 ;expiration period 518400 ;default ttl ) 193.in-addr.arpa 518400 IN NS ns.ripe.net 193.in-addr.arpa 518400 IN NS ns.eu.net 193.in-addr.arpa 518400 IN NS ns.uu.net 193.in-addr.arpa 518400 IN NS layon.inria.fr 193.in-addr.arpa 518400 IN NS sunic.sunet.se 193.in-addr.arpa 518400 IN NS munnari.oz.au -Marten ------- Forwarded Message Date: Tue, 16 Mar 93 20:06:13 PST From: bobm(a)nic.ddn.mil (Bob McCollum ) To: Marten.Terpstra(a)ripe.net (Marten Terpstra) cc: markk(a)nic.ddn.mil (Mark Kosters), scottw(a)nic.ddn.mil (Scott Williamso n) Subject: Re: 193.in-addr.arpa updated at the NCC > Ready to go ! > > -Marten Marten, The release has gone out. Everything looked ok from our end. We have made internet history. ;^) Please let us know if you see anything unusual! Thanks! Bob Mc ------- End of Forwarded Message

1 0