On Thu, 15 Sep 2022, Nick Hilliard via db-wg wrote:
denis walker via db-wg wrote on 13/09/2022 14:16:
I was struggling to know exactly what is meant by the phrase "using the RIPE Database as an IPAM solution".
Hi, I had the exact same problem :-)
the dbtf interpreted this as something along the lines of: "using the RIPE Database as the canonical reference for the holder's internal address assignments".
Hmmm. i guess that is still open for interpretation... When the LIR admin distributes some space for department A or department B, we currently don't reflect that on the RIPEdb. However, the RIPEdb is still the source of truth for assignments, which are made to our members (i.e. "customers" in the commercial universe).
The difficulty here is that the ripe db wasn't really designed to be granular enough, or private, or extensible enough, to suit the requirements of LIRs and other DB consumers for generic IPAM functionality. Separate to this, because it's a public database, there is no way of not exposing potentially confidential data. On the other hand, IPAM software suites are built for these purposes.
I've struggled as a CSIRT about point-to-point (back-to-back) subnets. I need to be able to tell the world which IP is ours (the service provider) and which IP is managed by the member/customer (so i can associate the appropriate org and thus the abuse-c).
Ultimately, people need to use tools that are fit for purpose. You can knock in a nail with a pliers, but that doesn't make it the best tool for hammering. Nor does it make it pliers any less useful as a type of tool. We're in the same territory here with the RIPE DB and purpose-built IPAM systems.
And you shouldn't expect anyone to use the best tools always, nor manage stuff in the way you think is the most effective way for you. :-) Cheers, Carlos
Nick
--
To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/db-wg