ENOG 15: “Why is the Internet still online?”
Hello, Habr! This is both a transcription and a partial translation of the hourly session entitled “Why is the Internet Still Online?” from the fifteenth meeting of the “Eurasian Group of Network Operators”.
Qrator Labs thanks all the participants in the discussion: Alexei Semenyaku, RIPE NCC; Ignas Bagdonas, Equinix; Martina J. Levy, Cloudflare; Alexander Azimov, Qrator Labs and moderator Alexei Uchakin from the LinkmeUp podcast team for permission to publish this text.
Network engineers and researchers participate in this discussion, so the discussion is mainly about cross-domain routing. Video at the end of the publication. Have a good reading.
Alexei Uchakin : Hello everyone, my name is Alexey, LinkmeUp team is the first podcast for signalmen. For me, in fact, a colleague from Qrator Labs talked a lot about how to defend against spoofing, but I would like to talk, in fact, more broadly. Because the Internet is an absolutely decentralized thing and was created, in particular, in order to survive after a nuclear explosion, but, as practice shows, having cheap equipment and not having the right to configure BGP, you can very well break it all. Therefore, today I wanted to discuss with experts how to protect myself from this, how to monitor it and what to do with all this.
Today participating: Alexander Azimov - Qrator Labs, Alex Semenyaka - RIPE NCC, Ignas Bagdonas - Equinix and Martin J. Levy - Cloudflare. Actually, colleagues, the first thing I would like to start with is the first question: how much is the Internet now protected from the fact that a relatively small regional operator will suddenly begin to announce prefixes of conditional Google, Yandex or anyone else. Is there any assessment of how this is now?
Alexander Azimov: Well, then let me begin this sad story, because it is really sad. Unfortunately, large operators, including in Russia, have exceptions, i.e. they sometimes set filters, and sometimes they don’t. I don’t want to poke my finger in the entire large operator market in Russia, but a significant part of those who we consider Tier-1 operators have such exceptions. As a result, those for whom these exceptions are implemented have the opportunity to announce anything, and this already happened. Actually, we watched how Corbin flowed last year, how Vimpelcom flowed. There are those to whom thunder has not yet struck, but there is potential.
Alexei Uchakin : So now everything is very bad, right?
Alexey Semenyaka: So, let's not escalate the degree of suspense - this is probably a little unnecessary. Well, what does it mean bad? Yes, there are holes. Sasha quite rightly said: someone is filtering, someone is not filtering, i.e. everything is at that level. Nevertheless, here we start with the fact that the Internet was built on the principles of, let's say, mutual understanding, and to a sufficient extent it still exists on these principles. It is assumed that this is not only a technical design, but it’s also some companies that employ some people who perform some conscious actions. When a similar thing appears on the Internet, everyone else reacts somehow to the whole thing, something like that. Although, indeed, accidents happen regularly. A wonderful story about trust - when everyone trusted Google, and he took and left Japan ... well, in short, not really with the Internet. The story is again last year, but this is a great example. I would prefer to talk about the technical side, and not about the wording: is everything good / everything is bad. Well, that is, it is somehow too unprofessional approach.
Alexander Azimov : Well, okay, continuing this unprofessional approach, I would ask a question - can a collective trust network not become a network of collective problems when there are 55,000 objects. Speaking about technology, now within the IETF with the feasible participation of Qrator Labs, including including, but not only, the BGP security theme is actively moving. There is hope that the situation will become better precisely from a technical point of view, which will patch up a significant part of the holes in the BGP protocol and make it more secure, especially for beginners. So that they have less opportunity to kill themselves and others.
Alexei Uchakin : Do you still need to issue BGP configuration rights?
Alexei Semenyaka : I think Ignas has something to say.
Ignas Bagdonas: I would, I would say that there are 2 different parts of the problem or 2 groups of problems.
One is those very faces and other things that appear as a result of an error, an unintentional error. Fat, fat fingers - something like that. On the one hand, we are moving towards automation, and it’s kind of, we can say that this will be a solution, but all automation systems work on data. If our data is corrupted or incorrect, it will be the same, only much more efficient.
The other group is specific intentional attacks, and from my point of view, most of these attacks are carried out, and they are successful, only because there is a rather high level in the entire network, let's say directly - a mess. This is operational hygiene, which gives a result only when all participants, or most participants participate in it and do it more or less correctly. This is a matter of education. You are here in this room, you know what filtering is, you know how it works, but you represent a small part of those people who are engaged in technical work and support, and you cannot conclude from this that everyone has the same level of understanding . Of course, there are situations where someone read in a vendor’s documentation that you’ll fill in a team and you will be happy. They do it and get happiness, only in the process of this, they do damage to others, not on purpose and without realizing it. A training issue - it is really important in this situation. I see that this is moving in a good direction, but it is not a quick process.
Alexey Semenyaka: A small remark about education - education is really a completely critical thing here, and just like in the part of the problems that we discussed after Sasha’s report, just now. There is such a clear example that concerns our organization RIPE NCC, we maintain, as you understand and well know, the RIPE DB database. We have routing facilities there, I remember well the time, it was recently - 20 years ago - when the rule of good taste was to build filters according to RIPE DB. Now this is categorically not so - there are organizations that do this at their own peril and risk, but quite a few complain that if you just believe what is written in RIPE DB, you get yourself shooting your legs. We only lead, we are the technical operators of RIPE DB, we cannot force you to write the truth, i.e. no rights, you didn’t give us such rights, you didn’t tell us: “please, make sure that something correct is written there.” And you, in fact, dear participants, write all sorts of rubbish there regularly. Yes, it is a problem of scaling and a problem of education, superimposed on each other. Not because you are stupid or not because you do not have enough education regarding the BGP protocol. No, it's just, really, a mess. You don’t get your hands on this, you don’t have time to figure it out, you don’t understand why this is necessary, and to form a very growing number of participants, this is really a very big challenge, which, in fact, is effective at the moment, in my opinion glance is not solved. This is really a problem of education, but not in the sense of a problem of education that someone could do and not do, it really is not clear how to do it in the context of the growing Internet, a growing number of participants, etc. etc. This is a more or less systemic problem. Martin?
Martin Levy: You brought me down a little from the original topic - I will come back first. I already have gray hair, see? This is because I have been involved in networking for a very long time. And as the basis of the entire Internet, we have protocols that were created long before it acquired its modern scale. Who among those present knows who was the first to offer an Internet connection in Russia? No matter who it was, it is important how many people know it and it is important that you know. And if you needed to pick up the phone and call somewhere - you knew who to call. And who among those present runs ASN and does not know me or does not know other people who raised their hands? The protocol simply cannot keep up with this growth rate. And all that we talked about at previous ENOGs and 10 minutes ago or at other conferences is about one thing. About how to catch up with the growth rate.
There is such a phrase as “permissionless innovation” - existing protocols “did not ask permission” from telecom operators or Internet providers. They were created by the type of people who are here today - and these things work. Much of what you said here is about how to catch up with progress, or what is missing, or what we all need to agree on. Things are philosophical, but I would like to remain mundane. And at this moment I have to say that you are wrong. I will explain: the only way the modern Internet works is to support these route databases, which we are lazy, I will repeat again - lazily we use to prevent someone from interfering with the normal connectivity of the other. Today at lunch, we discussed: I am the owner of a network that someone tried to manipulate no further, than 5 days ago. And although the rout face lasted only 30 or 40 seconds - on Twitter and other social networks, it lasted for several days. So I am having a real, committed interest in convincing you and everyone else present that this is a very important topic. So let me explain where in my opinion you were wrong and why I reacted so. Someone at some point should be responsible for being the owner of such data that would allow to claim a legitimate or illegitimate announcement. Because specifically in this environment “without permission” does not work very well. And since you are an RIR participant in this discussion, I roll back to you and ask: “Is it difficult for you to maintain IRR in a clean and correct state?” It's hard for everyone. Someone should get up and say: “Enough. I will find ways to fix it and do better. ” The second part of my answer is that some of those present will have to start this process and now I will choose you as an RIR for this task. Let's see where this discussion goes further.
Alexey Semenyaka: Firstly, I can not agree with the disagreement because this in no way contradicts what I said. I did not say that our data is absolute nonsense; I spoke about the fact that there are quite a lot of cases when nonsense is written there. Fortunately, not always. The routing part of the database is quite an important part, but somehow it works. Especially where there is enforcement - maintaining the relevance of this data works especially well, especially when it comes to a responsible operator who works with its downlinks. Or almost always it works - these records are relevant for traffic exchange points, because traffic exchange points very carefully monitor what is written in their database. Let's just say for the most part. The mess is there - the mess, unfortunately, is not a point, it is more or less distributed, but, fortunately, this is a problem, not a disaster. Martin, I'm sorry, let's just say this is a stolen continuation of the conversation. I absolutely agree that we should deal with this matter. Sasha just wants to take the microphone from me and say that he is the person who will do this, I understand correctly? But I still agree. Another Sasha from the audience suggests that there is still someone. That's right, but in the Internet community, as we understand the pressure from the RIR does not work. If the RIR just starts to put pressure on the participants and say: “So, well, everyone quickly built up and went in formation” - nothing will happen. The discussion works, the crystallization of the problem works, the creation of, in fact, awareness works. This is the same part of education, in a sense, and when it is completed, the same people appear who we can work with and whom we, as RIR, We will assist in every way. We really have a system that allows us to monitor how what is happening - and we are ready to advance this problem, but we cannot replace the community. We can work with the community - we can, we will be ready, but we cannot replace the community - we cannot create those who will do it.
Alexander Azimov: Let's go back a little bit - we need to find the root of evil after all, and try to prove that it is RIR. Usually, when you add an autonomous system number to your SET, if you are in transit, do you do this for what purpose? In order to provide them with service. Not in order to protect them tomorrow or for everything to work well for them, but for their superiors to add their prefix to SET, and so that everything works further. And how often do you delete from your SET what was added there earlier? Please raise your hand those who do not, or rarely do? (raises her hand) I'll be honest here. (question from the audience: “Quite rarely?”) Yes, from case to case. As a matter of fact, assigning protection to faces, hijacks to AS-SETs, we all mixed up, in fact. This mechanism was developed for another purpose. They are connected, but the user case is different. In this case, in essence, security delegation takes place, since your number can be added by anyone to other players. And structurally correcting the BGP protocol is possible only if, responding to what Martin said, it is only if your security will depend only on your actions. And more from no one. Actually, in my opinion, the protocol and its change should develop in this direction.
Martin Levy : Protocol - it depends only on the data. If the garbage is inside, then the garbage is outside. Rubbish in, rubbish out, that's all.
Alexander Azimov : I'm confused. The problem is that garbage can always be created, but I want to live in a situation where only myself can create garbage for my networks. I will be responsible for creating the garbage. The situation when other players create garbage for my network is deadlock. And, conversely, I want to be responsible for the security of my network.
Martin Levy: I agree with this, I understand, well. Let's then try something new and, on the other hand, approach this issue. Where can I send an invoice or a prepayment request when something arrives on my network? And it comes there - something that I did not ask for, something that went through many players and has no value for me. I can send a lot of payment requests myself, how will I handle all this volume? This is a rhetorical question to some extent, because we know that it cannot exist. But at the same time, this is an excellent argument against this. We are all in the same boat right now because of the limited number and quality of filters. And this is a fairly large amount of traffic that might not exist. We can also discuss this not in terms of data,
Alexei Uchakin : Well, that's another question. But we have a RIPE DB, we have a database of other LIRs, and we give an honest pioneer that we will behave ourselves and write the correct data there. And how to protect yourself from spoofing - from the fact that we can announce someone else’s autonomy number and with the same addresses valid for this autonomy, but for some of our purposes. Can BGPSec c RPKI help us somehow or something like that?
Alexander Azimov : BGPSec can not help us, sorry.
Alexey Uchakin : That is, it will be, as with DNSSec, that the idea is good, but no one is applying?
Alexey Semenyaka: I think that about BGPSec we should ask the representative of the future, that is, Ignas. That's who is responsible for the future, we are talking about the present. BGPSec has no plans to support any vendor. I'm not talking about hardware - so far no vendor has added a roadmap. We people who are more or less relevant to BGPSec will probably find it difficult to discuss. In an ideal world, imagine that we have RPKI, there is an absolutely accurate database, and everyone validates everything - everyone checks the RPKI, and everyone checks to see if it comes to what they see in the database. Then everything will work. I doubt it was a question - but I agree that in an ideal world everything will work.
Alexei Uchakin : And if not perfect?
Alexey Semenyaka: And if in reality, then it will not.
Alexey Uchakin : Why then in general RPKI?
Ignas Bagdonas: I, as one looking at the future, will answer briefly: "The future will be bright." But until this moment comes there will be a lot of darkness, a mess and other things. BGPSec and other related business? Nothing wrong with the academic community, BGPSec, for the most part, is an academic experiment. Yes, it looks like it is full, theoretically it can work and theoretically it can solve the problems that were imposed on it, but if we look from the practical side, then everything looks a little different. A very simple aspect: if, for example, performance tests were done, simple performance, how quickly validation works. If I can validate 50 prefix updates per second, I get full feed. It will take me a lot longer to complete the process, and during this time half of everything will change several times already. Yes, this is an almost perfect all-resolving mechanism. Do we need him? Probably. On the other hand, if we had a mechanism that would solve at least 80% of everything, well, 85%, well, at least 85.5% of the problems that we have practical, but did not work in some difficult and exceptional cases . I think that such a mechanism and approach would be much more practical, and vendors would implement it all and use it all. Speaking from the side of the vendors, their answer is very simple: “Are you ready to pay as much as it will cost when we do it, as a product?” And the answer from the same operators is very unobvious. I heard someone said “yes” in the hall, but many say “of course not.” “Do not even think about it - this is your problem, you will realize it, we will buy your platform, otherwise what does she do - why should we pay something? We just think that this should be all. ” It turns out a vicious circle. Yes, we have all the protocols, all the mechanics and other things. We have databases - they are garbage. If we put all this together, then the solution is as it were, but it cannot work purely technically when all the components are connected together. And even if it can work, with the data that is in the system, again there will be no positive result. This is such a cycle and it is not very obvious how to get out of this. Yes, the IETF and other organizations have been working on BGPSec for more than a decade, and it turns out that a lot of people gave a lot of time and effort, and it turned out some kind of semi-finished product, if I may say so, which seems to work, but it cannot be used. What to do now? Try to bring BGPSec to the mind,
Martin Levy : If you take into account the 50 seconds that you named, you get about 4-5 hours to validate the full table, which is simply unacceptable if you are an operator.
Ignas Bagdonas : Yes, yes. This is the data that was obtained at the IETF - BGPSec performance tests were conducted there on modern equipment.
Alexey Semenyaka: Modern equipment! There was a question that did not receive an answer. I will briefly say. I absolutely agree with what Ignas said about the fact that if you can filter out a large number of some simple cases, this is very useful to do. Finding a silver bullet is not a method in the industry, it doesn’t work that way. Practical approaches work. The story about RPKI is exactly this story. This is a story to filter out cases that are caused by thick finger syndrome. Of course, an attacker doesn’t cost to bypass RPKI protection, approximately, nothing. But in the vast majority of cases, people who measure it, who know the numbers, are sitting on my left and right. I will now hand over the microphone to Sasha Azimov, Martin, I think, will also comment on this. The number of incidents that we see in the BGP protocol and which is caused by the syndrome of "thick fingers" is huge. If it is possible to reduce it, then this should be done. As a matter of fact, it was precisely this approach that underpinned RPKI - it was not a silver bullet and not an attempt to protect integrity from an attacker, i.e. a person who is trying to do something on purpose. But, in any case, if you need to sort out a whole garbage container or a small box to search for something, some evidence, then the second case is much simpler. This, in particular, can help in identifying cases when something is done intentionally, if, nevertheless, the number of unintentional cases in our country will decrease, because in the current heap they are very difficult to see. Attribution of some routing attacks has begun recently. I am sure that they were before, but some proven cases of attribution, they are quite new. When it was clear that yes, it was a routing attack, which was really carried out by malefactors and they got such and such. In recent years, there are already n-th cases, and before that it was only at the level of suspicion, for the most part.
Alexander Azimov: I will continue what Alexey and Martin said. Recently, they began to accuse me that I have a very depressing look at BGP. This is probably partly true. However, this year there was an event that, in my opinion, will be very, very significant for the industry. For many years, there have been attempts to launch ROA validation, what we call RPKI, massively. Why is it important? Because it cannot solve the problem of faces, it cannot solve the problem of malicious activity - it only solves the problem of accidental hijacks. This solves the problem of the same static leak that happens all the time. What happened in Russia not so long ago, what Cloudflare is now hooked to with their DNS service, fortunately, is not for long. And this is a way to fight. And the good news is not that RPKI itself has been released for quite some time. The problem is not only that an anomaly occurs, but that it spreads. If the anomaly does not spread, the level of disaster will decrease dramatically. And, finally, the good news, in fact, is that major European IXs, such as MSK-IX, including DEC-IX, including AMS-IX, are going to start dropping invalid routes in the near future, according to the ROA. What does it mean? This means that if you sign your address space, that is, think about your own security, you will increase the chances that the next time an anomaly occurs somewhere, it will not take away all or a significant percentage of your traffic, but it may be localized. Therefore, I highly recommend that you sign your address space - it’s not difficult. Today with Alexei Semenyaka after this section we will do a work shop and try to help those who have technical questions, how to do it. Yes, we will work here exclusively for the RIPE region. In fact, RIPE did a great job and it’s very, very easy to do, it took me 10 minutes. I think that you will cope faster.
Alexey Semenyaka : In any case, workshop is for those who can go to the LIR portal. If you do not have access to your LIR portal, I'm sorry. You can come too, but then you will only have to watch from behind, unfortunately. For those who have access to the LIR portal - this is an opportunity to do it right today, now, here.
Martin Levy : I have no choice but to support - this is the right direction. Update for you - AMS-IX now 100% filters announcements according to RPKI, two weeks like. All IX-operators, those who maintain the route database in their IX, should also learn about this. You can do this by the example of AMS-IX - first, collect and analyze the software softly, and then implement the filtering in hardware on the RPKI and RIR data.
Alexander Azimov: This is just great news! It is one thing to say that they will only be, and another when it has already begun. There is still an important point that, along with the beginning of active use, there is experience in the operational use of ROA validation. Accordingly, after the IXs, after the first mistakes are made, the transit will begin to catch up - I really want to believe in it.
Martin Levy: And this is a key point. You invited people to study and said that it’s easy. Let me show you the other side. For each network in this region that uses transit providers that in some way have peering in other cities in Europe, such as Amsterdam, Frankfurt or London ... I will talk about Amsterdam now, because I believe that any large network connects to Amsterdam at some point. If such a network does not have a valid IRR record or, more importantly, an RPKI record, then the route will not go through the route server. That is why you will not get the optimal traffic path. Today you can go through Frankfurt, but that will change soon. Someone here in the audience might probably say “when.” Maybe traffic will go through London, Warsaw - this is already a trend. Even if we have only one additional point, we can already say that this is a trend. And, thus, getting accurate data on routes in the interests of such a network is much more now than it was 2 weeks ago. I hope that this will continue in the future, but the motivation to say: “Hey, it's simple, come and we will show” - this is one thing. In my opinion, it would be better if you say: "If you do not come to the master class, your network will not work efficiently enough."
Alexander Azimov : And in general, it is always good when we have motivation. I'm afraid Martin will not understand this joke, but when we have carrots both in front and behind. In our region, this works especially well.
Alexei Uchakin : Well, then this question: do I understand correctly that basically the same RPKI and ROA validation and everything else is already such an inevitable thing? The BGP protocol, it was originally trust-based and, initially, it grew so fast, in fact, because the protocol is based on trusting each other, that community members trust each other. And now we are talking about things that generally restrict freedom, so to speak. Will this not be a brake on the development of the Internet in general, or is it a direct necessity, a necessity that has long been time?
Alexey Semenyaka: Tell me, do door locks greatly restrict people from visiting each other?
Alexey Uchakin : No, well, I understand.
Alexey Semenyaka: Well, this is exactly what we are talking about. About the mechanisms that do not interfere with the people who are normal activity, to build networks. What we are discussing is fairly cheap technology. BGPSec and what Ignas said is in the future, but for the present it is too heavy technology. What we are discussing now is cheap technology that is similar to a door lock. Yes, in order to visit us, we need, firstly, to get out here, that is, open the castle, close the castle, come, call the castle - there they will open us, then they will close us. It's cheap compared to the whole trip history, right? As for the inevitability - I would like to believe. Excuse me, Arno Dniper, is he in the audience now, or is he absent? He, as a representative of DE-CIX would like to know, have any plans? Not? Well, MSK-IX, they are definitely here. MSK-IX say
Alexander Ilyin , Technical Director of MSK-IX: We have been conducting these experiments since last year, it’s just that our task is to work out all this correctly, not only from the point of view of validation, but also what to do with those who either signed incorrectly or did not sign at all. We want to make a toolkit that would immediately carry out explanatory work with them, as we are now doing for any errors that we encounter in route objects. If there is any discrepancy now, then a letter will automatically be sent immediately with a request to correct this matter. In particular, the other day we even found a loop in the AS-SET description of the participants, that is, such things are quite important. This, in my opinion, is no less important than validating - also conducting explanatory work with those who do not, or do wrong.
Alexey Semenyaka: Just a question about the accuracy of information in RIPE DB. Thanks a lot. Here we are witnessing a story when there is someone to control, where it is controlled - there accuracy is somehow ensured. Due to, in particular, these mechanisms that are locally available, they greatly help the accuracy of routing parts of RIR databases. Yes, the approach here, of course, should be more systematic, in my opinion. In my opinion, about the “how inevitable it is” - I think that penetration will increase, but to expect that in the next 1-3 years this technology will get penetration close to 100%, this is very naive.
Martin Levy: Yes, close to 100% - unlikely, no need to even aim. I can only say good things about the MSK-IX. This is a difficult journey - you know, and I know, but if you do not start, you will never see how this path ends and where it leads. In reality, returning to the very early parts of the conversation that it was once very easy for a network to join a global community, it has now become much more difficult. At the end of 1990 when you first set up BGP, it was so easy and, in most cases, it just announced and works, and now we have grown up and this “naive child" should grow up and start building much more complex systems. Exchanges of traffic exchange, in large portions of it, are important portals to the network and at the same time a test. If you, for example, as a participant in IX, you receive a letter where they tell you: "Your routing here is not very correct, the base of paths or RPKI settings." It’s very easy to do that today. You see errors or you see success. In this case, you generally have good chances for effective communication with the audience. At large traffic exchange points, this is as important as at small - sometimes small ones, simply because of the scale, where it is easier to contact all participants in the exchange. But let's roll back a little bit and talk about technology. I have not yet had a chance to say what I think about BGPSec, but Ignace expressed himself quite fully. This is an excellent academic protocol, but as a network operator, I will never use it - it is too complex and not built for real operators, but as an academic exercise. So now, as a community, we need to come to an understanding of what will be the next thing, which we will do at the IETF. We have only one problem - lack of time. RPKI is already ten years old, counting from the first drafts - at the end of this year it will be 10. Now we don’t have ten years to make improvements - we need to somehow cope with the problems using what is available. I already said this a little earlier, perhaps in an ironic tone, now I will repeat it seriously: “This is worth something to us all,” such an approach. There are standard methods of counting for ecommerce, let's say you are a bank or a payment operator, you go online and are unavailable for 5 minutes. These are absolutely real losses, in any currency, anywhere in the world - this is money. This is where our need grows, as a community of network engineers, to realize that today the Internet is no longer that harmless playground, what she was 30 with a little years ago. Now it contains almost all people around the world, almost all companies in the world. We can no longer behave playfully in it - we need to become more serious, explaining to consumers why something was disconnected for 5 minutes. But we, it turns out, do not want to do this.
Ignas Bagdonas: Regarding 100% and the desire for 100%. Is it necessary and is it evil? Suppose we are trying to solve a problem with BGPSec or make a new BGPSec that solves 100% of the problems that are imposed on it. But will it not work out for us the same thing that we already have, also functioning similarly? Not at all obvious. If there was a mechanism that solves most, well, 80%, fundamental problems, but what remains is solved somehow. But, if this were the case in the entire global network, let's call it the “critical mass” that most of the players on the network do validation, filtering - in general, do the operational hygiene that needs to be observed - this would greatly reduce the chance of problems and those who do not do this. And attacks, they would be more localized potentially with less threat, with less harm and other deeds. Another comment about the changes in BGP protocols, architectures and other matters: the current Internet, it is too large to be able to change anything without breaking everything else. Yes, 30 years ago, you could replace BGP with something else that solves all the problems. Firstly, at that time we did not know, did not even foresee all these problems. Secondly, now replacing BGP with something else doesn’t seem feasible to me personally due to the fact that we rely too much on BGP. at that time we did not know, did not even foresee all these problems. Secondly, now replacing BGP with something else doesn’t seem feasible to me personally due to the fact that we rely too much on BGP. at that time we did not know, did not even foresee all these problems. Secondly, now replacing BGP with something else doesn’t seem feasible to me personally due to the fact that we rely too much on BGP.
Alexei Uchakin : What to do with those who do not have objects in RIPE? My uplink works in Europe, but it does not have any objects in RIPE DB - it does not use it as an alternative database. What to do with those who for various reasons do not use RIPE DB?
Martin Levy : How is the name and shame in Russian? "Name and shame." Because this is the easiest answer to this. We must use the community, convince the community of the need for improvement. This is a collective Internet - point a finger to someone who is ashamed. Perhaps this is the only correct way to move forward - to voice who is bad and who is good, and how to comply.
Alexander Azimov : A counter-question: is your superior operator from the European region?
Alexey Uchakin: Well, formally, yes, but it works both in Europe and in America.
Alexander Azimov : No, he has no objects at all? Or does it have no objects in RIPE DB?
Alexei Uchakin : He has an object in AS, but no route objects in RIPE DB.
Alexander Azimov : Does he have objects in other bases?
Alexey Uchakin : At RADB.
Alexander Azimov : Well then, this is, in fact, not as dramatic a situation as it seemed at first glance.
Alexei Uchakin : No, he just doesn’t use RIPE DB.
Alexander Azimov: RIPE DB is remarkable for having authorization. It has authorization only for members. There is no authorization for any external networks. It turns out, in fact, the same inscription on the fence - create objects of any kind, anyone, and so on. And this discussion is going on at RIPE meetings within the framework of database groups: “What should we do with foreign objects?”, Continues now. We agreed to label them at least separately, so that it was immediately clear that these objects should not be trusted as much as the rest. But RADB ... in a situation where different registrars in different regions have different rules of what is and what is not, but there is such a large and fast-growing region as LACNIC, where there are no route objects at all, RADB is a blessing. And the presence of objects there - well, well, let there be objects there. Definitely better than nothing.
Alexei Semenyaka : The question was first to me, then I am very pleased to see exactly what is an ideal example of the interaction of the community and RIR. At first, the community tore out the microphone and said: “What are you, you fool at all?” And then I, like RIR, can take a microphone and say: "Yes, I totally agree." In general, it would be nice to ask a question, for what reason those objects that belong to the RIPE region - why they are not in RIPE DB. Is this a religious reason, or why?
Alexei Uchakin : This is just from their experience that a lot of garbage is written in RIPE DB, and they simply do not trust him.
Alexey Semenyaka : Wait, i.e. they don’t trust themselves?
Alexei Uchakin : No, they do not trust RIPE DB.
Alexey Semenyaka: Look, the position "I do not write anything to my object, because I do not trust RIPE DB" - it sounds schizophrenic, honestly.
Alexei Uchakin : I don’t want to speak for another now, but as it is.
Alexei Semenyaka : Let’s postpone this discussion now, but it would be nice to sit down, maybe call us and discuss together how it happens. This is a subject for discussion, but not for the entire audience.
Alexei Uchakin : Another second point: should the RIR monitor the intercepts and the proper use of objects in its region, or should this set a note to BGPMon, Qrator.Radar, to anyone else?
Alexey Semenyaka: Well, look. Exactly what I said, we must do what our members, in fact, entrusted to us. Roughly speaking, what we do is worth some kind of money, this money is somehow taken into account by the membership - we bear some responsibility. We, as the RIR, see that this problem is hot, and we are ready to expand our activities in this direction. It requires, let’s say, warming up the community and some kind of reaction from our working groups, from our membership, who will say: “Yes guys, this is an important issue - let’s you work more here. We - your members - agree that you will spend money on this. We, the working group, are ready to create appropriate policies for this. ” And we are ready. But here it cannot be the voice of one crying in the desert, it cannot be the RIR organization, the organization of 150 people, RIPE NCC, which is registered in Dutch law, which suddenly begins to do everything and it turns out. This will not work.
Alexei Uchakin : Okay, then, in general, my topics are over, maybe someone from the audience has questions?