Re: 2749 routes AT RISK - Re: TIMELY/IMPORTANT - Approximately 40 hours until potentially significant routing changes (re: Retirement of ARIN Non-Authenticated IRR scheduled for 4 April 2022)

[Jon Lewis <jlewis () lewis org>]

On Mon, 4 Apr 2022, Kenneth Finnegan wrote:

> Howdy All,
>
> While I agree that it might be politically entertaining to let this
> one blow up as a demonstration of how ARIN conducts business, this
> list of networks includes too many small networks who likely don't
> have a savy networking engineering team.
>
> In my opinion, they are not acceptable collateral damage to
> demonstrate ARIN's lack of regard for the community in shutting this
> down without a transition plan for the RPSL objects, so as one of the
> admins for the ALTDB IRR database, I've taken it upon myself to create
> proxy registrations for all of these prefixes in ALTDB.
>
> Like any proxy registration, asset owners are welcome to contact the
> maint POC, and if no response from them, db-admin () altdb net,
> requesting that stale records be deleted, but please also note that
> ALTDB automatically deletes any route objects which conflict with a
> publishes RPKI ROA, so the most effective way to clean up stale IRR
> records is to publish RPKI ROAs for your address space.

Does any other IRR do that?

What does ALTDB do if a route object exists (or multiple route objects 
exist for the same route with different origins) and multiple ROAs exist 
allowing the route to be originated by multiple ASNs?  Technically, some 
of those ROAs would conflict with some route objects.

Are others jumping ship or planning to from ALTDB (no offense intended, 
and grateful for the service you've provided) and other non-auth IRRs like 
RADB due to networks like Tata announcing that they won't honor route 
objects created in non-authoratative IRR DBs after late last year and plan 
to ignore them entirely by late next year?  i.e.

From: https://lg.as6453.net/doc/cust-routing-policy.html

  Special note, deprecation of non-authoritative registries

  Please note that 'route' and 'route6' objects created after 2021-Aug-15
  in non-authoritative registries like RADB, NTTCOM, ALTDB and others
  will not work. Objects created before that date will continue to work till
  2023-Aug-15. It is recommended to create RPKI ROA objects instead. In
  rare cases if that's not possible, 'route' and 'route6' must be created
  in the authoritative registry - AfriNIC, APNIC, ARIN, LACNIC, RIPE, RIPE,
  NIC.br or IDNIC.

Once upon a time, RADB and ALTDB were (at least in my experience) the 
IRR's to use, but it seems now that all the RIRs provide authoratative IRR 
service (and some networks are deprecating the non-auth ones), it's time 
for us to move our records to the appropriate RIR IRRs.

----------------------------------------------------------------------
 Jon Lewis, MCP :)           |  I route
 StackPath, Sr. Neteng       |  therefore you are
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________