Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Route6 (RIPE object) and LOA: Help?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Route6 (RIPE object) and LOA: Help?

XIAOSpider97XIAOSpider97 Member
edited March 2016 in Help

Recently I've been doing BGP session and Clouvider told me that I need to create "route6" object in RIPE's DB (My ASN is from RIPE).

And it seems that I still have to create route6 even if the IP block is non-RIPE...

This time, the provider (another) asked for LOA and I gave them the LOA. Then I think I still need to create route6 for this /48...

And I got this...

Your object is still pending authorisation by a maintainer of the route6 object 2605:6400::/32AS20473. Please ask them to confirm, by submitting the same object as outlined below using syncupdates or mail updates, and authenticate it using the maintainer MAINT-AS20473. Click here for more information.

I know 20473 is Choopa (Vultr). I contacted them and they said "We are not the one who sold the IPs to you"...

I really don't know what to do...

Comments

  • For the Route Object you'd need to add the providers/ASN holders maintainer to your inet6num under MNT-ROUTES.

    The provider will then need to create the route6 object.

  • any manuals to learn ? anyone can recommend any books regarding this ?
    I m too interested in learning this.

  • ZappieZappie Member, Host Rep, LIR

    @Caster said:
    any manuals to learn ? anyone can recommend any books regarding this ?
    I m too interested in learning this.

    https://www.youtube.com/user/RIPENCC/videos there are a fair amount of videos where Debbie (the RIPE database robot) explains object creation/modification/deletions and use.

    Else you can read the dense RIPE Database docs: https://www.ripe.net/manage-ips-and-asns/db/support/documentation/ripe-database-documentation

  • NeoXiDNeoXiD Member
    edited March 2016

    I can also highly recommend the RIPE Database Expert Course, which is available completely for free at https://academy.ripe.net/. Introduces you to all concepts, regarding hierarchy, permissions and so on - and even includes nice, little exams at the end of each chapter which will sometimes even be graded by a RIPE teacher/employee.

  • thanks guys ^^
    anything for apnic ?

  • ClouviderClouvider Member, Patron Provider
    edited March 2016

    @XIAOSpider97 while we can update our prefix-list based on LoA not all of our upstreams will do - for example Level3 recently started actively rejecting all updates for IPv6 blocks, based on LoA that are from within EU. They demand the inet6num to be pointed to the particular AS so they can update their prefixes automatically.

    I can see 2605:6400::/32 is @Francisco 's block. I don't know what particular part of this subnet you were looking to announce, so can't check if it's delegated to you in ARIN.

    Perhaps @Francisco can help pointing the block to your AS, if you're allowed to announce it externally ?

    @rmlhhd @Zappie @NeoXiD as this is ARIN block it won't be that easy to setup a route6 in RIPE DB. Perhaps would be easier to simply point the block to AS in ARIN or use RADB (paid option).

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    I'll see what Choopa might've done. It's possible they added a RADB entry that's bugging out.

    Francisco

  • Clouvider said: They demand the inet6num to be pointed to the particular AS so they can update their prefixes automatically.

    I ain't announcing this ARIN block to Cloudvider...

    But... you mean that Level 3 only accepts "route6", not LOAs, while dealing with RIPE blocks?

    Francisco said: I'll see what Choopa might've done. It's possible they added a RADB entry that's bugging out.

    Thank you very much. Mine is fc00, offered by Seamus...

    Clouvider said: as this is ARIN block it won't be that easy to setup a route6 in RIPE DB.

    I don't think either ARIN or RIPE bans usage of ARIN blocks in RIPE ASNs (but not RIPE region)...

  • ClouviderClouvider Member, Patron Provider

    XIAOSpider97 said: I don't think either ARIN or RIPE bans usage of ARIN blocks in RIPE ASNs (but not RIPE region)...

    That's not what I said.

    XIAOSpider97 said: But... you mean that Level 3 only accepts "route6", not LOAs, while dealing with RIPE blocks?

    It is my understanding yes. Level3, which is one of 3 Tier-1's that we use, rejects all our requests for v6 filters updates based solely on the LoA for IPv6 (v4 is a different story).

    In general, LoAs are extremely rarely used in the RIPE region, mainly due to popularity of RIPE DB records and ease of keeping it all automatically up to date.

  • NeoXiDNeoXiD Member
    edited March 2016

    @Clouvider said:
    rmlhhd Zappie NeoXiD as this is ARIN block it won't be that easy to setup a route6 in RIPE DB. Perhaps would be easier to simply point the block to AS in ARIN or use RADB (paid option).

    You probably do not know that you can still use the RIPE Registry as an IRR when either the ASN or your IP space is outside of RIPEs registry. All the required information is listed here: https://labs.ripe.net/Members/denis/using-the-ripe-database-as-an-internet-routing-registry

    If you take a look at 2605:6400::/32 within the RIPE database, you will see that it wraps to the next less-specific block, which is ::/0. This block has RIPE-NCC-RPSL-MNT listed as mnt-routes, a public maintainer whose password is listed within the object itself. ( click me for password )

    Anyone can therefore theoretically create route6 objects for IP blocks outside of RIPEs area. However it seems like Choopa/Vultr has already added a route6 for 2605:6400::/32, so they have to authorize any further exact or more-specific route6 objects, according to this RIPE document.

    RIPE NCC said:
    If a route object with an exact matching address prefix exists, it will be used for authorisation. If this does not exist, one with a less specific prefix is used. If no such route object exists, an address space object (inetnum or inet6num) with an exact matching prefix will be used, otherwise a less specific prefix is used.

  • ClouviderClouvider Member, Patron Provider
    edited March 2016

    @NeoXiD that's correct. However, since the following route6 record exists:

    route6: 2605:6400::/32 descr: Customer Route origin: AS20473 mnt-by: MAINT-AS20473 created: 2015-03-19T15:08:06Z last-modified: 2015-03-19T15:08:06Z source: RIPE

    creating a more specific record without the secondary authentication of MAINT-AS20473 will not be possible.

    That's what I meant by it won't be easy. Choopa has already declined the OP the secondary authentication.

    Edit: Sorry, just saw your edit, definitely agree +1.

Sign In or Register to comment.