New Version of the RIPE Database RPSL implementation
New Version of the RIPE Database RPSL implementation and status of RIPE DBv 3 Andrei Robachevsky RIPE NCC <andrei@ripe. net> Andrei Robachevsky . 13 th APNIC Open Policy Meeting, March 2002, Bangkok . 1 http: //www. ripe. net
Outline • Current status of the RIPE Database • New database system • Database related projects Andrei Robachevsky . 13 th APNIC Open Policy Meeting, March 2002, Bangkok . 2 http: //www. ripe. net
RIPE Database in figures Database Growth Database Contents inetnum +38, 000 person +50, 000 route - 2, 000 Update Rate 2 - 4 upd/min 60% inetnum Query Rate 1, 4 M objects domai n inetnu m perso n 15 queries/s avg. 60% IP lookups Andrei Robachevsky . 13 th APNIC Open Policy Meeting, March 2002, Bangkok . 3 http: //www. ripe. net
Database Contents Before *. de migration June 2000 RIPE-39 inetnum +38, 000 May 2001 person +50, 000 route - 2, 000 After PN removal Sept. 2001 Andrei Robachevsky . 13 th APNIC Open Policy Meeting, March 2002, Bangkok . 4 http: //www. ripe. net
Query by type (%) 60% Andrei Robachevsky . 13 th APNIC Open Policy Meeting, March 2002, Bangkok . 5 http: //www. ripe. net
Query by type (q/s) Andrei Robachevsky . 13 th APNIC Open Policy Meeting, March 2002, Bangkok . 6 http: //www. ripe. net
Update by object type weekly average, upd/min pn removal Andrei Robachevsky . 13 th APNIC Open Policy Meeting, March 2002, Bangkok . 7 http: //www. ripe. net
Update by type (%) Andrei Robachevsky . 13 th APNIC Open Policy Meeting, March 2002, Bangkok . 8 http: //www. ripe. net
V 3 Database System • Functionality • Architecture • Performance • New features (3. 1. 0) Andrei Robachevsky . 13 th APNIC Open Policy Meeting, March 2002, Bangkok . 9 http: //www. ripe. net
New version of the RIPE Database • Supports IR and RR • domain registry support is limited • Supports RPSL (RFC 2622) • Extended syntax • New objects and attributes • Supports RPSS (RFC 2725) • New authorisation rules • Supports IRRTool. Set (RATool. Set) • Rt. Config -protocol ripe Andrei Robachevsky . 13 th APNIC Open Policy Meeting, March 2002, Bangkok . 10 http: //www. ripe. net
Security features • Provides strong security mechanisms • • Protection of individual objects Protection of IP address space Protection of ASN space Protection of route space Protection of set membership Protection of hierarchical set names Protection of domain object space • 4 supported authentication schemes • GPG public keys are supported Andrei Robachevsky . 13 th APNIC Open Policy Meeting, March 2002, Bangkok . 11 http: //www. ripe. net
V 3 software • Mainly in C, multithreaded • CPU: 70% idle • RDBMS as a back-end • My. SQL, customised transaction support • In-memory radix tree for IP lookups • also more and less specific lookups for reverse delegation domains • MIME and GPG support • correct PGP keys are also accepted • Automatic access control • separate accounting for public and contact data Andrei Robachevsky . 13 th APNIC Open Policy Meeting, March 2002, Bangkok . 12 http: //www. ripe. net
Server architecture (I) Message queues Syntax checks, acks, notifications queries Queue rules RDBMS Update FE Core Server E-mail Update FE NRTM clients Mirror Server RDBMS Andrei Robachevsky . 13 th APNIC Open Policy Meeting, March 2002, Bangkok . 13 http: //www. ripe. net
Server architecture (II) Andrei Robachevsky . 13 th APNIC Open Policy Meeting, March 2002, Bangkok . 14 http: //www. ripe. net
Query Performance (I) Query rate, q/s 70 V 3 operational zone V 3 V 2 operational zone V 2 18 Andrei Robachevsky . 13 th APNIC Open Policy Meeting, March 2002, Bangkok # of concurrent clients. http: //www. ripe. net 15
Query Performance (II) Response time, s V 3 operational zone V 3 V 2 1. 4 V 2 operational zone 0. 2 Andrei Robachevsky . 13 th APNIC Open Policy Meeting, March 2002, Bangkok # of concurrent clients. http: //www. ripe. net 16
V 3. 1. 0 New Features • RPSL object library • used by the core and front-end subsystems • replaces inherited RAToolset code • consolidates object and attribute definitions • irt object representing CSIRT • “mnt-irt: ” attribute to reference a CSIRT from inet[6]num • -c flag to search for the CSIRT in charge • New status value for inetnum objects • facilitates LIR’s IP address management Andrei Robachevsky . 13 th APNIC Open Policy Meeting, March 2002, Bangkok . 17 http: //www. ripe. net
Future Plans • Authorisation checks across multiple databases • minimises need to replicate other RR data in the RIPE DB • currently use workaround for such cases • Real-time (Synchronous) updates • simplifies client side scripts • basis for user-friendly update interface • Automatic database cleanup • based on internal data rather than object data/metadata • notifications rather than lookups Andrei Robachevsky . 13 th APNIC Open Policy Meeting, March 2002, Bangkok . 18 http: //www. ripe. net
Future Plans(II) • Prototyping RPSL extensions (ipv 6, multicast) • both whois and IRRTool. Set will be affected • Further improvement of server software • error reporting, performance, • configuration flexibility • Documentation • Update of DB Reference Manual • DB User Manual • DB Operation Manual Andrei Robachevsky . 13 th APNIC Open Policy Meeting, March 2002, Bangkok . 19 http: //www. ripe. net
Other Database Projects • Database Statistics & Consistency Project • extended statistics and reports by subscription • prototype available at http: //www. ripe. net/db/dbconstat/ • RRCC project • Activity resumed, RIPE 201 published • Prototype at http: //www. ripe. net/ripencc/pub-services/db/rrcc/index. html • IRRTool. Set support • documentation and bug fixes • your input is very welcome at irrtoolset@ripe. net. Andrei Robachevsky . 13 th APNIC Open Policy Meeting, March 2002, Bangkok . 20 http: //www. ripe. net
More Information • RIPE-181 to RPSL Migration page • http: //www. ripe. net/rpsl • Documentation • RIPE Database Reference Manual http: //www. ripe. net/ripe/docs/databaseref-manual. html • RIPE Database User Manual (coming soon) • RIPE Database Operation Manual (coming soon) • Software • New whois client ftp: //ftp. ripe. net/tools/ripe-whois-3. 0. tar. gz • Server software v 3 ftp: //ftp. ripe. net/ripe/dbase/software/ripe-dbase-latest. tar. gz Andrei Robachevsky . 13 th APNIC Open Policy Meeting, March 2002, Bangkok . 21 http: //www. ripe. net
Questions? Andrei Robachevsky . 13 th APNIC Open Policy Meeting, March 2002, Bangkok . 22 http: //www. ripe. net
- Slides: 22