Hello people (and ticket bots :>), I wanted to do some BGP filtering automation today, learned some interesting things in the process. I decided on setting up a local mirror of RIPE IRR and was quite puzzled with reasoning behind this: http://www.ripe.net/data-tools/db/nrtm-mirroring So, I can download the whole database snapshot for free from ftp.ripe.net, wasting bandwidth and other resources, or on the other hand I can pay for doing things the right and efficient way, which in the process is effectively cheaper for all involved parties. So the question is - what gives? :) - why does RIPE insist that I download >200MB of compressed data instead of catching up probably few hundred KB of daily changes? --Pawel.
Den 1/7/12 6:12 PM, skrev Pawel Tyll:
Hello people (and ticket bots :>),
I wanted to do some BGP filtering automation today, learned some interesting things in the process. I decided on setting up a local mirror of RIPE IRR and was quite puzzled with reasoning behind this:
http://www.ripe.net/data-tools/db/nrtm-mirroring
So, I can download the whole database snapshot for free from ftp.ripe.net, wasting bandwidth and other resources, or on the other hand I can pay for doing things the right and efficient way, which in the process is effectively cheaper for all involved parties.
So the question is - what gives? :) - why does RIPE insist that I download>200MB of compressed data instead of catching up probably few hundred KB of daily changes?
--Pawel.
I'm quite sure it is more expensive to administrate and receive a stream of changes than downloading a static file with no administration:) Bandwidth is cheap and static content scales extremely well.
Hi, Pawel! My guess would be that a full snapshot available via ftp is considered not that NEAR Real Time as the update data stream that you may pull continuously from the server - they're not trying to sell data there but the service of that data being streamed. Although I'd expect that stuff to be available to members without extra pay - at least one host per member. 07.01.2012 21:12 пользователь "Pawel Tyll" <ptyll@nitronet.pl> написал:
Hello people (and ticket bots :>),
I wanted to do some BGP filtering automation today, learned some interesting things in the process. I decided on setting up a local mirror of RIPE IRR and was quite puzzled with reasoning behind this:
http://www.ripe.net/data-tools/db/nrtm-mirroring
So, I can download the whole database snapshot for free from ftp.ripe.net, wasting bandwidth and other resources, or on the other hand I can pay for doing things the right and efficient way, which in the process is effectively cheaper for all involved parties.
So the question is - what gives? :) - why does RIPE insist that I download >200MB of compressed data instead of catching up probably few hundred KB of daily changes?
--Pawel.
---- If you don't want to receive emails from the RIPE NCC members-discuss mailing list, please log in to your LIR Portal account and go to the
general page:
https://lirportal.ripe.net/general/view
Click on "Edit my LIR details", under "Subscribed Mailing Lists". From here, you can add or remove addresses.
My guess would be that a full snapshot available via ftp is considered not that NEAR Real Time as the update data stream that you may pull continuously from the server - they're not trying to sell data there but the service of that data being streamed. I don't need to pull it continuously. It can even be limited to one connection a day, although again, I see no reason for such
Hi Artem, limitations. I would only like a local mirror that I can hammer however frequently I wish, that would be relatively up-to-date. I can pull the snapshot once a day, restart irrd and be done with it, but...that's just wrong :)
Although I'd expect that stuff to be available to members without extra pay - at least one host per member. I would expect it to be available to everyone interested that uses BGP. Correct and automated filtering of routing between ASes should be encouraged in every possible way, and abstract pricing that doesn't have any basis in real world isn't encouraging at all.
--Pawel.
On Jan 7, 2012, at 9:14 PM, Pawel Tyll wrote:
My guess would be that a full snapshot available via ftp is considered not that NEAR Real Time as the update data stream that you may pull continuously from the server - they're not trying to sell data there but the service of that data being streamed. I don't need to pull it continuously. It can even be limited to one connection a day, although again, I see no reason for such limitations. I would only like a local mirror that I can hammer however frequently I wish, that would be relatively up-to-date. I can pull the snapshot once a day, restart irrd and be done with it, but...that's just wrong :)
Hi, maybe a simple rsync server would do the job for you and for everyone else with similar needs (described as "I need a periodic update but I don't really need a realtime one"). At our site we mirror a few terabytes of data (genomic repositories) via rsync without even noticing an impact of bandwidth usage (as long as only a small part of those big files changes every day). Anyone at RIPE willing to consider this option ? Ciao, A.
maybe a simple rsync server would do the job for you and for everyone else with similar needs (described as "I need a periodic update but I don't really need a realtime one"). It isn't a "realtime" one, it's a simple polling mechanism that hits
Hi Andrea, the whois server every 30 mins (by default), supplies local serial number and requests changes between local sn and current RIPE sn. Nothing realtime about it. Downloading 200MB file isn't a problem. It takes less than a minute. Real trouble is restarting irrd - with 3GB database (which ripe.db.gz unpacks to), it takes about 20 mins on the machine I want to use for this purpose, also creating unnecessary load.
At our site we mirror a few terabytes of data (genomic repositories) via rsync without even noticing an impact of bandwidth usage (as long as only a small part of those big files changes every day). Like I said, file size isn't a problem. Unnecessary processing required due to irrd restart is a problem.
--Pawel.
Hi, On Jan 7, 2012, at 11:18 PM, Pawel Tyll wrote:
Like I said, file size isn't a problem. Unnecessary processing required due to irrd restart is a problem.
That's a bit different from the initial point... I do not know enough about irrd to comment on this (I just never runned it here), the things we mirror here are MySQL backed and in some way our sysadms convinced MySQL to accept that at some moment some read-only tables get replaced on the fly with new snapshots and that happens magically and atomically. Maybe RIPE might put in some directory one file per day with the "daily updates" and that directory can be rsync'd ? My point was only about the data transfer, I understand that setting up a "push" update requires a significant administrative/management overhead, and it is reasonable to ask for a cost compensation; setting up a public rsync server requires no more effort than setting up a public ftp site (maybe less...): the big dfference is that (as long as data is uncompressed and unencrypted) only the "delta" gets actually transferred. Regards, A.
That's a bit different from the initial point... Original point still stands - the fact that it's not a problem anymore to download 200MB over 200KB doesn't make it any less wasteful.
I do not know enough about irrd to comment on this (I just never runned it here), the things we mirror here are MySQL backed and in some way our sysadms convinced MySQL to accept that at some moment some read-only tables get replaced on the fly with new snapshots and that happens magically and atomically. Operative keyword would be 'magically'. I prefer KISS over magic :)
Maybe RIPE might put in some directory one file per day with the "daily updates" and that directory can be rsync'd ? I'm not sure why we are still trying to re-invent wheel here. I would really like to hear a sane reason behind non-profit organization expecting a EUR 250 fee for access to, essentially, a whois server with public information that should be mirrored as much as possible, which also is already available for free, but in a form that is only harder to keep updated? I'm trying hard to imagine how running mirror with up to two weeks of serialized updates would be more cost-intensive compared to running FTP server, yet I can't figure this out. I was so perplexed by this that it even made me start this thread on a saturday! ;)
My point was only about the data transfer, I understand that setting up a "push" update requires a significant administrative/management overhead, and it is reasonable to ask for a cost compensation; setting up a public rsync server requires no more effort than setting up a public ftp site (maybe less...): the big dfference is that (as long as data is uncompressed and unencrypted) only the "delta" gets actually transferred. It's already up and running, this point is moot. Another user doesn't require a new set of data - same updates are being sent. It's also running on free and open software. It's also not a push update. From what I learned in short time this saturday, it's just a glorified whois server that allows mirror operation. Besides, others managed to somehow sink their astronomical costs with running such a contraption: http://www.radb.net/resources/databases.php
Seriously, maybe I'm missing something here. But what? --Pawel.
Στις 7/1/2012 11:07 μμ, ο/η Andrea Cocito έγραψε:
maybe a simple rsync server would do the job for you and for everyone else with similar needs (described as "I need a periodic update but I don't really need a realtime one").
+1 for rsync on all ftp.ripe.net content
Dear Pawel We have followed this discussion on NRTM issues and would like to thank you for raising the subject. First, let me try to provide some historical context to explain how we got to where we are. In the beginning, NRTM was totally open and free. Over time, it became clear that some users were taking advantage of this service to data mine the RIPE Database for email addresses. Many users whose email addresses were only listed in the RIPE Database were receiving spam. At this point it was decided to register NRTM users. To apply for this service, you had to fill in a form stating who you are, why you wanted the service, what IP address you would use to receive the data stream and provide contact details. The software was adjusted to only accept requests for NRTM data from these registered IP addresses. Some years later our administrative database used for controlling access to the RIPE Database was growing, with many NRTM users listed who no longer made use of the service. In the mean time, the RIPE Data Protection Task Force proposed we filter both the NRTM data stream and the daily split files to remove email addresses. We then moved to the current paid service as a means of covering the administrative overhead and limiting the list of users to only those who actively use the service. The RIPE NCC is open to suggestions for restructuring this service and its administration. Over recent years, it has been discussed at great length at RIPE Meetings with regard to data protection. Perhaps you would like to open a new discussion on the RIPE Database Working Group mailing list [1] to review NRTM and the daily split files services. Technical suggestions, such as the rsync option, can also be covered in the community discussions. If consensus is reached for a better solution, we will be pleased to implement it. [1] https://www.ripe.net/ripe/groups/wg/db Regards, Denis Walker Business Analyst RIPE NCC Database Group On 7/01/12:2 6:12 PM, Pawel Tyll wrote:
Hello people (and ticket bots :>),
I wanted to do some BGP filtering automation today, learned some interesting things in the process. I decided on setting up a local mirror of RIPE IRR and was quite puzzled with reasoning behind this:
http://www.ripe.net/data-tools/db/nrtm-mirroring
So, I can download the whole database snapshot for free from ftp.ripe.net, wasting bandwidth and other resources, or on the other hand I can pay for doing things the right and efficient way, which in the process is effectively cheaper for all involved parties.
So the question is - what gives? :) - why does RIPE insist that I download >200MB of compressed data instead of catching up probably few hundred KB of daily changes?
--Pawel.
Hello Denis,
The RIPE NCC is open to suggestions for restructuring this service and its administration. Over recent years, it has been discussed at great length at RIPE Meetings with regard to data protection. Perhaps you would like to open a new discussion on the RIPE Database Working Group mailing list [1] to review NRTM and the daily split files services. Technical suggestions, such as the rsync option, can also be covered in the community discussions. If consensus is reached for a better solution, we will be pleased to implement it. If spam-protection and long list of allowed hosts are the reasons behind the fee, then surely each interested LIR may ask for addtion of one IP address for free, and to make sure they actually need it and use it, if not used for more than 28 days, request has to be made again after automatic removal. Right? ;)
--Pawel.
participants (7)
-
Andrea Cocito -
Armin Kneip -
Artem Buglak -
Denis Walker -
Jørgen Hovland -
Pawel Tyll -
Yiorgos Adamopoulos