some stats for proposal 2018-06
Hi, I support the proposal and I'd like to add a **quick'n dirty** "impact analysis". 1) I took the 69178 [1] RIPE-NONAUTH route objects and run them through RPKI validator* 3. Which gives me 758 RPKI INVALID (669 ASN mismatch + 89 ML mismatch) objects. These objects would be the once that get removed as per the proposal. distribution by RPKI validity state: 67904 UNKNOWN 669 INVALID_ASN 516 VALID 89 INVALID_LENGTH 2) to estimate the impact of the route object deletion I then further categorize these 758 prefixes by asking: - Are they currently announced? (visible in RIS) - Are they currently announced by the origin in the route object? I only looked at exact matches - not less specifics. (RIPEstat prefix-routing-consistency data call was used to answer these questions) If one of these two questions is answered with "no", then I expect the potential impact of the deletion to be smaller than the other once (where both questions are answered with "yes"). Only 55 [3] objects (28 unique ASNs) are currently announced and match the origin in the route object. We can analyze these 55 further by asking "Are there IRR entries for them outside of RIPE-NONAUTH already?" (didn't do that yet) route6 stats ------------- total route6 objects found in RIPE-NONAUTH: 1991 [2] affected prefixes: 18 (12 ASN mismatch + 6 ML mismatch) break down by RPKI validity state* (including INVALID reason): 1879 UNKNOWN 94 VALID 12 INVALID_ASN 6 INVALID_LENGTH kind regards, nusenu [1] https://ftp.ripe.net/ripe/dbase/split/ripe-nonauth.db.route.gz [2] https://ftp.ripe.net/ripe/dbase/split/ripe-nonauth.db.route6.gz (fetched on 2018-10-17) *) ARIN TAL was enabled. [3] AS28885,206.49.101.0/24 AS3741,196.209.251.0/24 AS24218,124.158.224.0/22 AS1680,206.49.94.0/24 AS1680,209.88.155.0/24 AS1680,209.88.156.0/23 AS1680,209.88.158.0/24 AS1680,209.88.172.0/22 AS1680,209.88.176.0/20 AS1680,209.88.192.0/21 AS1680,216.72.32.0/21 AS1680,216.72.40.0/22 AS37403,41.79.150.0/24 AS37403,41.79.149.0/24 AS37403,41.79.151.0/24 AS37403,41.79.148.0/24 AS58396,103.225.172.0/24 AS58396,103.225.173.0/24 AS6908,118.91.174.0/24 AS43578,191.96.102.0/24 AS37403,41.242.40.0/24 AS37403,41.242.41.0/24 AS37403,41.242.42.0/24 AS37403,41.242.43.0/24 AS37403,41.242.44.0/24 AS37403,41.242.46.0/24 AS37403,41.242.45.0/24 AS37403,41.242.47.0/24 AS62000,191.101.23.0/24 AS57944,181.215.247.0/24 AS64484,191.96.249.0/24 AS203098,103.74.176.0/22 AS61317,191.101.96.0/20 AS200651,181.215.43.0/24 AS43818,191.96.113.0/24 AS203061,43.242.0.0/22 AS133537,191.96.38.0/24 AS60945,181.214.57.0/24 AS60458,181.41.199.0/24 AS60458,181.41.218.0/24 AS62240,191.101.22.0/24 AS20860,23.139.0.0/24 AS43818,191.96.60.0/23 AS205158,181.214.155.0/24 AS42962,103.81.184.0/24 AS42962,103.81.185.0/24 AS42962,103.81.186.0/24 AS42962,103.81.184.0/23 AS42962,103.81.186.0/23 AS197226,181.215.195.0/24 AS49835,138.255.89.0/24 AS44812,191.101.42.0/24 AS201942,191.96.124.0/22 AS2856,181.214.148.0/24 AS2856,181.214.231.0/24 -- https://twitter.com/nusenu_ https://mastodon.social/@nusenu
here is my data for you to scrutinize since Alexander Azimov (slides [3]) had some slightly different (lower) numbers (maybe that difference is either caused by a difference in TALs configured - or just because we didn't produce the data at the very same time or just a problem on my side) [1] 69178 route objects - 758 invalids - 55 of them are announced as defined in the route object [2] 1991 route5 objects - 16 invalids That said these are just current numbers but they obviously will change over time with the increasing creation of ROA outside of the RIPE region. kind regards, nusenu PS: I've a few more remarks but I'll postpone them. [1] https://gist.githubusercontent.com/nusenu/21687b0902cc64cd61b92ec5ae66bbc1/r... [2] https://gist.githubusercontent.com/nusenu/7d4c7f6ea5cadb47ff49760e5f2e5aa0/r... format: origin,prefix,RPKI validity state [3] https://ripe77.ripe.net/presentations/123-RIPE-NONAUTH.azimov.pdf -- https://twitter.com/nusenu_ https://mastodon.social/@nusenu
participants (1)
-
nusenu