I don't think ARIN can help the situation. ISPs just need to remove
access lists from each router in the network and centralize them.
I totally agree with you. However, as always, centralized systems, while
ease management and scalability, everything becomes a trust issue and a
single point of failure or source of problems...
Yeah, who would you trust to maintain a centralized database of IP address
May be, this could be a subscription based type of service, something
RADB, where everyone subscribes into a central filtering list that is
managed by a seperate organization?
Yup, you're right. This should be done by a 3rd party organization, not an
ISP. I wonder whether there are any 3rd party organizations trusted by
ISPs that have experience in maintaining a database of IP address ranges?
I really like the Rob's bogon
That's probably because you are a router geek. I have nothing against
Rob's setup but I know that the vast majority of geeks know nothing about
route-servers and have no incentive to learn about them. But they all know
what LDAP is, some of them already run LDAP servers and the rest probably
plan to learn more about LDAP some day. We could leverage that widespread
knowledge of LDAP by publishing route data (or any other data regarding
attributes of IP address ranges) using the IETF standard LDAPv3 protocol.
In fact, I know that Rob is considering setting up an LDAP server as an
alternative way to offer bogon data. I think this is a great idea as a
testbed, i.e. offer the data through many protocols and see which is most
popular. Howevere, I think that when it does become popular, it needs to
be integrated with ARIN's authoritative database of IP address
-- Michael Dillon