Hence there is no space-efficient way of noting an authority
chain, other than entering every single IP address ever assigned, all in
one big data base.
Alas, that ain't feasible.
I beg to differ. Essentially, the collective databases of the address
registries are the data base that you describe. But...
At a minimum, it is essentially impossible to
keep such a database up to date.
You may be right. The ARIN, RIPE and APNIC databases are filled with junk,
lies, and inaccuracies. On the face of it this seems to prove that it is
impossible to keep the data up to date. However, since there has never
been any significant effort to ensure that the databases are accurate and
up to date, this could change.
If ARIN, RIPE and APNIC were to find some financial and political support,
then I believe that they could provide a global authoritative database of
all IP address ownership that was reasonably accurate and up to date. If
this could be queried by a standard protocol such as LDAPv3 (Referral
LDAP) then the distributed database could be queried in much the same way
as the distributed DNS is.
What would be the point? Well, if my MTA receives a connection on port 25
I could look up the source IP address in the LDAP directory to identify
the owner. Since an LDAP directory can contain arbitrary information
related to its entries, perhaps I could find out whether or not that
source IP is registered as an SMTP server and also retrive the abuse email
address of the organization who has registered this address.
--Michael Dillon
Somebody (Christian Huietma?) did a survey, and 30% of the sites don't even
have working PTR entries in the DNS. Why should you expect enough buy-in
on updating LDAP entries to make the query worth trying?
www.rfc-ignorant.org has a very large database of sites that can't even get
things like 'postmaster@' and 'abuse@' *email* addresses correct.
So you end up penalizing sites that don't have a clue, while the clued spammers
will do this:
% ldap add abuse_contact mailbox="abuse@whatever.foo"
% cat > ~abuse/.forward
/dev/null
^D
What have you won?
ARIN has no lack of financial resources. From my perspective, the only
thing the ARIN lacks is respect for the wishes and needs of its members.
Michael,
Wednesday, February 5, 2003, 1:04:08 AM, you wrote:
What would be the point? Well, if my MTA receives a connection on port 25
I could look up the source IP address in the LDAP directory to identify
the owner. Since an LDAP directory can contain arbitrary information
related to its entries, perhaps I could find out whether or not that
source IP is registered as an SMTP server and also retrive the abuse email
address of the organization who has registered this address.
Other folks have responded to the financial, operations and "political" issues.
I'll offer some technical concerns:
1. LDAP has been around a long time and has shown no large-scale
(millions of users), cross-Internet, cross-administration utility yet.
Hence, making a design that has any near-term reliance on its
large-scale deployment is extremely risky.
2. We know that DNS performance is acceptable for real-time use in this
type of scenario, but we do not know that LDAP performance is. Slow
servers have been an issue with cross-net email performance for many
years. ESMTP was designed quite carefully to avoid adding even an extra
round-trip to the session, for just this reason. Hence, the potential
impact of a cross-net LDAP query are very, very risky.
Please note the reference to "near-term". I started this thread because
there is an immediate user problem. I am looking for the simplest,
safest, quickest way to resolve it. That means using existing standards
and deployed solutions, rather than designing new ones. That is, the
task needs to be one of reducing choice, not adding to it. That is why I
suggested the vehicle of a BCP, rather than a new IETF working group.
d/
Folks: in working on a project it has come to my attention that WorldCom
doesn't seem to have a DWDM network to speak of, and reportedly has spotty
DWDM coverage only in metro areas, a fact well hidden from company's
marketing literature that seems to avoid talking about speeds above oc-3.
Two questions -- can anyone verify/offer more insights/point to better
resources on WorldCom's DWDM startegy?
And -- as the rumor mill seems to suggest -- is it indeed true that despite
obvious network economics SONET-based OC-12 and OC-48 circuits are indeed
enjoying lower street prices than DWDM oc-12/48 circuits? Any thoughts as to
why this info is indeed correct?
Max
it has come to my
attention that WorldCom
doesn't seem to have a DWDM network to speak of, and
reportedly has spotty
DWDM coverage only in metro areas, a fact well
hidden from company's
marketing literature that seems to avoid talking
about speeds above oc-3.
Your impression is pretty much correct. WorldCom
bought/obtained a large quantity of fiber before DWDM
capability was widely available, and has not spent
very much money on CapEX in the past couple of years.
Their current focus seems to be trying to maximize the
usage of their existing infrastructure.
Two questions -- can anyone verify/offer more
insights/point to better
resources on WorldCom's DWDM startegy?
And -- as the rumor mill seems to suggest -- is it
indeed true that despite
obvious network economics SONET-based OC-12 and
OC-48 circuits are indeed
enjoying lower street prices than DWDM oc-12/48
circuits? Any thoughts as to
why this info is indeed correct?
This is also true, because a large number of providers
are in a similar place to WorldCom - i.e.
overprovisioned SONET gear, and don't want to upgrade
to a DWDM-based system until their SONET cicuits
absolutely need it. It shouldn't be all that
surprising - where you'll really see a lot of DWDM is
those providers who had loaded up on dark fiber, and
are now starting to light them.
-David Barak
fully RFC 1925 compliant
thanks all for your input.
on closer examination I found that the only two countries in Europe where
WorldCom seems to sell wavelength services retail are Belgium and Luxemburg.
There is some talk about selling DWDM wholesale in Spain, but I am afraid
this is just boilerplate language.
if anyone knows anything about how to figure out DWDM prices in those two
countires ... i would be greatly appreciative
Hi,
thanks all for your input.
on closer examination I found that the only two countries in Europe where
WorldCom seems to sell wavelength services retail are Belgium and
Luxemburg. There is some talk about selling DWDM wholesale in Spain, but I
am afraid this is just boilerplate language.
WorldCom don't sell DWDM in Spain. They use capacity from other well know
provideers.
if anyone knows anything about how to figure out DWDM prices in those two
countires ... i would be greatly appreciative
If you need something in Spain mailme off list.
Regards,
Daniel