[PDB Data Ownership-TF] draft "Data Ownership Policy Document"

Chris Caputo ccaputo at alt.net
Tue Mar 3 09:44:02 PST 2020


Arnold and I spent a few days going back and forth on the document and 
have a new version to share.

The progress and diff history is all up at:

  https://www.caputo.com/dotf/

In my naming system, if I think I have the approval of someone for a draft 
version, I include their initials.

The current draft is up at the following, and copied below:

  https://www.caputo.com/dotf/0.20200303.2-CC-AN.txt

A diff from the last draft presented here, 0.20200227.3-CC-WM.txt, is up 
at the following location and also attached:

  https://www.caputo.com/dotf/0.20200227.3-CC-WM_0.20200303.2-CC-AN.diff.txt

  (viewing this file in vim produces a nice color coding of the changes)

Feedback?  Change suggestions?

Thanks,
Chris

---

PeeringDB Data Ownership Policy Document

Date: TBD
Version: 0.20200303.2-CC-AN

1) Background

The Data Ownership Task Force was established in September, 2019, with the 
aim of working on a PeeringDB Policy proposal about data ownership, after 
a need was recognized by the Product Committee as issues consistently had 
been raised relating to who owns the data in PeeringDB when more than one 
party is involved (ex: netixlan, ixfac, netfac).

A call for participation to the Task Force was made on September 10th, 
2019.

2) Scope

The Data Ownership Task Force is established to discuss and agree on who 
owns the data tokens and/or objects in PeeringDB. Their agreements, 
findings, and any sort of recommendations will be documented in a Policy 
Document as a direct outcome of the Task Force.

This Policy Document will include a clear description of each data element 
and the relation between each other, as well as who should be allowed to 
create, update, and delete them.

The Task Force is estimated to conclude its work within about 6 months 
from its inception, which was September 2019. This time frame will be 
extended if the Task Force needs more time to conclude its work.

The resulting Policy Document will be announced and shared with the 
PeeringDB Community.

After the publishing of the Policy Document, the Task Force will end.

3) Overarching Principles

3.1) Purpose of PeeringDB

>From https://www.peeringdb.com/about as of February 26th, 2020:

 - PeeringDB, as the name suggests, was set up to facilitate peering 
   between networks and peering coordinators. In recent years, the vision 
   of PeeringDB has developed to keep up with the speed and diverse manner 
   in which the Internet is growing. The database is no longer just for 
   peering and peering related information. It now includes all types of 
   interconnection data for networks, clouds, services, and enterprise, as 
   well as interconnection facilities that are developing at the edge of 
   the Internet.

 - We believe in, and rely on the community to grow and improve the 
   PeeringDB database. The volunteers who run the database are passionate 
   about security, privacy, integrity, and validation of the data in the 
   database. Even though PeeringDB is a freely available and public tool, 
   users strictly adhere to the acceptable use policy 
   (https://www.peeringdb.com/aup), which prevents the database being used 
   for commercial purposes and discourages unsolicited communications.  
   This is largely policed by the community and has been very effective 
   since PeeringDB was launched.

3.2) Expectations

 - Data is expected to be consistent and correct following good 
   engineering.

 - Users are expected to keep their Organization's data current.

3.3) Admin Committee

The PeeringDB Admin Committee may alter data. This is done because as a 
community we want to make sure we have good quality data. Depending on the 
circumstances, data may be deleted, hidden, overridden, or flagged. The 
Admin Committee may perform research and/or involve multiple parties in 
order help resolve matters.

The Admin Committee has their own ticketing and logging systems as they 
deal with user data. The Task Force recommends this practice continue as 
having audit trails of all data is good practice.

3.4) Conflicted Data

In some cases ownership of data elements may not be either/or, but rather 
may be nuanced. PeeringDB data is often used for Internet operations and 
changes should not disrupt existing operational processes. This policy 
specifies a principle of minimal disruption. This principle means that 
conflicted data which is already published shall not be taken down unless 
done so by the Network, PeeringDB automation explicitly authorized by the 
Network, or by a resolution process mediated by the Admin Committee.

For example, an Internet Exchange (IX) may have shared an IP assignment 
with a new participant in advance of updating the IX's public records, 
some of which may be processed by PeeringDB in an automated fashion. This 
can result in a conflict based on PeeringDB receiving differing 
information from two sources.

4) User Interface Elements of PeeringDB

PeeringDB exists to facilitate the exchange of user-maintained 
interconnection related information. This information is presented in data 
relating to entities known as Organizations, Facilities, Internet 
Exchanges, and Networks in the Internet industry. Derived from that is 
data relating to where Networks and IXs are located, and to which IXs, 
Networks are connected to.

4.1) Organizations

PeeringDB uses the term Organization to refer to the holding entity for 
any number of IXs, Facilities, and Networks.

In the current implementation of PeeringDB, Organizations are denoted by 
"org" data elements.

4.2) Facilities

PeeringDB uses the term Facility to record data centers which are public 
centralized locations where computing and networking equipment of tenants 
are located, and may include one or more meet-me-rooms. A Facility may 
also simply be a public meet-me-room for interconnection. Within the scope 
of PeeringDB, Facilities can house IXs and Networks, and these entities 
can establish interconnection.

In the current implementation of PeeringDB, Facilities are denoted by 
"fac" data elements and referenced in "ixfac" and "netfac" data elements.

The major information among Facility records:

- the relevant Organization managing the Facility - ("org")

- IXs and Networks at the Facility - ("ixfac", "netfac")

4.3) Internet Exchanges

PeeringDB uses the term Internet Exchange, also known as an Internet 
Exchange Point, to refer to a network facility that enables the 
interconnection of more than two independent Autonomous Systems, primarily 
for the purpose of facilitating the exchange of Internet traffic.

PeeringDB provides methods for both IXs and Networks to indicate the 
participation of a network at an IX.

IXs may be present at one or more Facilities, and may indicate this in 
PeeringDB.

In the current implementation of PeeringDB, IXs are denoted by "ix" data 
elements and referenced in "ixfac", "ixlan", "ixpfx", and "netixlan" data 
elements.

The major information among IX records:

- the relevant Organization managing the IX - ("org")

- Local Area Networks (LANs) (MTU and VLAN details) of IXs - ("ixlan")

- LANs (IPv4 and IPv6 subnets) of IXs - ("ixpfx")

- Networks at the IX and the specific IP addresses assigned to each 
  participant - ("netixlan")

- Facilities the IX is present at - ("ixfac")
 
4.4) Networks 

Entities with an Autonomous System Number (ASN) may be a Network in 
PeeringDB.

In the current implementation of PeeringDB, Networks are denoted by "net" 
data elements and referenced in "as_set", "netfac", and "netixlan" data 
elements.

The major information among Network records:

- the relevant Organization managing the Network - ("org")

- Contact Information - ("poc")

- Connection detail at an IX - ("netixlan")

- Facilities the Network is present at - ("netfac")

4.5) Points of Contact

PeeringDB uses the term Point of Contact to refer to a Network role along 
with optional name, email, and telephone information.

In the current implementation of PeeringDB, Points of Contact are 
denoted by "poc" data elements.

4.6) Public Peering Exchange Points

A Network may have a list of Public Peering Exchange Points that it is 
connected to, along with IP address assignments, speed, and route server 
peer status.

In the current implementation of PeeringDB, Public Peering Exchange Points 
are denoted by "netixlan" data elements.

4.7) Private Peering Facilities

A Network may have a list of Private Peering Facilities it is present at.

In the current implementation of PeeringDB, Private Peering Facilities are 
denoted by "netfac" data elements.

4.8) LAN

Each Internet Exchange has a LAN with a configuration for the name, MTU, 
whether IEEE 802.1Q is supported, and IX-F Member Import details.

In the current implementation of PeeringDB, LANs are denoted by "ixlan" 
data elements.

4.9) Prefixes

Each Internet Exchange has one or more Prefixes which represent an IPv4 or 
IPv6 subnet at the IX.

In the current implementation of PeeringDB, Prefixes are denoted by 
"ixpfx" data elements.

4.10) Local Facilities and Exchanges

Each Internet Exchange may have a list of Local Facilities it is present 
at, while each Facility may have a list of Internet Exchanges, or simply 
Exchanges, it hosts.

In the current implementation of PeeringDB, Local Facilities and Exchanges 
are denoted by "ixfac" data elements.

5) Data Elements in PeeringDB

This section lists the data elements that are listed in PeeringDB API as 
listed at:

  https://peeringdb.com/apidocs/

For each data element, attributes/values and who can update them is listed 
below.

Not all fields of a data element are writable or readable.  In this 
section these prefixes indicate nuanced fields:

 $: automatic fields, such as timestamps
 %: derived (not writable) fields, such as count of related elements
 &: deprecated
 >: only present in POST/PUT
 <: only present in GET

In the below sections when it is stated:

  ... 'includes an "org_id" with associated privileges.'

that is shorthand for:

  ... 'includes an "org_id", which points to an "org" data element. Users 
  with sufficient permission who are affiliated with the Organization 
  represented by that "org" data element are able to create, update, and 
  delete this data element.'

5.1) Single-party Data Elements

These data elements contain data provided by a single party.

5.1.1) as_set

- Internet Routing Registry (IRR) as-set/route-set from "net" data 
  element.

- The "net" data element from which this API result is derived, includes 
  an "org_id", which points to an "org" data element. Users with 
  sufficient permission who are affiliated with the Organization 
  represented by that "org" data element are able to create, update, and 
  delete this "as_set" information.

- The Admin Committee is also able to adjust this record under their 
  discretion, such as at the request of the managing organization.

- Example:
  - https://www.peeringdb.com/api/as_set/65512?depth=0

    {
  <   "65512": "AS-EXAMPLE"
    }

5.1.2) fac

- "fac" represents a Facility. Information such as the name, location, 
  and website are contained within the "fac" data element.

- The "fac" data element includes an "org_id" with associated privileges.

- The Admin Committee is also able to adjust this record under their 
  discretion, such as at the request of the managing organization.

- The deletion or alteration of a "fac" data element may cause associated 
  "ixfac" and "netfac" data elements to be deleted. Since this may cause 
  an operational impact, this Task Force recommends that PeeringDB be 
  modified to prevent disruptive changes to a "fac" data element while it 
  has one or more dependent data elements. Facilities may work with the 
  Admin Committee to remove dependent data elements in a safe manner.

- Example:
  - https://www.peeringdb.com/api/fac/#?depth=0

    {
  <   "id": #,
      "org_id": ##,
  <   "org_name": "Example Building Owners",
      "name": "Example Building",
      "website": "https://www.building.example/",
      "clli": "STTLWA",
      "rencode": "string",
      "npanxx": "206-443",
      "notes": "string",
  >   "suggest": true,
  %   "net_count": 150,
  %   "latitude": 47.6062,
  %   "longitude": -122.3321,
  $   "created": "2004-01-01T00:00:00Z",
  $   "updated": "2020-01-01T00:00:00Z",
      "status": "ok",
      "address1": "123 Main",
      "address2": "Suite 321",
      "city": "Seattle",
      "country": "US",
      "state": "WA",
      "zipcode": "90000"
    }

5.1.3) ix

- "ix" represents an Internet Exchange. Information such as the name, 
  location, website, and contact information are contained within the "ix" 
  data element.

- The "ix" data element includes an "org_id" with associated privileges.

- The Admin Committee is also able to adjust this record under their 
  discretion, such as at the request of the managing organization.

- The deletion or alteration of an "ix" data element may cause associated 
  "netixlan" data elements to be deleted. Since this may cause an 
  operational impact, this Task Force recommends that PeeringDB be 
  modified to prevent disruptive changes to an "ix" data element while it 
  has one or more dependent data elements. Internet Exchanges may work 
  with the Admin Committee to remove dependent data elements in a safe 
  manner.

- Example:
  - https://www.peeringdb.com/api/ix/#?depth=0

    {
  <   "id": #,
      "org_id": ##,
      "name": "Example IX",
      "name_long": "Example Internet Exchange",
      "city": "Seattle",
      "country": "US",
      "region_continent": "North America",
      "media": "Ethernet",
      "notes": "EIX port fees: etc.\n",
      "proto_unicast": true,
      "proto_multicast": false,
      "proto_ipv6": true,
      "website": "https://www.eix.example/",
      "url_stats": "https://www.eix.example/statistics/",
      "tech_email": "info at eix.example",
      "tech_phone": "+12065551212",
      "policy_email": "info at eix.example",
      "policy_phone": "string",
  >   "suggest": true,
  >   "prefix": "string",
  %   "net_count": 317,
  $   "created": "2004-01-01T00:00:00Z",
  $   "updated": "2020-01-01T00:00:00Z",
      "status": "ok",
    }

5.1.4) ixlan

- "ixlan" represents some aspects of an Internet Exchange LAN such as the 
  name, MTU, whether IEEE 802.1Q is supported, and IX-F Member Import 
  details. It also points to the "ix" data element.

- The "ixlan" data element includes an "ix_id", which points to an "ix"  
  data element, which includes an "org_id" with associated privileges.

- The Admin Committee is also able to adjust this record under their 
  discretion, such as at the request of the managing organization.

- The deletion or alteration of an "ixlan" data element may cause 
  associated "netixlan" data elements to be deleted. Since this may cause 
  an operational impact, this Task Force recommends that PeeringDB be 
  modified to prevent disruptive changes to an "ixlan" data element while 
  it has one or more dependent data elements. Internet Exchanges may work 
  with the Admin Committee to remove dependent data elements in a safe 
  manner.

- Example:
  - https://www.peeringdb.com/api/ixlan/#?depth=0

    {
  <   "id": #,
      "ix_id": #,
      "name": "MTU 1500",
  &   "descr": "",
      "mtu": 1500,
      "dot1q_support": false,
      "rs_asn": 0,
      "arp_sponge": "string",
  >   "ixf_ixp_member_list_url": "string",
  >   "ixf_ixp_import_enabled": true,
  $   "created": "2004-01-01T00:00:00Z",
  $   "updated": "2020-01-01T00:00:00Z",
      "status": "ok",
    }

5.1.5) ixpfx

- "ixpfx" represents the IP subnet of IP assignments on an Internet 
  Exchange LAN. It also points to the associated "ixlan" data element.

- The "ixpfx" data element includes an "ixlan_id", which points to an 
  "ixlan" data element, which includes an "ix_id", which points to an "ix"  
  data element, which includes an "org_id" with associated privileges.

- The Admin Committee is also able to adjust this record under their 
  discretion, such as at the request of the managing organization.

- The deletion or alteration of an "ixpfx" data element may cause 
  associated "netixlan" data elements to be deleted. Since this may cause 
  an operational impact, this Task Force recommends that PeeringDB be 
  modified to prevent disruptive changes to an "ixpfx" data element while 
  it has one or more dependent data elements. Internet Exchanges may work 
  with the Admin Committee to remove dependent data elements in a safe 
  manner.

- Example:
  - https://www.peeringdb.com/api/ixpfx/#?depth=0

    {
  <   "id": #,
      "ixlan_id": ##,
      "protocol": "IPv4",
      "prefix": "192.0.2.0/24",
  $   "created": "2004-01-01T00:00:00Z",
  $   "updated": "2020-01-01T00:00:00Z",
      "status": "ok",
    }

5.1.6) net

- "net" represents a Network. Information such as the name, website, ASN, 
  as-set/route-set, prefix counts, type of network, traffic ratios, 
  policies, etc. are contained within the "net" data element.

- The "net" data element includes an "org_id" with associated privileges.

- The Admin Committee is also able to adjust this record under their 
  discretion, such as at the request of the managing organization.

- Example:
  - https://www.peeringdb.com/api/net/#?depth=0

    {
  <   "id": #,
      "org_id": ##,
      "name": "Widget Corporation",
      "aka": "Widgets R Us",
      "website": "https://www.widgets.example/",
      "asn": 65512,
      "looking_glass": "string",
      "route_server": "string",
      "irr_as_set": "AS-EXAMPLE",
      "info_type": "Content",
      "info_prefixes4": 5,
      "info_prefixes6": 1,
      "info_traffic": "string",
      "info_ratio": "Balanced",
      "info_scope": "Global",
      "info_unicast": true,
      "info_multicast": false,
      "info_ipv6": true,
      "info_never_via_route_servers": false,
      "notes": "string",
      "policy_url": "https://www.widgets.example/peering.html",
      "policy_general": "Open",
      "policy_locations": "Not Required",
      "policy_ratio": false,
      "policy_contracts": "Not Required",
  >   "allow_ixp_update": true,
  >   "suggest": true,
  $   "created": "2004-01-01T00:00:00Z",
  $   "updated": "2020-01-01T00:00:00Z",
      "status": "ok",
    }

5.1.7) org

- "org" represents an Organization. Information such as the name, website, 
  and address are contained within the "org" data element.

- Users with sufficient permission who are affiliated with the 
  Organization represented by this data element are able to create, 
  update, and delete this "org" information.

- The Admin Committee is also able to adjust this record under their 
  discretion, such as at the request of the managing organization.

- Example:
  - https://www.peeringdb.com/api/org/#?depth=0

    {
  <   "id": #,
      "name": "Widget Conglomerate",
      "website": "https://www.widgets.example/",
      "notes": "string",
      "address1": "123 Example St",
      "address2": "string",
      "city": "Seattle",
      "country": "US",
      "state": "WA",
      "zipcode": "90000",
  $   "created": "2004-01-01T00:00:00Z",
  $   "updated": "2020-01-01T00:00:00Z",
      "status": "ok",
    }

5.1.8) poc

- "poc" represents a Point of Contact. Information such as the role name, 
  contact name, visibility setting, telephone number, email address, and 
  URL are contained within the "poc" data element.

- The "poc" data element includes a "net_id", which points to an "net"  
  data element, which includes an "org_id" with associated privileges.

- The Admin Committee is also able to adjust this record under their 
  discretion, such as at the request of the managing organization.

- Example:
  - https://www.peeringdb.com/api/poc/#?depth=0

    {
  <   "id": #,
      "net_id": ##,
      "role": "NOC",
      "visible": "Users",
      "name": "Example Network Operations",
      "phone": "206-555-1212",
      "email": "noc at widget.example",
      "url": "string",
  $   "created": "2004-01-01T00:00:00Z",
  $   "updated": "2020-01-01T00:00:00Z",
      "status": "ok",
    }

5.2) Multi-party Data Elements

These data elements can contain data provided by multiple parties. In 
cases of conflict between the data sources, the PeeringDB Admin Committee 
may become involved to help resolve differences. In addition, the 
PeeringDB user interface may help guide participants toward harmony.

5.2.1) netixlan

- "netixlan" represents the connection of a Network to an Internet 
  Exchange, including the IP address assignments. These assignments are 
  normally made by the Internet Exchange and provided to the Network.

- In order for "netixlan" data elements to be created by a Network or 
  through automation enabled by a Network, an Internet Exchange must first 
  create related "ix", "ixlan", and "ixpfx" data elements. Due to this 
  dependency and a desire to prevent operational disruption, this Task 
  Force recommends in section 7 that "ix", "ixlan", and "ixpfx" data 
  elements not be able to be deleted or modified in such a way that would 
  impact dependent "netixlan" data elements.

- The "netixlan" data element includes a "net_id", which points to an 
  "net" data element, which includes an "org_id" with associated 
  privileges. In addition, Networks may take advantage of automated 
  mechanisms that PeeringDB offers, which utilize data publicly exported 
  by Internet Exchanges.

- See section 6.1 for conflict resolution recommendation.

- Example:
  - https://www.peeringdb.com/api/netixlan/#?depth=0

    {
  <   "id": #,
      "net_id": ##,
  %   "ix_id": ###,
  %   "name": "Example IX",
      "ixlan_id": ###,
      "notes": "string",
      "speed": 10000,
      "asn": 65512,
      "ipaddr4": "192.0.2.10",
      "ipaddr6": "2001:db8::10",
      "is_rs_peer": true,
  $   "created": "2004-01-01T00:00:00Z",
  $   "updated": "2020-01-01T00:00:00Z",
      "status": "ok",
    }

5.2.2) ixfac

- "ixfac" represents the presence of an Internet Exchange at a Facility.

- The "ixfac" data element includes an "ix_id", which points to an "ix"  
  data element, which includes an "org_id" with associated privileges.

- While all Facilities have a parent Organization data element, not all of 
  those Organizations in PeeringDB have affiliated Users. Some Facilities 
  are the result of suggestions by other Users, while other Facilities are 
  the product of the migration from PeeringDB 1.x to PeeringDB 2.x.

- See section 6.2 for conflict resolution recommendation.

- Example:
  - https://www.peeringdb.com/api/ixfac/#?depth=0

    {
  <   "id": #,
      "ix_id": ##,
      "fac_id": ###,
  $   "created": "2004-01-01T00:00:00Z",
  $   "updated": "2020-01-01T00:00:00Z",
      "status": "ok",
    }

5.2.3) netfac

- "netfac" represents the presence of a Network at a Facility. This 
  information can include the name of the Facility, the location, and the 
  ASN employed by the Network at the location.

- The "netfac" data element includes a "net_id", which points to an "net"  
  data element, which includes an "org_id" with associated privileges.

- While all Facilities have a parent Organization data element, not all of 
  those Organizations in PeeringDB have affiliated Users. Some Facilities 
  are the result of suggestions by other Users, while other Facilities are 
  the product of the migration from PeeringDB 1.x to PeeringDB 2.x.

- See section 6.2 for conflict resolution recommendation.

- Example:
  - https://www.peeringdb.com/api/netfac/#?depth=0

    {
  <   "id": #,
  %   "name": "Example Building",
  %   "city": "Seattle",
  %   "country": "US",
      "net_id": ##,
      "fac_id": ###,
      "local_asn": 65512,
  $   "created": "2004-01-01T00:00:00Z",
  $   "updated": "2020-01-01T00:00:00Z",
      "status": "ok",
    }

6) Conflicted Data Resolution Recommendations

6.1) netixlan

A conflict may arise in which the IP assignment data publicly exported by 
an Internet Exchange does not match data provided by a Network.  
Alternatively, an Internet Exchange may reach out to PeeringDB to dispute 
the IP assignment data provided by a Network.

Since this data can have an impact on Internet operations, this document 
specifies a principle of minimal disruption. This principle means that 
conflicted data which is already published shall not be taken down unless 
done so by the Network or by a resolution process mediated by the Admin 
Committee.

Similarly, conflicted data which has not been published shall not be 
published until a resolution process has been mediated by the Admin 
Committee and/or the conflict is resolved due to updated data from the 
Internet Exchange or the Network.

The Task Force recommends PeeringDB employ user interface methods and 
email notifications to encourage data harmony between a Network and an 
Internet Exchange, as a means of expediting resolution and decreasing the 
burdens on the Admin Committee.

6.2) ixfac & netfac

A conflict may arise in which a Facility with an actual owner disputes the 
presence of an Internet Exchange or Network at their Facility. In this 
case, the Admin Committee is empowered to mediate a resolution process.

7) Action Items

7.1) "netixlan" dependency on "ix", "ixlan", and "ixpfx"

In order to prevent operational disruption, this Task Force recommends 
that PeeringDB be modified to prevent deletion or updates of "ix", 
"ixlan", and "ixpfx" data elements from having a disruptive effect on 
dependent "netixlan" data elements, when data exists that would be 
disrupted.  When needed, the removal of dependent data elements should be 
coordinated by the Admin Committee.

7.2) "ixfac" and "netfac" dependency on "fac"

In order to prevent operational disruption, this Task Force recommends 
that PeeringDB be modified to prevent deletion or updates of "fac" data 
elements from having a disruptive effect on dependent "ixfac" and "netfac" 
data elements, when data exists that would be disrupted.  When needed, the 
removal of dependent data elements should be coordinated by the Admin 
Committee.

END
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: 0.20200227.3-CC-WM_0.20200303.2-CC-AN.diff.txt
URL: <http://lists.peeringdb.com/pipermail/dataownership-tf/attachments/20200303/f4ca54c3/attachment-0001.txt>


More information about the DataOwnership-TF mailing list