[PDB Tech] allow empty IP field or not?

Arnold Nipper arnold.nipper at de-cix.net
Wed Dec 28 06:13:10 PST 2016


On 28.12.2016 01:03, Joe Provo wrote:
> On Wed, Dec 28, 2016 at 12:55:22AM +0100, Arnold Nipper wrote:
>> On 25.12.2016 19:26, Joe Provo wrote:
>>> [this time form the correct address...]
>>>
>>> On Sun, Dec 25, 2016 at 03:15:39PM +0100, Sascha Pollok wrote:
>>>> Hi Job, et al,
>>>>
>>>> Let's please keep it required. Many people rely on PDB information to 
>>>> automate peering configurations. It does not happen often that we need to 
>>>> configure peering sessions that require manual input and when it happens, 
>>>> it is actually annoying. Making IP addresses optional will make more ASes 
>>>> not document them either of lazyness or weird security reasons. If someone 
>>>> thinks not disclosing them gives extra security they do have a problem 
>>>> anyway. It's easy to find out peering LAN IPs if someone wants to do 
>>>> something ugly.
>>>>
>>>> Please keep them required.
>>>
>>> Yes.
>>>
>>> If the [not uncommon] case of signaling intent-to-be-there is needed,
>>> that should be simply a separate flag not an overloading of the address
>>> field.
>>>
>>
>> Isn't there always an overloading one way or the other? Given we do yaf
>> (yet another flag) which says intent-to-be-there. But what is the
>> meaning of this flag when an address is added? I know the address but
>> I'm not yet ready? Or still the original meaning.
> 
> YAF in the abscensce of an allocation helps planners, espcaeccialy in
> companies where things take too long. Obvs it had no meaning once there 
> are both AFs in place. There would be an argument to be made for one AF 
> and YAF set to indicate one is planning to add the other AF.
>  

I see your point, Joe. But meanwhile we are already at 2 YAF (v4 and
v6). I'm much in favour of KISS as long as possible. I wouldn't find
overloading that bad.

>> Same is for privacy. If a network doesn't want to disclose its IP there
>> may be reasons for it. Otherwise it wouldn't do so.
> 
> The "reason" is weird or useless at best IME.
> 

I can't say why some networks do that. But I'm sure some do it by
purpose. Make it mandatory would at least annoy them.

Otoh we also have the plan that IP information should come from the IXP
and not from networks.

>> Imho all we need is a common understanding what something means. Does it
>> really hurt if we allow an empty IP address?  Does it break any automation?
> 
> yes. folks have to trap for that case, and it is indeterminate:
> intentional? user error? IX error? etc
> 
> 

With PDB 1.0 you had to enter a value even if that was not an IP
address. Since PDB 2.0 we do type checking however do not enforce to set
an IP.

Summarizing the discussion so far I have the impression that

 * IP address must be set (IPv4 OR IPv6)

 * YAF for indicating "will show up soon" would be great as well


Cheers,
Arnold


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.peeringdb.com/pipermail/pdb-tech/attachments/20161228/b80f10c2/attachment.sig>


More information about the Pdb-tech mailing list