Routing Assets Database

Last updated November 21, 2023

The Routing Assets Database (RADb), formerly known as the Routing Arbiter Database is a public database in which the operators of Internet networks publish authoritative declarations of routing policy for their Autonomous System (AS) which are, in turn, used by the operators of other Internet networks to configure their inbound routing policy filters. The RADb, operated by the University of Michigan's Merit Network, was the first such database, but others followed in its wake, forming a loose confederation of Internet routing registries, containing sometimes-overlapping, and sometimes-conflicting,^[1] routing policy data, expressed in Routing Policy Specification Language (RPSL) syntax.

History

The RADb was developed in the early 1990s as part of the National Science Foundation (NSF)-funded Routing Arbiter Project.^[2] The Routing Policy Specification Language was subsequently retroactively formalized in RFC 2280, in January, 1998.^[3]

Usage

Historically, most larger Internet service providers, and all within the European RIPE NCC region require customers to be registered in an Internet Routing Registry prior to propagating BGP announcements of their routes.^[4] This has not been a rigorously-enforced operational standard, however, and has declined since a peak in the early 2000s.

Security

The Internet Routing Registry system is an artifact of the 1990s era of the Internet, as the Internet's economy and governance were in transition from an academic mode to a commercial mode, and predate the era of ubiquitous cryptography. The RADb initially relied upon a trust model, in which write access to the database was not strictly controlled. A write-permissions access model was subsequently added, in which individuals or roles representing each Autonomous System had authority to write records related to that AS, including which IP address blocks it would originate routing advertisements for, and which other Autonomous Systems were allowed to advertise transit routing paths to it. The first generation of security allowed network operators to specify a MAIL-FROM attribute, requiring that updates be sent from a specific email address. Next, (B)CRYPT-PW / MD5-PW password hash authentication was added, and finally a PGP-KEY attribute was added, allowing users to cryptographically sign submitted edits.^[5] Subsequent work by the Regional Internet Registries created additional IRRs which strictly tied permission to advertise IP blocks to RIR allocation data. But since DNSSEC already existed and had been applied to the in-addr zone, no end-to-end cryptographic integrity mechanism was ever added to RPSL.

Related Research Articles

The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned to each of the associated entities. Most prominently, it translates readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. The Domain Name System has been an essential component of the functionality of the Internet since 1985.

An Internet Protocol address is a numerical label such as 192.0.2.1 that is connected to a computer network that uses the Internet Protocol for communication. An IP address serves two main functions: network interface identification, and location addressing.

Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communications protocol that provides an identification and location system for computers on networks and routes traffic across the Internet. IPv6 was developed by the Internet Engineering Task Force (IETF) to deal with the long-anticipated problem of IPv4 address exhaustion, and was intended to replace IPv4. In December 1998, IPv6 became a Draft Standard for the IETF, which subsequently ratified it as an Internet Standard on 14 July 2017.

Border Gateway Protocol (BGP) is a standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems (AS) on the Internet. BGP is classified as a path-vector routing protocol, and it makes routing decisions based on paths, network policies, or rule-sets configured by a network administrator.

Open Shortest Path First (OSPF) is a routing protocol for Internet Protocol (IP) networks. It uses a link state routing (LSR) algorithm and falls into the group of interior gateway protocols (IGPs), operating within a single autonomous system (AS).

In computer networking, a proxy server is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource. It improves privacy, security, and performance in the process.

An autonomous system (AS) is a collection of connected Internet Protocol (IP) routing prefixes under the control of one or more network operators on behalf of a single administrative entity or domain, that presents a common and clearly defined routing policy to the Internet. Each AS is assigned an autonomous system number (ASN), for use in Border Gateway Protocol (BGP) routing. Autonomous System Numbers are assigned to Local Internet Registries (LIRs) and end user organizations by their respective Regional Internet Registries (RIRs), which in turn receive blocks of ASNs for reassignment from the Internet Assigned Numbers Authority (IANA). The IANA also maintains a registry of ASNs which are reserved for private use.

Internet security is a branch of computer security. It encompasses the Internet, browser security, web site security, and network security as it applies to other applications or operating systems as a whole. Its objective is to establish rules and measures to use against attacks over the Internet. The Internet is an inherently insecure channel for information exchange, with high risk of intrusion or fraud, such as phishing, online viruses, trojans, ransomware and worms.

BGP hijacking is the illegitimate takeover of groups of IP addresses by corrupting Internet routing tables maintained using the Border Gateway Protocol (BGP).

RIPE NCC (Réseaux IP Européens Network Coordination Centre) is the regional Internet registry (RIR) for Europe, the Middle East and parts of Central Asia. Its headquarters are in Amsterdam, Netherlands, with a branch office in Dubai, UAE.

The Routing Policy Specification Language (RPSL) is a language commonly used by Internet Service Providers to describe their routing policies.

A High Assurance Internet Protocol Encryptor (HAIPE) is a Type 1 encryption device that complies with the National Security Agency's HAIPE IS. The cryptography used is Suite A and Suite B, also specified by the NSA as part of the Cryptographic Modernization Program. HAIPE IS is based on IPsec with additional restrictions and enhancements. One of these enhancements includes the ability to encrypt multicast data using a "preplaced key". This requires loading the same key on all HAIPE devices that will participate in the multicast session in advance of data transmission. A HAIPE is typically a secure gateway that allows two enclaves to exchange data over an untrusted or lower-classification network.

WHOIS is a query and response protocol that is used for querying databases that store an Internet resource's registered users or assignees. These resources include domain names, IP address blocks and autonomous systems, but it is also used for a wider range of other information. The protocol stores and delivers database content in a human-readable format. The current iteration of the WHOIS protocol was drafted by the Internet Society, and is documented in RFC 3912.

In networking, a black hole, also known as a block hole, refers to a place in the network where incoming or outgoing traffic is silently discarded, without informing the source that the data did not reach its intended recipient.

There are a number of security and safety features new to Windows Vista, most of which are not available in any prior Microsoft Windows operating system release.

In the context of network routing, route filtering is the process by which certain routes are not considered for inclusion in the local route database, or not advertised to one's neighbours. Route filtering is particularly important for the Border Gateway Protocol on the global Internet, where it is used for a variety of reasons. One way of doing route filtering with external-resources in practice is using Routing Policy Specification Language in combination with Internet Routing Registry databases.

The following outline is provided as an overview of and topical guide to the Internet.

An Internet Routing Registry (IRR) is a database of Internet route objects for determining, and sharing route and related information used for configuring routers, with a view to avoiding problematic issues between Internet service providers.

Wireless Application Protocol (WAP) is a technical standard for accessing information over a mobile wireless network. A WAP browser is a web browser for mobile devices such as mobile phones that use the protocol. Introduced in 1999, WAP achieved some popularity in the early 2000s, but by the 2010s it had been largely superseded by more modern standards. Almost all modern handset internet browsers now fully support HTML, so they do not need to use WAP markup for web page compatibility, and therefore, most are no longer able to render and display pages written in WML, WAP's markup language.

Resource Public Key Infrastructure (RPKI), also known as Resource Certification, is a specialized public key infrastructure (PKI) framework to support improved security for the Internet's BGP routing infrastructure.

References

↑ Band, Alex. "The RPKI Documentation". Read the Docs. Retrieved 1 July 2021. This has created an extensive repository of obsolete data of uncertain validity spread across dozens of route registries around the world. Most published RPSL data is neither sufficiently accurate and up to date for filtering purposes, nor sufficiently comprehensive or precise for being the golden master in router configuration.
↑ "The Internet Routing Registry - RADb". www.radb.net. Retrieved 2021-05-24.
↑ Alaettinoglu, Cengiz; Bates, Tony; Gerich, Elise; Karrenberg, Daniel; Meyer, Dave; Terpstra, Marten; Villamizar, Curtis (January 1998). "Routing Policy Specification Language (RPSL)". Internet Engineering Task Force.
↑ "Routing Assets Database". freejournal.info. Retrieved 2021-05-24.
↑ Alamin, Sara (18 June 2019). "Internet Routing Registry Tutorial" (PDF). Packet Clearing House. Retrieved 1 July 2021.

External links

Official website

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] Band, Alex. "The RPKI Documentation". Read the Docs. Retrieved 1 July 2021. This has created an extensive repository of obsolete data of uncertain validity spread across dozens of route registries around the world. Most published RPSL data is neither sufficiently accurate and up to date for filtering purposes, nor sufficiently comprehensive or precise for being the golden master in router configuration.

[2] "The Internet Routing Registry - RADb". www.radb.net. Retrieved 2021-05-24.

[3] Alaettinoglu, Cengiz; Bates, Tony; Gerich, Elise; Karrenberg, Daniel; Meyer, Dave; Terpstra, Marten; Villamizar, Curtis (January 1998). "Routing Policy Specification Language (RPSL)". Internet Engineering Task Force.

[:0-4] "Routing Assets Database". freejournal.info. Retrieved 2021-05-24.

[5] Alamin, Sara (18 June 2019). "Internet Routing Registry Tutorial" (PDF). Packet Clearing House. Retrieved 1 July 2021.

[1]

[2]

[3]

[4]

[5]