New Values of the "status:" Attribute for Inetnum Objects (LIR-PARTITIONED) Nurani Nimpuno Andrei Robachevsky Document ID: ripe-239 Date: 14 June 2002 _________________________________________________________________ Abstract This document describes the new value of the "status:" attribute for inetnum objects and its impact on database operation. _________________________________________________________________ Contents 1.0 Motivation 2.0 Database Objects Affected 3.0 Usage 4.0 Functionality 5.0 IP Address Policy Implications 1.0 Motivation For various reasons large Local Internet Registries (LIRs) often need to distribute their allocated address space between various parts of their organisation (for example, some organisations have separate national operations in several countries obtaining address space through a single LIR). In these situations it is desirable to document this redistribution in the RIPE Database. In the past there was no way to do this without throwing up errors in the RIPE NCC auditing procedures or by removing flexibility by having each local operation treated as a RIPE NCC allocation. More information about the "RIPE NCC Consistency and Auditing Activity" is available from the RIPE Document Store at: http://www.ripe.net/ripe/docs/audit.html To facilitate administration of an LIR allocation, a new set of status values - and - was introduced. This allows an LIR to register one or more inetnum objects with one of the new "status:" values (further LIR-PARTITIONED inetnum) that are more specific to the allocation but less specific to the assignment. By doing this, an LIR may register different contact persons within the LIR organisation for different blocks of their allocated space. It is also possible to restrict changes in the RIPE Database within the LIR's allocated space differently in different blocks of this space. 2.0 Database Objects Affected Only inetnum objects may have the "status:" values. 3.0 Usage The feature allows an LIR to document distribution and delegate management of allocated space within their organisation. This is done by creating one or more inetnum objects under the inetnum object representing an LIR allocation. These objects may reference different contact information and have different values of "mnt-lower:" and "mnt-routes:" attributes. The "mnt-routes:" attribute delegates authorisation for the creation of more specific inetnum and route objects in the RIPE Database to different entities in different address blocks within the LIR's allocated space. For example, if we consider the following inetnum hierarchy: inetnum: 192.168.0.0 - 192.168.255.255 status: ALLOCATED PI mnt-by: RIPE-NCC-HM-MNT mnt-lower: LIR-MNT mnt-routes: LIR-MNT inetnum: 192.168.0.0 - 192.168.15.255 status: LIR-PARTITIONED PI mnt-by: LIR-MNT mnt-lower: DEPT1-MNT mnt-routes: DEPT1-RT-MNT Then DEPT1-MNT has the authority of creating more specific inetnum and route objects within the 192.168.0.0 - 192.168.15.255 range. DEPT1-RT-MNT has the authority to create 192.168.0.0/20 route and more specific ones. Please be aware that absence of a "mnt-lower:" attribute will allow anyone to create more specific inetnum objects within the address space. For more information regarding authorisation rules in the RIPE Database, please refer to the RIPE document "RIPE Database Reference Manual" available from the RIPE Document Store at: http://www.ripe.net/ripe/docs/databaseref-manual.html 4.0 Functionality When creating or modifying an inetnum object, the database will check the value of the "status:" attribute according to the following rules: * The value of or is allowed if the object is maintained by the RIPE-NCC-HM-MNT mntner. * The value of is allowed if one level less specific inetnum object contains a "status:" attribute with the value of , or . * The value of is allowed if one level less specific inetnum object contains a "status:" attribute with the value of , or . 5.0 IP address policy implications The use of the status value creates no implications to IP address policy. The utilisation in any allocation is always measured by the assignments within the allocation that are registered in the RIPE Database. Furthermore, LIRs are always responsible for the usage of address space allocated to them. For details on Internet Registry policies and procedures, please refer to the "IPv4 Address Allocation and Assignment Policies in the RIPE NCC Service Region" document available from the RIPE Document Store at: http://www.ripe.net/ripe/docs/ipv4-policies.html