Ci-dessous, les différences entre deux révisions de la page.
Les deux révisions précédentes Révision précédente Prochaine révision | Révision précédente Dernière révision Les deux révisions suivantes | ||
technique:archives:lir-registration [2015/12/17 11:49] admin [20151215-20151216] |
technique:archives:lir-registration [2018/05/10 10:57] admin |
||
---|---|---|---|
Ligne 232: | Ligne 232: | ||
* Ça prends une demande de modification avec validation par un humain sur ce type de champ. | * Ça prends une demande de modification avec validation par un humain sur ce type de champ. | ||
* Le courrier arrive quand même, on peut éviter de brouiller le signal tant qu'on est dans la deadline de la migration | * Le courrier arrive quand même, on peut éviter de brouiller le signal tant qu'on est dans la deadline de la migration | ||
- | * Request form rempli et validé pour les 1024 IPv4 (/22) -- idem IPv6 : allocation /32 | + | * Request form rempli et validé pour les 1024 IPv4 (/22) – idem IPv6 : allocation /32 |
{{:technique:archives:ripe-ip4-pa-slash-22-screen-1.png?direct&}} | {{:technique:archives:ripe-ip4-pa-slash-22-screen-1.png?direct&}} | ||
Ligne 241: | Ligne 241: | ||
{{:technique:archives:ripe-ip4-pa-slash-22-screen-4.png?direct&}} | {{:technique:archives:ripe-ip4-pa-slash-22-screen-4.png?direct&}} | ||
- | |||
===== 20151214 ===== | ===== 20151214 ===== | ||
- | * Appel téléphonique du RIPE (au numéro laissé lors des demandes IP) : simple appel de courtoisie, "We have already validated your requests [...]", "Do you have any questions ?". | + | * Appel téléphonique du RIPE (au numéro laissé lors des demandes IP) : simple appel de courtoisie, "We have already validated your requests […]", "Do you have any questions ?". |
* Les allocations apparaissent dans le LIR Portal | * Les allocations apparaissent dans le LIR Portal | ||
- | * 185.131.40.0/22 : ALLOCATED PA | + | * 185.131.40.0/22 : ALLOCATED PA |
- | * 2a03:a0a0::/32 : ALLOCATED | + | * 2a03:a0a0::/32 : ALLOCATED |
* Il est temps de finir de s'affûter | * Il est temps de finir de s'affûter | ||
- | * Les IP allocated ne sont pas considérées utilisées, elles doivent être assignées pour être utilisées | + | * Les IP allocated ne sont pas considérées utilisées, elles doivent être assignées pour être utilisées |
- | * Il faut et suffit que le LIR crée les objets de type inetnum et route pour les premières assignation | + | * Il faut et suffit que le LIR crée les objets de type inetnum et route pour les premières assignation |
- | * Le LIR doit respecter : | + | * Le LIR doit respecter : |
- | * [[https://www.ripe.net/publications/docs/ripe-649|IPv4 Address Allocation and Assignment Policy]] | + | * [[https://www.ripe.net/publications/docs/ripe-649|IPv4 Address Allocation and Assignment Policy]] |
- | * [[https://www.ripe.net/publications/docs/ripe-655|IPv6 Address Allocation and Assignment Policy]] | + | * [[https://www.ripe.net/publications/docs/ripe-655|IPv6 Address Allocation and Assignment Policy]] |
- | * Toutes les recommandations des autres [[https://www.ripe.net/publications/docs/ripe-documents|documents RIPE]] | + | * Toutes les recommandations des autres [[https://www.ripe.net/publications/docs/ripe-documents|documents RIPE]] |
- | ===== 20151215-20151216 ===== | + | ===== 20151215-20151217 ===== |
* Création des objets pour assigner 2 premières /24 IPv4 à CHD et une première /.. IPv6 | * Création des objets pour assigner 2 premières /24 IPv4 à CHD et une première /.. IPv6 | ||
Ligne 274: | Ligne 273: | ||
* Pour avoir le descriptif des champs d'un type d'enregistrement : ''whois -v'' | * Pour avoir le descriptif des champs d'un type d'enregistrement : ''whois -v'' | ||
- | |||
- | <file text inetnum.txt> | ||
- | % This is the RIPE Database query service. | ||
- | % The objects are in RPSL format. | ||
- | % | ||
- | % The RIPE Database is subject to Terms and Conditions. | ||
- | % See http://www.ripe.net/db/support/db-terms-conditions.pdf | ||
- | |||
- | The inetnum class: | ||
- | |||
- | An inetnum object contains information on allocations and | ||
- | assignments of IPv4 address space. | ||
- | |||
- | inetnum: [mandatory] [single] [primary/lookup key] | ||
- | netname: [mandatory] [single] [lookup key] | ||
- | descr: [mandatory] [multiple] [ ] | ||
- | country: [mandatory] [multiple] [ ] | ||
- | geoloc: [optional] [single] [ ] | ||
- | language: [optional] [multiple] [ ] | ||
- | org: [optional] [single] [inverse key] | ||
- | sponsoring-org: [optional] [single] [ ] | ||
- | admin-c: [mandatory] [multiple] [inverse key] | ||
- | tech-c: [mandatory] [multiple] [inverse key] | ||
- | status: [mandatory] [single] [ ] | ||
- | remarks: [optional] [multiple] [ ] | ||
- | notify: [optional] [multiple] [inverse key] | ||
- | mnt-by: [mandatory] [multiple] [inverse key] | ||
- | mnt-lower: [optional] [multiple] [inverse key] | ||
- | mnt-domains: [optional] [multiple] [inverse key] | ||
- | mnt-routes: [optional] [multiple] [inverse key] | ||
- | mnt-irt: [optional] [multiple] [inverse key] | ||
- | changed: [optional] [multiple] [ ] | ||
- | created: [generated] [single] [ ] | ||
- | last-modified: [generated] [single] [ ] | ||
- | source: [mandatory] [single] [ ] | ||
- | |||
- | The content of the attributes of the inetnum class are defined below: | ||
- | |||
- | inetnum | ||
- | |||
- | Specifies a range of IPv4 that inetnum object presents. The ending | ||
- | address should be greater than the starting one. | ||
- | |||
- | <ipv4-address> - <ipv4-address> | ||
- | |||
- | netname | ||
- | |||
- | The name of a range of IP address space. | ||
- | |||
- | Made up of letters, digits, the character underscore "_", | ||
- | and the character hyphen "-"; the first character of a name | ||
- | must be a letter, and the last character of a name must be a | ||
- | letter or a digit. | ||
- | |||
- | descr | ||
- | |||
- | A short decription related to the object. | ||
- | |||
- | A sequence of ASCII characters. | ||
- | |||
- | country | ||
- | |||
- | Identifies the country. | ||
- | |||
- | Valid two-letter ISO 3166 country code. | ||
- | |||
- | geoloc | ||
- | |||
- | The location coordinates for the resource. | ||
- | |||
- | Location coordinates of the resource. Can take one of the following forms: | ||
- | |||
- | [-90,90][-180,180] | ||
- | |||
- | language | ||
- | |||
- | Identifies the language. | ||
- | |||
- | Valid two-letter ISO 639-1 language code. | ||
- | |||
- | org | ||
- | |||
- | Points to an existing organisation object representing the entity that | ||
- | holds the resource. | ||
- | |||
- | The 'ORG-' string followed by 2 to 4 characters, followed by up to 5 digits | ||
- | followed by a source specification. The first digit must not be "0". | ||
- | Source specification starts with "-" followed by source name up to | ||
- | 9-character length. | ||
- | |||
- | sponsoring-org | ||
- | |||
- | Points to an existing organisation object representing the sponsoring | ||
- | organisation responsible for the resource. | ||
- | |||
- | The 'ORG-' string followed by 2 to 4 characters, followed by up to 5 digits | ||
- | followed by a source specification. The first digit must not be "0". | ||
- | Source specification starts with "-" followed by source name up to | ||
- | 9-character length. | ||
- | |||
- | admin-c | ||
- | |||
- | References an on-site administrative contact. | ||
- | |||
- | From 2 to 4 characters optionally followed by up to 6 digits | ||
- | optionally followed by a source specification. The first digit | ||
- | must not be "0". Source specification starts with "-" followed | ||
- | by source name up to 9-character length. | ||
- | |||
- | tech-c | ||
- | |||
- | References a technical contact. | ||
- | |||
- | From 2 to 4 characters optionally followed by up to 6 digits | ||
- | optionally followed by a source specification. The first digit | ||
- | must not be "0". Source specification starts with "-" followed | ||
- | by source name up to 9-character length. | ||
- | |||
- | status | ||
- | |||
- | Specifies the status of the resource. | ||
- | |||
- | Status can have one of these values: | ||
- | |||
- | o ALLOCATED PA | ||
- | o ALLOCATED PI | ||
- | o ALLOCATED UNSPECIFIED | ||
- | o LIR-PARTITIONED PA | ||
- | o LIR-PARTITIONED PI | ||
- | o SUB-ALLOCATED PA | ||
- | o ASSIGNED PA | ||
- | o ASSIGNED PI | ||
- | o ASSIGNED ANYCAST | ||
- | o EARLY-REGISTRATION | ||
- | o NOT-SET | ||
- | o LEGACY | ||
- | |||
- | remarks | ||
- | |||
- | Contains remarks. | ||
- | |||
- | A sequence of ASCII characters. | ||
- | |||
- | notify | ||
- | |||
- | Specifies the e-mail address to which notifications of changes to an | ||
- | object should be sent. This attribute is filtered from the default | ||
- | whois output. | ||
- | |||
- | An e-mail address as defined in RFC 2822. | ||
- | |||
- | mnt-by | ||
- | |||
- | Specifies the identifier of a registered mntner object used for | ||
- | authorisation of operations performed with the object that contains | ||
- | this attribute. | ||
- | |||
- | Made up of letters, digits, the character underscore "_", | ||
- | and the character hyphen "-"; the first character of a name | ||
- | must be a letter, and the last character of a name must be a | ||
- | letter or a digit. The following words are reserved by | ||
- | RPSL, and they can not be used as names: | ||
- | |||
- | any as-any rs-any peeras and or not atomic from to at | ||
- | action accept announce except refine networks into inbound | ||
- | outbound | ||
- | |||
- | Names starting with certain prefixes are reserved for | ||
- | certain object types. Names starting with "as-" are | ||
- | reserved for as set names. Names starting with "rs-" are | ||
- | reserved for route set names. Names starting with "rtrs-" | ||
- | are reserved for router set names. Names starting with | ||
- | "fltr-" are reserved for filter set names. Names starting | ||
- | with "prng-" are reserved for peering set names. Names | ||
- | starting with "irt-" are reserved for irt names. | ||
- | |||
- | mnt-lower | ||
- | |||
- | Specifies the identifier of a registered mntner object used for | ||
- | hierarchical authorisation. Protects creation of objects directly (one | ||
- | level) below in the hierarchy of an object type. The authentication | ||
- | method of this maintainer object will then be used upon creation of | ||
- | any object directly below the object that contains the "mnt-lower:" | ||
- | attribute. | ||
- | |||
- | Made up of letters, digits, the character underscore "_", | ||
- | and the character hyphen "-"; the first character of a name | ||
- | must be a letter, and the last character of a name must be a | ||
- | letter or a digit. The following words are reserved by | ||
- | RPSL, and they can not be used as names: | ||
- | |||
- | any as-any rs-any peeras and or not atomic from to at | ||
- | action accept announce except refine networks into inbound | ||
- | outbound | ||
- | |||
- | Names starting with certain prefixes are reserved for | ||
- | certain object types. Names starting with "as-" are | ||
- | reserved for as set names. Names starting with "rs-" are | ||
- | reserved for route set names. Names starting with "rtrs-" | ||
- | are reserved for router set names. Names starting with | ||
- | "fltr-" are reserved for filter set names. Names starting | ||
- | with "prng-" are reserved for peering set names. Names | ||
- | starting with "irt-" are reserved for irt names. | ||
- | |||
- | mnt-domains | ||
- | |||
- | Specifies the identifier of a registered mntner object used for | ||
- | reverse domain authorisation. Protects domain objects. The | ||
- | authentication method of this maintainer object will be used for any | ||
- | encompassing reverse domain object. | ||
- | |||
- | Made up of letters, digits, the character underscore "_", | ||
- | and the character hyphen "-"; the first character of a name | ||
- | must be a letter, and the last character of a name must be a | ||
- | letter or a digit. The following words are reserved by | ||
- | RPSL, and they can not be used as names: | ||
- | |||
- | any as-any rs-any peeras and or not atomic from to at | ||
- | action accept announce except refine networks into inbound | ||
- | outbound | ||
- | |||
- | Names starting with certain prefixes are reserved for | ||
- | certain object types. Names starting with "as-" are | ||
- | reserved for as set names. Names starting with "rs-" are | ||
- | reserved for route set names. Names starting with "rtrs-" | ||
- | are reserved for router set names. Names starting with | ||
- | "fltr-" are reserved for filter set names. Names starting | ||
- | with "prng-" are reserved for peering set names. Names | ||
- | starting with "irt-" are reserved for irt names. | ||
- | |||
- | mnt-routes | ||
- | |||
- | This attribute references a maintainer object which is used in | ||
- | determining authorisation for the creation of route objects. | ||
- | After the reference to the maintainer, an optional list of | ||
- | prefix ranges inside of curly braces or the keyword "ANY" may | ||
- | follow. The default, when no additional set items are | ||
- | specified, is "ANY" or all more specifics. Please refer to | ||
- | RFC-2622 for more information. | ||
- | |||
- | <mnt-name> [ { list of <address-prefix-range> } | ANY ] | ||
- | |||
- | mnt-irt | ||
- | |||
- | May appear in an inetnum or inet6num object. It points to an irt | ||
- | object representing a Computer Security Incident Response Team (CSIRT) | ||
- | that handles security incidents for the address space specified by the | ||
- | inetnum or inet6num object. | ||
- | |||
- | An irt name is made up of letters, digits, the character | ||
- | underscore "_", and the character hyphen "-"; it must start | ||
- | with "irt-", and the last character of a name must be a | ||
- | letter or a digit. | ||
- | |||
- | changed | ||
- | |||
- | Specifies who submitted the update, and when the object was updated. | ||
- | This attribute is filtered from the default whois output. | ||
- | This attribute is deprecated and will be removed in a next release. | ||
- | |||
- | An e-mail address as defined in RFC 2822, followed by a date | ||
- | in the format YYYYMMDD. | ||
- | |||
- | created | ||
- | |||
- | This attributes reflects when the object was created in | ||
- | ISO8601 format (yyyy-MM-dd'T'HH:mm:ssZ). | ||
- | |||
- | Attribute generated by server. | ||
- | |||
- | last-modified | ||
- | |||
- | This attributes reflects when the object was last changed in | ||
- | ISO8601 format (yyyy-MM-dd'T'HH:mm:ssZ). | ||
- | |||
- | Attribute generated by server. | ||
- | |||
- | source | ||
- | |||
- | Specifies the registry where the object is registered. Should be | ||
- | "RIPE" for the RIPE Database. | ||
- | |||
- | Made up of letters, digits, the character underscore "_", | ||
- | and the character hyphen "-"; the first character of a | ||
- | registry name must be a letter, and the last character of a | ||
- | registry name must be a letter or a digit. | ||
- | |||
- | % This query was served by the RIPE Database Query Service version 1.83.1 (DB-4) | ||
- | </file> | ||
- | |||
* Regarder les objets créés par le RIPE pour CHD le LIR | * Regarder les objets créés par le RIPE pour CHD le LIR | ||
* organisation : ''whois ORG-CHD1-RIPE'' | * organisation : ''whois ORG-CHD1-RIPE'' | ||
Ligne 571: | Ligne 280: | ||
* inet6num: ''whois 2a03:a0a0::/32'' | * inet6num: ''whois 2a03:a0a0::/32'' | ||
* Se poser les questions de la longueur des préfixes qu'on veut déléguer au FAI | * Se poser les questions de la longueur des préfixes qu'on veut déléguer au FAI | ||
- | * IPv4 : Couper La /22 en 4 /24 semble à peu près la seule chose intelligente | + | * IPv4 : Couper La /22 en 4 /24 semble à peu près la seule chose intelligente à faire |
- | * IPv6 : C'est moins évident. /48 pour 65k adhérent qui auraient leur /64 ? | + | * IPv6 : C'est moins évident. /48 pour 65k adhérents qui auraient leur /64 ? |
* [[https://labs.ripe.net/Members/dbayer/visibility-of-prefix-lengths|https://labs.ripe.net/Members/dbayer/visibility-of-prefix-lengths]] | * [[https://labs.ripe.net/Members/dbayer/visibility-of-prefix-lengths|https://labs.ripe.net/Members/dbayer/visibility-of-prefix-lengths]] | ||
- | * Créer tous les objets nécessaires pour CHD le FAI | + | * [[http://www.gestioip.net/cgi-bin/subnet_calculator.cgi|http://www.gestioip.net/cgi-bin/subnet_calculator.cgi]] |
- | * inetnum: ''whois 185.131.40.0/24'' | + | * Créer tous les objets nécessaires pour le routage de CHD le FAI |
- | * inetnum: ''whois 185.131.41.0/24'' | + | * inetnum: ''whois 185.131.40.0/23'' |
- | * inet6num: ''whois 2a03:a0a0::/48'' | + | * inet6num: '' whois 2a03:a0a0::/48'' |
- | * TODO : routes | + | * Le BGP sera annoncé par FullSave, les objets route seront gérés par eux (il faut ajouter un attribut mnt-route dans les inet*num pour leur permettre de les créer) |
- | * domain: ''whois 40.131.185.in-addr.arpa'' | + | * route: '' 185.131.40.0/23AS39405'' |
- | * domain: ''whois 41.131.185.in-addr.arpa'' | + | * route6: '' 2a03:a0a0::/48AS39405'' |
- | * TODO : ''whois 0.0.0.0.0.0.0.0.0.0.0.0.0.a.0.a.3.0.a.2.ip6.arpa.in-addr.arpa'' | + | * Remarque : via webupdates, il n'est pas possible de récréer les enregistrements de type "domain" avant que l'infra DNS soit en place. |
+ | |||
+ | <code> | ||
+ | The name server ns1.chd.sx has no A or AAAA address records. | ||
+ | The name server ns2.chd.sx has no A or AAAA address records. | ||
+ | Test for zone 40.131.185.in-addr.arpa was marked as undelegated, | ||
+ | but no working fake glue was provided. | ||
+ | Fatal error in delegation for zone 40.131.185.in-addr.arpa. | ||
+ | No name servers found at child or at parent. | ||
+ | No further testing can be performed. | ||
+ | </code> | ||
+ | |||
+ | ===== 20170112 ===== | ||
+ | |||
+ | J'ai enfin fait les DNS (le 20161217 on a mis chd.sx et Netflix/akamaï nous à pensé à l'île d esaint martin. Refait avec commingeshautdebit.fr). | ||
+ | |||
+ | * '' whois 40.131.185.in-addr.arpa'' | ||
+ | * '' whois 41.131.185.in-addr.arpa'' | ||
+ | * '' whois 1.0.0.0.0.a.0.a.3.0.a.2.ip6.arpa'' | ||
+ | * '' whois 0.0.0.0.0.a.0.a.3.0.a.2.ip6.arpa'' | ||
+ | <code> | ||
+ | domain: 0.0.0.0.0.a.0.a.3.0.a.2.ip6.arpa | ||
+ | nserver: ns1.commingeshautdebit.fr | ||
+ | nserver: ns2.commingeshautdebit.fr | ||
+ | admin-c: CC14458-RIPE | ||
+ | tech-c: LP10373-RIPE | ||
+ | zone-c: LP10373-RIPE | ||
+ | mnt-by: fr-commingeshd-1-mnt | ||
+ | created: 2016-12-10T23:18:11Z | ||
+ | last-modified: 2017-01-12T21:12:37Z | ||
+ | source: RIPE | ||
+ | </code> | ||
+ | |||
+ | ===== 20180501 ===== | ||
+ | |||
+ | Ajout 185.131.42.0/24 pour CHD et demandes de ressources pour [[https://intarnet.fr/wiki/technique:whois|Intarnet]]. | ||