Re: [Sidrops] www.rpkiviews.org - geographically diverse vantage points

Job Snijders <job@sobornost.net> Tue, 05 January 2021 11:52 UTC

Return-Path: <job@sobornost.net>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B4703A089C for <sidrops@ietfa.amsl.com>; Tue, 5 Jan 2021 03:52:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.919
X-Spam-Level:
X-Spam-Status: No, score=-1.919 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f7ZzXnc2GCfp for <sidrops@ietfa.amsl.com>; Tue, 5 Jan 2021 03:52:30 -0800 (PST)
Received: from outbound.soverin.net (outbound.soverin.net [116.202.65.215]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B00CD3A08B0 for <sidrops@ietf.org>; Tue, 5 Jan 2021 03:52:29 -0800 (PST)
Received: from smtp.freedom.nl (unknown [10.10.3.36]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (No client certificate requested) by outbound.soverin.net (Postfix) with ESMTPS id B4DB960896 for <sidrops@ietf.org>; Tue, 5 Jan 2021 11:52:27 +0000 (UTC)
Received: from smtp.freedom.nl (smtp.freedom.nl [116.202.65.211]) by soverin.net
Received: from localhost (bench.sobornost.net [local]) by bench.sobornost.net (OpenSMTPD) with ESMTPA id 2f5f9311; Tue, 5 Jan 2021 11:52:25 +0000 (UTC)
Date: Tue, 5 Jan 2021 11:52:25 +0000
From: Job Snijders <job@sobornost.net>
To: Tim Bruijnzeels <tim@nlnetlabs.nl>
Cc: sidrops@ietf.org
Message-ID: <X/RS+Ww6qNGRf6Tu@bench.sobornost.net>
References: <X8oSBlR1pDhX83nH@bench.sobornost.net> <62CCDADA-E2B5-4354-82E5-995837633307@nlnetlabs.nl> <X8on7A4R63HYUnpz@bench.sobornost.net> <d518f9de-850c-ad10-49a5-1eee4c85fa6b@NLnetLabs.nl> <X8pJoTEUDwpE6iIi@bench.sobornost.net> <953B1447-1253-4EA2-A805-5DAB9CD394D6@nlnetlabs.nl> <X/KEY6w5upXoM6Pa@bench.sobornost.net> <CAGQUKcf7H-tEFZuWh+E3UJNxiKF=jAXPcwhRNmuamNKwdMTGmw@mail.gmail.com> <X/NvGe10G95fWbj2@bench.sobornost.net> <90FE66C4-864C-4CED-87A0-FB9B0744297D@nlnetlabs.nl>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <90FE66C4-864C-4CED-87A0-FB9B0744297D@nlnetlabs.nl>
X-Clacks-Overhead: GNU Terry Pratchett
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/9fB1B8zh1vW0VX01RgwxxR5fnQE>
Subject: Re: [Sidrops] www.rpkiviews.org - geographically diverse vantage points
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Jan 2021 11:52:34 -0000

Hi Tim,

On Tue, Jan 05, 2021 at 09:53:57AM +0100, Tim Bruijnzeels wrote:
> I think geographically diverse vantage points are indeed valuable.
> 
> However, a lot (most) publication points only have a single point of
> presence, so I suspect that a significant part of the variation in
> data seen is due to timing differences rather than geography / net
> topology.

Yes, timing also plays a big role in it all.

> Not a criticism.. just saying it would be good to keep this in mind
> when analysing differences.

Yeah, analysing differences is a tedious chore, there is an infinite
number of 'pathways' from signer to validator. Just looking at the 5 TAs
I observed the following:

    ARIN: 3 x A & 3 x AAAA DNS records for rpki.arin.net and also
          rrdp.arin.net, making for (at least) 12 points of presence.

    LACNIC: similar to ARIN

    RIPE: 1 x A + 1 x AAAA record for rpki.ripe.net, RRDP is distributed
          through a CDN with a 100+ points of presence.

    APNIC: one IPv4 address and separately one IPv6 address

    AFRINIC: similar to APNIC.

The above description of course is just the 'expected steady state',
Separately, there might be situations in which a publication point's IP
prefixes are hijacked in some way (be it via BGP or DNS trickery),
temporarily creating a 'multiple POP' situation.

In really complex cases one might even have to correlate routeviews with
rpkiviews, all the while keeping in mind that the two planes can
influence each other to some degree. Debugging the RPKI is hard work.

Kind regards,

Job