Re: [Sidrops] www.rpkiviews.org - geographically diverse vantage points

Tim Bruijnzeels <tim@nlnetlabs.nl> Tue, 05 January 2021 08:54 UTC

Return-Path: <tim@nlnetlabs.nl>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E422C3A0F74 for <sidrops@ietfa.amsl.com>; Tue, 5 Jan 2021 00:54:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nlnetlabs.nl
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u5VK5XKqECPt for <sidrops@ietfa.amsl.com>; Tue, 5 Jan 2021 00:54:01 -0800 (PST)
Received: from outbound.soverin.net (outbound.soverin.net [IPv6:2a01:4f8:fff0:2d:8::215]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A560C3A0F4A for <sidrops@ietf.org>; Tue, 5 Jan 2021 00:54:01 -0800 (PST)
Received: from smtp.soverin.net (unknown [10.10.3.24]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (No client certificate requested) by outbound.soverin.net (Postfix) with ESMTPS id 8243F6087E for <sidrops@ietf.org>; Tue, 5 Jan 2021 08:53:59 +0000 (UTC)
Received: from smtp.soverin.net (smtp.soverin.net [159.69.232.138]) by soverin.net
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nlnetlabs.nl; s=soverin; t=1609836839; bh=nHqq9R0kC9wzLkJ2AOHp4t4oSaqaWC7qkHto/deuJ6w=; h=Subject:From:In-Reply-To:Date:Cc:References:To:From; b=mUTmFzf8Qk5pkEvvOqY5EqYCVStkr15qb1/hos5ep5pbww4tW+PN8sbGL/nIJjkGS YyKwgPejsPbPN8PvMH+4LpoornU28WTDQEI/eCdwmUuFngn3ig9ShX33pH/6goqXO7 7I1qKocWLIKLQAy5zMVDlcN6QC0PhQSn/O1d4O53vyqQQvd2yoeXXNtvX05RtKtReE 1lza/V2OCMlpo9zq8s16PQ7F/r2lajZuRCwoApR8Gwywc3gY9pDa+Hqr7M2sjyOfVn fkOQlxyzFkwx64DWVDZiI1xNXIHHT0a9mcVuAovWOJKr89zXGUd3w95C9LDcm6HYr0 6woazYcF0Obkw==
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\))
From: Tim Bruijnzeels <tim@nlnetlabs.nl>
In-Reply-To: <X/NvGe10G95fWbj2@bench.sobornost.net>
Date: Tue, 5 Jan 2021 09:53:57 +0100
Cc: sidrops@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <90FE66C4-864C-4CED-87A0-FB9B0744297D@nlnetlabs.nl>
References: <20201203224213.gnb2nawujxm7a32q@benm-laptop> <20201204111651.4e865d7d@glaurung.nlnetlabs.nl> <X8oSBlR1pDhX83nH@bench.sobornost.net> <62CCDADA-E2B5-4354-82E5-995837633307@nlnetlabs.nl> <X8on7A4R63HYUnpz@bench.sobornost.net> <d518f9de-850c-ad10-49a5-1eee4c85fa6b@NLnetLabs.nl> <X8pJoTEUDwpE6iIi@bench.sobornost.net> <953B1447-1253-4EA2-A805-5DAB9CD394D6@nlnetlabs.nl> <X/KEY6w5upXoM6Pa@bench.sobornost.net> <CAGQUKcf7H-tEFZuWh+E3UJNxiKF=jAXPcwhRNmuamNKwdMTGmw@mail.gmail.com> <X/NvGe10G95fWbj2@bench.sobornost.net>
To: Job Snijders <job@sobornost.net>
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/u79XZCAvyM6BojAaOz2VhxVw5R4>
Subject: Re: [Sidrops] www.rpkiviews.org - geographically diverse vantage points
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Jan 2021 08:54:04 -0000

Hi Job, all,

> On 4 Jan 2021, at 20:40, Job Snijders <job@sobornost.net> wrote:
> 
> On Mon, Jan 04, 2021 at 12:10:54PM -0500, Tony Tauber wrote:
>>> At this URL http://rpkiviews.org/ i am trying to re-publish data I
>>> collected after having made some attempt with OpenBSD's 'rpki-client' to
>>> validate the RPKI data.
>>> 
>>> one view:
>>> 
>>>    http://www.rpkiviews.org/adrian.sobornost.net/rpkidata/2020/12/01/
>>> 
>>> and a bit later I added a second instance with a different view:
>>> 
>>> http://josephine.sobornost.net/josephine.sobornost.net/rpkidata/2021/01/01/
>> 
>> Nice work.
>> When you say "different view", what does that mean?
>> The structure of the data is different or the location in the internet
>> where the collection was performed from ("vantage point"?) was different?
> 
> You are spot on, its just the location that is different. It'll be
> important to keep an eye on 'the RPKI' from multiple angles in the
> default-free zone.
> 
> I imagine we have to include in the risk model how cache instances
> Relying Parties might see different objects coming out of publication
> servers depending on where they are connected to the Internet. 
> 
> Citing RFC 7115 Section 6:
> 
>    """
>    Like the DNS, the global RPKI presents only a loosely consistent
>    view, depending on timing, updating, fetching, etc.  Thus, one cache
>    or router may have different data about a particular prefix than
>    another cache or router.  There is no 'fix' for this, it is the
>    nature of distributed data with distributed caches.
>    """
> 
> As we can't 'fix' it, at least we can monitor and record it (just like
> the weather! :-).
> 
> Adrian.sobornost.net is generously hosted by NTT in their Dallas, TX,
> USA facility. Josephine.sobornost.net is generously hosted by XS4ALL in
> their Amsterdam, NL facility. I've updated the page to provide more
> detail.
> 
>> (The latter perhaps being interesting should reachability of any TALs or
>> Publication Points be different.)
> 
> yup!
> 
> *** REQUEST TO THE GROUP ***
> 
> If others are willing to set up similarly structured data collection
> efforts, I can help in two ways:
> 
>    1) add links towards such initiatives from the www.rpkiviews.org
>       page.
>    2) I myself can configure your data collection server through SSH,
>       all that is required is a POSIX compliant system with... LOTS of
>       disk space.
> 
> It would be incredible valuable to have public viewpoints located in the
> African, Asian, and South American segments of the Internet. 

I think geographically diverse vantage points are indeed valuable.

However, a lot (most) publication points only have a single point of presence, so I suspect that a significant part of the variation in data seen is due to timing differences rather than geography / net topology.

Not a criticism.. just saying it would be good to keep this in mind when analysing differences.

Tim




> 
> Kind regards,
> 
> Job
> 
> _______________________________________________
> Sidrops mailing list
> Sidrops@ietf.org
> https://www.ietf.org/mailman/listinfo/sidrops