Dear Ed, On Thu, Jul 17, 2025 at 06:07:07PM +0200, Edward Shryane wrote: > The RIPE-NONAUTH database has only reduced in size by about 10% since > it was created in 2018. The existing cleanup jobs and maintainers are > not deleting much data.
Perhaps nitpicking - but I thought back in October 2018 [1] RIPE-NONAUTH contained ~ 69,178 'route:' objects, and nowadays 45,601, a 34% hefty decrease! Sadly, shaving off only 34% is less than I was hoping for back in 2018... Would it be feasible for you to produce a more statistics and insights on what exactly is contained in RIPE-NONAUTH? * which of the other four RIRs is supposed to manage what % of route/route6 objects? * how many distinct entities does the space belong to? (perhaps hard to answer, perhaps be found via RDAP?) * How many route/route6 objects have an exact, more-specific, or less-specific match in one of the four other RIR-managed IRR databases? It seems that roughly 15,619 'route:' objects are RPKI-OV VALID. Would it make sense to extend RIPE-731 to also cleanup RPKI-OV VALID objects (because the routing intentions for those resources are also asserted in a cryptographicly validated database... ? But then what to do with the remaining 28,998 'route:' objects? Kind regards, Job [1]: https://mailman.ripe.net/archives/list/[email protected]/message/OVLYCURRI6XICCOBQ3ESO7NREN2IWX26/ > > Ruediger Volk pointed out that ARIN had only very recently introduced their > NONAUTH database, so it was a very short-term temporary source, and that does > not predict anything about the longstanding data that has been split out into > RIPE-NONAUTH. He suggested that the RIPE NCC analyse whether something that’s > supposed to go away is still being used, or else there is a pretty big danger > that someone is actually depending on it. > > I now present some analysis of the RIPE-NONAUTH database for review. Perhaps > we should not retire the RIPE-NONAUTH database completely as we don't know > how it is being used, but we could take action to further reduce its size. > Your feedback is appreciated. > > > Should RIPE-NONAUTH Objects Be Returned By Default? > --------------------------------------------------- > > The RIPE-NONAUTH database is included by default in Whois queries. > > This means that any matching object in the RIPE-NONAUTH database is > automatically returned in the Whois query response. That includes as-set, > aut-num, route and route6 object types. For example, when querying for > "AS2561", the matching aut-num object in the RIPE-NONAUTH database is > returned. > > Additionally, *related* matching objects in the RIPE-NONAUTH database will > also be returned by default. For example, when querying for the IPv4 prefix > "200.30.0.0/18", the related route object "200.30.0.0/18AS5511" in the > RIPE-NONAUTH database is returned. > > We found that RIPE-NONAUTH objects are returned only in a small number of > cases (about 0.006% of all queries), but there is a risk that clients will > inadvertently trust non-authoritative data if the "source:" attribute is not > checked. As a workaround, clients can use the "-s RIPE" flag to only query > the RIPE database. > > Should objects in the RIPE-NONAUTH database continue to be returned by > default? > > > Near Realtime Mirroring (NRTM) > ------------------------------ > > Approximately 20% of NRTM requests query for updates to the NONAUTH database. > > Should we continue to support mirroring the NONAUTH database, considering the > non-authoritative nature of the data and low rate of updates? > > > Should RIPE-NONAUTH objects with an exact match in another RIR database be > deleted? > ----------------------------------------------------------------------------------- > > Approximately 31,930 out of 45,754 route(6) objects in the RIPE-NONAUTH > database have a matching route(6) object (i.e. matching origin ASN and > exactly matching or less-specific prefix) in another RIR’s IRR database. > > Approximately 13 out of 67 as-set objects in the RIPE-NONAUTH database have > an exactly matching as-set in another RIR’s database. > > Approximately 1,840 out of 2,073 aut-num objects in the RIPE-NONAUTH database > have an exactly matching aut-num object in another RIR’s database. > > Should we delete RIPE-NONAUTH objects which duplicate identically named > objects in an authoritative RIR’s database? > > > Should unrouted RIPE-NONAUTH route(6) objects be deleted? > --------------------------------------------------------- > > Approximately 33,912 out of 44,647 RIPE-NONAUTH route(6) objects appear in > the global routing table (as of 12th July). > > Should we remove any NONAUTH route(6) objects which are not announced? Do > they serve any useful purpose? > > > > Regards > Ed Shryane > RIPE NCC > > > ----- > To unsubscribe from this mailing list or change your subscription options, > please visit: https://mailman.ripe.net/mailman3/lists/db-wg.ripe.net/ > As we have migrated to Mailman 3, you will need to create an account with the > email matching your subscription before you can change your settings. > More details at: https://www.ripe.net/membership/mail/mailman-3-migration/ ----- To unsubscribe from this mailing list or change your subscription options, please visit: https://mailman.ripe.net/mailman3/lists/db-wg.ripe.net/ As we have migrated to Mailman 3, you will need to create an account with the email matching your subscription before you can change your settings. More details at: https://www.ripe.net/membership/mail/mailman-3-migration/
