Upload
haruko
View
68
Download
0
Embed Size (px)
DESCRIPTION
RIPE Database Operations Update. Shane Kerr RIPE NCC . Outline. Facts and Figures. 1.9 M objects, 42% inetnum, 47% person 28 q/s on average, spikes of 200 q/s 2.3 updates/min, 61% inetnum, 28% person Object counts, query loads, etc. available on-line: - PowerPoint PPT Presentation
Citation preview
1Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net
RIPE Database Operations Update
Shane KerrRIPE NCC
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 2
Outline
Statistics
Operations
Developments
Plans
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 3
Facts and Figures
• 1.9 M objects, 42% inetnum, 47% person• 28 q/s on average, spikes of 200 q/s• 2.3 updates/min, 61% inetnum, 28% person
Object counts, query loads, etc. available on-line:
http://www.ripe.net/db/dbconstat
http://www.ripe.net/db/mrtg/whois.html
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 4
Database ContentsHistorical
0
1000000
2000000
3000000
4000000
5000000
6000000
person/role
domain
inetnum
other
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 5
Database ContentsRecent “Big Movers”
24%
15%
13%
9%
6%6%
4%3%
3%
3%
3%2%
2%
2%
2%
1%
0%
10%
irt (+6)
rtr-set (+1)
inet6num (+305)
filter-set (+4)
key-cert (+157)
route-set (+32)
peering-set (+6)
as-set (+161)
inetnum (+43972)
mntner (+442)
route (+1309)
aut-num (+278)
domain (+6571)
person/role (+32905)
limerick (+4)
inet-rtr (+2)
as-block (-1)
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 6
Updates by Method
0
1000
2000
3000
4000
5000
6000
7000
8000
2003
-02-
01
2003
-02-
08
2003
-02-
15
2003
-02-
22
2003
-03-
01
2003
-03-
08
2003
-03-
15
2003
-03-
22
2003
-03-
29
2003
-04-
05
2003
-04-
12
2003
-04-
19
2003
-04-
26
Nu
mb
er
of
Up
da
tes
DIRECT
SYNC
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 7
Synchronous Update Usage
0
5
10
15
20
25
30
35
40
45
50
20
03
-02
-01
20
03
-02
-08
20
03
-02
-15
20
03
-02
-22
20
03
-03
-01
20
03
-03
-08
20
03
-03
-15
20
03
-03
-22
20
03
-03
-29
20
03
-04
-05
20
03
-04
-12
20
03
-04
-19
20
03
-04
-26
Pe
rce
nta
ge
of
Up
da
tes
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 8
How Many Queries are There?
0
500000
1000000
1500000
2000000
2500000
3000000
3500000
4000000
4500000
0
10
20
30
40
50
60
Number of Queries Queries/Second
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 9
What are the Queries For?
Query Types 2003-02-01 to 2003-04-30
59%
4%
18%
19%
IP
Domain
Domain Referral
Other
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 10
What are Queries Returning?
0
1000000
2000000
3000000
4000000
5000000
6000000
7000000
8000000
9000000
10000000
Private Objects
Public Objects
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 11
Where are the Queries From?
Unique IP's for Whois Queries/Day
0
10000
20000
30000
40000
50000
60000
70000
80000
2003
-02-
0120
03-0
2-08
2003
-02-
1520
03-0
2-22
2003
-03-
0120
03-0
3-08
2003
-03-
1520
03-0
3-22
2003
-03-
2920
03-0
4-05
2003
-04-
1220
03-0
4-19
2003
-04-
26
Real + Proxy IP
Real IP
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 12
Outline
Statistics ✓
Operations
Developments
Plans
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 13
Database Operations
• Smooth sailing– average response time is well below 1 second– load approximately 70% higher than last year
• New ARIN mirroring scheme next week– Use difference to generate NRTM, rather than full load– No down-time, includes allocations and assignments
• Tertiary (i.e. off-site) server in planning phases– Withstand catastrophic, city-wide failures– Manual failover by updating DNS for whois.ripe.net– Part of larger project to increase critical service reliability
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 14
How Responsive is the Server?Q
uery
tim
e in
sec
onds
(log
arith
mic
)
InnoDB table type goes on-line
Desktop Upgrade
Unoptimised MySQL
RIPE NCC DDoS
Dom
ain mining (heavy referrals)
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 15
Unreferenced Person Cleanup
• Protect privacy of users– Person objects remain undeleted when contacts change
• Person objects unreferenced for 90 will be deleted– A modify of the object “resets” the counter
• E-mail sent after 60 days – Limit to 2000/day to avoid overwhelming users & server
• Deletions begin 29 May 2003
http://www.ripe.net/db/unref-cleanup-200304.html
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 16
IPv6 query proxy status
• Operational issues resolved– Solaris patches and move to Sun box– DNS update hid AAAA record for 10 days– Moving to standard monitoring and failover
• Source code public release made• 90% of queries come from only 7 IP addresses• Still see more 6bone than RIR addresses
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 17
RIPE Database Administration
Can Bican
Engin Gündüz
Tiago Antao
Katie Petrusha
Denis Walker
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 18
Recent RIPE DBM Activity
• Tickets, tickets, tickets– About 90/day
• Spam becoming a larger problem– Planning move to SpamAssassin– Will reply if filtered – no e-mails dropped!
• Hostmaster taking over 20% of RIPE DBM– Closer co-ordination between groups
• [email protected] is an open, general help mailbox
Please e-mail Questions or Problems!
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 19
ERX Update
• 4 /8’s transferred– 141.0.0.0/8 and 151.0.0.0/8, RIPE NCC-majority– 150.0.0.0/8 and 163.0.0.0/8, APNIC-majority– Multiple transfers, with overlapping start/end dates
• One more trial to finalise processing• “Long burn” scheduled to start afterwards
– No large issues– Complete ordering, tentative scheduling TBD
• Moving to regular RIPE DBM and HM activity
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 20
Outline
Statistics ✓
Operations ✓
Developments
Plans
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 21
New Update Processing
• Improved acknowledgement messages• Software maintenance eased• Presentations at RIPE 45:
– Developer POV at Tools Working Group – User POV at Database Working Group
http://www.ripe.net/db/dbupdate/
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 22
RPSLng
• IPv6 and multicast RPSL objects• Prototype server on-line
– Based on last RPSLng draft– Throw-away copy of RIPE Database– Latest draft to be integrated Real Soon Now
• IRRToolSet changes– More complicated than server changes– Coming soon!
http://www.ripe.net/ripencc/pub-services/db/rpslng/
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 23
Semantic Changes
• Lots of mostly minor changes proposed:– default to protected inetnum/inet6num/domain– notification for more-specific– removal of cross notifications– "reclaim:"-like functionality– "mnt-lower:" on set objects
• Little discussion• Will be on-line soon
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 24
Outline
Statistics ✓
Operations ✓
Developments ✓
Plans
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 25
Future Plans
• RPSLng IRRToolSet support
• Update processing semantic changes
• “status:” attribute changes?
• Deprecating NONE?
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 26
PKI
• Draft RIPE document, Improved Secure Communication System for RIPE NCC Members
• LIR-Portal ready, time for Database integration• New features needed:
– X.509 authentication– Proxy authentication
• Proposals coming to mailing list
Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net 27
Outline
Statistics ✓
Operations ✓
Developments ✓
Plans ✓
28Shane Kerr . RIPE 45, May 2003, Barcelona . http://www.ripe.net