[sdnog] Can not get the real ASNs using traceroute -a

Frank Habicht geier at geier.ne.tz
Thu Sep 24 17:43:28 SAST 2020 

Hi Sara,

On 24/09/2020 17:06, Sara Alamin wrote:
>> whois -h whois.afrinic.net 197.254.224.0/19 --list-versions
> I am just a little bit confused now about what are the differences between RADB and AFRINIC whois database.
> because when I do a query like this:

Only Canar can create a route object in AfriNIC for 197.254.224.0/19
That's good, if you find route objects in AfriNIC, there was some
authorisation for creating them.

Anyone (who pays some-hundreds $$) can create route objects in RADB.
RADB doesn't care/check if they are the owners.
Patrick has shown that the entry in RADB with the correct Canar AS was
actually created by EMIX (Etisalat). They do that very often for any of
their customers, too aggressively....

RADB is not an RIR, do not have their own knowledge which IP blocks are
assigned/allocated to whom and whether a request to them comes from a
source "authorised" for those IPs... they only know that it came from a
paying customer ;-)



>  so aren't these databases syncing from each other?
RADB is syncing *into* their DB from other IRRs. AfriNIC, RIPE, surely
several others.

In [1] below you see one of my $dayjob's prefixes.
We once talked to EMIX, and they promptly created this entry in RADB.
probably the same was the case with Canar.
But since I have the same route object in AfriNIC, and AfriNIC means
it's really from the authenticated resource holder - so this is a
stronger statement.
I should actually get EMIX to remove that RADB entry.
And *after* they create the AfriNIC route object, I think Canar should
do the same.
And since it used to be in RIPE DB, you see RIPE-NONAUTH as well.

The 2 objects from RIPE and AfriNIC were automaticall imported by RADB,
and you can recognise them using the "SOURCE:" attribute.

> and as Nishal's said this is always CANAR prefix , so how come RADB accept different origins for the same prefix.

... they just do...
and that means there is more garbage in there.

...

> Thank you!
> --Sara--
> 

Thank you too for getting this going.


Frank

[1]
[frank at fisi ~]$ whois -h whois.radb.net 41.188.128.0/18
[Querying whois.radb.net]
[whois.radb.net]
route:      41.188.128.0/18
descr:      Wanachi via EMIX
origin:     AS37084
notify:     noc at emix.net.ae
mnt-by:     MAINT-AS8966
changed:    noc at emix.net.ae 20170628
source:     RADB

route:          41.188.128.0/18
descr:          SimbaNET-3
origin:         AS37084
notify:         ***@simbanet.co.tz
mnt-by:         SN-MNT
changed:        ***@simbanet.co.tz 20150522
source:         AFRINIC

route:          41.188.128.0/18
descr:          SimbaNET Tanzania
origin:         AS37084
mnt-by:         SimbaTz-mnt
mnt-lower:      SimbaTz-mnt
mnt-routes:     SimbaTz-mnt
notify:         webmaster at simbanet.net
created:        2009-02-06T20:53:11Z
last-modified:  2018-09-04T16:00:42Z
source:         RIPE-NONAUTH
remarks:        ****************************
remarks:        * THIS OBJECT IS MODIFIED
remarks:        * Please note that all data that is generally regarded
as personal
remarks:        * data has been removed from this object.
remarks:        * To view the original object, please query the RIPE
Database at:
remarks:        * http://www.ripe.net/whois
remarks:        ****************************
[frank at fisi ~]$

More information about the sdnog mailing list