RIPE NCC Activities, Expenditures, and Charging Scheme 2003 Joao Luis Silva Damas Daniel Karrenberg Mirjam Kuehne Axel Pawlik Paul Rendek Jocehm de Ruig Document ID: ripe-255 Date: 17 September 2002 Updates: ripe-226 Table of Contents Process Executive Summary Growth Plan and Budget Membership Services Registration Activities Test Traffic Measurements Co-ordination Activities New Activities Administration Activities Charging Scheme Challenges Appendices M - Membership Services M1 Regional Internet Registry M2 Initial Support for New LIRs M3 Liaison and Co-ordination M4 Test Traffic Measurements M5 Membership - RIPE NCC Interaction Facilities C - Co-ordination Activities C1 RIPE Database Maintenance and Development C2 Information Services, Communication, and Education C3 DNS Co-ordination C4 RIPE Meetings N - New Activities N1 Deployment of Internet Security Infrastructure (DISI) N2 Routing Information Service N3 Name Server Daemon (nsd) N4 Unforeseen Activities Process This document contains the planned activities for the RIPE NCC and the associated expenditures as well as the charging scheme to ensure the necessary revenues for the year 2003. The RIPE NCC has drafted this document based on input from the RIPE community and users of RIPE NCC services. The Executive Board of the RIPE NCC presents it to the RIPE NCC members. The members approve the final version at the annual General Meeting. No changes are made to the document after its approval. The text in this document does not affect or change any policies or procedures defined in any other published RIPE documents. Executive Summary The total budget for the planned activities in 2003 is kEUR 10,004. A conservative growth of 5% in new members is projected translating to 1 new member per 2 calendar days. However, this will result in a zero net growth rate in membership due to the number of expected closures in 2003. The budget will be contained to an increase of 4% in total expenditures. This is significantly lower than the budget increases experienced in 2001 and 2002 that were 28% and 21% respectively. Membership fees have increased by approximately 50% per billing category to maintain the stability and continuity of the organisation, quality of service and to replenish part of the reserves utilised in 2002. Fees for Local Internet Registries (LIRs) will be increased by approximately 50% on average to EUR 2,750, EUR 3,750 and EUR 5,250 for Small, Medium and Large LIRs respectively. The new LIR fee will be increased by 20% to EUR 2,500. Total revenues of kEUR 10,937 will cover all expected expenses and are expected to lead to a kEUR 933 surplus. An operating plan must to able to adapt to changing circumstances. Any amendments to the RIPE NCC Activities, Expenditures, and Charging Scheme 2003 will be made within the formal structure of the RIPE NCC Association and therefore require the approval of the RIPE NCC Executive Board. No fee adjustment will be made in the course of the year. Growth Plan and Budget Following the analysis of the growth over 2002, a zero growth rate is expected in 2003. We anticipate the number of new members will equal the number of members that discontinue their membership. The number of new members is estimated at approximately 0.5 member per calendar day. This is a decrease of 1.0 member per calendar day in relation to the budget 2002. The projections for the remainder of 2002 and the year 2003 are as follows: Actual Projections 1999 2000 2001 2002 2003 Small 1,257 1,978 2,536 2,677 2,470 Medium 346 459 441 433 650 Large 93 130 145 140 130 1,696 2,567 3,122 3,250 3,250 The projected total income for the year 2003 (in kEUR) is derived as follows: No. Fee Amount in kEUR New LIRs - Start-up fee 183 2,500 457 - Membership fee, small 183 2,750 252 Existing LIRs - Small 2,287 2,750 6,289 - Medium 650 3,750 2,438 - Large 130 5,250 682 - Billing charges 20 Total LIR fees 10,138 Other Income - RIPE Meetings 306 - ENUM 112 - TTM 188 - Interest 193 Total Income 10,937 The budgeted costs for the various activities for 2003 (with budget 2002 for comparative purposes) are shown below in kEUR. Budget 2002 Budget 2003 Change vs 2002 Registration 4,367 46% 4,422 44% 55 1% Co-ordination 2,419 25% 2,961 30% 542 22% Test Traffic Measurements 868 9% 526 5% - 342 -39% New Activities 976 10% 853 9% - 123 -13% Administration 963 10% 1,242 12% 279 29% 9,593 10,004 411 4% The increase in the budgeted costs for 2003 is 4% including a special reserve of EUR 50,000 or 0.5% of total expenses for various contingencies. Revenues and costs will provide a surplus of approximately 933 kEUR, which is just below 9.5% of the total budgeted cost of the activities. Membership Services Registration Activities Registration activities represent operations relating to the RIPE NCC's role in the distribution of Internet resources to the RIPE NCC service region. These operations are primarily focused on the handling of requests for the assignment and allocation of IP address space and AS numbers. They also include the responsibility for delegating the reverse domain name space associated with this address space and the services required to set up a new LIR. To facilitate the above process, the RIPE NCC is active in the preparation of documentation relating to Internet registration policies and procedures. They provide training and education to LIRs and advise on the development of projects relating to these services. Services provided in this area are available only to members that contribute to the funding of the RIPE NCC. In 2003, the RIPE NCC will continue to work on improving efficiency and implementing new procedures around our core services. The number of tickets received by the RIPE NCC is expected to continue to increase from 30,000 in 2002 to 35,000 in 2003. Current Hostmaster staffing levels are sufficient to adapt to fluctuations in the workload. New procedures and software tools will reduce the amount of manual processing and allow greater focus on providing advice and training. The RIPE NCC plans to investigate procedures for possible reclaiming of unused Internet resources in the future. The RIPE NCC recognises that the LIRs are exercising responsible stewardship of the Internet resources they manage. The RIPE NCC will focus on introducing procedures that enable LIRs to self-manage those resources more effectively and efficiently. The RIPE NCC maintains its commitment to oversee the fair and efficient distribution of these resources. The RIPE NCC LIR Training Courses have received considerable support from the RIPE community as they provide a fast and effective mechanism to update and educate the registered contacts on changes in procedures. This will be especially important over the coming year as new procedures and software tools become available. The RIPE NCC will increase the number of LIR trainings given and will aim to reach a broader spectrum of the community. Additionally, advanced courses will be given on specific aspects of the RIPE NCC services to help broaden the depth of knowledge in key areas. Following the implementation of an IPv6 policy common to all RIRs, in July 2002 we expect to see a gradual increase of demand for IPv6 address space over 2003. The RIPE NCC continues to gain experience with IPv6 and is becoming increasingly skilled in handling requests of this type. The RIPE NCC will continue its close co-ordination work with the other RIRs regarding this policy. The RIPE NCC will invest further efforts in gaining operational experience with IPv6 and will monitor and advise the RIPE community on its deployment. Test Traffic Measurements (TTM) TTM measures key parameters of the connectivity between a site and other points on the Internet (i.e. routing vectors, one-way delay and packet-loss, IPDV, Bandwidth, with additional measurements being developed). Since July 2001, sites participating in the TTM are charged a prorated annual service fee of EUR 3,000 for the first test-box and EUR 1,500 each for the second and additional test-boxes. They also pay for the costs of the hardware installed at their site. Contrary to what was expected, the TTM service does not yet generate enough revenue to break even. Therefore during 2003 the RIPE NCC will restructure the service such that it will be self-sufficient by the end of the year. The new service model will be developed in consultation with users of the service and the RIPE TTM Working Group during the coming months. The new service model will be presented at the RIPE 45 Meeting. The resources budgeted for 2003 provide the means to: 1. Run a network of test-boxes. The RIPE NCC will continue to operate a network of test-boxes as well as a service where the host sites can retrieve the data produced by their text-boxes. 2. Expanding the measurement network. The RIPE NCC will continue to promote the TTM service and install test-boxes at interested sites. The promotion of the TTM service that was started at RIPE 38 will be continued and expanded. More focus will be put on communication with current and future test-box hosts to better understand their requirements for performance measurements and their needs for products based on the data. There has been considerable interest from groups outside the traditional RIPE NCC membership in the TTM service. The RIPE NCC has been working with those groups to adapt TTM to their specific needs and will continue to do so. Also, several sites have expressed interest in other versions of the test-box hardware. Development of these versions is in progress. Finally, the RIPE NCC will investigate the possibility of installing test-boxes at topologically interesting sites on the Internet such as exchange points and popular web sites. 3. Run standard analysis. A standard analysis package will be run on the data every day. This package will continue to be expanded based on user feedback. Also, on the latest model test-boxes, a web-based user interface has been installed. This user interface allows the user to access a real-time, though preliminary, analysis of the data collected with the test-box. This will be expanded in 2003. At RIPE 33, a method was proposed to detect unusual network conditions and warn operators about them. The RIPE NCC will continue to offer this service and, together with network operators, interface these warnings with existing network monitoring tools. 4. Development work on the project. Development work on the project will continue in several different areas: a. Metrics for throughput measurements are currently being studied within the framework of the IETF IPPM Working Group. A first version has been implemented on the test-boxes. This will be developed further. b. The IETF has developed metrics to describe packet reordering. These metrics will be implemented and added to the regular measurement program. c. The RIPE NCC has been collaborating with several groups to model the delay measurements. These studies will continue, and suitable results will be turned into products offered to the test-box hosts. d. Other new metrics will be studied and, if feasible, implemented on the test-boxes. e. Development of interfaces to other applications such as Traffic Engineering tools. f. Development of an IPv6 version of the test-boxes. g. Implementation of other requests from current and future test-box hosts. h. Any developments in the Internet, related to the Test Traffic Measurements, will be energetically followed and responded to. 5. User training. The RIPE NCC will investigate how end-to-end performance data can be used in day-to-day ISP operations and provide this information to its membership either as courses or white papers. Additional information on Test Traffic Measurements can be found at: http://www.ripe.net/test-traffic Co-ordination Activities The common purpose of the diverse co-ordination activities of the RIPE NCC is to support the coherent operation of the Internet in the RIPE region. The primary activity is the provision of access to the RIPE Database, providing information about address space, routing policies and reverse DNS information together with the appropriate contact points. Development and publication of RIPE Database software, provision of information services for Internet Service Providers (ISPs) and the public via the Internet fall under co-ordination activities. Operational co-ordination also comes under this category as does the production and publication of software tools for such efforts. Other important co-ordination activities include the maintenance of the root name server that the RIPE NCC operates. In addition to these services, during 2002 the RIPE NCC entered an outsourcing agreement with the Internet Architecture Board (IAB) to provide technical services related to the operation of the e164.arpa DNS zone. This activity will continue in 2003. To be effective the services performed in this area, must be constantly accessible to the Internet community. Whenever special support is needed, RIPE NCC members receive priority over other users. Another key co-ordination activity is the organisation of the three RIPE Meetings every year. The meeting fees charged cover part of the expenses of the RIPE Meetings. The RIPE NCC subsidises the deficit to cover all other expenses and provides logistical support, registration, documentation, minute-taking, the maintenance of the RIPE website, among other key co-ordination efforts. Awareness and representation of the RIPE NCC continue to be an important focus for 2003. The Activity Plan for 2003 foresees more concentration on new technologies and industries that could have an impact on IP address usage rate and the Internet Registry System. External representation of the RIPE NCC and the RIPE community to third party organisations (i.e. new industries, governments, the European Parliament, ICANN, etc.) is also a notable co-ordination activity. The RIPE NCC will provide continued support to activities related to the Routing Registry (RR). These include the extension of activities related to the Routing Registry Consistency Check (RRCC) project and the responsibility for the support and development of the RAToolset. Effort will also go into increasing synergy between the Routing Registry system and live sources of Internet routing data. In 2003 the RIPE NCC will continue to increase support for IPv6 and multicast applications in the RR. Additionally, security aspects of interaction with the RIPE Database will be an important item. Efforts will also be continued to provide proper data maintenance, data management and data analysis tools, including regular updates on the status of the data in the database as well as general help with good data maintenance practices. Database and related software will be actively maintained and developed to ensure that new features are available to meet user needs. During 2003, the RIPE NCC will apply additional efforts to increase flexibility and security in its interaction with the membership. The aim is to provide a more user-friendly and secure means of interaction for LIRs in their applications for Internet resources and the management of information residing at the RIPE NCC servers (e.g. the RIPE Database). The year 2003 will also see the availability of RIPE NCC network services using IPv6 transport. New Activities New Activities are either entirely unforeseen or have started recently and are not yet at the stage where they can be developed as regular services. Due to its impartial and neutral position, the RIPE NCC plays an important role in facilitating new projects and services for its members and the RIPE community. The impetus for New Activities comes from various sources: the RIPE NCC itself, individuals and/or organisations within the RIPE community, and the appropriate RIPE Working Groups. If the activities require long-term support, they may become a regular RIPE NCC activity subsequently funded by all members. If the activities are short term and substantial, or continued support by all members is not appropriate, they may be continued as special projects for which funding is sought separately among interested parties. These activities fall under the guidance of the various RIPE Working Groups with active participation of the RIPE NCC membership and the Internet community. There are three new projects already underway that will be further developed in 2003: Deployment of Internet Security Infrastructure (DISI), Routing Information Service (RIS) and Name Server Daemon (nsd). Deployment of Internet Security Infrastructure (DISI) Security Deployment is a new activity started in late 2000. As the Internet is used for more and more critical applications, security becomes increasingly important. A lot of security technology has recently been developed and now needs to be deployed throughout the Internet infrastructure [RFC 2828]. Prominent examples are DNSsec [RFC 2535] and IPSec [RFC 2401]. The DISI project will support the RIPE community in deploying these technologies, specifically those technologies that need to be deployed in the Internet infrastructure itself, rather than at end sites only. This project initially focuses on DNSsec and will later be expanded to other relevant technologies in 2003. During 2002, the technology behind DNSsec reached a state where it could be meaningfully deployed. The RIPE NCC has started to deploy DNSsec on the in-addr.arpa tree. The first address blocks allocated to the RIPE NCC are planned to be secured early in 2003. This will then be turned into a production facility and it should be possible for the entire community to routinely sign zones by mid-2003. At RIPE 43, the draft procedures for signing a zone by an LIR were presented. These procedures are also explained in a one-day course that has been offered to the membership since then. These courses will be offered once-a-month in 2003 as a regular service for the membership. The DISI project will then start to focus on other security technologies. The RIPE NCC liaises with other parties interested in these technologies and is actively involved in the relevant IETF Working Groups. Routing Information Service (RIS) The Routing Information Service collects BGP routing information at several major exchange points in near real time and stores it in a database. An interface similar to a "looking glass" then provides both multiple views and information about specific times in the past. This is a new and unique tool for ISP operations. Operators no longer have to search for specific "looking glass" services covering their area of interest. In addition, they can query for data at the specific time of any problems. The RIS Database is also useful to the RIPE NCC itself as it provides information about how resources allocated by the RIPE NCC are actually used on the Internet over an extended period. During 2003, RIS will move from a new activity to a regular part of the routing co-ordination services available to the Internet community. Name Server Daemon (nsd) During 2002 the RIPE NCC, in co-operation with NLnet Labs, has developed "nsd", an authoritative-only DNS name server implementation. The main reason for this development is code diversity in high-level DNS name servers. nsd provides a high performance open-source DNS server to operators of authoritative name servers. The RIPE NCC has contributed to nsd in the area of producing requirements and specifications, general design as well as a reference implementation of the zone compiler and thorough testing of the server in various stages of development. For this purpose we created a laboratory for performance and regression tests called DISTEL. NLnet Labs also contributed to the general design and provided all the implementation work on the production version of the code. nsd 1.0.0-beta was released at the RIPE 42 Meeting. A DNSsec-capable version is expected before the end of 2002. In 2003 we expect some incidental work in keeping the specification up-to-date and in testing work as new revisions of nsd are released. In addition there is a growing demand for structural testing of various DNS implementations for performance and differences in their responses. There may be a need to collect feedback from nsd users in a structured manner. Unforeseen Activities As always, the RIPE NCC will be available to start new activities as required by the membership and the RIPE community. We will continue to actively pursue developments and spot new needs as the Internet develops. We will continue to actively participate in the appropriate forums such as the Internet Engineering Task Force (IETF) and the North American Network Operators' Group (NANOG). Administration Activities This area covers all general and administrative overheads (building rental and refurbishment, computer infrastructure, personnel, office supplies, etc.) that cannot be clearly attributed to a specific activity. Charging Scheme The charges for 2003 are fixed annual charges and are based on the size category of a LIR. A minimum size category will be determined based on address space allocations held by the LIR on 1 November 2002. The categories will be published and LIRs change in billing category size will be notified by e-mail. The proposed charges for 2003 are as follows (in EUR): Annual charge 1999 2000 2001 2002 2003 Small 2,650 2,400 2,100 1,800 2,750 Medium 3,700 3,350 2,950 2,500 3,750 Large 4,900 4,400 3,900 3,400 5,250 Sign-up fee 2,100 2,100 2,100 2,100 2,500 The proposed fees for 2003 are approximately 50% higher than those of 2002. The fees for 2003 are similar to the 1999 fees. They cover associated 4% growth in expenses and replenish reserves to ensure stable operations. The charging model algorithm can be found in the RIPE Document "RIPE NCC Charging Scheme 1997", section 4.1 at: ftp://ftp.ripe.net/ripe/docs/ripe-146.txt This algorithm has been successfully used over the past 5 years to determine the minimum size category for each LIR. For 2003, the size of the LIR will be determined based on the address space allocations held by the LIR on 1 November 2002. The projected distribution of Small/Medium/Large size members in percent for the year 2003, as compared to July 2002, is as follows: Category 2002 2003 Small 82.2% 76.0% Medium 13.3% 20.0% Large 4.5% 4.0% The expected changes of LIRs between the three size categories are shown in detail below: From To: Small Medium Large Small 2,468 207 2 Medium 2 425 6 Large 0 18 122 Challenges The provision of professional and stable services in the current and future economic situation will be a challenge for the RIPE NCC. This plan ensures the efficient delivery of essential services to the members and, at the same time, maintains the flexibility necessary to be able to react promptly to the continually changing environment. The RIPE NCC will work to increase public awareness of experiences gained with IPv6 and operational knowledge of IPv6 deployment. The RIPE NCC will continue to promote the long-standing, bottom-up, self-regulatory structures and remain flexible and open to new developments and industry players. The success of this activity plan lies in retaining the people who are employed to make it happen. The RIPE NCC will continue to offer an attractive and challenging work environment. APPENDICES M - Membership Services Activities included in membership services relate directly to services provided to the RIPE NCC membership. Services performed in this area are only accessible to established members of the RIPE NCC. M1 Regional Internet Registry In its role as a Regional Internet Registry, the RIPE NCC provides allocation and registration services to LIRs in its service region that covers Europe, the Middle East, Central Asia, and African countries north of the equator. The overall goal of this activity is to provide fair, impartial and stable distribution of Internet numbers (IPv4, IPv6 and AS) in its service region. The specific goals for the distribution of address space are uniqueness of addresses, conservation of IPv4 address space, procedure and policy definition for IPv6 address space, aggregation of routing information, and registration of network management information. While the current growth in the number of new LIRs is slowing, the workload on Registration Services continues to increase. However the introduction of New secure website services and the development of new procedures should mean that staffing levels now match their commitments to the community. To minimise clerical work for RIPE NCC Hostmasters and provide fast feedback to LIRs, a big effort is being made to automate the process of making and processing requests. Supplementary attempts are made to develop and improve the request forms. Training courses for members are an additional activity. Seeing the positive impact of these courses in educating the new and existing members, the number of training courses provided by Registration Services will be increased. In addition, advanced trainings will be made available to LIRs to enable a deeper understanding of more specific processes with the Registration Services department. Resources to cope with this extra workload will be made available. In 2003, both workflow and quality management will have to keep step with any expected growth and ensure that peaks in the load do not create unacceptable delays or a reduction in quality. The impartiality and neutrality of the RIPE NCC has to be maintained at all times. Common to all of registration activities is liaison with the RIPE Local IR Working Group (LIR-WG) and with the other RIRs about the general application of procedures and policies. M1.1 Distribution of IPv4 Address Space Description: The RIPE NCC allocates IPv4 address space to RIPE NCC members for further address assignments to their own and End Users networks. Special attention is given to these allocation requests. Tools to support the allocation process and ensure the best aggregation possible will be enhanced. IPv4 address space assignments above a threshold size require approval from the RIPE NCC. The RIPE NCC evaluates these assignment requests. Members can ask a second opinion about assignments even when it is not required. In addition the RIPE NCC gives recommendations and guidelines for future requests. Regarding address allocations and assignments, the RIPE NCC provides special support for new members and beneficial guidance to established members. Goal: The process of allocating and assigning address space helps to ensure a fair distribution of IPv4 addresses. It also supports the efficient use of address space to conserve the remaining IPv4 address space and to aggregate routing information. Approval of IPv4 address space assignments ensures homogeneous application of policies and assignment criteria by all RIPE NCC members (LIRs) and helps them become familiar with request evaluation. Assistance to new and established LIRs helps to process successfully their address space requests and to provide a good understanding of policies and procedures for further requests. This support also promotes a good working relationship between RIPE NCC and its members, and ensures that the members are able to provide the same support to their customers. RIPE Working Group Advising: RIPE LIR-WG M1.2 Distribution of IPv6 Address Space Description: The RIPE NCC allocates IPv6 address space to its members. This includes evaluating and auditing of assignments made from IPv6 allocations. Tools to support the allocation process and to ensure the best aggregation possible will be enhanced. Goal: This activity helps to ensure a fair distribution of IPv6 address space and encourages the use of IPv6. It also supports the aggregation of IPv6 routing information. RIPE Working Group Advising: RIPE LIR-WG, RIPE IPv6-WG M1.3 Autonomous System Number (ASN) Assignments Description: The RIPE NCC assigns AS numbers according to global and local policies. It registers these numbers and the initial associated routing policy. The request form, supporting documentation and training materials will be updated. Goal: This activity ensures uniqueness of AS numbers and helps collect data for the Routing Registry. It also helps to prevent unnecessary increases in the number of autonomous systems that are visible in global Internet routing. RIPE Working Group Advising: RIPE LIR-WG, RIPE Routing-WG, RIPE Database-WG M1.4 Reverse Delegation Description: The RIPE NCC delegates reverse DNS zones for the address ranges allocated or assigned via the RIPE NCC. To support this service, the RIPE NCC will provide a reliable secondary name server and work to avoid pollution of the DNS in the zones delegated to the RIPE NCC. Therefore, the RIPE NCC will check all zones under its responsibility as to proper set-up and functioning. Proactive checking of already delegated zones is an important goal. Goal: This activity supports the proper address-to-name mapping for addresses allocated to the RIPE NCC. RIPE Working Group Advising: RIPE LIR-WG, RIPE DNS-WG M1.5 Consistency and Auditing Description: The RIPE NCC actively checks the quality and validity of Internet resource registry data, including the production of statistics on address space usage. To ensure fair address space distribution, the RIPE NCC regularly checks that assignments are applied uniformly. This activity is separated from the other registration activities as it is defined and carried out independently from the day-to-day processing of requests. Consistency checking and auditing are performed within other activities. Observations are reported back to the RIPE Local IR Working Group for further investigations and improvement of the procedures. Goal: This activity promotes a consistent and fair application of assignment criteria relating to the conservation of address space and aggregation of routing information. This activity assists in identifying parts of the procedure that cause problems. RIPE Working Group Advising: RIPE LIR-WG M2 Initial Support for New LIRs The initial support for newly established LIRs is provided in addition to the other registration services. It is embedded as part of the process to establish a new LIR. During this phase, additional clarification and explanation is involved to familiarise the new and potential LIRs with all procedures necessary to operate an LIR. M2.1 LIR Set-up Description: The RIPE NCC provides information to potential LIRs and gives initial support and help to LIRs during their set-up phase. Information and support is also extended to potential LIRs. Goal: This activity supports new LIRs during their set-up phase to introduce tools, procedures and guidelines. It also gives potential LIRs enough information to make an informed choice as to whether or not they become an LIR. RIPE Working Group Advising: RIPE LIR-WG M2.2 Training Courses Description: The RIPE NCC will further develop and continue to deliver Training Courses for LIRs, both new and existing. LIR Training Course: The LIR Training Course material includes IP address assignment and allocation procedures and policies, delegation of reverse domains, and usage of the RIPE Database. Additionally, more specific courses will be deployed within this period to address security issues and new technological developments in the Internet. DNSsec Training Course: An introduction course to DNSsec has been developed in 2001/2002. This course shows how to secure a zone using DNSsec and explains the RIPE NCC specific procedures. It will be offered to the membership on a monthly basis during 2003, usually in the same location as the LIR Training Course. Goal: The goal of the LIR Training Course is to familiarise the new LIRs with procedures and policies and keep established LIRs up-to-date with new guidelines and developments. This facilitates smooth operations between the RIPE NCC and the LIRs. With the consistent application of policies the RIPE NCC can ensure fair distribution of address space among the community. The DNSsec Training Course introduces LIRs to the concepts and where these can be deployed in Internet operations. There are procedures to be followed in order to deploy DNSsec that are presented during the course. RIPE Working Group Advising: RIPE LIR-WG RIPE Techsec-WG M3 Liaison and Co-ordination Description: To carry out activities for its members the RIPE NCC acts as a liaison and co-ordinates with a variety of organisations and tracks the activities of others. Examples of such organisations are IANA, ICANN, IETF, RIPE, ARIN and APNIC. It is often difficult to attribute liaison and co-ordination resources to specific activities and it is therefore an activity in its own right. Costs for this activity are split evenly between the registration and co-ordination activity budget lines. Goal: To maintain the necessary relationship with other organisations related to the operations of the RIPE NCC. M4 Test Traffic Measurements Description: TTM measures key parameters of the connectivity between a site and other points on the Internet (i.e. routing vectors, one-way delay and packet-loss, IPDV, Bandwidth, with additional measurements being developed). By utilising dedicated measurement devices, or "test-boxes", TTM makes it possible to monitor proactively and continuously the connectivity of networks to other parts of the Internet. TTM metrics and methodologies comply with current standards in RFCs 2330 and 2678 through 2681, published by the IETF IP Performance Metrics Workgroup. Goal: The goal of the Test Traffic Measurements (TTM) is to conduct independent measurements of performance-related quantities of the Internet and, in particular, between the networks operated by the membership. Examples of such quantities are the delay, loss, or routing vector between two points. RIPE Working Group Advising: RIPE Test Traffic-WG M5 Membership - RIPE NCC Interaction Facilities Description: The goal of this activity is to develop and improve flexible and convenient ways for LIRs and users in general to interact with the RIPE NCC's systems. Particular attention will be dedicated to the security aspects of such interactions to ensure privacy and authentication wherever needed. Part of this project will include the investigation and, possibly, initial deployment of a Certification Authority at the RIPE NCC. Goal: This activity aims at allowing access to the LIRs to securely access and eventually update some of the information the RIPE NCC keeps in its internal services regarding the LIR. It also includes front ends for other RIPE NCC systems such as the RIPE Database. During 2003, this activity will concentrate on the deployment of a production service. C - Co-ordination Activities The activities performed in this area must be accessible to the users of the Internet and the general public to be effective. Their common purpose is to support the coherent operation of the Internet in the RIPE NCC service region. C1 RIPE Database Maintenance and Development Description: The RIPE Database is the core software on which the Regional IP Registry and the RIPE Routing Registry are based. Reliability and rich functionality of the RIPE Database are essential for the RIPE NCC, the LIRs in the RIPE NCC service region and the Internet. By maintaining public releases, the RIPE NCC hopes to encourage all LIRs to make use of the software and to acquire the newest improvements. This encourages data exchange and co-operation among LIRs. The RIPE NCC will ensure the reliability of the RIPE Database and extend its functionality as needed. This set of activities is designed to provide consistent support and provide a reliable service both in the short and long term, and to continue developments according to the needs of the RIPE community. RIPE Working Group Advising: RIPE Database-WG C1.1 User Support and Software Maintenance Description: The RIPE NCC manages a role mailbox for questions and comments and address user questions promptly. The RIPE NCC will also perform basic software maintenance activities including bug fixes and minor modifications. All the results of these software development efforts will be made publicly available. This activity includes the maintenance and improvement of the system's documentation. Goal: This activity is intended to provide a timely response to user enquiries. It also helps assure the smooth operation of the Internet Registry System. Related Activity: C1.4 RIPE Working Group Advising: RIPE Database-WG C1.2 Consistency Description: The RIPE NCC works to prevent inconsistencies and inaccuracies in the RIPE Database contents by improving syntax checks, modifying contact reference mechanisms and educating users. The RIPE NCC helps users perform data maintenance activities to improve the quality of data already in the RIPE Database. This includes reporting problems to contacts where possible and providing tools that enable users to correct and clean up their data. The RIPE NCC also produces regular "State of the Database Reports" to monitor the quality of data over time. Goal: The value of the RIPE Database for its users depends on the quality of the data. The goal of this activity is to monitor and improve the consistency and accuracy of the data maintained in the RIPE Database. Related Activity: C1.6 RIPE Working Group Advising: RIPE Database-WG C1.3 Database Availability and Exchange Description: The RIPE NCC provides access to the RIPE Database via Whois servers and by supporting other sites in mirroring the data. For example, support is given to other registries in setting up secondary database servers. The RIPE NCC actively pursues and co-ordinates data exchange both with other RIRs and other Routing Registries. Goal: This activity is intended to enable RIPE Database users to acquire the information they need quickly and to help those outside the RIPE region acquire information in the RIPE Database as easily as possible. This is essential for both the IP and the Routing Registries. RIPE Working Group Advising: RIPE Database-WG, RIPE Routing-WG C1.4 New Database Features Description: The RIPE NCC designs and implements new database features as requested by the user community or proposed by the RIPE NCC. It performs the development work based on the priorities established in the appropriate RIPE Working Groups. The RIPE NCC also reports at these working groups about the results of co-operation with other RIRs at a global level. Goal: The purpose of this activity is to provide new functionality to the RIPE Database as the user community expresses the need for it. Related Activities: C1.1 RIPE Working Group Advising: RIPE Database-WG C1.5 RPSLng Description: The RIPE NCC will contribute to ongoing efforts in the IETF that aim at extending the functionality of Routing Policy Specification Language (RPSL) in order to support IPv6 and multicast routing, as well as the necessary evolution of the standard in order to ensure inter-operability of new functionality with other Routing Registry systems. Goal: Expand RPSL where necessary and evolve the standard in an inter-operable way. Related Activities: C1.1, C1.4 RIPE Working Group Advising: RIPE Routing-WG, RIPE Database-WG C1.6 Routing Registry Tool Deployment and Training Description: The RIPE NCC works to create support tools such as RR tools and the RAToolset. These tools will be made available to members of the RIPE community. The RIPE NCC will deliver training courses to teach the RPSL language and the use of the RR tools in configuring routers and examining policies and routing in the Internet. Goal: The RIPE NCC will take on further development of the RAToolset after completion of its transition from the Information Sciences Institute of the University of Southern California. This toolkit allows router configurations to be generated and/or verified from the contents of the RR as well as sanity checking of the information registered at the RR. The goal of this activity is to enable members of the RIPE community to exploit RPSL and define the development of new RR tools. RIPE Working Group Advising: RIPE Routing-WG C1.7 Routing Registry Consistency Description: This activity seeks to improve data quality in the Routing Registry as a public source of intended routing information (as described by the maintainers of the data, the ISPs). It also aims to improve data accessibility and processing capabilities to enable users to extract the largest possible benefit from this information source. Goal: The objective of this activity is to provide a public, accurate and reliable source of information about public routing information in the RIPE NCC service region, comparing the intended routing policies as described in the RR to the information actually exchanged by routing protocols. A coupling to the RIPE NCC address assignment activities is also an objective. RIPE Working Group Advising: RIPE Routing-WG C1.8 Security Mechanisms of the RIPE Database Description: This activity has traditionally been part of general RIPE Database development. However, in today's world, a more dedicated focus on data access and maintenance is required. Goal: This activity seeks to deploy secure methods of accessing and maintaining data in the RIPE Database. It will interface with a more general increase in awareness of security matters in all interactions between the RIPE NCC and other parties. Related Activities: M5 RIPE Working Group Advising: RIPE Database-WG C2 Information Services, Communication and Education This set of activities ensures information flow between the RIPE NCC and the RIPE community as well as between these and other parties involved in the Internet. C2.1 Mailing List Management Description: The RIPE NCC maintains high quality mailing lists for exchanging information among members of the RIPE community. Efforts are made to prevent spam (unsolicited advertising) on the mailing lists, to improve the quality of the address lists in order to minimise bounces, and to support subscribers with problems. The processing of mailing list traffic is constantly monitored. Goal: The goal is to ensure the exchange of information among members of the RIPE community and to provide support for subscribers of RIPE mailing lists. C2.2 Maintenance of Information Services Description: The RIPE NCC maintains a WWW and ftp server at: http://www.ripe.net/ and ftp://ftp.ripe.net/ There is also an accompanying role mailbox to provide help and information to users. This includes: - Continuous modification and restructuring of the information on the WWW server providing the best structure for ease of use to visitors of the site. - Monitoring of the content of the servers to assure accuracy, consistency and a user-friendly environment. Goal: The purpose of this activity is to ensure that the information and services on the RIPE NCC servers are up-to-date and working well and that responses to user needs are provided in a timely manner. Related Activities: C2.3 RIPE Working Group Advising: All C2.3 Public Relations and Outreach Description: The RIPE NCC has established an extensive network in the Internet community and with existing and new players in the industry. This will continue and be intensified. In the past, all issues related to the RIPE NCC activities and IP address distribution were brought up in the RIPE community. Today there are other groups and forums that deal with Internet and IP issues. The RIPE NCC needs to make contact with those organisations and ensure that RIPE and the RIPE NCC are properly represented in all forums dealing with issues that affect Internet administration. The open structures and processes in which RIPE and the RIPE NCC operate need to be promoted and new players must be encouraged to participate actively. Focused effort must remain on new players, new technologies and governments showing an interest in Internet administration and governance. Goal: This activity aims to increase the awareness of RIPE and the RIPE NCC with existing and new players in the Internet community, and to ensure that the RIPE NCC continues to play an effective role in the further formalisation of Internet administration. C2.4 Reporting Description: The RIPE NCC reports about its activities to its membership, the RIPE community and the general public on the network and at RIPE Meetings. The RIPE NCC publishes an annual report, including financial statements, for distribution to its membership, suppliers, the mass media, and interested members of the public. Continuous efforts are made in developing the web site to provide up-to-date and informative documentation essential to the RIPE NCC membership and RIPE community. Goal: This activity provides the RIPE NCC membership and other interested parties with open, detailed information about the ongoing RIPE NCC activities and its position in the Internet community. Related Activities: C2.3, C4 C3 DNS Co-ordination The RIPE NCC does not provide domain name registration services. It does, however, provide DNS co-ordination and support activities as well as registration of reverse address mapping domain registrations, currently within the in-addr.arpa and ip6.arpa domains (while ensuring a transition as smooth as possible from the ip6.int domain). C3.1 European Root Name Servers Description: The RIPE NCC supports the operation of the root name servers located in the RIPE NCC service region. In particular, it operates the server currently located at the LINX in London (k.root-servers.net). In 2003, the RIPE NCC will invest resources in investigating and deploying ways to increase even further the responsiveness of the service (e.g. using "anycast" type routing). Goal: Those few DNS name servers serving the "." (root) zone are critical elements of the Internet infrastructure that should be operated in a neutral and professional way. The goal of this activity is to ensure that this happens. RIPE Working Group Advising: RIPE DNS-WG C3.2 Secondary DNS Service Description: The RIPE NCC provides secondary name service and limited support to those country TLD administrators that wish to use it. The RIPE NCC assists ICANN in the administration of those TLDs as described in RFC 1591. Goal: Internet users depend on DNS name servers serving the zones of two- letter ISO3166 country code top-level domains. Name service for these zones should be reliable. New countries should be supported to establish their country code TLDs. Reverse zones are served in a secondary capacity to assist in ensuring the reliability of reverse lookups. RIPE Working Group Advising: RIPE DNS-WG C3.3 DNS Hostcount Description: The RIPE NCC provides monthly statistics on the number of hosts connected to the Internet in the RIPE NCC service region. The statistics are gathered in collaboration with numerous organisations doing local counts per country. Goal: The goal of this activity is to collect and publish uniform time series data about the growth of the Internet in the RIPE NCC service region. This is a continuation of data collection on Internet growth started in October 1990. The information and statistics are used extensively by LIRs and organisations operating in the RIPE NCC service region and beyond. RIPE Working Group Advising: RIPE DNS-WG C3.4 ENUM DNS services Description: The RIPE NCC has an outsourcing agreement with the IAB under which it is responsible for providing DNS services in the e164.arpa domain. This domain implements support in the DNS for the ENUM protocol, allowing mapping of telephony services into the Internet. Goal: The goal of this activity is to support operations of one of the systems required for the deployment of the ENUM protocol, promoting increased integration between the Internet and services provided through traditional telephony infrastructure. C4 RIPE Meetings Description: The RIPE NCC organises RIPE Meetings, providing all administrative and technical support. These RIPE Meetings take place three times a year and are open to the public. Most costs regarding venue, equipment hire, etc., are recouped by charging an attendance fee, as well as through corporate sponsorship. The RIPE NCC subsidises any deficit. Goal: To provide support for an infrastructure whereby the RIPE Meetings can be held. Guidance and advice from the RIPE Working Groups and membership is invaluable to the RIPE NCC in supporting its effective role in further formalising Internet administration. RIPE also plays an influential role in defining the annual activity plan and these meetings are therefore essential to the stable operations of the RIPE NCC. N - New Activities This area represents those activities that are either unforeseen or cannot be fully specified at the time of writing. By nature, new activities are hard to specify in detail and priorities can change quickly. Activities may be dropped or added as necessary. The activity descriptions below are therefore more of a subjective statement of direction rather than a fixed plan of action. In particular, some of the ideas below have not yet been fully discussed in the relevant RIPE Working Groups. N1 Deployment of Internet Security Infrastructure (DISI) Description: The RIPE NCC will gather information and experience by deploying the technologies itself and fostering their deployment in the RIPE community through presentations, courses and workshops. ISPs and, specifically, RIPE NCC members play a key role in deploying these technologies. The RIPE NCC will initially focus on DNSsec and co-operate with other organisations working in this area, such as NLnet Labs, Nominum and others. The RIPE NCC also actively participates in the IETF Working Groups on this topic. In the course of 2003, the project will be expanded to other relevant technologies. Goal: The RIPE NCC will continue its efforts to have in-addr.arpa secured for all address blocks allocated to the RIPE NCC. The procedures for signing these zones have been presented at RIPE 43 and it is expected that the first zones can be signed early in 2003. This will then be turned into a production facility in 2003 and it should be possible for the entire community to routinely sign zones by mid-2003. The experience gained will be shared with the community in workshops and white papers. After that, this part of the project will be moved from "New Activities" to "Member Services". Developments in the Internet security area are energetically followed and the project will be expanded in the course of 2003, based on user feedback and industry developments. RIPE Working Group Advising: RIPE Techsec-WG N2 Routing Information Service (RIS) The goal of the RIS is to collect Border Gateway Protocol (BGP) routing information at several major exchange points in near real time and store it in a database. An interface similar to a "looking glass" then provides both multiple views and information about specific times in the past. This is very useful to ISP operations because operators do not have to search for specific "looking glasses" covering their area of interest. Additionally, they can query the specific time of a problem rather than having access to just the present state of routing information. The database is also useful for the RIPE NCC itself as it allows Hostmasters to determine how prefixes and autonomous systems have been used on the Internet over an extended period. To collect the information, nine so-called Remote Route Collectors (RRCs) have been installed worldwide. The RIPE NCC plans to evaluate the view of the Internet available to the RIS and, if necessary, install other RRCs to get a more comprehensive picture of BGP routing information. Peering sessions will continue to be established with interested ISPs. User access to the collected data will be improved by adding additional queries to the database. Also, a daily report with graphs showing the development of key parameters in BGP routing has been available and will be expanded. There is a lot of interest in the data from the research community. We will continue to serve them as well as feed back any interesting research results to the RIS users. Finally, the RIPE NCC will put more effort into communication with present and future users of the RIS to better understand their needs for new features based on the RIS data. Training materials showing how to use the RIS in day-to-day operations will be developed. RIPE Working Group Advising: RIPE Routing-WG N3 Name Server Daemon (nsd) Description: nsd is an authoritative-only, high performance, simple and open source name server developed by the RIPE NCC and NLnet Labs in 2002. No major development is foreseen in 2003 but this program will be actively supported. Goal: The goal of this activity is to maintain the program, keep the specification up-to-date and perform testing on revisions of the nsd as they are released. Based on growing demand, it is expected that structural testing of various DNS implementations will take place to assess performance and differences of the various DNS implementations. RIPE Working Group Advising: RIPE DNS-WG RIPE Techsec-WG N4 Unforeseen Activities Description: The RIPE NCC actively follows the developments in the Internet and reacts to any requirements for new activities from the RIPE community. In the past, the RIPE NCC has been requested to study and implement a number of new activities at short notice. Goal: The goal of this activity is to ensure that the RIPE NCC continues to react promptly to the developments and changing needs of the Internet environment. RIPE Working Group Advising: Depending on the activity