apnic member services
DESCRIPTION
APNIC Member Services. George Kuo. MyAPNIC. What is MyAPNIC. A secure Member services website Internet resources management, for example: Whois updates (reverse DNS, IRT, DNSSEC) IPv4 transfers and pre-approval Resource Certification (RPKI) Account and contact administration - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: APNIC Member Services](https://reader036.vdocument.in/reader036/viewer/2022062408/568139e7550346895da1a11c/html5/thumbnails/1.jpg)
APNIC Member ServicesGeorge Kuo
![Page 2: APNIC Member Services](https://reader036.vdocument.in/reader036/viewer/2022062408/568139e7550346895da1a11c/html5/thumbnails/2.jpg)
2
MyAPNIC
![Page 3: APNIC Member Services](https://reader036.vdocument.in/reader036/viewer/2022062408/568139e7550346895da1a11c/html5/thumbnails/3.jpg)
3
What is MyAPNIC
• A secure Member services website
• Internet resources management, for example:– Whois updates (reverse DNS, IRT, DNSSEC)– IPv4 transfers and pre-approval– Resource Certification (RPKI)
• Account and contact administration
• Ongoing updates as a result of policy implementations
• https://myapnic.net
![Page 4: APNIC Member Services](https://reader036.vdocument.in/reader036/viewer/2022062408/568139e7550346895da1a11c/html5/thumbnails/4.jpg)
4
Access to MyAPNIC
• For all current APNIC accounts– Username and password registration
• Instant access for all Corporate Contacts– Access approval required for non Corporate Contacts
![Page 5: APNIC Member Services](https://reader036.vdocument.in/reader036/viewer/2022062408/568139e7550346895da1a11c/html5/thumbnails/5.jpg)
5
IPv4 Transfers
![Page 6: APNIC Member Services](https://reader036.vdocument.in/reader036/viewer/2022062408/568139e7550346895da1a11c/html5/thumbnails/6.jpg)
6
IPv4 Transfer Policy
• Prop-69 implemented Nov 2011– Recipients to demonstrate need– Initial implementation on Nov 2010 (prop-50) without demonstrating
needs
• Between APNIC account holders
• Address pools managed by APNIC
• www.apnic.net/transfer
![Page 7: APNIC Member Services](https://reader036.vdocument.in/reader036/viewer/2022062408/568139e7550346895da1a11c/html5/thumbnails/7.jpg)
7
MyAPNIC IPv4 Transfer Feature
• Policy implementation support– Reduces overhead
• Source account to initiate– Initiated transfer will expire in 30 days if no action is taken by the
recipient
• Recipient account to accept within 30 days– Recipient account can decline the transfer
• All Corporate Contacts are informed of the transfer details
• Successful transfers appear in the transfer statistics
![Page 8: APNIC Member Services](https://reader036.vdocument.in/reader036/viewer/2022062408/568139e7550346895da1a11c/html5/thumbnails/8.jpg)
8
IPv4 Transfer Statistics
• http://ftp.apnic.net/transfers/apnic/
![Page 9: APNIC Member Services](https://reader036.vdocument.in/reader036/viewer/2022062408/568139e7550346895da1a11c/html5/thumbnails/9.jpg)
9
MyAPNIC IPv4 Transfer Feature
![Page 10: APNIC Member Services](https://reader036.vdocument.in/reader036/viewer/2022062408/568139e7550346895da1a11c/html5/thumbnails/10.jpg)
10
Transfer pre-approvals
![Page 11: APNIC Member Services](https://reader036.vdocument.in/reader036/viewer/2022062408/568139e7550346895da1a11c/html5/thumbnails/11.jpg)
11
IPv4 Transfers Pre-approval
• APNIC to evaluate needs of the recipient account before the transfer source is located
• Pre-approval expires in 12 months if no transfer source is available to initiate the transfer
• A subsequent pre-approval will, if granted, replace the existing one
• http://www.apnic.net/pre-approval
![Page 12: APNIC Member Services](https://reader036.vdocument.in/reader036/viewer/2022062408/568139e7550346895da1a11c/html5/thumbnails/12.jpg)
12
MyAPNIC Pre-approval Feature
![Page 13: APNIC Member Services](https://reader036.vdocument.in/reader036/viewer/2022062408/568139e7550346895da1a11c/html5/thumbnails/13.jpg)
13
Resource Certification
![Page 14: APNIC Member Services](https://reader036.vdocument.in/reader036/viewer/2022062408/568139e7550346895da1a11c/html5/thumbnails/14.jpg)
14
Resource Certification
• Supports secure routing
• Resource Public Key Infrastructure (RPKI)
• Enables third party to verify the authenticity of information about Internet resources when data is digitally signed by the custodian of those resources
• http://www.apnic.net/rescert
![Page 15: APNIC Member Services](https://reader036.vdocument.in/reader036/viewer/2022062408/568139e7550346895da1a11c/html5/thumbnails/15.jpg)
15
MyAPNIC Resource Certification
• Certification feature initially launched in August 2008
• Creation of Route Origin Attestations (ROAs)– Statement of one or more prefixes advertised by an autonomous
system (AS)– Allows entities to verify the permission given by an IP address holder
to advertise routes to the AS
• Download of certificates– For your resources sets
![Page 16: APNIC Member Services](https://reader036.vdocument.in/reader036/viewer/2022062408/568139e7550346895da1a11c/html5/thumbnails/16.jpg)
16
MyAPNIC Resource Certification
• Secure access– Only to users accessing with APNIC digital certificates
• Optional– Services activation required
![Page 17: APNIC Member Services](https://reader036.vdocument.in/reader036/viewer/2022062408/568139e7550346895da1a11c/html5/thumbnails/17.jpg)
17
MyAPNIC Resource Certification
![Page 18: APNIC Member Services](https://reader036.vdocument.in/reader036/viewer/2022062408/568139e7550346895da1a11c/html5/thumbnails/18.jpg)
18
MyAPNIC Resource Certification
![Page 19: APNIC Member Services](https://reader036.vdocument.in/reader036/viewer/2022062408/568139e7550346895da1a11c/html5/thumbnails/19.jpg)
19
MyAPNIC Resource Certification
![Page 20: APNIC Member Services](https://reader036.vdocument.in/reader036/viewer/2022062408/568139e7550346895da1a11c/html5/thumbnails/20.jpg)
20
DNSSEC
![Page 21: APNIC Member Services](https://reader036.vdocument.in/reader036/viewer/2022062408/568139e7550346895da1a11c/html5/thumbnails/21.jpg)
21
DNSSEC
• Three-phase implementation complete– Hardware and software testing around late 2009– All APNIC managed zones signed throughout April 2010– Improved features in MyAPNIC in mid 2011
• http://www.apnic.net/dnssec
![Page 22: APNIC Member Services](https://reader036.vdocument.in/reader036/viewer/2022062408/568139e7550346895da1a11c/html5/thumbnails/22.jpg)
22
DNSSEC in MyAPNIC
• Members who implemented DNSSEC for their reverse zones to publish their signature information into the parent zone
• "ds-rdata:” attribute for the domain object
• Bulk update available– Zone file upload
• Built-in validation tool
![Page 23: APNIC Member Services](https://reader036.vdocument.in/reader036/viewer/2022062408/568139e7550346895da1a11c/html5/thumbnails/23.jpg)
23
MyAPNIC DNSSEC
![Page 24: APNIC Member Services](https://reader036.vdocument.in/reader036/viewer/2022062408/568139e7550346895da1a11c/html5/thumbnails/24.jpg)
Thank You