Internet Routing Registry (IRR)
Understanding Internet Routing Registries
Internet Routing Registries (IRRs) contain information — submitted and maintained by ISPs or other entities — about Autonomous System Numbers (ASNs) and routing IP number prefixes. IRRs can be used by ISPs to develop routing plans. For example, ISPs who use Border Gateway Protocol (BGP) can create Access Control Lists to permit or deny traffic in their networks based on route registry information.
The global IRR is comprised of a network of distributed databases maintained by Regional Internet Registries (RIRs) such as ARIN, service providers, and third parties. Some of these databases contain only routing information for a particular region, network, or ISP. Other IRR databases mirror specific IRR databases, and contain IRR information from multiple databases. One of the IRR maintainers provides a list of routing registries.
Overview of the ARIN IRR
The ARIN IRR is a searchable database of public routing policy information for networks in the ARIN region. IRR information is contained in a separate database from ARIN’s public Whois information. As part of the global IRR, the ARIN IRR provides a registry of Internet routing objects for resources in the ARIN region.
There are two main functions of the IRR: getting routing data from ARIN users, and publishing that data to entities (such as customers, other IRRs, and aggregators) who retrieve it for use in routing decisions for their networks. You do not have to submit your own routing data to ARIN’s IRR to be able to query and retrieve routing data from the ARIN IRR. The following graphic illustrates the functions of ARIN’s IRR.
The ARIN IRR stores information in Routing Policy Specification Language (RPSL) objects. These objects are submitted to the ARIN IRR by resource holders such as ISPs and retrieved by other IRRs when ISPs in their region are requesting ARIN routing information.
ARIN’s IRR is integrated with ARIN Online. The IRR-email and IRR-online systems are both connected to ARIN’s IRR database. The database provides IRR information via a Near Real-Time Monitoring (NRTM) service and FTP, and is also accessible using Whois on port 43.
The following illustration provides an overview of the components of ARIN’s IRR.
ARIN’s IRR provides multiple methods for entering IRR data. Some of the differences between IRR-online, the IRR RESTful API, and IRR-email are summarized in the following table.
|Feature/Item||Supported in IRR-online||Supported in IRR RESTful API||Supported in IRR Email Templates|
|Bulk add/update capability||No||Multiple REST commands can be used in scripts or software; only one object create/read/update/delete per REST call is supported at this time||Yes, limit of 100 RPSL objects per email|
|Email notifications when objects are updated||No||No||Yes, via
|Maintainer object||No (objects are assigned to Orgs and managed through linked ARIN Online accounts)||No (objects are assigned to Orgs and managed through linked ARIN Online users with a valid API key)||Yes (no new maintainers accepted after June 10, 2020)|
|Proxy registration||Yes, via Routing POCs||Yes, via Routing POCs||Yes (if you registered a maintainer object before 6/10/20)|
More information about how to submit and retrieve IRR data is provided in the following sections.
Submitting Routing Information
Data can be submitted to ARIN’s IRR using the methods described in the following sections. Currently, ARIN allows you to submit data using the graphical user interface (GUI) and using the RESTful interface. (For a discussion of email templates, visit ARIN IRR-email System.)
ARIN has categorized IRR objects as simple and advanced. Simple objects are those created by:
- using the ARIN Online GUI to create objects individually by entering data in each field and then submitting each object
- using the RESTful API to create objects by submitting IRR data in XML format (which the system then converts in the back end to RPSL)
Advanced objects are those created by:
- using the RESTful API to create objects by submitting IRR data in RPSL format
- sending email templates (limited to users who had a maintainer object in the IRR system before June 2020)
Because ARIN is implementing IRR functionality in stages, the distinction between simple and advanced objects is important when viewing, updating, and deleting objects. It does not affect the IRR record that is retrieved from ARIN by other users, which is in RPSL format.
Currently, viewing, editing, and deleting of some objects is limited depending on the method used originally to create the object; refer to the following table. The system will return a warning if you try an operation that is not permitted–for example, using a REST command with an XML payload to view an object originally created with a REST command using RPSL (an advanced object).
|IRR Object Creation Method||REST (RPSL) Permissions||REST (XML) Permissions||ARIN Online Permissions|
|simple (created in IRR-online or with RESTful/XML)||none||create, view, edit, delete||create, view, edit, delete|
|advanced (created with RESTful/RPSL or migrated* from email templates)||create, view, edit, delete||none||view and delete only|
* Migrated objects have been imported from email templates that have passed the newer, stricter validation requirements for IRR objects and are indicated by a note on the object page in the ARIN Online graphical user interface (GUI).
ARIN’s IRR-online is available from the main navigation menu in ARIN Online. To learn how to submit and manage routing information in IRR-online, visit the ARIN IRR-online User Guide.
IRR RESTful API
ARIN provides a RESTful Application Programming Interface (API) that allows users to submit routing information via Representational State Transfer (REST) commands in scripts or software. This provides support for automating bulk data entry of route information. Visit the ARIN IRR RESTful API User Guide for more information on how to use these commands.
ARIN provides an email template-based system (IRR-email) for users to create and edit IRR records. As of 10 June 2020, this system is not accepting new users. Users of IRR-email who want to transition to using ARIN Online to manage their IRR information should visit Implementation Notes for ARIN’s Web-Based IRR.
Querying ARIN’s IRR
ARIN provides multiple ways to query the IRR database.
Near Real Time Mirroring (NRTM)
ARIN’s IRR database provides two NRTM streams:
ARIN: This stream contains “authorized” objects, or objects in the ARIN IRR database that are validated. “Validated” means that these networks and AS numbers are assigned to the valid maintaining Org ID and are covered by a Registration Services Agreement (RSA). For routes and ASNs, the Internet numbers claimed in the IRR object are registered to that same valid Org ID.
ARIN-NONAUTH: This stream contains “non-authenticated” objects, or objects that could not be validated during ARIN’s migration of data from the IRR-email database to the new database. Nonauthenticated data was published by someone who cannot be verified as the registrant of the address space or who does not have a signed RSA with ARIN for maintenance of the address space. Nonauthenticated data can be used for routing, but if a more trusted source of data (such as data in the authenticated ARIN stream, or RPKI data) exists, that data should be given preference.
You will need to establish two NRTM sessions to gain access to all of ARIN’s IRR objects (both ARIN and ARIN-NONAUTH).
Note: Objects created in IRR-email are migrated daily to the appropriate NRTM dataset (ARIN or ARIN-NONAUTH).
ARIN’s IRR information can be obtained from ftp://ftp.arin.net/pub/rr/. The FTP site can be used by mirrors in bootstrapping before using NRTM. The database source files can also be downloaded directly. The FTP site provides two sources: one for authorized objects and one for nonauthenticated objects.
If you are obtaining IRR information via FTP, to get all ARIN objects, you’ll need to access the two separate sources:
- ARIN: ftp://ftp.arin.net/pub/rr/arin.db.gz
- ARIN-NONAUTH ftp://ftp.arin.net/pub/rr/arin-nonauth.db.gz
Note: The source files are in compressed format (.gz).
Whois Port 43
You can also use a command-line interface command in a program such as Terminal to enter query commands. The ARIN IRR uses the Internet Routing Registry Daemon (IRRd) Version 4 database server. IRRd supports two types of Whois queries: IRRd-style queries and RIPE-style queries. You cannot mix styles in a single query. Each style has different flags and arguments.
Some common IRR query examples are listed in the following table, and longer examples are provided after the table.
|Query||IRRd-Style Example||RIPE-Style Example|
|objects of a specified maintainer||
For a full list of querying instructions for both IRRd-style and RIPE-style queries, view IRRd: Running queries - Whois protocol reference.
IRRd-Style Query Example
IRRd-style queries use arguments to retrieve certain types of data. These arguments are preceded by the exclamation point. When using the terminal window to enter commands, you’ll need to precede the exclamation point with a backslash
(\) or enclose the exclamation point and arguments within single quotation marks.
For example, to search for all members of an
as-set you would enter the
as-set name in the command like this:
whois -h rr.arin.net \!iAS-EXAMPLE
AS-EXP AS-WESTB AS65536
An explanation of the results is provided here:
A<length>: A24: The number of bytes in the response, including new lines after the content.
<as-set> <as-set> <asn>: AS-EXP AS-WESTB AS65536: This
as-set(“as-example”) includes two other
as-sets, AS-EXP and AS-WESTB, and the ASN AS65536.
RIPE-Style Query Example
To search for an object such as a
route6 object, enter the command like this:
whois -h rr.arin.net 2001:db8::/32
descr: Example Corporation
Internet Routing Registry (IRR)
- ARIN IRR-online User Guide
- ARIN IRR RESTful API User Guide
- ARIN IRR-email System
- ARIN IRR-email Object Templates
- Converting IRR Email Templates to REST Commands
- Implementation Notes for ARIN's Web-Based IRR
- Internet Routing Registry FAQ
Registration Services Help Desk
7:00 AM to 7:00 PM ET