jwbensley
commented
1 year ago In this particular case I notice that multiple sources are involved:
AS-AS112 is in RIPE and the source is RIPE:
$ whois -h whois.ripe.net AS-AS112 | grep -E "members: |source: "
members: AS112
source: RIPE
source: RIPE # FilteredThe routes are in RIPE-NONAUTH though:
$ whois -h whois.ripe.net -T route,route6 -i origin AS112 | grep -E "route: |route6: |source: "
route: 192.175.48.0/24
source: RIPE-NONAUTH
route: 192.31.196.0/24
source: RIPE-NONAUTH
route6: 2001:4:112::/48
source: RIPE-NONAUTH
route6: 2620:4f:8000::/48
source: RIPE-NONAUTHWe aren't mirroring RIPE-NONAUTH. So that might explain why a GraphQL which uses "RIPE" as the source returns no prefixes.
But looking at RADB, the prefixes are in RADB with RADB as the source, so the GraphQL query which uses "RADB" as the source should return something I believe?
$ whois -h whois.radb.net -T route -i origin AS112 | grep -E "route: |route6: |source: "
route: 192.31.196.0/24
source: RADB
route: 192.175.48.0/24
source: RADB
route: 192.175.48.0/24
source: RIPE-NONAUTH
route: 192.31.196.0/24
source: RIPE-NONAUTH
route: 192.31.196.0/24
source: NTTCOM
route: 192.175.48.0/24
source: NTTCOM
route: 192.175.48.0/24
source: ALTDB
route: 192.175.48.0/24
source: LEVEL3So even though RADB has multiple copies from various sources, it does at lease have them from RADB.
OK I think I found it; the AS-SET is not in RADB:
$ whois -h whois.radb.net AS-AS112 | grep -E "members: |source: "
members: AS112
source: RIPEThe AS-SET is not in RADB even though the prefixes are, so a query using only RADB as the source fails. The AS-SET is in RIPE but the prefixes are in RIPE-NONAUTH, so a query using only RIPE as the source fails.
OK so it seems like this is an open an shut case and simply, this AS-SET is a bit of a mess?
Describe the bug I am querying our private/internal IRRd instance using the GraphQL interface, for the list of prefixes under an AS-SET (
AS-AS112). It returns an empty prefix list if I set the source to "RIPE" (even though the AS-SET is in RIPE and we mirror RIPE). Equally, if I set the source to "RADB" a blank/empty prefix list is returned (even though the AS-SET also exists in RADB and we mirror RADB). Only if I query IRRd and set the source list to ["RIPE", "RADB"], only then when both sources are specified, is the prefix list provided in the response.To Reproduce When querying our private IRRd mirror via the GraphQL interface to get the prefix list for AS-AS112, if I specify RIPE as the data source (a data source that we mirror, which contains the prefixes for the AS-SET we are interested in) we get a blank/empty response as if IRRd doesn't have the prefixes.
This AS-SET is in RIPE though, the single member ASN of this AS-SET is in RIPE, and there are prefix in RIPE with this ASN as the origin ASN:
I get the same result from the GraphQL interface when I set the source to RADB:
Like with RIPE; this AS-SET is in RADB, the same member ASN is in RADB, and the same prefixes are in RADB with this same ASN as their origin (so basically, all the same data, the formatting below is just slightly different):
When I query our private IRRd mirror via whois, I get the same data:
To get this via the GraphQL interface I have to specify both data sources though:
Expected behaviour I expect to query IRRd with the GraphQL source set to "RIPE" and get the prefixes I provided in my CLI Whois query to whois.ripe.net above. Or if I query GraphQL with the data source set to "RADB" I expect to get the same as the CLI Whois query to whois.radb.net I provided above. Otherwise, how can I compare what is coming from each data source or know which data sources the results are coming from? Is this somehow the expected behaviour, or is this user error, or are my expectation/understanding of IRR wrong (all very likely)?
IRRd version you are running
Additional context If I specify no source I get the same result as when I specify RIPE + RADB (the prefix lists are returned, not an empty list).