RIPE NCC Status
Download
Report
Transcript RIPE NCC Status
The whois Database
Introduction and Usage
Anne Lord & Mirjam Kühne
.
AfNOG Workshop, 10 May 2001
.
http://www.ripe.net
Overview
•
•
•
•
•
What is the whois database?
Why use it?
Who uses it?
Database query process
Database update process
Anne Lord & Mirjam Kühne
.
AfNOG Workshop, 10 May 2001
.
2
http://www.ripe.net
What is the whois Database?
• Network Management Database
• Contains information about
–
–
–
–
address space
DNS domains
IP routing policies
contact information
Anne Lord & Mirjam Kühne
.
AfNOG Workshop, 10 May 2001
.
3
http://www.ripe.net
Why use the Database?
• Queries
–
–
–
–
Ascertain custodianship of a resource
Obtain details of technical contacts for a network
Investigate security incidents
Track source of network abuse or “spam” email
• Updates
–
–
–
–
Register use of Internet resources
IP networks, ASNs, reverse DNS, etc.
Update existing records
Fulfill responsibilities as resource holder
Anne Lord & Mirjam Kühne
.
AfNOG Workshop, 10 May 2001
.
4
http://www.ripe.net
Who uses the Database?
• Queries
– Internet Service Providers
– Site network managers and engineers
– Any Internet user
• Updates
– Internet registries (RIRs, LIRs)
– Internet Service Providers
– Anyone who holds an Internet resource
Anne Lord & Mirjam Kühne
.
AfNOG Workshop, 10 May 2001
.
5
http://www.ripe.net
Database Objects
• Database object types
OBJECT
person
role
inetnum
inet6num
aut-num
as-macro
domain
route
mntner
Anne Lord & Mirjam Kühne
PURPOSE
contact persons
contact groups/roles
IPv4 address allocations/assignments
IPv6 address allocations/assignments
autonomous system number
group of autonomous systems
reverse domains
prefixes being announced
(maintainer) database authorisation
.
AfNOG Workshop, 10 May 2001
.
6
http://www.ripe.net
Contact Information
Example object - ‘person’
Values
Attributes
Brajesh Jain
B 115 SARVODAYA ENCLAVE
NEW DELHI 110017
TH
+91-11-6864138
+91-11-6865888
[email protected]
BJ16-AP
MAINT-IN-ESTEL-BCJ
person:
address:
address:
country:
phone:
fax-no:
e-mail:
nic-hdl:
mnt-by:
changed:
source:
Anne Lord & Mirjam Kühne
[email protected] 20000429
APNIC
.
AfNOG Workshop, 10 May 2001
.
7
http://www.ripe.net
Network Information
Example object - ‘inetnum’
Attributes
inetnum:
netname:
descr:
descr:
country:
admin-c:
tech-c:
mnt-by:
mnt-lower:
changed:
source:
Anne Lord & Mirjam Kühne
Values
203.113.0.0 - 203.113.31.255
TOTNET-AP
Telephone Organization of THAILAND(TOT)
Telephone and IP Network Service Provider
TH
NM18-AP
RC80-AP
APNIC-HM
MAINT-TH-SS163-AP
[email protected] 19990922
APNIC
.
AfNOG Workshop, 10 May 2001
.
8
http://www.ripe.net
Database Query - Search Keys
OBJECT TYPE
person
role
mntner
inetnum
domain
aut-num
as-macro
route
inet6num
*
ATTRIBUTES - SEARCH KEYS
name, nic-hdl, e-mail
name, nic-hdl, e-mail
maintainer name
network number, name
domain name
as number
as-macro name
route value
network number, name
whois supports queries on any of these objects/keys
Anne Lord & Mirjam Kühne
.
AfNOG Workshop, 10 May 2001
.
9
http://www.ripe.net
Database Query - Inetnum
% whois 203.127.128.0 - 203.127.159.255
% whois 202.127.128.0/19
% whois SINGNET-SG
inetnum:
203.127.128.0 - 203.127.159.255
netname:
SINGNET-SG
descr:
Singapore Telecommunications Ltd
descr:
31, Exeter Road, #02-00, Podium Block
descr:
Comcentre, 0923
country:
SG
admin-c:
CWL3-AP
tech-c:
CWL3-AP
mnt-by:
APNIC-HM
changed:
[email protected] 19990803
source:
APNIC
• Notes
• Incomplete addresses padded with “.0”
• Address without prefix interpreted as “/32”
Anne Lord & Mirjam Kühne
.
AfNOG Workshop, 10 May 2001
.
http://www.ripe.net
10
Database Query - Inetnum
• RIPE extended whois client
ftp://ftp.ripe.net/ripe/dbase/software/ripe-dbase-3.0.tar.gz
• Flags used for inetnum queries
None
-L
-m
-M
-r
find exact match
find all less specific matches
find first level more specific matches
find all More specific matches
turn off recursive lookups
Anne Lord & Mirjam Kühne
.
AfNOG Workshop, 10 May 2001
.
11
http://www.ripe.net
Database Query - Inetnum
inetnum hierarchy: whois 210.8.0.0/16
0/0
All less
specifics (-L)
210/7
210.8/16
Exact match
1st level
more
Specific (-m)
210.8.30/23
Anne Lord & Mirjam Kühne
.
AfNOG Workshop, 10 May 2001
All more
specifics (-M)
.
12
http://www.ripe.net
Database Query - Inetnum
‘-M’ will find all assignments in a range in the database
% whois -M 202.144.0.0/19
inetnum:
netname:
descr:
.....
inetnum:
netname:
descr:
.....
inetnum:
descr:
descr:
.....
Anne Lord & Mirjam Kühne
202.144.0.0 - 202.144.31.255
SILNET-AP
Satyam Infoway Pvt.Ltd.,
202.144.13.104 - 202.144.13.111
SOFTCOMNET
SOFTCOM LAN (Internet)IP.
202.144.1.0 - 202.144.1.255
SILNET
Satyam Infoway's Chennai LAN
.
AfNOG Workshop, 10 May 2001
.
13
http://www.ripe.net
Database Query - Inverse
% whois -i person EC119-AP
inetnum:
netname:
descr:
country:
admin-c:
tech-c:
……
202.166.224.0 - 202.166.255.255
NECTW-BIGLOBE
ISP Division of NEC Taiwan Ltd.
TW
SC23-AP
EC119-AP
aut-num:
as-name:
descr:
tech-c:
AS9283
NECTW-AS
ISP Division of NEC Taiwan Ltd.
EC119-AP
mntner:
descr:
admin-c:
tech-c:
NECTW-ISP-AP
NEC Biglobe Taiwan wide
SC23-AP
EC119-AP
person:
address:
country:
phone:
e-mail:
nic-hdl:
Emily Hui Chou
ISP Division of NEC Taiwan Ltd.
TW
+886-2-85001787
[email protected]
EC119-AP
Anne Lord & Mirjam Kühne
.
AfNOG Workshop, 10 May 2001
.
14
http://www.ripe.net
Whois Web Interface
Anne Lord & Mirjam Kühne
.
AfNOG Workshop, 10 May 2001
.
15
http://www.ripe.net
Whois Web Interface
Anne Lord & Mirjam Kühne
.
AfNOG Workshop, 10 May 2001
.
16
http://www.ripe.net
Database Query - Options
• Summary of other flags
-i
-T
-t
-v
-h
inverse lookup on given attribute
search only for objects of given type
give template for given type
verbose information for given type
specify database server site
• For more information try...
whois -h whois.apnic.net HELP
whois -h whois.ripe.net HELP
Anne Lord & Mirjam Kühne
.
AfNOG Workshop, 10 May 2001
.
17
http://www.ripe.net
Database Update Process
– Email requests to <[email protected]>
– Each request contains an object template
Update Request
Template
<[email protected]>
Parse
Whois Server
Data
Base
Auth.
Error
Warnings/Errors returned
Anne Lord & Mirjam Kühne
.
AfNOG Workshop, 10 May 2001
.
18
http://www.ripe.net
Database Update Process
• Update transactions
Template
–Create a new object
–Change attributes of an object
–Delete an object
• Updates are submitted by email
• E-mail to: <[email protected]>
• Email message contains template with new
or updated object
Anne Lord & Mirjam Kühne
.
AfNOG Workshop, 10 May 2001
.
19
http://www.ripe.net
Object Template
whois -t <object type>
• Recognised by the RIPE whois client/server
% whois -h whois.ripe.net -t person
person:
address:
country:
phone:
fax-no:
e-mail:
nic-hdl:
remarks:
notify:
mnt-by:
changed:
source:
[mandatory]
[mandatory]
[optional]
[mandatory]
[optional]
[optional]
[mandatory]
[optional]
[optional]
[optional]
[mandatory]
[mandatory]
Anne Lord & Mirjam Kühne
.
[single]
[multiple]
[single]
[multiple]
[multiple]
[multiple]
[single]
[multiple]
[multiple]
[multiple]
[multiple]
[single]
[primary/look-up key]
[ ]
[ ]
[ ]
[ ]
[look-up key]
[primary/look-up key]
[ ]
[inverse key]
[inverse key]
[ ]
[ ]
AfNOG Workshop, 10 May 2001
.
20
http://www.ripe.net
Database Update Process
• Automatic request processing
Parse
<[email protected]>
– Automatic “robot” for all database updates
– Email template for create/update/delete
• Templates are syntax checked
– Warnings
– Errors
• Database service support
<[email protected]>
Anne Lord & Mirjam Kühne
.
AfNOG Workshop, 10 May 2001
.
21
http://www.ripe.net
Data Protection
• Authorisation
– “mnt-by” attribute references a “mntner”
(maintainer) object
– “mnt-by” should be used with every object
Auth.
• Authentication
– Updates to an object must pass authentication rule
specified by its maintainer object
Anne Lord & Mirjam Kühne
.
AfNOG Workshop, 10 May 2001
.
22
http://www.ripe.net
Data Protection
• Failed Authorisation
– Template NOT corrected and object NOT accepted
– Automatic email notification sent to requestor
– Automatic email notification sent to “notify” address
• Successful update
– If Parse and Auth. steps succeed,
database is updated
– Confirmation by email to requestor
Anne Lord & Mirjam Kühne
.
AfNOG Workshop, 10 May 2001
.
23
http://www.ripe.net
Authentication/Authorisation
– Maintainer object example
inetnum:
descr:
mnt-by:
193.1.2.0/24
SYNFUX-NET
MAINT-AU-SYNFLUX
mntner:
descr:
country:
admin-c:
tech-c:
upd-to:
mnt-nfy:
auth:
mnt-by:
changed:
MAINT-AU-SYNFLUX
Synflux International Pty.
AU
UG1-AP
UG1-AP
[email protected]
[email protected]
CRYPT-PW apnbVcktyz6UY
MAINT-AU-SYNFLUX
[email protected] 19990404
Anne Lord & Mirjam Kühne
.
AfNOG Workshop, 10 May 2001
.
24
http://www.ripe.net
Authentication/Authorisation
• Maintainer specific attributes
– notify:
• Sends notification of any changes to maintained objects to
email address specified
– mnt-by:
• Maintainers must also be protected!
(Normally by themselves)
– auth:
• Authentication method for this maintainer
Anne Lord & Mirjam Kühne
.
AfNOG Workshop, 10 May 2001
.
25
http://www.ripe.net
Authentication/Authorisation
• ‘auth’ attribute gives authentication
method
– NONE
• Strongly discouraged!
– MAIL-FROM
• Very weak authentication. Discouraged
– CRYPT-PW
• Crypt (Unix) password encryption
• Use web page to create your maintainer
– PGP-KEY
Anne Lord & Mirjam Kühne
.
AfNOG Workshop, 10 May 2001
.
26
http://www.ripe.net
Questions
Anne Lord & Mirjam Kühne
.
AfNOG Workshop, 10 May 2001
.
http://www.ripe.net