- db-wg - mailman.ripe.net

Re: A new type of referral
by Marcel Schneider 16 Nov '99

16 Nov '99

On Monday, 15 Nov 1999, Engin Gunduz writes: Dear Engin Gunduz We appreciate your efforts and consider your proposal a good idea. Looking forward to get it implemented asap. The CLIENTADDRESS will enable us to limit time and number of queries from referral servers by using a wrapper we wrote around our WHOIS that has configurable access mechanisms based on IP addresses. The background for all this is mainly privacy: people are currently using all means to get access to addresses of Internet users (mostly for spamming purposes). One means is querying RIPE's Josh because such queries could not be limited until now by the authoritative WHOIS server due to lack of detailed information (we would have had to limit the entire Josh). We also encourage other registries to configure their WHOIS servers to allow referral queries by RIPE and let their own WHOIS server answer authoritatively. Marcel > We will be implementing a new type of referral, to be used > to forward the querying client's IP address to the referred > whois server along with the query. Until now, there was no > way to let the referred whois server know the IP address > of the actual whois client, rendering the usage of an ACL > impossible without blocking all referred queries, on the side > of the referred whois server. > Briefly, > o A fourth kind of referral will be defined, CLIENTADDRESS (The other > three were RIPE, INTERNIC and SIMPLE). > o The IP address of the client will be sent to the referred whois > server, if the referral type is CLIENTADDRESS. > o The IP address will be sent using the -V flag. The version and the IP > address will be separated by a comma (eg, -Vripe2.3.1,193.140.45.45). > o No other flag will be forwarded to the referred whois server. > o When the server gets such a request, it will check the IP number of > the server which does the referral against a list of authorized whois > servers. If it is not in the list, it will be rejected. > o Then, the IP address of the client will be extracted from the -V flag > string and it will be regarded as if it is the IP address of a directly > querying whois client (ie, it is checked against the list of > DENYWHOISACESS list). > Please let us know about your ideas and comments regarding this issue, > Regards, > Engin Gunduz > RIPE NCC > DB Group

1 0

A new type of referral
by Engin Gunduz 15 Nov '99

15 Nov '99

Dear colleagues, We will be implementing a new type of referral, to be used to forward the querying client's IP address to the referred whois server along with the query. Until now, there was no way to let the referred whois server know the IP address of the actual whois client, rendering the usage of an ACL impossible without blocking all referred queries, on the side of the referred whois server. Briefly, o A fourth kind of referral will be defined, CLIENTADDRESS (The other three were RIPE, INTERNIC and SIMPLE). o The IP address of the client will be sent to the referred whois server, if the referral type is CLIENTADDRESS. o The IP address will be sent using the -V flag. The version and the IP address will be separated by a comma (eg, -Vripe2.3.1,193.140.45.45). o No other flag will be forwarded to the referred whois server. o When the server gets such a request, it will check the IP number of the server which does the referral against a list of authorized whois servers. If it is not in the list, it will be rejected. o Then, the IP address of the client will be extracted from the -V flag string and it will be regarded as if it is the IP address of a directly querying whois client (ie, it is checked against the list of DENYWHOISACESS list). Please let us know about your ideas and comments regarding this issue, Regards, Engin Gunduz RIPE NCC DB Group

1 0

Top 100 Maintainers List 19991108
by RIPE Database Administration 08 Nov '99

08 Nov '99

1 0

Reminder: RPSL Transition
by Gerald Andrew Winters 29 Oct '99

29 Oct '99

A final reminder for users of the RADB database service: at 12:00:00 a.m. EDT on November 1, 1999, the whois.radb.net and auto-dbm(a)radb.net services will default to the Routing Policy Specification Language (RPSL) database. This means that whois queries to whois.radb.net after November 1 will return RPSL objects. RIPE-181 queries will still be possible after November 1 via whois queries to whois-ripe181.radb.net and email submissions to auto-ripe181(a)radb.net. In addition, between 11/1/99 and 1/1/00, RIPE-181 submissions will be auto-converted and folded into the RPSL database. Users need to be aware of this, as corresponding RPSL entries will be overwritten with the auto-converted RIPE-181 objects. You will need to *RECONFIGURE* your tools to explicitly query whois-ripe181.radb.net and send RIPE-181 submissions to auto-ripe181.radb.net. During the changeover, the whois.radb.net DNS entry will be changed to point to the production RPSL database. Because of DNS latency, there will be a period of time when all resolvers have not received the new DNS entry IP address. During this transition period, some users may want to manually configure the IP address used by their query tools. The IP addresses of the machines will be: whois.radb.net 198.108.0.18 (RPSL queries) whois-ripe181.radb.net 198.108.0.11 (RIPE-181 queries) For further information about the transition to RPSL, see: http://www.radb.net/announce.html Comments or questions about the transition are welcome; please send email to db-admin(a)radb.net. --Gerald Winters Merit IRRd Team

1 0

RPSL Transition
by Gerald Andrew Winters 26 Oct '99

26 Oct '99

A reminder for users of the RADB database service: at 12:00:00 a.m. EDT on November 1, 1999, the whois.radb.net and auto-dbm(a)radb.net services will default to the Routing Policy Specification Language (RPSL) database. This means that whois queries to whois.radb.net after November 1 will return RPSL objects. RIPE-181 queries will still be possible after November 1 via whois queries to whois-ripe181.radb.net. However, you will need to *RECONFIGURE* your tools to explicitly query whois-ripe181.radb.net and send RIPE-181 submissions to auto-ripe181.radb.net. RIPE-181 submissions made between 11/1/1999 and 1/1/2000 will be visible on whois.radb.net as RIPE-181 objects converted to RPSL. The objects will be converted every five minutes from the whois-ripe181.radb.net database. Availability of the database in both syntax languages will ease the transition to RPSL by allowing users to view RIPE-181 objects converted to RPSL. fter January 1, 2000, RIPE-181 object submissions will no longer be accepted. Here is the full transition schedule: DATE CHANGE ---- ------ 9/1/1999 RADB begins production RPSL service and enters the final stage of RPSL transition. RPSL queries are available from whois-rpsl.radb.net and submissions may be sent to auto-rpsl(a)radb.net. RIPE-181 and RPSL databases operate in parallel. whois.radb.net and auto-dbm(a)radb.net default to RIPE-181. 11/1/1999 Default whois.radb.net and auto-dbm(a)radb.net addresses change to RPSL database. RIPE-181 queries still possible via whois-ripe181.radb.net and RIPE-181 submissions still possible via email to auto-ripe181(a)radb.net. auto-ripe181(a)radb.net submissions will be auto-converted to RPSL and mirrored to the RPSL database every 5 minutes. Therefore, auto-converted RIPE-181 submissions will be visible on whois.radb.net and corresponding RPSL entries may be overwritten. 1/1/2000 RIPE-181 queries and submissions are no longer accepted and the RADB RPSL transition is complete. RADB users can query RPSL objects by issuing the following query: whois -h whois-rpsl.radb.net Objects may be submitted by sending mail to: auto-rpsl(a)radb.net Users may also use the Web-based GUI interface at: http://www.radb.net/irrj.html RPSL RFCs and Internet-Drafts are available through: http://www.ietf.org/html.charters/rps-charter.html Comments or questions about the transition are welcome; please send email to db-admin(a)radb.net. --Gerald Winters Merit IRRd Team

1 0

Top 100 Maintainers.
by RIPE Database Administration 21 Oct '99

21 Oct '99

1 0

New DB release 2.3.1
by RIPE Database Administration 14 Oct '99

14 Oct '99

Dear colleagues, We have made available the new release of RIPE Perl database software at our fto site. You can find it at ftp://ftp.ripe.net/ripe/dbase/software/ripe-dbase-2.3.1.tar.gz Please find attached notes of the new release. Best regards, RIPE NCC DB Group ----------------- RELEASE NOTES for RIPE Database 2.3.1 This is a bugfix release with no new functionality added. There are some operational changes which should be transparent to the end user but ease the database maintenance and (dramatically) improve performance. SUPPORTED SYSTEMS ================= This release has been tested with perl 5.004_04 on bsdi3.1 and Solaris 2.6 systems. Please let us know if you have problems running it on other systems. CHANGES ======= Incorporated MAXLISTLENGTH and MAXSTRINGCOMPONENTS variables into the configuration file. They define the internal buffer sizes for reindexing; MAXLISTLENGTH defines the max length of the list of index entries, MAXSTRINGCOMPONENTS (name preserved for historical reasons) determines the number of entries for classless indices. Whoisd: added a 3 seconds delay before denied connections are dropped. In the inet6num objects, quads are zero padded to improve readability. Comparison of objects set to ignore the differences in number of whitespaces. BUG FIXES ========= Maintainer checks for dbupdate -T (test database) were not correct. Fixed setpriority parameters for whoisd {-L|-M|-m}. If invoked with wrong uid, dbupdate would fail silently. Now prints a message and exits 75. A range in class A ending with ?.?.?.0 would be changed to ?.255.255.255. Also fixed /32 ranges (beginning=end). PERFORMANCE FIXES ================= Turning splits and joins into a regexp substitution in key handling code decreased the CPU usage. Nic-handle generation algorithm takes 30-40 steps now instead of up to a few thousand.

3 2

Top 100 Maintainers List 19991004
by RIPE Database Administration 04 Oct '99

04 Oct '99

1 0

object definitions
by Chris Ottrey 04 Oct '99

04 Oct '99

Hello, Work here at the NCC on the Re-Implementation Project (RIP), is well under way. We have been looking closely at the existing definitions of objects incorporating them into our new design. We thought that now might be a good time for getting ideas on any changes in the object definitions that the wg would like to see. Eg. - "mandatory" mnt_by field in domain - "mandatory" mnt_by field in inetnum - "mandatroy" mnt_by field in person (instead of the current - "optional".) (Eg. to provide some sort of indication of how much protection users have against someone else deleting all their domains. Some users may not even realize that it is possible.) Existing object definitions can be found at: http://www.ripe.net/db/reimp/design/er/er_whois.html Chris. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= A ,-._|\ Chris Ottrey \_ / Oz \ At work in Amsterdam, \_,--._/ ottrey(a)ripe.net +31 20 535 4444 -=-=-=-=-=-v-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

2 1

Top 100 maintainers list
by RIPE Database Administration 22 Sep '99

22 Sep '99

1 0