At 06:00 PM 28-06-05 +0200, Shane Kerr wrote: Many thanks for the fast reply! -Hank
Hank,
Hank Nussbacher wrote:
What are the current limits on whois lookups and how does one get a specific IP changed? I have someone getting "ERROR:202: access control limit reached for x.x.x.x" We have a standard reply to questions about rate limits:
=========================================================================
If you have not been permanently denied access, if you wait the limit will lift itself. Every 12 hours the count is reduced to 0.5 times the previous level, plus all of the queries made in that period. If you repeatedly query after you have been denied you WILL be permanently denied.
The limit is ONLY in effect for person or role data. This is because of the privacy restrictions on said data - it contains information such as e-mail and phone contact that may be sensitive. In order to query the database without viewing such data, please use the "nonrecursive" option to the query. This will return only the actual records, rather than also returning the contact information. This is specified with the "-r" flag.
If you need the data you may retrieve it from the RIPE FTP site, at the following URL:
ftp://ftp.ripe.net/ripe/dbase/ripe.db.gz
You can also get portions of the database by object type in the following directory:
ftp://ftp.ripe.net/ripe/dbase/split/
For instance, to get a list of aut-num objects you would retrieve:
ftp://ftp.ripe.net/ripe/dbase/split/ripe.db.aut-num.gz
If you have a legitimate need for massive queries to the Whois database, you may wish to run a Near Real-Time Mirror. Please contact us at <mailto:ripe-dbm@ripe.net><ripe-dbm@ripe.net> for more information about this option if you think it applies to you.
=========================================================================
Some bits missing from this: * We track everything based on client IP address, which means NAT and firewalls and things like that can cause confusion (which is why we tell you what IP address we are blocking in our reply). * The default limit is a count of 5000 private (PERSON or ROLE) objects. * The actual limit can be changed for any given CIDR range, and we do that occasionally for users with special needs who sign an AUP. * Permanent denial only happens after 32767 temporary denials, which basically means someone running an out-of-control script, or someone running a web page that forwards queries to the RIPE server (you can get a special proxy AUP for this second case). As always, e-mail <mailto:ripe-dbm@ripe.net><ripe-dbm@ripe.net> if you get blocked, need an AUP, or have any other questions about the RIPE Whois Database.
The rate limiting is a bit odd and hard to understand, but it has worked pretty good for the last 4 years. At some point we are planning on changing it to a simple linear decay (rather than "halving after 12 hours"), but it is a low priority.
-- Shane Kerr Software Engineering Department Manager RIPE NCC
+++++++++++++++++++++++++++++++++++++++++++ This Mail Was Scanned By Mail-seCure System at the Tel-Aviv University CC.