Hank,
Hank Nussbacher wrote:
What are the current limits on whois lookups and how does
one get a specific IP changed? I have someone getting "ERROR:202:
access control limit reached for x.x.x.x"
We have a standard reply to questions about rate limits:
=========================================================================
If you have not been permanently denied access, if you wait the limit
will lift itself. Every 12 hours the count is reduced to 0.5 times the
previous level, plus all of the queries made in that period. If you
repeatedly query after you have been denied you WILL be permanently
denied.
The limit is ONLY in effect for person or role data. This is because of
the privacy restrictions on said data - it contains information such as
e-mail and phone contact that may be sensitive. In order to query the
database without viewing such data, please use the "nonrecursive" option
to the query. This will return only the actual records, rather than
also returning the contact information. This is specified with the "-r"
flag.
If you need the data you may retrieve it from the RIPE FTP site, at the
following URL:
ftp://ftp.ripe.net/ripe/dbase/ripe.db.gz
You can also get portions of the database by object type in the
following directory:
ftp://ftp.ripe.net/ripe/dbase/split/
For instance, to get a list of aut-num objects you would retrieve:
ftp://ftp.ripe.net/ripe/dbase/split/ripe.db.aut-num.gz
If you have a legitimate need for massive queries to the Whois database,
you may wish to run a Near Real-Time Mirror. Please contact us at
<ripe-dbm@ripe.net> for more information about this option if you
think
it applies to you.
=========================================================================
Some bits missing from this:
- We track everything based on client IP address, which means
NAT and firewalls and things like that can cause confusion (which is
why we tell you what IP address we are blocking in our reply).
- The default limit is a count of 5000 private (PERSON or ROLE)
objects.
- The actual limit can be changed for any given CIDR range, and
we do that occasionally for users with special needs who sign an AUP.
- Permanent denial only happens after 32767 temporary denials,
which basically means someone running an out-of-control script, or
someone running a web page that forwards queries to the RIPE server
(you can get a special proxy AUP for this second case).
As always, e-mail <ripe-dbm@ripe.net> if you get blocked,
need an AUP, or have any other questions about the RIPE Whois Database.
The rate limiting is a bit odd and hard to understand, but it has
worked pretty good for the last 4 years. At some point we are planning
on changing it to a simple linear decay (rather than "halving after 12
hours"), but it is a low priority.
--
Shane Kerr
Software Engineering Department Manager
RIPE NCC