[159216] in North American Network Operators' Group
Re: GeekTools Whois Proxy and RIPE/RIPE-NCC
daemon@ATHENA.MIT.EDU (Job Snijders)
Mon Dec 31 11:46:45 2012
From: Job Snijders <job.snijders@atrato-ip.com>
In-Reply-To: <71BEAB45-2AC4-4573-BF20-35B6BAB1B119@centergate.com>
Date: Mon, 31 Dec 2012 17:46:07 +0100
To: Rodney Joffe <rjoffe@centergate.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Hi Rodney,
=46rom the looks of it, this decision was made by the RIPE NCC Executive =
Board rather than at the General Meeting. Inqueries will have to be =
made why this was decided, and what the consequences are. But, I don't =
expect a resolution to be reached in the next 6 hours.=20
In the meantime you could consider setting up an irrd[1], redirect =
queries to that instance instead of whois.ripe.net, and keep it kind of =
fresh by feeding it ftp://ftp.ripe.net/ripe/dbase/ripe.db.gz on a daily =
basis.=20
Kind regards,
Job
[1] http://www.irrd.net/
On Dec 31, 2012, at 4:41 PM, Rodney Joffe <rjoffe@centergate.com> wrote:
> NANOG and ARIN Friends,
>=20
> 14 Years ago, at the suggestion of Jon Postel and some of the early =
participants in NANOG, we developed the GeekTools Whois proxy to make it =
easier for *us* - network security and abuse techs - to deal with the =
expanding number of gtlds and registrars and the varied whois servers =
that were appearing. The service had both a CLI and web interface.
>=20
> The service also led directly to the creation of whois-servers.net, =
which now seems to be part of a number of *nix distributions.
>=20
> The service has been up for 14 years, and over that time we have =
fulfilled the requirements of all of the whois server operators in =
regards to minimizing and stopping abuse of the GT whois proxy by domain =
scrapers, spammers, etc, while enabling the security folks to do their =
jobs. In some cases we have even written code to pass the ip address of =
the requestor to the whois server registry operator when they wanted to =
manage quota's directly. We think we have a really good relationship =
with all of the whois server operators, and I think we provide a useful =
service to the community, and is widely used. And in 14 years we have =
never been tarred as an enabler of abuse of "the whois" system.
>=20
> There has obviously never been any kind of charge or fee for using the =
proxy, or any of the other tools on GeekTools. In about 2002 we started =
placing a banner ad on the web interface page to offset some of the =
costs for the bandwidth that the proxy consumes. An average of about $70 =
a month for over the last 10 years. Actual bandwidth costs are higher =
than that of course, but it was a thought in 2002 that we had frankly =
forgotten about until recently.
>=20
> Two weeks ago RIPE-NCC, who provide the whois data for IP addresses in =
the RIPE region, informed us that based on decisions by their members, =
as of January 1st 2013, tomorrow, they would no longer provide whois =
proxy query response services to GeekTools unless we ponied up $1,800 a =
year for RIPE membership.
>=20
> I don't work very well above layer 7. It is what it is. So I wanted to =
let you know that as of midnight tonight, apparently, you won't be able =
to use GeekTools for RIPE related queries. If you have automated =
scripts, and you are one of the users who has expanded access to =
GeekTools, you'll need to find an alternative for RIPE queries *today*. =
My guess is that you will be able to query RIPE directly, once you have =
worked out that the address space is within RIPE's assignments.
>=20
> I think its wrong to have to pay for whois data that is part of a =
community resource . So I won't do it.
--=20
AS5580 - Atrato IP Networks
