[159217] in North American Network Operators' Group
Re: GeekTools Whois Proxy and RIPE/RIPE-NCC
daemon@ATHENA.MIT.EDU (Rodney Joffe)
Mon Dec 31 11:56:29 2012
From: Rodney Joffe <rjoffe@centergate.com>
In-Reply-To: <77455F9F-4ED4-4494-A3BB-679BDA81479B@atrato-ip.com>
Date: Mon, 31 Dec 2012 11:56:14 -0500
To: Job Snijders <job.snijders@atrato-ip.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Hi Job,
On Dec 31, 2012, at 11:46 AM, Job Snijders <job.snijders@atrato-ip.com> =
wrote:
> Hi Rodney,
>=20
> =46rom the looks of it, this decision was made by the RIPE NCC =
Executive Board rather than at the General Meeting. Inqueries will have =
to be made why this was decided, and what the consequences are. But, I =
don't expect a resolution to be reached in the next 6 hours.=20
I don't expect it to be resolved in any different way at all, based on =
my experience over the last 20 years. We're not a RIPE member, so we =
have *zero* influence, and relevance for the RIP-NCC board.
> In the meantime you could consider setting up an irrd[1], redirect =
queries to that instance instead of whois.ripe.net, and keep it kind of =
fresh by feeding it ftp://ftp.ripe.net/ripe/dbase/ripe.db.gz on a daily =
basis.=20
As far as bulk data, one *really* important aspect of GeekTools from day =
1, is that we do not provide any actual data, we *only* proxy data. So =
there is no possibility that at any time we have stale data. We are a =
proxy, not a provider of data. Its what Jon told me to do 14 years ago, =
and its what we have stuck to (I think we're the only whois proxy that =
has done this).
If we give you an answer today, you can count on it being the =
authoritative answer as of this second. If we can't reach a whois server =
when you query us, we do *not* give you a cached answer. We store =
nothing. Important when chasing miscreants or problems.
I don't want to change this.
>=20
> Kind regards,
>=20
> Job
>=20
> [1] http://www.irrd.net/
>=20
> On Dec 31, 2012, at 4:41 PM, Rodney Joffe <rjoffe@centergate.com> =
wrote:
>=20
>> NANOG and ARIN Friends,
>>=20
>> 14 Years ago, at the suggestion of Jon Postel and some of the early =
participants in NANOG, we developed the GeekTools Whois proxy to make it =
easier for *us* - network security and abuse techs - to deal with the =
expanding number of gtlds and registrars and the varied whois servers =
that were appearing. The service had both a CLI and web interface.
>>=20
>> The service also led directly to the creation of whois-servers.net, =
which now seems to be part of a number of *nix distributions.
>>=20
>> The service has been up for 14 years, and over that time we have =
fulfilled the requirements of all of the whois server operators in =
regards to minimizing and stopping abuse of the GT whois proxy by domain =
scrapers, spammers, etc, while enabling the security folks to do their =
jobs. In some cases we have even written code to pass the ip address of =
the requestor to the whois server registry operator when they wanted to =
manage quota's directly. We think we have a really good relationship =
with all of the whois server operators, and I think we provide a useful =
service to the community, and is widely used. And in 14 years we have =
never been tarred as an enabler of abuse of "the whois" system.
>>=20
>> There has obviously never been any kind of charge or fee for using =
the proxy, or any of the other tools on GeekTools. In about 2002 we =
started placing a banner ad on the web interface page to offset some of =
the costs for the bandwidth that the proxy consumes. An average of about =
$70 a month for over the last 10 years. Actual bandwidth costs are =
higher than that of course, but it was a thought in 2002 that we had =
frankly forgotten about until recently.
>>=20
>> Two weeks ago RIPE-NCC, who provide the whois data for IP addresses =
in the RIPE region, informed us that based on decisions by their =
members, as of January 1st 2013, tomorrow, they would no longer provide =
whois proxy query response services to GeekTools unless we ponied up =
$1,800 a year for RIPE membership.
>>=20
>> I don't work very well above layer 7. It is what it is. So I wanted =
to let you know that as of midnight tonight, apparently, you won't be =
able to use GeekTools for RIPE related queries. If you have automated =
scripts, and you are one of the users who has expanded access to =
GeekTools, you'll need to find an alternative for RIPE queries *today*. =
My guess is that you will be able to query RIPE directly, once you have =
worked out that the address space is within RIPE's assignments.
>>=20
>> I think its wrong to have to pay for whois data that is part of a =
community resource . So I won't do it.
>=20
> --=20
> AS5580 - Atrato IP Networks
>=20
>=20
>=20
>=20
