[159220] in North American Network Operators' Group
Re: GeekTools Whois Proxy and RIPE/RIPE-NCC
daemon@ATHENA.MIT.EDU (Rodney Joffe)
Mon Dec 31 14:57:13 2012
From: Rodney Joffe <rjoffe@centergate.com>
In-Reply-To: <E3EDF7AB-5368-4C2B-BFE1-904989BA80D2@a2b-internet.com>
Date: Mon, 31 Dec 2012 14:56:59 -0500
To: Erik Bais <ebais@a2b-internet.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Hi Erik,
I appreciate the offer (a number of RIPE members have stepped forward). =
However I would not a) want this to in any way threaten your membership =
status - its possible I guess that this might violate the RIPE contract =
because it is a circumvention, and b) would not want special status - =
its important that the problem should be resolved for all the parties =
who are being affected and don't have a voice. GeekTools isn't special.=20=
I can easily afford RIPE membership. However its the principle, and the =
small folks that matter.
I'm hoping that the good folks on the RIPE board think about the =
unintended detrimental consequences of their decision. I'm sure they =
didn't mean this to happen...
Thanks again.
Rodney
On Dec 31, 2012, at 2:48 PM, Erik Bais <ebais@a2b-internet.com> wrote:
> Hi Rodney,
>=20
> Would support from a RIPE LIR be sufficient to keep the service up ?=20=
>=20
> I'm pretty sure there isn't a requirement to register for a LIR =
membership if this is the only usage.=20
>=20
> As a RIPE LIR, we can have a look at what the options are if that =
would help.=20
>=20
> Have a good new year,
>=20
> Regards,
> Erik Bais
> A2B Internet=20
>=20
> Verstuurd vanaf mijn iPad
>=20
> Op 31 dec. 2012 om 16:41 heeft Rodney Joffe <rjoffe@centergate.com> =
het volgende geschreven:
>=20
>> NANOG and ARIN Friends,
>>=20
>> 14 Years ago, at the suggestion of Jon Postel and some of the early =
participants in NANOG, we developed the GeekTools Whois proxy to make it =
easier for *us* - network security and abuse techs - to deal with the =
expanding number of gtlds and registrars and the varied whois servers =
that were appearing. The service had both a CLI and web interface.
>>=20
>> The service also led directly to the creation of whois-servers.net, =
which now seems to be part of a number of *nix distributions.
>>=20
>> The service has been up for 14 years, and over that time we have =
fulfilled the requirements of all of the whois server operators in =
regards to minimizing and stopping abuse of the GT whois proxy by domain =
scrapers, spammers, etc, while enabling the security folks to do their =
jobs. In some cases we have even written code to pass the ip address of =
the requestor to the whois server registry operator when they wanted to =
manage quota's directly. We think we have a really good relationship =
with all of the whois server operators, and I think we provide a useful =
service to the community, and is widely used. And in 14 years we have =
never been tarred as an enabler of abuse of "the whois" system.
>>=20
>> There has obviously never been any kind of charge or fee for using =
the proxy, or any of the other tools on GeekTools. In about 2002 we =
started placing a banner ad on the web interface page to offset some of =
the costs for the bandwidth that the proxy consumes. An average of about =
$70 a month for over the last 10 years. Actual bandwidth costs are =
higher than that of course, but it was a thought in 2002 that we had =
frankly forgotten about until recently.
>>=20
>> Two weeks ago RIPE-NCC, who provide the whois data for IP addresses =
in the RIPE region, informed us that based on decisions by their =
members, as of January 1st 2013, tomorrow, they would no longer provide =
whois proxy query response services to GeekTools unless we ponied up =
$1,800 a year for RIPE membership.
>>=20
>> I don't work very well above layer 7. It is what it is. So I wanted =
to let you know that as of midnight tonight, apparently, you won't be =
able to use GeekTools for RIPE related queries. If you have automated =
scripts, and you are one of the users who has expanded access to =
GeekTools, you'll need to find an alternative for RIPE queries *today*. =
My guess is that you will be able to query RIPE directly, once you have =
worked out that the address space is within RIPE's assignments.
>>=20
>> I think its wrong to have to pay for whois data that is part of a =
community resource . So I won't do it.
>=20
