Save Vocea/ Sanjaya - APNIC PacINET2002 28 November 2002, Fiji APNIC Whois Tutorial.

Slides:



Advertisements
Similar presentations
1 First NIR Meeting Criteria for establishment of new National Internet Registries March 1st, Korea, Seoul.
Advertisements

Handling Internet Network Abuse Reports at APNIC 21 October 2010 LAP-CNSA Workshop, Melbourne George Kuo.
1 prop-018-v001 Protecting historical records in the APNIC Whois Database Project Update DB SIG APNIC18 2 September 2004 Nadi, Fiji Sanjaya, Project Manager,
IPv6: The Future of the Internet? July 27th, 1999 Auug.
APNIC Internet Routing Registry An introduction to the IRR TWNIC Meeting, 3 December 2003 Nurani Nimpuno, APNIC.
IPv6 Address Allocation Policies & Procedures Champika Wijayatunga, APNIC 1 st ASEAN IPv6 Summit Oct 20-22, 2003 – Kuala Lumpur, Malaysia.
IP Address Management The RIR System & IP policy
Reverse DNS. Overview Principles Creating reverse zones Setting up nameservers Reverse delegation procedures.
1 The Geography and Governance of Internet Addresses Paul Wilson APNIC.
Anne Lord & Mirjam Kühne. AfNOG Workshop, 10 May The whois Database Introduction and Usage.
Providing A Subset of Whois Data Via DNS Shuang Zhu Xing Li CERNET Center.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Database SIG APNIC Database Privacy Issues 1 March 2001 APRICOT, Malaysia Fabrina.
AussieISP Fall ‘99 Sydney, 9 April 1999 Overview and Status Report.
Mirjam Kühne 1 ETO, Oct The Internet Registry System presented by Mirjam Kühne.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Introduction and Overview ITU/PITA Joint Workshop Brisbane, October 2001.
The APNIC Whois Database Introduction and Usage. whois.apnic.net whois.ripe.netwhois.arin.net Server Unix Client ‘X’ Client Command Prompt / Web Interface.
Internet Addressing and the RIR system 11 February 2004 Phnom Penh, Cambodia Paul Wilson, APNIC.
Prepared by The Regional Internet Registries [APNIC, ARIN, LACNIC and RIPE NCC]
1 APNIC support for Internet development APT/PITA Regional Meeting on ICT for the Pacific August 2004, Nadi, Fiji Paul Wilson
Database Update Paul Palse Database Manager, RIPE NCC.
Part 2.
APNIC Update Paul Wilson Director General. APNIC RIR for Asia Pacific –IP address allocation and management –Open policy development Support for Internet.
APNIC Policy Update 1 st TWNIC IP Open Policy Meeting 3 December, 2003 Taipei, Taiwan.
Welcome! APNIC Members Training Course Internet Resource Management Essentials 31 August 2004, Nadi, Fiji APNIC -18 Open Policy Meeting.
Policy implementation and document status report Address Policy SIG APNIC 15, Taipei, Taiwan 27 February 2003.
IP address Allocation & and Requests AfNOG Workshop, May 2004 Dakar, Senegal.
APNIC Update AfriNIC 12 May 2010 Sanjaya Services Director, APNIC.
NATO Advanced Networking Workshop. Ljubljana, 19 September RIPE whois Database RIPE Network Coordination Centre.
APNIC Depletion of the IPv4 free address pool – IPv6 deployment The day after!! 8 August 2008 Queenstown, New Zealand In conjunction with APAN Cecil Goldstein,
Regional Internet Registries Statistics & Activities IETF 55 Atlanta Prepared By APNIC, ARIN, LACNIC, RIPE NCC.
1 Use role objects …to maintain your contacts in APNIC whois.
18th APNIC Open Policy Meeting SIG: DB Thursday 2 September 2004 Nadi, Fiji Chair: Xing Li.
Mirjam Kühne 1 EC, Oct Policy Development in RIPE & the RIPE NCC Mirjam Kühne RIPE NCC.
1 IPv4 Addressing in China CNNOG April 2006, Beijing Guangliang Pan.
Andrei Robachevsky. APNIC/APRICOT2001, February 2001, Kuala Lumpur, Malaysia. 1 New Version of the RIPE Database Andrei Robachevsky.
Anne Lord & Mirjam Kühne. AfNOG Workshop, 10 May IP Address Management AfNOG Workshop, 11 May 2001 Accra, Ghana presented by:
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC & Internet Address Policy in the Asia Pacific NZ Internet Industry Forum Auckland,
July 2002IEPG, Yokohama, Japan RIR Co-ordination and Joint Statistics IEPG, Yokohama, Japan Prepared By APNIC, ARIN, RIPE NCC.
1 IPv6 Allocation Policy and Procedure Global IPv6 Summit in China 2007 April 13, 2007 Gerard Ross and Guangliang Pan.
Whois Domain Object Authorisation APNIC18 – DB SIG Nadi, Fiji 2 September 2004.
APNIC Internet Resource Management and Internet Infrastructure Support PITA Members Meeting 10 January 2004 Honolulu, Hawaii Save Vocea, APNIC.
APNIC Security Update APSIRCC 2002 Tokyo, 25 March 2002.
Database Tutorial 3 September, Kitakyushu, Japan 14 th APNIC Open Policy meeting APNIC.
Management of Internet Resources ITU Workshop on Developing a Policy and Regulatory Framework for Developing Economies of the Pacific 1 December 2003 Suva,
IP Addressing and ICT Development in the Pacific Islands Anne Lord and Save Vocea, APNIC ICT Workshop, Fiji, November, 2002.
IP addresses and address management Miwa Fujii APNIC, Training Officer.
30 April 2003 ITU SG2, Geneva, Switzerland Axel Pawlik, RIPE NCC Information Document 21-E ITU-T Study Group 2 May 2003 Question:1/2 Source:TSB Title:The.
Internet Protocol Addresses What are they like and how are the managed? Paul Wilson APNIC.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Emerging Registry Criteria ASO General Assembly Budapest, 19 May 2000.
IEPG November 1999 APNIC Status Report. Membership Resource Status Recent Developments Future Plans Questions?
Current Policy Topics Emilio Madaio RIPE NCC RIPE November 2010, Rome.
1 The Internet Registry System Mirjam Kühne RIPE NCC EC-POP Brussels 5 July 1999.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Open Address Policy Meeting APNIC Reverse DNS October 26th, Brisbane Bruce.
17 th APNIC Open Policy Meeting APNIC IPv6 Address Guidelines Akira Nakagawa )/ POWEREDCOM Billy MH Cheon / KRNIC Toshiyuki.
JPNIC UPDATE ~ Personal Data Protection in JPNIC WHOIS ~ Toshiyuki Hosaka Japan Network Information Center (JPNIC) September 7 th, 2005 NIR SIG APNIC
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E IP Addresses: A critical resource for Asia-Pacific Internet development China Inet.
Mirjam Kühne. AfNOG Conference, 11 May Operational Co-ordination in the RIPE Region presented by: Mirjam Kühne RIPE NCC.
IP Address Management The RIR System Nurani Nimpuno APNIC.
Copyright (c) 2002 Japan Network Information Center Proposal for IPv6 Policy for Essential Infrastructure in the AP region Izumi Okutani IP Address Section.
Axel Pawlik. Regional Symposium on E-gov’t and IP, 24 November 2004, Dubai. Busting Internet Myths An Introduction to the RIPE NCC.
Whois Update Guangliang Pan. Overview Differences between APNIC and RIPE Whois Databases Change mnt-by from member’s maintainer to APNIC-HM for aut-num.
Regional Internet Registries An Overview
IEPG Minneapolis, March 1999
RIR Co-ordination and Joint Statistics
Research & Liaison Officer (Pacific)
AFRINIC Services Update
RIPE Whois Database Software Recent Changes
A Proposal to Protect Historical Records in APNIC Whois Database
Status Report on Policy Implementation at the APNIC Secretariat
Presentation transcript:

Save Vocea/ Sanjaya - APNIC PacINET November 2002, Fiji APNIC Whois Tutorial

2 Overview  APNIC introduction  APNIC Whois database  Using the Whois database  Database updates

3 Did you know (in the AP region): Every network IP address assignment should be registered in the APNIC database? You can use the APNIC Whois database as a diagnostic tool if you are: –A network operator –An Internet end user

4 Introducing APNIC Regional Internet Registry (RIR) for the Asia Pacific Region –Regional authority for Internet resource distribution IP addresses (IPv4 and IPv6), AS numbers, reverse DNS delegation –Provide services to 700+ members and NIR’s Industry self-regulatory body – Participation by those who use Internet resources – Consensus-based, open and transparent – Non-profit, neutral and independent –Open membership-based structure

5 APNIC is Not… Not a network operator –Does not provide networking services Works closely with APRICOT forum Not a standards body –Does not develop technical standards Works within IETF in relevant areas (IPv6 etc) Not a domain name registry or registrar Will refer queries to relevant parties

6 APNIC Partners APNIC works closely with The APNIC Membership Asia Pacific peak bodies in Internet industry, technology, policy and law –APNG, APIA, APTLD, APRICOT, PITA Other Regional Internet Registries (RIRs) –ARIN, RIPE NCC, LACNIC, (AFRINIC) Other leading Internet organisations –IANA, ICANN, IETF, IEPG, ISOC etc

7 RIR Coverage

8 Internet Organisation Hierarchy

9 Internet Registry Structure ICANN IANA PSO At Large DNSO ASO APNIC ARIN RIPE NCC LACNIC LIR NIR LIR ISP LIR ISP ASO

10 Conservation –Ensuring efficient use and conservation of resources Aggregation –Limiting growth of routable prefixes Uniqueness –Global visibility Registration –Registering the Internet resources in a public database Fairness and consistency –Equal consideration irrespective of external factors Goals of Address Management

11 Careful Address Management is Vital APNIC’s role –“Addressing the challenge of responsible resource distribution in the Asia Pacific” ISP’s role –To manage the resources they have been allocated –To develop policies to safeguard future supply which is essential to their business

12 APNIC Policy Making Process Discussions within APNIC community (Liaison with other RIRs) Policy meetings & SIGs, mailing lists etc By RIRs and community Consensus of community Policy is implemented Membership approval Regional Policy Variations

13 APNIC Whois Database

14 What is the APNIC Whois Database? Public network management database –Operated by IRs Tracks network resources –IP addresses, ASNs, Reverse Domains, Routing policies Records administrative information –Contact information (persons/roles) –Authorisation

15 Why Use the Database? Register use of Internet Resources IP assignments, reverse DNS, etc - Ascertain custodianship of a resource - Fulfill responsibilities as resource holder Obtain details of technical contacts for a network -Investigate security incidents -Track source of network abuse or “spam”

How to Use the APNIC Whois Database

17 Basic Database Queries 1.Command Line Interface (Unix) whois –h whois.apnic.net 2.Web interface

18 Object Types OBJECT PURPOSE personcontact persons rolecontact groups/roles inetnumIPv4 addresses inet6numIPv6 addresses aut-numAutonomous System number as-setgroup of autonomous systems domainreverse domains routeprefixes being announced mntner(maintainer) database authorisation

19 Queries - Primary and Lookup keys Performed as an argument to a query – – - –

20 DB Query – Person Object -h whois.apnic.net kx17-ap % Rights restricted by copyright. See person: Ky Xander address: ExampleNet Service Provider address: 2 Pandora St Boxville address: Wallis and Futuna Islands country: WF phone: fax-no: nic-hdl: KX17-AP mnt-by: MAINT-WF-EX changed: source: APNIC

21 DB Query – Maintainer Object -h whois.apnic.net MAINT-WF-EX % Rights restricted by copyright. See mntner:MAINT-WF-EX descr: Maintainer for ExampleNet Service Provider country: WF admin-c: ZU3-AP tech-c: KX17-AP upd-to: mnt-nfy: auth: CRYPT-PW apHJ9zF3o mnt-by: MAINT-WF-EX referral-by: MAINT-APNIC-AP changed: source: APNIC

22 IP Address Queries inetnum, inet6num store information about ranges of IP addresses Default lookup for IP ranges –When no flags are specified whois server will try to find an exact match for that range whois –h whois.apnic.net

23 IP Address Queries More and less specific queries –("-M", "-m", "-L" and "-l" ) -l –Returns first level less specific inetnum, inet6num excluding exact matches whois -l [customer’s IP range] -L –Returns all level less specific inetnum, inet6num including exact matches. whois -L [IP range]

24 IP Address Queries -m –Returns first level more specific inetnum, inet6num excluding exact matches. whois -m [allocation IP range] -M –Returns all level more specific inetnum, inet6num excluding exact matches. whois -m [allocation IP range]

25 IP Address Lookups -x –Only an exact match on a prefix –If no exact match is found, no objects are returned whois -x [IP range] -d –Enables use of the "-m", "-M", "-l" and "- L" flags for lookups on reverse delegation domains.

26 inetnum: – /20 inetnum: – /8 Database Query - inetnum /25 inetnum: whois -l /20 whois /20 whois –m /20 inetnum: /26 inetnum: /24 More specific  (= smaller blocks) Less specific  (= bigger block)

27 inetnum: /20 inetnum: – /8 Database Query - Inetnum whois -L /20 (all less specific) whois /20 whois –m /20 (1 level more specific) inetnum: /24 inetnum: /26 inetnum: whois -l /20 (1 level less specific) whois –m /20 (all more specific) /16

28 Inverse Queries Inverse queries are performed on inverse keys See object template (whois –t) Returns all objects that reference the object with the key specified as a query argument Practical when searching for objects in which a particular value is referenced, such as your nic-hdl

29 Inverse Queries - Syntax whois -i –-i

30 Inverse Queries - Examples whois –i tech-c KX17-AP all objects with tech-c KX17-AP whois -i admin-c,tech-c,zone-c -T domain KX17-AP all domain objects with admin-c, tech-c or zone-c KX17-AP whois -ipn KX17-AP all objects referencing KX17-AP whois -i mnt-by MAINT-WF-EX All objects maintained by MAINT-WF-EX whois -i notify All objects with the notify no space!

31 Questions?

Database Updates

33 Database Update Process – requests to Each request contains an object template Update Request Template Parse Warnings/Errors returned Error Auth. Data Base Whois Server whois.apnic.net

34 Updates In the whois Database Create, modify or delete MIME support text/plain, application/pgp-signature, application/pgp multipart/mixed, multipart/alternative, multipart/signed, message/rfc822 each MIME part is treated as a separate submission

35 Object Processing – Server Checks Verifies that the syntax of an object is correct Verifies that the object passes authorisation checks Verifies that all references can be resolved without conflicts

36 Object Processing – Server Checks Verifies that the operation does not compromise referential integrity –the deletion of an object To ensure that it is not referenced from any other object in the database Verifies that the requested nic-hdl is not in use and can be allocated Only for the creation of person or role objects that request a particular NIC handle

37 RPS Security Routing Policy System Security –RFC 2725 Stronger, hierarchical authorisation and authentication Protect your database objects! –Request for mntner object

38 Maintainer Object - Example mntner:MAINT-WF-EX descr: Maintainer for ExampleNet Service Provider country: WF admin-c: ZU3-AP tech-c: KX17-AP upd-to: mnt-nfy: auth: CRYPT-PW apHJ9zF3o mnt-by: MAINT-WF-EX referral-by: MAINT-APNIC-AP changed: source: APNIC The mntner object provides data protection for other objects

39 Maintainer Object Attributes upd-to (mandatory) notification for failed updates mnt-nfy (optional, encouraged) works like notify but for all objects that refererence this mntner mnt-by (mandatory) can reference the object itself referral-by (mandatory) references mntner object that created this object

40 Authentication Methods ‘auth’ attribute – Strongly discouraged! – Very weak authentication. Discouraged –Crypt-PW Crypt (Unix) password encryption Use web page to create your maintainer –PGP – GNUPG Strong authentication (Requires PGP keys) –MD5 Soon available

41 mnt-by & mnt-lower ‘mnt-by’ attribute Can be used to protect any object Changes to protected object must satisfy authentication rules of ‘mntner’ object. ‘mnt-lower’ attribute Also references mntner object Hierarchical authorisation for inetnum, inet6num & domain objects The creation of child objects must satisfy this mntner Protects against unauthorised updates to an allocated range highly recommended!

42 Inetnum: netname: LOXINFO-TH descr: Loxley Information Company Ltd. Descr: 304 Suapah Rd, Promprab,Bangkok country: TH admin-c: KS32-AP tech-c: CT2-AP mnt-by: APNIC-HM mnt-lower: LOXINFO-IS changed: source: APNIC Authentication/Authorisation –APNIC allocation to member Created and maintained by APNIC Only APNIC can change this object

43 Inetnum: netname: SCC-TH descr: Sukhothai Commercial College Country: TH admin-c: SI10-AP tech-c: VP5-AP mnt-by: LOXINFO-IS changed: source: APNIC Authentication/Authorisation –Member assignment to customer Created and maintained by APNIC member Only LOXINFO-IS can change this object

44 Common Errors - Incorrect password Date: Wed, 31 Jul :20: From APNIC Whois Management To: Subject: FAILED: FW: Update MAINT-WF-EX with an Incorrect password Part of your update FAILED For help see or send a message to auto- With 'help'in the subject line Update FAILED: [mntner] MAINT-WF-EX Authorisation failed, request forwarded to maintainer mntner: MAINT-WF-EX descr: Maintainer for ExampleNet Service Provider country: WF admin-c: ZU3-AP tech-c: KX17-AP upd-to: mnt-nfy: auth: CRYPT-PW apHJ9zF3o referral-by: MAINT-APNIC-AP changed: source: APNIC

45 Stay in Touch with APNIC It is important and easy – to They are there to help you –Attend Member Trainings NZ December 9, 2002 and Pacific 2003 –Collectively send a person to APNIC meetings 2003: APNIC15, Feb With APRICOT –Check the APNIC web pages frequently

46 Questions? Thank you for listening

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.