NATO Advanced Networking Workshop. Ljubljana, 19 September 2001. 1 RIPE whois Database RIPE Network Coordination Centre.

Slides:



Advertisements
Similar presentations
RP Designs Semi-Custom e-Commerce Package. Overview RP Designs semi- custom e-commerce package is a complete website solution. Visitors can browse a catalog.
Advertisements

Copyright (c) 2002 Japan Network Information Center Introduction of JPNICs New Registry System Izumi Okutani IP Address Section Japan Network Information.
Update about the “SHOULDs Analysing Project” in RIPE Policy Documents “Should” we use the RFC 2119 Defined Language in RIPE Policy Documents? Jan Žorž,
Database Update Johan Åhlén Assistant Manager and Denis Walker Business Analyst.
Save Vocea/ Sanjaya - APNIC PacINET November 2002, Fiji APNIC Whois Tutorial.
Database Update Kaveh Ranjbar Database Department Manager, RIPE NCC.
1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.
1 prop-018-v001 Protecting historical records in the APNIC Whois Database Project Update DB SIG APNIC18 2 September 2004 Nadi, Fiji Sanjaya, Project Manager,
Database Update Kaveh Ranjbar Database Group Manager, RIPE NCC.
APNIC Internet Routing Registry An introduction to the IRR TWNIC Meeting, 3 December 2003 Nurani Nimpuno, APNIC.
1 of 7 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.
Andrei Robachevsky, Shane Kerr. APNIC/APRICOT2001, February 2001, Kuala Lumpur, Malaysia. 1 Routing Registry Consistency Check Presented.
Introduction to the Secure SMTP Server service. Secure SMTP server is a secure, reliable SMTP mail relay server for your outgoing mail. Secure SMTP service.
Reverse DNS. Overview Principles Creating reverse zones Setting up nameservers Reverse delegation procedures.
How to Get The Most Out of Outlook 2003 Michele Schwartzman Division of Customer Support Summer 2006.
Login Screen This is the Sign In page for the Dashboard Enter Id and Password to sign In New User Registration.
Local Internet Registries. Training Course. 1 Welcome to the IP Tutorial 26 January 2001 RIPE Network Co-ordination Centre
Local Internet Registries. Training Course. 1 Welcome to the Local Internet Registry Course RIPE Network Co-ordination Centre NEW version.
Anne Lord & Mirjam Kühne. AfNOG Workshop, 10 May The whois Database Introduction and Usage.
Providing A Subset of Whois Data Via DNS Shuang Zhu Xing Li CERNET Center.
Local Internet Registries. Training Course. 1 Welcome to the Local Internet Registry Course RIPE Network Co-ordination Centre NEW version.
NATO Advanced Networking Workshop. Ljubljana, 19 September “How to Run a Local Internet Registry” or all your IPs are belong.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Database SIG APNIC Database Privacy Issues 1 March 2001 APRICOT, Malaysia Fabrina.
Employee Self Service (ESS) Version Employee Self Service  access from any computer  view their elected withholding, earnings summary, check.
Database Update Kaveh Ranjbar Database Department Manager, RIPE NCC.
Login Screen This is the Sign In page for the Dashboard New User Registration Enter Id and Password to sign In.
The APNIC Whois Database Introduction and Usage. whois.apnic.net whois.ripe.netwhois.arin.net Server Unix Client ‘X’ Client Command Prompt / Web Interface.
KNOWLEDGE MANAGEMENT (KNOWLEDGE ARTICLES) WebDesk Training.
Database Update Paul Palse Database Manager, RIPE NCC.
Part 2.
XP New Perspectives on Browser and Basics Tutorial 1 1 Browser and Basics Tutorial 1.
Database Update Kaveh Ranjbar Database Department Manager, RIPE NCC.
Policy implementation and document status report Address Policy SIG APNIC 15, Taipei, Taiwan 27 February 2003.
IP address Allocation & and Requests AfNOG Workshop, May 2004 Dakar, Senegal.
Sympa Mailing List Server
Denis Walker. RIPE 45, May 2003, Barcelona. 1 DBupdate Denis Walker RIPE NCC.
APNIC Internet Routing Registry An introduction to the IRR TWNIC Meeting, 3 December 2003 Nurani Nimpuno, APNIC.
Internet2 Routing Working Group Merit Route Registry Update July 30, 2002 Larry Blunk.
1 Use role objects …to maintain your contacts in APNIC whois.
Dedicated to preserving the central coordinating functions of the global Internet for the public good. John L. Crain, Chief Technical Officer, ICANN
18th APNIC Open Policy Meeting SIG: DB Thursday 2 September 2004 Nadi, Fiji Chair: Xing Li.
Consultation on Policy Documentation Adam Gosling APNIC 40 Policy SIG 10 September 2015.
1 To Insert AS Origin field into APNIC IP address database Xing Li Shuang Zhu CERNET
Andrei Robachevsky. APNIC/APRICOT2001, February 2001, Kuala Lumpur, Malaysia. 1 New Version of the RIPE Database Andrei Robachevsky.
Whois Domain Object Authorisation APNIC18 – DB SIG Nadi, Fiji 2 September 2004.
MyAPNIC Survey 2015 What have we learned? APNIC Services Vivek Nigam 9 September 2015 Jakarta.
Database Tutorial 3 September, Kitakyushu, Japan 14 th APNIC Open Policy meeting APNIC.
Leo vegoda. APNIC 14, 3–6 Sept. 2002, Kitakyushu, Japan. 1 RIPE NCC Status Report at APNIC 14 Looking forward to winter…
Horses for courses- like IPv6 profiles for german administration Constanze Bürger Bundesministerium des Innern.
Andrei Robachevsky. 12th APNIC Open Plicy Meeting, August 2001, Taipei, Taiwan. 1 New Version of the RIPE Database Andrei Robachevsky.
Local Internet Registries. RIPE 47 - IP Request Tutorial. 1 Welcome to the RIPE NCC IP Request Tutorial January 27, 2003 RIPE Network.
APNIC Internet Routing Registry Tutorial Seoul 19 August 2003.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Autonomous System Numbers How to describe Routing Policy.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Open Address Policy Meeting APNIC Reverse DNS October 26th, Brisbane Bruce.
17 th APNIC Open Policy Meeting APNIC IPv6 Address Guidelines Akira Nakagawa )/ POWEREDCOM Billy MH Cheon / KRNIC Toshiyuki.
JPNIC UPDATE ~ Personal Data Protection in JPNIC WHOIS ~ Toshiyuki Hosaka Japan Network Information Center (JPNIC) September 7 th, 2005 NIR SIG APNIC
1 To Insert AS Origin field into APNIC IP address database Xing Li Shuang Zhu CERNET
Whois & Data Accuracy Across the RIRs. Terms ISP – An Internet Service Provider is allocated address space by an RIR for the purpose of providing connectivity.
11 DEPLOYING AN UPDATE MANAGEMENT INFRASTRUCTURE Chapter 6.
1 FRED – open source registry system CZ.NIC, z.s.p.o. Jaromír Talíř
Whois Update Guangliang Pan. Overview Differences between APNIC and RIPE Whois Databases Change mnt-by from member’s maintainer to APNIC-HM for aut-num.
Architecture Review 10/11/2004
AFRINIC Services Update
Configuring Internet-related services
To the ETS – Encumbrance Online Training Course
RIPE Whois Database Software Recent Changes
This is the Sign In page for the Dashboard
To the ETS – Encumbrance Online Training Course
By Keessun Fokeerah Member Services(MS) Team
Presentation transcript:

NATO Advanced Networking Workshop. Ljubljana, 19 September RIPE whois Database RIPE Network Coordination Centre

NATO Advanced Networking Workshop. Ljubljana, 19 September Schedule intro basic DB queries creating person/role object creating network object advanced DB queries protecting objects updating objects exercises / examples

NATO Advanced Networking Workshop. Ljubljana, 19 September RIPE Database Intro Public Network Management Database Software Management RIPE NCC requirements by RIPE community download from ftp://ftp.ripe.net/ Data Management LIRs, other users RIPE NCC Information content not responsibility of RIPE NCC Exchange of knowledge – Transition to RPSL

NATO Advanced Networking Workshop. Ljubljana, 19 September Object Types Information about: objects: IP address space inetnum, inet6num reverse domainsdomain routing policies route, aut-num, etc contact detailsperson, role, mntner Server whois.ripe.net UNIX client (command line queries) The most important documents –Representation of IP Routing Policies in a Routing Registry (ripe-181) –RIPE NCC Database Reference Manual (ripe-223) New!

NATO Advanced Networking Workshop. Ljubljana, 19 September Basic Queries Whois (client, web interface) –searches only look-up keys –returns exact match Look-up keys - usually the object name –person, role: name, , nic-hdl –inetnum: address (or range), netname Glimpse - full text search e.g. searching for address space based on the postal address or the name of the organisation Examples

NATO Advanced Networking Workshop. Ljubljana, 19 September Creating person Object Check if person object exists in RIPE DB –only one object per person Obtain and complete a template  whois -t person whois -v person (verbose)  Send to Each person and role object has a unique nic-hdl

NATO Advanced Networking Workshop. Ljubljana, 19 September whois -t person person: [mandatory] [single] [lookup key] address: [mandatory] [multiple] [ ] phone: [mandatory] [multiple] [ ] fax-no: [optional] [multiple] [ ] [optional] [multiple] [lookup key] nic-hdl: [mandatory] [single] [primary/look-up key] remarks: [optional] [multiple] [ ] notify: [optional] [multiple] [inverse key] mnt-by: [optional] [multiple] [inverse key] changed: [mandatory] [multiple] [ ] source: [mandatory] [single] [ ]

NATO Advanced Networking Workshop. Ljubljana, 19 September whois -t role role: [mandatory] [single] [lookup key] address: [mandatory] [multiple] [ ] phone: [optional] [multiple] [ ] fax-no: [optional] [multiple] [ ] [mandatory] [multiple] [lookup key] trouble: [optional] [multiple] [ ] admin-c: [mandatory] [multiple] [inverse key] tech-c: [mandatory] [multiple] [inverse key] nic-hdl: [mandatory] [single] [primary/look-up key] remarks: [optional] [multiple] [ ] notify: [optional] [multiple] [inverse key] mnt-by: [optional] [multiple] [inverse key] changed: [mandatory] [multiple] [ ] source: [mandatory] [single] [ ]

NATO Advanced Networking Workshop. Ljubljana, 19 September role: Technical BlueLight Staff... nic-hdl: AUTO-#initials AUTO-2BL nic-hdl person: Piet Bakker... nic-hdl: AUTO-1 PB1234-RIPE Unique identifier for person and role objects –primary key for person and role objects Format: [number]- –e.g. CD567-RIPE, JFK11-RIPE Used in all attributes where contact info is needed  Use “AUTO-#” placeholders BL112-RIPE

NATO Advanced Networking Workshop. Ljubljana, 19 September Database Robot Responses Successful update –acknowledgement Warnings –object accepted but might be ambiguous –object corrected and accepted Errors –object NOT corrected and NOT accepted –diagnostics in acknowledgement If not clear send questions to –include error report and the original message

NATO Advanced Networking Workshop. Ljubljana, 19 September Creating Network Objects AW=0 or AW<request_size –take the “network template” from the approved request otherwise –whois -t inetnum Send to –with (only) the keyword NEW in the subject line to avoid over-writing the existing objects (address range is the primary key for inetnum)

NATO Advanced Networking Workshop. Ljubljana, 19 September whois -t inetnum inetnum: [mandatory] [single] [primary/look-up key] netname: [mandatory] [single] [lookup key] descr: [mandatory] [multiple][ ] country: [mandatory] [multiple][ ] admin-c: [mandatory] [multiple][inverse key] tech-c: [mandatory] [multiple][inverse key] rev-srv: [optional] [multiple][inverse key] status: [mandatory] [single] [ ] remarks: [optional] [multiple][ ] notify: [optional] [multiple][inverse key] mnt-by: [mandatory] [multiple][inverse key] mnt-lower: [optional] [multiple][inverse key] mnt-routes: [optional] [multiple][inverse key] changed: [mandatory] [multiple][ ] source: [mandatory] [single] [ ]

NATO Advanced Networking Workshop. Ljubljana, 19 September Pay Attention to... Insert the address range –in the ‘network template’ from the approved request form Keep the same netname attribute as approved Create person or role objects in advance –admin-c: on site; client’s MD –tech-c: LIR or consultant Status: ASSIGNED PA In the changed attribute leave out the date –DB will add the current date  Protection is mandatory –recommended: include mnt-lower and mnt-routes

NATO Advanced Networking Workshop. Ljubljana, 19 September Changes with RPSL Objects format - stricter syntax checks!!! –line continuation (white space or “+” sign) –attribute order is relevant and preserved –support for end of line comments (after “#”) –no empty attributes allowed inetnum value can not be in prefix notation! correct: a.b.c.d - w.x.y.z Submission to the DB supports: –MIME –PGP (GnuPG) New in RPSL!

NATO Advanced Networking Workshop. Ljubljana, 19 September Querying Address Ranges –whois [customer’s IP range, customer’s netname] netname not unique search key –whois -m [LIR allocated IP range] list of biggest sub-ranges (first level more specific) –whois -M [LIR allocated IP range] all sub-ranges –whois -L [customer’s IP range] exact match & bigger encompassing ranges –LIR’s own allocation object & RIPE NCC’s /8 –whois -l [customer’s IP range] not the exact match, but the smallest bigger object –whois -x [IP range] if no matching object is found nothing is returned New in RPSL! New in RPSL!

NATO Advanced Networking Workshop. Ljubljana, 19 September Example DB Queries / /25 BLUELIGHT GOODY2SHOES whois -M /19 whois -m /19 whois -L ENGOS /29 ENGO /29 ENGO-8

NATO Advanced Networking Workshop. Ljubljana, 19 September Inverse Lookups in RIPE DB whois -i {attribute} {value} Inverse keys –notify, mnt-by, mnt-lower, admin-c, tech-c, zone-c, whois –i tech-c JJ125-RIPE –whois -i admin-c,tech-c,zone-c -T domain JJ125-RIPE –whois -ipn JJ125-RIPE whois -i mnt-by BLUELIGHT-MNT whois -i notify New in RPSL!

NATO Advanced Networking Workshop. Ljubljana, 19 September Non-Recursive Lookups: “-r” whois => inetnum,route,person(s) –whois -r => inetnum, route –whois -T inetnum => inetnum,persons –whois -r -T inetnum => inetnum –whois -T route => route Summary -- DB flags: –-i, -r, -T, -m, -M, -l, -L, -x

NATO Advanced Networking Workshop. Ljubljana, 19 September Questions? (link back to the Assignment Process)

NATO Advanced Networking Workshop. Ljubljana, 19 September Advanced Database Issues Protection DB administration – updating objects – deleting objects Test whois Database

NATO Advanced Networking Workshop. Ljubljana, 19 September Notification / Authorisation notify attribute (optional) –sends notification of change to the address specified  mnt-by attribute & mntner object – mnt-by mandatory (except dn, pn, ro)  Hierarchical authorisation for inetnum, domain, route, aut-num objects –mnt-lower attribute –mnt-routes attribute New in RPSL! New in RPSL!

NATO Advanced Networking Workshop. Ljubljana, 19 September Creating Maintainer Object Mandatory protection of objects except for person, role and domain –updates of objects that contain mnt-by attribute must pass the authentication rules in the mntner object Decide on the authentication method –ripe-223 ripe-157, ripe-189 documents obsolete Manual registration necessary –send the mntner object to –requester needs to be contact person from the LIR  See also: Protection of RIPE DB objects New!

NATO Advanced Networking Workshop. Ljubljana, 19 September Authorisation Mechanism inetnum: netname: BLUELIGHT-1 descr: Blue Light Internet ………….. mnt-by:BLUELIGHT-MNT mntner: BLUELIGHT-MNT descr: Maintainer for all Bluelight objects admin-c: JJ231-RIPE tech-c: BL112-RIPE auth: CRYPT-PW q5nd!~sfhk0# upd-to: mnt-nfy: referral-by: RIPE-DBM-MNT mnt-by: BLUELIGHT-MNT changed: source: RIPE

NATO Advanced Networking Workshop. Ljubljana, 19 September Maintainer Object Attributes  auth (mandatory, multiple) upd-to (mandatory) –notification for failed updates mnt-nfy (optional, encouraged) –works like notify but for all objects that refer to this mntner mnt-by (mandatory) –can reference the object itself referral-by (mandatory) –references mntner object that created this object Manual registration of object necessary Send object to New in RPSL!

NATO Advanced Networking Workshop. Ljubljana, 19 September Authentication Methods 1. auth: NONE could be used with mnt-nfy attribute 2. auth: MAIL-FROM { , reg-exp} –e.g. protection from typos 3. auth: CRYPT-PW {encrypted password} include password attribute in your updates –value is clear text password 4. auth: PGPKEY- key-cert object –see: ripe-223

NATO Advanced Networking Workshop. Ljubljana, 19 September inetnum: netname: NL-BLUELIGHT …... status: ALLOCATED PA mnt-by: RIPE-NCC-HM-MNT mnt-lower: BLUELIGHT-MNT mnt-routes: BLUELIGHT-MNT changed: changed: source: TEST Ask to add mnt-lower and mnt-routes attributes into your allocation inetnum objects Hierarchical Authorisation 

NATO Advanced Networking Workshop. Ljubljana, 19 September Hierarchical Authorisation (cont’d) mnt-lower and mnt-routes attributes –authenticate only creation of more specific objects –only one level below mandatory in allocation inetnum objects mandatory in PI assignment inetnum objects recommended in PA inetnum objects, and route objects mnt-routes in aut-num object e.g. AS42 –authenticates creation of route objects with origin: AS42 New in RPSL!

NATO Advanced Networking Workshop. Ljubljana, 19 September DB Update Procedure Send to: Modifying an object –obtain object from RIPE DB –make needed changes –keep the same primary key –add the changed line to the new version of object changed: keep the old changed lines in to show history –include authentication (password, PGP signature) Deleting an object –add delete line to the exact copy of current object delete: overlapping inetnum –include authentication (password, PGP signature)

NATO Advanced Networking Workshop. Ljubljana, 19 September When to Update Your Objects Fixing overlapping assignments Merging two inetnum (domain, route) objects  Splitting one assignment into smaller ones Changing the netname Protecting unprotected objects –including mnt-by attribute Updating peering agreements in aut-num  Updating references to new contact persons/roles –admin-c, tech-c, zone-c Updating contact info –phone/address change in person/role/mntner

NATO Advanced Networking Workshop. Ljubljana, 19 September Inetnum: person: JAJA1-RIPE Case Study 1 -- Contact Person Left 1. whois -i tech-c JAJA1-RIPE 2. Create new person object ( for Carl Dickens, new guy ) 3. Change the tech-c reference in all inetnum objects 4. Delete old person object Inetnum: JAJA1-RIPE... CD2-RIPE person:

NATO Advanced Networking Workshop. Ljubljana, 19 September CD2-RIPE CD2-RIPE Case Study 2 -- Replacing tech-c Using role Object 1. Create person object for each tech-c 2. Create role object for all tech-c:s 3. Change the tech-c reference in all inetnum objects to reference role object 4. Keep role object up-to-date with staff changes CD2-RIPE BL112-RIPE... BL112-RIPE CD2-RIPE JJ231-RIPE role: person: JJ231-RIPE person:

NATO Advanced Networking Workshop. Ljubljana, 19 September Case Study 3 -- Replacing Assignment Objects Splitting any approved assignment e.g. moving first assignment registered as one block, at the beginning of allocated range –delete the original object –create two or more new objects –keep the same netname or let RIPE NCC know of the change using the same ticket number

NATO Advanced Networking Workshop. Ljubljana, 19 September Test whois Database Non-production whois Database Similar interface as “real” RIPE whois Database –whois & whois -h test-whois.ripe.net ; –syntax checking –error reports Possible to automatically create mntner Ideal for testing –various authorisation schemes –self-made scripts that update RIPE whois DB Source: TEST

NATO Advanced Networking Workshop. Ljubljana, 19 September Questions? Questions, bug reports:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.