Has PSI been assigned network 1?

Geert Jan de Groot GeertJan.deGroot at ripe.net
Thu Apr 20 10:46:09 UTC 1995


On Wed, 19 Apr 1995 20:09:22 -0400  Vadim Antonov wrote:
> There should be two different IRR machines for AS owners only (the one
> which allows updates) and the one which responds on queries from
> the general public, so we can get reasonable responsiveness, w/o
> "please try again"s.

A lonely, old SUN ELC did the RIPE RR for a long time. We only
replaced it recently with a 5 because of the load indexing causes,
not because of the load the database queries caused.

That ELC did a lot more (it was {ns, ftp, info, www, wais, gopher}.ripe.net)
and was not even close to resource starvation.

Aren't you mixing things up with some problems at the Internic some
time ago?

As to the speed of the database, there might be some other weird problem
because when I connect to the FTP port of tiny.sprintlink.net, it
usually takes more than 30 seconds to get the initial FTP banner.
The TCP setup is immediate, data flows much later.
Testing port 7 finds that for that port too, TCP setup is immediate
but (first) data echo is delayed. I don't see this with most 
other sites, something to investigate?

> (And it is slow.  I would like to be able to establish a connection
> and do a thousand of queries.  Some my nasty scripts call whois
> several thousand times.)

That is certainly possible, though not documented at this time:
- COnnect to the whois port
- Send the first search string with -k (keep)
- Receive objects, separated by empty lines:
	inetnum:	234.567.789.0
	....

	route:		234.567.789.0/40
	....
  The end of the query is shown by two empty lines, after which
  the whois server doesn't close but waits for further queries.
  Send in the next line and the protocol repeats
- After 30 secs of inactivity, you get kicked out; no stragglers allowed

prtraceroute uses this internally to obtain reasonable performance.
(it does a *lot* of whois queries too)

Does this address that concern?

I do agree that this does not include updates, though.
Think of the security requirements and how to implement them.
For mail at least, we are able to keep an audit trail (which we do).

> It also lacks query functions (what are all networks i'm supposed
> to hear from peer X?,  which networks Lollypop Inc. owns?)

That is provided via WAIS.

> PGP is fine; what about security for on-line interfaces; and who
> guarantees security of RS machines?

I am open for suggestions on how to implement this..

Geert Jan




More information about the NANOG mailing list