GeekTools Whois Proxy and RIPE/RIPE-NCC

Mon Dec 31 16:56:14 UTC 2012

Hi Job,

On Dec 31, 2012, at 11:46 AM, Job Snijders <job.snijders at atrato-ip.com> wrote:

> Hi Rodney,
> 
> From the looks of it, this decision was made by the RIPE NCC Executive Board rather than at the General Meeting.  Inqueries will have to be made why this was decided, and what the consequences are. But, I don't expect a resolution to be reached in the next 6 hours. 

I don't expect it to be resolved in any different way at all, based on my experience over the last 20 years. We're not a RIPE member, so we have *zero* influence, and relevance for the RIP-NCC board.

> In the meantime you could consider setting up an irrd[1], redirect queries to that instance instead of whois.ripe.net, and keep it kind of fresh by feeding it ftp://ftp.ripe.net/ripe/dbase/ripe.db.gz on a daily basis. 

As far as bulk data, one *really* important aspect of GeekTools from day 1, is that we do not provide any actual data, we *only* proxy data. So there is no possibility that at any time we have stale data. We are a proxy, not a provider of data. Its what Jon told me to do 14 years ago, and its what we have stuck to (I think we're the only whois proxy that has done this).

If we give you an answer today, you can count on it being the authoritative answer as of this second. If we can't reach a whois server when you query us, we do *not* give you a cached answer. We store nothing.  Important when chasing miscreants or problems.

I don't want to change this.

> 
> Kind regards,
> 
> Job
> 
> [1] http://www.irrd.net/
> 
> On Dec 31, 2012, at 4:41 PM, Rodney Joffe <rjoffe at centergate.com> wrote:
> 
>> NANOG and ARIN Friends,
>> 
>> 14 Years ago, at the suggestion of Jon Postel and some of the early participants in NANOG, we developed the GeekTools Whois proxy to make it easier for *us* - network security and abuse techs - to deal with the expanding number of gtlds and registrars and the varied whois servers that were appearing. The service had both a CLI and  web interface.
>> 
>> The service also led directly to the creation of whois-servers.net, which now seems to be part of a number of *nix distributions.
>> 
>> The service has been up for 14 years, and over that time we have fulfilled the requirements of all of the whois server operators in regards to minimizing and stopping abuse of the GT whois proxy by domain scrapers, spammers, etc, while enabling the security folks to do their jobs. In some cases we have even written code to pass the ip address of the requestor to the whois server registry operator when they wanted to manage quota's directly. We think we have a really good relationship with all of the whois server operators, and I think we provide a useful service to the community, and is widely used. And in 14 years we have never been tarred as an enabler of abuse of "the whois" system.
>> 
>> There has obviously never been any kind of charge or fee for using the proxy, or any of the other tools on GeekTools. In about 2002 we started placing a banner ad on the web interface page to offset some of the costs for the bandwidth that the proxy consumes. An average of about $70 a month for over the last 10 years. Actual bandwidth costs are higher than that of course, but it was a thought in 2002 that we had frankly forgotten about until recently.
>> 
>> Two weeks ago RIPE-NCC, who provide the whois data for IP addresses in the RIPE region, informed us that based on decisions by their members, as of January 1st 2013, tomorrow, they would no longer provide whois proxy query response services to GeekTools unless we ponied up $1,800 a year for RIPE membership.
>> 
>> I don't work very well above layer 7. It is what it is. So I wanted to let you know that as of midnight tonight, apparently, you won't be able to use GeekTools for RIPE related queries. If you have automated scripts, and you are one of the users who has expanded access to GeekTools, you'll need to find an alternative for RIPE queries *today*. My guess is that you will be able to query RIPE directly, once you have worked out that the address space is within RIPE's assignments.
>> 
>> I think its wrong to have to pay for whois data that is part of a community resource . So I won't do it.
> 
> -- 
> AS5580 - Atrato IP Networks
> 
> 
> 
> 