some shallow statistics about finding the name/netname for IP address using RDAP and WHOIS

Martin T m4rtntns at
Mon Oct 15 19:06:42 UTC 2018


For testing a script I generated 10000 random IPv4 and global unicast
IPv6 addresses. For all those addresses I tried to find the
netname/name attribute value from WHOIS servers using the latest
version of and RDAP servers using the
curl. Basically 'whois -H <ip>' and 'curl -L
"<ip>"'. Out of those 10000 random IPv4
and IPv6 addresses, 7351 gave the same name/netname using RDAP and
WHOIS. In case of 2285 addresses, the RDAP was able to find the name
while WHOIS was not. Probably thanks to bootstrap feature. In case of
364 addresses, the WHOIS found a different netname than RDAP. Those
cases can be seen here: Left column is the
RDAP and the right one is the WHOIS. If "IANA-BLK" WHOIS results for
IPv6 are excluded, then only <1% of queries did not return a result
using RDAP while they did return a result using WHOIS.
In short, based on this small test, the RDAP is much more reliable
than WHOIS for finding the name/netname for an IP address.

Maybe those results are interesting or useful for somebody.

PS. IPv4 and IPv6 addresses were generated like this:

if (( $(($RANDOM % 2)) == 0 )); then

        # Generate random IPv4 address.
        printf -v ip '%d.%d.%d.%d' \
                                        "$(($RANDOM % 256))" \
                                        "$(($RANDOM % 256))" \
                                        "$(($RANDOM % 256))" \
                                        "$(($RANDOM % 256))"

        # Gnerate random IPv6 global unicast address.
        hex_digit=( 0 1 2 3 4 5 6 7 8 9 a b c d e f )
        for i in {1..7}; do
                for i in {1..4}; do
                        nibble="$nibble""${hex_digit[$(($RANDOM % 16))]}"


More information about the NANOG mailing list