APRICOT 2003


SIG: Database

Wednesday 26 February 2003, Taipei International Convention Center (TICC), Taipei, Taiwan

Minutes

Meeting commenced: 9:05am

Chair: Xing Li

The Chair introduced the SIG and explained the agenda. He provided general guidelines for the presenters and encouraged a wide range of participation in the discussions. The Chair announced that the Co-chair of the Database SIG would be Hakikur Rahman, who was unable to make it to the SIG meeting.

Contents
  1. Requirements for running a local 'Whois'
  2. Proposal for data cleanup in APNIC Whois
  3. Operational status report on Whois db
  4. RIPE db developments
  5. Rwhois technical overview / ARIN design initiative
  1. Requirements for running a local 'Whois'

    2. George Michaelson, APNIC

    Presentation

    This presentation proposed the establishment of clearly defined operations and policies to permit the use of widespread use of whois by NIRs and LIRs. The speaker proposed that local whois policy should require that all records be in English, and conform with existing APNIC policy requirements. Benefits of the proposal would include faster turnaround for data updates and global IRR improvements. The speaker noted that all arrangements currently existing under informal arrangements with NIRs would continue under the new proposal.

    The speaker compared the proposal to the whois referral activities of other RIRs and the wider community.

    Questions and discussion

    • It was noted that the current framework for mirroring local whois databases was an import process in which NIRs send data every week for conversion into the APNIC Whois Database format. However, it was noted that no routing data was transmitted from NIRs to RIRs.
    • The speaker explained that the current NIR to APNIC process did not cope well with changes to data. He noted that the proposal would change the way data was modified when transferred to the APNIC Whois Database but not necessarily change NIRs' databases themselves. However, the speaker commented that APNIC would like NIRs to consider adopting RPSL.
    • A JPNIC representative explained that it would take JPNIC a long time to be able to change its current database structure to an RPSL compliant structure.
    • It was suggested that there needed to be more discussion about the localisation program mentioned in the proposal in relation to the NIRs.
    • It was noted that APNIC had no intention of enforcing the use of a local RPSL compliant whois by NIRs or LIRs.
    • The speaker noted that the running of a local whois would mainly be of use to APNIC members in the very large and extra large membership categories.
    • It was explained that APNIC incurred expenses when transferring data from members using non-RPSL compliant databases. It was suggested that it was not necessarily fair to spread these expenses incurred by the transfer of information from a few members' databases across the membership as a whole. Therefore, it was stated that while APNIC would not mandate the use of the RPSL compliant whois, it would be recommended.

    Action items

    • Action ix-15-001: Further discussion on requirements to host a local whois to be put to the sig-db mailing list.

    Top

  2. Proposal for data cleanup in APNIC Whois

    3. Sanjaya, APNIC

    Presentation

    This presentation proposed the removal of whois records not related to resource information in APNIC ranges and the modification of RPSL non-compliant objects. The speaker compared the APNIC proposal to data cleanup processes implemented or planned in other RIR databases. The speaker explained that there were over 28,000 objects that would be affected by the proposal. It was proposed that a public announcement would be made in April 2003 and affected contacts emailed where possible. Data would be be deleted 60 days after the announcement. Modification of RPSL non-compliant objects would take place one month after the announcement.

    Questions and discussion

    • It was questioned whether the deleted NIC-handles would be re-used or never re-assigned. The speaker said that there had been no discussion on this point, but that perhaps they could be re-used.
    • There was discussion about ARIN's previous experience in cleaning up their whois data. ARIN identified all person objects (POCs), contacted as many as possible, and retained the POC information in the database if they received any requests to do so. However, it was noted that in the majority of cases, there were no valid contact emails or phone numbers for the POCs. It was explained that ARIN did not permit the re-use of handles in the database to prevent confusion about previous or current contacts associated with the handle.
    • It was noted that any data deleted from the APNIC Whois Database would be archived internally for future reference.
    • It was noted that JPNIC automatically deleted a person object that was not referenced by an inetnum or aut-num object for a period of one month, so JPNIC had never experienced the problem of lame person objects.
    • There was consensus to support the proposal.

    Action items

    • Action ix-15-002: Secretariat to clean up the database, deleting unreferenced objects and modifying RPSL non-compliant objects.

    Top

  3. Operational status report on Whois db

    4. Sanjaya, APNIC

    Presentation

    This presentation outlined the current operational status of the APNIC Whois Database.

    The speaker explained that Whois v3 software contained a mechanism to block excessive requests, and that this mechanism appeared to be blocking spam grazers. The speaker noted that the level of blocked queries had remained stable from September 2002 to January 2003 while the number of successful queries had increased during that time. The presenter explained how to request bulk access to the database without being blocked.

    There was a summary of the changes made to the database since the last APNIC meeting, such as the integration of the Routing Registry and the deprecation of MAIL-FROM authentication. Future whois operations were also presented, such as the plan to upgrade to version 3.1.1 to allow synchronous updates via the web and MD5 authentication.

    Questions and discussion

    • It was suggested that spam harvesters used automated services and that they could get past the spam grazer blocks. It was suggested that the APNIC Secretariat should investigate how harvesters are bypassing the excessive query block by using methods such as address hopping.
    • It was noted that ARIN had implemented similar excessive query systems systems, but there were still some harvesters accessing the ARIN whois. It was explained that harvesters tested the whois to find the threshold at which they will be blocked, then query the database just underneath the threshold.
    • It was noted that some spam grazers queried each individual IP address starting from 0.0.0.0.
    • There was a comment that there were daily peaks on the APNIC Whois Database query statistics which showed a relationship to the daily cycle of the USA. However, it was noted that there was also a higher peak occurring every week, the origin of which was not clear.
    • It was suggested that it was important to block access to harvesters to stop the present situation where members receive spam due to their presence in the APNIC Whois Database.

    Action items

    • None

    Top

  4. RIPE db developments

    5. Olaf Kolkman, RIPE NCC

    Presentation

    This presentation outlined current RIPE database operations and planned future developments. The presentation included statistics on database queries. The speaker noted that the database currently is accessed by an average of 110,000 whois users per day. Thirty percent of the information returned was information such as inetnum and aut-num objects while the other seventy percent was contact information, such as person and role objects. Ten percent of queries were denied due to excessive querying. The speaker explained that RIPE limited the number of concurrent queries from a single IP address to limit the effectiveness of any DoS attack. He noted however, that this would have no effect on DDoS attacks. The speaker stated that planned improvements to the database included clearer error reporting and RPSLng implementation.

    Questions and discussion

    • None

    Action items

    • None

    Top

  5. Rwhois technical overview / ARIN design initiative

    6. Tim Christensen, ARIN

    Presentation

    This presentation outlined the development of the RWhois project. The speaker explained that RWhois could be queried by manual referral, client referral, or re-referral. He stated that one of the advantages of RWhois was that IRs were more likely to keep their data up to date because the data could be kept closer to the IRs. The presentation also outlined the problems found with the current RWhois implementation, such as query routing that did not work, the use of a non-standard database format, and servers turned off without ARIN being notified. The speaker stated that a design team had been established to improve the RWhois project. He also described the goals of the design team.

    Questions and discussion

    • It was noted by one attendee that he had been expressing reservations about different RIR whois formats for many years. It was suggested that the RIRs should have a common database format documented in RFCs for global use.
    • It was commented that the RPSL compliant whois developed by RIPE would help to enable referral to different servers.
    • It was noted that the RWhois project was requested by the ARIN membership and was not developed in isolation.
    • It was explained that the RWhois project was looking for ways to make referrals to other RIR whois databases.
    • It was noted that the IETF had been investigating referral issues during the past few years, mainly in relation to domain name whois databases, but that many of the policies would also be applicable to IP whois databases. It was suggested that instead of RWhois working separately on the same issue, all parties should work collaboratively.
    • It was suggested that the issue of different whois formats was too complex to solve in the SIG session.
    • There was a comment that separate databases were problematic for contacts responsible for resources in different databases due to the need to maintain multiple NIC-handles in multiple databases.

    Meeting closed: 12:30 pm

    Minuted by: Sam Dickinson

    Open action items

    • Action db-14-001: The proposal to deprecate MAIL-FROM to be taken to the AMM for approval.

      • Update: Proposal approved by member meeting, and changes deployed in whois.

    • Action db-14-002: Secretariat to create sample hierarchical inetnum objects with associated maintainer objects in the APNIC Whois Database. Results to be presented at APNIC 15.

      • Update: No response on mailing list to proposal to do this on the 202/8 block, so not implemented. Consensus in SIG to go ahead with the trial.

    • Action db-14-003: Discussion on mandatory maintainers for inetnum objects to be carried out on the db mailing list.

      • Update: Mailing list was inactive on this topic.

    • Action db-14-004: Discussion of the proposal to create a new AS object to take place on the database mailing list.

      • Update: Mailing list was inactive on this topic.

    • Action db-15-001: Further discussion on requirements to host a local whois to be put to the sig-db mailing list.

    • Action db-15-002: Secretariat to clean up the database, deleting unreferenced objects and modifying RPSL non-compliant objects.

    Top

Top of page

Last modified: | © 1999 - APNIC Pty. Ltd.
Contact us | Privacy statement