From db-news at ripe.net Fri Jan 19 14:33:01 2001 From: db-news at ripe.net (RIPE Database Announcements) Date: Fri, 19 Jan 2001 14:33:01 +0100 Subject: Announcement: RIPE Whois Database Version 3.0beta2 released Message-ID: <200101191333.OAA14576@x51.ripe.net> Dear All, This mail is to inform you that version 3.0beta2 of the RIPE Whois Database software has been released. This is mainly a bugfix release in respect to the "beta1" version. We remind you that the RIPE Database is about to change its data format, from RIPE181 to RPSL (the Routing Policy Specification Language, see RFC2622). This will affect all object types, including "person", "domain" and "inetnum". We suggest you to start to get used to RPSL and version 3.0 . Please check our RIPE-181 to RPSL Migration page at: http://www.ripe.net/rpsl/ You can test your skills with RPSL and the functionality of the new beta release in the following ways: - Query rpsl.ripe.net at port 43. You will find there exactly the same objects that are in whois.ripe.net, mirrored live and in RPSL format. - If you have any script that runs by querying whois.ripe.net, test it by pointing it to rpsl.ripe.net and make it v3.0-compliant. - Try our CGI interface to the RPSL server: you can find it at http://www.ripe.net/ripencc/pub-services/db/reimp/. - Get to know the new update path: use our "sandbox" database for RPSL updates. Send your updates to and query the corresponding database at rpsl.ripe.net, port 4343 . Remember that in a few months, that's the way the RIPE Database will be running; so the earlier you start working with it, the less likely you are to be unpleasantly surprised later. For those running Near-Real-Time Mirrors of the RIPE Database, please be advised that as soon as the RIPE Database changes its data format, you will not be able to mirror the RIPE Database using the version 2 of the Software, since it is not RPSL-compliant. You will have to upgrade to version 3 to mirror the RIPE Database. Please contact for detailed information. Please note that the software is still in a "beta" phase. So we need your feedback! If you happen to find something that looks like a bug when you are testing the RPSL database, don't hesitate... Send us a bug report at ! If you want to actively participate to the migration effort, you could join the "RIP migration Task force" and let yourself be heard. Just write to and ask to join the Task Force. You can download the latest release of the source code at the following URL: ftp://ftp.ripe.net/ripe/dbase/reimp/ripe-dbase-3.0beta2.tar.gz You can also join a discussion list related to version 3.0 beta of the RIPE Database Software. To subscribe to this list, send a message to with the line: subscribe db-beta in the body of your letter. It is a moderated mailing list so some delays in subscription are possible. Regards, Daniele Arena ___________________ RIPE Database Group RIPE NCC From arnold.nipper at de-cix.net Fri Jan 19 15:10:25 2001 From: arnold.nipper at de-cix.net (Nipper, Arnold) Date: Fri, 19 Jan 2001 15:10:25 +0100 Subject: Announcement: RIPE Whois Database Version 3.0beta2 released References: <200101191333.OAA14576@x51.ripe.net> Message-ID: <003101c08221$bf161140$0190a8c0@nipper.de> rpsl.ripe.net doesn't seem to exist ... whois -h whois rpsl.ripe.net Daniele Arena whois: whois: Unknown host: Datei oder Verzeichnis nicht gefunden Let's have a look ... ;; ANSWER SECTION: rpsl.ripe.net. 1d23h59m55s IN CNAME reimp.ripe.net. reimp.ripe.net. 1d23h59m55s IN CNAME orange.ripe.net. orange.ripe.net. 1d23h59m55s IN A 193.0.1.239 Yeah, don't do that. Don't use CNAME to CNAME. Pls fix, Arnold ----- Original Message ----- From: "RIPE Database Announcements" To: ; ; ; ; ; Sent: Friday, January 19, 2001 2:33 PM Subject: Announcement: RIPE Whois Database Version 3.0beta2 released > > Dear All, > > This mail is to inform you that version 3.0beta2 of the RIPE Whois > Database software has been released. This is mainly a bugfix release in > respect to the "beta1" version. > > We remind you that the RIPE Database is about to change its data format, > from RIPE181 to RPSL (the Routing Policy Specification Language, see > RFC2622). This will affect all object types, including "person", "domain" > and "inetnum". > > We suggest you to start to get used to RPSL and version 3.0 . > Please check our RIPE-181 to RPSL Migration page at: > > http://www.ripe.net/rpsl/ > > You can test your skills with RPSL and the functionality of the new > beta release in the following ways: > > - Query rpsl.ripe.net at port 43. You will find there > exactly the same objects that are in whois.ripe.net, > mirrored live and in RPSL format. > > - If you have any script that runs by querying whois.ripe.net, > test it by pointing it to rpsl.ripe.net and make it > v3.0-compliant. > > - Try our CGI interface to the RPSL server: you can find it at > http://www.ripe.net/ripencc/pub-services/db/reimp/. > > - Get to know the new update path: use our "sandbox" database for > RPSL updates. Send your updates to and > query the corresponding database at rpsl.ripe.net, port 4343 . > > Remember that in a few months, that's the way the RIPE Database will be > running; so the earlier you start working with it, the less likely you are > to be unpleasantly surprised later. > > For those running Near-Real-Time Mirrors of the RIPE Database, please be > advised that as soon as the RIPE Database changes its data format, you > will not be able to mirror the RIPE Database using the version 2 of the > Software, since it is not RPSL-compliant. You will have to upgrade to > version 3 to mirror the RIPE Database. Please contact > for detailed information. > > Please note that the software is still in a "beta" phase. So we need your > feedback! If you happen to find something that looks like a bug when you > are testing the RPSL database, don't hesitate... > Send us a bug report at ! > > If you want to actively participate to the migration effort, you could > join the "RIP migration Task force" and let yourself be heard. Just write > to and ask to join the Task Force. > > You can download the latest release of the source code at the following URL: > > ftp://ftp.ripe.net/ripe/dbase/reimp/ripe-dbase-3.0beta2.tar.gz > > You can also join a discussion list related to version 3.0 beta of the > RIPE Database Software. To subscribe to this list, send a message to > with the line: > > subscribe db-beta > > in the body of your letter. It is a moderated mailing list so some delays > in subscription are possible. > > > Regards, > > Daniele Arena > ___________________ > RIPE Database Group > RIPE NCC > > From pk at TechFak.Uni-Bielefeld.DE Fri Jan 19 15:32:32 2001 From: pk at TechFak.Uni-Bielefeld.DE (Peter Koch) Date: Fri, 19 Jan 2001 15:32:32 +0100 Subject: Announcement: RIPE Whois Database Version 3.0beta2 released In-Reply-To: Your message of "Fri, 19 Jan 2001 15:10:25 +0100." <003101c08221$bf161140$0190a8c0@nipper.de> Message-ID: <200101191432.PAA15613@grimsvotn.TechFak.Uni-Bielefeld.DE> > whois -h whois rpsl.ripe.net Daniele Arena > whois: whois: Unknown host: Datei oder Verzeichnis nicht gefunden > > Let's have a look ... > > ;; ANSWER SECTION: > rpsl.ripe.net. 1d23h59m55s IN CNAME reimp.ripe.net. > reimp.ripe.net. 1d23h59m55s IN CNAME orange.ripe.net. > orange.ripe.net. 1d23h59m55s IN A 193.0.1.239 > > Yeah, don't do that. Don't use CNAME to CNAME. Pls fix, There's nothing to fix here. CNAME chains are perfectly legal by the protocol. Your client's complaining about the host name "whois" which you gave as the argument to the -h option. -Peter From maxim at ripe.net Fri Jan 19 15:42:42 2001 From: maxim at ripe.net (Maxim Shchetynin) Date: Fri, 19 Jan 2001 15:42:42 +0100 Subject: Announcement: RIPE Whois Database Version 3.0beta2 released References: <200101191432.PAA15613@grimsvotn.TechFak.Uni-Bielefeld.DE> Message-ID: <3A685262.E28404E@ripe.net> Peter Koch wrote: > > > whois -h whois rpsl.ripe.net Daniele Arena > > whois: whois: Unknown host: Datei oder Verzeichnis nicht gefunden Try also whois -h whois.ripe.net ... ^^^^^^^^ > > Let's have a look ... > > > > ;; ANSWER SECTION: > > rpsl.ripe.net. 1d23h59m55s IN CNAME reimp.ripe.net. > > reimp.ripe.net. 1d23h59m55s IN CNAME orange.ripe.net. > > orange.ripe.net. 1d23h59m55s IN A 193.0.1.239 > > > > Yeah, don't do that. Don't use CNAME to CNAME. Pls fix, > > There's nothing to fix here. CNAME chains are perfectly legal by the protocol. > Your client's complaining about the host name "whois" which you gave > as the argument to the -h option. > > -Peter -- Kind regards, Maxim V. Shchetynin System/Network Engineer, RIPE NCC Amsterdam, City on the canals --------------------------------------------- Singel 258 Phone: +31 20 535 4475 1016 AB Amsterdam Fax: +31 20 535 4445 The Netherlands Mobile: Siemens ;) --------------------------------------------- "...if you wake up in the morning and do not see rain out of the window - you are not in The Netherlands..." From maxim at ripe.net Fri Jan 19 15:33:05 2001 From: maxim at ripe.net (Maxim Shchetynin) Date: Fri, 19 Jan 2001 15:33:05 +0100 Subject: Announcement: RIPE Whois Database Version 3.0beta2 released References: <200101191333.OAA14576@x51.ripe.net> <003101c08221$bf161140$0190a8c0@nipper.de> Message-ID: <3A685021.8FB90A5E@ripe.net> "Nipper, Arnold" wrote: > > rpsl.ripe.net doesn't seem to exist ... > > whois -h whois rpsl.ripe.net Daniele Arena > whois: whois: Unknown host: Datei oder Verzeichnis nicht gefunden > > Let's have a look ... > > ;; ANSWER SECTION: > rpsl.ripe.net. 1d23h59m55s IN CNAME reimp.ripe.net. > reimp.ripe.net. 1d23h59m55s IN CNAME orange.ripe.net. > orange.ripe.net. 1d23h59m55s IN A 193.0.1.239 > > Yeah, don't do that. Don't use CNAME to CNAME. Pls fix, > > Arnold Hallo, Jetzt haben wir sich bessern. Danke schon. In funf minuten arbeitet es gut. -- Kind regards, Maxim V. Shchetynin System/Network Engineer, RIPE NCC Amsterdam, City on the canals --------------------------------------------- Singel 258 Phone: +31 20 535 4475 1016 AB Amsterdam Fax: +31 20 535 4445 The Netherlands Mobile: Siemens ;) --------------------------------------------- "...if you wake up in the morning and do not see rain out of the window - you are not in The Netherlands..." From Frank.Bohnsack at de.uu.net Wed Jan 24 16:18:12 2001 From: Frank.Bohnsack at de.uu.net (Frank Bohnsack) Date: Wed, 24 Jan 2001 16:18:12 +0100 (MET) Subject: reserved strings in RPSL Message-ID: Dear RIPE DB colleagues, In my understanding of your "Transition to RIPE DB v3.0" draft and RFC2622, a NIC handle like AS-XXXX is not allowed by RPSL. But, I could create a handle like this in your TEST DB: fb at sun5 454> whois -h rpsl.ripe.net -p 4343 as-ripe % This is the RIPE beta whois server for testing updates. % Send mail to to update it. % Rights restricted by copyright. % See http://www.ripe.net/ripencc/pub-services/db/copyright.html person: Frank Bohnsack ... nic-hdl: AS-RIPE notify: fb at de.uu.net changed: fb at de.uu.net 20010124 source: RIPE mnt-by: uunet-mnt I found AS-RIPE also at "whois:rpsl.ripe.net:43", but this is only a RPSL mirror of "whois:whois.ripe.net:43" and not complete RPSL conform (e.g. names as admic/tech-c: value in place of NIC handles). cheers frank From andrei at ripe.net Thu Jan 25 11:38:46 2001 From: andrei at ripe.net (Andrei Robachevsky) Date: Thu, 25 Jan 2001 11:38:46 +0100 Subject: reserved strings in RPSL References: Message-ID: <3A700236.528910AF@ripe.net> Dear Frank, Indeed there has been some confusion about these reserved prefixes. This restriction comes from RPSL specification. The idea behind is to provide clear identification of a set (as-set, route-set, etc.) when used along with other types of objects ( in the "members" attribute, in routing policy expressions). In the RPSL spec (RFC2622) this restriction applies to "", which boils down to all sets (as-set, route-set, rtr-set, peering-set, filter-set), mntner and "as-name" attribute of aut-num object. So this restriction doesn't apply to nic-handles. Regards, Andrei Robachevsky RIPE NCC Frank Bohnsack wrote: > > Dear RIPE DB colleagues, > > In my understanding of your "Transition to RIPE DB v3.0" draft > and RFC2622, a NIC handle like AS-XXXX is not allowed by RPSL. > > But, I could create a handle like this in your TEST DB: > > fb at sun5 454> whois -h rpsl.ripe.net -p 4343 as-ripe > % This is the RIPE beta whois server for testing updates. > % Send mail to to update it. > > % Rights restricted by copyright. > % See http://www.ripe.net/ripencc/pub-services/db/copyright.html > > person: Frank Bohnsack > ... > nic-hdl: AS-RIPE > notify: fb at de.uu.net > changed: fb at de.uu.net 20010124 > source: RIPE > mnt-by: uunet-mnt > > I found AS-RIPE also at "whois:rpsl.ripe.net:43", but this is > only a RPSL mirror of "whois:whois.ripe.net:43" and not complete > RPSL conform (e.g. names as admic/tech-c: value in place > of NIC handles). > > cheers > frank From Frank.Bohnsack at de.uu.net Mon Jan 29 15:13:14 2001 From: Frank.Bohnsack at de.uu.net (Frank Bohnsack) Date: Mon, 29 Jan 2001 15:13:14 +0100 (MET) Subject: mntner object Message-ID: Dear RIPE DB colleagues, follow is attracted attention me: fb at sun5 268> whois -h rpsl.ripe.net -v mntner % This is the RIPE Whois server v3.0 beta. % This server mirrors the RIPE Database in RPSL format. The mntner class: The mntner object contains details of who is authorised to make changes to RIPE Database objects and details of a process that actually verifies that the person who makes the changes is authorised to do so. Mntner objects are not created automatically, but are forwarded to RIPE NCC staff. mntner: [mandatory] [single] [primary/look-up key] descr: [mandatory] [multiple] [ ] admin-c: [mandatory] [multiple] [inverse key] tech-c: [optional] [multiple] [inverse key] upd-to: [mandatory] [multiple] [inverse key] mnt-nfy: [optional] [multiple] [inverse key] auth: [mandatory] [multiple] [ ] remarks: [optional] [multiple] [ ] notify: [optional] [multiple] [inverse key] mnt-by: [mandatory] [multiple] [inverse key] auth-override: [optional] [single] [ ] referral-by: [mandatory] [single] [inverse key] changed: [mandatory] [multiple] [ ] source: [mandatory] [single] [ ] The content of the attributes of the mntner class are defined below: ... referral-by This attribute is required in the maintainer object. It may never be altered after the addition of the maintainer. This attribute refers to the maintainer that created this maintainer. It may be multiple if more than one signature appeared on the transaction creating the object. INSERT referral-by format here. The "referral-by" and "auth-override" objects are missing in the last RPSL meeting (monday) at RIPE 38 by Andrei Robachevsky. The "referral-by" attribute is mandatory, but not set in all mntner object on rpsl.ripe.net. In my understanding it should be point to it self. comments ? cheers Frank From shane at ripe.net Mon Jan 29 15:26:41 2001 From: shane at ripe.net (Shane Kerr) Date: Mon, 29 Jan 2001 15:26:41 +0100 (CET) Subject: mntner object In-Reply-To: Message-ID: On Mon, 29 Jan 2001, Frank Bohnsack wrote: > The "referral-by" and "auth-override" objects are missing in the > last RPSL meeting (monday) at RIPE 38 by Andrei Robachevsky. These are covered in RPS-AUTH so these were not covered in the RPSL tutorial given on Monday by Ambrose. (I hope this is what you were talking about.) > The "referral-by" attribute is mandatory, but not set in all mntner > object on rpsl.ripe.net. In my understanding it should be point to > it self. Thanks. We intend to add: referral-by: RIPE-DBM-MNT To all maintainers, since the RIPE DBM is the one who has created all maintainers so far. -- Shane Kerr Database Software Engineer RIPE NCC +31 20 535 4427 From Frank.Bohnsack at de.uu.net Wed Jan 31 10:47:57 2001 From: Frank.Bohnsack at de.uu.net (Frank Bohnsack) Date: Wed, 31 Jan 2001 10:47:57 +0100 (MET) Subject: auth failures In-Reply-To: <200101310936.KAA20037@orange.ripe.net> Message-ID: Dear RIPE DB colleagues, I tried to create a new aut-num object mnt-by UUNETDE-MNT. The auth attribute is set to: auth: MAIL-FROM .*@de\.uu\.net and my sender address is fb at de.uu.net, but your robot doesn't execute my requests ;-( > New FAILED: [aut-num] AS1270 > Auth failed Furthermore the mnt-upd email looks like below, i feel the header wasn't duly completed ?!?! cheers Frank On 31-Jan-2001 bit-bucket at ripe.net wrote: > > Dear Maintainer, > > This is to notify you that some objects in which you are mentioned as > a maintainer were requested to be changed, but *failed* the proper > authorisation for any of the mentioned maintainers. > Please contact the sender of these changes about changes that need > to be made to the following objects. > > > > The mail message causing these failures had the following mail headers: > > - From: $FROM > - Cc: $CC > - Subject: $SUBJECT > - Date: $MDATE > - Msg-Id: $MSGID > > RIPE Database Maintainer Forwarding Department > > ---- > ADDITION REQUESTED FOR: > > aut-num: AS1270 > as-name: UUNET-DE > descr: UUNET Germany > import: from AS1 > action pref=100; > accept AS1 > export: to AS1 > announce ANY > admin-c: FB-RIPE > tech-c: FB-RIPE > notify: fb at de.uu.net > mnt-by: UUNETDE-MNT > changed: fb at de.uu.net 20010131 > source: RIPE > -- Frank Bohnsack email fb at de.uu.net UUNET, A Worldcom Company phone +49 (0)231 972-1495 EMEA Access & Backbone Networks fax +49 (0)231 972-1188 Team Dortmund web www.de.uu.net From engin at ripe.net Wed Jan 31 11:18:50 2001 From: engin at ripe.net (Engin Gunduz) Date: Wed, 31 Jan 2001 11:18:50 +0100 (CET) Subject: auth failures In-Reply-To: Message-ID: Hi Frank, This was because of new authorisation scheme, from rps-auth (RFC2725). According to this, when creating an aut-num object, an as-block object must exist with a range which includes the aut-num to-be-created, and the creation must be authorised by the maintainer mentioned in the "mnt-lower" attribute of that as-block. In this case, an as-block object which includes AS1270 didn't exist in our test DB, and your creation request denied. Now, we have created "as-block: AS1200 - AS1300" with a "mnt-lower: AS-BLOCK-MNT" attribute, the auth of AS-BLOCK-MNT being NONE. So, you must be able create AS1270 now. On Wed, 31 Jan 2001, Frank Bohnsack wrote: > Dear RIPE DB colleagues, > > I tried to create a new aut-num object mnt-by UUNETDE-MNT. > The auth attribute is set to: auth: MAIL-FROM .*@de\.uu\.net and > my sender address is fb at de.uu.net, but your robot doesn't execute > my requests ;-( > > > New FAILED: [aut-num] AS1270 > > Auth failed > > Furthermore the mnt-upd email looks like below, i feel the header wasn't > duly completed ?!?! Ah, right. We'll fix this ASAP. Best regards, Engin Gunduz RIPE NCC Database Group > > cheers > Frank > > On 31-Jan-2001 bit-bucket at ripe.net wrote: > > > > Dear Maintainer, > > > > This is to notify you that some objects in which you are mentioned as > > a maintainer were requested to be changed, but *failed* the proper > > authorisation for any of the mentioned maintainers. > > Please contact the sender of these changes about changes that need > > to be made to the following objects. > > > > > > > > The mail message causing these failures had the following mail headers: > > > > - From: $FROM > > - Cc: $CC > > - Subject: $SUBJECT > > - Date: $MDATE > > - Msg-Id: $MSGID > > > > RIPE Database Maintainer Forwarding Department > > > > ---- > > ADDITION REQUESTED FOR: > > > > aut-num: AS1270 > > as-name: UUNET-DE > > descr: UUNET Germany > > import: from AS1 > > action pref=100; > > accept AS1 > > export: to AS1 > > announce ANY > > admin-c: FB-RIPE > > tech-c: FB-RIPE > > notify: fb at de.uu.net > > mnt-by: UUNETDE-MNT > > changed: fb at de.uu.net 20010131 > > source: RIPE > > > > -- > Frank Bohnsack email fb at de.uu.net > UUNET, A Worldcom Company phone +49 (0)231 972-1495 > EMEA Access & Backbone Networks fax +49 (0)231 972-1188 > Team Dortmund web www.de.uu.net > From Frank.Bohnsack at de.uu.net Wed Jan 31 13:19:36 2001 From: Frank.Bohnsack at de.uu.net (Frank Bohnsack) Date: Wed, 31 Jan 2001 13:19:36 +0100 (MET) Subject: whois query for as-set object Message-ID: Hi, a problem again ;-( http://www.ripe.net/ripencc/pub-services/db/rpsl/queries.pdf says: Function | RIPE DB v3.0 ------------------------------------------ Get full as-set object | -r -Tas AS-###### but this doesn't work with hierarchical set-classes like AS1270:AS-UUNETDE whois -h rpsl.ripe.net -p 4343 -r -T as-set AS1270:AS-UUNETDE %ERROR:101: no entries found whois -h rpsl.ripe.net -p 4343 -r -T as-set -i mnt-by uunetde-mnt as-set: AS1270:AS-UUNETDE descr: UUNET/DE members: AS1270 tech-c: FB-RIPE admin-c: FB-RIPE notify: fb at de.uu.net mnt-by: UUNETDE-MNT changed: fb at de.uu.net 20010131 source: RIPE any comments ? cheers Frank From shane at ripe.net Wed Jan 31 13:36:20 2001 From: shane at ripe.net (Shane Kerr) Date: Wed, 31 Jan 2001 13:36:20 +0100 (CET) Subject: whois query for as-set object In-Reply-To: Message-ID: On Wed, 31 Jan 2001, Frank Bohnsack wrote: > > Hi, > > a problem again ;-( > > http://www.ripe.net/ripencc/pub-services/db/rpsl/queries.pdf says: > > Function | RIPE DB v3.0 > ------------------------------------------ > Get full as-set object | -r -Tas AS-###### > > but this doesn't work with hierarchical set-classes like AS1270:AS-UUNETDE > > whois -h rpsl.ripe.net -p 4343 -r -T as-set AS1270:AS-UUNETDE > %ERROR:101: no entries found > > whois -h rpsl.ripe.net -p 4343 -r -T as-set -i mnt-by uunetde-mnt > > as-set: AS1270:AS-UUNETDE > descr: UUNET/DE > members: AS1270 > tech-c: FB-RIPE > admin-c: FB-RIPE > notify: fb at de.uu.net > mnt-by: UUNETDE-MNT > changed: fb at de.uu.net 20010131 > source: RIPE > > > any comments ? Good catch. We filter the type of query based on a regular expression that doesn't match ':' for the as-set class. This will be fixed in the next release. Shane