Tux

...making Linux just a little more fun!

Domain name registrar follies

Ben Okopnik [ben at linuxgazette.net]


Sun, 10 Jun 2007 16:38:43 -0400

----- Forwarded message from "s. keeling" <keeling@spots.ab.ca> -----

Date: Sat, 2 Jun 2007 19:25:54 -0600
From: "s. keeling" <keeling@spots.ab.ca>
To: ben@linuxgazette.net
Subject: Domain name registrar follies.
Hey Ben. Que pasa? Apologies in advance, as I know this rambles quite a bit. I learned some important lessons from it, so thought I'd pass them on.

I ran into a bit of (for me, anyway) an interesting mystery today, and it partly concerns LG's very own Rick Moen. I was reminded while brousing through /current that I'd been meaning to go look into a few things on Rick's Linux Mafia site (I'm presently in the last stages of recovering from a failed hard drive[ii], and old bookmarks is about all that's left to do).

So, Iceweasel --> linuxmafia.net ...

Yup, that was my first mistake. Rick's not at .net, he's at .com. I don't know how I came up with .net (creeping senility perhaps), but there you are. BTW, linuxmafia.net appears to be a P2P invite only torrent site out of Georgia, as one of my mailinglist buddies was kind enough to point out. He followed that up with "whois is your friend."

Well, I knew that. On the other hand, it's not always your (or my, at least) friend because "whois -h whois.arin.net linuxmafia.com" shows no match. On the other hand, "dig mx" does work. Um, wtf? Is there some serious Juju going on here, or am I just more ignorant than I hope I am?

The plot thickens; I'm not the only one. F-Secure appears to be a bit confused on this sort of thing too. see:

   http://www.f-secure.com/weblog/#00001203
So, what's wrong with whois, or is there something magical going on about Rick's (and F-Secure's example) sites? Or, am I an idiot?

I was getting too cute with shell aliases[i], but I see plain old "whois linuxmafia.com" does work quite nicely, showing it's registered with Tucows Inc. I thought my "arin" alias was all I needed to find registry info in this part of the world, "ripe" for Europe, "apnic" for the Far East, and etc. Definitely not true. Drat.

The moral of the story appears to be that (as a plain "whois $BLAH" shows):

    Domain names in the .com and .net domains can now be 
    registered with many different competing registrars.
    Go to http://www.internic.net for detailed information.
So, I ought to be giving up on my ("my friend") whois aliases.

--------------------------------------

On the off-chance you end up dumping this into LG's "Mailbag", I'll add that anyone who hasn't spent time at Rick's site is missing some great stuff. I've learned a lot from him over the years, and his wry, dry, diplomatic, and often truly vitriolic BOFH "we don't suffer fools here!" style is damned entertaining.

And for Rick, guess what? linuxone.com is still registered, at Computer Services Langenbach Gmbh DBA joker.com. DN squatter snapped it up I guess, since it mentions none of the entities you mention in your article.

[ii] And another thing:

   http://grml.org
a Debian Sid downstream. John Hasler, in Debian-User, suggested "privoxy" the other day. I went to install it, and found it's already running. Pretty neat. I makes web surfing look like it was back in the early '90s, without the animated banner ads. It even makes ZDNet almost worth reading. Grml's pretty slick.

I hope you found this interesting. It was an interesting excursion for me.

[i] Obsolete:

   alias abuse='whois -h whois.abuse.net'
   alias afnic='whois -h whois.afrinic.net'
   alias apnic='whois -h whois.apnic.net'
   alias arin='whois -h whois.arin.net \+'
   alias brnic='whois -h whois.registro.br'
   alias jpnic='whois -h whois.nic.ad.jp'
   alias krnic='whois -h whois.krnic.net'
   alias lacnic='whois -h whois.lacnic.net'
   alias ripe='whois -h whois.ripe.net'
   alias nic="h | egrep 'afnic|apnic|arin|brnic|jpnic|krnic|ripe|host'"
[where "h" is another alias, "alias h=history"].

Have a marvy weekend. =[8]-)

-- 
Any technology distinguishable from magic is insufficiently advanced.
(*)               http://www.spots.ab.ca/~keeling 
- -
* Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET *


Top    Back


Rick Moen [rick at linuxmafia.com]


Tue, 19 Jun 2007 17:24:25 -0700

Hi there.

s. keeling (keeling@spots.ab.ca) wrote:

> Well, I knew that.  On the other hand, it's not always your (or my, at
> least) friend because "whois -h whois.arin.net linuxmafia.com" shows
> no match.  On the other hand, "dig mx" does work.  Um, wtf?  Is there
> some serious Juju going on here, or am I just more ignorant than I
> hope I am?

Hmm, I'm still a bit jet-lagged (long story), but the first thing that comes to mind is: Is ARIN really the right place to ask that query?

ARIN is the "regional Internet registry" within Canada, the USA, most of the Caribbean, and various North Altantic islands for Internet number resources (IP addresses and BGP Autonomous System numbers), but not for either Generic TLD or Country Code TLD Internet names.

In the same sense as ARIN is, RIPE is indeed the IANA-designated Internet number registry for Europe / Middle East / Central Asia, APNIC is likewise for Asia and the Pacific, LACNIC ditto for Latin America and the rest of the Caribbean, and AfriNIC for Africa -- but only for numbers, not domain names. Those five regional Internet registries, by the way, have their own umbrella group under which they collaborate: Number Resource Organization, http://www.nro.net/ .

Anyway....

Usually, one leaves choice of whois server up to one's client software for the TCP/IP whois protocol, since thankfully they're usually preprogrammed to do something at least halfway intelligent with routing of most queries. (Once upon a time, everything was at a single whois server operated by DARPA, but things are much more decentralised, now.) For example, the open-source whois client I find on Linux machines seems hardwired to, at least in most cases, go by default straight to "whois.internic.net", which in turn -- again, thankfully -- has been set up by ICANN to "redirect" incoming queries to somewhere slightly more appropriate to each case. As you found out, in the case of linuxmafia.com, ICANN sends you over to whois.tucows.com, the directory service for my registrar, Tucows's Open Shared Registry System (OpenSRS).

-- 
May those that love us love us; and those that don't love us, may
God turn their hearts; and if he doesn't turn their hearts, may
he turn their ankles so we'll know them by their limping.

Top    Back


s. keeling [keeling at spots.ab.ca]


Tue, 19 Jun 2007 19:15:39 -0600

Incoming from Rick Moen:

> Hi there.
> 
> s. keeling (keeling@spots.ab.ca) wrote:
> 
> > Well, I knew that.  On the other hand, it's not always your (or my, at
> > least) friend because "whois -h whois.arin.net linuxmafia.com" shows
> > no match.  On the other hand, "dig mx" does work.  Um, wtf?  Is there
> > some serious Juju going on here, or am I just more ignorant than I
> > hope I am?
> 
> Hmm, I'm still a bit jet-lagged (long story), but the first thing that

Poor baby. :-) Welcome back.

> comes to mind is:  Is ARIN really the right place to ask that query?
> 
> ARIN is the "regional Internet registry" within Canada, the USA, most of
> the Caribbean, and various North Altantic islands for Internet number
> resources (IP addresses and BGP Autonomous System numbers), but not for 
> either Generic TLD or Country Code TLD Internet names.  

Woof. Speaks volumes.

> In the same sense as ARIN is, RIPE is indeed the IANA-designated
> Internet number registry for Europe /  Middle East / Central Asia, APNIC
> is likewise for Asia and the Pacific, LACNIC ditto for Latin America and
> the rest of the Caribbean, and AfriNIC for Africa -- but only for
.......................................................^^^^^^^^^^^^

> numbers, not domain names.  Those five regional Internet registries, by
..^^^^^^^^^^^^^^^^^^^^^^^^^^

That's where the disconnect here occurs, methinks. Yes, ARIN is NorthAM (or northern part of Western Hemi., but only for a specific part of the IP/DNS lookup thingy stuff; the DNS part). IP (dotted quad) is a different story. I conclude there's serious DNS juju going on here of which I'm (at least somewhat :-) ignorant.

T'wouldn't be the first time, and very likely, not the last.

> the way, have their own umbrella group under which they collaborate:
> Number Resource Organization, http://www.nro.net/ .

First time I've heard of it, thanks. I'll look into it.

> Anyway....
> 
> Usually, one leaves choice of whois server up to one's client software
> for the TCP/IP whois protocol, since thankfully they're usually
> preprogrammed to do something at least halfway intelligent with routing
> of most queries.  (Once upon a time, everything was at a single whois
> server operated by DARPA, but things are much more decentralised, now.)
> For example, the open-source whois client I find on Linux machines seems
> hardwired to, at least in most cases, go by default straight to
> "whois.internic.net", which in turn -- again, thankfully -- has been set
> up by ICANN to "redirect" incoming queries to somewhere slightly more
> appropriate to each case.  As you found out, in the case of
> linuxmafia.com, ICANN sends you over to whois.tucows.com, the directory
> service for my registrar, Tucows's Open Shared Registry System
> (OpenSRS).

Magical! See my .sig

Thanks Rick, for all I've learned from you over the years. Much appreciated. Keep it up. :-)

-- 
Any technology distinguishable from magic is insufficiently advanced.
(*)               http://www.spots.ab.ca/~keeling 
- -

Top    Back


Rick Moen [rick at linuxmafia.com]


Tue, 19 Jun 2007 18:26:10 -0700

Quoting s. keeling (keeling@spots.ab.ca):

> That's where the disconnect here occurs, methinks.  Yes, ARIN is
> NorthAM (or northern part of Western Hemi., but only for a specific
> part of the IP/DNS lookup thingy stuff; the DNS part).

Well, only half of the DNS part, really, and not the part you were interested in -- the IN-ADDR.ARPA reverse-lookup portion. That's what we mean when we say they're an Internet number registry only (as designated for that role by IANA).

You were fundamentally interested in forward DNS information, which is exactly why going to the number registry didn't get you useful answers.


Top    Back