Disappointing ARIN - A great advertisement for the USA ?

Hallo North Americans,

I am from Europe. A contributor on the Centos (the largest Red Hat
clone) list suggested I reposted my ARIN item on your list.

I have a BASH script called .w
It contains

  #! /bin/bash
  whois $1
  host $1

When I type

        .w 51.51.51.51

I receive a normal and conventional display of data because that IP
address is not 'organised' by ARIN. When I type:-

        .w 64.64.64.64

I receive a one line summary of possible matches, which always
includes ARIN, but omits the details we used to receive before ARIN
implemented its much criticised "improved" service.

My second script .wa is more useful for North American IP enquiries:-

  #! /bin/bash
        whois -h whois.arin.net n + $1
  host $1

On some occasions I get a normal display of Northern American data. The
'n' and '+' are not part of WHOIS. They are ARIN's own parameters. This
example produces a 'near-as-possible-because-it-is-ARIN' display:-

  .wa 65.65.65.65

However when ARIN automatically forwards the query to a North American
RWHOIS the query is apparently malformed and nothing useful is
displayed. For example:-

  .wa 66.66.66.66

The Internet was created in North America. Many people around the world
would appreciate your help in getting ARIN to revert to normal WHOIS
displays. ARIN wants enquirers to click on web page after web page to
try and find the information previously displayed in a single response.
Frankly that weird attitude is stark raving bonkers!

Dear person who is to scared to setup a regular email account in his own
full name.

[..]

The Internet was created in North America. Many people around the world
would appreciate your help in getting ARIN to revert to normal WHOIS
displays. ARIN wants enquirers to click on web page after web page to
try and find the information previously displayed in a single response.
Frankly that weird attitude is stark raving bonkers!

You are confusing RPSL (RFC2650) with WHOIS (RFC812,RFC954,RFC3912).

Now, I agree on the part that ARIN should be doing RPSL, or even more,
just start using the RIPE whois server for serving their data.
Converting that all over though is not something that will happen
easily. (and ARIN has an RPSL server somewhere, but it is not that well
populated if at all remotely current)

Next to that the bigger question is of course what you are looking for
in the whois data.

NANOG is not ARIN btw, thus you are posting to the wrong mailinglist for
your rant, for that see:
https://www.arin.net/participate/community/mailing_lists/

Oh, and there they also like to see your real name and not a junk mail
address. Just like on the RIPE mailinglists, you know in the old country.

Greets,
Jeroen

No he's not. He's complaining that sometime in the past few weeks (or is it months now?) ARIN changed the behavior of their whois server. New output for the query 209.208.0.1 is (omitting comments):

Internet Connect Company, Inc. ICC-1 (NET-209-208-0-0-1) 209.208.0.0 - 209.208.127.255
American Registry for Internet Numbers NET209 (NET-209-0-0-0-0) 209.0.0.0 - 209.255.255.255

The old behavior was that ARIN's whois server would respond with the data from NET-209-208-0-0-1. i.e.

NetRange: 209.208.0.0 - 209.208.127.255
CIDR: 209.208.0.0/17
OriginAS:
NetName: ICC-1
NetHandle: NET-209-208-0-0-1
Parent: NET-209-0-0-0-0
NetType: Direct Allocation
...

This is rather an annoying change for anyone who uses whois much as it means every ARIN query is now at least two queries and there are doubtless scripts in use to grab information from whois that broke as a result of this change. NANOG isn't the place to complain about this though. Perhaps PPML is closer to the right place.

That was on June 25th according to Mark Kosters. They started to answer
with both the parent and delegated objects. That hosed the way RWHOIS data
was being reported to most things as the client won't know which to send
through to the rwhois servers. Still works from an old SCO box but not from
anything current.

A "+" flag on the query from some clients will get it to recurse, but for my
tests kicked back "%error 350 Invalid Query Syntax".

My issue with that response is that the general whois query shouldn't have
to have an extra flag passed to get the data you asked for in the first
place. This traps out most of the standard users from ever getting the
correct data. It also makes the rwhois data almost impossible for the
general public to get.

Eric

Thank you for confirming the problem. I'll try your PPML @ ARIN
suggestion.

Prepending the query with a + "works" for me, in that I get the expected data, but there's additional unexpeced data (full record for the Parent, even if the Parent is just an ARIN /8) in the output that will probably still cause problems for scripts.

my guess is that ARIN is hoping folks turn to the actual RESTful
interface for many scripted purposes...I keep expecting to see some
example python/perl/etc off:

<https://www.arin.net/resources/whoisrws/index.html>

but at least the api is documented, it ought to be fairly
straightforward to make a simple whois client.
(that could be extended to be used in whatever scripty thing you were
using before)
-chris

Dear person who is to scared to setup a regular email account in his own
full name.

Beste Fuzzel,

Mijn naam is Paul. It was at the bottom of my posting.

Sorry I have never ever had a Hotmail account. I prefer to use
nanog@u61.u22.net for this list. I really do not want to set-up another
email account for your personal benefit.

You are confusing RPSL (RFC2650) with WHOIS (RFC812,RFC954,RFC3912).

No I am not. A basic WHOIS enquiry is what I was writing about.

Next to that the bigger question is of course what you are looking for
in the whois data.

Primarily IP ranges to block and/or abuse email addresses.

https://www.arin.net/participate/community/mailing_lists/

Thank you. I will try it.

Oh, and there they also like to see your real name and not a junk mail
address. Just like on the RIPE mailinglists, you know in the old country.

The ARIN web page ARIN-PPML Info Page
states

  Your name (optional):

The 'old country' sounds a bit South African to me. I'm European and
English.

Greets,

Groet in Dutch or Greetings in English.

Have a nice day.

Paul
Always Learning, hopefully until I die.

Should I change my code to parse the RESTful Interface instead of the
  NICNAME/WHOIS TCP port 43 service?

  Absolutely. We encourage use of the new RESTful service for the purposes
  of programmatic consumption. ARIN plans to make more features available
  on the RESTful interface. The NICNAME/WHOIS service will remain accessible,
  but it may not support the enhanced features we intend to incorporate
  within Whois-RWS.

It'd be nice if the NICNAME/WHOIS was left alone as far as default behavior is concerned.

So, our tools that use the NICNAME/WHOIS service for lookups at all the other RIRs, now need to be updated to support ARIN's overcomplicated web/XML, which nobody else uses?...and it seems even with RWS you still need to do multiple queries to go from having an IP to having the full whois record.

How does the community (other than some programmers) benefit from this?

You are confusing RPSL (RFC2650) with WHOIS (RFC812,RFC954,RFC3912).

and you are confusing RPSL with RIPE-181 syntax. RIPE-181 and its
grandchildren is a specification for whois information. RPSL is a routing
policy language which uses ripe-181 format. The two are not the same.

Now, I agree on the part that ARIN should be doing RPSL, or even more,
just start using the RIPE whois server for serving their data.

Now wait one moment until I bog you down with 20 years worth of legacy
paranoia, "Not Invented Here" and useless history about why this shouldn't
ever have happened...

Nick

I'm just sad I can't get the RWHOIS referral from an ip query for jwhois to
follow automatically anymore.

Primarily IP ranges to block and/or abuse email addresses.

  https://www.arin.net/participate/community/mailing_lists/

Thank you. I will try it.

Oh, and there they also like to see your real name and not a junk mail
address. Just like on the RIPE mailinglists, you know in the old country.

The ARIN web page ARIN-PPML Info Page
states

  Your name (optional):

I think arin-discuss would be a better place for this than arin-ppml.

The 'old country' sounds a bit South African to me. I'm European and
English.

I think Jeroen's point was that you didn't need to pass judgement on all of North America and/or the USA because ARIN did something you didn't like.

michael

Now, I agree on the part that ARIN should be doing RPSL, or even
more, just start using the RIPE whois server for serving their data.

Now wait one moment until I bog you down with 20 years worth of legacy
paranoia, "Not Invented Here" and useless history about why this
shouldn't ever have happened...

you omitted looking at the code

randy

Actually, I think the best place to have this particular conversation is
arin-tech-discuss. ARIN engineering hangs out there and does respond. I'm
not sure if all of NANOG wants to hear about the various behaviors of
different whois clients dealing with different whois servers around the
globe. If you are interested in the more global whois directory service
problem, there is emerging work going on in the IETF to tackle the
directory service problem called WEIRDS.

Regards,
Mark
ARIN CTO

I'm not sure if all of NANOG wants to hear about the various behaviors
of different whois clients dealing with different whois servers around
the globe.

i doubt if there is anything which *all* of nanog wants to hear.

but i suspect a damned lot of us care about whois behavior, as we either
deal with whois (i do daily) or help our csas and nocs who do.

randy

I think arin-discuss would be a better place for this than arin-ppml.

You're suggesting using ARIN's private members-only mailing list over
a public one?
That doesn't make sense, because this is a public issue, not a members issue.
PPML isn't right either, that's a numbering policy discussion list,
and this is an operational issue,
not a policy matter.

I think this is a very simple matter, however... in some way ARIN
changed their WHOIS service that introduced major
serious breakage.

They need to fix that and revert their WHOIS service to its original
query syntax and responses, which worked just fine.

I think arin-discuss would be a better place for this than arin-ppml.

You're suggesting using ARIN's private members-only mailing list over
a public one?
That doesn't make sense, because this is a public issue, not a members issue.
PPML isn't right either, that's a numbering policy discussion list,
and this is an operational issue,
not a policy matter.

I meant arin-tech-discuss, and Mark properly corrected me on that. arin-tech-discuss is a public mailing list, and much more appropriate for this sort of discussion than PPML.

I think this is a very simple matter, however... in some way ARIN
changed their WHOIS service that introduced major
serious breakage.

They need to fix that and revert their WHOIS service to its original
query syntax and responses, which worked just fine.

Unfortunately, the original poster, against advice given to him, posted an insulting, jingoistic, inane, and even more derogatory version of his NANOG post, apparently in an effort to spur discussion. What was once a legitimate issue (and I agree one that needs to be addressed) now looks more like troll-bait. Unsurprisingly, nobody has responded.

michael

I e-mailed Marco (md) the creator of 'whois' back in July when this started
and he stated he was going to try to work around the rWHOIS issue in the
next release. Sadly there hasn't been a new release yet but I am hopeful.

Unfortunately, the original poster, against advice given to him,
posted an insulting, jingoistic, inane, and even more derogatory
version of his NANOG post, apparently in an effort to spur discussion.
What was once a legitimate issue (and I agree one that needs to be
addressed) now looks more like troll-bait. Unsurprisingly, nobody has
responded.

I was attempting to write in 'Obama-style'.

I do make a perfectly valid point, perhaps oblivious to many North
Americans who generally are insular, that the world does expect the
Americans to do Internet things properly.

Many North Americans appear not to understand the general world-wide
attitude towards the USA. When something goes wrong at ARIN which
affects American IPs, the world seems to blame the Americans. Although
there is a clear distinction, certainly in my mind, between one rather
small organisation and a state of circa 280 million, never-the-less the
world generally blames the Americans. The only noticeable exception when
the USA is not blamed for the faults and omissions of an American
organisation is Micro$oft.

Why does it take the concerns of an European to waken-up the Americans
to the outstanding ARIN problem? Perhaps some of you can continue the
campaign for the restoration of a basic North American WHOIS ? The rest
of the world has a fully functioning WHOIS but not the USA (or Canada).

My posting was never meant to be insulting or jingoistic or inane and
certainly not derogatory. I was attempting to make those that can
influence ARIN have some pride in presenting their country's
achievements and services in the best possible way.

Like it or not, the Americans run the Internet: Google (the world's
biggest spying operation), Micro$oft, Facebook, Yahoo, Twitter, Ebay and
their Paypal, Cisco etc. etc. and of course ARIN.

.... What was once a legitimate issue ....

Remains "a legitimate issue" until ARIN resolves it, if ever.

I don't remember Marco creating "whois"...
  there was the Network Service Center Phonebook - and Dan Long/BBN
  mashed it into something you could query ... like finger! (circa 1990)

/bill