some shallow statistics about finding the name/netname for IP address using RDAP and WHOIS
Hi! For testing a script I generated 10000 random IPv4 and global unicast IPv6 addresses. For all those addresses I tried to find the netname/name attribute value from WHOIS servers using the latest version of https://github.com/rfc1036/whois and RDAP servers using the curl. Basically 'whois -H <ip>' and 'curl -L "https://rdap.db.ripe.net/ip/<ip>"'. Out of those 10000 random IPv4 and IPv6 addresses, 7351 gave the same name/netname using RDAP and WHOIS. In case of 2285 addresses, the RDAP was able to find the name while WHOIS was not. Probably thanks to bootstrap feature. In case of 364 addresses, the WHOIS found a different netname than RDAP. Those cases can be seen here: http://termbin.com/p6u7 Left column is the RDAP and the right one is the WHOIS. If "IANA-BLK" WHOIS results for IPv6 are excluded, then only <1% of queries did not return a result using RDAP while they did return a result using WHOIS. In short, based on this small test, the RDAP is much more reliable than WHOIS for finding the name/netname for an IP address. Maybe those results are interesting or useful for somebody. PS. IPv4 and IPv6 addresses were generated like this: if (( $(($RANDOM % 2)) == 0 )); then # Generate random IPv4 address. printf -v ip '%d.%d.%d.%d' \ "$(($RANDOM % 256))" \ "$(($RANDOM % 256))" \ "$(($RANDOM % 256))" \ "$(($RANDOM % 256))" else # Gnerate random IPv6 global unicast address. hex_digit=( 0 1 2 3 4 5 6 7 8 9 a b c d e f ) ip= for i in {1..7}; do nibble= for i in {1..4}; do nibble="$nibble""${hex_digit[$(($RANDOM % 16))]}" done ip="$ip":"$nibble" done ip=2001"$ip" fi Martin
participants (1)
-
Martin T