SWIP and Rwhois in the Real World
As best I can tell from ARIN documents, ISP still are supposed to SWIP or use Rwhois for subassignments of /29 and greater. However, is this still widely practiced these days? Especially among smaller ISPs? I know the privacy pros and cons, so I don't seek to start those threads again. I'm interested in what smaller ISPs are actually doing these days. Thanks. -- Crist J. Clark crist.clark@globalstar.com Globalstar Communications (408) 933-4387
On Tue, 6 Sep 2005, Crist Clark wrote:
As best I can tell from ARIN documents, ISP still are supposed to SWIP or use Rwhois for subassignments of /29 and greater. However, is this still widely practiced these days? Especially among smaller ISPs?
AFAIK, it is still required, but my own experience has been that some do, some do only in preparation for their next IP space request (i.e. fall behind on swips, then to a big catch-up before approaching ARIN for more space), and some just don't. I have to wonder how that last group gets more space out of ARIN, since they don't follow the rules. ---------------------------------------------------------------------- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
On Tue, 6 Sep 2005, Crist Clark wrote:
AFAIK, it is still required, but my own experience has been that some do, some do only in preparation for their next IP space request (i.e. fall behind on swips, then to a big catch-up before approaching ARIN for more space), and some just don't. I have to wonder how that last group gets more space out of ARIN, since they don't follow the rules.
In my previous life at a mid-sized ISP, we migrated away from doing SWIPs to using an in-house rwhois server. This was done to make keeping the records up to date in our environment less expensive (people cycles) and easier to automate. We tied this to our provisioning system, so the rwhois data was within 24 hours of being up to date. We never had any problems getting additional IP space after pointing ARIN to that server. I could see in the logs that they actually did query it, so there actually was legwork done to verify that our requests were valid. The interface between the provisioning database and the rwhois server was a little kludgey, but the rwhois piece just simply works. I like 'simply' and 'works' ;-) jms
Hi Justin >@2005.09.06_23:07:51_GMT+0200
In my previous life at a mid-sized ISP, we migrated away from doing SWIPs to using an in-house rwhois server. This was done to make keeping the records up to date in our environment less expensive (people cycles) and easier to automate.
We tied this to our provisioning system, so the rwhois data was within 24 hours of being up to date.
When we wanted some of our own IP space at the end of last year, we looked at the rwhois server that ARIN recommended and soon realised that it was a useless piece of software. SWIP was simply not an option.
The interface between the provisioning database and the rwhois server was a little kludgey, but the rwhois piece just simply works. I like 'simply' and 'works' ;-)
We wrote our own rwhois server that uses an LDAP back end.. with web interface that can do IP assignment and reverse DNS with delegation to responsible people down to a per IP level.. all from the same LDAP data.. with no delay to update. Works very well. Only problem is we are now a part of AfriNIC which dont seem to want to use rwhois :( -- Regards Joe "There is nothing more powerful than an idea whose time has come." -- Victor Hugo ____________________________________________________________ frogfoot networks +27.21.689.3867 www.frogfoot.com meet joe frog: http://blue.frogfoot.net/
Hi nanog >@2005.09.06_23:43:57_GMT+0200
When we wanted some of our own IP space at the end of last year, we looked at the rwhois server that ARIN recommended and soon realised that it was a useless piece of software. SWIP was simply not an option.
We wrote our own rwhois server that uses an LDAP back end..
a number of people sent me mail asking about this IP management system and if we can release it as open source so I wrote a quick text file... http://www.frogfoot.com/portal.txt -- Regards Joe "There is nothing more powerful than an idea whose time has come." -- Victor Hugo ____________________________________________________________ frogfoot networks +27.21.689.3867 www.frogfoot.com meet joe frog: http://blue.frogfoot.net/
On Tue, Sep 06, 2005 at 01:37:53PM -0700, Crist Clark wrote:
As best I can tell from ARIN documents, ISP still are supposed to SWIP or use Rwhois for subassignments of /29 and greater. However, is this still widely practiced these days? Especially among smaller ISPs?
In the RIPE region this practice is standard for most ISPs. -- Cliff Albert <cliff@oisec.net>
On Tue, 6 Sep 2005, Crist Clark wrote:
As best I can tell from ARIN documents, ISP still are supposed to SWIP or use Rwhois for subassignments of /29 and greater. However, is this still widely practiced these days? Especially among smaller ISPs?
I know the privacy pros and cons, so I don't seek to start those threads again. I'm interested in what smaller ISPs are actually doing these days.
My experience at a bunch of ISPs of varying sizes I've worked for or consulted for, has been that most haven't until they ran out for the first time. Often, at that point, they weren't keeping especially good track of of what had been used either. What followed was generally lots of scrambling to put the documentation together in a hurry, to avoid having to turn customers away. Sometimes, they've gone on to repeat the lack of documentation followed by a mad scramble a time or two, but the lesson generally gets learned eventually. I've never seen ARIN give more space without documentation of the previous allocation that at least looked plausible, and those I've seen try to produce plausible looking instead of factual documentation have generally found themselves very flustered when ARIN started asking questions. -Steve
On Tue, 6 Sep 2005, Steve Gibbard wrote:
Sometimes, they've gone on to repeat the lack of documentation followed by a mad scramble a time or two, but the lesson generally gets learned eventually.
Agreed. That sort of record-keeping seems to come over time as part of the evolution of an ISP from the small start-up or mom-and-pop phase where such records are often cobbled together. Deploying good provisioning systems to tie things like IP addresses assigned to customers to an actual customer record and so forth usually come later in an ISP's evolution. I've seen some smaller ISPs that really had their act together re: record keeping, but way more who didn't. jms
On Tue, Sep 06, 2005 at 01:37:53PM -0700, Crist Clark wrote:
As best I can tell from ARIN documents, ISP still are supposed to SWIP or use Rwhois for subassignments of /29 and greater. However, is this still widely practiced these days? Especially among smaller ISPs?
My understanding of the ARIN policy is that the reassignment information must be made available in those cases, but that the reassignment data doesn't have to be made public - i.e., providing an rwhois server only accessible to ARIN is acceptable. w
On Tue, 6 Sep 2005, Will Yardley wrote:
On Tue, Sep 06, 2005 at 01:37:53PM -0700, Crist Clark wrote:
As best I can tell from ARIN documents, ISP still are supposed to SWIP or use Rwhois for subassignments of /29 and greater. However, is this still widely practiced these days? Especially among smaller ISPs?
My understanding of the ARIN policy is that the reassignment information must be made available in those cases, but that the reassignment data doesn't have to be made public - i.e., providing an rwhois server only accessible to ARIN is acceptable.
That is a loophole really in how the policy was written before (invented by those who do not want to provide public data in the first place; and someone reading for first time, would have hard time coming such a conclusion). About year ago this loophole was fixed with additional policy on rwhois - http://www.arin.net/policy/proposals/2003_5.html which says: "The distributed information service must be operational 24 hours a day, 7 days a week to both the general public and ARIN staff. The service is allowed reasonable downtime for server maintenance according to generally accepted community standards. The distributed information service must allow public access to reassignment information." The above line is as clear as it gets (if the other two mentions that data is to be made available to public is not enough), so there this argument that rwhois should be made available only to ARIN is now against ARIN's policies and whoever you know who is still making it should be pointed to URL I listed. -- William Leibzon Elan Networks william@elan.net
"william" == william(at)elan net <william@elan.net> writes:
william> The above line is as clear as it gets (if the other two william> mentions that data is to be made available to public is not william> enough), so there this argument that rwhois should be made william> available only to ARIN is now against ARIN's policies and william> whoever you know who is still making it should be pointed to william> URL I listed. NetRange: 4.0.0.0 - 4.255.255.255 ReferralServer: rwhois://rwhois.level3.net:4321 % telnet rwhois.level3.net 4321 Trying 209.244.1.179... telnet: connect to address 209.244.1.179: Operation timed out Doesn't seem to have made much difference yet... -- Andrew, Supernews http://www.supernews.com
On Wed, 7 Sep 2005, Andrew - Supernews wrote:
"william" == william(at)elan net <william@elan.net> writes:
william> The above line is as clear as it gets (if the other two william> mentions that data is to be made available to public is not william> enough), so there this argument that rwhois should be made william> available only to ARIN is now against ARIN's policies and william> whoever you know who is still making it should be pointed to william> URL I listed.
NetRange: 4.0.0.0 - 4.255.255.255 ReferralServer: rwhois://rwhois.level3.net:4321
% telnet rwhois.level3.net 4321 Trying 209.244.1.179... telnet: connect to address 209.244.1.179: Operation timed out
Doesn't seem to have made much difference yet...
Its kind of hard for ARIN to enforce its policies on L3 when they have a /8 already and are not likely to ask for additional allocation... But obviously L3 is not giving a very good example for others, so we can all now say - don't be like L3 :) A more pro-active approach maybe to setup "arin-policy-ignorant" list of ip providers kind-of like rfc-ignorant, maybe then this will make them rethink their position and open rwhois server to the public - but I consider creation of such a list to be a last resort effort if all other efforts to convince providers like L3 to follow policies and enter swips and rwhois data fail and giving them another year and putting more pressure not only in private but also public forums like NANOG is probably better. --- William Leibzon Elan Networks william@elan.net
william(at)elan.net wrote:
On Wed, 7 Sep 2005, Andrew - Supernews wrote:
> "william" == william(at)elan net <william@elan.net> writes:
william> The above line is as clear as it gets (if the other two william> mentions that data is to be made available to public is not william> enough), so there this argument that rwhois should be made william> available only to ARIN is now against ARIN's policies and william> whoever you know who is still making it should be pointed to william> URL I listed.
NetRange: 4.0.0.0 - 4.255.255.255 ReferralServer: rwhois://rwhois.level3.net:4321
% telnet rwhois.level3.net 4321 Trying 209.244.1.179... telnet: connect to address 209.244.1.179: Operation timed out
Doesn't seem to have made much difference yet...
Its kind of hard for ARIN to enforce its policies on L3 when they have a /8 already and are not likely to ask for additional allocation...
But obviously L3 is not giving a very good example for others, so we can all now say - don't be like L3 :)
Does ARIN have a policy that allows deallocation based on not conforming to the requirements of allocations...? (Might sound ridiculous, but if it works.....) Regards, Mat
On Wed, 7 Sep 2005, Andrew - Supernews wrote:
"william" == william(at)elan net <william@elan.net> writes: william> The above line is as clear as it gets (if the other two william> mentions that data is to be made available to public is not william> enough), so there this argument that rwhois should be made william> available only to ARIN is now against ARIN's policies and william> whoever you know who is still making it should be pointed to william> URL I listed.
NetRange: 4.0.0.0 - 4.255.255.255 ReferralServer: rwhois://rwhois.level3.net:4321
% telnet rwhois.level3.net 4321 Trying 209.244.1.179... telnet: connect to address 209.244.1.179: Operation timed out
Doesn't seem to have made much difference yet...
This isn't the only case... There has been a rash of spammer netblock assignments which have rwhois as their only method of 'swip'... never can you get to the rwhois server, sometimes it's not even properly in DNS :( (I should note that not only spammers I've seen doing this, many, many, many folks also have poorly configured/not-working rwhois servers :( ) -Chris
(I should note that not only spammers I've seen doing this, many, many, many folks also have poorly configured/not-working rwhois servers :( )
I think this is due to the fact that the only publicly available rwhois server is wierd, cantankerous, and poorly documented. Perhaps our African friend who has a new and improved rwhois would be willing to make source code available now that he no longer needs it? --Michael Dillon
At 07:55 PM 9/6/2005, Andrew - Supernews wrote:
"william" == william(at)elan net <william@elan.net> writes:
william> The above line is as clear as it gets (if the other two william> mentions that data is to be made available to public is not william> enough), so there this argument that rwhois should be made william> available only to ARIN is now against ARIN's policies and william> whoever you know who is still making it should be pointed to william> URL I listed.
NetRange: 4.0.0.0 - 4.255.255.255 ReferralServer: rwhois://rwhois.level3.net:4321
% telnet rwhois.level3.net 4321 Trying 209.244.1.179... telnet: connect to address 209.244.1.179: Operation timed out
Doesn't seem to have made much difference yet...
Their rwhois seems to be terminally down. Can we reclaim 4/8 from them now? Hopefully, ARIN will block them from acquiring more address space (should they need it), pending functional SWIP or rwhois. As the owner of a small provider, I found SWIPs far preferable to rwhois, at least with the rwhois code I found available. I really don't have a problem with folks choosing one or the other, but if you're going to choose to use rwhois, then monitor the service and make sure it's working.
NetRange: 4.0.0.0 - 4.255.255.255 ReferralServer: rwhois://rwhois.level3.net:4321
% telnet rwhois.level3.net 4321 Trying 209.244.1.179... telnet: connect to address 209.244.1.179: Operation timed out
Doesn't seem to have made much difference yet...
Their rwhois seems to be terminally down. Can we reclaim 4/8 from them now?
Who is "we?" IANA says it belongs to BBN (ARIN not mentioned): http://www.iana.org/assignments/ipv4-address-space 004/8 Dec 92 Bolt Beranek and Newman Inc. (as opposed to) 073/8 Mar 05 ARIN (whois.arin.net) 074/8 Jun 05 ARIN (whois.arin.net) 075/8 Jun 05 ARIN (whois.arin.net) 076/8 Jun 05 ARIN (whois.arin.net) Either IANA's records are out of date or the space was granted prior to ARIN's start (in 97 or so). ARIN (via policies) has little say over this space. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis +1-571-434-5468 NeuStar If you knew what I was thinking, you'd understand what I was saying.
On Wed, 7 Sep 2005, Edward Lewis wrote:
Their rwhois seems to be terminally down. Can we reclaim 4/8 from them now?
Who is "we?"
IANA says it belongs to BBN (ARIN not mentioned): http://www.iana.org/assignments/ipv4-address-space
004/8 Dec 92 Bolt Beranek and Newman Inc.
4/8 is most definitely a legacy allocation, which I don't believe ARIN has any power to reclaim unless Level3 surrenders it voluntarily (not likely). jms
BBN changed it's name to Genuity, and Level3 acquired Genuity. 4.0.0.0/8 was assigned to BBN prior to ARIN born. So there is not much of control from ARIN. But L3 may need to follow IP address transfer policy since the ownership of IP address was changed. I guess reclaiming the ip address may be hot topic, and it may requires ARIN to have more staffs to back up to avoid potential chaos from network operation and lawsuits. ^.^ Hyun Edward Lewis wrote:
NetRange: 4.0.0.0 - 4.255.255.255 ReferralServer: rwhois://rwhois.level3.net:4321
% telnet rwhois.level3.net 4321 Trying 209.244.1.179... telnet: connect to address 209.244.1.179: Operation timed out
Doesn't seem to have made much difference yet...
Their rwhois seems to be terminally down. Can we reclaim 4/8 from them now?
Who is "we?"
IANA says it belongs to BBN (ARIN not mentioned): http://www.iana.org/assignments/ipv4-address-space
004/8 Dec 92 Bolt Beranek and Newman Inc.
(as opposed to)
073/8 Mar 05 ARIN (whois.arin.net) 074/8 Jun 05 ARIN (whois.arin.net) 075/8 Jun 05 ARIN (whois.arin.net) 076/8 Jun 05 ARIN (whois.arin.net)
Either IANA's records are out of date or the space was granted prior to ARIN's start (in 97 or so). ARIN (via policies) has little say over this space.
participants (15)
-
Andrew - Supernews
-
Christopher L. Morrow
-
Cliff Albert
-
Crist Clark
-
Daniel Senie
-
Edward Lewis
-
Hyunseog Ryu
-
Johann Botha
-
Jon Lewis
-
Justin M. Streiner
-
Matthew Sullivan
-
Michael.Dillon@btradianz.com
-
Steve Gibbard
-
Will Yardley
-
william(at)elan.net