On Sun 07/Apr/2024 16:47:37 +0200 Semisol via anti-abuse-wg wrote:
On 7.04.2024 15:42, Alessandro Vesely wrote:
BTW, how should one search DB objects like 2.0.a.2.ip6.arpa? I can search it
in the DNS but not in https://apps.db.ripe.net/db-web-ui/query
-T domain -d <range>
I believe you can also use the more/less specific flags with that query but I
didn't try.
Thanks, that apparently works. However, -T domain -d 2a02:: finds
0.0.0.0.2.0.a.2.ip6.arpa. It seems to prepend a variable number of zeroes and
cite the wrong name servers (see queries below). Shouldn't it find
2.0.a.2.ip6.arpa? That domain exists, although it has no name servers.
The parent zone, 0.a.2.ip6.arpa, has lots of international NSes, none of which
matches the ones returned by the database queries.
Delegations don't seem to be generated from the database. How is that supposed
to work?
----- queries -----
$ whois -h whois.ripe.net -T domain -d 2a02::
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See https://apps.db.ripe.net/docs/HTML-Terms-And-Conditions
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '0.0.0.0.2.0.a.2.ip6.arpa'
domain: 0.0.0.0.2.0.a.2.ip6.arpa
descr: IPv6 reverse delegation SES
nserver: isrvdns1.astra-net.com
nserver: isrvdns2.astra-net.com
nserver: isrvdns3.astra-net.com
...
$ dig 0.0.0.0.2.0.a.2.ip6.arpa ns
;; communications error to ::1#53: timed out
...
$ dig @isrvdns1.astra-net.com 0.0.0.0.2.0.a.2.ip6.arpa ns
;; communications error to 212.56.224.20#53: timed out
;; communications error to 212.56.224.20#53: timed out
;; communications error to 212.56.224.20#53: timed out
; <<>> DiG 9.18.24-1-Debian <<>> @isrvdns1.astra-net.com
0.0.0.0.2.0.a.2.ip6.arpa ns
; (1 server found)
;; global options: +cmd
;; no servers could be reached
$ dig @isrvdns2.astra-net.com 0.0.0.0.2.0.a.2.ip6.arpa ns
;; communications error to 212.56.224.21#53: timed out
;; communications error to 212.56.224.21#53: timed out
;; communications error to 212.56.224.21#53: timed out
; <<>> DiG 9.18.24-1-Debian <<>> @isrvdns2.astra-net.com
0.0.0.0.2.0.a.2.ip6.arpa ns
; (1 server found)
;; global options: +cmd
;; no servers could be reached
$ dig @isrvdns3.astra-net.com 0.0.0.0.2.0.a.2.ip6.arpa ns
;; communications error to 213.169.107.4#53: timed out
;; communications error to 213.169.107.4#53: timed out
;; communications error to 213.169.107.4#53: timed out
; <<>> DiG 9.18.24-1-Debian <<>> @isrvdns3.astra-net.com
0.0.0.0.2.0.a.2.ip6.arpa ns
; (1 server found)
;; global options: +cmd
;; no servers could be reached
$ dig 0.a.2.ip6.arpa ns
; <<>> DiG 9.18.24-1-Debian <<>> 0.a.2.ip6.arpa ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32256
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 9
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: b9ca8f96dd329dbf010000006613bf18d99a4c9d9cbff52a (good)
;; QUESTION SECTION:
;0.a.2.ip6.arpa. IN NS
;; ANSWER SECTION:
0.a.2.ip6.arpa. 78819 IN NS ns3.lacnic.net.
0.a.2.ip6.arpa. 78819 IN NS ns4.apnic.net.
0.a.2.ip6.arpa. 78819 IN NS rirns.arin.net.
0.a.2.ip6.arpa. 78819 IN NS ns3.afrinic.net.
0.a.2.ip6.arpa. 78819 IN NS pri.authdns.ripe.net.
...
$ whois -h whois.ripe.net -T domain -d 2a00::
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See https://apps.db.ripe.net/docs/HTML-Terms-And-Conditions
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '0.0.0.0.a.2.ip6.arpa'
domain: 0.0.0.0.a.2.ip6.arpa
descr: Arcor AG & Co. KG
org: ORG-MAT1-RIPE
admin-c: ANOC1-RIPE
tech-c: ANOC1-RIPE
zone-c: ANOC1-RIPE
nserver: ns1.arcor-ip.de
nserver: ns2.arcor-ip.de
nserver: ns3.arcor-ip.de
created: 2006-03-14T11:25:21Z
last-modified: 2016-11-07T14:07:33Z
source: RIPE
mnt-by: ARCOR-MNT
remarks: Unmaintained reverse domain object.
remarks: Address prefix maintainer(s) added by RIPE NCC.
remarks: For more information see:
remarks: http://www.ripe.net/db/support/security/domain/syntax.html
Best
Ale
--
--
To unsubscribe from this mailing list, get a password reminder, or change your
subscription options, please visit:
https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
