On 8 March 2017 at 19:46, Pete Turnbull <p...@dunnington.plus.com> wrote:
> Notice that - unlike normal whois servers - this one apparently requires > some other stuff, possibly including the text "whois", as part of the query. > That may explain why a normal whois client gets an error, because the > standard way to make a query is simply to send the string to query (eg, > "uni-stuttgart.de" or "dunnington.cx"): > > $ whois -h whois.denic.de uni-stuttgart.de > % Error: 55000000007 Request not clearly specified > > OK, so back to telnet, and try it with the syntax DENIC claims to want: > > $ telnet whois.denic.de 43 > Trying 81.91.170.6... > Connected to whois.denic.de. > Escape character is '^]'. > -T dn uni-stuttgart.de > [lots of output] > $ > > Aha! That works. But I can't replicate it with most whois clients. > > However, it /does/ work with the jwhois client, which some linux systems > have, and which seems to have some special method to deal with DENIC. It > doesn't work with the RIPE client - despite DENIC recommending that - unless > you construct a rather odd-looking query by adding at least "--T dn": [..] > Pete Turnbull I did an strace and I can confirm that the Linux 'whois' client that I used from those various sites sends '-T dn' (or actually -T dn,ace) write(3, "-T dn,ace uni-stuttgart.de\r\n", 28) = 28 I can't see where this whois originates from, it has version number '5.2.<something>'. Its man page refers to RFC 3912, but RFC 3912 says nothing about -T. RFC 3912's single example wouldn't have worked in this case. So I wonder what replaced RFC 3912, and why there's a mismatch between documentation and functionality.