1
mirror of https://git.dn42.dev/wiki/wiki.git synced 2024-12-14 01:49:55 +01:00
wiki/Services-Whois.md

107 lines
4.4 KiB
Markdown
Raw Normal View History

2013-11-04 23:19:59 +01:00
# Whois registry
2012-07-18 16:51:05 +02:00
**aka** _The registry_.
2013-11-04 23:29:42 +01:00
The registry contains:
* AS numbers assignations
* Subnet assignations
* DNS root zone for `dn42.`
## Web interface
2013-11-23 10:01:59 +01:00
Nixnodes provides a nice web interface, that allows you to **add/edit records** easily. It is available at https://io.nixnodes.net/?registry. A full guide is available at [Getting started](Getting-started-with-dn42#Fill-in-the-registry).
### Authentication
To add or edit records with the web interface, authentication is done thanks to **maintainer objects**. Each maintainer object has a password associated to it.
The password are not stored in cleartext in the registry: a hash is computed from the password and the name of the maintainer object. To generate such a hash (e.g. in case you forgot your password), use https://io.nixnodes.net/nctlio.php?m=dnr&gen=mypassword&mnt=MYMAINTAINER-MNT
### Misc
2013-11-04 23:29:42 +01:00
A read-only interface is also available at http://ix.ucis.dn42/dn42/ ([public](http://ix.ucis.nl/dn42/) or 172.22.166.3). The used PHP scripts are available from UFO a.k.a. Ivo at request.
2014-01-27 19:48:05 +01:00
## DNS interface
There is also a DNS-based interface to query AS information from the registry. The DNS zone is `asn.dn42`. Example:
$ dig +short AS76103.asn.dn42 TXT
"76103 | DN42 | dn42 | | NIXNODES-IX - NixNodes CORE Network"
2014-01-27 21:34:34 +01:00
The Python code for generating the zone from the registry is available on the monotone repository.
2014-01-27 19:48:05 +01:00
The idea comes from the guys at cymru.com, who provide this service for the Internet (e.g. `AS1.asn.cymru.com`)
2013-11-06 17:03:09 +01:00
## Address space
2013-11-19 10:59:31 +01:00
There is nice 3djs visualisation showing current address space usage: http://dataviz.polynome.dn42/dn42-netblock-visu/registry.html ([public](http://109.24.208.244:8888/dn42-netblock-visu/registry.html) or 172.23.184.98). The input data is taken from the registry.
2013-11-06 17:03:09 +01:00
2013-11-19 10:59:31 +01:00
Another visualisation shows the prefixes seen by BGP: http://dataviz.polynome.dn42/dn42-netblock-visu/index.html ([public](http://109.24.208.244:8888/dn42-netblock-visu/index.html) or 172.23.184.98).
2013-11-04 23:29:42 +01:00
2014-02-04 17:10:47 +01:00
## Software
* [[lglass]] is a python implementation for working with the registry. It features a whois server, tools to manipulate the data (DNS zone generation, etc).
2012-07-18 16:51:05 +02:00
## Whois daemons
* welterde: thinkbase.srv.welterde.de (46.4.248.201)
2013-08-04 17:47:30 +02:00
* fritz: whois.fritz.dn42 (172.22.119.139)
2012-07-18 16:51:05 +02:00
* nixnodes: whois.nixnodes.dn42 (172.22.177.77)
### Usage
```sh
whois -h $host $query
```
2014-01-01 14:02:57 +01:00
### Using a whois config
```sh
$ cat /etc/whois.conf
\.dn42$ 172.22.177.77
\-DN42$ 172.22.177.77
2014-01-04 23:39:07 +01:00
# dn42 range 64512-65534
as6[4-5][0-9][0-9][0-9] 172.22.177.77
#dn42 range 76100-76199
as761[0-9][0-9] 172.22.177.77
2014-01-28 20:32:43 +01:00
# dn42 ipv4 address space
172.2[2-3].* 172.22.177.77
2014-02-04 09:50:03 +01:00
# dn42 ula ipv6 address space
fd**:****:****:****:****:****:****:**** 172.22.177.77
2014-01-01 14:02:57 +01:00
```
2014-01-01 14:06:15 +01:00
You can then use whois without specifying the server. Works at least with Marco d'Itri's whois client.
2012-07-18 16:51:05 +02:00
### Running your own whoisd
2014-02-04 17:10:47 +01:00
2012-07-18 16:51:05 +02:00
```sh
cd /home/some/path/to/store/branch
sudo aptitude install ruby rubygems
sudo gem install netaddr
cd whoisd/ruby
sudo ruby whoisd.rb nobody
```
2013-04-25 03:48:34 +02:00
2012-07-18 16:51:05 +02:00
## Monotone
2013-04-25 20:51:32 +02:00
Monotone is an distributed revision control system. Monotone tracks revisions to files, groups sets of revisions into changesets, and tracks history across renames. The design principle is distributed operation making heavy use of cryptographic primitives to track file revisions (via the SHA-1 secure hash) and to authenticate user actions (via RSA cryptographic signatures). Each participant maintains their own revision history store in a local SQLite database. Monotone is especially strong in its support of a diverge/merge workflow, which it achieves in part by always allowing commit before merge. Revisions are exchanged using the custom netsync protocol which shares some conceptual ground with rsync and cvs.
2012-07-18 16:51:05 +02:00
* [Website](http://monotone.ca/)
* [Tutorial](http://monotone.ca/docs/Tutorial.html)
### Monotone servers
* crest: mtn.crest.dn42
* welterde: headend.srv.welterde.de(46.4.248.203)
* somerandomnick: mtn1.srn.dn42(172.22.131.102)
2013-04-25 20:55:45 +02:00
* dracoling: dn42.smrsh.net (net.smrsh.dn42)
2012-07-18 16:51:05 +02:00
### Monotone branches
* net.dn42.registry: Contains the registry and some related code
### Setup
```sh
mtn genkey you@domain.tld
mtn pubkey you@domain.tld # send the output to some $monotone_server operator(do NOT send the keypair!)
2013-04-16 17:56:30 +02:00
mtn clone 'mtn://$monotone_server/?net.dn42.*' --branch net.dn42.registry
cd net.dn42.registry
2012-07-18 16:51:05 +02:00
$add_your_objects
mtn add --unknown
mtn ci -k you@domain.tld
2013-04-16 17:56:30 +02:00
mtn sync
2012-07-18 16:51:05 +02:00
```