Presentation is loading. Please wait.

Presentation is loading. Please wait.

Whois Domain Object Authorisation APNIC18 – DB SIG Nadi, Fiji 2 September 2004.

Published byAudra Palmer Modified over 9 years ago

Similar presentations

Presentation on theme: "Whois Domain Object Authorisation APNIC18 – DB SIG Nadi, Fiji 2 September 2004."— Presentation transcript:

1 Whois Domain Object Authorisation APNIC18 – DB SIG Nadi, Fiji 2 September 2004

2 Procedural Problem Whois database authorisation is hierarchical –APNIC maintainer is the mnt-lower for all APNIC /8 domains –All attempts by members to create /24 and /16 domains fail for non MyAPNIC users

3 Example Member XYZ has been allocated 202.168.80.0 – 202.168.95.255 (/20): inetnum: 202.168.80.0 – 202.168.95.255 netname: XYZ-NET descr: XYZ Broadband Networks descr: Suburbia country: AP admin-c: EG999-AP tech-c: EG999-AP mnt-by: APNIC-HM mnt-lower: MAINT-AP-EXAMPLE changed: hm-changed@apnic.net 20040712 status: ALLOCATED PORTABLE source: APNIC

4 Example continued Member XYZ now tries to create a /24 reverse delegation, 80.168.202.in-addr.arpa: domain: 80.168.202.in-addr.arpa descr: Reverse DNS Zone for 202.168.80.0/24 country: AP admin-c: EG999-AP tech-c: EG999-AP zone-c: EG999-AP nserver: ns1.foo.bar nserver: ns2.foo.bar mnt-by: MAINT-AP-EXAMPLE source: APNIC

5 Example continued They submit the domain object to auto-dbm@apnic.net, but it fails  auto-dbm@apnic.net Why? –Authorisation is hierarchical, the parent object 202.in-addr.arpa contains: mnt-lower: MAINT-AP-DNS –Only new domain objects with mnt-by and password of MAINT-AP-DNS will succeed

6 Authorisation model problems Manual creation Inconvenient due to time delay Not providing best possible service

7 Procedural Solution - Allocation Compare mnt-by of domain template with mnt-lower of related inetnum object Maintainers match and correct password provided If conditions met then domain object is created

8 Example of Allocation Procedural Solution Inetnum object inetnum: 202.168.80.0 - 202.168.95.255 netname: XYZ-NET descr: XYZ Broadband Networks descr: Suburbia country: AP admin-c: EG999-AP tech-c: EG999-AP mnt-by: APNIC-HM mnt-lower: MAINT-AP- EXAMPLE changed: hm@apnic.net 20040712 status: ALLOCATED PORTABLE source: APNIC Domain template domain: 80.168.202.in- addr.arpa netname: Reverse DNS for 202.168.80.0/24 country: AP admin-c: EG999-AP tech-c: EG999-AP nserver: ns1.foo.bar nserver: ns2.foo.bar mnt-by: MAINT-AP- EXAMPLE changed: hm@apnic.net 20040712 source: APNIC

9 Procedural Solution - Assignment Compare mnt-by of domain template with mnt-routes of related inetnum object Encouraged use of mnt-routes attribute Maintainers match and correct password provided If conditions met then domain object is created

10 Example of Assigment Procedural Solution Inetnum object inetnum: 202.168.80.0 - 202.168.80.255 netname: XYZ-NET descr: XYZ Broadband Networks descr: Suburbia country: AP admin-c: EG999-AP tech-c: EG999-AP mnt-by: APNIC-HM mnt-routes: MAINT-AP- EXAMPLE changed: hm@apnic.net 20040712 status: ASSIGNED PORTABLE source: APNIC Domain template domain: 80.168.202.in- addr.arpa netname: Reverse DNS for 202.168.80.0/24 country: AP admin-c: EG999-AP tech-c: EG999-AP nserver: ns1.foo.bar nserver: ns2.foo.bar mnt-by: MAINT-AP- EXAMPLE changed: hm@apnic.net 20040712 source: APNIC

11 Exceptions Old allocations with no mnt-lower attribute. Assignments with no mnt-routes attribute. –Forward any domain templates which don’t meet the proposed solution to helpdesk@apnic.net for manual intervention. helpdesk@apnic.net

12 Statistics 622 new domain objects submitted for manual creation between January 1 and February 27 2004 558 (89%) would have succeeded through new algorithm

13 Implementation Schedule End of 2004

14 Questions? Thanks for your time!

Download ppt "Whois Domain Object Authorisation APNIC18 – DB SIG Nadi, Fiji 2 September 2004."

Similar presentations

1 Technical Area highlights and priorities APNIC Member Meeting 29 February 2008 APNIC 25, Taipei George Michaelson.

1 Technical Area highlights and priorities APNIC Member Meeting 29 February 2008 APNIC 25, Taipei George Michaelson.
Operational Policies for NIRs in the APNIC Region NIR Meeting APNIC14, Kitakyushu, Japan 4 Sept 2002.

Operational Policies for NIRs in the APNIC Region NIR Meeting APNIC14, Kitakyushu, Japan 4 Sept 2002.
Protecting Resource Records in APNIC Whois Database Database SIG APNIC-16, Seoul August 2003 Sanjaya

Protecting Resource Records in APNIC Whois Database Database SIG APNIC-16, Seoul August 2003 Sanjaya
TWNIC RMS Update 16 th APNIC NIR SIG TWNIC Sheng Wei Kuo Aug, 2003.

TWNIC RMS Update 16 th APNIC NIR SIG TWNIC Sheng Wei Kuo Aug, 2003.
APNIC Member Services George Kuo. MyAPNIC 2 What is MyAPNIC A secure Member services website Internet resources management, for example: –Whois updates.

APNIC Member Services George Kuo. MyAPNIC 2 What is MyAPNIC A secure Member services website Internet resources management, for example: –Whois updates.
Handling Internet Network Abuse Reports at APNIC 21 October 2010 LAP-CNSA Workshop, Melbourne George Kuo.

Handling Internet Network Abuse Reports at APNIC 21 October 2010 LAP-CNSA Workshop, Melbourne George Kuo.
Save Vocea/ Sanjaya - APNIC PacINET2002 28 November 2002, Fiji APNIC Whois Tutorial.

Save Vocea/ Sanjaya - APNIC PacINET November 2002, Fiji APNIC Whois Tutorial.
Database Update Kaveh Ranjbar Database Department Manager, RIPE NCC.

Database Update Kaveh Ranjbar Database Department Manager, RIPE NCC.
Sweeping lame DNS reverse delegations APNIC16 – DNS Operations SIG Seoul, Korea, 20 August 2003.

Sweeping lame DNS reverse delegations APNIC16 – DNS Operations SIG Seoul, Korea, 20 August 2003.
1 prop-018-v001 Protecting historical records in the APNIC Whois Database Project Update DB SIG APNIC18 2 September 2004 Nadi, Fiji Sanjaya, Project Manager,

1 prop-018-v001 Protecting historical records in the APNIC Whois Database Project Update DB SIG APNIC18 2 September 2004 Nadi, Fiji Sanjaya, Project Manager,
Reverse DNS.

Reverse DNS.
APNIC Internet Routing Registry An introduction to the IRR TWNIC Meeting, 3 December 2003 Nurani Nimpuno, APNIC.

APNIC Internet Routing Registry An introduction to the IRR TWNIC Meeting, 3 December 2003 Nurani Nimpuno, APNIC.
Reverse DNS. Overview Principles Creating reverse zones Setting up nameservers Reverse delegation procedures.

Reverse DNS. Overview Principles Creating reverse zones Setting up nameservers Reverse delegation procedures.
Anne Lord & Mirjam Kühne. AfNOG Workshop, 10 May 2001. The whois Database Introduction and Usage.

Anne Lord & Mirjam Kühne. AfNOG Workshop, 10 May The whois Database Introduction and Usage.
Providing A Subset of Whois Data Via DNS Shuang Zhu Xing Li CERNET Center.

Providing A Subset of Whois Data Via DNS Shuang Zhu Xing Li CERNET Center.
NATO Advanced Networking Workshop. Ljubljana, 19 September 2001. 1 “How to Run a Local Internet Registry” or all your IPs are belong.

NATO Advanced Networking Workshop. Ljubljana, 19 September “How to Run a Local Internet Registry” or all your IPs are belong.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Database SIG APNIC Database Privacy Issues 1 March 2001 APRICOT, Malaysia Fabrina.

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Database SIG APNIC Database Privacy Issues 1 March 2001 APRICOT, Malaysia Fabrina.
The APNIC Whois Database Introduction and Usage. whois.apnic.net whois.ripe.netwhois.arin.net Server Unix Client ‘X’ Client Command Prompt / Web Interface.

The APNIC Whois Database Introduction and Usage. whois.apnic.net whois.ripe.netwhois.arin.net Server Unix Client ‘X’ Client Command Prompt / Web Interface.
1 APNIC reverse DNS management roadmap DNS operations SIG, APNIC 21 2 March 2006.

1 APNIC reverse DNS management roadmap DNS operations SIG, APNIC 21 2 March 2006.
Database Update Paul Palse Database Manager, RIPE NCC.

Database Update Paul Palse Database Manager, RIPE NCC.

Similar presentations

Ads by Google