Who manages the Internet?
Vielleicht für den einen oder anderen ganz interessant zu lesen
Who Manages the Internet?!
The power of whois.
Last Modified: 7 June 2000
Be advised, due to the dynamic nature of the Internet, and Domain Name control in particular, this paper may be somewhat out of date.
Who manages the Internet? There are a lot of issues to such a basic question; who controls IP addresses, who assigns domain names, who handles the domain name resolution? This article will answer these questions with a basic overview of how the Internet works and what organizations are managing it. I will not discuss the history of the Internet, go into detail on how DNS works, nor my personal view on how to improve domain registration. This will be a basic overview of how the Internet is currently managed and how you can leverage this knowledge with the command whois.
There are many critical resources that must be managed for the Internet. Two that I will be focusing on is the management of IP addressing and domain names. IP addresses are unique numbers, each address consisting of four octets (32 bits), as specified in RFC 791. Domain names are the organization and representation of IP addresses. In the first part of this article, we will discuss IP addressing and how the Internet manages it. We will then cover the far more complicated and political issue of domain names and how they are controlled.
IP addresses are the work horse of the Internet, it is how your packet gets from point A to point B. This works because no two IP addresses are the same. Without a standardized system of unique addressing, the Internet could not function. But who is in charge of them? How do you know that the IP address you have is truly unique? The place to start is IANA, Internet Assigned Numbers Authority ( http://www.iana.org
IANA, located at the Information Sciences Institute at University of Southern California, is responsible for a variety of Internet issues, including IP addressing (discussed here) and domain registration for countries (discussed later). IANA is the ultimate source of authority for IP addresses, it is ultimately responsible for most of the IP addresses in the world.
It controls these IP addresses in a hierarchical manner. IANA distributes IP addresses as large blocks to three regional registries. Each block is unique, separate from the other two. Each regional registry distributes these IP blocks into smaller blocks to ISPs or large organizations within their region. These ISPs, in turn, distribute IP addresses to smaller ISPs, companies, schools, etc. Each organization manages the IP distribution to the next lower level, ensuring IP addresses are not wasted nor replicated.
The three main regional IP registries are as follows (note, all three registries are non for-profit organizations):
is the Reseaux IP Europeens (more commonly called the Regional Internet Registry for Europe). Located in Amsterdam, The Netherlands, RIPE provides support to approximately 1000 Internet Registries, or ISPs, located in Europe, Middle East, and parts of Asia and Africa (check out http://www.ripe.net/...s/general/index.html
to see all the countries).
is the Asian Pacific Network Information Center. Located in Tokyo, Japan, APNIC provides support for all Asian countries. Currently there is no list of every individual country that falls under APNIC.
is the American Registry for Internet Numbers. Located in Chantilly, VA, ARIN supports everybody else, including North and South America, the Caribbean, and the sub-Sahara Africa. Currently there is no list of every individual country that falls under ARIN.
Armed with this knowledge, you can always find who owns an IP address. This is extremely useful when you are tracking down an IP address that is not resolvable. An example would be finding in your logs an IP address that is continually scanning your network for holes. You want to put a stop to this, but how? Often the IP address does not have in-addr.arpa entry, so reverse nslookups fail.
With whois, you can query any of the three regional registry databases for the IP address’s owner. An example would be the IP address 18.104.22.168 . By doing a whois on the network block, you can identify the ISP or organization that owns the IP block. Please note that you can lookup the network block 22.214.171.124 or the specific IP address. Once you find the owner of the IP block, you can then drill down and find the owner of the specific IP. You specify one of the three main registries with –h. The following command asks the RIPE database who "owns" the network 126.96.36.199
whois client queerying the RIPE Database: http://www.ripe.net/cgi-bin/whois
Enter: -L 188.8.131.52
There are five ways of querying the RIPE database:
whois client, WWW, WAIS, telnet and e-mail.
Searching for the names of database objects;
If you wish to look up objects in the RIPE database, you must use special search keys. A full list of the search keys is given below:
aut-num AS number (e.g. AS3333)
as-macro as-macro name (e.g. AS-EBONE)
community community name (e.g. HEPNET)
domain domain name (e.g. over.ripe.net)
inetnum range of IP addresses e.g 184.108.40.206 - 220.127.116.11;
network name e.g.RIPE-NCC
inet6num range of IP version 6 addresses or network name
person a person's name or NIC-handle
or e-mail address in RFC822 format.
e.g. Ambrose Magee or AMRM1-RIPE
domain-prefix domain-prefix, domain-name
inet-rtr internet router name (e.g.
limerick name of limerick
mntner name of mntner object e.g. AMRM1-RIPE-MNT
route internet route e.g. 18.104.22.168/24
role the name, the NIC-handle or the e-mail address (in RFC822 format)
of a role object; e.g. RIPE NCC
If you also want to search for other strings in the objects, you can use the WAIS interface; however it doesn't support the special options that are provided in the RIPE 'whois' interface. The RIPE whois client has several options, which may be used either alone or in combination.
The following is a list, in alphabetical order, of the available options, which are explained in more detail below.
-a search all databases
-F fast raw output (implies -Fr)
-h search alternate server
-i inverse look-up
-k used with the telnet interface
-L find all Less specific matches
-m find first level More specific matches
-M find all More specific matches
-p connect to other port than the default whois port
-r turn off recursive lookups
-s search databases with source "source"
-S tell server to leave out "syntactic sugar"
-t requests template for object of type "type"
-T only look for objects of type "type"
-HELP gives a copy of the current `HELP & HOWTO' document.
A very useful option is "-h", which allows you to connect directly to the server at the RIPE NCC or to a "mirror" of the RIPE database elsewhere.
- Example 2:
#whois –h whois.arin.net 22.214.171.124
EnterAct, L.L.C. (NETBLK-EACT-BLOCK-1)
3227 N. Sheffield #4R
Chicago, IL 60657
Netblock: 126.96.36.199 - 188.8.131.52
Here is a whois lookup of the IP address 184.108.40.206 which is in Poland.
#whois –h whois.arin.net 220.127.116.11
European Regional Internet Registry/RIPE NCC (NETBLK-RIPE-C) These addresses have been further assigned to European users. Their contact information can be found in the RIPE database. See below how to use that database to obtain up-to-date information.
By using the whois command, and specifying the IP registry database (ARIN, RIPE, APNIC) you can drill down and find the owners of the IP address.
Top Level Domain Names
IP address are boring, 32 bit numbers that no one can remember. Domain names are different, these are the highly political entities that countless law suites have been fought over. Well, I am going to skip these politics and cover how the technology currently works.
Domain names are how we remember IP addresses. The IP address for xxx is 18.104.22.168. However, this number is impossible to remember, so I use http://www.astalavista.com,
much easier to remember and use. But who manages the domain names, how does it all work? It all starts with the Top Level Domain name (TLD). Domain names are a hierarchy, with TLDs at the top. Each TLD is then divided into second-level domains, and so on. An example is the domain name enteract.com. COM is the TLD, while enteract is the second level domain name that falls under the TLD COM.
There are two types of TLDs, country-code and generic (gTLD). Every country in the world has a unique two character identifier, set by ISO 3166 standard. These country-code identifiers are the TLD for each country, examples include US for the United States, JP for Japan, and DE for Germany. There also exists 7 generic TLDs, COM, NET, ORG, EDU, MIL, INT, and GOV. Generic TLDs are unique in that they do not denote any nationality.
For every one of these TLDs, both country-codes and general, there is a specific organization in charge of it, usually called a Network Information Center, or NIC. These NICs are responsible for the registration and management of all the second-level domains under the TLD. If you need to find out anything about a second-level domain name, the place to start is the TLDs NIC.
For the country-code TLDs, each country is responsible for its own TLD. Thus, Poland is responsible for its own TLD (PL), just as Japan is responsible for it own TLD (JP). Each country identifies and manages its own NIC, usually an university or government organization. These country NICs are then authorized by IANA.
The seven generic TLDs are unique in that any organization, regardless of nationality, can use them. The company Network Solutions Inc. is a NIC, thus the name InterNIC, for four gTLDs, COM (commercial), NET (Internet) , ORG (organizational – usually non for-profit), and EDU (educational). The Depart of Defense is responsible for MIL (military), the government, actually the Center for Electric Messaging Technologies, for GOV (government), and IANA is responsible for INT (organizations established by international treaties).
To find out who is the NIC for a specific TLD, do a whois "TLD"-DOM, the DOM extension tells the whois database to look up a TLD. This will give the you location, point of contact, and the DNS servers of the TLD. Whois by default finds this information at the rs.internic.net database. This database contains the registration information for every TLD. So, to find out who is the NIC for Poland’s TLD PL, use the following command:.
Poland (Republic of) top-level domain (PL-DOM)
Research and Academic Computer Network
Domain Name: PL
Krzanowski, Wiktor (WK856) wiktor@NASK.PL
+48 22 651-05-20..24 (FAX) +48 22 41-00-47
Technical Contact, Zone Contact
Luc, Miroslaw (ML4513) mirek@NASK.PL
+48 22 8268000 (FAX) +48 22 8268009
Domain servers in listed order:
Here we see Poland’s Research and Academic Computer Network (at http://www.nask.pl/)
is in charge of the TLD PL. Also listed are the points of contact, the SOA and secondary DNS servers. With this information, you can drill down and find information on all second-level domain names under that TLD. After contacting Poland’s NIC, I was directed to http://www.nask.pl/.../net/dns-lista.html.
Every TLD, both country-code and generic, is also registered with the root server, a.root-servers.net. The root server is the absolute top of the TLD hierarchy (represented by a dot "."), it points to the DNS servers of all TLDs. The purpose of a root server is to give the IP address of a TLD’s primary or secondary DNS servers. When your computer has to resolve a URL, such as http://www.intel.com/,
your computer (if the information has not been cached) will start with the root server. It asks the root server what are the DNS servers for the TLD (in this case PL). The root server replies, sending your computer to the TLD’s servers, where you system will query about the second-level domain name. Your system repeats this drill down process until it resolves the URL.
Having a single computer resolving the DNS servers for every TLD is not a good idea, both for bandwidth and high availability issues. There exists 12 other root servers that act as secondaries to the primary root server. Scattered throughout the world, these 13 servers resolve every TLD. Thus, just like the a.root-servers.net, any of the other 12 root servers act as the ultimate authority for all TLDs. The 13 root servers are as follows (you can get this information by doing a whois on the name of the server).
Network Solutions Inc., in Herndon VA
University of Southern California (ISI), Marina del Rey, CA
Performance Systems International Inc.
University of Maryland, Computer Science Center
NASA Ames Research Center, Moffett Field, CA
Internet Software Consortium, Palo Alto, CA
DOD Network Information Center, Vienna, VA.
Army Research Laboratory, Aberdeen Proving Ground, MD.
Network Solutions Inc., Herndon VA
European Regional Internet Registry, RIPE NCC
University of Southern California (ISI), Marina del Rey, CA
WIDE Project, Fujisawa Japan
Registration of Second-level Domain Names.
Now that you know how TLDs are managed, what about the second-level domain names, how are those managed? Every TLD is responsible for managing the second-level domain names under them. Lets use an example, the most common TLD used today, COM. This is the TLD used the world over, such as ibm.com or toyota.com. But who controls these second-level domain names, how are they managed?
If you want to register a second-level domain name with a TLD of COM, you must do so through Network Solutions Inc. This is the company responsible for this TLD (do a whois on com-dom). Network Solutions Inc. is also responsible for the TLDs ORG, EDU, and NET. To register your second-level domain name, go to their web site http://www.internic.net/.
If the second level domain name is already registered, then you cannot use that domain name. Once the second-level domain name is registered, the owner is then responsible for building and managing their own "NIC" (basically a primary and secondary server), which resolves the second-level domain name.
The same process is true of any TLD. Say you wanted to register the second-level domain name "this is" with the TLD IT, giving you the web site http://www.thisis.it.
You would have to find out who has responsibility of the TLD IT (what country). As we learned earlier, you do this with the command:
Italy top-level domain (IT-DOM)
c/o CNR-Istituto CNUCE
Via Santa Maria, 36
Looks like you will have to contact the Italian NIC to register your second-level domain name this-is. Note, http://www.ripe.net/
also provides information on all TLDs in Europe and the Middle East.
Whois for COM, ORG, EDU, and NET.
Remember how we can do a whois on any TLD with the default whois database (rs.internic.net). Well, this database also holds information on any second-level domain name under the TLD COM, EDU, ORG, or NET. An example would be a whois on the second-level domain name intel.com.
Domain Name: ASTALAVISTA.COM
Registrar: NETWORK SOLUTIONS, INC.
Whois Server: whois.networksolutions.com
Referral URL: http://www.networksolutions.com
Name Server: NAENIKON.ACTIVE.CH
Name Server: ZURICH.ACTIVE.CH
Updated Date: 11-may-2000
Domain Name: ASTALAVISTA.COM
The reason whois will give you this information is that Network Solutions Inc. is responsible for the database rs.internic.net and is the NIC for these gTLDs. Thus rs.internic.net resolves all TLDs and the second-level domain names for the four gTLDs.
Remember, we cannot do a whois on a second-level domain name who’s TLD is not COM, EDU, NET, or ORG. We have to query the TLD’s NIC to get information on any second-level domain names. Refer to the above example for the TLD PL. There we see that we have to refer to Poland’s NIC, nask.pl for information on Poland’s second-level domain names.
With the power of whois, you can find out who is responsible for any Top Level Domain name. Once you have identified the NIC of the TLD, you can drill down and find information on second-level domain names under the TLD. Each NIC may have a different method for querying second-level domain names under it. By default, the whois server rs.internic.net will also answer second-level domain names for the TLDs COM, ORG, NET, and EDU.
There is no one organization managing the Internet’s resources, specifically IP addresses and domain names. Rather, the Internet is managed in a hierarchial fashion with several organizations at the top. The command whois enables you to find out who is managing these resources, through the various levels of the hierarchy.
This structure has changed radically over the past several years, and will continue to do so. This article captures a snapshot of the Internet at this time. To learn more about the future of the Internet, start with any of the three Regional IP Registries already mention, or http://www.gtld-mou.org/.
When I started this article I had hoped to include other issues, such as nslookup and in-addr.arpa. However, covering all this is impossible in a single article, I would end up writing a book (which I have no intention of doing). Hopefully, I have given you the basic framework of how the Internet is managed, and how you can leverage that information.
By Lance Spitzner modified by AstaLaVista Staff - Admin#01.
schönen tag und schöne grüsse