On 2024/12/02 12:02 PM, Andy Smith wrote:
Hi,
On Mon, Dec 02, 2024 at 11:34:52AM -0500, vi...@wlcr.net wrote:
On 2024/11/27 01:57 AM, Timothy M Butterworth wrote:
I get a similar but slightly different error message.
tmb@hp-debian:~$ whois 191.96.36.56
% IP Client: 2607:fb90:db98:991c:6b9d:c93f:73d:7514
% This is the RIPE Database query service.
[…]
%ERROR:201: access denied for 190.112.52.14
%
% Queries from your IP address have passed the daily limit of
controlled objects.
% Access from your host has been temporarily denied.
% For more information, see
%
https://docs.db.ripe.net/FAQ/#why-did-i-receive-an-error-201-access-denied
% This query was served by the RIPE Database Query Service version
1.114 (ABERDEEN)
Show my ip address says my public IPv4 address is 172.59.137.156.
I do not know where 190.112.52.14 is coming from.
(Worth noting that Tim's query came from
2607:fb90:db98:991c:6b9d:c93f:73d:7514 so not even the same address
family as 190.112.52.14. I get the same result and my queries are over
IPv6 to RIPE as well.)
Why is a Debian command default setup blocked by RIPE?
I imagine the proxy is at the RIPE end, i.e. it's a reverse proxy.
Perhaps someone should report this to RIPE.
Interestingly so far I can only replicate it with "whois" in Debian 11,
not Debian 12.
When I do:
$ whois 191.96.36.56
on Debian 11, it consistently contacts 2001:13c7:7020:210::16
(whois-pdo.lacnic.net) which I assume internally contacts RIPE.
When I do same on Debian 12 it consistently contacts
2001:13c7:7002:4128::150 (whois-gru-s2.whois.lacnic.net).
On Debian 11 I can make it work by forcing it to try
whois-gru-s2.whois.lacnic.net first:
$ whois -h whois-gru-s2.whois.lacnic.net 191.96.36.56
I don't know if this outdated config of Debian's "whois", or some
misconfiguration at RIPE/lacnic. Obviously whois does have a config file
which it uses to choose whois servers to try, and those servers can
become out of date or break.
Thanks,
Andy
Hmm. Interesting point. No idea how to troubleshoot that one.
Would that not be subject of a Debian update?
So with that unresolved,
here's a new one of the same problem:
$ whois 191.96.36.52
% IP Client: 64.253.x.x
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See https://docs.db.ripe.net/terms-conditions.html
%ERROR:201: access denied for 168.121.184.15
%
% Sorry, access from your host has been permanently
% denied because of a repeated excessive querying.
% For more information, see
% https://docs.db.ripe.net/FAQ/#why-did-i-receive-an-error-201-access-denied
% This query was served by the RIPE Database Query Service version 1.114
(SHETLAND)
I have nothing to do with 168.121.184.15.
Short of packet capture and analysis, Is there such a thing as a
traceroute following a command like whois?
