How to perform whois on public IP addresses

Table of Contents

Case #

You need to perform a whois query on a public IP address (IPv4 or IPv6) to understand in which geographical region it is registered and under which service provider.

Background information #

The Internet Assigned Numbers Authority (IANA) is in charge of the Internet Protocol (IP) address space.

The IANA authority is responsible for the following tasks:

  • Managing and maintaining the information of IP addresses.
  • Root zone management in DNS. The authoritative name servers that serve the DNS root zone, commonly known as the “root servers” or "root hints", are a network of hundreds of servers in many countries around the world. They are configured in the DNS root zone as 13 named authorities. More details can be found at: https://www.iana.org/domains/root/servers.
  • Autonomous System Numbers (ASNs) allocation. An Autonomous System (AS) is a group of one or more IP prefixes (lists of IP addresses accessible on a network) run by one or more network operators that maintain a single, clearly-defined routing policy. Network operators need Autonomous System Numbers (ASNs) to control routing within their networks and to exchange routing information with other Internet Service Providers (ISPs). IANA assigns the ASNs to the regional internet registries (RIR). Each IP address that surfaces globally is managed by one of the five RIRs operating within the globe's specific region.
  • Control of Internet Protocol-related symbols and Internet numbers.

The five RIRs are the following:

  • African Network Information Centre (AfriNIC): IP Addresses Administrator for Africa.
  • American Registry for Internet Numbers (ARIN): IP Addresses Administrator for the United States, Canada, and several Caribbean and North Atlantic islands.
  • Asia-Pacific Network Information Centre (APNIC): IP Addresses Administrator for Asia, Australia, and their neighboring countries.
  • Latin America and Caribbean Network Information Centre (LACNIC): IP Addresses Administrator for Latin America and parts of the Caribbean region.
  • Réseaux IP Européens Network Coordination Centre (RIPE NCC): IP Addresses Administrator for Europe, the Middle East, and Central Asia.

The public IPv4 and IPv6 address space are organized geographically under the above RIRs which in turn distribute public IP addresses to service providers operating under a certain country. Each country provides its own Internet Exchange Points (IXP).

Solution #

IPv4 #

Based on the background information included in this article, you must query the whois database of the RIR corresponding to the public IP address you are looking or. There are publicly available free tools for automating the process of whois to all RIRs. One such tool is https://dnschecker.org/ip-whois-lookup.php.

Another useful tool is https://www.iana.org/whois.

IPv6 #

There are various publicy available IPv6 whois tools available such as https://findipv6.com/ipv6-whois/.

Sources #

http://www.iana.org/assignments/ipv4-address-space
http://www.iana.org/assignments/iana-ipv4-special-registry
http://www.iana.org/assignments/ipv4-recovered-address-space

https://dnschecker.org/ipv6-whois-lookup.php

https://www.datacentermap.com/ixps.html

https://www.internetexchangemap.com

ASN, DNS, iana, Internet Protocol, IP addresses, IPv4, IPv6, RIR, whois
What are your Feelings

Powered by BetterDocs