One of the things I find myself doing from time to time it to execute the whois command. This allows me to figure out to whom an IP(range) or domain belongs. However, when doing this on OS X, especially with IPv6 addresses I’m greeted with:
$ whois 2a00:1450:400f:805::200e No match for "2a00:1450:400f:805::200e". >>> Last update of whois database: Tue, 07 Jun 2016 12:55:53 GMT <<<
I figured I should explicitly ask it to treat this as IPv6 and found this in the man page:
-6 Use the IPv6 Resource Center (6bone) database. It contains network names and addresses for the IPv6 network.
But a few seconds later:
$ whois -6 2a00:1450:400f:805::200e whois: whois.6bone.net: nodename nor servname provided, or not known
6bone has been dead for ages and instead you should just query the approriate whois server of the RIR that has been assigned the block in which the IP you’re interested in resides. For IPv6 there’s a list here, and IPv4 is over here.
I tried all the other possible switches in the man pages, even explicitly pointing it to RIPE’s whois servers as this is one of Google’s IPv6 addresses handed out by RIPE. No dice.
Going through the man page it also appears there is no way to override the
servers the utility might query in the same way that
whois on a Linux system
So at this point, if you want an actually functioning
whois on OS X just do
brew install homebrew/dupes/whois and call it a day. This will shadow the
system provided whois though so do be careful.
As a side note, your newly found whois supports an
/etc/whois.conf file which
takes regex patterns and a whois server to query for them:
This will now send whois queries for IPs matching that regex to RIPE. Using that same trick you can add whois servers for the new gTLDs if it doesn’t manage to correctly resolve one of them:
If you want to figure out what the WHOIS server for a domain is, you can query IANA for it:
$ whois -h whois.iana.org brussels % IANA WHOIS server % for more information on IANA, visit http://www.iana.org % This query returned 1 object domain: BRUSSELS [..] whois: whois.nic.brussels
You can also manually brwose the gTLD database here and click through to find the appropriate whois server.
Thinking about it I would’ve prefered to see this information encoded in DNS instead by the use of TXT recrods. However, whois predates DNS by a year (two years even before the first DNS implementation showed up) and 5 years before the TXT record was added.
It seems that for now we’re stuck with this.