|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Where can I find a list of IPs and their regions.
: I'm however pursuing this issue futher and see it as that rather then : developing this into one-one relationship between ip and country, it might : be better provide several countries where there is good possibility that : this ip is being used. For example if some ip block is allocated by : ARIN to ISP in US and there is futher subdeligation (SWIP) from there to : another entity in Canada - then there are two possibilities: : 1. ISP is providing direct dedicated connectivity to that company's : office in Canada : 2. ISP is providing colo space or dedicated server to company from Canada : but this actual server is still in US : Just by looking at whois data I can not reliably tell which of the above : is true. You're still not thinking globally. Extend the above to cover the whole planet, then, for that small percentage of networks that are truly global the ip to country (or even continent) mapping ceases to have meaning unless those networks deaggregate their CIDR block and advertise them regionally. : changing reverse???), neither do ASNs have exact country correspondence as : in many cases same AS numbers are used by ISPs for providing connectivity : both for their customers in one country and in another. This is especially true in places like Europe where the countries are small. The mapping really breaks down there. : Yet another way to use network connectivity data and not rely on what ISPs : tells you, might be something like GPS where test servers try to get to : the same ip from different locations and measure TTL of the packet : (response latency) - this way may help locate exact region where : server is based. This method would work very well if only we were all : on the same homogeneous network. But real structure of the net has many : many networks and that ISPs don't always exchange traffic in the same : city or region even if traffic originates and ends there and that even for : the same network within same ISP, packet may not necesserily take : "geographically shortest" path and ISP may want to reroute it more. : However if several sources are matched and they are all exact, there is : pretty good guess ip block is being used in that country (minor issues like I have one advertisement (roughly) and it is announced globally. I have servers geographically dispersed around the globe. So what country or continent is my network located in??? You can't even do traceroutes or whatever. Think GLOBAL... We liked to call our network a PAN (Planetary Area Network) : would prefer to put such ip block in multiple country lists. However I'm : afraid that if such lists I are then made publicly available then they : will be used by people who want to block entire countries and they will : not care if there is only 50% chance ip is actually used in that country. This can work if the CIDR block is cut up into many smaller chunks and advertised in various regions. Unfortunately, many large networks now do this table-bloating advertisement of large numbers of small subnets which could be easily aggregated. So, more and more, your need to map IP block to country will be easier to do. scott On Tue, 10 Feb 2004, william<at>elan.net wrote: : On Tue, 10 Feb 2004, Scott Weeks wrote: : : > : exist in. I know it isn't an exact science but something close would : > : be nice. I know 210/8 & 211/8 are APNIC, I likes to know stuff like : : > This only works for a certain percentage of networks. Most likely a : > higher percentage post tech bubble collapse. I used to work for a company : > that had 167.216.128.0/17 and we announced that globally. So you couldn't : > say 167.216.128.0/17 was in the US (or even NA) as it'd appear from ARIN : > or other data sources. : : That is quite correct. Simply taking ips as reported by RIR in statistic : files or as seen in whois as allocated/assigned by RIRs does not provide : a real view of how ips are used and in what country and I do not believe : such list is sufficient - that is the reason why the current list of ips : I mentioned that is available at completewhois is considered to be an : alpha stage project - it is not alpha stage in the way that I have not : developed system for producing such list from RIR data (I do have necessary : tools and scripts and it works just fine), its just that its not sufficiently : exact for real life use as identification of ip to country. : : I'm however pursuing this issue futher and see it as that rather then : developing this into one-one relationship between ip and country, it might : be better provide several countries where there is good possibility that : this ip is being used. For example if some ip block is allocated by : ARIN to ISP in US and there is futher subdeligation (SWIP) from there to : another entity in Canada - then there are two possibilities: : 1. ISP is providing direct dedicated connectivity to that company's : office in Canada : 2. ISP is providing colo space or dedicated server to company from Canada : but this actual server is still in US : Just by looking at whois data I can not reliably tell which of the above : is true. : : Other ways to determine where ip blocks are used are based on real-time : routing data either on BGP or traceroutes. Neither one is sufficiently : good however as traceroutes can be faked and in reality many methods : with traceroutes depend too much on reverse dns name of the router (so : any ISP can "claim" to have the router anywhere else in the world just by : changing reverse???), neither do ASNs have exact country correspondence as : in many cases same AS numbers are used by ISPs for providing connectivity : both for their customers in one country and in another. : : Yet another way to use network connectivity data and not rely on what ISPs : tells you, might be something like GPS where test servers try to get to : the same ip from different locations and measure TTL of the packet : (response latency) - this way may help locate exact region where : server is based. This method would work very well if only we were all : on the same homogeneous network. But real structure of the net has many : many networks and that ISPs don't always exchange traffic in the same : city or region even if traffic originates and ends there and that even for : the same network within same ISP, packet may not necesserily take : "geographically shortest" path and ISP may want to reroute it more. : : However if several sources are matched and they are all exact, there is : pretty good guess ip block is being used in that country (minor issues like : VPN aside - if somebody is using VPN, they are in effect putting themselve : in different location and should be treated as somebody from that location). : However when things don't match and there are several possibilities, I : would prefer to put such ip block in multiple country lists. However I'm : afraid that if such lists I are then made publicly available then they : will be used by people who want to block entire countries and they will : not care if there is only 50% chance ip is actually used in that country. : The only choice left is to report only some ip blocks and leave the rest : in certain large data file listing all possibilities and this file (may : not be one file, but anyway) is sufficiently different to parse that people : will not easily use it, while applications (like providing statistics on : visitors to your website) could still use it and treat those blocks : specifically unique in a way as not to emphasise any one country. : : -- : William Leibzon : Elan Networks : [email protected] : :
|