nanog mailing list archives

Re: Reliable GeoIP database

From: "Brandon Z." <Brandon () huize asia>
Date: Wed, 5 Feb 2025 20:25:16 +0300

Sometimes it just because they have to announce to another region without
changing IRR.

They are a lot of geolocation database, but only ipip and ipinfo can
correct the geolocation based on BGP routing information.

I'm assuming ipinfo is doing some scan, if the subnet have too many open 22
or 443 they would category as hosting.

And maybe they have a node in different regions, and they use icmp to
detect the location.


But I think it is based on the BGP route mostly.

*Brandon Z.*
HUIZE LTD
www.huize.asia  <https://huize.asia/>| www.ixp.su | Twitter

This e-mail and any attachments or any reproduction of this e-mail in
whatever manner are confidential and for the use of the addressee(s) only.
HUIZE LTD can’t take any liability and guarantee of the text of the email
message and virus.


On Mon, 3 Feb 2025 at 21:42, Jon Lewis <jlewis () lewis org> wrote:

On Mon, 3 Feb 2025, Scott Q. wrote:

What are you guys using as a reliable GeoIP database ? I've tried

Maxmind and a few others, also checking against ARIN but there's tons of

differences.

For example: 1.2.9.0/24 . ARIN says it belongs to China Telecom but

others say it's part of Russia: https://ipregistry.co/1.2.9.0


How to handle such cases ?


The trouble with all the IP Geo providers is they're selling data based
on:

1) Assumptions
2) Unmaintained data
3) Stale data

RIR records are notorious for being unmaintained (by the member...I'm not
blaming ARIN/RIPE/etc.).  Same goes for rDNS...again, because the owner of
the space doesn't care enough to keep it up to date...because it's not
generally of operational importance to them.

Some networks will publish geofeeds, but getting all the IP Geo providers
to consume those is like herding invisible cats.

And don't get me started on end-users who consume data from an IP Geo
provider and "set and forget" it...ending up with years old data, based on
which they deny network or website access.

----------------------------------------------------------------------
  Jon Lewis, MCP :)              |  I route
  Blue Stream Fiber, Sr. Neteng  |  therefore you are
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________

Current thread:

Reliable GeoIP database Scott Q. (Feb 03)
- Re: Reliable GeoIP database Siyuan Miao via NANOG (Feb 03)
- Re: Reliable GeoIP database Niels Bakker (Feb 03)
- Re: Reliable GeoIP database Serhii via NANOG (Feb 03)
- Re: Reliable GeoIP database Dmitriy A. (Feb 03)
  - Re: Reliable GeoIP database Dan Snyder (Feb 03)
    - Re: Reliable GeoIP database Alex Buie (Feb 03)
    - Re: Reliable GeoIP database joel (Feb 03)
- Re: Reliable GeoIP database Jon Lewis (Feb 03)
  - Re: Reliable GeoIP database Brandon Z. (Feb 05)