Understand the workings and limitations of IP geolocation technology. The presentation covers how IP geolocation providers use various publicly available data to identify a location of an IP address. It also covers various limitations of the data sources and comparisons.
The presentation covers the basics of packet forwarding and simplified architecture of the router. Additionally it explains what problem Cisco Express Forwarding (CEF) solves and how. At the end static routing is covered.
Delivered by Dmitry Figol, CCIE R&S #53592.
According to GSMA, 5G to account for 15% of the global mobile industry by 2025 as 5G network launches accelerate. 5G is on track to account for 15% of global mobile connections by 2025, as the number of 5G network launches and compatible devices ramps up in 2019, according to a new GSMA report. Let us look at the supporting technologies for 5G and the widespread applications of 5G across multiple industries.
In this webinar, we cover how Border Gateway Protocol works. Starting from key concepts, you'll learn about Autonomous Systems, the BGP protocol, AS Path, learning and advertising routes, RIBs and route selection. See the webinar recording at https://www.thousandeyes.com/webinars/how-bgp-works
The presentation covers the basics of packet forwarding and simplified architecture of the router. Additionally it explains what problem Cisco Express Forwarding (CEF) solves and how. At the end static routing is covered.
Delivered by Dmitry Figol, CCIE R&S #53592.
According to GSMA, 5G to account for 15% of the global mobile industry by 2025 as 5G network launches accelerate. 5G is on track to account for 15% of global mobile connections by 2025, as the number of 5G network launches and compatible devices ramps up in 2019, according to a new GSMA report. Let us look at the supporting technologies for 5G and the widespread applications of 5G across multiple industries.
In this webinar, we cover how Border Gateway Protocol works. Starting from key concepts, you'll learn about Autonomous Systems, the BGP protocol, AS Path, learning and advertising routes, RIBs and route selection. See the webinar recording at https://www.thousandeyes.com/webinars/how-bgp-works
Overview of the MPLS backbone transmission technology.
MPLS (MultiProtocol Layer Switching) is a layer 2.5 technology that combines the virtues of IP routing and fast layer 2 packet switching.
IP packet forwarding is not suited for high-speed forwarding due to the need to evaluate multiple routes for each IP packet in order to find the optimal route, i.e. the route with the longest prefix match.
However, Internet Protocol routing provides global reachability through the IP address and through IP routing protocols like BGP or OSPF.
Layer 2 packet switching has complementary characteristics in that it does not provide global reachability through globally unique addresses but allows fast packet forwarding in hardware through the use of small and direct layer 2 lookup addresses.
MPLS combines IP routing and layer 2 switching by establishing layer 2 forwarding paths based on routes received through IP routing protocols like BGP or OSPF.
Thus the control plane of an MPLS capable device establishes layer 2 forwarding paths while the data plane then performs packet forwarding, often in hardware.
MPLS is not a layer 2 technology itself, i.e. it does not define a layer 2 protocol but rather makes use of existing layer 2 technologies like Ethernet, ATM or Frame Relay.
Provides an overview of the GTP protocol. Tutorial video at: https://www.youtube.com/watch?v=FPfExr9bEEg&index=9&list=PLgQvzsPaZX_bimBc5Wu4m6-cVD4bZDav9&t=1s
The modern communication system is aimed to reach the real world one environment from virtual world via connecting resources of one with another through social network system. The communication process is aggravated various infrastructural development to reach in this current level such as 3G and 4G communication system.
The term 4G is used by several types of broadband wireless access communication systems, not only cellular telephone systems. One of the terms used to describe 4G is MAGIC—Mobile multimedia, anytime anywhere, Global mobility support, integrated wireless solution, and customized personal service. As a promise for the future, 4G
systems, that is, cellular broadband wireless access systems have been attracting much interest in the mobile communication arena. The 4G systems not only will support the next generation of mobile service, but also will support the fixed wireless networks. This article presents an overall vision of the 4G features, framework, and integration of mobile communication.
WiFi 7 Training, Improved Latency, Introduction to 802.11beBryan Len
802.11be improvement. 802.11be training, known as WiFi 7.
It is the next noteworthy milestone in the Wi-Fi long-term success story what provides with extremely high throughput and compatible to real-time applications.
Watch the video https://www.youtube.com/watch?v=o-pILzlhP3I
The main features of 802.11be are:
320 MHz bandwidth
Multi-band/multi-channel aggregation
16 spatial streams and Multiple Input
Multiple Output (MIMO) protocols enhancements,
Multi-Access Point (AP) Coordination
Enhanced link adaptation
Adaptation to regulatory rules specific to 6 GHz spectrum,
Integrating Time-Sensitive Networking (TSN) extensions for low-latency real-time traffic (IEEE 802.11aa).
More…
Course outline:
Overview of Wi-Fi Evolution
New Features in Wi-Fi 7
Wi-Fi CERTIFIED 6™
Wi-Fi CERTIFIED 6E
Overview of a WiFi 6E Certified Product Example (Wi-Fi Alliance)
WiFi 6E Security
Overview of Wi-Fi 7
Advanced PHY Techniques Improving Spectrum Efficiency
Introduction to 802.11be, WiFi 7 Training
https://www.tonex.com/training-courses/introduction-to-802-11be-wifi-7-training/
Presented by Pierre-Olivier Vauboin & Alexandre De Oliveira at Hackito Ergo Sum 2014
http://2014.hackitoergosum.org/
Mobile telecommunication networks are complex and provide a wide range of services, making them a tempting target for fraudsters and for intelligence agencies. Moreover, the architecture, equipment and protocols used on these networks were never designed with security in mind, availability being the first concern. Today, even though some telecom operators are investing money into securing their network, events confirm that for most of them maturity in term of security is yet to come, as recently shown with the example of massive traffic interception on compromised SCCP and GRX providers like Belgacom’s BICS. Here we present the most typical and legitimate telecom callflows from making a mobile phone call to sending a SMS. Then we describe the protocol layers involved and how to abuse them, which fields can be manipulated in order to attack both the operator infrastructure and its subscribers. Finally, we show a real life example of scan performed from an international SS7 interconnection and practical attacks on subscribers such as spam, spoofed SMS and user location tracking.
Software Defined Networking - Huawei, June 2017Novosco
An overview of Huawei Cloud Campus Networks and Software Defined Networking. Presented at Novosco's Network and Infrastructure event, Dublin, June 2017.
The Connection Between Geolocation and IPv4 Addresses | How to Get IPv4 | IPv...IPv4Mall
Will someone be able to find your general area or city using your IP address? IPv4Mall will help you in knowing more about the connection between geolocation and IPv4 address. For more details, visit https://www.ipv4mall.com/.
Unlocking the Power of Data: ipinfo.info's Revolutionary Approach to IP Addre...johnmillerus7
Dive into how ipinfo.info is reshaping the landscape of IP address tracking and analysis, offering cutting-edge tools and insights for businesses and individuals alike.
For more visit : https://ipinfo.info/
Overview of the MPLS backbone transmission technology.
MPLS (MultiProtocol Layer Switching) is a layer 2.5 technology that combines the virtues of IP routing and fast layer 2 packet switching.
IP packet forwarding is not suited for high-speed forwarding due to the need to evaluate multiple routes for each IP packet in order to find the optimal route, i.e. the route with the longest prefix match.
However, Internet Protocol routing provides global reachability through the IP address and through IP routing protocols like BGP or OSPF.
Layer 2 packet switching has complementary characteristics in that it does not provide global reachability through globally unique addresses but allows fast packet forwarding in hardware through the use of small and direct layer 2 lookup addresses.
MPLS combines IP routing and layer 2 switching by establishing layer 2 forwarding paths based on routes received through IP routing protocols like BGP or OSPF.
Thus the control plane of an MPLS capable device establishes layer 2 forwarding paths while the data plane then performs packet forwarding, often in hardware.
MPLS is not a layer 2 technology itself, i.e. it does not define a layer 2 protocol but rather makes use of existing layer 2 technologies like Ethernet, ATM or Frame Relay.
Provides an overview of the GTP protocol. Tutorial video at: https://www.youtube.com/watch?v=FPfExr9bEEg&index=9&list=PLgQvzsPaZX_bimBc5Wu4m6-cVD4bZDav9&t=1s
The modern communication system is aimed to reach the real world one environment from virtual world via connecting resources of one with another through social network system. The communication process is aggravated various infrastructural development to reach in this current level such as 3G and 4G communication system.
The term 4G is used by several types of broadband wireless access communication systems, not only cellular telephone systems. One of the terms used to describe 4G is MAGIC—Mobile multimedia, anytime anywhere, Global mobility support, integrated wireless solution, and customized personal service. As a promise for the future, 4G
systems, that is, cellular broadband wireless access systems have been attracting much interest in the mobile communication arena. The 4G systems not only will support the next generation of mobile service, but also will support the fixed wireless networks. This article presents an overall vision of the 4G features, framework, and integration of mobile communication.
WiFi 7 Training, Improved Latency, Introduction to 802.11beBryan Len
802.11be improvement. 802.11be training, known as WiFi 7.
It is the next noteworthy milestone in the Wi-Fi long-term success story what provides with extremely high throughput and compatible to real-time applications.
Watch the video https://www.youtube.com/watch?v=o-pILzlhP3I
The main features of 802.11be are:
320 MHz bandwidth
Multi-band/multi-channel aggregation
16 spatial streams and Multiple Input
Multiple Output (MIMO) protocols enhancements,
Multi-Access Point (AP) Coordination
Enhanced link adaptation
Adaptation to regulatory rules specific to 6 GHz spectrum,
Integrating Time-Sensitive Networking (TSN) extensions for low-latency real-time traffic (IEEE 802.11aa).
More…
Course outline:
Overview of Wi-Fi Evolution
New Features in Wi-Fi 7
Wi-Fi CERTIFIED 6™
Wi-Fi CERTIFIED 6E
Overview of a WiFi 6E Certified Product Example (Wi-Fi Alliance)
WiFi 6E Security
Overview of Wi-Fi 7
Advanced PHY Techniques Improving Spectrum Efficiency
Introduction to 802.11be, WiFi 7 Training
https://www.tonex.com/training-courses/introduction-to-802-11be-wifi-7-training/
Presented by Pierre-Olivier Vauboin & Alexandre De Oliveira at Hackito Ergo Sum 2014
http://2014.hackitoergosum.org/
Mobile telecommunication networks are complex and provide a wide range of services, making them a tempting target for fraudsters and for intelligence agencies. Moreover, the architecture, equipment and protocols used on these networks were never designed with security in mind, availability being the first concern. Today, even though some telecom operators are investing money into securing their network, events confirm that for most of them maturity in term of security is yet to come, as recently shown with the example of massive traffic interception on compromised SCCP and GRX providers like Belgacom’s BICS. Here we present the most typical and legitimate telecom callflows from making a mobile phone call to sending a SMS. Then we describe the protocol layers involved and how to abuse them, which fields can be manipulated in order to attack both the operator infrastructure and its subscribers. Finally, we show a real life example of scan performed from an international SS7 interconnection and practical attacks on subscribers such as spam, spoofed SMS and user location tracking.
Software Defined Networking - Huawei, June 2017Novosco
An overview of Huawei Cloud Campus Networks and Software Defined Networking. Presented at Novosco's Network and Infrastructure event, Dublin, June 2017.
The Connection Between Geolocation and IPv4 Addresses | How to Get IPv4 | IPv...IPv4Mall
Will someone be able to find your general area or city using your IP address? IPv4Mall will help you in knowing more about the connection between geolocation and IPv4 address. For more details, visit https://www.ipv4mall.com/.
Unlocking the Power of Data: ipinfo.info's Revolutionary Approach to IP Addre...johnmillerus7
Dive into how ipinfo.info is reshaping the landscape of IP address tracking and analysis, offering cutting-edge tools and insights for businesses and individuals alike.
For more visit : https://ipinfo.info/
A Comprehensive Guide Unlocking the Power of IP Geolocation API 2024.pdfmirza1naeem
In the vast expanse of the digital realm, the IP Geolocation API stands as a beacon of technological advancement, offering a window into the geographic origins of online entities. This sophisticated tool serves as a pivotal asset for businesses, cybersecurity measures, and user-centric experiences by providing invaluable insights into the location associated with an IP address.
DELVING INTO THE WORKINGS OF IP GEOLOCATION API
At the core of the IP Geolocation API lies a complex web of algorithms and data sources that work in tandem to decipher the geographical coordinates, including longitude and latitude, linked to an IP address. Through this intricate process, businesses can glean essential information about their target demographics, tailor marketing strategies based on location-specific data, and fortify their cybersecurity measures by discerning the origins of online activities.
MULTI-FACETED APPLICATIONS ACROSS INDUSTRIES
The versatility of the IP Geolocation API transcends industry boundaries, finding utility in a spectrum of sectors ranging from e-commerce to cybersecurity. In the realm of e-commerce, businesses leverage this technology to personalize product recommendations, enhance user engagement, and drive conversions by delivering content tailored to the user's geographical location. On the cybersecurity front, the API plays a pivotal role in detecting and mitigating threats by analyzing the geographic patterns of malicious activities.
ELEVATING USER ENGAGEMENT AND EXPERIENCE
By harnessing the capabilities of the IP Geolocation API, organizations can elevate user interactions and craft personalized experiences that resonate with their audience. Through targeted advertising campaigns that take into account user locations, businesses can optimize their marketing efforts, increase relevance, and drive higher conversion rates. Furthermore, by optimizing website performance based on regional preferences, companies can enhance user satisfaction and foster long-term loyalty.
EMBRACING INNOVATION FOR THE FUTURE
As technology continues to evolve at a rapid pace, the IP Geolocation API stands at the forefront of digital innovation, poised to reshape the landscape of online interactions and location-based services. With advancements in real-time tracking and enhanced accuracy in location data, this API paves the way for a future where personalized marketing, robust cybersecurity measures, and tailored user experiences are paramount. Embracing the potential of the IP Geolocation API opens doors to a new era of digital strategies that prioritize relevance, security, and user-centricity.
Finding An IP Address on Your Network | IP Address Buyer | How to Sell IP Add...IPv4Mall
To know the right way to discover IP addresses on networks is the first stage of effective IP address management. To know more about it, visit https://www.ipv4mall.com/.
Computer networks are a fundamental aspect of modern technology, enabling computers to communicate and share information with one another. This presentation will provide an overview of computer networks, covering topics such as network architecture, network topologies, network protocols, and network security. Participants will learn about different types of networks, such as LANs (Local Area Networks), WANs (Wide Area Networks), and the Internet. We will also discuss the different components of a network, including routers, switches, and servers, as well as the protocols used to transmit data across networks. Additionally, the presentation will cover topics related to network security, including firewalls, intrusion detection and prevention, and encryption. By the end of the presentation, participants will have a solid understanding of computer networks and the role they play in modern computing.
Leantegra is a global provider of location-based services including Real-Time Location System, Proximity Marketing and Location Analytics for asset and personnel tracking, as well enabling scenarios of learning customers behavior and engage with them.
This short presentation features one solution of Leantegra CVO Platform. Find out what you can do with real-time location data and how it will improve your business.
How to know my ip address with iplogger.orgiploggers
The internet is a big phenomenon in today’s world and an IP address allows the computers to connect with other devices over the internet. Let us take an example to understand the phenomenon.
The Registration and Allocation of IPv4 Addresses | Buy IPv4 Address Block | ...IPv4Mall
Are you aware of the exact steps that have to be followed by RIR's to manage and allocate IPv4 addresses? IPv4Mall can help you with it. For more details, visit https://www.ipv4mall.com/.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
2. Let's start with..
What is an
IP Address?
An Internet Protocol address (IP address) is a numerical label assigned
to each device connected to a computer network. This numerical label
is used to identify these devices, allowing for direct communication.
The public internet operates with the same principles. When a device
connects to the internet it utilises a globally unique IP address to
ensure both inbound and outbound communication is delivered
correctly.
In this context, the IP address acts in a similar way to a postal address
used to deliver conventional mail. However, unlike the postal address,
an IP address does not have an intrinsic location and does not expose
any geographical properties. This is why you cannot determine the
location of a device by its IP address alone.
3. IP Geolocation is an essential technology that overcomes this
limitation to help organisations identify the location of their customers
based on their IP addresses.
Organisations such as online service operators, financial institutions,
search engines, ad agencies and any business offering an online
shopping/e-commerce experience are able to provide their customers
with the best products and services available in their region with IP
geolocation technology.
This IP Geolocation service is also crucial for preventing online fraud,
managing digital rights, and serving targeted marketing material and
pricing.
So..
What is an
IP Geolocation?
4. If you wonder where your online customers are coming from or wish to
customise your clients’ online experience based on their location, you are
likely familiar with various commercial IP Geolocation services, ranging
from free to highly-priced to enterprise-only. Most of these providers
declare superior accuracy, although show little transparency on the
methodology, and present scarce evidence to support their claimed
accuracy.
In general, validation of the accuracy of an IP Geolocation service is
challenging and requires a large pool of ground-truth data (i.e. vast
numbers of IP addresses from known locations). This data is generally
collected from all active ISPs/AS’ and is required to be random, spread over
various geographical regions. In reality, such data is generally not available,
in which case any claimed IP Geolocation accuracy without full
transparency is questionable.
For in-depth understanding, check our blog post:
How accurate can IP Geolocation get?
But..
How accurate is
IP Geolocation?
6. 26 Million
Link: https://www.iana.org/
Due to the global uniqueness requirement of IP
Addresses across both protocols, the global IP
address space allocation is heavily regulated.
51 Million
Let's understand..
How IP addresses are distributed.
The IPv4 protocol uses 32-bit addresses which makes
the maximum theoretical address space limited to
4,294,967,296 (2^32) IP addresses. IPv6, the next-
generation protocol, utilises 128-bit addresses which
makes the pool considerably larger, but still limited.
IANA – ‘The internet Assigned Numbers Authority is a function of
ICANN, a nonprofit private American corporation that oversees
global IP address allocation, autonomous system number
allocation, root zone management in the Domain Name System,
media types, and other internet Protocol-related symbols and
internet numbers.’ (source: Wikipedia).
7. AFRINIC for Africa Region
APNIC for Asia/Pacific Region
ARIN for Canada, USA, and some Caribbean Islands
LACNIC for Latin America and some Caribbean Islands
RIPE NCC for Europe, the Middle East, and Central
Asia
IANA is responsible for the allocation of large IP address
space blocks to the Regional Internet Registries (RIRs):
RIRs, in turn, delegate a portion of their allocated address
space to Local Internet Registries (LIRs), e.g. APNIC
delegates to the Japan Network Information Center
(JPNIC). All registries both regional and local allocate their
remaining available address space to organisations seeking
to utilise it on the public internet.
More about..
IANA Internet Assigned Numbers Authority
ARIN
RIPE NCC
AFRINIC APNIC
LACNIC
9. Business entities (or autonomous networks) that are assigned IP
address space for their own use are called Autonomous Systems (AS).
They must first register as an AS, receiving a globally-unique
Autonomous System Number (ASN) which can then be used to identify
them.
The Internet Service Provider (ISP) is the most typical example of an
AS operator, but it is not the only one. Virtually, any organisation
seeking to use their own IP addresses on the internet qualifies as an
AS. It is a common occurrence that AS entities liberally use their
allocated IP space in any manner they wish, and more importantly, in
any geographical location they like. They can allocate it to any AS
entity/network within the same enterprise regardless of global
location or even sublease it to a completely unrelated, geographically
remote entity. Despite existing regulations, there is no way to restrict
allocated IP address space geographically.
Let's talk about..
Autonomous
Systems (AS)
10. Therefore, the only ultimately accurate IP Geolocation data is that
which is made available by AS operators, who are the only ones who
confidently know how and where their IP addresses are utilised. AS,
however, are not obliged to share their internal data with any other
entity, except for law enforcement agencies within the determined
jurisdiction boundaries.
Existing commercial IP Geolocation service providers do not have
access to AS internal data. Some of these service providers claim they
have integrated services with ISPs or receive data directly from ISPs.
Considering there is more than 80,000 registered ASs, of which more
than 60,000 are active at any one time (active ASNs ranked list), it is
largely impractical to form commercial relationships with all.
Receiving the data from a small number of local ISPs may improve
regional geolocation accuracy to a minor extent but is not sufficient on
a global scale.
The Ultimate Data
Source?
11. WHERE DO IP GEOLOCATION
SERVICE PROVIDERS GET
THEIR DATA?
Assuming that the existing IP Geolocation services do not have access to the
Autonomous Systems’ internal data, they cannot be confident regarding the
actual geographical location of the routable IP addresses.
So, where are they getting their geolocation data from?
12. 1 2 3 4 5
WhoIs Data
WhoIs database is
nourished by Regional
and Local internet
Registry organisations
(RIR/LIR) that are
obligated to keep their
registration records
public.
BGP Data
The Border Gateway
Protocol (BGP) is a global
internet address routing
directory.
Field evidence
There are many
additional data sources
that can be utilised for IP
geolocation which qualify
as field evidence data.
Eg: data received from
user using GPS-enabled
device.
Scientific data
These are scientifically
derived data from
calculations such as time-
delay to distance
conversions and others.
Reverse DNS
The method is based on
DNS records (textual
name of the public
internet addresses).
IP Geolocation Data Sources
13. WhoIs Data
WhoIs is by far the most common source of geolocation data. WhoIs
database is nourished by Regional and Local internet Registry organisations
(RIR/LIR) that are obligated to keep their registration records public.
This information discloses all IP addresses registered for each entity they
belong to, including independent organisations or ISPs. IP Geolocation
service vendors can obtain this registry data using RIR websites and APIs or
can request bulk access to the data.
Example site:
What is WhoIs Data?
14. WhoIs Data
This data is usually updated on a daily basis and include a set of
registration data. This registration data contains the IP address block
records and which organisations they are registered under.
It may additionally contain a street address or the network location
coordinates, although none of the geographical properties is
mandatory.
Furthermore, these records are maintained by the registered party
and are not validated by any external body. This means the accuracy
of the data is questionable even when it is made available.
Screenshot of example WhoIs data from ARIN's website.
What data is available?
15. WhoIs Data
There are around 10 million records in the global WhoIs database for IPv4
alone, some of which can serve as a very accurate IP Geolocation source.
For example, a small internet Cafe with a static IP address (or a small range
of addresses) used on-premises and recorded into the RIR database inclusive
of its physical address. This scenario exposes accurate geolocation
information with a precision up to a street address. In most cases, when an
organisation reports incorrect or outdated information, or outsources the
registered address blocks to another party, the records will not reveal the IP
usage location.
Therefore, IP Geolocation based on WhoIs database only is largely inaccurate
as whole.
How accurate is WhoIs Data?
16. BGP Data
The Border Gateway Protocol (BGP) is a global internet address
routing directory. This is a standardised exterior gateway protocol
to exchange routing information amongst active Autonomous
Systems (AS) on the internet. BGP involves the announcement of
preferred pathways and direction of internet address blocks
(prefixes).
When an AS entity wishes to use an IP address range on the public
internet, it has to ‘announce’ it to the closest peers. In simple
words, it sends the announcement that means: “I’m responsible for
that range (prefix), so whoever wishes to communicate with a
device in that range, direct the communication through me”.
This announcement eventually propagates across all other peers
worldwide to inform them on how to send traffic to that IP address
range if required.
For instance, if I need to send a packet to destination ‘A’, but I only
know host ‘C’ and can forward traffic to it. The packet will still reach
the desired destination ‘A’ if ‘C’ knows ‘A’ either directly or via other
intermediate peers. In a nutshell, this is how global internet
connectivity works.
What is BGP Data?
A
B
C
17. BGP Data
Now, how this can be helpful for IP Geolocation? Firstly, unlike the
WhoIs data which shows the organisation registered against a
particular IP address block, BGP data can reveal who is actually
using it. This is not always the same enterprise entity as we
discussed above.
If, for example, we witness a block registered with ARIN for an
American company with a US street address, but is being used by
AS registered with RIPE in Turkey, this suggests that the IP block is
likely being used in Turkey, which improves geolocation. Secondly,
the BGP data can also reveal what addresses are not used at all, an
unannounced space, with which a geolocation process should not
even be attempted.
How is BGP Data used for IP
geolocation?
18. BGP Data
The IP address is not a physical object in a physical location. It is simply a
numerical label that can be allocated and unallocated from individual
devices or networks. There is no way we can geolocate a label that is not in
use (allocated). Therefore, when your IP Geolocation service provider
states it can geolocate 100% of the address space, please interpret this
with caution as it can only geolocate the announced (routable) space at
most. The routable space for IPv4 can be monitored on the IPv4 Address
Space Report.
Some other usages of BGP data rely on the assumption that IP addresses
belonging to certain prefixes are meant to share geographical proximity.
This, however, does not always hold true. Prefixes tend to aggregate along
the way and may include a cluster of several smaller prefixes that originate
from different regions.
Coverage of IP geolocation service?
19. eCommerce originated data sources/feeds, such as billing/shipping address of
the customer when combined with an IP address used for the transaction;
IoT devices with known locations and IP addresses and device pools, either
publicly available or proprietary, for example, the RIPE ATLAS project; and
voluntarily or commercially obtained geolocation data feeds such as Self-
published IP Geolocation Data.
There are many additional data sources that can be utilised for IP geolocation
which qualify as field evidence data. The best example is the data received directly
from users or submitted using GPS-enabled devices, such as mobile phones or
tablets. This data can reveal the alleged geographical coordinates of a device using
a public IP address and can serve as empirical evidence or ground-truth data for
that particular IP address at that particular moment in time.
Other sources include:
Field evidence data
What is Field Evidence Data?
20. Field evidence data
The data is always limited, as it is impractical for one entity
to access all internet-connected devices around the world.
This method identifies IP location at a specific point in time
only, and is prone to errors. Not everything can be trusted
as pure and reliable evidence. Device misconfiguration or
faults and network redirections such as VPN or PROXYs
along the way are some of many data inaccuracy scenarios
that can occur during the data collection process.
There are 2 important principles associated with the field
evidence IP Geolocation data:
Limitation of Field Evidence Data.
21. Scientific data
Over the years, many attempts have been made to introduce an
additional active measurement approach to IP Geolocation solutions.
Most of these approaches come from the research on time-delay to
distance conversions, such as triangulation, down to the closest point
of presence (POP) of network interfaces (routers).
However, global network traffic interfaces (public routers) are
complex, with the assumption that time-delay between two
consecutive interfaces is proportional to the physical distance
between them is incorrect.
What is Scientific Data?
22. Scientific data
Some large ISPs make their internal subnets hidden. Therefore, many
intermediate nodes are not publicly visible and cannot be accounted
for.
Practical network considerations are based on ‘least cost’ routing,
which is different from a common academic assumption of the shortest
one.
Due to Quality of Service (QoS) considerations, some network
interfaces can also be programmed to artificially delay non-productive
traffic.
Therefore, the relation between time-delay and distance is inconsistent and
cannot lay the foundation for overarching principles. To date, none of the
methods based on time-delay triangulation theory has been introduced
into the service and is unlikely to emerge for global commercial
implementation.
Limitations of Scientific Data.
23. The Domain Name System (DNS) is the phonebook of the internet. Usually, DNS is
used to translate a domain name to an IP address, so the browsers can load
Internet resources. However, it can also work in reverse order, you can query DNS
about what domain name record is attached to an IP address.
This textual record associated with an IP address is not mandatory. It is hardly of
any utility when the address is not involved in publishing internet services or
consumable material. However, some ISPs may use this textual tagging opportunity
to mark their IP addresses for some internal purposes.
Some of the DNS entries can be potentially used to reveal geographical properties.
For example, if the target address or the last router along the way is listed on
DNS as an entry: p1-0-0.sanjose1.br2.bbnplanet.net, it suggests that the IP
address is likely located in San Jose, California. This method shows an add-on
benefit for locating areas with interpretable DNS names.
Reverse DNS data
What is Reverse DNS data?
The only known commercially utilised scientific approach
has been introduced by Digital Envoy, Inc, protected by
US patent (6,757,740) granted in 2004. The method is
based on DNS records (textual name of the public
internet addresses) and crawling (tracert) to the closest
router in an attempt to identify the city and country of
the host.
24. Reverse DNS data
Many interfaces do not have an assigned DNS name;
The misnaming of an interface results in incorrect location;
City names can often be repetitive across different countries or
territories, i.e. San Jose City can also be found in both Costa Rica
and in California, US;
The lack of universally accepted rules and naming regulations
means records require manual processing, which is time-
consuming and prone to errors.
Unfortunately, the reverse DNS-based approach suffers from several
limitations:
1.
2.
3.
4.
Limitation of Reverse DNS data?
25. THE ART OF GUESSING
The IP Geolocation service providers can obtain their data from multiple
sources, although none can serve as an ultimate and undoubtable source of
truth. When data is mutually supportive, i.e. multiple sources indicate the very
same location for an IP address, it is a no brainer. Often, however, the data
received is very controversial, and this is where the tricky part lies.
We frequently hear people say that IP Geolocation is part science, part art.
Well, here is the art part. The art of guessing! Let’s try to see what your
average IP Geolocation service provider is dealing with.
26. Imagine we’ve got the field evidence, such as a user-submitted data sample,
suggesting that the IP address X.X.X.5 was used today somewhere in
Manhattan, in the centre of New York City, NY, US.
The WhoIs data for that address reveals that the block X.X.X.0 - X.X.X.255
(where the above-mentioned address belongs to) is registered for a business
‘Y’ located in Ontario, California, US.
The BGP data suggests that that address has been announced by an AS
entity ‘D’, registered as operated from Austin, Texas, US. And the prefix
size was /22 (1024 hosts).
So, where is the actual location? Can one say that X.X.X.0 - X.X.X.255
block is located in NY?
Or maybe even entire /22 prefix is in NY too?
Maybe the X.X.X.5 is the only one in NY and others are not even close?
Or maybe the sample data we’ve got is wrong and the actual location for all
is in Ontario, California or even Texas?
1.
2.
3.
The final conclusion depends on which data source can be trusted the most.
Considering there are limited tools to prioritise data sources, the existing IP
Geolocation service providers often end up guessing.
Their motto: Any guess is a good guess!
Challenges with..
IP Geolocation
27. 26 Million
51 Million
Further analysis
If we happen to obtain more evidence data points from nearby address entries,
it would likely improve our confidence, but only if the data support one of the
leading guess options.
However, if the data is controversial, it can make geolocation estimation
extremely challenging. What if we have further evidence from address
X.X.X.128 from Toronto, Canada, dated just a couple of days before? Would
this address have moved from Canada to the US recently or just a part of the
block or are we facing an error somewhere?
This is another complex issue – data granulation. IP addresses are usually
deployed in blocks. The larger blocks are better for global routing. If blocks
are too small, the world’s routing table substantially expands and the routers
can eventually face memory overflow errors. Therefore, IP Geolocation
services can logically assume that some consecutive sequences of IP addresses
are likely to share reasonable geographical proximity.
Challenges with data sources
28. 26 Million
51 Million
Further analysis
DNS entries are not always available or can be wrong.
Traceroute does not always reveal all the hosts in the delivery path, as some are
simply do not respond to ICMP requests.
Perfect host correlation is not always possible, as network routers often use several IP
address ports for the same router device. They may appear different on a traceroute
but in reality are the same, which may also lead to an error.
However, defining the actual block IP address boundaries can be tricky and often involves
a series of educated guesses which may require intervention from the human operators.
For example, one can find similarities in the reverse DNS entries for the block member
addresses that possibly suggest the same network. Also, IP addresses can be tracerouted
while looking for correlations between the host IP addresses that participate in the packet
delivery.
Whichever way is chosen, it is commonly prone to errors.
Complexity of reducing errors
29. SO HOW DO IP
GEOLOCATION SERVICE
PROVIDERS OPERATE?
Let's understand how various IP geolocation service providers work.
30. Entry Level
Advanced Level
Comparison
The entry-level IP geolocation providers are likely to use fewer data
sources, largely using WhoIs data only, which limits their decision scope
to much fewer options. This makes the process easier and maybe
faster, but as a trade-off, it is much less accurate.
The more advanced IP Geolocation providers presumably work hard to
organise and improve their results by delegating many of the final
decisions to a human personal, in addition to some low-level automated
process. Unfortunately, manual work does not guarantee better results,
as humans are also prone to errors, and definitely makes the process
slower. As a result, we often see commercial IP geolocation databases
updated on a monthly basis only, or weekly as the best.
31. 26 Million
The IP address space is a very dynamic area. Millions of IP addresses changing hands or are
reallocated continuously every hour. Therefore monthly or weekly updates are certainly not
suitable for most IP geolocation applications.
In summary, none of the currently existing methods is sufficiently accurate. Even though a
combination of methods allows for more precise estimation of IP location, this does not solve
the problem of accuracy on a global scale.
Moreover, the lack of a fully automated and deterministic methodology prevents existing IP
geolocation databases from being updated frequently enough to cope with the highly dynamic
nature of the internet IP address space.
Conclusion
To find out how BigDataCloud's IP Geolocation service differs from existing providers,
check out our detailed blog post: The Next Generation IP Geolocation Service.
32. Contact us
Reach out if you have any
questions or clarifications
support@bigdatacloud.com
Email Address
www.bigdatacloud.com
Website
33. For more content related to
IP geolocation, visit our
website.
BigDataCloud Pty Ltd is a highly innovative start-up
company founded in 2018 and operated
internationally from our headquarters in Adelaide,
South Australia. After years of previous experience
in e-commerce, fraud protection and targeted
international marketing, the BigDataCloud founders
identified an immense lack of high quality, fast and
affordable APIs within this and other technical
industries.
For more info, visit: www.bigdatacloud.com