Geo location to IP mapping


    I'm moron. You didn't know it yet?

I already mentioned the NTP thread. Let's not relive it.

There are some facts:

1. Geo location is a real application
2. There are multiple methods for obtaining the location (accuracy varies)
3. I wouldn't use current ip geo location to pinpoint UBL, but perhaps
    knowing where his post office is...
4. it's reliable enough for security applications and
    advertising, depending upon your method, provider, and use case

I could offer more examples of improving the accuracy on a
geo-asp provider level, but I think more than enough has been said
about the topic to make it clear to the average reader.

Take a look at the NSA patent mentioned. It's here and it's


We use a Geo/IP location database. It's surprisingly accurate, with a few exceptions.

The company we purchased the database from uses a number of sources of data, to produce something pretty accurate:

1) WHOIS records for the IP assignment
2) WHOIS records for domain in the PTR record for the IP
3) Parsing the PTR record for city names and airport codes
4) Purchasing IP/billing and shipping city,state,zip records from sites with accurate records (e-commerce and other sites that people need to enter their local info)
5) All of the above for the hop or two before the end in a traceroute
6) BGP and traceroute comparisons to determine where the boundaries are in how you've internally routed things

Even if you're just allocating from a single /20, you probably have some hierarchy, and that can be picked up through routing or DNS or SWIP.

Comparing the database to the IP that our customers used to make purchases we exceed 95% accuracy in identifying the country, and 75-85% in city/state. The big exception is AOL, since their IP assignments are pretty well randomized with respect to geography.

Never underestimate what can be done through regular expressions and an army of people sitting at terminals in China to verify what can't be automated. :slight_smile:

For those of you really interested, email me privately and i'll dump what we have on record for a block or two of yours.

Google's available geolocation resources are much more direct: They can get the information directly from the user. Google mail users setting location information, google home page users setting weatherbug details, common location searches in google maps, or local business directory searches. Taken in connection with neighboring IPs, you can generate the correlations statistically, even going so far as being able to make a good guess at a dialup IP versus an 'always on' connection.

This would be the same for MSN, Yahoo search, or any portal based search engine.

Forget relying on a thousand different companies hopefully keeping accurate records, *if any* about what IP where. The user is, for once, a much better source of information.

- billn


(In a more precise manner)

    I originaly stated that below country (aka, province/state, city, zip, etc) it wont be very reliable because in my experience we spread that /20 without the hierarchy you expect.


    . We have subnets on LanEx going outside the city, province/state and even country;

    . We concentrate compagny with 10 to 50 sites using private ip and a single internet point;

    . We have dynamic ip users using cable, dsl, dialup and even long-distance dialup;


    I'm sure peoples have many more of hierarchy situation like this one.


    None really, short of having access the real infrastruture of the ISP.

    I'm sure the IP Location Industry have deals with the major ISP to get their DB more precise.

    But if the targeted IP is on a smaller outfit the quality of the informations will not be the same. This is why I stated that globally the state/city should be pretty low (50%).

    That good that you have 75% to 85% but I wasn't ignoring the AOL's in my statement.

    That's all.

    (FYI: The NTP Issue has been resolved (;-} )

Kevin Day wrote: