wikiroute

networking recipes

User Tools

Site Tools

Trace:
who_is_using_this_ip_address

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
who_is_using_this_ip_address [2014/02/09 13:04] – [3- A Do-It-Yourself BGP Query Service] samerwho_is_using_this_ip_address [2014/02/09 13:28] – [3.2- Software Tools] samer
Line 117: Line 117:
 Here are some hints and recipes to implement a server that maps IP prefixes with AS numbers based on BGP information.  Here are some hints and recipes to implement a server that maps IP prefixes with AS numbers based on BGP information. 
  
-==== Basic Steps ====+==== -- Basic Steps ====
  
 Start by downloading raw BGP data collected by RIPE NCC servers from http://www.ripe.net/data-tools/stats/ris/ris-raw-data. For example, the latest data file from RRC0 (Amsterdam) is always available on http://data.ris.ripe.net/rrc00/latest-bview.gz. Start by downloading raw BGP data collected by RIPE NCC servers from http://www.ripe.net/data-tools/stats/ris/ris-raw-data. For example, the latest data file from RRC0 (Amsterdam) is always available on http://data.ris.ripe.net/rrc00/latest-bview.gz.
Line 131: Line 131:
 </code>  </code> 
  
-Use any scripting language to perform a best prefix match and output the origin AS of your desired IP prefix.+Here is a typical line in the dumped file, where you can see the prefix ''148.60.0.0/16'' and the AS-PATH ending by the originating AS ''2200''
 +<code> 
 +TABLE_DUMP2|1389513606|B|85.132.60.10|29049|148.60.0.0/16|29049 1273 2200|IGP|85 
 +.132.60.10|0|0|1273:12250 2200:1000 2200:2200|NAG|| 
 +</code> 
 + 
 +Now you can use your favorite scripting language to extract IP to AS mappings and perform a best prefix match
 + 
 +==== -- Software Tools ==== 
 + 
 +Fortunately, existing software tools may help you in the process of implementing you own BGP-based IP to AS mapping service. Consider taking a look at: 
 +  - [[http://cpansearch.perl.org/src/TPODER/Net-NfDump-0.12/examples/download_asn_db | Net-NfDump]]: a perl library that makes use of the [[http://search.cpan.org/~tpoder/Net-IP-LPM-0.02/ | Net::IP::LPM]] implementation of Longest Prefix Match algorithm.  
 +  - [[https://github.com/CIRCL/IP-ASN-history | IP-ASN-history]]: a client/server (with a client web interface) software to store efficiently the history of BGP announces and quickly lookup IP addresses origins. 
 +  - [[http://pwhois.org/server.who | pwhois]]: a client/server software that makes use of a PostgreSQL database to store routing information. FIXME Did not succeed to install it on Mac OS X 10.9.1 
who_is_using_this_ip_address.txt · Last modified: 2014/02/15 23:31 by samer