wikiroute

networking recipes

User Tools

Site Tools

Trace:
who_is_using_this_ip_address

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
who_is_using_this_ip_address [2014/02/09 13:14] – [Basic Steps] samerwho_is_using_this_ip_address [2014/02/09 14:15] – [Who is Using This IP Address?] samer
Line 1: Line 1:
 ====== Who is Using This IP Address? ===== ====== Who is Using This IP Address? =====
  
-A frequent question that faces network administrators or application developers consists in identifying //who is using a specific public IP address//. This information can be utilized for instance to perform user localization and enable location-based services or user access control. In this context, a main technical challenge is to associate the IP address or prefix with its corresponding Autonomous System (AS).+A frequent question that faces network administrators or application developers consists in identifying //who is using a specific public IP address//. This information can be utilized for instance to perform user localization and enable location-based services or user access control. In this context, a main technical challenge is to associate an IP address or prefix with its corresponding Autonomous System (AS).
  
 ===== -- Limitations of the whois Information ===== ===== -- Limitations of the whois Information =====
Line 117: Line 117:
 Here are some hints and recipes to implement a server that maps IP prefixes with AS numbers based on BGP information.  Here are some hints and recipes to implement a server that maps IP prefixes with AS numbers based on BGP information. 
  
-==== Basic Steps ====+==== -- Basic Steps ====
  
 Start by downloading raw BGP data collected by RIPE NCC servers from http://www.ripe.net/data-tools/stats/ris/ris-raw-data. For example, the latest data file from RRC0 (Amsterdam) is always available on http://data.ris.ripe.net/rrc00/latest-bview.gz. Start by downloading raw BGP data collected by RIPE NCC servers from http://www.ripe.net/data-tools/stats/ris/ris-raw-data. For example, the latest data file from RRC0 (Amsterdam) is always available on http://data.ris.ripe.net/rrc00/latest-bview.gz.
Line 138: Line 138:
  
 Now you can use your favorite scripting language to extract IP to AS mappings and perform a best prefix match. Now you can use your favorite scripting language to extract IP to AS mappings and perform a best prefix match.
 +
 +==== -- Software Tools ====
 +
 +Fortunately, existing software tools may help you in the process of implementing you own BGP-based IP to AS mapping service. Consider taking a look at:
 +  - [[http://cpansearch.perl.org/src/TPODER/Net-NfDump-0.12/examples/download_asn_db | Net-NfDump]]: a perl library that makes use of the [[http://search.cpan.org/~tpoder/Net-IP-LPM-0.02/ | Net::IP::LPM]] implementation of Longest Prefix Match algorithm. 
 +  - [[https://github.com/CIRCL/IP-ASN-history | IP-ASN-history]]: a client/server (with a client web interface) software to store efficiently the history of BGP announces and quickly lookup IP addresses origins.
 +  - [[http://pwhois.org/server.who | pwhois]]: a client/server software that makes use of a PostgreSQL database to store routing information. FIXME Did not succeed to install it on Mac OS X 10.9.1.  
who_is_using_this_ip_address.txt · Last modified: 2014/02/15 23:31 by samer