Of course the "GeoIP people" are going to vet the submissions, but if
existing entry is Spain or Germany and the traceroute shows that the
previous hop was somewhere in the US midwest, I think they can figure it
out. =)

The "hop before it" is not necessarily a good indication these days with MPLS tunnels. There is this thing called the Speed Of Light. It's very annoying most of the time, but it can be useful for geo location if you have multiple vantage points to ping / trace to a destination.

The return packet can be delayed infinitely, but it cannot be sped up past c. Really about 0.666c if you believe the path is in fiber, which I personally believe is a useful assumption for every path on the 'Net to several decimal places (since things like satellite hops, while not in fiber, will give your far higher latency, and microwave just is not used enough to matter). If you ping something from San Jose and get a response in under 50 ms, the machine which sent the reply packet _cannot_ be in Germany or China. Those pesky Laws of Physics get in the way.[*]

What's more, if you ping the same destination from, say, Los Angeles and Boston, and each test returns in 40 ms, you now have narrowed the possible locations down quite a bit.

There are always exceptions, but sometimes they are obvious. Pinging the same destination from LAX & BOS and getting 5 ms each... well, that's obviously anycast (or a broken test). Fortunately, most destinations are unicast and stationary, so there are ways to narrow down the location using tools like this.

--
TTFN,
patrick

[*] Technically it's the Theory of Relativity which gets in the way. This means some people will argue I am wrong because it is "only a theory" and not proven fact. Hopefully no NANOG reader has ever used lines like "it is only a theory" against "theories" which are better proven than some "laws" (e.g. the Law of Gravity, which, as it turns out, is wrong).


On May 1, 2009, at 5:39 PM, Frank Bulk wrote:

I wouldn't mind create LOC records for our IP address ranges, but doesn't make much sense if the "GeoIP people" don't look at it or care. Hence the
need for someone who is relevant to them to open the dialog.

I've never received a negative comment when submitting a correction request to "GeoIP people". Of course, they don't make it really easy to do so and
it seems that half the time it needs to be done via back-channels.

Of course the "GeoIP people" are going to vet the submissions, but if
existing entry is Spain or Germany and the traceroute shows that the
previous hop was somewhere in the US midwest, I think they can figure it out. =) I'm sure they have mechanisms to track changes and new allocations, but some things will slip through the cracks or in the case of use sales
data, be delayed.

The process that I'm suggesting is for corrective action, not to be the
basis for the "GeoIP people" to build their database.  That's why I'm
suggesting a comprehensive form that gets sent to all the "GeoIP people". It's a way they can receive requests in a systematic way that can help them
improve the accuracy of their database.

Frank

-----Original Message-----
From: Peter Beckman [mailto:beck...@angryox.com]
Sent: Friday, May 01, 2009 4:23 PM
To: Mikael Abrahamsson
Cc: nanog@nanog.org
Subject: Re: how to fix incorrect GeoIP data?

On Fri, 1 May 2009, Mikael Abrahamsson wrote:

On Fri, 1 May 2009, William F. Maton Sotomayor wrote:

LOC records too. :-)

dig @prisoner.iana.org hostname.as112.net any

Have this seen any widespread use? I mean, there needs to be tens of
percent
of users having these before they'll get used by the GeoIP people.

People who are evil (or people seeking privacy) will intentionally put bad
 data, thus ruining the whole thing.

 I don't think self-reporting is the answer.

 You MIGHT be able to determine location based on a traceroute, though
anycast would surely derail such attempts. I suspect most people rely on 3rd party GeoIP databases, and that those companies aren't interested in
 hearing from you about your location change, mostly because they are
 worried that if they do, the evildoers will overrun them with bad
requests, or bait and switch, making their data less accurate than it is
 now without your block being correct.

 Which I can understand.

---------------------------------------------------------------------------
Peter Beckman Internet Guy
beck...@angryox.com                                 http://www.angryox.com/
---------------------------------------------------------------------------





Reply via email to