This is called a geofeed. Companies that own or operate IP addresses can customarily share the location of those IP addresses. This is less of "IP-based Geolocation" rather "Geolocation of IP addresses.
Readit Newsreincoder commented on IP Based Geolocation by Apple ip-geolocation.apple.com/... · Posted by u/technimad
What is your path towards 'resolving' these issues?
I've done some mapping while comparing turn servers my org hosted on cloud vms vs a commercial offering, and it's pretty easy to find very different routing from point A to point B, but sometimes it's pretty clearly that not every transit network has access to every submarine cable, so traffic from say Brazil to South Africa might go from Brazil directly to Africa, or it might go to Florida, then Europe, then Africa. It'd be nice to take a more direct route, but maybe the Brazil -> Africa hop doesn't transit all the way, so BGP prefers the scenic route as it has a shorter AS path.
I didn't have any leverage to motivate routing changes though, so other than saying hmm, that's interesting, there wasn't much to do about it.
From our data side, we focus on network diversity and conduct continuous measurements. Due to the nature of our measurements and our knowledge of the precise locations of all 1330 servers, we understand how network packets travel across the internet. We simplify this information into algorithms and know how to accommodate detours that packets may take. There are specific patterns that we can identify and map, like some African servers route their traffic through LINX or a French IXP. If you are not connecting to private networks or even major telecoms on EU-based IXPs.
To help the system, we are reaching out to IXPs, major telecoms and peering agencies to advise them on how to peer and make critical internet routing decisions. We want to tell them on how to engage in data-focused peering, how their IXP is perceived from a broader internet data perspective, and how their packets from the IXP travel across the internet. We hope this colloboration will bring much needed efficiency in internet routing.
Thank you, Dimitry. Everyone at IPinfo really appreciates the shoutout!
---
Our research scientist, Calvin, will be giving a talk at NANOG96 on Monday that delves into active measurement-based IP geolocation.
Bit surprised this works. Latency variability is huge and sometimes quite disconnected from geo location. I recall talking to someone in NL and realised I've got better latency to NL content from the UK than he did. Presumably better peering etc.
I work for IPinfo. We are launching a collaborative project with IXPs and major internet organizations to share raw measurement for routing and peering data for this purpose.
Latency variability is a huge issue. We run both traceroute and ping data, and we observe that there are entire countries that peer with IXP thousands of miles away in a different continent.
We bought a server from the oldest telecom company in the country and recently activated it. Currently, there is a 20 ms latency when traffic is directed towards the second oldest telecom. The packets have to travel outside the country before coming back in. This is a common phenomenon that occurs frequently. So, we usually have multiple servers in major cities since various ASNs have different peering policies.
For us we can map those behaviors and have algorithms and other data sources, make measurement-based geolocation perform well.
We are hoping to support IXPs, internet governance agencies, and major telcoms in identifying these issues and resolving them.
Deleted Comment
reincoder commented on VPN location claims don't match real traffic exits ipinfo.io/blog/vpn-locati... · Posted by u/mmaia
90% of end users, not 90% of your customers. If your product blocks 10% of end users because it provides wrong geolocation data to your customer, sucks to be them!
That is a great point! For us, it is 100% of end users not limited to our customers. If you are impacted by our data in any way, it is on us. We are accountable for that.
https://community.ipinfo.io/t/wrong-geolocation-based-on-ip-...
Our free database is licensed under "CC-BA-SA" (freely distributable but requires attribution) because of accountability. If you use our data as an enterprise or a free open-source project, if there is any issue, you can come to us and talk with us.
It is not even end-users. We maintain open communication policies in general. Even if a streaming service does not use our data, if they come to us, we try our best to help them based on our industry knowledge.
reincoder commented on VPN location claims don't match real traffic exits ipinfo.io/blog/vpn-locati... · Posted by u/mmaia
If you're doing latency-based probing, location spoofing is presumably possible to an extent by adding artificial delays and possibly spoofing ICMP "TTL expired" packets like https://github.com/blechschmidt/fakeroute
I am not sure whether this kind of IP spoofing will impact our accuracy because we will likely identify the noise and behavioral anomaly and discard the location hint derived from traceroute.
We have tons of historical traceroute data patterns, and generic traceroute behaviors are likely modeled out internally. So, if you can spoof the traceroute to your IP address, our traceroute-based location hint scoring weight for that IP address will decrease, and we will rely on the other location hints.
You have to be extremely deliberate to misguide us. But I would love to see this in action, though.
reincoder commented on VPN location claims don't match real traffic exits ipinfo.io/blog/vpn-locati... · Posted by u/mmaia
I don't think it is fair to IPInfo to give the specifics publicly, because once you have the "ah ha" moment you realize it is an entire class of difficult to address problems with how they use their sensor network. That knowledge only helps the bad guys.
We are actively trying to improve our system and build it as figuratively 'antifragile'. We can not afford to get comfortable and we need to constantly find faults in it. If you know anything, you can contact our founder or me directly.
The problem is that everyone knows we are the most accurate data provider and our growth is exponential. To my knowledge, most cybersecurity teams use our data to some degree. We cannot risk having any secrets out there that could disrupt the accuracy of the system. We are aware of several cases where accuracy may be affected, with the most notable being adversarial geofeed submissions.
If the issue is an adversarial geofeed submission, it is a well-known problem. When active measurement fails, we have to fallback to some location hint. There are layers of location hints we have to fall through to ultimately landing on echoing geofeed location hint.
But aside from that... I'm not sure what could possibly impact us. A substantial systemic malicious change in data accuracy seems highly unlikely and quite impossible.
reincoder commented on VPN location claims don't match real traffic exits ipinfo.io/blog/vpn-locati... · Posted by u/mmaia
Do Cloudflare's floating egress IPs probe in a way where you can easily geolocate them?
https://blog.cloudflare.com/cloudflare-servers-dont-own-ips-...
If it is an anycast IP address, we have hints of all locations. However, because we have to produce a standard IP geolocation product, we can only select one address. So, we choose the address we find from a reliable geofeed and designate the IP address as "anycast" in the API response.
Internally, we have an anycast database. I believe we can also provide all the location hints we see for each anycast IP. It is generally niche data though.
reincoder commented on VPN location claims don't match real traffic exits ipinfo.io/blog/vpn-locati... · Posted by u/mmaia
As always with big corporations, if the experience is OK for 90% of people but absolutely sucks for 10% of people, then that's totally fine!
I can tell you how we approach enterprise partnerships: absolute accountability. If something is wrong with the data, it is not our customers' fault for trusting us, it is our fault. End users talk to us directly. And because the data is so good these days, we just have to present evidence, that's it.
We with multi-billion-dollar corporations, and for every product integration we maintain an active, visible presence in their user communities.
For example: https://community.cloudflare.com/search?q=ipinfo%20order%3Al...
Customer support teams are encouraged to build support pipelines that either route data-related questions directly to us or send users directly. We remove friction rather than hiding behind layers of enterprise support.
We make a deliberate "account manager for everyone" effort when introducing ourselves to a partner's user community. We engage with influential community members and MVP users and encourage them to contact us directly when issues arise. We also connect with the engineers who work hands-on with our data and make it clear that they have a direct line to our engineering team.
We actively and aggressively monitor social media for reports of issues related to our data within partner platforms and engage with users directly when something comes up.
To be honest, this is not difficult. Once or twice a month, we may need to present evidence to a user to explain our data decision.
This is not a paid add-on or a special clause in an enterprise contract. Our customers do not pay extra for this level of engagement.
Developers hold us in high regard. Maintaining that trust requires ongoing investment of time and resources. We fundamentally believe developers trust us because of the quality of the product and the lengths we go to provide clear, honest explanations when questions arise.