return to table of content

Show HN: IP Guide – Info on IP addresses, Networks, and ASNs

warner25
16 replies
1d15h

From where do you get your geolocation information? I've been using the free MaxMind GeoLite2 databases and the GeoIP2 Python API for this kind of thing, but for a lot of IP addresses that I'd like to map, I can only get down to the country (and even some of those seem suspect).

Is there any rate limit for queries?

withinboredom
8 replies
1d7h

I have yet to see a geo-ip address for my IP that shows me even on the correct side of the country. I wouldn't trust this information as far as you can throw it ... and I've had this IP address for nearly 6 years now.

reincoder
7 replies
1d3h

Can you check IPinfo.io, please? If we are showing any inaccuracy in your IP geolocation data for you, please reach out to us. We will fix that ASAP.

withinboredom
6 replies
1d2h

yeah, it's very wrong. Showing "vpn: true" (actually a regular residential connection), wrong city, region, postcode, etc. Just like every other service out there.

I don't see any way to report it though.

reincoder
5 replies
23h44m

That is really surprising. For geolocation correction, we have a self reporting system: ipinfo.io/corrections

I forgot to add the link in my original comment. But as you mentioned we are showing VPN as true, that indicates a very interesting situation. Can you ping our support, please?

https://ipinfo.io/support

If you can also mention that, you came from HN, that will be fantastic. We will open an engineering ticket first thing Monday and look closely into this. The situation is unusual, and I am sorry about the inconvenience.

bswinnerton
2 replies
22h48m

I'd also suggest filing a correction with MaxMind, which is where most modern geolocation data is derived: https://www.maxmind.com/en/geoip-location-correction.

mekster
1 replies
12h26m

Isn't there an alternative to MaxMind? Seems like a problem if they're the only useful source and they can change their license/fee to anything they want at any time.

withinboredom
0 replies
7h27m

In most cases, their database is entirely free as in free beer. You can't modify and contribute back to it, though (for somewhat obvious reasons). You can download a free local copy and purchase a more advanced version with more information. But if you need a simple lookup, the database is free, excellent, and is updated twice a week.

https://dev.maxmind.com/geoip/geolite2-free-geolocation-data

withinboredom
1 replies
8h8m

Submitted a support request. My email address is also in my profile, feel free to reach out directly. I can also open a wireguard configuration for you guys if you want to run some tests. I do see that my ipv6 prefix results in a correct location.

reincoder
0 replies
7h27m

Thank you very much. I really appreciate you opening a ticket. We will look into it and keep you updated.

bswinnerton
2 replies
1d15h

IP Guide is also using MaxMind, I'm not familiar with many other data sources for that kind of data. Are you seeing discrepancies?

No rate limits or auth for requests, but as mentioned below the api starts to load shed at 2k concurrent requests.

warner25
0 replies
1d14h

Thanks. Yeah, I was just hoping it might have access to some different data. I've seen no discrepancy. I tried one IP address that I've been trying to map, and I got the same answer.

mmaunder
0 replies
1d13h

Their city level data tends to be proprietary so maybe double check you’re ok in your use.

ashu1461
2 replies
1d11h

How big is the MaxMind database ?

nsp
0 replies
1d2h

About 80mb for the city level one

fruit2020
0 replies
1d7h

A few MBs

wongarsu
0 replies
1d

To be fair, some IPs simply can't reasonably be mapped beyond the country level (even if MaxMind often tries).

For example in Germany some carriers just give you a random IP from a pool that is used for half the country, and will give you a new IP every 24 hours. How would you geolocate those with a downloadable database.

DougN7
10 replies
1d17h

Having a simple paragraph about RIPE, BGP and ARIN would be helpful (at least for me).

Is there any way at all to do this for IPv6?

Additional info that would be helpful would be if this is hosted by one of the big tech companies (i.e. is it on AWS, Azure, etc), though maybe that will show up in the network info?

If the IP is associated with hostnames that would be nice to know. Not sure how much of a one-stop shop you want to be :)

bswinnerton
6 replies
1d17h

Having a simple paragraph about RIPE, BGP and ARIN would be helpful (at least for me).

That's a great idea. I'll add a tooltip over some of the less obvious fields describing what they are.

Is there any way at all to do this for IPv6?

Indeed! It's supported natively, so if you have an IPv6 address you should see it automatically. Here's an example <https://ip.guide/2600::>

If the IP is associated with hostnames that would be nice to know.

I dig that idea, I'll have to think of the best way to pull that data while keeping the app stateless and fast.

baby_souffle
5 replies
1d14h

I dig that idea, I'll have to think of the best way to pull that data while keeping the app stateless and fast.

Reverse DNS lookups are usually pretty quick:

```shell

  > time dig +short -x 2600:dead::beef
  customer.my-isp.net.
  dig +short -x 2600:dead::beef  0.00s user 0.01s system 1% cpu 0.882 total
```

spacehunt
2 replies
1d12h

Reverse DNS does not give you all the hostnames that can point to a particular IP address though.

necovek
0 replies
1d10h

Other than brute forcing, I don't think anything does — that's the beauty and the curse of a proper federated system :)

jedberg
0 replies
1d9h

In fact, it might not even give you any names that point to an IP address, since it might be out of sync with the forward system, especially if the records are built by hand.

teh_klev
1 replies
1d14h

This might be useful to review:

https://news.ycombinator.com/formatdoc

"Text after a blank line that is indented by two or more spaces is reproduced verbatim. (This is intended for code.)"

baby_souffle
0 replies
1d12h

Thanks.

I spend all day writing markdown and fenced blocks with type-hint is muscle memory at this point

LelouBil
2 replies
1d17h

Having a simple paragraph about RIPE, BGP and ARIN would be helpful (at least for me).

Same, I've always wondered how do websites like this get their information.

bswinnerton
1 replies
1d17h

Great feedback, I'll add a little more to the site to describe how it all works. Until then...

At a 30,000ft view, the site works by building an in-memory routing table at boot time that has an entry for every route on the internet and which ASN (autonomous system number) announces it. From there, it stitches together data on the organization that the ASN belongs to, and geolocation data, and then exposes it in the API/UI. Under the hood it's using a treebitmap[1] data structure, which means that it can do _very_ fast lookups when given a particular ip address or ip address range.

Zooming in a little more, the main data source is MRT dumps from the RIPE RIS project[2]. There are a number of routers that RIPE (one of the 5 regional internet registries that hand out ASNs and IPs) that rely on network operators to share their view of every route on the internet. These routers are probably some of the most well-connected routers in the world. For the purposes of this service, MRT dumps are effectively a point-in-time snapshot of the routing table of that router. IP Guide parses that file, rebuilds it in memory, and attaches other relevant data to each IP range (also known as a "prefix").

This allows the service to stay fast and stateless, which was one of the main things I was trying to optimize for when building it.

[1]: https://blog.apnic.net/2021/06/04/storing-and-retrieving-ip-... [2]: https://ris.ripe.net/docs/10_routecollectors.html

LelouBil
0 replies
1d16h

Thanks !

Kirce
7 replies
1d16h

Awesome, bookmarked! Would it be possible to list all announced IP ranges for an AS?

sgjohnson
2 replies
1d11h
pests
1 replies
1d5h

Curious, is that your AS?

sgjohnson
0 replies
21h34m

Yup

reincoder
1 replies
1d3h

Disclaimer I work for IPinfo.

If you can download the free IPinfo IP to ASN database CSV file. You can run the following command to get the IP ranges of an ASN.

```

grep AS19551 asn.csv | ipinfo range2cidr | cut -f1 -d ','

```

You will need to install the IPinfo CLI to convert the IP range to their CIDR equivalent. I believe the range2cidr command is also available as a standalone binary as well.

After that, you might want to aggregate the IP ranges to bigger ranges. I have used this in the past for this:

https://github.com/job/aggregate6

Kirce
0 replies
21h52m

I didn't know ipinfo had a cli, good to know, i'll have a Look. Thank you!

I'm currently using ipset, that does aggregation if I remember correctly, but aggregate6 looks good!

toast0
0 replies
21h7m

In addition to other tools, there's also https://bgp.he.net which has a page for announced prefixes. Sometimes it's useful to use multiple tools, as not everyone will see all announcements or process them the same.

bswinnerton
0 replies
1d16h

Yes! Quite easily, but it requires thinking through the right API design. I'll see if I can work this in this weekend.

ta1243
6 replies
1d7h

Nice,

I currently do "curl ipinfo.io" which returns json, and seems to use a more accurate geo lookup (based on the hotel wifi I'm currently on). It doesn't report the network though, and the ASN is a string of asn and name, no org or country, so that's a bonus.

However

  curl ip.guide
just returns blank (there's a redirect). If you follow the redirect with -L the json isn't pretty-printed.

reincoder
3 replies
1d3h

I work for IPinfo.

the ASN is a string of asn and name, no org or country

Yeah detailed ASN information on the API level is available on paid tiers.

However, we have a free IP to ASN Country database that is updated daily and provides full accuracy. That database provides ASN, AS organization, and AS domain information.

I think the reason we don't have more ASN details on the API even though we provide more information for free in the database is because of the target audience and usability of the IP metadata.

Our API allows for tokenless API access for up to 1,000 request/day. There is no compromise with data accuracy. The goal is to be generally useful and extremely fast. Detailed ASN information is still freely accessible from the website, though. So, we have to balance out free API, free website information and paid API/database.

I have been reaching out to folks to adopt the free IP to Country ASN database, as it is free to use and provides full accuracy. If anyone wants to build a public API on top of the IPinfo free database that return more ASN information available there, they are more than welcome to that!

jftuga
2 replies
1d2h

Our API allows for tokenless API access for up to 1,000 request/day.

Thank you for this! Much appreciated!

I am sure there are tons of similar programs, but here is one I wrote:

https://github.com/jftuga/ipinfo

I added on a distance column.

Just yesterday, I added this: brew install jftuga/tap/ipinfo

reincoder
1 replies
7h30m

The pleasure is all ours. Your tool is really awesome. I have bookmarked it. It addresses a very practical questions users have about distance calculation. Now I have the right tool to recommend to users.

Would it be possible to allow access token usage in the tool, please?

jftuga
0 replies
2h38m

Yes. I would accept a PR for this.

bswinnerton
1 replies
1d3h

You'll have to follow the redirects since the site doesn't support HTTP, but just shipped pretty-printing.

tuga
0 replies
10h10m

Redirection from http to https is trivial on most http servers (nginx, apache, etc)

tuga
5 replies
1d15h

Have you thought about offering downloadable versions of to the database through MMDB, CSV, or JSON formats? This would enable users to utilize the database offline, similar to the setup provided by IPinfo.io for their free IP database.

bswinnerton
4 replies
1d15h

Yeah, if you click on "bulk data" you'll see the two statically hosted CSVs for ASN and IP data. What else would you find useful in those datasets? It's quite easy to expand on them.

tuga
1 replies
1d15h

I suppose I was overly enthusiastic about the project and overlooked the bulk part . Thank you. Personally, I prefer to use local MMDB versions as they provide faster results and do not require network usage. Having knowledge about whether an IP is a proxy, VPN, data center, etc. is valuable to me, but I understand that it may vary depending on each project's requirements.

meeby
0 replies
1d12h

Without wishing to gazump on tuga's excellent project, you can get mmdb files for IPs and ASNs free for personal use from https://ipnetdb.com/ that will probably provide the data you want.

(Disclaimer: I work for the company that develops IPNetDB).

byyll
1 replies
1d15h

Countries.

bswinnerton
0 replies
1d15h

The country code is the last portion of the networks CSV:

  $ curl -sL ip.guide/bulk/networks.csv | head -n 2
  prefix,asn,organization,country
  1.0.0.0/24,13335,"Cloudflare, Inc.",US

HellsMaddy
5 replies
1d17h

Nice! I love HTTP APIs like this with simple, user-friendly URLs like `https://${domain}/${query}`. Anyone know of a list of other services like this? wttr.in is one example I know of.

tobias2014
0 replies
1d14h
nadermx
0 replies
1d15h

I made https://api.miip.co but no where near as complex

miki123211
0 replies
1d15h

Not exactly HTTP, but dns.toys

achillean
0 replies
1d16h
AndrewCopeland
0 replies
22h52m
rebelde
4 replies
1d15h

Feature request for any service like this: Let "me" know if it is a school, so I know that I am probably dealing with minors, a public environment and a firewall. Of course, you need to do the work (rDNS to start) to identify the schools.

I love the speed of the responses!

slig
0 replies
1d4h

IPINFO.io has that info, but I too would like to have this information in a free service.

reincoder
0 replies
1d3h

I work for IPinfo. We have higher level IP category information on our website for free.

We categorize ASN and companies/organizations based on 4 categories: ISP, Education, Hosting and Business. This ASN level categorization are done mainly from WHOIS and other public internet records.

We don't sub-categorize by schools, university, public research institutions, k-12 etc. The reason is accuracy. Even though I can understand the possible methods for doing this, the issue is that it can not be done reliably at scale.

As a data provider, from our end we hope to provide the highest possible accuracy and vouch for the service we provide. For this level of classification, we will generally request users to say what data they need from us, and we try to help them come to a solution that they have to build on their own. They can do whatever classification they want to do based on their personal level of tolerance for accuracy.

inemesitaffia
0 replies
3h3m

University's and post secondary educational institutions can have k12 schools attached especially if they study education or are isolated

avipars
0 replies
5h58m

Seems like schools should opt-in by submitting their IP address/range

iJohnDoe
3 replies
1d16h

Also like https://wasab.is

Yours is very cool by pulling BGP data every 8 hours though!

bswinnerton
1 replies
1d16h

Oh cool! Is this a fork of ifconfig.co?

iJohnDoe
0 replies
1d16h

Yes, seems like it!

xyst
0 replies
1d16h

For some reason this site only sees my ipv4 addy. But ip.guide automatically returns IPv6.

wantguns
2 replies
1d17h

Very cool project, any plans to release its source ?

also s/Tailscale/Tailwind/

bswinnerton
1 replies
1d17h

I do that every. single. time.

WhackyIdeas
0 replies
1d16h

Love it - bookmarked!

withinboredom
1 replies
1d8h

Showing the start/ending address as part of the network would be helpful when looking up the network. That would avoid having to pull out a CIDR calculator when using this tool.

bswinnerton
0 replies
1d2h

Great idea. This is rolling out right now.

umen
1 replies
1d6h

can you pls elaborate your tech stack and where do host ? 1 .rust ( what server or hand crafted ?)

bswinnerton
0 replies
1d3h

For the backend, it's written in Rust using a few key crates: axum for the api, bgpkit-parser for parsing the MRT data, and reqwest for fetching data at boot.

The site is hosted on Neptune Networks, another side project of mine for people to learn and experiment with BGP.

joshghent
1 replies
1d17h

Great site and product! Congratulations on the launch.

I actually have a use case for this in my product Loginllama. I need to grab information about the IP addresses. I’m currently using a different API but don’t really like the product.

Is it rate limited or have any key authentication? My email is me at joshghent.com if you want to chat about this more.

bswinnerton
0 replies
1d17h

Go for it! There's no formal rate limiting or auth, but it does start to load shed at 2k concurrent requests. It's stateless, so it's very easy to scale horizontally after that.

LoginLlama looks super helpful, what else would you like to see from IP Guide to help? Would a boolean attribute on whether or not the IP is a known tor exit node be helpful?

johnthescott
1 replies
1d10h

feature request: date of cache entry.

bswinnerton
0 replies
1d3h

It's not available from the API, but there is a "last updated" date when you view it in a browser. It's at most 8 hours old.

bogomipz
1 replies
1d14h

I love the API and response times! I had a few questions:

Might you open-source this in the future?

Were you already comfortable in Rust or is there a reason you selected Rust for this project i.e performance and so plans to offer this as commercial product?

How often are RIPE info and MaxMind data updated these days or is that the 8 hours?

Thanks for sharing!

bswinnerton
0 replies
1d14h

Will this be open-sourced?

I don't think there's a strong reason to keep it closed-source.

Were you already comfortable in Rust or is there a reason you selected Rust for this project?

This was a big learning opportunity for me to learn Rust. I had done two small projects in Rust before this one.

How often are RIPE info and MaxMind data updated these days?

The MRT dumps where it gets its BGP data are updated every 8 hours, and MaxMind appears to be updated twice a week.

ashu1461
1 replies
1d13h

Is there a rate limit to the API ?

bswinnerton
0 replies
1d13h

No rate limits or auth for requests, but as mentioned below the api starts to load shed at 2k concurrent requests.

DavideNL
1 replies
1d5h

Alternatieve, fyi;

  curl -sS https://am.i.mullvad.net/json | jq

lovasoa
0 replies
1d4h

This mullvad thing is just another "what is my ip" service. His site lets you download the entire database locally, for free, and without registration.

tonymet
0 replies
21h51m

Here's a powershell command -- let's add it to the docs!

    > (iwr ip.guide).Content | ConvertFrom-Json | Select-Object location

stevenicr
0 replies
1d16h

I go to myip.ms regularly and use the additional info it offers such as owner ip block / ranges, the cidr, and hostname is sometimes helpful.

spacecadet
0 replies
1d

This is neat, Im currently passing some IP addresses to OpenAi for a crude version of this, but will try this out!

seligman99
0 replies
1d16h

My similar take on the idea: https://cloud-ips.s3-us-west-2.amazonaws.com/index.html

I wanted to see if I could do the lookup work client-side, and also include some more metadata about cloud provider's IPs (region, service, etc), not that it's really better, just a toy idea I had.

romanixromanix
0 replies
1d6h

Very nicely done. I like the simplicity of the page and interface.

nektro
0 replies
1d14h

love this, nice work :) so fast.

kortilla
0 replies
1d16h

Check out http://bgp.tools for an alternative in the area.

Not affiliated, it’s just my current preferred.

fastasucan
0 replies
17h29m

I really like the webpage, informative and minimalistic. Can this be used to look up ip's trying to connect to my server, and then ban according to nationality? (As its only for me to connect, however that can be from hotels etc around my country - so a filter on nationality might be the next best thing to a list of IP's).

WarOnPrivacy
0 replies
1d13h

I like. I was just looking for an easy way to pull geoip in a bash script.

AndrewCopeland
0 replies
22h51m

Nice, I like how simple it is!

I provide a similar service but with more focus on bot/data center/VPN ip addresses.

https://ipdetective.io