IP ASN mapping algorithm

Question

IP ASN mapping algorithm

Is there an easy way to map this IP address to the corresponding ASN? For example:

ping to find the IP address:

$ ping www.switch.ch PING aslan.switch.ch (130.59.108.36) 56(84) bytes of data.

whois is looking for an ASN number:

 $ whois -h whois.cymru.com -v 130.59.108.36 Warning: RIPE flags used with a traditional server. AS | IP | BGP Prefix | CC | Registry | Allocated | AS Name 559 | 130.59.108.36 | 130.59.0.0/16 | CH | ripencc | 1993-09-22 | SWITCH SWITCH, Swiss Education and Research Network

Thus, the mapping in this case will be 130.59.108.36 (IP) → 559 (ASN). Easy. But what if I would like to create my own local mapping service with publicly available information from regional Internet registries? So, for the above example, this will be this list, right?

 ftp://ftp.ripe.net/pub/stats/ripencc/delegated-ripencc-latest

And finding a matching entrie is also not a problem:

 ripencc|CH|ipv4|130.59.0.0|65536|19930922|assigned

But how do I get the ASN number from the line above? How are these two information related?

 ripencc|EU|asn|559|1|19930901|allocated

Thanks in advance for your reply!

+8

bgp

Stephan berger Oct 28 '12 at 15:54

source share

3 answers

Alok · Answer 1 · 2013-04-21T20:40:20+0000

I will explain how to do it here: https://www.quaxio.com/bgp/ (previously at https://alokmenghrajani.imtqy.com/bgp/ )

This is mainly due to loading the dump from the router, and then using the efficient presentation of the data to map the IP address to the network mask.

André keller · Answer 2 · 2012-11-21T03:31:40+0000

I would suggest doing this based on MRT dumps compiled from real BGP dynamics.

There is this python fe library that can be used to easily analyze MRT dumps: http://code.google.com/p/pyasn/

If you cannot start your own BGP speaker, you can download dumps at http://archive.routeviews.org/

Make sure you check other things as well. They also provide DNS zones that will allow you to perform such queries using a standard DNS server such as Bind or NSD: http://archive.routeviews.org/dnszones/

I hope you get started ...

wick · Answer 3 · 2016-04-14T22:16:42+0000

I created a tool that adds ASN to the HTTP protocol strings. I will explain how to create a database from raw RIPE data and use it with binary search. In addition, the C code is ready to use. 1.6M in a few seconds on a regular virtual instance:

https://github.com/psvz/tirexASN

IP ASN mapping algorithm

More articles: