Introduction
We are providing some examples of where database methods get the location of a host incorrect. Reasons for this are multiple, including
- The database uses the Top Level Domain to identify the country. However some countries such as Tuvalu (.tv) and Djibouti (.dj short for music Disk Jockey) market their TLDs
- To improve performance, especially for regions with poor connectivity, there may be a proxy in another country.
- To improve performance for very popular sites they often have hosts with the same name distributed across the world.
- Internet routers are often identified as located at the corporate headquarters.
Incorrect result I
| No Format |
|---|
traceroute to 193.220.46.70 (193.220.46.70), 30 hops max, 38 byte packets
1 rtr-servcore1-nethub (134.79.19.4) 0.648 ms 0.228 ms 0.472 ms
2 rtr-core2-p2p-servcore1 (134.79.252.162) 0.342 ms 0.256 ms 0.271 ms
3 rtr-border1-p2p-core2 (134.79.252.137) 0.497 ms 0.926 ms 0.301 ms
4 192.68.191.245 (192.68.191.245) 0.562 ms 0.363 ms 0.481 ms
5 sunnsdn2-slacmr1.es.net (134.55.217.2) 0.619 ms 0.714 ms 0.748 ms
6 sunncr1-sunnsdn2.es.net (134.55.209.98) 1.023 ms 0.788 ms 0.931 ms
MPLS Label=136016 CoS=0 TTL=1 S=1
7 paixpart2-sunncr1.es.net (134.55.218.133) 1.432 ms 1.409 ms 1.292 ms
8 unknown.Level3.net (209.245.146.145) 1.166 ms 1.217 ms 1.075 ms
9 so-2-1-0.bbr1.SanJose1.Level3.net (4.68.114.153) 3.574 ms 3.049 ms 3.790 ms
10 ae-1-0.bbr2.Dusseldorf1.Level3.net (212.187.128.21) 165.467 ms 165.667 ms 165.440 ms
11 so-3-0-0.mp1.Berlin1.Level3.net (4.68.128.42) 176.505 ms 224.081 ms 177.365 ms
12 ae-31-53.ebr1.Berlin1.Level3.net (4.68.108.94) 177.440 ms 190.223 ms 180.747 ms
13 ae-2-7.bar1.Stockholm1.Level3.net (4.69.140.201) 194.848 ms 194.563 ms 194.597 ms
14 VIZADA-NETW.bar1.Stockholm1.Level3.net (213.242.69.34) 203.616 ms 203.061 ms 203.522 ms
15 NO-NIT-TN-6.taide.net (193.219.193.136) 204.151 ms 204.134 ms 204.159 ms
16 193.220.46.65 (193.220.46.65) 740.045 ms 738.744 ms 739.817 ms
17 193.220.46.78 (193.220.46.78) 739.863 ms 739.441 ms 739.970 ms
18 193.220.46.70 (193.220.46.70) 741.354 ms 738.494 ms 739.066 ms
|
...
From | RTT |
|---|---|
Stuttgart, Germany | 14 ms |
Karlsruhe, Germany | 20 ms |
However, Geoiptool suggests that the node is in US, Kansas. IP2Location suggests that its in Washington, DC.
TULIP suggest that it is somewhere in Europe: (though it locates in Norway my hunch is that its somewhere closer to the intersection of the 4 circles)
Incorrect result II
Similarly the node ae-1-0.bbr2.Dusseldorf1.Level3.net (212.187.128.21) is in Germany considering the following RTTs:
From | RTT |
|---|---|
Karlsruhe, Germany | 8 ms |
Stuttgart, Germany | 13 ms |
Zurich, Switzerland | 13 ms |
Warrington, UK | 13 ms |
London, UK | 14 ms |
Where as IP2Location suggests that its in UK and so does Geoiptool.
...
dsas3.ctio.noao.edu (139.229.17.44) is in La Serena Chile. GeoTool indicates it is in Tucson near the university. There are other hosts with the same domain name such as dsan3.ctio.noao.edu that are located in Tuscon. Unfortunately these hosts do not respond to pings. The traceroute indicates that the host is a long way away (> 300ms) from SLAC and probably in S. America (ampath is the connection point in Florida to S. America):
| Code Block |
|---|
37cottrell@pinger:~>traceroute dsas3.ctio.noao.edu 140
traceroute to dsas3.ctio.noao.edu (139.229.17.44), 30 hops max, 140 byte packets
1 rtr-iepm-test (134.79.243.1) 0.326 ms 0.252 ms 0.244 ms
2 rtr-core1-p2p-iepm (134.79.252.5) 0.287 ms 0.232 ms 0.219 ms
3 rtr-core1-p2p-core1old (134.79.252.182) 0.321 ms 0.274 ms 0.268 ms
4 rtr-border1-p2p-core1 (134.79.252.133) 0.428 ms 0.324 ms 0.312 ms
5 slac-mr2-p2p-rtr-border1 (192.68.191.245) 0.260 ms 0.228 ms 0.224 ms
6 sunnsdn2-ip-slacmr2.es.net (134.55.217.2) 0.874 ms 0.862 ms 0.859 ms
MPLS Label=306784 CoS=6 TTL=1 S=0
7 sunncr1-sunnsdn2.es.net (134.55.209.98) 0.960 ms 0.932 ms 0.937 ms
MPLS Label=326496 CoS=6 TTL=1 S=0
8 denvcr1-sunncr1.es.net (134.55.220.49) 27.943 ms 27.934 ms 56.111 ms
MPLS Label=306272 CoS=6 TTL=1 S=0
9 kanscr1-ip-denvcr1.es.net (134.55.209.46) 41.012 ms 41.024 ms 40.991 ms
MPLS Label=307728 CoS=6 TTL=1 S=0
10 chiccr1-ip-kanscr1.es.net (134.55.221.58) 51.640 ms 51.666 ms 51.631 ms
MPLS Label=337056 CoS=6 TTL=1 S=0
11 clevcr1-ip-chiccr1.es.net (134.55.217.53) 60.633 ms 60.601 ms 60.610 ms
MPLS Label=301856 CoS=6 TTL=1 S=0
12 washcr1-ip-clevcr1.es.net (134.55.222.58) 68.134 ms 68.175 ms 68.105 ms
13 ampath-max.es.net (198.124.194.6) 88.318 ms 88.364 ms 88.375 ms
14 aura.ampath.net (198.32.252.218) 325.346 ms 325.963 ms 325.492 ms
15 139.229.127.249 (139.229.127.249) 326.392 ms 326.598 ms 326.655 ms
16 * * *
17 * * *
|
...
Traceroute from SLAC to DESY (mms1.desy.de) using mtr.
| No Format |
|---|
46cottrell@pinger:~>sudo mtr -r -c 100 mms1.desy.de
HOST LOSS RCVD SENT BEST AVG WORST
rtr-servcore1-serv01-iepm.slac.stanford.edu 0% 100 100 0.32 0.67 1.41
rtr-core1-p2p-servcore1.slac.stanford.edu 0% 100 100 0.31 0.61 1.14
rtr-border1-p2p-core1.slac.stanford.edu 0% 100 100 0.42 3.66 89.68
slac-mr2-p2p-rtr-border1.slac.stanford.edu 0% 100 100 0.29 3.46 43.24
sunnsdn2-ip-slacmr2.es.net 0% 100 100 0.69 4.28 63.48
sunncr1-sunnsdn2.es.net 0% 100 100 0.76 0.98 1.50
elpacr1-ip-sunncr1.es.net 0% 100 100 25.57 28.03 51.02
houscr1-ip-elpacr1.es.net 0% 100 100 40.47 41.79 71.40
atlacr1-ip-houscr1.es.net 0% 100 100 63.91 64.12 64.51
washcr1-atlacr1.es.net 0% 100 100 77.41 78.02 111.31
esnet-wash.rt1.fra.de.geant2.net 0% 100 100 170.44 170.87 187.50
??? 100% 0 100 0.00 0.00 0.00
zr-pot1-te0-0-0-4.x-win.dfn.de 0% 100 100 184.23 184.76 194.12
xr-tub1-vlan500.x-win.dfn.de 0% 100 100 185.11 187.46 243.94
xr-des1-te1-1.x-win.dfn.de 0% 100 100 189.55 191.71 272.54
kr-desy.x-win.dfn.de 0% 100 100 190.41 196.04 509.16
??? 100% 0 100 0.00 0.00 0.00
rt-198-5.desy.de 1% 99 100 189.81 190.66 215.42
mms1.desy.de 1% 99 100 189.52 194.19 218.15
|
...
From | To | Direction | Approx. Distance in km | Approx. Average RTT in ms | GeoIPTool | IPLocationTools | |
|---|---|---|---|---|---|---|---|
Frankfurt (esnet-wash.rt1.fra.de.geant2.net) | Potsdam (zr-pot1-te0-0-0-4.x-win.dfn.de) | Potsdam is near Berlin NE of Frankfurt | 525km | 14ms | 30km SE Bonn, 50.55N, 7.4E | 30km SE Bonn, 50.55N, 7.4E | Berlin, 52.31N, 13.24E |
Potsdam (zr-pot1-te0-0-0-4.x-win.dfn.de) | Tubingen (xr-tub1-vlan500.x-win.dfn.de) | Tubingen is SW of Potsdam | 650km | ?3ms | 30km SE Bonn, 50.55N, 7.4E | 30km SE Bonn, 50.55N, 7.4E | Jena, 50.55N, 11.34E |
Tubingen (xr-tub1-vlan500.x-win.dfn.de) | Hamburg (xr-des1-te1-1.x-win.dfn.de) | Hamburg is N of Tubingen | 727km | 4ms | 30km SE Bonn, 50.55N, 7.4E | 30km SE Bonn, 50.55N, 7.4E | Jena, 50.55N, 11.34E |
Hamburg (xr-des1-te1-1.x-win.dfn.de) | Bremen (kr-desy.x-win.dfn.de) | Bremen is SW of Hamburg | 124km | 5ms | 30km SE Bonn, 50.55N, 7.4E | 30km SE Bonn, 50.55N, 7.4E | Berlin, 52.31N, 13.24E |
Bremen (kr-desy.x-win.dfn.de) | DESY, Hamburg (rt-198-5.desy.de) | DESY, Hamburg is NE of Bremen | 118km | 1ms | Hamburg, 53.7333N, 9.9E | Hamburg, 53.55N, 10E | Hamburg, 53.32N, 10E |
DESY, Hamburg (rt-198-5.desy.de) | DESY (mms1.desy.de) | DESY is near Hamburg | 8km | 4ms | Hamburg, 53.55N, 10E | Hamburg, 53.55N, 10E | Hamburg, 53.32N, 10E |
...