How are IP addresses mapped to Autonomous System Numbers (ASNs)? Is there a reference database for it? Then how are these Autonomous Systems geographically located?
3 Answers
Note: This information is kind of RIPE-centric because that's the RIR I deal with most.
The relationships between IPs (inet-num
) and ASNs (aut-num
) are documented in public Internet Routing Registries (IRR) using Routing Policy Specification Language (RPSL). IRRs are simply whois databases which provide additional object types (route
, route-set
, aut-num
, as-set
, etc) to store the RPSL information. IRRs are operated by all Regional Internet Registries (RIRs such as RIPE, ARIN, etc) as well as some other parties such as RADB.
RPSL can define not just which aut-num
relates to which inet-num
objects but also the transit and peering arrangements of a given aut-num
. This information can be used to build router configurations such as with the utility RtConfig. Additionally some LIRs document their policies for accepting new peering requests and the BGP communities they make available to their peers here.
It's important to note that besides automatically configuring routers with RPSL there isn't any "magic glue" between the IRR data and what is actually happening in the wild. RPSL is a best effort practice, which should be kept up to date, but doesn't mean there's any technical barrier to announcing a route without first publicising it in RPSL.
As an example, let's see what routes are documented for the BBC website:
dan.carley@jim ~ $ whois -T route $(dig +short bbc.co.uk)
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: This output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '212.58.224.0/22AS2818'
route: 212.58.224.0/22
descr: BBC
origin: AS2818
mnt-by: BBC-MNT
source: RIPE # Filtered
% Information related to '212.58.224.0/20AS2818'
route: 212.58.224.0/20
descr: BBC (EU network)
origin: AS2818
mnt-by: BBC-MNT
source: RIPE # Filtered
% Information related to '212.58.224.0/19AS2818'
route: 212.58.224.0/19
descr: BBC
origin: AS2818
mnt-by: BBC-MNT
source: RIPE # Filtered
This indicates that their website will be available from three routes of increasing size (/19, /20 and /22 to the same prefix) via AS2818. Querying that ASN will then give us some additional information about their peers and policies (snipped for brevity):
dan.carley@jim ~ $ whois -T aut-num as2818
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: This output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to 'AS2818'
aut-num: AS2818
as-name: BBC
descr: BBC Internet Services, UK
import: from AS174 action pref=100; accept AS174
import: from AS286 action pref=100; accept AS-KQ AS-QWEST
import: from AS553 action pref=100; accept AS-BELWUE
import: from AS702 action pref=50; accept AS-UUNETUK
[..]
export: to AS174 announce AS-BBC
export: to AS286 announce AS-BBC
export: to AS553 announce AS-BBC
export: to AS702 announce AS-BBC
[..]
- 25,189
- 5
- 52
- 70
There is no static mapping between IPs and AS and an AS don't have a location.
An AS is a number assigned to a company to identify them on Internet. It's used for the BGP routing protocol.
The company tell with BGP that some network IPs (let's say network Y) are reachable inside of his AS (let's say AS X). Then others companies know that to reach network Y they must talk to AS X, with this information others company routers look for the best path to reach AS X.
Nothing prevent some networks to be advertised on many AS (and this is used in some particular case).
To see a dynamic mapping of what is announced on Internet in 'real time', you can use this website. This how ATT AS information, by looking in the Prefixes IPv4 tab you will see what network they advertise. But there is no official mapping as anyone can announce anything.
- 9,545
- 23
- 45
-
See Dan answer regarding a mapping, but looking on the website I tell provide the true information advertised on Internet. RPSL is more or less reliable. (from my point of view it can't be trusted without a verification) – radius Apr 30 '10 at 08:57
-
And where is bgp.he.net's information from? – J.Money Apr 12 '18 at 15:50
The RIRs publish a lot of information updated daily and offer APIs for querying that information. For example, sticking with AS2818 and RIPE:
$ curl https://stat.ripe.net/data/announced-prefixes/data.json?resource=AS2818
{
"status": "ok",
"server_id": "stat-app10",
"status_code": 200,
"version": "1.2",
"cached": true,
"see_also": [],
"time": "2018-04-12T15:29:22.144419",
"messages": [
[
"info",
"Results exclude routes with very low visibility (less than 3 RIS full-feed peers seeing)."
]
],
"data_call_status": "supported - connecting to ursa",
"process_time": 4,
"build_version": "2018.4.11.320",
"query_id": "20180412152922-853B48D2-C00D-44AD-A628-A9B8CF444B58",
"data": {
"resource": "2818",
"prefixes": [
{
"timelines": [
{
"endtime": "2018-04-12T08:00:00",
"starttime": "2018-03-29T08:00:00"
}
],
"prefix": "132.185.0.0/16"
},
{
"timelines": [
{
"endtime": "2018-04-12T08:00:00",
"starttime": "2018-03-29T08:00:00"
}
],
"prefix": "2001:41c1::/32"
},
{
"timelines": [
{
"endtime": "2018-04-12T08:00:00",
"starttime": "2018-03-29T08:00:00"
}
],
"prefix": "132.185.128.0/20"
},
{
"timelines": [
{
"endtime": "2018-04-12T08:00:00",
"starttime": "2018-03-29T08:00:00"
}
],
"prefix": "212.58.224.0/19"
},
{
"timelines": [
{
"endtime": "2018-04-12T08:00:00",
"starttime": "2018-03-29T08:00:00"
}
],
"prefix": "132.185.112.0/20"
}
],
"query_starttime": "2018-03-29T08:00:00",
"latest_time": "2018-04-12T08:00:00",
"query_endtime": "2018-04-12T08:00:00",
"earliest_time": "2000-08-01T00:00:00"
}
}
There are many other endpoints with related information on stat.ripe.net.
- 126
- 4