RIR to DNS converter is a tool to convert Regional Internet Registry data to a DNS country lookup zone. You can use it to build your own DNS zone for looking up country codes from IP addresses.
It uses data directly from RIPE, ARIN, APNIC, LACNIC, and AFRINIC. The data can be updated on a schedule of your choosing.
The input data comes from:
ftp://ftp.afrinic.net/pub/stats/afrinic/delegated-afrinic-latest
ftp://ftp.apnic.net/pub/stats/apnic/delegated-apnic-latest
ftp://ftp.arin.net/pub/stats/arin/delegated-arin-latest
ftp://ftp.ripe.net/pub/stats/ripencc/delegated-ripencc-latest
ftp://ftp.lacnic.net/pub/stats/lacnic/delegated-lacnic-latest
The input data format is described in:
http://www.apnic.net/db/rir-stats-format.html
The output is a BIND 9 zone file that can be used to look up country codes
in a similar fashion to in-addr.arpa. For example, to find out what country
203.30.47.58 is:
host 58.47.30.203.rir.example.com
58.47.30.203.rir.example.com has address 127.0.65.86
where '65' and '85' are ASCII for 'A' and 'U', which means 203.30.47.58 is
in Australia ('AU').
HOW TO USE IT
Just feed it the above delegated--latest files into stdin and it will
spit out the zone file to stdout. The zone file will only have the IP addresses,
so you could $INCLUDE it into a zone file that contains NS records, SOA, $ORIGIN,
etc.
WHY USE IT
You don't need the resolution of MaxMind's GeoIP database, but you do want
something that is free and you want it kept up to date on a schedule that
you decide.
You could use this to block or tag email based on countries, block or redirect
visitors to your website based on end-user country, and so on. Be very
careful about blocking mail this way, though, as you may block legitimate
email. Instead of blocking outright, use it in a SpamAssassin rule to add
something to the spam level, based on where the email comes from.
HOW IT WORKS
The RIR files contain ranges of IP addresses, and indicate what CC each range is allocated to. At the simplest level, rir2dns just sorts the ranges then iterates
through the IPs in each range and generates a reverse-dns-style A record that
represents the country code.
HOW IT WORKS - IN DETAIL
Rather than iterate through each IP address, the program tries to skip through
entire classes at a time (256 IPs, 65536 IPs, etc). Rather than iterate
through each IP, the loop iterates through classes or IP ranges (whichever are
smaller at the loop control), using control-breaks to accummulate neighbouring
ranges where possible so that entire classes that are in the same country don't
generate huge numbers of records.
Firstly, IPs are considered to be 4-digit numbers, but in base-256. In other
words, each octet is dealt with as if it were a single base-256 digit. This
turns out to be convenient because optimisations of large chunks of IP space can be done by looking for places where least-significant base-256 digits are zero.
Next, IP ranges are broken down into the following sub-ranges:
Optional individual IP addresses (ie: 4 octets)
Optional A-class ranges (ie: 3 octets)
Optional B-class ranges (ie: 2 octets)
Optional C-class ranges (ie: 1 octet)
Optional B-class ranges (ie: 2 octets)
Optional A-class ranges (ie: 3 octets)
Optional individual IP addresses (ie: 4 octets)
Considering that there is a pattern here, I'm sure there's an elegant way to
handle breaking this down into two loops (one reducing the octets and one
increasing the octets), but I can't be bothered, so I'll break it down into
seven loops. Kind of hard-coded, but at least it's simple.
For ease of processing, the IP addresses are actually converted to 32-bit numbers, then back again. This simplifies mathematics and looping through ranges.
That's pretty much it, really...
Note that currently there are about 80,000 RIR records between all five
registries. This takes about 35 seconds on a 2.4GHz P4 to process, and
generates a 26MB file with around 3/4 million lines (RRs). This causes BIND
to use about 100MB or so of memory, and on a slow machine will probably cause it to take too long to reply, while it searches the zone. That size zone can
take a minute or two to load, which is quite a while.
Basic algorithm:
Read & process RIR data:
Read RIR ranges
Sort RIR ranges by start IP address
Glue together contiguous ranges of the same country
For each range
Generate the IPs at the start of the range
Generate the A-classes at the start of the range
Generate the B-classes at the start of the range
Generate the C-classes in the middle of the range
Generate the B-classes at the end of the range
Generate the A-classes at the end of the range
Generate the IPs at the end of the range
Product's homepage
Find us on Google+
