0

I'm guessing some sort of location registration (at least specifying the country) is required for any public numeric IP address and tried ARIN since I believe this router is in Seattle. ARIN only showed me that the router belongs to a company in New York.

Here's a supposedly better website, but that showed many countries, and made me think that there might be no official registration needed (maybe such websites are using connected geolocation data, so I'm really getting the location of the users which most use this IP address?). So, I'm thinking that the New York company address from ARIN is the most I can confidently know.

Is there a reliable way to find the physical location of this ISP/router's hardware is really in Seattle? Is this not legally registered somewhere?

bobuhito
  • 623
  • 1
  • 4
  • 15

2 Answers2

2

There is no legal requirement to register the location of an IP address, it is up to the owner of the block where IP addresses reside, and they can move them as needed.

However, there are plenty of registries that track such things. While an individual IP address may not be recorded in terms of location, the major routers around the world have their locations understood, and if you get to an IP via a hop from a router which you know the location of, you can surmise that the IP you are targetting is in the vicinity.

traceroute (or tracert) can help illuminiate this, it will tell you the names of the routers that you pass through to get to your destination.

In this case, it appears that the router is very likely in Seattle, and its name suggests it is too - my next hop before it is in Japan, which suggests this is a pretty core router:

 6  i-0-5-0-6.siko-core03.bx.telstraglobal.net (202.84.143.190)  122.877 ms i-0-5-0-2.siko-core03.bx.telstraglobal.net (202.84.141.234)  121.438 ms  121.430 ms  
 7  i-0-0-0-5.siko11.bi.telstraglobal.net (202.84.148.69)  121.465 ms i-0-0-0-4.siko11.bi.telstraglobal.net (202.84.148.189)  121.648 ms i-0-0-0-1.siko11.bi.telstraglobal.net (202.84.148.146)  121.690 ms               
 8  iij-peer.siko11.pr.telstraglobal.net (134.159.125.22)  112.574 ms  112.569 ms  112.554 ms                  
 9  tky009bf00.IIJ.Net (58.138.82.17)  113.495 ms  113.420 ms  113.511 ms                
10  sea001bb00.IIJ.net (206.132.169.217)  190.860 ms  190.864 ms  190.905 ms

Another tool you can use is a Visual Traceroute tool online, which attempts to show the path across the planet to get to an IP

Paul
  • 59,223
  • 18
  • 147
  • 168
  • So, you're saying the owner of this IP point could move its hardware across the border to Vancouver without telling any IP authority (e.g., ARIN). That seems fair if the connections are unchanged; but, if connections get changed, some IP authority must obviously be told so that packets can be routed properly. I'm surprised that this authority tracks the connectivity without tracking the physical location - Am I understanding this right? – bobuhito Jul 22 '15 at 02:11
  • An individual IP address is generally not owned by a company, they operate at a block level. Consider the scenario where you have a datacenter in NY and one in Egypt. If the NY one fails, you want everything to route to Egypt. This is done with Autonomous Systems and BGP. The owner of the block effectively tells the internet how the block should be routed, and the internet learns the path. If something changes, then the new path is learnt. You couldn't have any redundancy if you had to go and tell a central authority, this has to happen in seconds. – Paul Jul 22 '15 at 02:17
  • Sorry, I obviously didn't know things were so autonomous. Suppose some connected rogue server in Panama started falsely broadcasting that it was 206.132.169.217 (e.g., a core router got hacked). I guess this wouldn't get noticed until someone notified the block owner that a website wasn't working right. Then, the block owner (after changing IP addresses and re-registering DNS to fix service) would use tracert to find the likely country is Panama and ask the Panama government to track down the hardware to shut it off? – bobuhito Jul 22 '15 at 03:21
  • 1
    A server cannot ordinarily broadcast its IP and have the network expect to listen. This is done at a router level, and the routers are owned by ISPs that have agreements in place to trust each others route advertisement. It is certainly possible to inject false routes with the right level of access. But this can be solved by ignoring the source of the advertisements, nothing needs to be turned off. – Paul Jul 22 '15 at 03:26
  • (note that erroneous route advertisements are pretty common, but they are almost always screwups, rather than malicious) – Paul Jul 22 '15 at 03:27
0

Try https://www.iplocation.net/?query=206.132.169.217

The accuracy of the results depends on a number of providers of the "GeoIP" data.

Matt Sephton
  • 499
  • 5
  • 14