Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
reincoder 9 hours ago

I work for IPinfo. I have raised a ticket internally, but I think we focused on consumer VPNs for this test.

For our ProbeNet, we are attempting to reach 150 countries (by ISO 3166's definition). We are at around 530 cities. Server management is not an easy task. We do not ship hardware, but operate using dedicated servers, so this reduces one layer of complexity.

To maintain the authenticity of our server locations, we utilize cross-pings and network traffic behavior detection. If any abnormality is detected, the server will be immediately disabled to prevent polluting our data. There will be a ticket to investigate what went wrong.

We pay for each (excluding 3 to 4 servers where the owner and the team really likes us and insists on sponsoring) server. Expansion is an active effort for us, as there are 70k ASNs and about 100 more countries where we do not have a server.

We hope to partner with more ASNs, particularly residential ISPs and IXPs. So, a lot of effort is put into active outreach through WhatsApp, emails, social media and phone calls. We use a number of different data-based techniques to identify "leads".

laz 8 hours ago | parent | next [-]

Google, Apple, and Meta (maybe others?) have the data to build a complete GeoIP dataset. None of them will share because there are only downsides to doing so.

When FB was rolling out ipv6 in 2012, well meaning engineers proposed releasing a v6 only GeoIP db (at the time, the public dbs were shit). Not surprisingly, it was shot down.

reincoder 8 hours ago | parent | next [-]

We are always happy to work with large technology enterprises and streaming platforms, not necessarily to sell, but to share insights, data, and practical advice. We observe the entire internet through active measurements, and we are open to co-publishing research when it benefits the broader ecosystem.

Google/GCP is top of mind for me due to a recent engineering ticket. Some of our own infrastructure is hosted on GCP, and Google’s device-based IP geolocation model causes issues for internet users, particularly for IPv6 services.

From what we understand, when a large number of users from a censored country use a specific VPN provider, Google's device-based signals can bias the geolocation of entire IP ranges toward that country. This has direct consequences for accessibility to GCP-hosted services. We have seen cases where providers with German-based data centers were suddenly geolocated to a random country with strict internet censorship policies, purely due to device-based inference rather than network reality. Our focus is firmly on the geolocation of exit-node IPs, backed by network evidence.

https://community.ipinfo.io/t/getting-403-forbidden-when-acc...

We are actively looking to connect with someone at Google/GCP, Azure/Microsoft and others who would be willing to speak with us, or directly with our founder.

Our community consistently asks us to partner more deeply with enterprises because we are in constant contact with end users and network operators. To be honest, we do not even get many questions or issues. We are partners with a large CDN company, and I get one message about a month, which usually involves sharing evidence data and not fixing something.

From a large-scale organization's perspective, IP geolocation should not be treated as an internal project. It is a service. Delivering it properly requires the full range of engineering, sales, support, and personnel available around the clock to engage with users, evaluate evidence, and continuously incorporate feedback.

ACCount37 3 hours ago | parent [-]

> From what we understand, when a large number of users from a censored country use a specific VPN provider, Google's device-based signals can bias the geolocation of entire IP ranges toward that country.

Yep, this is a known effect.

How it seems to work is: Google uses Android phones as data harvesting probes. And when it sees that a lot of devices in a given IP range pick up on GPS data, Wi-Fi APs or cell tower IDs that are known to be located in Iran, and possibly other cues like ping to client devices or client device languages, timezones, search request contents, then the system infers "there's a network wormhole there with Iran on the other end", and the entire IP range grows legs and drifts towards Iran.

The owner of those IP addresses can mitigate the issue, mostly by shaping traffic or doing things to Google's system, but I know of no way for anyone else to do it.

reincoder 2 hours ago | parent [-]

They have a correction form but I am not sure if it is super robust: https://support.google.com/websearch/workflow/9308722?hl=en

I talked to someone who bought a /24 from South America to be used in the United States for office use. I asked him to tell everyone to get on WiFi and keep Google Maps running. Apparently, that solved the issue.

lxgr 5 hours ago | parent | prev | next [-]

Google's GeoIP is creepy good. I noticed a while ago that for fixed or technically dynamic but rarely actually changing IPs, their IP geolocation eventually converges on the exact street address, presumably due to Google crowdsourcing geolocation from devices with GPS or Wi-Fi geolocation access, which is in turn crowdsourced from devices with both GPS and Wi-Fi.

orbital-decay 4 hours ago | parent | next [-]

It's pretty slow to converge though, as it needs enough data points so they cross some certainty threshold. Especially in the context of VPN exit points as the traffic comes from all over the world.

mkl 4 hours ago | parent | prev [-]

Google's GeoIP is rubbish for me. Often it's hundreds of kilometres off, and varies a lot even for a fixed IP.

amelius an hour ago | parent [-]

As always with big corporations, if the experience is OK for 90% of people but absolutely sucks for 10% of people, then that's totally fine!

dsl 4 hours ago | parent | prev [-]

At my previous company we had a subscription to Spur Intelligence. It is like Palantir for IP address info, and probably the closest to what you are talking about.

They recently added GeoIP to their data and in the bit of testing I was able to do before I left it was scary good. I also had an amusing chat with one of their engineers at a conference about how you can spoof IPInfo's location probes...

reincoder 2 hours ago | parent [-]

> how you can spoof IPInfo's location probes...

Interesting. I would love to know how this is possible. Like with Geofeed or something else?

Youden 3 hours ago | parent | prev | next [-]

Could you use RIPE Atlas and its network of probes, at least to fill in areas where it's difficult to get your own probes?

That way everyone benefits.

reincoder an hour ago | parent [-]

We are actually a sponsor of RIPE Atlas and have a bunch of credits.

But I am not sure if we use them extensively. I think, as we own and operate the ProbeNet, much of the data collection efforts can be done through that in a scalable manner.

YouAreWRONGtoo 5 hours ago | parent | prev [-]

[dead]