> this is exactly why ip addresses are already grouped with respect to location.
>
> So it should be possible to optimize things, maybe use some perl with http://search.cpan.org/~nwetters/IP-Country-2.15/lib/IP/Country.pm
> e.g. 194.0.0.0/8 is NL
Nope its not, I have 919 prefixes starting with 194 which are located in Switzerland. And they really are, for example picking one out randomly:
nslookup 194.242.34.1 yields:
Name: switch.swissix.ch Address: 194.242.34.1
whois: inetnum: 194.242.34.0 - 194.242.34.255 netname: SWISSIX descr: swissix, Swiss Internet Exchange country: CH admin-c: MC322-RIPE tech-c: MC322-RIPE status: ASSIGNED PI notify: noc@xxxxxxxxx mnt-by: RIPE-NCC-HM-PI-MNT mnt-by: SWISSIX-MNT mnt-lower: RIPE-NCC-HM-PI-MNT
To the best of my knowledge, region based IP-ranges are in IPv6 but not in IPv4.
> And I guess you can afford to make some errors, e.g. shaping a destination which shouldn't be shaped is not a crime if it wouldn't happen too often, just make sure you shape foreign IP's, how bad would it be to shape some non-foreign IP's accidently?
Problem is the server runs several applications and mine is but one of it. I am to make as little trouble as possible. However I do have a very good list of which IP ranges are ok and the complement are those that are not. My list comes directly from a skript that pulls it out of the core router.
Some of the prefixes can be aggregated but that is a minor optimization.
> And, ofcourse, either "foreign IP's" or "non foreign IP's" is the smallest list, use the samllest list.
I have only the non-foreign list, but I am very sure that this one is smaller than the rest of the internet
Its exactly 6486 prefixes atm. (without aggregating those that are possible). In any case too many to process linearly.
CU
René
_______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
