I've noticed a lot of ASNs are no longer showing their whois descr field in the Onionoo output.
Is this expected?
I've noticed a lot of ASNs are no longer showing their whois descr field in the Onionoo output.
Is this expected?
you can find more about it in trac:
https://trac.torproject.org/projects/tor/ticket/19420 https://trac.torproject.org/projects/tor/ticket/19437
Hi Karsten,
(off trac reply since the ticket is closed)
Karsten wrote (https://trac.torproject.org/projects/tor/ticket/19420):
The June 6 database is currently deployed and the June 13 database is the latest I could download from MaxMind. It looks like they broke something, and it seems unlikely that they'll fix that in the next database unless somebody tells them. Would you want to reach out to them and see if they can fix this?
did someone already reach out to maxmind?
If not: I would do it if you could send me the URL from where you downloaded the input file used by onionoo (maxmind page) and date/version (if it changed since the statement made above).
It seems they are using the first "descr" line they find as AS name.
Examples:
http://bgp.he.net/AS1759#_whois https://atlas.torproject.org/#details/337B7E307550F48DCDADA7481FA8436B2FCDAD...
http://bgp.he.net/AS8708#_whois https://atlas.torproject.org/#details/64490AC626E728B0BB29DBA3EE1E98DA8982F4...
Hi nusenu,
I would do it if you could send me the URL from where you downloaded the input file used by onionoo (maxmind page) and date/version (if it changed since the statement made above).
As specified here [1], the GeoIP databases shoud be taken from [2] and [3]. In our case it's only [3]. I don't now the reality of the onionoo.torproject.org, but it should not differ from INSTALL file.
It seems they are using the first "descr" line they find as AS name.
Examples:
http://bgp.he.net/AS1759#_whois https://atlas.torproject.org/#details/337B7E307550F48DCDADA7481FA8436B2FCDAD...
http://bgp.he.net/AS8708#_whois https://atlas.torproject.org/#details/64490AC626E728B0BB29DBA3EE1E98DA8982F4...
Wow, nice finding! It looks like it's a bug (or just wrong logic) on the MaxMind side.
[1] https://gitweb.torproject.org/onionoo.git/tree/INSTALL [2] https://geolite.maxmind.com/download/geoip/database/GeoLite2-City-CSV.zip [3] https://www.maxmind.com/download/geoip/database/asnum/GeoIPASNum2.zip
-- Ivan Markin
Dear MaxMind Support,
your GeoLite ASN database [1] appears severely broken. (probably by a recent code change on how AS names are collected)
Karsten Loesing from the Tor Project determined [2] that the amount of records with nameless autonomous system entries in your DB increased from ~500 (Feb 2016) to over 57000 in the current version (June 2016):
grep '"' -v GeoIPASNum2.csv |wc -l 57179
but the actual root cause probably affects *all* entries in the database.
After investigating weird AS names in your DB called "73-75 Dr. Staicovici" (AS8708) or "Warszawa 02-822" (AS12741), it appears as if you are using the first "descr" line instead of the actual AS name.
Example: AS Number: AS8708 AS Name according to MaxMind: "73-75 Dr. Staicovici" actual AS Name according to [3]: RCS & RDS SA http://bgp.he.net/AS8708#_whois
[1] http://download.maxmind.com/download/geoip/database/asnum/GeoIPASNum2.zip
For more background see the Tor Project's bugtracker entry: [2] https://trac.torproject.org/projects/tor/ticket/19420
thank you for looking into this, nusenu (I'm not a member of the Tor Project)
-
Gareth Llewellyn -
nusenu -
twim