Catchpoint Performs the below three steps to match the IP to its respective Geolocation as our best efforts for Traceroute Hop Level Data.
- Regular Expressions Pattern Matching of the Router’s Hostname.
Catchpoint runs a reverse DNS lookup to obtain the hostname for a particular IP address. Catchpoint then uses regular expressions to see if there is a pattern in the hostname that matches with a geolocation. For example, this lookup will determine if the hostname contains a city/airport code such as NYC or JFK. If in the reverse DNS lookup, it does not return a hostname, or if the regular expressions do not find a pattern in the hostname’s string, Catchpoint then looks to see if the IP address matches the RIPEstat database which is our next step towards mapping the IP address to geolocation. - RIPEstat Database Lookup
Catchpoint keeps and maintains a local copy of the RIPEstat database. Which is used for the IP to Geo-mapping. - Maxmind Lookup
Finally, if steps 1 and 2 do not return a geolocation match, Catchpoint then runs a lookup in the MaxMind database to Map IP to the Geolocation and Vice Versa.
In addition to Traceroute, there are a few other modules that involve Geo-IP lookup and their respective logics are as below.
- BGP Data
Catchpoint uses the registered info in the BGP_PEER table to determine Geo-IP info. - RUM (RUM data in Endpoint Monitoring)
We look up data from the end-users public IP in Maxmind Database. - All other Synthetic Data
We use manually registered info assigned to nodes to determine their geo data.