Closed nusenu closed 4 years ago
hadiasghari
commented
8 years ago This is an interesting point, I need to look into why the AS-names in the files differ so much. It all in the end comes from WHOIS data, so I'd guess there should be some more or less authoritative source we could use.
hadiasghari
commented
8 years ago @nusenu do you have any info on the differences between the file sources? I.e., is it fine to switch our source?
nusenu
commented
8 years ago No I have not, but instead of using one exclusively I'd recommend to use them both? If there is no AS name for AS XY in file A lets take it from file B (better than having no name at all).
randomgambit
commented
6 years ago @nusenu @hadiasghari but are these mapping names fixed over time? For instance, on the thyme website I see that:
18 UTEXAS - University of Texas at Austin, US
does that mean that this was also true 5 years ago?
hadiasghari
commented
6 years ago @randomgambit, when ASNs are assigned to organizations, they typically stay that way unless the organization goes through a merger and acquisition or goes out of business.
randomgambit
commented
6 years ago @hadiasghari I see, thanks.
but this then means it is important to have access to historical asn-names lookups as well. I mean, many firms have been acquired/ went bankrupts over the years. Would that data be available somewhere in your opinion?
My understanding is that the current mapping IP -> AS NUMBER is historically correct as long as one downloads the historical dumps from http://archive.routeviews.org/bgpdata/.
However, the mapping AS NUMBER -> organization name is likely to contain errors as it only uses the latest data from cidr-report. Is that right?
hadiasghari
commented
4 years ago Yes that is correct. :)
danish10499
commented
4 years ago Hi @hadiasghari, I am unable to get the organization's name at all. Am I doing something wrong? input => asndb.get_as_prefixes(1128) output => {'130.161.0.0/16', '131.180.0.0/16', '145.94.0.0/16'}
TU-Delft prefixes is missing
In a random sample of 1000 IP addresses 280 IPs had no AS name associated with the AS number after using pyasn's number->name mapping feature.
You are currently using http://www.cidr-report.org/as2.0/autnums.html for AS number to name mapping. That file has currently ~10k entries.
http://thyme.apnic.net/current/data-used-autnums provides similar data (i.e. no country name) but has more entries ( ~30k entries).
How about merging these data sets and use the APNIC data for AS numbers where cidr-report has no name?
A few examples for which apnic has ASnames and cidr-report hasn't:
43711 46844 29314 34224 48031