(new Soapbox())->shout(array_map('strtoupper', $opinions)); //Shaun's blog

Me, elsewhere

Miscellaneous public code

I don't tweet much

XMPP chat
(Pidgin, Miranda, Swift, etc.)

A new DNS geolocation service from PowerDNS

Posted December 24, 2017 by shaun

Today Bert Huber from PowerDNS announced a new DNS-based geolocation service. Given an IP, it returns the corresponding latitude and longitude coordinates. Using it is simple; to look up the coordinates for IP address, just reverse the octets and query the TXT record for I don't see any official details from PowerDNS yet, just Bert's tweet, but based on the domain, the service appears to be using PowerDNS' Lua capabilities.

The usual caveats about geolocation apply:

$ dig +short TXT
"33.745800 -117.826202"

Despite that server living in Dallas, the coordinates that come back are for Tustin, CA. That's because the ARIN allocation for points to a corporate address in Tustin. Any geolocator operating from MaxMind's data will make the same "mistake," so this isn't a shortcoming of the PowerDNS service specifically.

If you currently use a web-based geolocation API, especially if your existing solution uses MaxMind geodata, the new PowerDNS service looks like a viable replacement. Queries over DNS will almost always be faster than a web API, because UDP doesn't have the handshake overhead that TCP does, and DNS provides the potential for caching.

Recent articles

📰 Generating vanity DNSSEC key tags

📰 DDoS involving forged packets from

📰 Website integrity monitoring through version control

📰 SpamAssassin 3.4.2 fixes security problems, adds HashBL and phishing plugins

📰 Bug or turf war? ICQ via Pidgin now fails with "startOSCARSession: Request Timeout"

📰 🎂

📰 SFSQuery, a PHP class to query the StopForumSpam API and DNSBL

📰 Resolving portmaster error "pkg-static: automake-1.16.1 conflicts with automake-wrapper-20131203"

📰 Resolving LibreNMS error "RuntimeException: The only supported ciphers are AES-128-CBC and AES-256-CBC with the correct key lengths"

📰 Fast, but not so accurate (yet)

📰 autodiscover.xml as an Indicator of Attack

📰 Blocking Facebook's Tracking and Surveillance: A Comprehensive Approach

📰 Let's Encrypt Readies for Certificate Transparency with Embedded SCTs

📰 Evaluating DNSBL Effectiveness with Postfix Logs

📰 Resolving subversion error E145001: Node has unexpectedly changed kind

▲ Back to top | Permalink to this page