Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Should we bundle the MaxMind GeoIP db?
41 views
Skip to first unread message
Victoria Risk
May 30, 2018, 5:28:31 PM5/30/18
to Bind Users
Hello GeoIP users,
We are aware that Maxmind is discontinuing their older free GeoLite location database and replacing it with a new database with a new format (GeoLite2). https://dev.maxmind.com/geoip/geoip2/geolite2/
We have an issue open in the BIND gitlab to update our Geo-IP support to use the new database api. https://gitlab.isc.org/isc-projects/bind9/issues/182
The question is, would it be useful if we included the GeoLite2 database with the BIND distribution? Since we update at least twice a year, we could keep it fairly well up to date, and it would save users having to go get and update the db themselves. It would add about 1.5MB to the BIND distribution (depending on whether we use the country or city level).
Votes, comments welcome.
Thank you,
Rick Dicaire
May 30, 2018, 6:15:39 PM5/30/18
to Victoria Risk, Bind Users
Hi, would this conflict with any similar pkg installed by an OS's pkg management system?
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
bind-users mailing list
bind-...@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Victoria Risk
May 30, 2018, 6:30:48 PM5/30/18
to Rick Dicaire, Bind Users
On May 30, 2018, at 3:15 PM, Rick Dicaire <kri...@gmail.com> wrote:Hi, would this conflict with any similar pkg installed by an OS's pkg management system?
The package manager could choose whether or not to include the database - if they include it today, they wouldn’t include two copies, certainly. Even if they don’t include it today, they might not include it even if we bundle it. So this would not necessarily have any impact on what a particular package offers.
Victoria Risk
Dennis Clarke
May 30, 2018, 7:56:35 PM5/30/18
to bind-...@lists.isc.org
On 05/30/2018 06:30 PM, Victoria Risk wrote:
>
>
>> On May 30, 2018, at 3:15 PM, Rick Dicaire <kri...@gmail.com
>
>
>> On May 30, 2018, at 3:15 PM, Rick Dicaire <kri...@gmail.com
>> <mailto:kri...@gmail.com>> wrote:
>>
>> Hi, would this conflict with any similar pkg installed by an OS's pkg
>> management system?
>
> The package manager could choose whether or not to include the database
<snip>
>>
>> Hi, would this conflict with any similar pkg installed by an OS's pkg
>> management system?
>
> The package manager could choose whether or not to include the database
I think the philosophy[1] of ISC BIND and DHCP has been to "do one
thing and do it well" whereas recent software minds are creeping towards
"do one thing and add on everything else". Let's look at the editor
called "vim" or "emacs" which are both monstrous in size for what they
do. Or at least what they were intended to do. I think original vi fit
neatly into a few hundred KB. At last glance emacs was 62MB of source.
I think the entire operating system on an IBM 3090 MVS/ESA mainframe was
a few megabytes and the front 3092 controller booted from an 8 inch
floppy. Two decades ago.
BIND is a precisely targeted tool. It may have add on things that
can be brought along later by a user or a package manager or production
software manager on some site. However throwing in GeoIP would add on
code control and database update sub-projects and costs and staff. Is
this really necessary for what Berkeley Internet Name Daemon should be
doing?
Dennis Clarke
ye old UNIX silverback
[1] also "Write programs to work together."
Timothe Litt
May 30, 2018, 8:05:26 PM5/30/18
to bind-...@lists.isc.org
On 30-May-18 17:27, Victoria Risk
wrote:
Hello GeoIP users,
We are aware that Maxmind is discontinuing their older free GeoLite location database and replacing it with a new database with a new format (GeoLite2). https://dev.maxmind.com/geoip/geoip2/geolite2/
We have an issue open in the BIND gitlab to update our Geo-IP support to use the new database api. https://gitlab.isc.org/isc-projects/bind9/issues/182
The question is, would it be useful if we included the GeoLite2 database with the BIND distribution? Since we update at least twice a year, we could keep it fairly well up to date, and it would save users having to go get and update the db themselves. It would add about 1.5MB to the BIND distribution (depending on whether we use the country or city level).
Votes, comments welcome.
Thank you,
Vicky
I use GeoIP with webservers, but not with BIND. I run a cron job
that pulls the Maxmind updates roughly monthly. IP address
allocations change a bit more frequently than twice a year.
Rather than bundling the database, you might want to bundle a script to automate the update process... preferably one that you don't have to maintain. (Stick to your core competency...)
I think that would be more useful (and less likely to complicate the lives of packagers) than bundling the database.
And less work for you :-)
Rather than bundling the database, you might want to bundle a script to automate the update process... preferably one that you don't have to maintain. (Stick to your core competency...)
I think that would be more useful (and less likely to complicate the lives of packagers) than bundling the database.
And less work for you :-)
Dennis Clarke
May 30, 2018, 8:48:02 PM5/30/18
to bind-...@lists.isc.org
> I think that would be more useful (and less likely to complicate the
> lives of packagers) than bundling the database.
>
> And less work for you :-)
>
Also, my fear is that "what else?" will happen and then we have codebase
tossed in for a https/tls_1.3 admin front end being bolted in.
This "kitchen sink" approach happens about once a decade in every
project and then we all just move on :-)
https://bugzilla.mozilla.org/show_bug.cgi?id=122411
Dennis
G.W. Haywood
May 31, 2018, 3:20:22 AM5/31/18
to bind-...@lists.isc.org
Hi Victoria,
On Wed, 30 May 2018, Victoria Risk wrote:
> ... would it be useful if we included the GeoLite2 database with the
I would hope to see both IPv4 and IPv6 data as well as the ASN data,
without which it would be of no use to me.
At present I use the Debian package, which updates much more often than
twice yearly. I keep no data on the volumes of changes, but the file
timestamps today tell me that the changes are infrequent so I guess I'd
be relaxed about that:
-rw-r--r-- 1 root root 4638365 Mar 24 10:10 GeoIPASNum.dat
-rw-r--r-- 1 root root 20539238 Mar 27 13:05 GeoLiteCity.dat
-rw-r--r-- 1 root root 1242574 Mar 27 13:17 GeoIP.dat
-rw-r--r-- 1 root root 21662641 May 1 21:14 GeoLiteCityv6.dat
-rw-r--r-- 1 root root 2297267 May 1 21:23 GeoIPv6.dat
-rw-r--r-- 1 root root 5564550 May 5 11:10 GeoIPASNumv6.dat
I use the database to screen incoming mail connections to limit abuse.
Connections are blocked or permitted by a pure Perl homebrew Sendmail
milter based on the Country and/or ASN as identified by a GeoIP lookup
on the connecting IP.
Lookup failures in the ASNUM edition are much more common than in the
country and the city 'rev. 1' editions, and it seems much more common
since March this year. I do keep stats on those, although they're not
very illuminating. If they'd be of any interest you'd be very welcome
to have them.
HTH
--
73,
Ged.
On Wed, 30 May 2018, Victoria Risk wrote:
> ... would it be useful if we included the GeoLite2 database with the
> BIND distribution? Since we update at least twice a year, we could
> keep it fairly well up to date, and it would save users having to go
> get and update the db themselves. It would add about 1.5MB to the
> BIND distribution (depending on whether we use the country or city
> level).
>
> Votes, comments welcome.
The increase in sizes of the distributions would be of no concern to me.
> keep it fairly well up to date, and it would save users having to go
> get and update the db themselves. It would add about 1.5MB to the
> BIND distribution (depending on whether we use the country or city
> level).
>
> Votes, comments welcome.
I would hope to see both IPv4 and IPv6 data as well as the ASN data,
without which it would be of no use to me.
At present I use the Debian package, which updates much more often than
twice yearly. I keep no data on the volumes of changes, but the file
timestamps today tell me that the changes are infrequent so I guess I'd
be relaxed about that:
-rw-r--r-- 1 root root 4638365 Mar 24 10:10 GeoIPASNum.dat
-rw-r--r-- 1 root root 20539238 Mar 27 13:05 GeoLiteCity.dat
-rw-r--r-- 1 root root 1242574 Mar 27 13:17 GeoIP.dat
-rw-r--r-- 1 root root 21662641 May 1 21:14 GeoLiteCityv6.dat
-rw-r--r-- 1 root root 2297267 May 1 21:23 GeoIPv6.dat
-rw-r--r-- 1 root root 5564550 May 5 11:10 GeoIPASNumv6.dat
I use the database to screen incoming mail connections to limit abuse.
Connections are blocked or permitted by a pure Perl homebrew Sendmail
milter based on the Country and/or ASN as identified by a GeoIP lookup
on the connecting IP.
Lookup failures in the ASNUM edition are much more common than in the
country and the city 'rev. 1' editions, and it seems much more common
since March this year. I do keep stats on those, although they're not
very illuminating. If they'd be of any interest you'd be very welcome
to have them.
HTH
--
73,
Ged.
Tony Finch
May 31, 2018, 6:52:52 AM5/31/18
to bind-...@lists.isc.org
Timothe Litt <li...@acm.org> wrote:
>
> Rather than bundling the database, you might want to bundle a script to
> automate the update process... preferably one that you don't have to
> maintain.
I'm not a geoip user so feel free to ignore me. I think it makes sense to
>
> Rather than bundling the database, you might want to bundle a script to
> automate the update process... preferably one that you don't have to
> maintain.
integrate with the OS geoip package, and it makes sense to have a download
script for systems that don't provide one.
Either way, please don't commit the geoip database to git :-)
Tony.
--
f.anthony.n.finch <d...@dotat.at> http://dotat.at/
Fitzroy: Cyclonic 4 or 5, occasionally 6 at first in west. Moderate or rough.
Showers. Good, occasionally poor.
0 new messages