TULIP logo TULIP logo

IP Geolocation

IP / URL : Takes about 30 seconds

Visual Traceroute

Target : From :

What is TULIP

TULIP is a geolocation utility developed by National University of Sciences and Technology (NUST) School of Electrical Engineering and Computer Sciences (SEECS) and the Stanford Linear Accelerator Center (SLAC) Internet End-to-end Performance Monitoring (IEPM) project. TULIP's purpose is to geolocate a specified target host (identified by IP name or address) using ping RTT delay measurements to the target from reference landmark hosts whose positions are well known (see map or table). Knowing the speed of light in fibre or copper (roughly 0.6*c, we use 1ms. is equivalent to 100km), the minimum ping RTT measurement of 5 pings from each landmark site gives a rough estimate of the fibre + copper cable distance of the landmark from the target host. Lateration is applied on these distance estimates to estimate the position of the specified host on the globe. We are focusing on a platform agnostic, open non-proprietary tool (c.f. Traceware from Digital island or Edgescape from Akamai) that can be used to evaluate the effectiveness of this technique for hosts outside the U.S. and Europe specifically in less well developed countries.


Lateration is the calculation of position information based on distance measurements. Calculating an object's position in two dimensions requires distance measurements from 3 non-collinear points (hence Trilateration). Multilateration computes the position of an object by measuring its distance from multiple reference positions. We use Multilateration following "Wireless Position Technologies and Applications" written by Alan Bensky, 2008, British library Cataloguing. The algorithm for multilateration was designed for Wireless Sensor Networks, with a little tweaking of parameters like Time of Arrival and distance based on wireless sensor location. 
Also see Problem of Apollonius and Descartes Theorem for tangential circles.

Some Uses of Geolocation and TULIP



Additional Location Techniques

There is no geographical tie between Internet architecture and geogrpahy. For example. unlike the phone system where phone numbers provide countries, areas and exchanges in areas, the Internet IP address is not designed to provide any location information. In fact, it needs to be understood that methods to derive location of Internet hosts were not originally designed for this. As mentioned previously, however, it can be important to know the location of a host. It is also very useful to have multiple ways to find the location of a host both since all methods ahve their problems, and also to look for agreements or discrepancies. The paper Distributed Traceroute Approach to Geographically Locating IP Devices investigates and evaluates existing (2003) methods and solutions. Basically there are three major ways of locating a host:

Databases may give the location of a host, in particular a router, as being the location of the owner's location rather than the location of the router itself. A couple of examples for hosts are www.seecs.edu.pk and www.hec.edu.pk which one would expect to be located in Islamabad since that is where ns.seecs.edu.pk is located, but are actually in Texas. Some examples for routers include GeoIP Tools locates address in Kansas, whereas it has < 5ms minimum RTT from Liverpool and < 1ms (< 100km) from Rutherford Lab near Oxford in the UK. The router is in ASN 3356 which is Level 3 Communications, based in the U.S. It also locates mia2-fiu-1-us.mia.seabone.net as being in Europe (presumably since it is owned by a European ISP (Seabone) however it is in located in the US.

When trying to map the topology of a traceroute onto a map of the world, such errors cause problems. For example a traceroute from Brazil to Costa Rica apparently (according to GeoIP Tools) goes to Florida then to Italy, back to Florida and then to Costa Rica. Actually it goes to Florida and then to Costa Rica. Hostip.info gets it right. Another example is a traceroute from Brazil to a Venezuelan (according to Geo IP Tools) node. Again the route according to Geo IP Tools goes via Italy and again HostIP.com gets it right. Geo IP Tools also shows the end host www.unerg.edu.ve in Venezuela while Hostip.info says its in the US. Other tests (RTT, Octant) make us believe it is in the US possibly Dallas (Octant) or Florida (TULIP). We are starting to compare Hostip with locations from the PingER database of known host, and see how well TULIP does for various regions (see for example   TULIP estimates from Europe to PingER hosts).

Examples include:

If you want to find the great circle distance and know the latitude and longitude coordinates of the two ends then you can use the Movable Type Scripts web page. World Gazeteer provides access to data with lat/longs, cities, countries & populations ( download data). If you want to calculate it for yourself then see Deriving the Haversine Formula. You can also make a name server lookup for a host, or if you don't know the exact name tryDomainSurfer. There is also an Atlas of Cyberspace that provides maps and graphic representations of the geographies of the new electronic territories of the Internet, the World-Wide Web and other emerging Cyberspaces and the Corpex sponsored Cyber Geography Research.

If you need to find the latitude and longitude of a place whose location you can find on a map, then try the Latitude & Longitude finderLatitude & Longitude finder 2. If you need to find the location ofd a knwon latitide and longitude then use Google Maps, latitude, Longitude Popup.

TULIP Landmarks

The details of landmarks is maintain in a MySQL database. Reflector has a function for easy viewing of these landmarks. The list of landmards and their detials can be seen by going here. The active landmarks are shown in green whereas the disabled ones are in red.

Landmark Maps

There are three type of landmarks i.e. PingER, PerfSONAR and PlanetLAB. Depending on the availablity of the landmarks, they can be either enabled or disabled for use in geolocation. The maps of the landmarks can be seen by going to the following links:

Enabled Landmarks Disabled Landmarks

Landmark Laundering

The landmarks that are not responding should be disabled since otherwise reflector would have to wait for them to timeout and this would greatly increase the geolocation time. This process is carried out automatically by scripts running in trscrontab. This is documented here.