惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

WordPress大学
WordPress大学
V
Visual Studio Blog
P
Privacy International News Feed
月光博客
月光博客
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
L
Lohrmann on Cybersecurity
N
News and Events Feed by Topic
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Apple Machine Learning Research
Apple Machine Learning Research
阮一峰的网络日志
阮一峰的网络日志
Webroot Blog
Webroot Blog
T
Threatpost
宝玉的分享
宝玉的分享
The Last Watchdog
The Last Watchdog
小众软件
小众软件
L
LINUX DO - 最新话题
C
Cisco Blogs
T
Troy Hunt's Blog
Schneier on Security
Schneier on Security
酷 壳 – CoolShell
酷 壳 – CoolShell
www.infosecurity-magazine.com
www.infosecurity-magazine.com
雷峰网
雷峰网
G
GRAHAM CLULEY
有赞技术团队
有赞技术团队
Know Your Adversary
Know Your Adversary
博客园 - 叶小钗
罗磊的独立博客
V
V2EX
博客园 - Franky
P
Proofpoint News Feed
SecWiki News
SecWiki News
腾讯CDC
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Jina AI
Jina AI
博客园 - 三生石上(FineUI控件)
S
Secure Thoughts
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
Google DeepMind News
Google DeepMind News
Attack and Defense Labs
Attack and Defense Labs
人人都是产品经理
人人都是产品经理
The Cloudflare Blog
PCI Perspectives
PCI Perspectives
V2EX - 技术
V2EX - 技术
Google DeepMind News
Google DeepMind News
Last Week in AI
Last Week in AI
aimingoo的专栏
aimingoo的专栏
Cisco Talos Blog
Cisco Talos Blog
N
News and Events Feed by Topic
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
S
SegmentFault 最新的问题

geoip on CoreDNS: DNS and Service Discovery

暂无文章

geoip
2025-12-11 · via geoip on CoreDNS: DNS and Service Discovery

Description

The geoip plugin allows you to enrich the data associated with Client IP addresses, e.g. geoip information like City, Country, and Network ASN. GeoIP data is commonly available in the .mmdb format, a database format that maps IPv4 and IPv6 addresses to data records using a binary search tree.

The data is added leveraging the metadata plugin, values can then be retrieved using it as well.

Longitude example:

import (
    "strconv"
    "github.com/coredns/coredns/plugin/metadata"
)
// ...
if getLongitude := metadata.ValueFunc(ctx, "geoip/longitude"); getLongitude != nil {
    if longitude, err := strconv.ParseFloat(getLongitude(), 64); err == nil {
        // Do something useful with longitude.
    }
} else {
    // The metadata label geoip/longitude for some reason, was not set.
}
// ...

City example:

import (
    "github.com/coredns/coredns/plugin/metadata"
)
// ...
if getCity := metadata.ValueFunc(ctx, "geoip/city/name"); getCity != nil {
    city := getCity()
    // Do something useful with city.
} else {
    // The metadata label geoip/city/name for some reason, was not set.
}
// ...

ASN example:

import (
    "strconv"
    "github.com/coredns/coredns/plugin/metadata"
)
// ...
if getASN := metadata.ValueFunc(ctx, "geoip/asn/number"); getASN != nil {
    if asn, err := strconv.ParseUint(getASN(), 10, 32); err == nil {
        // Do something useful with asn.
    }
}
if getASNOrg := metadata.ValueFunc(ctx, "geoip/asn/org"); getASNOrg != nil {
    asnOrg := getASNOrg()
    // Do something useful with asnOrg.
}
// ...

Databases

The supported databases use city schema such as ASN, City, and Enterprise. .mmdb files are generally supported, as long as their field names correctly map to the Metadata Labels below. Other database types with different schemas are not supported yet.

Free and commercial GeoIP .mmdb files are commonly available from vendors like MaxMind, IPinfo, and IPtoASN which is Public Domain-licensed.

Syntax

or

geoip [DBFILE] {
    [edns-subnet]
}
  • DBFILE the mmdb database file path. We recommend updating your mmdb database periodically for more accurate results.

  • edns-subnet: Optional. Use EDNS0 subnet (if present) for Geo IP instead of the source IP of the DNS request. This helps identifying the closest source IP address through intermediary DNS resolvers, and it also makes GeoIP testing easy: dig +subnet=1.2.3.4 @dns-server.example.com www.geo-aware.com.

    NOTE: due to security reasons, recursive DNS resolvers may mask a few bits off of the clients’ IP address, which can cause inaccuracies in GeoIP resolution.

    There is no defined mask size in the standards, but there are examples: RFC 7871’s example conceals the last 72 bits of an IPv6 source address, and NS1 Help Center mentions that ECS-enabled DNS resolvers send only the first three octets (eg. /24) of the source IPv4 address.

Examples

The following configuration configures the City database, and looks up geolocation based on EDNS0 subnet if present.

. {
    geoip /opt/geoip2/db/GeoLite2-City.mmdb {
      edns-subnet
    }
    metadata # Note that metadata plugin must be enabled as well.
}

The view plugin can use geoip metadata as selection criteria to provide GSLB functionality. In this example, clients from the city “Exampleshire” will receive answers for example.com from the zone defined in example.com.exampleshire-db. All other clients will receive answers from the zone defined in example.com.db. Note that the order of the two example.com server blocks below is important; the default viewless server block must be last.

example.com {
    view exampleshire {
      expr metadata('geoip/city/name') == 'Exampleshire'
    }
    geoip /opt/geoip2/db/GeoLite2-City.mmdb
    metadata
    file example.com.exampleshire-db
}

example.com {
    file example.com.db
}

A limited set of fields will be exported as labels, all values are stored using strings regardless of their underlying value type, and therefore you may have to convert it back to its original type, note that numeric values are always represented in base 10.

Label Type Example Description
geoip/city/name string Cambridge Then city name in English language.
geoip/country/code string GB Country ISO 3166-1 code.
geoip/country/name string United Kingdom The country name in English language.
geoip/country/is_in_european_union bool false Either true or false.
geoip/continent/code string EU See Continent codes.
geoip/continent/name string Europe The continent name in English language.
geoip/latitude float64 52.2242 Base 10, max available precision.
geoip/longitude float64 0.1315 Base 10, max available precision.
geoip/timezone string Europe/London The timezone.
geoip/postalcode string CB4 The postal code.
geoip/subdivisions/code string ENG,TWH Comma separated ISO 3166-2 subdivision(region) codes, e.g. first level (province), second level (state).
geoip/asn/number uint 396982 The autonomous system number.
geoip/asn/org string GOOGLE-CLOUD-PLATFORM The autonomous system organization.

Continent Codes

Value Continent (EN)
AF Africa
AN Antarctica
AS Asia
EU Europe
NA North America
OC Oceania
SA South America

Notable changes

  • In CoreDNS v1.13.2, the geoip plugin was upgraded to use oschwald/geoip2-golang/v2, the Go library that reads and parses .mmdb databases. It has a small, but possibly-breaking change, where the Location.Latitude and Location.Longitude structs changed from value types to pointers (float64*float64). In oschwald/geoip2-golang v1, missing coordinates returned “0” (which is a valid location), and in v2 they now return an empty string “”.