IP Geolocation Demystified: Understanding Traditional Methods and Their Challenges

Updated: 29 July 2025

In today's interconnected digital landscape, pinpointing the geographical location of online users is critical for a wide range of applications, from enhancing user experiences to bolstering security measures. IP geolocation serves as the bridge between anonymous IP addresses and their real-world locations, enabling businesses to deliver region-specific services, combat fraud, and tailor marketing efforts. This article is the first in a two-part series exploring the intricacies of IP geolocation services. For insights into cutting-edge advancements transforming the field, continue to part 2: The Next Generation IP Geolocation Service.

This comprehensive guide demystifies IP geolocation, delving into its core principles, the primary data sources employed by providers, the methodologies underpinning traditional services, scientific data enhancements, and the significant limitations that persist. Updated with the latest industry insights as of July 2025.

What is IP Geolocation?

An Internet Protocol address (IP address) is a numerical label assigned to each device connected to a computer network. This numerical label is used to identify these devices, allowing for direct communication.

The public internet operates with the same principles. When a device connects to the internet, it utilises a globally unique IP address to ensure both inbound and outbound communication is delivered correctly.

In this context, the IP address acts in a similar way to a postal address used to deliver conventional mail. However, unlike the postal address, an IP address does not have an intrinsic location and does not expose any geographical properties. This is why you cannot determine the location of a device by its IP address alone.

IP geolocation is an essential technology that overcomes this limitation to help organisations identify the location of their customers based on their IP addresses. Organisations such as online service operators, financial institutions, search engines, ad agencies, and any business offering an online shopping or e-commerce experience are able to provide their customers with the best products and services available in their region. This IP geolocation service is also crucial for preventing online fraud, managing digital rights, and serving targeted marketing material and pricing.

If you wonder where your online customers are coming from or wish to customise your clients’ online experience based on their location, you are likely familiar with various commercial IP geolocation services, ranging from free to highly priced to enterprise-only. Most of these providers declare superior accuracy, although they show little transparency on the methodology and present scarce evidence to support their claimed accuracy.

In general, validation of the accuracy of an IP geolocation service is challenging and requires a large pool of ground-truth data (i.e., vast numbers of IP addresses from known locations). This data is generally collected from all active ISPs/ASes and is required to be random, spread over various geographical regions. In reality, such data is generally not available, in which case any claimed IP geolocation accuracy without full transparency is questionable.

The Ultimate Data Source: Global IP Address Allocation

The IPv4 protocol uses 32-bit addresses, which makes the maximum theoretical address space limited to 4,294,967,296 (2^32) IP addresses. IPv6, the next-generation protocol, utilises 128-bit addresses, which makes the pool considerably larger, but still limited. Due to the global uniqueness requirement of IP addresses across both protocols, the global IP address space allocation is heavily regulated.

IANA – the Internet Assigned Numbers Authority – is a function of ICANN, a nonprofit private American corporation that oversees global IP address allocation, autonomous system number allocation, root zone management in the Domain Name System, media types, and other Internet Protocol-related symbols and internet numbers (source: Wikipedia).

IANA is responsible for the allocation of large IP address space blocks to the Regional Internet Registries (RIRs):

• AFRINIC for the Africa region
• APNIC for the Asia/Pacific region
• ARIN for Canada, USA, and some Caribbean islands
• LACNIC for Latin America and some Caribbean islands
• RIPE NCC for Europe, the Middle East, and Central Asia

RIRs in turn delegate a portion of their allocated address space to Local Internet Registries (LIRs), e.g., APNIC delegates to the Japan Network Information Center (JPNIC). All registries, both regional and local, allocate their remaining available address space to organisations seeking to utilise it on the public internet.

Business entities (or autonomous networks) that are assigned IP address space for their own use are called Autonomous Systems (AS). They must first register as an AS, receiving a globally unique Autonomous System Number (ASN) which can then be used to identify them.

The Internet Service Provider (ISP) is the most typical example of an AS operator, but it is not the only one. Virtually any organisation seeking to use their own IP addresses on the internet qualifies as an AS. It is a common occurrence that AS entities liberally use their allocated IP space in any manner they wish, and more importantly, in any geographical location they like.

All registries maintain publicly available WHOIS databases that associate IP address ranges with ASNs and registration details, including approximate location.

How IP Geolocation Providers Utilise This Data

Most IP geolocation providers use the WHOIS databases as their primary source of information. They query the WHOIS database for the IP address in question and map it to the location of the AS that owns the IP address range. This method provides a reasonable country-level geolocation accuracy, but it is not accurate enough for city-level geolocation. This is because the AS registration details are often the location of the AS headquarters, not the location where the IP address is actually used.

For example, an ISP headquartered in Sydney, New South Wales, may register its IP allocations with a Sydney address, but those IPs could be deployed to end-users in Perth, Western Australia, or even internationally. This discrepancy limits the utility of WHOIS data for applications requiring precise localisation.

To achieve higher precision, many providers supplement WHOIS data with user-submitted information. This involves collecting location data from users via websites, applications, or forms, correlating it with the IP addresses active at the time of submission. This user-reported data helps build a more detailed database of IP-location associations.

Scientific Data: Enhancing Accuracy with Advanced Techniques

To further improve the accuracy of IP geolocation, some providers incorporate scientific data sources and methods. These include network probing, routing analysis, and domain name resolution techniques, which provide deeper insights into the network infrastructure and IP usage patterns.

Traceroute: By executing traceroute commands from multiple global vantage points to the target IP, providers can trace the path of data packets and identify intermediate routers. If the locations of these routers are known (e.g., from databases or previous mappings), the target's location can be estimated based on the proximity to the last known router. However, traceroute results can be inconsistent due to routing asymmetries and firewalls blocking probes.

BGP Data: The Border Gateway Protocol (BGP) governs how IP address ranges are announced and routed across autonomous systems. Providers analyse BGP tables and announcements to determine the originating AS and potential geographical hints from peering points or route origins. Public BGP data sources, such as those from Route Views or RIPE RIS, allow for inference of IP range locations based on global routing patterns. Nonetheless, BGP data can be dynamic and may not always reflect end-user locations accurately.

Reverse DNS: Reverse Domain Name System (rDNS) records associate IP addresses with domain names, often embedding location indicators like city codes, airport abbreviations, or regional identifiers (e.g., "syd.nsw.example.com" suggesting Sydney, New South Wales). Providers parse these records to extract geolocation clues. While useful, rDNS is not universally implemented, and records can be outdated or misleading if not maintained properly.

In addition to these, some providers employ probe-based methodologies, exemplified by services like IPinfo. IPinfo utilises a network of global probe servers to send ICMP ping requests to target IPs, measuring round-trip latencies from various locations. Through multilateration—triangulating positions based on estimated distances derived from latency values—IPinfo infers locations. This approach also incorporates BGP and rDNS data for enrichment, offering details on country, city, coordinates, ASN, and carrier, plus detection of VPNs, proxies, and anycast setups.

However, probe-based methods like IPinfo’s encounter several significant challenges:

• Latency Inconsistencies: Factors like network congestion, asymmetric routes, and policy-based detours distort latency, leading to erroneous distance calculations and triangulation inaccuracies, especially over long distances or in variable networks.
• Anycast Complications: Anycast IPs, used in CDNs, route to the nearest instance, confusing single-location assumptions and often resulting in averaged or incorrect geolocations.
• Dynamic and Real-Time Issues: Periodic probing can't keep pace with rapid IP changes in dynamic pools, resulting in stale data.
• Blocking and Intrusiveness: Probes may be blocked by security measures, reducing data reliability.
• Non-Response from Most IPs: The vast majority of internet IPs do not respond to ping requests due to firewalls, NAT configurations, or security policies, making triangulation impossible for those addresses.
• Focus on Responding IPs: The IPs that do respond are typically associated with network interfaces, routers, or web servers, rather than end-user devices. Accurate triangulation of these does not effectively localise regular internet users, which is the primary objective of IP geolocation services—locating individuals, not infrastructure.
• Regional Performance Gaps: Benchmarks show lower accuracy in rural or high-latency areas.
• Resource Demands: Maintaining probes is costly, potentially biasing coverage.

These scientific methods, while advancing precision, highlight the complexity of achieving reliable IP geolocation.

Challenges Facing IP Geolocation Services

Despite advancements, IP geolocation services grapple with several challenges:

• Dynamic IP Assignments: ISPs often use dynamic IPs, temporarily assigned, making long-term location associations difficult.
• VPNs, Proxies, and Tor: These tools mask true locations, routing traffic elsewhere, evading detection unless advanced flags are used.
• Anycast and Cloud Infrastructures: Shared IPs across locations ambiguate geolocation.
• Data Staleness: Networks evolve; outdated data leads to errors.
• Privacy Regulations: GDPR and similar laws restrict data collection, impacting comprehensiveness.
• Lack of Ground Truth: Scarce verified data hinders accuracy validation.
• Global Coverage Inequities: Better data in developed regions vs. emerging markets.

These issues can lead to misinformed decisions in fraud prevention, content delivery, and marketing.

Moving Toward a More Accurate Future

The limitations of traditional and scientific methods emphasise the need for innovative, transparent solutions. As digital demands grow, evolving technologies will address these gaps.

Explore IP geolocation services for your needs. Feedback drives progress in this field.