Thread: I am looking for a PHP algorithm/script
View Single Post
  #6 (permalink)  
Old 09-30-2008, 04:56 PM
Tech Manager Tech Manager is offline
WebProWorld Pro
  
Join Date: Jan 2008
Posts: 294
Tech Manager RepRank 1
Default Re: I am looking for a PHP algorithm/script
Wige:

I appreciate the response, but the conversions are not necessary. The IP addresses are converted into decimal for several reasons, first and foremost is the ease of searching in decimal. They are converted back to dotted-decimal when results are produced.

What is really at issue is the ability to aggregate the IP Blocks, based on their respective countries. This could either be done as an algorithm off the database(s) which would tend to produce a little more overhead or as a process of populating a new database with the aggregated data. The latter reduces the CPU and Memory overhead.

The database currently contains info on 4.3 billion IP addresses. This equates to a little over 91,000 main network blocks (which can be further deconstructed to thousands of additional networks.

The goal is to offer an alternative to the current lists. They are accurate, but can become lengthy depending on how the RIR's apportioned the networks to each country.

The secondary database basically needs to reformulate the data of the first database into aggregations of country specific continguous networks.

The existing database(s) contain all the relevant data for each network range. This data includes the range in decimal form, number of hosts, CIDR, dotted-decimal netmasks, etc. Converting between decimal to dotted-decimal. binary. etc., is not at issue as all are easy to do.

I picture an algorithm that traverses an array (pulled from the database) that includes the network assignments (registrar, country, etc.) and IP range in decimal format. Continguous ranges would be those assigned to the same country where, when the database is sorted by starting IP, the ending IP would be one less number than the nest starting IP. In some case, such as thos given in the opening post, several IP blocks could be considered contiguous and the algorithm would basically use the original starting IP and locate the ending IP for the total continguous range.

Once you have the starting IP and new ending IP, the number of Hosts and the new CIDR/Netmask can be easily calculated to produce the aggregated block.

In the case of countries with large volume network assignments, like China, USA, Australia, etc., you could significantly reduce the ACL.

For example, as of September 30, 2008, China has 1,489 networks and 167,045,888 potentially available subnets. This makes for a long ACL aggregating the IP Block assignments might reduce the output by 90% thus allowing for an ACL that is only 149 lines long instead of 1,489 lines.

Does this clarify the matter?
__________________
I use Country IP Blocks as added security for my networks and servers.
Last edited by Tech Manager; 09-30-2008 at 06:03 PM.
Reply With Quote