Differences

This shows you the differences between two versions of the page.

--- networking:asn_autonomous_system_number [2021/01/04 16:22] – peter
+++ networking:asn_autonomous_system_number [2021/01/04 16:36] (current) – peter
@@ Line 3: / Line 3: @@
 [[Networking:ASN (Autonomous System Number):About ASN (Autonomous System Number)|About ASN (Autonomous System Number)]]
-An **[[https://en.wikipedia.org/wiki/Autonomous_system_(Internet)|ASN (Autonomous System Number)]]** refers to a block of IP addresses.
+[[Networking:ASN (Autonomous System Number):Determine which IPs actually fall into an ASN|Determine which IPs actually fall into an ASN]]
-Most large organizations or ISPs are allocated a number of ASNs.
+[[Networking:ASN (Autonomous System Number):Find a specific ASN|Find a specific ASN]]
-ASNs can be useful to block an entire organization. Instead of manually having to add hundreds of IP addresses into a firewall rule, you can simply block the entire ASN, which blocks all IPs within that ASN.
+[[Networking:ASN (Autonomous System Number):Use an ASN to Create an IP Blocklist|Use an ASN to Create an IP Blocklist]]
-----
-===== How to find a specific ASN =====
-There are many search tools online such as https://www.ultratools.com/tools/asnInfo.
-For example, searching for **Google** returns a number of ASNs.
-{{:networking:asn_-_search_-_google.png?800|}}
-----
-Alternatively:
-<code bash>
-dig google.com
-; <<>> DiG 9.16.1-Ubuntu <<>> google.com
-;; global options: +cmd
-;; Got answer:
-;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2531
-;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
-;; OPT PSEUDOSECTION:
-; EDNS: version: 0, flags:; udp: 65494
-;; QUESTION SECTION:
-;google.com.			IN	A
-;; ANSWER SECTION:
-google.com.		300	IN	A	216.58.198.206
-;; Query time: 24 msec
-;; SERVER: 127.0.0.53#53(127.0.0.53)
-;; WHEN: Mon Jan 04 15:55:10 GMT 2021
-;; MSG SIZE  rcvd: 55
-</code>
-...then...
-<code bash>
-whois -h whois.cymru.com " -v 216.58.198.206"
-AS      | IP               | BGP Prefix          | CC | Registry | Allocated  | AS Name
-   | 216.58.198.206   | 216.58.198.0/24     | US | arin     | 2012-01-27 | GOOGLE, US
-</code>
-<WRAP info>
-**NOTE:**  ASN is shown here as 15169, which is another of the above returned ASN in the search.
-</WRAP>
-----
-===== Determine which IPs actually fall into an ASN =====
-Taking AS41264 from the above search as an example:
-<code bash>
-whois -h whois.radb.net -- '-i origin AS41264' | grep ^route | grep -v route6 | cut -d" " -f7 | most
-</code>
-returns:
-<code bash>
-.125.63.0/24
-.125.58.0/24
-.125.60.0/24
-.132.0.0/16
-.132.0.0/23
-.132.2.0/23
-.132.4.0/23
-.132.6.0/23
-.132.8.0/23
-.132.10.0/23
-...
-</code>
-<WRAP info>
-**NOTE:**  The IP addresses within an ASN may change often, so if you do use this for firewalling then update the list regularly.
-Also note that the other ASN 15169 determined above also contained the same IP as ASN 41264.  So blocking either of these ASN will still block the IP.
-</WRAP>
-----
-===== References =====
-https://www.apnic.net/get-ip/faqs/asn/
-https://en.wikipedia.org/wiki/Autonomous_system_(Internet)
-https://www.ultratools.com/tools/asnInfo
-https://www.nirsoft.net/whois_servers_list.html
-https://team-cymru.com/community-services/ip-asn-mapping/