IP geolocation fails: Why 65% accuracy kills tracking
City-level accuracy for mobile IPs drops to 65%. That single statistic kills the dream of a universal tracking mechanism. The IAB workshop report didn't just hint at this; it argued conclusively that no single technical solution can address the diverse requirements of modern network mapping.
The root cause isn't bad math; it's a category error. We confuse registered economy data with actual physical deployment. APNIC and other RIRs publish delegation reports with an ISO3166 country code, but that metadata identifies the entity holding management control, not the hardware's geographic reality. Treating these static registry records as ground truth ignores infrastructure volatility. IAB data shows 16% of IPv4 addresses shift their associated city monthly.
Consensus processes within Regional Internet Registries cannot fix structural limitations. Distinct approaches are required for different stakeholders. Fit-for-purpose solutions must replace the industry's lazy reliance on one-size-fits-all databases. Understanding the gap between administrative assignment and network topology is critical for anyone depending on location intelligence.
The Distinction Between Registered Economy and Physical Deployment Location
Defining Registered Economy via ISO3166 Country Codes
Legal jurisdiction defines the registered economy. This status is distinct from the physical deployment site of network infrastructure. The separation relies entirely on the ISO3166 CC found within delegation reports published by APNIC and other Regional Internet Registries. This data pinpoints where the entity holding management control resides, not where routers actually operate.
Commercial providers often treat this registry entry as gospel. Yet, country-level accuracy can exceed 99% only when excluding mobile and VPN traffic according to MaxMind benchmarks. City-level precision for mobile IPs drops drastically to a range of a significant share to 65% in developed regions as noted in IAB workshop findings. Relying on registered economy as a proxy for physical presence introduces significant mapping errors for latency-sensitive applications.
Legal compliance requirements and network engineering realities rarely align. A carrier may register an AS in one country for tax advantages while deploying nodes across three continents. Operators assuming geometric proximity based on registry data risk suboptimal traffic engineering decisions. The constraint is clear: ISO3166 CC values reflect administrative boundaries, not fiber paths. Static models fail to capture the flexible nature of modern IP infrastructure where addresses shift frequently.
Applying RFC 8805 Geofeeds to Refine Location Data
RFC 8805 defines a text-based format for network operators to self-publish IP prefix locality, correcting inferred errors from registry data. (RFC's draft iab ip geo workshop report 00) Commercial databases frequently misidentify locations for anycast deployments where assignments shift on timescales of days. The standard enables providers to ingest direct correction signals rather than relying on static delegation reports.
RIPE NCC now maintains public datasets to help address these gaps, yet adoption remains uneven across the global routing table. Operators must publish valid feeds to participate; without this step, the geolocation feed remains an unused potential signal. The mechanism allows a network to override broad registered economy estimates with precise physical deployment coordinates. Country-level accuracy often exceeds 99 percent, while city-level precision for mobile IPs drops notably.
Integrating RFC 8805 feeds reduces reliance on heuristics that fail during rapid infrastructure changes. However, the drawback is operational overhead: maintaining accurate feeds requires tight coordination between DNS teams and routing engineers. Failure to validate leads to silent rejection by downstream consumers, leaving the inferred data uncorrected.
Risks of Treating Registry Data as Authoritative Deployment Location
Treating registry entries as physical truth ignores the IAB workshop findings that simple location models fail against flexible infrastructure. The draft report explicitly challenges the assumption that answering where an IP address resides yields simple results, outlining edge cases where legal registration diverges from router placement. This disconnect creates severe operational blind spots for enforcement and content delivery systems.
Consider the Starlink Misgeolocation to Yemen, where satellite connectivity was incorrectly mapped to a specific country due to the inability of databases to track space-based or maritime links. Such errors demonstrate that delegation reports reflect management control rather than geographic reality. Commercial databases frequently struggle with anycast deployments and cloud provider space where assignments shift on timescales of days or weeks. These environments often trigger false positives in fraud detection or incorrect content localization.
Handling of Anycast and Cloud requires active probing rather than static registry lookups to maintain accuracy. Relying solely on ISO3166 country codes from RIRs introduces a systematic bias that assumes legal presence equals physical presence. The consequence is a fragile dependency on data that was never designed for precision geolocation. Operators assuming authority in registry data risk building compliance or routing policies on fundamentally unstable premises.
Why RIR Delegation Data Tracks Management Control Not Deployment
RIR delegation records capture the registered economy of the delegate, not the physical router location. This structural design means the data reflects legal management control rather than network topology. Unlike GPS, there is no inherent physical tie between an IP address and a coordinate, forcing reliance on probabilistic models.
Commercial databases attempt to synthesize these disparate sources, yet the economic model relies on continuous investment in data aggregation from ISPs and WHOIS records. The result is a dataset that frequently misaligns with actual traffic paths. Specialized initiatives struggle when assignments change rapidly, particularly within cloud provider space or anycast deployments. Operators often assume registry entries denote presence, but this assumption creates blind spots for latency-sensitive applications. The cost of maintaining active measurement probes remains high, limiting the freshness of available ground truth. The fundamental tension lies between the stability of legal records and the fluidity of modern routing. Relying on static delegation reports for flexible environments yields unreliable results.
Mapping Space-Based Connectivity: The Starlink Yemen Geolocation Failure
Over a 60-day window, roughly 321,000 Starlink measurement advertisements were misgeolocated to Yemen by commercial databases. This massive error stems from the inability of terrestrial mapping models to resolve space-based connectivity where user location shifts dynamically with satellite coverage rather than fixed infrastructure. The root cause involves satellite IP assignment mechanisms that decouple network presence from any single ground coordinate, confusing algorithms expecting stable router positions.
Operators attempting to fix this misinterpretation of IP location data often find that registry entries point to the satellite operator's headquarters, not the end-user. No amount of RIR data refinement can correct a model built for static assets when applied to non-terrestrial networks. Consequently, security systems relying on country-level blocking may inadvertently deny access to entire maritime or rural regions. The implication for network engineering is clear: geolocation accuracy requires distinct handling for non-terrestrial IP ranges, as standard terrestrial heuristics produce false positives at scale. Treating these flexible assignments as fixed locations creates a systemic blind spot that protocol extensions alone cannot resolve without explicit space-based metadata.
The One-Size-Fits-All Fallacy in IP Geolocation Technical Solutions
IAB workshop findings confirm no single technical solution addresses all passive IP geolocation use cases effectively. Different architectures require distinct fit-for-purpose models rather than a universal standard. Anycast deployments and cloud environments frequently break static mapping assumptions, creating false specificity where databases default to country centers.
Data volatility further complicates this environment, as 16% of IPv4 addresses change their associated city in an average month. This churn demands frequent refreshes that many legacy systems cannot support. The absence of inherent ground truth forces reliance on probabilistic models that often yield contradictory evidence. Operators attempting to force a unified view across these varying constraints will encounter systematic errors in enforcement and delivery logic. High-precision requirements demand active measurement, whereas broad regional filtering tolerates the uncertainty found in delegation data. Accepting this fragmentation is the only path to reliable network operations.
Diverse Geolocation Use Cases Require Fit-for-Purpose Technical Solutions
Defining Fit-for-Purpose Geolocation Accuracy Thresholds
Latency-based techniques occasionally isolate an IP address within a 690-meter radius when network conditions are ideal, setting a theoretical maximum for precision. Values claiming accuracy beyond 1,000 meters frequently lack the reliability needed for strict enforcement policies or granular routing decisions. This split in performance metrics demands separate thresholds instead of one universal benchmark. Network teams must separate legal registration details from the reality of physical deployment. The structural disconnect generates false specificity when databases place cloud IPs at geographic centers instead of actual network edges.
Data volatility complicates static mapping, as a significant portion of IPv4 addresses change their associated city in an average month. Such churn requires architectures built for frequent refreshes to stop data from degrading. Anycast deployments make the problem worse by announcing single IPs from many locations, breaking stable IP-to-location assumptions. A tiered cost structure emerges where high-accuracy data requires paid subscriptions while free tiers provide only coarse granularity. The price of trusting unreliable data often exceeds the cost of building use-case-specific validation logic.
Mobile Carrier Hub Limitations in Real-World IP Lookups
Studies of carriers like T-Mobile reveal that IP lookups frequently return the location of a regional hub rather than the user's actual cell tower. This architectural reality forces traffic through centralized aggregation points, causing databases to map mobile users to a static regional hub location instead of their flexible physical position. The resulting city-level inaccuracies happen because mobile carriers route traffic through these fixed nodes while assigning IPs from large metropolitan pools. A user moving between cell towers might appear stationary or jump between cities depending on which gateway handles their carrier-grade NAT session.
Relying on RIR data for mobile geolocation fails because registration records reflect legal management control, not the topology of radio access networks. Operators depending on this data for location-based services encounter systematic errors where rural users appear in urban centers hosting the carrier's core infrastructure. The gap between fixed-line precision and mobile ambiguity necessitates hybrid models combining IP data with device-level signals.
Ignoring this distinction creates measurable costs in failed compliance checks and degraded user experience. Network architects must design systems that tolerate location uncertainty for mobile segments rather than enforcing rigid geofencing rules.
The Risk of Passive Reliance on Single Geolocation Databases
Passive reliance on a single geolocation database fails when space-based connectivity decouples IP assignment from fixed terrestrial infrastructure. This architectural mismatch generates massive mapping errors, as seen when Starlink addresses were misidentified as Yemeni landlines due to flexible satellite handoffs. Operators assuming RIR data reflects physical deployment face similar false specificity risks in cloud environments where Anycast deployments announce identical prefixes from multiple global locations simultaneously. The resulting confusion forces databases to default to geographic centers rather than actual edge nodes.
High data volatility exacerbates this issue, with significant portions of IPv4 space changing city associations monthly, requiring architectures capable of frequent refreshes to maintain relevance. A universal technical fix remains impossible because latency-based precision conflicts with the scale required for global routing tables.
Responsible Data Handling Protocols Under the Chatham House Rule
Chatham House Rule Constraints on IP Geolocation Attribution
The Chatham House rule permits use of [information received](https://www.irtf.org/anrw/2020/anrw2020-final7.) while forbidding disclosure of speaker names or organizational ties. This structure shields open consensus work on sensitive location topics by eliminating reputational danger from technical arguments. Attendees may debate cloud provider IP space mistakes openly without exposing one vendors to public censure. Such secrecy allows frank admission of mapping gaps that commercial liability fears would normally conceal.
Market forces frequently block reporting of rapid IP assignment changes in flexible settings. The rule establishes a protected zone where operators confess database flaws without invoking contract sanctions. This anonymity oddly boosts shared intelligence reliability by separating technical facts from corporate brands. The emerging consensus position mirrors ground truth instead of marketing copy.
Implementing Fit-for-Purpose Geolocation Solutions per IAB Sections 5.3 and 5.4
Sections 5.3 and 5.4 of the IAB report require fit-for-purpose models since no single technical fix handles every use case well. Operators must pick approaches like latency-based scoping only when needed precision matches known accuracy limits rather than presuming universal dependability. Technical designs using Anycast deployments often baffle traditional mapping by broadcasting identical prefixes from many global sites at once. This conduct pushes numerous databases toward a geographic midpoint, generating false specificity that misdirects enforcement rules. Research examining router interfaces shows substantial databases miss the dependability required for network infrastructure mapping versus end-user hosts.
Economic factors hinder corrections because IPv4 trading prices reached between $35 and $60 per address in early 2025, raising the cost of mapping errors. Commercial tools frequently function as a black box concerning their data origins, stopping operators from auditing how location claims derive. High-stakes uses demand clear data lineage while low-risk logging accepts greater uncertainty. Applying one model blindly across varied network segments invites systematic breakdown.
Lessons: Interpretation Pitfalls of Passive IP Geolocation Reliance
Passive dependence on single geolocation databases fails when space-based connectivity separates IP assignment from fixed terrestrial systems. This architectural gap produces huge mapping mistakes, evident when Starlink addresses were wrongly tagged as Yemeni landlines owing to flexible satellite handoffs. According to Operators believing RIR, physical placement encounter comparable false specificity dangers in cloud settings where Anycast deployments broadcast identical prefixes from many global sites at once. The ensuing confusion drives databases toward geographic centers instead of true edge nodes.
Rapid data flux further hinders precise mapping since static metadata cannot follow swift network shifts. This outdated nature means old registration records often indicate a corporate head office while real traffic starts hundreds of miles distant at a colocation site.
The core conflict exists between legal registry correctness and physical fact. Groups must embrace fit-for-purpose models instead of trusting a universal truth absent from reality. InterLIR advises checking location claims against active measurement data to reduce these interpretation hazards effectively.
About
Evgeny Sevastyanov serves as the Support Team Leader at InterLIR, a specialized IPv4 marketplace based in Berlin. His daily responsibilities involve managing complex customer inquiries and directly handling technical operations within RIPE and APNIC databases, giving him unique insight into the intricacies of IP address management. This hands-on experience makes him exceptionally qualified to discuss the challenges of IP address geolocation outlined in the recent IAB workshop report. At InterLIR, Sevastyanov routinely navigates the disconnect between static registry data and flexible network realities, a core tension highlighted in the draft report. His work ensuring clean BGP routes and accurate IP reputation directly correlates to the difficulties of mapping IP addresses to physical locations. By bridging the gap between theoretical standards and practical implementation, Sevastyanov offers a grounded perspective on why determining an IP's true location remains a significant technical hurdle for the global internet infrastructure.
Conclusion
Treating geolocation as a static property rather than a flexible economic variable causes the fundamental breakdown. As IPv4 addresses trade like commodities, their physical anchoring becomes secondary to market liquidity, causing mapping fidelity to decay specifically where mobile networks and satellite constellations dominate. Relying on legacy registry data for critical infrastructure decisions now incurs a hidden operational tax: the cost of acting on geographic hallucinations that misroute traffic or misapply compliance rules. This is not merely a data quality issue but a structural mismatch between fluid network topology and rigid database assumptions.
Teams must abandon the pursuit of a single "golden source" for location data by Q3. Instead, implement a tiered confidence model that explicitly downgrades certainty scores for mobile and cloud-native ranges while maintaining strict thresholds for fixed-line assets. Do not attempt to patch existing vendor feeds; the latency in their update cycles cannot match current market velocity. Start this week by auditing your highest-value transaction logs against at least two distinct geolocation providers, flagging any city-level discrepancies for immediate manual review before they impact billing or fraud detection systems. This targeted verification prevents systemic errors from compounding while you architect a more resilient, multi-source validation layer.
Frequently Asked Questions
City-level precision for mobile IPs drops drastically to a range of 40% to 65% in developed regions. This low accuracy occurs because static registry records cannot track the volatile nature of modern mobile infrastructure deployment.
IAB data shows 16% of IPv4 addresses shift their associated city monthly due to dynamic infrastructure changes. Relying on static delegation reports ignores this volatility, causing significant mapping errors for latency-sensitive applications today.
Country-level accuracy can exceed 99% only when excluding mobile and VPN traffic from the dataset entirely. Including these dynamic connection types introduces significant noise that degrades the overall precision of standard geolocation databases.
Registered economy data identifies where an entity holds management control, not where hardware physically operates. Confusing these administrative boundaries with actual fiber paths leads to incorrect assumptions about network topology and geographic presence.
The IAB workshop concludes no single technical solution addresses diverse requirements because infrastructure varies too widely. Different stakeholders need fit-for-purpose solutions rather than relying on one-size-fits-all databases for accurate location intelligence.
