Skip to content

Update GeoIP support to new API (GeoLite2 from Maxmind)

Description

Maxmind is discontinuing support for the version of their GeoIP db that is supported currently by BIND.

'At the beginning of April, 2018, we will cease updating the GeoLite Legacy downloadable databases. We will also disable free downloads of GeoLite Legacy databases from the geoipupdate program on that date.'

Request

Please update the GeoIP support in BIND to work with the new API/schema. I did check their website and they are still providing a free community edition of the db, but the schema is new. (https://dev.maxmind.com/geoip/geoip2/geolite2/)

Excerpt from an email from a user: Simple example for Australia and New Zealand that we use:

acl "ANZ" {
    geoip country NZ;
    geoip country AU;

};

view "ANZ" {
        match-clients { key anzkey; !all_keys; ANZ; };
        allow-notify { key anzkey; };
        allow-transfer { key anzkey; };
        server 192.999.888.77 { keys anzkey; };

        zone "geo.xxx.com" {
                type slave;
                notify no;
                file "/usr/local/etc/namedb/geo/ANZ.xxx";
                masters { 127.0.0.1;  };
        };
        zone "geo.yyy.com" {
                type slave;
                notify no;
                file "/usr/local/etc/namedb/geo/ANZ.yyy";
                masters { 127.0.0.1;  };
        };

};

We use GeoIP commercial database, so we rely on it, and it realy works. :) It has the same schema but more data than free. The point is that MaxMind changed the schema and API for GeoIP2/GeoLite2, so old function calls will not work with new shared libraries, so developers have to change headers and function calls. Bind911 uses headers at lib/dns/geoip.c:

#include <GeoIP.h>
#include <GeoIPCity.h>

and calls like:

GeoIP_country_code_by*
GeoIP_country_name_by*

New maxmind libraries called "libmaxminddb" is replacement of old "GeoIP" shared libraries with new API:

headers:

#include <maxminddb.h>

Functions and data structures begin from MMDB_*.

Examples:

MMDB_lookup_string(&mmdb, ip_address, &gai_error, &mmdb_error);
MMDB_get_entry_data_list(&result.entry, &entry_data_list);
MMDB_dump_entry_data_list(stdout, entry_data_list, 2);

So, the API has changed dramaticaly.

Links / references

MaxMind supported APIS: https://dev.maxmind.com/geoip/geoip2/downloadable/

Notes

This new feature will be backported as to old release and the old GeoIP support will have to stay (--with-geoip). The two options will be mutually exclusive though. In the development branch, we will remove support for old GeoIP and only the new one will stay. Internally, the configuration should stay the same (even though this will require changes from the administrator anyway to put the new databases into their respective places).

Edited by Ondřej Surý
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information