28 May

Domain to IP/ASN/BGP block mapping script

Sleepless night. Reading more about Quagga and it’s options.


In meanwhile a quick 5min script to enable domain to BGP/IP/ASN mapping. This script is using basic dig command (for finding IP address) and Team Cymru whois service for IP to ASN/block mapping.



# Script for domain name to IP/ASN/BGP block mapping
IP=$(dig $1 a +short)
whois -h $hostname ” -c -p $IP”


 Yeah just 3 line script! Less code = more power! 

I set this one up as alias in ~/.bashrc. Here’s live working example:


anurag@laptop ~ $ bwhois he.net
AS | IP | BGP Prefix | CC | AS Name
6939 | | | US | HURRICANE – Hurricane Electric, Inc.

anurag@laptop ~ $ bwhois vsnl.in
AS | IP | BGP Prefix | CC | AS Name
4755 | | | IN | TATACOMM-AS TATA Communications formerly VSNL is Leading ISP

anurag@laptop ~ $ bwhois airtel.in
AS | IP | BGP Prefix | CC | AS Name
9498 | | | IN | BBIL-AP BHARTI Airtel Ltd.

anurag@laptop ~ $ bwhois rcom.co.in
AS | IP | BGP Prefix | CC | AS Name
18101 | | | IN | RELIANCE-COMMUNICATIONS-IN Reliance Communications Ltd.DAKC MUMBAI



Time for me to complete my CN file for tomorrow’s viva. Most boring & dumb work, but anyways have to do.

Feel free to leave comments below about just anything!


24 Dec

Simple bash script for IP-ASN mapping

Whenever I see a new unknown IP range, it gets hard to find exact source of that IP within command shell. Recently, I found a very interesting source of that information from Team Cymru. Here’s the resource.

I figured out (with a friend’s help) that using their whois server – v4.whois.cymru.com one can actually grab limited information as required. 


anurag@laptop:~$ whois -h v4.whois.cymru.com "  -v"

AS      | IP               | BGP Prefix          | CC | Registry | Allocated  | AS Name

15169   |          |          | US | arin     | 1992-12-01 | GOOGLE - Google Inc.


As we can see -v gives all possible information. All I needed was AS number, AS Name, BGP Prefix, Country code – this gives enough information for an IP address. Thus command turns out to be with -c & -p.

anurag@laptop:~$ whois -h v4.whois.cymru.com " -c -p"

AS | IP | BGP Prefix | CC | AS Name
9829 | | | IN | BSNL-NIB National Internet Backbone

Making this all quick easy to use.
Writing command in a quick script:

# Script for whois with details
read -p 'Enter IP address : ' inputip
whois -h $hostname " -c -p $inputip"

edit .bashrc located in home directory (hidden).
add following lines to the end of the file:
alias awhois='//whois.sh'
Logout and login and done!
Now, you can simply use awhois (A = Advanced! 🙂 ) to do advanced IP whois lookups.
Here’s a live working example:

anurag@laptop:~$ awhois
Enter IP address :
AS | IP | BGP Prefix | CC | AS Name
20115 | | | US | CHARTER-NET-HKY-NC - Charter Communications