We’re currently implementing additional security controls for our hosting platform, and one of the biggest challenges we’re encountering involves customers connecting over mobile networks. As users move between towers or regions they are frequently assigned different IP addresses within very short timeframes, which complicates IP-based allow-listing.
Is there a reliable way to obtain and maintain up-to-date CIDR ranges for major mobile providers such as AT&T, Verizon, and T-Mobile?
For reference, we currently use this from Starlink that provides a public feed of their IP space.
You must log in or register to comment.
Something like this? https://ipapi.is/ip-to-company.html
Wow, that’s exactly what we’ve built, basically. The problem is finding a reliable source of what CIDR ranges they provide our region without storing and guessing ourselves to make sure it’s local. We go through a lot of ARIN data each week to make sure one neighbor isn’t banning another because he can’t remember his password.
Our next step was refactoring with geo-location, but I figured there has to be feeds from these providers like StarLink does … oy.
They don’t typically provide them to the public, or small operators. You’d have to be a large provider to get access to a direct feed.
You could ask the NANOG mailing list if any of them track it. I use to that going through unofficial channels like NOGs to get help when getting this kind of odd info.
NANOG
Completely unaware of NANOG, thank you!