Next up: DENOG 17 in Essen!
From 9-11 November, Stephan and Péter will join the German network operator community for three days of deep-dive sessions, peering discussions, and plenty of hallway networking.
They’re looking forward to catching up with familiar faces, meeting new ones, and exchanging ideas on traffic visibility, routing analytics, and interconnection efficiency and plenty more.
We are proud to be sponsoring Peering Asia 7 next week in Manila!
From 4-6 November, Hari and Stephan will be there connecting with peers from across the Asia-Pacific peering community. Expect plenty of good conversations about interconnection, traffic visibility, and how network analytics can make complex networks easier to understand and manage.
Meet them at the BENOCS booth to talk peering strategies, traffic data insights, and find out the latest BENOCS Analytics updates.
Or even just hit them up for a coffee (or maybe a halo-halo).
See you in Manila!
Next stop: Hamburg!
On September 25-26, BENOCS CTO Ingmar Poese will be at FCN2025, the Future Computing and Networking Workshop, in Hamburg.
With years of research and hands-on experience in network measurement and traffic analysis, Ingmar is looking forward to diving deep into the technical side of interconnection and traffic visibility.
Expect conversations around topics like ingress point detection, flow-based capacity planning, and how real-time analytics can uncover hidden patterns in IP networks.
If you’re in Hamburg, don’t miss Ingmar at FCN. He’ll be ready to exchange ideas, compare approaches, and discuss how data-driven insights can make networks more efficient and reliable.
Probes are great for spotting issues at the network edge, but how do you know what their alerts actually mean for the rest of your traffic? And how can you link those warnings back to the exact interconnect point?
At BalticNOG you will find out!
On Tuesday, September 24, at 5:00pm, Péter will share a hands-on example showing you how to:
It’s about turning probe alerts from isolated warnings into actionable insights that help you understand the bigger picture.
If you’re at BalticNOG, don’t miss Peter’s talk, especially if you’re curious about making flow-based monitoring more accurate, efficient, and useful.
A brand-new event on the map!
On September 24–25, Peter will be in Vilnius for the very first BalticNOG. We’re excited to see this new community form and we can’t wait to be part of the conversations around networks, interconnection, and how analytics can make traffic flows more transparent.
If you’re there, please come say hi. Peter’s looking forward to meeting peers from across the region, sharing ideas, and celebrating this kick-off edition together.
Here’s to a strong start for BalticNOG!
Ever wondered how a probe’s ‘alert’ footprint really maps to the rest of your network? Ever struggled to connect a quality degradation alert back to the exact interconnect point, and then figure out what else might be affected?
Let’s demystify that.
At EPF25 next week, Stephan will walk us through a clear, practical example of how to:
Whether you’re refining monitoring, speeding up incident response, or just curious about making flow-level visibility actionable, this talk shows you how to turn scattered alerts into coherent, signal-rich insight.
Be sure to also stop by the BENOCS booth while you’re there. Stephan, Péter, Ingmar and Suraj look forward to welcoming you!
Right after EPF 25, the conversations continue at RONOG 10 in Bucharest! 🇷🇴
On September 18, Péter will be there representing BENOCS and ready to meet the Romanian networking community to exchange thoughts on how traffic visibility and analytics can simplify network operations and improve performance.
Hit Peter up for a coffee and get all the latest updates on the BENOCS product roadmap.
It’s almost time for European Peering Forum 2025, this year in beautiful Bucharest!
From September 15-17, you can catch Péter, Ingmar, Suraj, and Stephan representing BENOCS at EPF 25. They’re looking forward to connecting with the peering community, diving into the latest on interconnection, and sharing ideas on how visibility into traffic flows can make networks run smoother.
If you’re attending, come find us! We’d love to talk peering strategies, network analytics, or just grab a coffee and catch up.
See you in Bucharest!
Sun, sea, and… networking.
On September 11, Hari and Stephan will be at the beach in Scheveningen, for the annual NL-ix Late Summer Drink. Always a great chance to catch up with peers, exchange ideas, and enjoy the unique mix of seaside vibes and serious conversations about networks.
If you’re around, come say hi and join us for a beer. We’d love to chat about traffic visibility, peering, and what’s next for network analytics.
Ever wondered where your network traffic is sourcing from or going to? Many network operators today rely on Geo-IP databases to answer these questions. A geo-IP database is a collection of data that links IP addresses to their corresponding geographic locations. Geo-IP databases usually provide information such as country, region, city, ZIP code, latitude, longitude and sometimes more specific details such as ISP name and also the type of connection (either a DSL or Mobile).
There are several Geo-IP databases available such as Maxmind, IP2Location, IPgeolocation, IPinfo, Netacuity etc. There is a significant difference of accuracy of a commercial database compared to a free version since the features and the updates that come with it vary greatly depending on the version type.
IP to location mapping is a continuous, multi-source data enrichment process that leverages a combination of methods and data sources to assign geographic identities to IP address ranges. Some of the sources are as follows:
Geo-IP databases are widely used for web analytics or targeted content/ads. The next time you use a Starbucks W-Fi and get an ad for a store that you just walked past, don’t be surprised. In the telecommunications world, network operators generally use Geo-IP location to optimize and manage their network. Some of the widely known use cases are:
Let’s take the first use case – traffic routing – and look at it more closely. Geo-IP databases work reasonably well when identifying where user traffic originates from and are reliable for country-level detection and broad regional insights. However, some operators also use these databases to correlate flow data with the physical location of subnets within their own network to determine where a specific customer’s traffic is coming from. While operators typically already know where their infrastructure and customer allocations are located based on internal records, that information often lives in separate static inventories that aren’t easily integrated into flow analysis tools. As a result, they turn to Geo-IP data to fill that gap. The problem? Although the accuracy is typically high (90-99%) for country level, it drops down significantly to 43%1 for city level detection. Precision is usually better in large, urbanized areas but considerably worse in small towns or rural regions, and the databases may revert to the nearest major city sometimes missing suburbs or towns. We decided to do a small comparison of our own to run a Berlin IP address lookup on some of these databases to test the accuracy, and the results are striking.
There are many factors contributing to the inaccuracies. Cellular networks and mobile IPs often have much lower localization accuracy compared to broadband or Wi-Fi. Errors of tens or even hundreds of kilometers2 are common for mobile users. Secondly, the usage of VPN, proxies, carrier grade NAT and very recently Apple Private Relay further obscures the true location, resulting in greater inaccuracies. From our experience in analyzing data from 25+ networks, we often see the same IP block being used across multiple regions or cities because of the frequent change in network topologies, which results in IP block reassignment. The external databases can become outdated quite quickly and the reliability is questionable unless updates are more frequent. Lastly, the privacy regulations may restrict access to certain information, impacting the completeness or refresh rate of data, especially in strict jurisdictions. This makes it risky to rely on Geo-IP for regional-level insights, especially when misclassification can lead to wrong decisions about peering, routing, or capacity planning.
Specifically for the routing- and capacity-planning usecases, BENOCS Analytics takes a fundamentally different approach than relying on external Geo-IP databases: we use what your network actually sees.
BENOCS collects and cross-correlates data from standardized network protocols, including BGP, Flow, SNMP, IGP, and DNS, directly from the operator’s infrastructure. Leveraging our proprietary data-processing engine, we visualize this information in an intuitive multi-dimensional Sankey diagram, with up to twelve traffic dimensions, including but not limited to Source, Handover, Ingress, Egress, Nexthop, and Destination dimensions.
This visualization allows you to trace the full journey of a packet, from where the traffic is sourcing from (Source AS) to where it terminates (Destination AS) – all grounded in your actual routing and flow data, not approximations.
Flow data is collected at the ingress interface of all internet-facing edge routers. When combined with BGP information, we can infer the forwarding path, including the corresponding egress routers, both of which are displayed within the Sankey’s respective dimensions.
To take it even further, BENOCS enables you to tag and group these routers by city, country, region, or custom groupings, making traffic analysis geographically meaningful and accurate.
This gives you a precise and actionable view of traffic exchange between locations in your network. You’re not relying on a third-party’s guess: you’re seeing real, topologically and geographically grounded data from your own routers. Why settle for outdated or inaccurate geolocation databases when your network already holds the truth? And also, the geo-location of an IP might be very different than the location of your egress-router, which is the last point your network sees this packet.
Geo-IP databases offer a convenient, quick-glance view of where traffic might be coming from, and for many applications, that’s good enough. But when you’re a network operator responsible for making high-stakes decisions about traffic engineering, capacity planning, or routing optimization, “good enough” simply isn’t.
As we’ve seen, Geo-IP data can be outdated, inaccurate at city-level, and increasingly unreliable due to VPNs, mobile networks, and evolving topologies. It’s a blunt tool for what should be a precise task.
At BENOCS, we believe that your network already contains the most reliable source of truth. By analyzing real-time BGP, Flow, and IGP data directly from your own routers, we empower you to see not just where your traffic might be coming from but where it actually enters and exits your infrastructure. With this ground-truth visibility, you gain clarity, confidence, and control over your network’s geographic traffic flows – no guesswork required.
So the next time you’re questioning where your traffic comes from, don’t ask a third-party database. Ask your network. It knows.
References:
