libloc 0.9.11 released - Location

3 Mar 2022


      Hello,
This is the release announcement for libloc 0.9.11. It comes with the following changes:
Most changes are around the exporter, which is now able to write any output to the console. This is useful when you want to load a custom list of countries or ASes directly into ipset or nftables like so:
root@michael:/build/libloc# location -d /var/lib/location/database.db export --format=nftables --family=ipv6 AS204867 VA
define VAv6 = {
        2a01:b8::/32,
        2a01:84a0:2000::/40,
        2a04:640::/29,
        2a06:9f80::/29,
        2a06:a005:4::/48,
        2a07:8100::/29,
        2a09:4c0:f100::/40,
        2a0e:b101:f100::/40,
        2a0e:b107:aef::/48,
        2a0e:b107:1000::/44,
        2a0f:b9c1:100::/46,
        2a0f:b9c1:10e::/48,
}
define AS204867v6 = {
        2001:678:b28::/48,
}
This command lists all sets that belong to AS204867 or VA in the desired format.
In order to increase performance, we will now no longer “flatten” the tree for ipset and nftables, because those formats can handle overlapping networks. xt_geoip on the other hand needed a list of non-overlapping, sorted IP networks, which causes a lot of extra work to convert the data from the database into this format.
The names of the sets have been already for ipset and nftables. For a country XX, the sets are now called XXv6 and XXv4 for IPv6 and IPv4 respectively. The same schema applies to autonomous systems, e.g.: AS204867v6 AS204867v4.
This change was required because sets cannot mix IPv6 and IPv4 addresses and it is desirable to use both.
For ipset, the parameters that create a set have been changed:
* The maximum size of each set is set to 1 million. We used to hard-code 64k, which was exceeded by a couple of countries, and setting  it to the actual size of a set didn’t allow to reload a set in ipset without destroying the format set first. For that reason, we set this to a maximum that nobody should ever reach.
* The hashsize used to be set to 1024 which is the default for ipset. However, this creates a performance problem for large sets when the system spends a lot of time searching through linked lists. To avoid that, we increase the size of the hash table aiming for a fill-factor of 0.75 which should make any lookup fast. This comes at the cost of slightly increased memory usage. See the commit messages for more details.
Misc.
* The LACNIC parser introduced in the previous release has been fixed and should not be able to parse all IP addresses correctly
Thank you to everyone who has contributed to this release.
You can find the source here:
https://git.ipfire.org/?p=location/libloc.git;a=shortlog;h=refs/tags/0.9.11
 https://source.ipfire.org/releases/libloc/libloc-0.9.11.tar.gz
Best,
-Michael