IP Geo localization setup
Notes before installation
Oplon IP Geo Localization is a service available at the balancing and routing level to locate the source of requests through IP addressing.
The service is divided into two elements such as the Downloader of the topography of the worldwide routing routes and the use by the balancing service.
The IP address topography tables must be updated periodically because their distribution or reassignment is continuous.
A good frequency ratio of updating tables is about 30 solar days.
This document is for configuring the downloading service only and using the filter rules of the balancing and routing component. For the installation of The Monitor components, refer to the installation documents LBL_Platform_Installation.pdf and LBL_StandardEnterprise_Installation.pdf.
Introduction
The periodic update of the tables of the world IP topography, Oplon IP Geo Localization Downloader, is a service provided by subscribing to component maintenance Oplon LoadBalancer. When you subscribe or renew maintenance, your login and password will be deployed to access the repository update service.
Downloader - A01_LBLIPGeolocalizationDownloader
In each Oplon S.A.A.I. deployment. A new process is now available that allows you to update the repository of the world IP topography on a regular basis.
You can access the service configuration Oplon Management Console A01_LBLIPGeolocalizationDownloader process as shown in the image below. The A01_LBLIPGeolocalizationDownloader process is the process that oversees the timed download of the updated repository.
Setup - A01_LBLIPGeolocalizationDownloader
The setup of the process is very simple because it is preconfigured in the factory. From the context menu, right-click in the process tree and Properties option, access the service configuration files.
Once You select Properties in the right pane, the configuration descriptors will be loaded.
The setup service provides the three panels for general process configuration plus the panel (iplocalizationdownloader) for setting service-specific parameters:
Position yourself in the "iplocalizationdownloader" panel for the job setup:
The first parameter, downloadDir property, specifies the final download location of the repository file(s). The default location is the directory where Oplon LoadBalancer expects to find the location file.
The second parameter, ipLocalozationFileName property, is the name that the repository file will take after its full dawnload.
The parameter downloadURL property is the download URL of the repository file. The parameter is preset with the download URL from the TCOProject site but can be changed to centralize the download at the datacenter level.
The parameters user And Password must be set with the corresponding values issued by TCOProject at the time of signing the maintenance contract. These values are used to access the repository file update service.
The parameter fileMaxSize property is used to limit the maximum size of the download file to avoid any interference with run-time.
If the download system needs to traverse a proxy to reach the TCOProject download service, you must set proxyAddress property, proxyPort property and if they require authentication, even proxyUser property And proxyPassword property.
The parameter expireDays property indicates how often new versions are downloaded. When writing this document, a 30-day frequency is more than enough to ensure a good repository update.
keepGzip property if set to true allows you to download, verify the content, and then generate the file locally in .gzip format (....gep.gz). This parameter in a datacenter with many balancing instances is used to centralize the download to a single internal repository and then make it available locally.
IP Geo Localization Filter Setup
Setting geolocation filters in balancing and routing processes is
achieved by applying simple rewrite rules in the iproxy.xml
configuration file of the balancing and routing processes to the
paragraph <rewriteManagement>.
The following example sets a rule named "LBL_IPGEOLOC_FILTER" Designed to accept IP addresses from Italy, France and Great Britain.
The country definition is in two-letter encoded ISO 3166 format.
You can also indicate with ".." addresses that do not have a match in the repository. This indication is very useful as the address/country association is not 100% accurate and is constantly evolving. With ".." we still make sure that an address, not found in the repository, is considered valid allowing the service to be delivered. In the following example, ".." is preceded by the escape backslash character".
With country "ZZ" you can specify IETF reserved addresses. For example, IETF reserved addresses include localhosts: IPv4 127.0.0.1; IPv6 [::1]. (at the time of writing: RFC 1918, 1700, 3330, 3068, 2544, 3171 and subsequent modifications)
It is possible to query the origin of the IP from the reserved variable "REQUEST_INCOMING_COUNTRY". The modifier Eval allows you to filter in white or black list. In this case Eval="NOT", the filter is set up in white list, that is, if the condition does not occur, a redirectTo a www.oplon.com (opens in a new tab).
Using rewrite rules, you can take advantage of all the expressiveness provided by the OPLON rewriter®LoadBalancer.
For example, in the rule below, an additional condition has been added in AND to allow entry to all addresses from Italy, France, Great Britain, but also localhost and all addresses starting at 192.168.4 .
In other cases, Oplon LoadBalancer will send the browser a redirect to www.oplon.com (opens in a new tab).
As with other rewrite rules once defined to be applied, you must
associate them with the affected streams. The association is the same as
for the other rules by setting the <endPointsGrouping> Or
<virtualDomain> up to the endpoint group (<endp>) the parameter
rewriteHeaderRules property.