CAIDA Routeviews Prefix-to-AS

Plugin: netflow-plugin Module: caida-prefix2as

Overview

Enrich network flows with AS numbers from CAIDA’s Routeviews Prefix-to-AS mapping dataset. CAIDA derives this public dataset from RouteViews BGP data and publishes one prefix-to-origin-AS mapping per line. The official format is tab-separated IP prefix, prefix length, and AS number; multi-origin AS entries can contain multiple ASNs, and the Netdata downloader keeps the first listed origin AS as the simplified per-prefix value.

CAIDA Prefix-to-AS is ASN-only. It does not provide AS organization names or geographic fields. Pair it with DB-IP, MaxMind, IP2Location, IPDeny, IPIP, or another geo provider when you also need *_COUNTRY, city, state, or coordinates.

For the IP-intelligence mechanism (lookup order, MMDB composition, refresh, provider chains), see IP Intelligence.

The netflow plugin reads MMDB files only. CAIDA publishes compressed text data, so use Netdata’s topology-ip-intel-downloader to fetch the latest Routeviews Prefix-to-AS file, convert it to topology-ip-asn.mmdb, and place it in the standard auto-detected cache directory. The plugin reloads the generated MMDB automatically when the file changes.

This integration is only supported on the following platforms:

Linux

This integration runs as a single instance per Netdata Agent.

Default Behavior

Auto-Detection

Not used by the default install. After the downloader writes topology-ip-asn.mmdb into the standard cache path, the plugin auto-detects the generated file.

Limits

ASN number only. No AS organization name, country, state, city, or coordinates are available from this source.

Performance Impact

Lookups are local MMDB reads after conversion. Memory use is mostly the mapped database file and the kernel page cache needed to keep active pages hot.

Setup

Prerequisites

Downloader with CAIDA Prefix-to-AS support

Run the bundled downloader when available. Packaged 32-bit installs do not include this binary:

sudo /usr/sbin/topology-ip-intel-downloader \
  --asn caida:prefix2as \
  --geo dbip:city-lite

caida:prefix2as is valid only for --asn. The example keeps DB-IP city-lite for geo fields; substitute any supported --geo provider if country-only enrichment is sufficient.

CAIDA acceptable use terms

CAIDA documents acceptable-use and attribution requirements on the dataset page. Review the terms before redistributing generated datasets or derived reports.

Configuration

Options

Once the downloader has produced a CAIDA-derived ASN MMDB in the cache directory, the plugin auto-detects it. To pin paths explicitly, set enrichment.geoip.asn_database and keep geo_database pointed at your chosen geographic provider.

Option	Description	Default	Required
enrichment.geoip.asn_database	Path to the CAIDA-derived ASN MMDB. Empty = auto-detect from the cache directory.	[]	no
enrichment.geoip.geo_database	Optional geographic MMDB paths supplied by another provider.	[]	no
enrichment.geoip.optional	When true, missing or unreadable MMDBs are warnings, not fatal at startup.	false (true when auto-detected)	no

via File

The configuration file name for this integration is netflow.yaml.

You can edit the configuration file using the edit-config script from the Netdata config directory.

cd /etc/netdata 2>/dev/null || cd /opt/netdata/etc/netdata
sudo ./edit-config netflow.yaml

Examples

After running the downloader with CAIDA ASN and DB-IP geo

Auto-detection picks up both generated cache files.

enrichment:
  geoip:
    asn_database: []
    geo_database: []
    optional: true

Explicit CAIDA ASN path

Pin CAIDA for AS numbers and keep a separate geo source for country/city fields.

enrichment:
  geoip:
    asn_database:
      - /var/cache/netdata/topology-ip-intel/topology-ip-asn.mmdb
    geo_database:
      - /var/cache/netdata/topology-ip-intel/topology-ip-geo.mmdb
    optional: false

Metrics

Enriches flow records with AS numbers; produces no metrics of its own. Verify on the Network Flows view via SRC_AS and DST_AS.

Alerts

There are no alerts configured by default for this integration.

AS names are empty

CAIDA Prefix-to-AS contains AS numbers, not organization names. Layer a provider with AS organization data, such as MaxMind GeoLite2 ASN or DB-IP ASN Lite, after the CAIDA MMDB in asn_database if AS names matter.

Country fields are empty

This source is ASN-only. Configure a --geo provider in the downloader or point enrichment.geoip.geo_database at a separate geo MMDB.

Multi-origin AS simplification

CAIDA can represent multi-origin prefixes. The downloader uses the first listed AS for the generated single-value MMDB record. If you need full MOAS semantics, use BMP or BioRIS routing enrichment instead of an offline ASN lookup database.