This is a small introduction into a few small ways that Geo-location works. Places like 'Google' use geo-location to track down IP addresses and probably maintain internal databases. How do they get this information? How accurate is it? I'll try to answer these questions.
First and foremost, the geolocation tracking I'm talking about primarily works off the IP address of a client. Most people seem to use this with web applications to try and make educated guesses about the clients whereabouts. If you're running a business that takes credit cards, it's a handy thing to know. If you've got an Indonesian IP address giving you a credit card with an American address, alarm bells start to ring.
There are other ways to guess the nationality of a client, such as HTTP header information, the character set they're using, the languages they accept. These are all very user configurable however and even more error prone than pure IP based geolocation.
I'd like to give some background information on how IP addresses and this Internet thing actually work. I hope this is somewhat informative and interesting!
First of all, ICANN / IANA delegates responsbility of IP management to RIRs (Regional Internet Registries). The acronym is fairly self-explanatory, these are regional bodies. The company I work for - Digiweb - is based in Ireland and receives it's IP allocation from RIPE NCC.
There are currently five RIRs, including one relatively recent addition. Those are RIPE NCC, APNIC, ARIN, LACNIC and the latest one, AfriNIC. These RIRs are each delegated large subnets (a block of IP ranges) which they then sub-delegate out at their discretion. These IPs are delegated to what they call LIRs (local internet registries) which may even delegate them further. Generally a LIR is an ISP or provides ISP like services.
Now, to get back onto the point. Every RIR (RIPE, APNIC, ARIN, LACNIC and AfriNIC) runs a whois service which allows you to lookup information on a particular IP address. The different RIRs have different ways of displaying that information, but there's not too many of them, so noone complains too much.
So, if you take a random IP address, you can find out information on it. One of Irelands biggest ISP is Eircom, which runs a large mailserver mail.eircom.net [159.134.198.135]. We can query the RIPE nameserver to find information on this particular IP address.
$ whois 159.134.198.135
[Querying whois.arin.net]
[Redirected to whois.ripe.net]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Whois query server #1.
% The objects are in RPSL format.
%
% Note: the default output of the RIPE Whois server
% is changed. Your tools may need to be adjusted. See
% http://www.ripe.net/db/news/abuse-proposal-20050331.html
% for more details.
%
% Rights restricted by copyright.
% See http://www.ripe.net/db/copyright.html
% Note: This output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '159.134.0.0 - 159.134.255.255'
inetnum: 159.134.0.0 - 159.134.255.255
netname: TELE-IRELAND
descr: eircom Group plc
descr: Corporate network and public ISP infrastructure
descr: Dublin, Ireland
country: IE
admin-c: EN369-RIPE
tech-c: EN369-RIPE
status: ASSIGNED PI
mnt-by: TE-MNT
source: RIPE # Filtered
role: Eircom Networks
address: Eircom
address: Bianconi Avenue
address: Citywest, Dublin 24
address: Ireland
e-mail: XXXXXXXXX@eircom.net
remarks: -----------------------------------------------------------
remarks: For abuse/spam complaints for addresses from within this block
remarks: please contact the techc and/or adminc for the individual
remarks: inetnum objects. If this does not resolve the problem to
remarks: your satisfaction please submit a report on the web at
remarks: http://support.eircom.net/abuse/
remarks: For information on abuse and what you can do to report it
remarks: and prevent it please see
remarks: http://support.eircom.net/abuse/security.asp
remarks: ---------------------------------------------------------
admin-c: CF2324-RIPE
tech-c: AOR1-RIPE
tech-c: PM1337-RIPE
nic-hdl: EN369-RIPE
mnt-by: TE-MNT
source: RIPE # Filtered
% Information related to '159.134.0.0/16AS5466'
route: 159.134.0.0/16
descr: eircom
origin: AS5466
mnt-by: TE-MNT
source: RIPE # Filtered
You can see the country output in the whois information here. It also tells us the AS number, which we will come back to later on. So, we've got one pretty good method already of telling us where an IP address is coming from.
Another method is using the AS number. The company I work for, Digiweb, uses AS31122 (again, you can find that out by taking a whois of any digiweb IP)
$ whois -h whois.ripe.net AS31122
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Whois query server #2.
% The objects are in RPSL format.
%
% Note: the default output of the RIPE Whois server
% is changed. Your tools may need to be adjusted. See
% http://www.ripe.net/db/news/abuse-proposal-20050331.html
% for more details.
%
% Rights restricted by copyright.
% See http://www.ripe.net/db/copyright.html
% Note: This output has been filtered.
% To receive output for a database update, use the "-B" flag
% Information related to 'AS31000 - AS31743'
as-block: AS31000 - AS31743
descr: RIPE NCC ASN block
remarks: These AS Numbers are further assigned to network
operators in the RIPE NCC service region. AS
assignment policy is documented in:
RIPE NCC members can request AS Numbers using the
form located at: *URL-REMOVED*
org: ORG-NCC1-RIPE
admin-c: CREW-RIPE
tech-c: OPS4-RIPE
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: RIPE-NCC-HM-MNT
source: RIPE # Filtered
organisation: ORG-NCC1-RIPE
org-name: RIPE NCC
org-type: RIR
address: RIPE Network Coordination Centre
address: P.O. Box 10096
address: 1001 EB Amsterdam
address: The Netherlands
phone: +31 20 535 4444
fax-no: +31 20 535 4445
admin-c: CREW-RIPE
tech-c: CREW-RIPE
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
source: RIPE # Filtered
role: RIPE NCC Registration Services Department
address: RIPE Network Coordination Centre
address: P.O. Box 10096
address: 1001 EB Amsterdam
address: the Netherlands
phone: +31 20 535 4444
fax-no: +31 20 535 4445
org: ORG-NCC1-RIPE
admin-c: IANA-RIPE
admin-c: DS16233-RIPE
tech-c: TH2221-RIPE
tech-c: KL1200-RIPE
tech-c: IPCS1-RIPE
tech-c: TIM4-RIPE
tech-c: FIL
tech-c: ACM2-RIPE
tech-c: IW112-RIPE
tech-c: PINK1-RIPE
tech-c: RG947-RIPE
tech-c: XAV
tech-c: IFP1-RIPE
tech-c: AKA
tech-c: SD1131-RIPE
tech-c: SLON-RIPE
tech-c: CATH
tech-c: ALEX
tech-c: AMIT
nic-hdl: CREW-RIPE
abuse-mailbox: abuse@ripe.net
mnt-by: RIPE-NCC-HM-MNT
source: RIPE # Filtered
role: RIPE NCC Operations
address: Singel 258
address: 1016 AB Amsterdam
address: The Netherlands
phone: +31 20 535 4444
fax-no: +31 20 535 4445
admin-c: AMR68-RIPE
admin-c: BRD-RIPE
tech-c: GL7321-RIPE
tech-c: MG241-RIPE
tech-c: BVG-RIPE
tech-c: CC476-RIPE
tech-c: MD859-RIPE
tech-c: JA47
tech-c: FAB-RIPE
tech-c: BC1523-RIPE
tech-c: RVS14-RIPE
tech-c: MENN1-RIPE
tech-c: EMIL-RIPE
tech-c: JDC-RIPE
tech-c: SSIE-RIPE
tech-c: RCO-RIPE
nic-hdl: OPS4-RIPE
mnt-by: RIPE-NCC-MNT
source: RIPE # Filtered
% Information related to 'AS31122'
aut-num: AS31122
as-name: DIGIWEB-AS
descr: Digiweb Ltd.
import: from AS13076
action pref=70;
accept ANY
import: from AS6461
action pref=70;
accept ANY
import: from AS3257
action pref=70;
accept ANY
import: from AS21493 # PacketExchange eXpress
action pref=80;
accept AS21493
import: from AS1213 # HEAnet @ INEX
action pref=80;
accept AS-HEANET
import: from AS2110 # ESAT-BT @ INEX
action pref=80;
accept AS-IEUNET
import: from AS5466 # EIRCOM @ INEX
action pref=80;
accept AS-EIRCOM
import: from AS25441 # IBB @ INEX
action pref=80;
accept AS25441
import: from AS9196 # NETSOURCE @ INEX
action pref=80;
accept AS-NETSOURCE
import: from AS5089 # NTL @ INEX
action pref=80;
accept AS-NTLI
import: from AS29650 # Hosting365 @ INEX
action pref=80;
accept AS29650
import: from AS31458 # Smart Telecom @ INEX
action pref=80;
accept AS-SMART
import: from AS8068 # Microsoft EU @ INEX
action pref=80;
accept AS-MICROSOFTEU
import: from AS16171 # Strencom ISP @ INEX
action pref=80;
accept AS16171
import: from AS12293 # Internet Ireland @ INEX
action pref=80;
accept AS12293
import: from AS34245 # Magnet Network @ INEX
action pref=80;
accept AS34245
import: from AS34317 # Clearwire Ireland @ INEX
action pref=80;
accept AS34317
import: from AS39122 # Blacknight Internet Solutions @ INEX
action pref=80;
accept AS39122
import: from AS39233 # Blueface @ INEX
action pref=80;
accept AS39233
import: from AS2128 # INEX
action pref=80;
accept AS2128
export: to AS13076 announce AS31122
export: to AS6461 announce AS31122
export: to AS3257 announce AS31122
export: to AS21493 announce AS31122
export: to AS1213 announce AS31122
export: to AS2110 announce AS31122
export: to AS5466 announce AS31122
export: to AS25441 announce AS31122
export: to AS9196 announce AS31122
export: to AS5089 announce AS31122
export: to AS29650 announce AS31122
export: to AS31458 announce AS31122
export: to AS8068 announce AS31122
export: to AS16171 announce AS31122
export: to AS12293 announce AS31122
export: to AS34245 announce AS31122
export: to AS34317 announce AS31122
export: to AS39122 announce AS31122
export: to AS39233 announce AS31122
export: to AS2128 announce AS31122
admin-c: DGWB1-RIPE
tech-c: DGWB1-RIPE
mnt-by: DIGIWEB-MNT
mnt-routes: DIGIWEB-MNT
source: RIPE # Filtered
role: Digiweb Network Engineering
nic-hdl: DGWB1-RIPE
address: Digiweb Ltd.
address: IDA Business Park
address: Dundalk
address: Co. Louth
address: Republic of Ireland
phone: XXXXXXXXXXXXXXXXXX
fax-no: XXXXXXXXXXXXXXXXXX
admin-c: CP43-RIPE
tech-c: DR515-RIPE
tech-c: MK8976-RIPE
tech-c: MS12393-RIPE
tech-c: PL3332-RIPE
tech-c: MA1262-RIPE
mnt-by: DIGIWEB-MNT
source: RIPE # Filtered
Not only can we see the address information through having an AS number but we can also see who Digiweb peers with. If Digiweb are peering with all companies who also have Irish addresses and they have whois information with an Irish address and their AS information is registered to an Irish address, we can probably say with some certainty, they're Irish :)
The accuracy of this information is good in some cases and not so good in others.
I had a connection provided by NTL whose IP range was listed with a contact address in England. Google would bring me to google.co.uk and I was able to access UK-only content on bbc.co.uk (which again uses IP based geo-location).
There are anomalies like these everywhere but I've heard the accuracy is over 90% just off basic information like that above without any human intervention. Some of the databases you can purchase off the internet reckon they have 99% accuracy and take into account for 99% of the anomalies around. How well you can believe them is another story!