How to Do IP Address Geolocation Lookups on Linux

You have probably noticed different services on the Internet which automatically know roughly where you are in the world. From music and video stream services to online stores, these services use a technique, called IP geolocation, which matches your approximate physical location with the IP address you are using. Whenever you connect to the Internet, your device is assigned an IP address from a pool of addresses which are allocated to the different telecommunication companies. The way these addresses work can be quite complicated, but because they are assigned in blocks, it is possible to build a database which maps a block of addresses to a country or even a particular area or city.

The good news is that doing these geolocation lookups isn’t only for the big corporate and mega websites. There are a number of free online services and even a command line tool for Linux which allows you to lookup IP addresses and get information about where that address is assigned. This can be very useful when you are investigating a suspicious email or strange comments left on a blog. It is also useful when using services that mask your IP address, like a VPN, to ensure that they are working as advertised.

To look up an IP address from the Linux command line, you need to install the “geoiplookup” tool. For Ubuntu and Raspbian use:

To lookup an IP address type the following:

geolocation lookups for IP address

Replace with the address you want to look up. In this example, the address (which is one of Google’s DNS servers) is correctly reported as an address from the USA.

The database provided with your Linux distribution is probably out of date; you can check to see when it was created using the -v flag:

geolocation lookups verbose

In this case, we see that the database was created in August 2013.

The geolocation database is provided by MaxMind, and the company refreshes its databases every month. You can update the database by downloading the latest files directly from

You can now query the database again for its build date:

geolocation lookups verbose 2

The tool now reports that the database was created in April 2014.

MaxMind also provides a City database, which in many cases gives greater accuracy. To install it, use the following commands to download the database and copy it to the GeoIP directory:

To get the city information, you need to tell the “geoiplookup” tool to use the city database:

geolocation lookups city database

This time, geoiplookup tells us the address is in Florida and more specifically in Summerfield, Florida.

Online service

As well as the geoiplookup tool, there are a number of online services which can provide geolocation information. For example, if you open in your web browser, the site will give you information about your current location.

geolocation lookups with geoiptool

Another site has an API which is designed to be used in the backend of websites or from within applications. However, it can also be used from the command line using “curl.” First, ensure that you have “curl” installed:

To get geolocation information in XML format, use:

geolocation lookups with freegeoip API

The XML output reveals that the IP address┬áis used in Evansville, Indiana. You can also get the same data in CSV or JSON format by changing the “xml” part of the URL to “csv” or “json” respectively.

The geoiplookup tool and the online services can be very useful. If you have any questions about using them, please ask in the comments section below.

Gary Sims

Gary has been a technical writer, author and blogger since 2003. He is an expert in open source systems (including Linux), system administration, system security and networking protocols. He also knows several programming languages, as he was previously a software engineer for 10 years. He has a Bachelor of Science in business information systems from a UK University.


  1. Hi,

    That is a good question. The best way is to use a VPN, like, or a privacy suite like


  2. Hello! This post could not be written any better! Reading through this post reminds me of my good fbadgcebedbefgek

  3. Also checkout the API, eg:

    $ curl
    “ip”: “”,
    “hostname”: “”,
    “city”: “Mountain View”,
    “region”: “California”,
    “country”: “US”,
    “loc”: “37.4192,-122.0574”,
    “org”: “AS7922 Comcast Cable Communications, Inc.”,
    “postal”: “94043”

    1. Ben, thanks for the pointer to I did consider that service when I was writing the article, but is rate limited to to 1,000 API requests per day, whereas is limited to 10,000 queries per hour, hence I went with the latter.

  4. Or rather then doing it from the command line, you could just visit: . By using the interactive map tab it’ll also get the human readable closest street address associated with the queried IP address.

  5. Hello everyone! how do i lookup multiple ip address at a time .e.g a rang of ip address from squid access.log that cannot be done manualy.
    thanks a lot in advance

Comments are closed.