[163190] in North American Network Operators' Group
Re: Geoip lookup
daemon@ATHENA.MIT.EDU (Owen DeLong)
Fri May 24 12:13:51 2013
From: Owen DeLong <owen@delong.com>
In-Reply-To: <519F1684.3080502@vaxination.ca>
Date: Fri, 24 May 2013 09:08:13 -0700
To: Jean-Francois Mezei <jfmezei_nanog@vaxination.ca>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On May 24, 2013, at 00:28 , Jean-Francois Mezei =
<jfmezei_nanog@vaxination.ca> wrote:
> On 13-05-24 02:57, Owen DeLong wrote:
>=20
>> That was exactly my point, Bill... If you have operations in RIPE and =
ARIN regions, it is entirely possible for you to obtain addresses from =
RIPE or ARIN and use them in both locations, or, obtain addresses from =
both RIPE and ARIN and use them in their respective regions, or mix and =
match in just about any imaginable way. Thus, IP addresses don't reside =
in regions, either. They are merely issued somewhat regionally.
>=20
> Correct.
> But the fact remains that a lot of services assume geolocation works =
and
> do so in terms of restricting access to their content (oftent due to
> legacy content rights that require geolocation).
>=20
The fact remains that a certain percentage of the population robs banks.
Neither is a particularly good thing, IMHO.
> One extreme example. A sports equipment retailer operates under a
> different banner in the province of Qu=E9bec than in the rest of =
Canada.
> They geolocate the user's province and prevent qu=E9beckers from =
accessing
> the "rest of canada" web site.
>=20
And the quebeckers that care use a tunnel to get an address that doesn't
geolocate to quebec.
> So residents of ontario who subscribe to an ISP based in Qu=E9bec are
> blocked from the web site because that web site thinks they are based =
in
> Qu=E9bec.
>=20
Which goes to prove my point wrt. bank robbery.
> The problem is with many web designers and managers who do not
> understand geolocation and the ISP business and how they are =
structured.
>=20
So called experts who remain rather ignorant in their field of =
"expertise" are a problem across a wide variety of fields. The internet =
is not unique in this regard and geolocation is just one aspect of this =
problem on the internet.
> In the case of the sports equipment chain. there is no real need to
> geoblock. (perhaps to prevent Qu=E9beckers from seeing the prices in =
the
> rest of canada ?)
>=20
Yep... And even if there were a reason, geoblocking is a joke anyway =
because it is trivially subverted by anyone who cares and more of a =
problem for people who should have access but their IP doesn't match =
their actual geography.
> But in the case of entertainment, rights to programs are purchased =
with
> strict geolocation requirements. One example are pay TV channels TMN
> (Astral) and Movie Central (Shaw). The first has eastern canada, the
> later has western Canada.
But IP geolocation doesn't help in either of these cases. Those wanting =
to subvert the programming restrictions simply use a tunnel to do so. On =
the other hand, a customer who lives near the boundary and gets his =
internet service from the "wrong side" of the boundary has access to the =
service from the wrong geography and not the correct geography.
> an IPTV BDU (regulated "cable" carrier (aka: cable competitor) must
> therefore ensure that a customer to whom it delivers the IPTV feed for
> "TMN" is located in the region for which TMN has rights. Same for all
> channels. And there is also pesky channel substitution requirements
> rhat are based on your location. In Canada, we are not allowed to =
watch
> a program on a US channel if a local TV channel carries the same =
program
> at same time.
And geolocation by IP doesn't actually work to enforce any of these =
restrictions because tunnels easily circumvent it for those that want to =
circumvent it. OTOH, it also breaks the process for those who happen to =
be victims of unfortunate mismatches between topology and geography.
Where the IPTV provider is also the ISP, this isn't really much of a =
problem, but in that case, geo IP is kind of redundant.
Where the IPTV provider is not the ISP, it gets very strange very =
quickly.
> The better solution is to do like satellite BDUs do: billing address.
> But some web based systems ignore the unreliable geolocation services
> and use them to geolocate their customers.
Yep... Again, see above comments about ignorance and bank robbery.
> It is probably the fault of geolocation services which misrepresent =
the
> accuracy of their data. But if you can't beat them, you might as well
> join them, and that may mean separate IP blocks for different
> provinces/states and separate registrations so geoocation companies =
can
> at least get province/state right.
Why would I want to help them? I'd much rather give my customers the =
option of where they want to pretend to be. If I were running a provider =
that crossed such regional boundaries, I'd likely offer a service (for a =
fee) where a customer could tunnel through whichever region got them =
access to the content they wanted at any given time.
> It will get much worse if governments start to tax purchases/services
> based on gelocation.
ROFLMAO... Indeed... That will likely lead to some very interesting =
lawsuits and consumer complaints about invalid taxation due to =
inaccuracies in the geolocation database.
Owen
