|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
X-Original-To: nanog@nanog.org
From: Owen DeLong <owen@delong.com>
In-Reply-To: <CA+HzidTnQUBsVW1E9Ss5EJdkqRw3_NsDmCs8+A_6PZyMs67k-Q@mail.gmail.com>
Date: Mon, 6 Jun 2016 22:59:34 -0700
To: Spencer Ryan <sryan@arbor.net>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
I believe there are a lot more than 4.
Owen
> On Jun 6, 2016, at 8:25 PM, Spencer Ryan <sryan@arbor.net> wrote:
>=20
> The tunnelbroker service acts exactly like a VPN. It allows you, from =
any
> arbitrary location in the world with an IPv4 address, to bring traffic =
out
> via one of HE's 4 POP's, while completely masking your actual =
location.
>=20
>=20
> *Spencer Ryan* | Senior Systems Administrator | sryan@arbor.net
> *Arbor Networks*
> +1.734.794.5033 (d) | +1.734.846.2053 (m)
> www.arbornetworks.com
>=20
> On Mon, Jun 6, 2016 at 11:22 PM, Blair Trosper =
<blair.trosper@gmail.com>
> wrote:
>=20
>> It should be pointed out that -- the SPECIFIC accusation from Netflix =
-- is
>> that people on TunnelBroker are on a VPN or proxy unblocker.
>>=20
>> The data does not bear that out. Hash tag just saying.
>>=20
>> </soapbox>
>>=20
>> On Mon, Jun 6, 2016 at 7:53 PM, Ricky Beam <jfbeam@gmail.com> wrote:
>>=20
>>> On Mon, 06 Jun 2016 19:41:14 -0400, Mark Andrews <marka@isc.org> =
wrote:
>>>=20
>>>> What lie? Truly who is lying here. Not the end user. Not HE. =
There
>> is
>>>> no requirement to report physical location.
>>>>=20
>>>=20
>>> The general lie that is IP Geolocation. HE only has what I tell them
>> (100%
>>> unverified), and what MaxMind (et.al.) tell them (~95% unverified.) =
They
>>> know my IPv4 endpoint address, but that doesn't give them a concrete
>> street
>>> address -- they're guessing in exactly the same way everyone else =
does.
>> And
>>> more to the point, HE doesn't share that information with anyone. =
(whois
>> is
>>> populated with your account information. they don't ask where your
>> tunnels
>>> are going.)
>>>=20
>>> Are they legally required to go to this level?
>>>>=20
>>>=20
>>> Possibly, but Netflix isn't going to push this. Win or Lose, they =
still
>>> lose distribution rights.
>>>=20
>>> Netflix (and their licensees) know people are using HE tunnels to =
get
>>>>> around region restrictions. Their hands are tied; they have to =
show
>>>>> they're doing something to limit this.
>>>>>=20
>>>>=20
>>>> No, they do not know. The purpose of HE tunnels is to get IPv6 =
service.
>>>> The fact that the endpoints are in different countries some of the =
time
>>>> is incidental to that.
>>>>=20
>>>=20
>>> YES. THEY. DO. There have been entire COMPANIES doing this. (which =
is
>>> likely what sparked this level of response.) Neither HE nor Netflix =
are
>>> naming names, but a short walk through the more colorful parts of =
the
>>> internet should be enlightening.
>>>=20
>>> Garbage. You have to establish the tunnel which requires =
registering
>>>> a account. It also requires a machine at the other end. Virtual
>>>> or physical they don't move around the world in a DDNS update. The
>>>> addresses associated with a tunnel don't change for the life of
>>>> that tunnel.
>>>>=20
>>>=20
>>> True. 'tho, you can list any nonsense address you want. They do =
nothing
>> to
>>> validate it. (Use my favorite BS address: Independence MT -- pop: =
zero.
>>> It's a dirt road across a mountain in the middle of absolutely =
nowhere.
>>> Google it!)
>>>=20
>>> The tunnel endpoint (your IPv4 address) is known only to HE, and not
>>> exposed to ANYONE. That's not going to EVER change. Once your tunnel =
has
>>> been setup, that address ("Client IPv4 Address") is not set in =
stone.
>>> People have dynamic addresses, and HE recognizes this, so there are
>>> numerous methods to change the tunnel endpoint address. (tunnel
>>> configuration page, update through an http(s) request, etc.) THUS, a
>> tunnel
>>> can move; it can be terminated anywhere, at anytime. Not only can =
one
>>> update the endpoint to a different address on the same box, but to a
>>> completely different box entirely.
>>>=20
>>> Furthermore, one account can have several tunnels through different
>>> servers that present addresses from different regions. Where I =
appear to
>> be
>>> in the world, thus, depends on which tunnel I have enabled. (and in =
which
>>> countries HE has prefixes, which currently appears to be 4)
>>>=20
>>=20
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |