[191553] in North American Network Operators' Group
Re: PlayStationNetwork blocking of CGNAT public addresses
daemon@ATHENA.MIT.EDU (Tom Beecher)
Wed Sep 21 11:13:11 2016
X-Original-To: nanog@nanog.org
In-Reply-To: <09342130-874F-4FA4-B410-B7B66A75FA4D@mtin.net>
From: Tom Beecher <beecher@beecher.cc>
Date: Wed, 21 Sep 2016 11:13:06 -0400
To: Justin Wilson <lists@mtin.net>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
I have a hard time accepting that service providers should re-engineer
their networks because other companies cannot properly engineer their abuse
tooling.
On Tue, Sep 20, 2016 at 11:33 AM, Justin Wilson <lists@mtin.net> wrote:
> PSN is one reason I am not a fan of CGNAT. All they see are tons of
> connections from the same IP. This results in them banning folks. Due t=
o
> them being hacked so many times getting them to actually communicate is
> almost impossible. My .02 is just get the gamers a true public if at all
> possible.
>
> Justin Wilson
> j2sw@mtin.net
>
> ---
> http://www.mtin.net Owner/CEO
> xISP Solutions- Consulting =E2=80=93 Data Centers - Bandwidth
>
> http://www.midwest-ix.com COO/Chairman
> Internet Exchange - Peering - Distributed Fabric
>
> > On Sep 20, 2016, at 8:24 AM, Danijel Starman <theghost101@gmail.com>
> wrote:
> >
> > Something similar happened to a local FantasyConon I was helping set up=
,
> we
> > had only two PS4 machines there and accounts provided by Blizzard for
> > Overwatch. Outside IP of the LAN (as it was NATed) was banned by PSN in
> > about 8h. There was no other traffic other then those two accounts
> playing
> > Overwatch so my guess is that they have some too aggressive checks. I'v=
e
> > managed to convince our ISP there to change the outside IP of the link =
so
> > we got them working the next day but it happened again in 8h.
> >
> > --
> > *blap*
> >
> > On Fri, Sep 16, 2016 at 3:12 PM, Simon Lockhart <simon@slimey.org>
> wrote:
> >
> >> All,
> >>
> >> We operate an access network with several hundred thousand users.
> >> Increasingly
> >> we're putting the users behind CGNAT in order to continue to give them
> an
> >> IPv4
> >> service (we're all dual-stack, so they all get public IPv6 too). Due t=
o
> the
> >> demographic of our users, many of them are gamers.
> >>
> >> We're hitting a problem with PlayStationNetwork 'randomly' blocking so=
me
> >> of our
> >> CGNAT outside addresses, because they claim to have received anomalous=
,
> or
> >> 'attack' traffic from that IP. This obviously causes problems for the
> other
> >> legitimate users who end up behind the same public IPv4 address.
> >>
> >> Despite numerous attempts to engage with PSN, they are unwilling to
> give us
> >> any additional information which would allow us to identify the 'rogue=
'
> >> users
> >> on our network, or to identify the 'unwanted' traffic so that we could
> >> either
> >> block it, or use it to identify the rogue users ourselves.
> >>
> >> Has anyone else come up against the problem, and/or have any
> suggestions on
> >> how best to resolve it?
> >>
> >> Many thanks in advance,
> >>
> >> Simon
> >>
> >>
> >
>
>
