| ▲ | HotGarbage 11 hours ago |
| While exits matter to avoid countries with a nation-wide firewall, the geoip industry is a scourge. If an ISP wants to help their users avoid geoblocking via https://www.rfc-editor.org/rfc/rfc8805.html more power to them. |
|
| ▲ | londons_explore 11 hours ago | parent | next [-] |
| With CGNAT becoming more widespread, formats like this might need expansion to include location data for ports. Ie. Port 10,000-20,000 are consumers in New york, port numbers 20000-30000 are in Boston, etc. |
| |
| ▲ | raggi 10 hours ago | parent | next [-] | | Do you have actual evidence of this? What ASN operates this way? | |
| ▲ | kalaksi 10 hours ago | parent | prev [-] | | Sounds awful, though. Maybe we should get more widespread usage for IPv6 instead. | | |
| ▲ | sgjohnson 9 hours ago | parent [-] | | Yes. I’ll never forgive IETF for standardizing CGNAT back in 2013. They should have just said “no, deploy IPv6 with a transition technology”. If that had happened, IPv4 would likely already could be regarded as a relic of the past. | | |
| ▲ | kortilla 8 hours ago | parent [-] | | The ietf standardization was irrelevant so I would give them some slack. ISPs were using CGNAT already in a widespread fashion. The ietf just said, “if we’re gonna do this shit, at least stay out of the blocks used by private networks”. |
|
|
|
|
| ▲ | dustywusty 10 hours ago | parent | prev | next [-] |
| Can really spot someone who has never had to deal with OFAC with a comment like this. Even if I don't necessarily agree with the concept, or who is actually being blocked, my business is dead in the water if I'm a) sent to prison or b) fined out of existence. Geographic IP information is one of our best tools to defend against those outcomes, and if anything it should be better. |
| |
| ▲ | HotGarbage 10 hours ago | parent | next [-] | | If you were serious about limiting who uses your services you'd use an allowlist of ASNs. Even then, what about users using US-based residential proxies? | | |
| ▲ | dustywusty 10 hours ago | parent | next [-] | | ASNs can obviously span multiple countries, and aren't a great way to gate this at all. While we block ASNs we KNOW are owned/operated by companies in limited countries, but I couldn't imagine a worse way to approach it at scale. Hate doing it, it's heavy-handed and wrong. | |
| ▲ | kortilla 8 hours ago | parent | prev [-] | | ASNs aren’t going to cut it. Google “residential proxies” |
| |
| ▲ | AnthonyMouse 9 hours ago | parent | prev [-] | | > Even if I don't necessarily agree with the concept, or who is actually being blocked, my business is dead in the water if I'm a) sent to prison or b) fined out of existence. Is there some specific way we can get the laws like this to be gone? They're obviously useless (witness this very thread of people describing ways for anyone to get around them) and threatening people with destruction for not doing something asinine isn't the sort of thing any decent government should be doing. |
|
|
| ▲ | boredatoms 9 hours ago | parent | prev [-] |
| I hope they can use DNS for this instead like they do PTR entries |
