Digital Element, Neustar (Transunion) & ipinsight.io
One would think that if you are in the business of selling data, specifically, location data, that you would have a link on your website for people to contact you in regards to updating that data so that the data you are selling is accurate data. Or do you prefer to sell inaccurate data or do you just not care about the accuracy of your product? Anyways, i’ll get off of my soap box… ***ATTENTION*** Digital Element, Neustar and ipinsight.io folks…. How does one report to you inaccurate geolocation data? Anyone on list that could possibly help a brother out? Thank You, Mike
On 22/08/25 07:52, Mike Lyon via NANOG wrote:
One would think that if you are in the business of selling data, specifically, location data, that you would have a link on your website for people to contact you in regards to updating that data so that the data you are selling is accurate data. Or do you prefer to sell inaccurate data or do you just not care about the accuracy of your product?
It wouldn't be surprising. Most of capitalism is done for appearances' sake now, especially stuff that nobody will really notice if it's done wrong. Nobody cares if a few hundred people can't use Netflix because it thinks they're in the wrong region - not even Netflix. Those few hundred people might care, but their opinions don't matter. You see this more in security stuff - all theater so somebody can tick a box saying they did security.
Anyways, i’ll get off of my soap box…
***ATTENTION*** Digital Element, Neustar and ipinsight.io folks….
How does one report to you inaccurate geolocation data?
Anyone on list that could possibly help a brother out?
Thank You, Mike _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/PFBC3O4O...
Just like that other thread, where it turns out he spammers are the first ones to utilize any new anti-spam technology, a good bet a large percentage of the folks who want to upload their own geo-location data are the folks trying to circumvent geo-location for whatever reasons folks have to circumvent geo-location. If you're the geo-location provider, you're going to need to independently verify geo-location by whatever means you use to determine geo-location without submissions. You can't trust submissions, so why take submissions at all? I'm not saying not geo-locations services shouldn't have any means to have inaccuracies reported. I'm just saying the information they get by such means may not be all that valuable or actionable. On Fri, Aug 22, 2025 at 1:02 PM nanog--- via NANOG <nanog@lists.nanog.org> wrote:
One would think that if you are in the business of selling data, specifically, location data, that you would have a link on your website for
On 22/08/25 07:52, Mike Lyon via NANOG wrote: people to contact you in regards to updating that data so that the data you are selling is accurate data. Or do you prefer to sell inaccurate data or do you just not care about the accuracy of your product?
It wouldn't be surprising. Most of capitalism is done for appearances' sake now, especially stuff that nobody will really notice if it's done wrong. Nobody cares if a few hundred people can't use Netflix because it thinks they're in the wrong region - not even Netflix. Those few hundred people might care, but their opinions don't matter.
You see this more in security stuff - all theater so somebody can tick a box saying they did security.
Anyways, i’ll get off of my soap box…
***ATTENTION*** Digital Element, Neustar and ipinsight.io folks….
How does one report to you inaccurate geolocation data?
Anyone on list that could possibly help a brother out?
Thank You, Mike _______________________________________________ NANOG mailing list
https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/PFBC3O4O... _______________________________________________ NANOG mailing list
https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/MH6TVWNN...
If only there was a registry for IPs and an RFC for geofeed structure. On Sat, Aug 23, 2025, 2:01 AM Crist Clark via NANOG <nanog@lists.nanog.org> wrote:
Just like that other thread, where it turns out he spammers are the first ones to utilize any new anti-spam technology, a good bet a large percentage of the folks who want to upload their own geo-location data are the folks trying to circumvent geo-location for whatever reasons folks have to circumvent geo-location. If you're the geo-location provider, you're going to need to independently verify geo-location by whatever means you use to determine geo-location without submissions. You can't trust submissions, so why take submissions at all?
I'm not saying not geo-locations services shouldn't have any means to have inaccuracies reported. I'm just saying the information they get by such means may not be all that valuable or actionable.
On Fri, Aug 22, 2025 at 1:02 PM nanog--- via NANOG <nanog@lists.nanog.org> wrote:
One would think that if you are in the business of selling data, specifically, location data, that you would have a link on your website for
On 22/08/25 07:52, Mike Lyon via NANOG wrote: people to contact you in regards to updating that data so that the data you are selling is accurate data. Or do you prefer to sell inaccurate data or do you just not care about the accuracy of your product?
It wouldn't be surprising. Most of capitalism is done for appearances' sake now, especially stuff that nobody will really notice if it's done wrong. Nobody cares if a few hundred people can't use Netflix because it thinks they're in the wrong region - not even Netflix. Those few hundred people might care, but their opinions don't matter.
You see this more in security stuff - all theater so somebody can tick a box saying they did security.
Anyways, i’ll get off of my soap box…
***ATTENTION*** Digital Element, Neustar and ipinsight.io folks….
How does one report to you inaccurate geolocation data?
Anyone on list that could possibly help a brother out?
Thank You, Mike _______________________________________________ NANOG mailing list
https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/PFBC3O4O...
_______________________________________________ NANOG mailing list
https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/MH6TVWNN...
_______________________________________________ NANOG mailing list
So if they dont take submissions and they don’t apparently read WHOIS data, is the end user (eyeballs) basically just screwed and at the mercy of whatever crappy methodology they use to determine their (crappy) location? There has got to be a better way…
On Aug 22, 2025, at 23:01, Crist Clark via NANOG <nanog@lists.nanog.org> wrote:
Just like that other thread, where it turns out he spammers are the first ones to utilize any new anti-spam technology, a good bet a large percentage of the folks who want to upload their own geo-location data are the folks trying to circumvent geo-location for whatever reasons folks have to circumvent geo-location. If you're the geo-location provider, you're going to need to independently verify geo-location by whatever means you use to determine geo-location without submissions. You can't trust submissions, so why take submissions at all?
I'm not saying not geo-locations services shouldn't have any means to have inaccuracies reported. I'm just saying the information they get by such means may not be all that valuable or actionable.
On Fri, Aug 22, 2025 at 1:02 PM nanog--- via NANOG <nanog@lists.nanog.org> wrote:
On 22/08/25 07:52, Mike Lyon via NANOG wrote: One would think that if you are in the business of selling data, specifically, location data, that you would have a link on your website for people to contact you in regards to updating that data so that the data you are selling is accurate data. Or do you prefer to sell inaccurate data or do you just not care about the accuracy of your product?
It wouldn't be surprising. Most of capitalism is done for appearances' sake now, especially stuff that nobody will really notice if it's done wrong. Nobody cares if a few hundred people can't use Netflix because it thinks they're in the wrong region - not even Netflix. Those few hundred people might care, but their opinions don't matter.
You see this more in security stuff - all theater so somebody can tick a box saying they did security.
Anyways, i’ll get off of my soap box…
***ATTENTION*** Digital Element, Neustar and ipinsight.io folks….
How does one report to you inaccurate geolocation data?
Anyone on list that could possibly help a brother out?
Thank You, Mike _______________________________________________ NANOG mailing list
https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/PFBC3O4O... _______________________________________________ NANOG mailing list
https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/MH6TVWNN...
_______________________________________________ NANOG mailing list
This is how it's been for years. On Sat, Aug 23, 2025, 2:19 AM Mike Lyon via NANOG <nanog@lists.nanog.org> wrote:
So if they dont take submissions and they don’t apparently read WHOIS data, is the end user (eyeballs) basically just screwed and at the mercy of whatever crappy methodology they use to determine their (crappy) location?
There has got to be a better way…
On Aug 22, 2025, at 23:01, Crist Clark via NANOG <nanog@lists.nanog.org> wrote:
Just like that other thread, where it turns out he spammers are the first ones to utilize any new anti-spam technology, a good bet a large percentage of the folks who want to upload their own geo-location data are the folks trying to circumvent geo-location for whatever reasons folks have to circumvent geo-location. If you're the geo-location provider, you're going to need to independently verify geo-location by whatever means you use to determine geo-location without submissions. You can't trust submissions, so why take submissions at all?
I'm not saying not geo-locations services shouldn't have any means to have inaccuracies reported. I'm just saying the information they get by such means may not be all that valuable or actionable.
On Fri, Aug 22, 2025 at 1:02 PM nanog--- via NANOG < nanog@lists.nanog.org> wrote:
On 22/08/25 07:52, Mike Lyon via NANOG wrote: One would think that if you are in the business of selling data, specifically, location data, that you would have a link on your website for people to contact you in regards to updating that data so that the data you are selling is accurate data. Or do you prefer to sell inaccurate data or do you just not care about the accuracy of your product?
It wouldn't be surprising. Most of capitalism is done for appearances' sake now, especially stuff that nobody will really notice if it's done wrong. Nobody cares if a few hundred people can't use Netflix because it thinks they're in the wrong region - not even Netflix. Those few hundred people might care, but their opinions don't matter.
You see this more in security stuff - all theater so somebody can tick a box saying they did security.
Anyways, i’ll get off of my soap box…
***ATTENTION*** Digital Element, Neustar and ipinsight.io folks….
How does one report to you inaccurate geolocation data?
Anyone on list that could possibly help a brother out?
Thank You, Mike _______________________________________________ NANOG mailing list
https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/PFBC3O4O...
_______________________________________________ NANOG mailing list
https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/MH6TVWNN...
_______________________________________________ NANOG mailing list
NANOG mailing list
https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/EIN3Z6YB...
It's a basic principle of a free market that you cannot force someone to provide service. If Netflix wants to ban certain IP ranges at random, they're allowed to do that and the only recourse is whining. On 23 August 2025 08:18:13 CEST, Mike Lyon via NANOG <nanog@lists.nanog.org> wrote:
So if they dont take submissions and they don’t apparently read WHOIS data, is the end user (eyeballs) basically just screwed and at the mercy of whatever crappy methodology they use to determine their (crappy) location?
There has got to be a better way…
On Aug 22, 2025, at 23:01, Crist Clark via NANOG <nanog@lists.nanog.org> wrote:
Just like that other thread, where it turns out he spammers are the first ones to utilize any new anti-spam technology, a good bet a large percentage of the folks who want to upload their own geo-location data are the folks trying to circumvent geo-location for whatever reasons folks have to circumvent geo-location. If you're the geo-location provider, you're going to need to independently verify geo-location by whatever means you use to determine geo-location without submissions. You can't trust submissions, so why take submissions at all?
I'm not saying not geo-locations services shouldn't have any means to have inaccuracies reported. I'm just saying the information they get by such means may not be all that valuable or actionable.
On Fri, Aug 22, 2025 at 1:02 PM nanog--- via NANOG <nanog@lists.nanog.org> wrote:
On 22/08/25 07:52, Mike Lyon via NANOG wrote: One would think that if you are in the business of selling data, specifically, location data, that you would have a link on your website for people to contact you in regards to updating that data so that the data you are selling is accurate data. Or do you prefer to sell inaccurate data or do you just not care about the accuracy of your product?
It wouldn't be surprising. Most of capitalism is done for appearances' sake now, especially stuff that nobody will really notice if it's done wrong. Nobody cares if a few hundred people can't use Netflix because it thinks they're in the wrong region - not even Netflix. Those few hundred people might care, but their opinions don't matter.
You see this more in security stuff - all theater so somebody can tick a box saying they did security.
Anyways, i’ll get off of my soap box…
***ATTENTION*** Digital Element, Neustar and ipinsight.io folks….
How does one report to you inaccurate geolocation data?
Anyone on list that could possibly help a brother out?
Thank You, Mike _______________________________________________ NANOG mailing list
https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/PFBC3O4O... _______________________________________________ NANOG mailing list
https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/MH6TVWNN...
_______________________________________________ NANOG mailing list
NANOG mailing list https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/EIN3Z6YB...
On 8/23/25 08:40, nanog--- via NANOG wrote:
It's a basic principle of a free market that you cannot force someone to provide service. If Netflix wants to ban certain IP ranges at random, they're allowed to do that and the only recourse is whining.
Customers in those random IP ranges who are paying for the service would beg to differ. They're paying for a service which Netflix intentionally is refusing to provide, based on erroneous data from a third party hired by Netflix. Part of the problem is that the term "IP address" was chosen instead of "IP number" or "IP identifier". It leads to the false assumption that an "address" relates to a physical location. -- Jay Hennigan - jay@west.net Network Engineering - CCIE #7880 503 897-8550 - WB6RDV
Many companies seem to be capable of pulling geofeeds from whois. When I was still at an eyeball network, we published in whois, and the amount of geolocation complaints from customers plummeted significantly. The only outlier was Digital Element, which sadly is utilized by a lot of popular streaming services. I even tried to provide them with the link to geofeed in one of my many tickets to them, and they acted like I was speaking a foreign language. On Aug 23, 2025, at 1:17 AM, Josh Luthman via NANOG <nanog@lists.nanog.org> wrote: If only there was a registry for IPs and an RFC for geofeed structure. On Sat, Aug 23, 2025, 2:01 AM Crist Clark via NANOG <nanog@lists.nanog.org> wrote: Just like that other thread, where it turns out he spammers are the first ones to utilize any new anti-spam technology, a good bet a large percentage of the folks who want to upload their own geo-location data are the folks trying to circumvent geo-location for whatever reasons folks have to circumvent geo-location. If you're the geo-location provider, you're going to need to independently verify geo-location by whatever means you use to determine geo-location without submissions. You can't trust submissions, so why take submissions at all? I'm not saying not geo-locations services shouldn't have any means to have inaccuracies reported. I'm just saying the information they get by such means may not be all that valuable or actionable. On Fri, Aug 22, 2025 at 1:02 PM nanog--- via NANOG <nanog@lists.nanog.org> wrote: On 22/08/25 07:52, Mike Lyon via NANOG wrote: One would think that if you are in the business of selling data, specifically, location data, that you would have a link on your website for people to contact you in regards to updating that data so that the data you are selling is accurate data. Or do you prefer to sell inaccurate data or do you just not care about the accuracy of your product? It wouldn't be surprising. Most of capitalism is done for appearances' sake now, especially stuff that nobody will really notice if it's done wrong. Nobody cares if a few hundred people can't use Netflix because it thinks they're in the wrong region - not even Netflix. Those few hundred people might care, but their opinions don't matter. You see this more in security stuff - all theater so somebody can tick a box saying they did security. Anyways, i’ll get off of my soap box… ***ATTENTION*** Digital Element, Neustar and ipinsight.io folks…. How does one report to you inaccurate geolocation data? Anyone on list that could possibly help a brother out? Thank You, Mike _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/PFBC3O4O... _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/MH6TVWNN... _______________________________________________ NANOG mailing list _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/YHRAFYIQ...
On Sat, Aug 23, 2025 at 09:31:56AM -0700, jay--- via NANOG wrote:
On 8/23/25 08:40, nanog--- via NANOG wrote:
It's a basic principle of a free market that you cannot force someone to provide service. If Netflix wants to ban certain IP ranges at random, they're allowed to do that and the only recourse is whining.
Customers in those random IP ranges who are paying for the service would beg to differ. They're paying for a service which Netflix intentionally is refusing to provide, based on erroneous data from a third party hired by Netflix.
That starts to sound vaguely like a tortious interference claim, but seeing as how Netflix hired the third party, I think it pretty much winds up as a "my streaming provider sucks" issue. It's not shocking that VPN providers are capitalizing on this sort of thing, that web browsers are now coming with VPN services integrated, and that customers have no idea what sort of reasoning to use a VPN service is actually rational and justifiable.
Part of the problem is that the term "IP address" was chosen instead of "IP number" or "IP identifier". It leads to the false assumption that an "address" relates to a physical location.
Or that an IP address uniquely identifies some particular individual? I would hope that this sort of nonsense has been put to bed with the advent of CGNAT and all that. Your average everyday man on the street is not going to understand (or care about) the finer points. Heck, I've run into network folks who don't understand how I can have servers with adjacent addresses on opposite ends of the continent. If we're going to talk about geolocation of IP's, perhaps we should start out with the basic understanding that accurately identifying endpoint locations is actually a really difficult thing to do from outside the network. As network designers, we've failed to come up with a reasonable way to reliably do this, which leads to an issue when Netflix acquires regional streaming rights to content and then has to make best effort attempts to enforce those regional boundaries. We might have had a shot at this with 1876, though that could still easily be screwed up by NAT, since you can't really guarantee locality of the endpoints behind a NAT. Plus setting up LOC records for all yer IP's is laughably unlikely to happen, raises new privacy concerns, etc. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that 'my ignorance is just as good as your knowledge.'"-Asimov
Keep in mind the companies don't want to go through the hassle, it's the copyright legislation that's the foundation of all this mess. On Sat, Aug 23, 2025, 12:57 PM Joe Greco via NANOG <nanog@lists.nanog.org> wrote:
On Sat, Aug 23, 2025 at 09:31:56AM -0700, jay--- via NANOG wrote:
On 8/23/25 08:40, nanog--- via NANOG wrote:
It's a basic principle of a free market that you cannot force someone to provide service. If Netflix wants to ban certain IP ranges at random, they're allowed to do that and the only recourse is whining.
Customers in those random IP ranges who are paying for the service would beg to differ. They're paying for a service which Netflix intentionally is refusing to provide, based on erroneous data from a third party hired by Netflix.
That starts to sound vaguely like a tortious interference claim, but seeing as how Netflix hired the third party, I think it pretty much winds up as a "my streaming provider sucks" issue. It's not shocking that VPN providers are capitalizing on this sort of thing, that web browsers are now coming with VPN services integrated, and that customers have no idea what sort of reasoning to use a VPN service is actually rational and justifiable.
Part of the problem is that the term "IP address" was chosen instead of "IP number" or "IP identifier". It leads to the false assumption that an "address" relates to a physical location.
Or that an IP address uniquely identifies some particular individual? I would hope that this sort of nonsense has been put to bed with the advent of CGNAT and all that. Your average everyday man on the street is not going to understand (or care about) the finer points. Heck, I've run into network folks who don't understand how I can have servers with adjacent addresses on opposite ends of the continent. If we're going to talk about geolocation of IP's, perhaps we should start out with the basic understanding that accurately identifying endpoint locations is actually a really difficult thing to do from outside the network. As network designers, we've failed to come up with a reasonable way to reliably do this, which leads to an issue when Netflix acquires regional streaming rights to content and then has to make best effort attempts to enforce those regional boundaries.
We might have had a shot at this with 1876, though that could still easily be screwed up by NAT, since you can't really guarantee locality of the endpoints behind a NAT. Plus setting up LOC records for all yer IP's is laughably unlikely to happen, raises new privacy concerns, etc.
... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that 'my ignorance is just as good as your knowledge.'"-Asimov _______________________________________________ NANOG mailing list
https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/ZSAEQFRR...
On Sat, Aug 23, 2025 at 01:23:44PM -0400, Josh Luthman via NANOG wrote:
Keep in mind the companies don't want to go through the hassle, it's the copyright legislation that's the foundation of all this mess.
Well, feel free to hate on copyright legislation with my blessing, but that's just not accurate. Businesses have a legitimate reason for wanting to be able to understand location, which ranges from technostuff like network path optimization to more mundane stuff like fraud risk analysis for financial transactions. I don't think there's anything in copyright legislation that requires IP location mapping, but certainly there are contractual obligations for distribution "zones"; the classic example of this would probably be the way that physical discs may have limitations on them for which geographical area of the world they are supposed to be limited to. The foundation of THAT is really financial, as content is priced according to what the economy of a geographical area is likely to be able to tolerate. Whether or not companies want to go through the hassle of self-identifying the geoloc of their IP's is another matter. If you want to look at the problem from the reverse lens, Netflix could legitimately claim to be ticked off that it is so hard for them because a third party, the ISP, is failing to provide reasonable information about the location of their endpoints. So this gets complicated quickly now that we have four parties involved, Netflix, ipinsight, ISPco, and sad end user. Could possibly implicate ARIN/RIR's in there too. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that 'my ignorance is just as good as your knowledge.'"-Asimov
On Sat, 23 Aug 2025, jay--- via NANOG wrote:
On 8/23/25 08:40, nanog--- via NANOG wrote:
It's a basic principle of a free market that you cannot force someone to provide service. If Netflix wants to ban certain IP ranges at random, they're allowed to do that and the only recourse is whining.
Customers in those random IP ranges who are paying for the service would beg to differ. They're paying for a service which Netflix intentionally is refusing to provide, based on erroneous data from a third party hired by Netflix.
Part of the problem is that the term "IP address" was chosen instead of "IP number" or "IP identifier". It leads to the false assumption that an "address" relates to a physical location.
Let's be honest. In most cases, an IP address is closely associated with gear in a relatively fixed physical location. That location might be a home (like my IP from Spectrum, or the homes of thousands of GPON customers served by my employer), a college campus, etc. These IPs don't migrate widely across states or countries. Even in the case of CGNAT, we found due to IP Geo, we had to define external pools regionally and map customers into the appropriate pool. So, in the case of CGNAT, you're not going to get accurate ZIP+4 IP geo for any affected customers, but those IPs/eyeballs still don't migrate beyond their DMA. It sounds like Digital Element has come up with their own methods for generating IP Geo data, largely from mobile devices. I find thier website particularly annoying in that it says so little about how their products work while saying so much buzzword BS. They don't even seem to have a test lookup function, as many other IP Geo providers do. You really have to wonder WTH anyone, much less large streaming providers, would pay for their service. It also sounds like their service works by publishing data sets on a regular schedule, so even if you can get to a person and spoon feed them corrected IP Geo data for your networks, it won't immediately fix anyone's issues. You have to wait for the next data dump/publish. ---------------------------------------------------------------------- Jon Lewis, MCP :) | I route Blue Stream Fiber, Sr. Neteng | therefore you are _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
Why is content different based on source IP? On Sat, Aug 23, 2025, 1:47 PM Joe Greco <jgreco@ns.sol.net> wrote:
On Sat, Aug 23, 2025 at 01:23:44PM -0400, Josh Luthman via NANOG wrote:
Keep in mind the companies don't want to go through the hassle, it's the copyright legislation that's the foundation of all this mess.
Well, feel free to hate on copyright legislation with my blessing, but that's just not accurate. Businesses have a legitimate reason for wanting to be able to understand location, which ranges from technostuff like network path optimization to more mundane stuff like fraud risk analysis for financial transactions. I don't think there's anything in copyright legislation that requires IP location mapping, but certainly there are contractual obligations for distribution "zones"; the classic example of this would probably be the way that physical discs may have limitations on them for which geographical area of the world they are supposed to be limited to. The foundation of THAT is really financial, as content is priced according to what the economy of a geographical area is likely to be able to tolerate.
Whether or not companies want to go through the hassle of self-identifying the geoloc of their IP's is another matter. If you want to look at the problem from the reverse lens, Netflix could legitimately claim to be ticked off that it is so hard for them because a third party, the ISP, is failing to provide reasonable information about the location of their endpoints. So this gets complicated quickly now that we have four parties involved, Netflix, ipinsight, ISPco, and sad end user. Could possibly implicate ARIN/RIR's in there too.
... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that 'my ignorance is just as good as your knowledge.'"-Asimov
On Sat, Aug 23, 2025 at 02:08:12PM -0400, Josh Luthman via NANOG wrote:
Why is content different based on source IP?
Who cares? It's not relevant to NANOG. If someone wants to send one HTTP response body to geographic addresses in the nothern hemisphere and a different HTTP response body, that's fine. We don't have to wonder why someone wants to do something. It's reasonable to send "it's summer" to north and "it's winter" to south right now. Except where someone is using five or six season reckoning or some other thing. But it is nice if you can pop a cheery seasonal message up on their webmail portal as they sign in. It does not have to be a super serious earth shattering reason. However, as you get more into the nitty gritty of it and want to do admirable things such as discouraging fraudsters (or even just spammers), the information could be helpful. It's not just about serving content. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that 'my ignorance is just as good as your knowledge.'"-Asimov
Joe, On Aug 23, 2025, at 11:22 AM, Joe Greco via NANOG <nanog@lists.nanog.org> wrote:
On Sat, Aug 23, 2025 at 02:08:12PM -0400, Josh Luthman via NANOG wrote:
Why is content different based on source IP? Who cares? It's not relevant to NANOG. If someone wants to send one HTTP response body to geographic addresses in the nothern hemisphere and a different HTTP response body, that's fine.
The problem is the assumed binding of <IP address, geographic address> in the “northern hemisphere” or wherever. This has never been guaranteed, has always been questionable, and, historically, was actively discouraged, at least by the RIRs (“the Internet does not use geopolitical boundaries for address allocation”, handwaving away the RIR geographical monopolies). The problem, as I think you pointed out earlier, is that various parties, for good or ill, need there to be an <IP,geo> binding, even if it doesn’t really exist, so using what information they have, they make it up as they go along. Sometimes (usually) it works. Sometimes, it doesn’t. The crux is that, when it doesn’t, the mechanisms to fix the binding, such as they are, sucks and the people who are impacted (i.e., end users) are typically, the least capable of figuring out what the problem is, so they complain to the ISPs, hence the relevance to NANOG. Regards, -drc
My point was, it is copyright. On Sat, Aug 23, 2025, 2:22 PM Joe Greco <jgreco@ns.sol.net> wrote:
On Sat, Aug 23, 2025 at 02:08:12PM -0400, Josh Luthman via NANOG wrote:
Why is content different based on source IP?
Who cares? It's not relevant to NANOG. If someone wants to send one HTTP response body to geographic addresses in the nothern hemisphere and a different HTTP response body, that's fine. We don't have to wonder why someone wants to do something. It's reasonable to send "it's summer" to north and "it's winter" to south right now. Except where someone is using five or six season reckoning or some other thing. But it is nice if you can pop a cheery seasonal message up on their webmail portal as they sign in. It does not have to be a super serious earth shattering reason. However, as you get more into the nitty gritty of it and want to do admirable things such as discouraging fraudsters (or even just spammers), the information could be helpful. It's not just about serving content.
... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that 'my ignorance is just as good as your knowledge.'"-Asimov
I may be a corner case, because I have redundant internet circuits at home. In the context of this construct of "<IP,geo> binding" you describe, Netflix says that they MUST be DIFFERENT PHYSICAL ADDRESSES, because, you know, the IP addresses of my two circuits at home are DIFFERENT. As a result, I have to be careful that any devices which accesses Netflix only use one of my two home internet circuits. (which kind of defeats the purpose of having redundant internet circuits) p.s. Looking back, I feel very lucky, I've been "networking" for such a very long time, my ARPAnet NIC IDENT was "TP4". Tony Patti -----Original Message----- From: David Conrad via NANOG <nanog@lists.nanog.org> Sent: Saturday, August 23, 2025 3:15 PM To: North American Network Operators Group <nanog@lists.nanog.org> Cc: David Conrad <drc@virtualized.org> Subject: Re: Digital Element, Neustar (Transunion) & ipinsight.io Joe, On Aug 23, 2025, at 11:22 AM, Joe Greco via NANOG <nanog@lists.nanog.org> wrote:
On Sat, Aug 23, 2025 at 02:08:12PM -0400, Josh Luthman via NANOG wrote:
Why is content different based on source IP? Who cares? It's not relevant to NANOG. If someone wants to send one HTTP response body to geographic addresses in the nothern hemisphere and a different HTTP response body, that's fine.
The problem is the assumed binding of <IP address, geographic address> in the “northern hemisphere” or wherever. This has never been guaranteed, has always been questionable, and, historically, was actively discouraged, at least by the RIRs (“the Internet does not use geopolitical boundaries for address allocation”, handwaving away the RIR geographical monopolies). The problem, as I think you pointed out earlier, is that various parties, for good or ill, need there to be an <IP,geo> binding, even if it doesn’t really exist, so using what information they have, they make it up as they go along. Sometimes (usually) it works. Sometimes, it doesn’t. The crux is that, when it doesn’t, the mechanisms to fix the binding, such as they are, sucks and the people who are impacted (i.e., end users) are typically, the least capable of figuring out what the problem is, so they complain to the ISPs, hence the relevance to NANOG. Regards, -drc
On Sat, Aug 23, 2025 at 07:14:56PM +0000, David Conrad via NANOG wrote:
Joe,
On Aug 23, 2025, at 11:22???AM, Joe Greco via NANOG <nanog@lists.nanog.org> wrote:
On Sat, Aug 23, 2025 at 02:08:12PM -0400, Josh Luthman via NANOG wrote:
Why is content different based on source IP? Who cares? It's not relevant to NANOG. If someone wants to send one HTTP response body to geographic addresses in the nothern hemisphere and a different HTTP response body, that's fine.
The problem is the assumed binding of <IP address, geographic address> in the ???northern hemisphere??? or wherever. This has never been guaranteed, has always been questionable, and, historically, was actively discouraged, at least by the RIRs (???the Internet does not use geopolitical boundaries for address allocation???, handwaving away the RIR geographical monopolies). The problem, as I think you pointed out earlier, is that various parties, for good or ill, need there to be an <IP,geo> binding, even if it doesn???t really exist, so using what information they have, they make it up as they go along. Sometimes (usually) it works. Sometimes, it doesn???t. The crux is that, when it doesn???t, the mechanisms to fix the binding, such as they are, sucks and the people who are impacted (i.e., end users) are typically, the least capable of figuring out what the problem is, so they complain to the ISPs, hence the relevance to NANOG.
They *want* a binding. As those who have designed and implemented the Internet, we as a technical community haven't provided this. Someone's reasoning for wanting something that doesn't exist and isn't likely to exist in a meaningfully accurate way still boils down to the fact that content can be different based on source IP. Or day of the week, phase of the moon, or how coffee-deprived the author was. NANOG isn't here to debate the merits of content differentiation based on source IP. If we were to discuss this, it is probably fair to step back to your hand- waving and point out that NANOG is pretty much "North American" and ARIN is "American", so for meta-level geomapping it may not be a huge problem. Maybe. However, legally, we've been seeing states and countries implement laws such as California's Age-Appropriate Design Code Act (AB2273), Utah's Social Media Regulation Act, etc. If you want to have a nice NANOG- relevant discussion of how to provide the technical underpinnings to correctly estimate what state a given end-user endpoint is in, that's definitely fascinating. The issue of being able to correct an errant binding is definitely of operational relevance. I was strictly picking on the quoted idea of content being different based on source IP, which is a giant whocares. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that 'my ignorance is just as good as your knowledge.'"-Asimov
On 23 August 2025 18:31:56 CEST, jay--- via NANOG <nanog@lists.nanog.org> wrote:
On 8/23/25 08:40, nanog--- via NANOG wrote:
It's a basic principle of a free market that you cannot force someone to provide service. If Netflix wants to ban certain IP ranges at random, they're allowed to do that and the only recourse is whining.
Customers in those random IP ranges who are paying for the service would beg to differ. They're paying for a service which Netflix intentionally is refusing to provide, based on erroneous data from a third party hired by Netflix.
Of course they would like Netflix to provide them service. As I said though, their only recourse is to whine. And cancel the service (they're not getting it anyway). That's the free market, take it or leave it. A lot of people don't like the free market, but I gather that they're still a relative minority. Optionally pay a $200 court fee to get your last $20 monthly payment back.
Part of the problem is that the term "IP address" was chosen instead of "IP number" or "IP identifier". It leads to the false assumption that an "address" relates to a physical location.
On Sat, 23 Aug 2025, David Conrad via NANOG wrote:
The problem is the assumed binding of <IP address, geographic address> in the “northern hemisphere” or wherever. This has never been guaranteed, has always been questionable, and, historically, was actively discouraged, at least by the RIRs (“the Internet does not use geopolitical boundaries for address allocation”, handwaving away the RIR geographical monopolies).
Huh? It wasn't that many years ago, ARIN considered "out of region" utilized IP space to not qualify as "utilized" for purposes of qualifying for additional allocations by showing your existing allocations were sufficiently utilized. Though that issue is relatively moot at this point, that policy did eventually change.
The problem, as I think you pointed out earlier, is that various parties, for good or ill, need there to be an <IP,geo> binding, even if it doesn’t really exist, so using what information they have, they make it up as they go along. Sometimes (usually) it works. Sometimes, it doesn’t. The crux is that, when it doesn’t, the mechanisms to fix the binding, such as they are, sucks
This varies quite a bit from one IP Geo provider to the next. Some are pretty good (have web pages where you can do test queries against their data, will accept your geofeed data if you tell them where to get it, etc.). Others (like Digital Element) seem to be entirely opaque and obtuse. ---------------------------------------------------------------------- Jon Lewis, MCP :) | I route Blue Stream Fiber, Sr. Neteng | therefore you are _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
On Sat, 23 Aug 2025, Tony Patti via NANOG wrote:
I may be a corner case, because I have redundant internet circuits at home.
In the context of this construct of "<IP,geo> binding" you describe, Netflix says that they MUST be DIFFERENT PHYSICAL ADDRESSES, because, you know, the IP addresses of my two circuits at home are DIFFERENT.
As a result, I have to be careful that any devices which accesses Netflix only use one of my two home internet circuits. (which kind of defeats the purpose of having redundant internet circuits)
What is this based on? My first thought was, you're worried Netflix would flag you for account sharing if they see the same account used by different IPs, but whatever they have for account sharing detection is, I'm pretty sure, not that simple. A lot of IP geo data doesn't even get as specific as physical [street] addresses. i.e. $Work's geofeed only gets as specific as US-state, city. For most IP geo consumers, that should be specific enough. ---------------------------------------------------------------------- Jon Lewis, MCP :) | I route Blue Stream Fiber, Sr. Neteng | therefore you are _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
Jon, On Aug 25, 2025, at 8:36 AM, Jon Lewis via NANOG <nanog@lists.nanog.org> wrote:
On Sat, 23 Aug 2025, David Conrad via NANOG wrote:
The problem is the assumed binding of <IP address, geographic address> in the “northern hemisphere” or wherever. This has never been guaranteed, has always been questionable, and, historically, was actively discouraged, at least by the RIRs (“the Internet does not use geopolitical boundaries for address allocation”, handwaving away the RIR geographical monopolies).
Huh? It wasn't that many years ago, ARIN considered "out of region" utilized IP space to not qualify as "utilized" for purposes of qualifying for additional allocations by showing your existing allocations were sufficiently utilized.
RIRs behaved differently (adding to the confusion). Historically, the definition of geographic location for address blocks in the context of RIRs frequently devolved to the location of an organization’s headquarters, not where addresses were actually used. Worse, at least from the perspective of the routing system, in the very earliest days, multi-nationals were supposed to go to the RIR where their headquarters were, even if the address space was to be used outside of that region (e.g., from personal experience, Shell Oil Company in Indonesia were supposed to get address space from RIPE-NCC because Shell had their global headquarters in the Netherlands). Any documentation of location of use beyond “HQ” was dependent on the organization being truthful and conscientious, which in many (most?) cases, translated into a mad rush to fill in assignment information (honestly or not) just before applying for additional address space. I’d imagine ARIN’s policy led to a certain level of “creativity” and additional costs, both for the requesters who came up with their reassignments (or, in the best case, developed tools to keep that information up to date) as well as ARIN staff that would be tasked with verifying the sub-assignments.
The crux is that, when it doesn’t, the mechanisms to fix the binding, such as they are, sucks
This varies quite a bit from one IP Geo provider to the next. Some are pretty good (have web pages where you can do test queries against their data, will accept your geofeed data if you tell them where to get it, etc.). Others (like Digital Element) seem to be entirely opaque and obtuse.
Needing to figure out who to contact and then navigating the bespoke mechanisms in the hope that they will work, without any sort of mechanism to appeal if they don’t, in order to fix information that ISP’s customers are operationally dependent upon in a timely fashion sort of fits into my definition of “sucks”. I suppose this will get fixed after ISPs who lose customers sue the geo location providers for causing loss of business, so as usual, the lawyers always win. Regards, -drc
Hi Jon, My statement is based on the Netflix message which I received on July 25, 2025 stating: "Your device [which is one of my desktop PC's at home] isn't part of the NETFLIX HOUSEHOLD [my emphasis] for this account." Which is followed by the second statement: "Did we get it wrong? Watch temporarily until you're back ON YOUR NETFLIX HOUSEHOLD WI-FI [my emphasis] or sign out". Clearly, the statement "YOUR NETFLIX HOUSEHOLD WI-FI" implies only a SINGLE internet IP address (NAT). And furthermore, beyond my redundant internet at home, this is especially funny to me, because all my Netflix devices are actually connected via gigabit ethernet, I'm not using Wi-Fi at all for Netflix. Clearly, Netflix equates "Wi-Fi" as a synonym for "network" as if there is no other way to connect a device, than wireless. According to an A.I. query I just did: "2025: Netflix doubled down with AI-DRIVEN [my emphasis] location checks and monthly device verifications." citing https://pckix.com/netflix-password-sharing-in-2025-what-you-need-to-know/ Which states "Netflix uses IP CHECKS [my emphasis] and device IDs to enforce household rules, locking out non-compliant users." So, clearly, the action I took, to make sure that all my Netflix devices use only one of my two redundant internet circuits, was the appropriate corrective action, per Netflix current rules/algorithm. Tony Patti -----Original Message----- From: Jon Lewis via NANOG <nanog@lists.nanog.org> Sent: Monday, August 25, 2025 11:43 AM To: Tony Patti via NANOG <nanog@lists.nanog.org> Cc: Jon Lewis <jlewis@lewis.org> Subject: RE: Digital Element, Neustar (Transunion) & ipinsight.io On Sat, 23 Aug 2025, Tony Patti via NANOG wrote:
I may be a corner case, because I have redundant internet circuits at home.
In the context of this construct of "<IP,geo> binding" you describe, Netflix says that they MUST be DIFFERENT PHYSICAL ADDRESSES, because, you know, the IP addresses of my two circuits at home are DIFFERENT.
As a result, I have to be careful that any devices which accesses Netflix only use one of my two home internet circuits. (which kind of defeats the purpose of having redundant internet circuits)
What is this based on? My first thought was, you're worried Netflix would flag you for account sharing if they see the same account used by different IPs, but whatever they have for account sharing detection is, I'm pretty sure, not that simple. A lot of IP geo data doesn't even get as specific as physical [street] addresses. i.e. $Work's geofeed only gets as specific as US-state, city. For most IP geo consumers, that should be specific enough. ---------------------------------------------------------------------- Jon Lewis, MCP :) | I route Blue Stream Fiber, Sr. Neteng | therefore you are _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________ _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/YBUY2AJH VQWBAMN4ERXQC6Z3CHJRLSRX/
participants (10)
-
Crist Clark -
David Conrad -
jay@west.net -
Joe Greco -
Jon Lewis -
Josh Luthman -
Mike Lyon -
nanog@immibis.com -
Tim Burke -
Tony Patti