Geolocation by IP is even funnier as an idea for those who have worked in network engineering for commercial, geostationary two-way satellite services... Some examples: 1. C-band teleport in Singapore with SingTel IPs, remote terminals in Afghanistan. 2. Ku-band teleport in Germany with IP space in an Intelsat /20, remote terminal on the roof of a US government diplomatic facility in $DEVELOPING_COUNTRY 3. Teleports in Miami with IP space that looks indistinguishable (in terms of BGP-adjacency and traceroutes) from any other ISP in the metro Miami area, providing services to small TDMA VSAT terminals in west Africa. 4. Things in Antarctica that are on the other end of a C-band SCPC pipe from a large earth station in southern California. 5. Maritime Ku and C-band VSAT services with 2.5 meter size 3-axis tracking antennas on top of cruise ships that could be literally anywhere in the Mediterranean or Caribbean oceans, with the terrestrial end of the connection in Switzerland, Italy, Maryland or Georgia. 6. Small pacific island nations that have no submarine fiber connectivity and are now using o3b for IP backhaul, or C-band connectivity to teleports in Australia. On Mon, Jun 6, 2016 at 2:33 PM, Laszlo Hanyecz <laszlo@heliacal.net> wrote:
On 2016-06-06 19:39, Christopher Morrow wrote:
Doing any sort of 'authentication' or 'authorization' on src-IP is just .. broken.
This.
Netflix is pretending to have a capability (geolocation by src ip) that doesn't exist and there is collateral damage from the application of their half baked solution. Those who end up getting dropped as collateral damage are rightly upset about the discrimination.
-Laszlo