On 12/24/15, Baldur Norddahl <baldur.norddahl@gmail.com> wrote:
I am afraid people are already doing this. Every time I bring a new IP series into production, my users will complain that they are locked out from sites including many government sites. This is because people will load IP location lists into their firewall and drop packets at the border. Of course they will not update said lists and load year old lists into their firewalls.
Enable IPv6 for your users. 1) it's not going to have any "history" & 2) ipv6 probably isn't blocked.
So now my users can not access government sites because the IP ranges were owned by a company in a different country two years ago.
Find one of your users that's a citizen of said gov't & forward their complaint to the gov't sites. Non-citizen complaints are much easier to ignore.. Regards, Lee
Take a guess on how responsive site owners are when we complain about their firewall. Most refuse to acknowledge they do any blocking and insist the problem is at our end. That is if they respond at all.
Regards,
Baldur
On 25 December 2015 at 02:25, Stephen Satchell <list@satchell.net> wrote:
On 12/24/2015 04:50 PM, Daniel Corbe wrote:
Let’s just cut off the entirety of the third world instead of having a tangible mitigation plan in place.
While you thing you are making a snarky response, it would be handy for end users to be able to turn on and off access to other countries retail. If *they* don't need access to certain third world countries, it would be their decision, not the operator's decision.
For example, here on my little network we have no need for connectivity to much of Asia, Africa, or India. We do have need to talk to Europe, Australia, and some countries in South America.