Random Port Blocking at Hotels (was: Re: quietly....)
If they don't document partial internet access blockage in the contract and the contract says they are providing internet access, then, they are in breach and you are free to depart without a termination fee and in most cases, demand a refund for service to date.
(Yes, I have successfully argued this on multiple occasions).
In fact, I get free internet in most of the more expensive hotel environments as a result.
It's more likely you get free internet service in expensive hotels because the guy/girl behind the front desk has been empowered to cancel out a ridiculously high charge for Internet when a guest starts jabbering at them about how the Internet didn't work for them for any reason, to keep the line moving and to make the guest happy, rather than any higher authority hunkering down with the CEO, legal staff, and CTO and saying "by God, this Owen character is right, we're in breach of contract and his definition of the purity of Internet ports has so stunned us with its symmetry and loveliness that we shall bow down and sin no more! Thank you Mr. DeLong from making the blind see again!" I mean, it's gratifying to think you've won the argument (hence: this is why they do it), but you could also have argued that they were giving out non-contiguous subnet masks or Class E addresses and it would have had the same effect. Try that next time and let us know how it works. jms -- Joel M Snyder, 1404 East Lind Road, Tucson, AZ, 85719 Senior Partner, Opus One Phone: +1 520 324 0494 jms@Opus1.COM http://www.opus1.com/jms
and saying "by God, this Owen character is right, we're in breach of contract and his definition of the purity of Internet ports has so stunned us with its symmetry and loveliness that we shall bow down and sin no more! Thank you Mr. DeLong from making the blind see again!"
More likely "uh, oh, we've got a loony one here. Maybe if I give him his ten bucks back, he'll go away." R's, John
In message <20110205150005.40621.qmail@joyce.lan>, John Levine writes:
and saying "by God, this Owen character is right, we're in breach of contract and his definition of the purity of Internet ports has so stunned us with its symmetry and loveliness that we shall bow down and sin no more! Thank you Mr. DeLong from making the blind see again!"
More likely "uh, oh, we've got a loony one here. Maybe if I give him his ten bucks back, he'll go away."
R's, John
I have told a hotel they need to install equipment that supports RA guard as I've checked out. This was a hotel that only offered IPv4. Hotels ask for feedback on their services. If you see a fault report it in writing. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
On Feb 5, 2011, at 8:14 PM, Mark Andrews wrote:
I have told a hotel they need to install equipment that supports RA guard as I've checked out. This was a hotel that only offered IPv4.
Wow... Could that be any more of a waste of yours and their time? This is like telling the cashier at the hospital when you're being discharged, "y'know, I'm not sure that they're using the proper stitch-knot in the ER. You should have someone look at that." Do you honestly think that feedback is even *understood*, let alone passed on to anyone even close to the problem? D
In message <BC81ACEA-8DEA-4380-8A57-A4F570E3C017@megacity.org>, "Derek J. Balli ng" writes:
On Feb 5, 2011, at 8:14 PM, Mark Andrews wrote:
I have told a hotel they need to install equipment that supports RA guard as I've checked out. This was a hotel that only offered IPv4.
Wow... Could that be any more of a waste of yours and their time?
I put it writing so it could be sent to someone that could actually do something about it. I didn't expect the girl at the desk to do anything about it other than make sure the report got to the right department. I expressed in terms of this is a future problem and you need to be planning for it. Bitching about problems with hotels networks here doesn't get them fixed. Complaining, in writing, has a chance of getting the problem fixed. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
On Sat, Feb 5, 2011 at 5:34 PM, Derek J. Balling <dredd@megacity.org> wrote:
On Feb 5, 2011, at 8:14 PM, Mark Andrews wrote:
I have told a hotel they need to install equipment that supports RA guard as I've checked out. This was a hotel that only offered IPv4.
Wow... Could that be any more of a waste of yours and their time?
This is like telling the cashier at the hospital when you're being discharged, "y'know, I'm not sure that they're using the proper stitch-knot in the ER. You should have someone look at that."
Do you honestly think that feedback is even *understood*, let alone passed on to anyone even close to the problem?
Well, around here the front desk would pass it along and it would reach me; more so if they don't understand it. Though if it wasn't in writing, it would probably become unintelligible. Am I in a position to do something about it? Probably not.
I have told a hotel they need to install equipment that supports RA guard as I've checked out. This was a hotel that only offered IPv4.
Hotels ask for feedback on their services. If you see a fault report it in writing.
Sure. Bet you ten bucks that no hotel in North America offers IPv6 this year in the wifi they provide to customers. (Conference networks don't count.) Regards, John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. http://jl.ly
Sure. Bet you ten bucks that no hotel in North America offers IPv6 this year in the wifi they provide to customers. (Conference networks don't count.)
John - I happen to know with absolute certainty that the above statement is false. But I'd be happy to take your money! :-) Nathan
In message <alpine.BSF.2.00.1102052106001.53545@joyce.lan>, "John R. Levine" wr ites:
I have told a hotel they need to install equipment that supports RA guard as I've checked out. This was a hotel that only offered IPv4.
Hotels ask for feedback on their services. If you see a fault report it in writing.
Sure. Bet you ten bucks that no hotel in North America offers IPv6 this year in the wifi they provide to customers. (Conference networks don't count.)
The point I was trying to make is that hotel still needs to protect their customers from bad actions by other customers. Investing in RA guard gives their current customers a better experience *now* and is not a wasted expense as they will continue to need it when they get IPv6 connectivity. The alternative is to filter all IPv6 packets and remember to turn off the filter when they go to turn on IPv6. The RA guard can be configured to allow the hotels routers to work when IPv6 is finally enabled on them. Anyway it's all about educating people to be aware that they need to purchace stuff with IPv6 in mind even if they don't yet use IPv6. Anything bought now is likely to be used in a envionment with IPv6 enabled at some point. Mark
Regards, John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies ", Please consider the environment before reading this e-mail. http://jl.ly -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
On 2/5/2011 8:06 PM, John R. Levine wrote:
Sure. Bet you ten bucks that no hotel in North America offers IPv6 this year in the wifi they provide to customers. (Conference networks don't count.)
http://twitter.com/unquietwiki/status/449593712050176 springs to mind -- it was even *last* year. I think you owe Mark $10. Jima
John R. Levine wrote:
I have told a hotel they need to install equipment that supports RA guard as I've checked out. This was a hotel that only offered IPv4.
Hotels ask for feedback on their services. If you see a fault report it in writing.
Sure. Bet you ten bucks that no hotel in North America offers IPv6 this year in the wifi they provide to customers. (Conference networks don't count.) I know a hospital in Metro Detroit that was offering it on their patient and guest WiFi in 2009. Of course, neither they, nor the individual running the rogue IPv6 router knew that, but as a person running an IPv6 enabled OS, it was really screwing up access to my dual stacked hosts to be getting RAs on their wireless with no prefixes on them. I had to filter out RAs in iptables in order to effectively use their WiFi, which was a mess to begin with.
The guilty party should remain nameless for google's sake, but if you're a netadmin in a largeish, three location hospital entirely in the detroit suburbs, say the largest inpatient hospital in the country, please make sure you either filter IPv6 or offer it yourself so you'll at least know if it's broken. As much as I hear people whining these days about how to handle rogue RAs, they don't seem to realize that this is ALREADY an issue on their network, even if they haven't, or won't adopt IPv6, and so this is a NOW problem either way and needs to be addressed. It's not a barrier to IPv6 adoption, it's a security threat right this minute. Either block protocol 0x86dd using a mac address prefix list, or traffic with a destination of 33:33:00:00:00:01 from all untrusted ports and you can now safely enable IPv6, OR just upgrade your gear, and while you're at it, you can now safely enable IPv6 anyway. -Paul
On 2/5/2011 8:15 PM, Paul Timmins wrote:
OR just upgrade your gear, and while you're at it, you can now safely enable IPv6 anyway.
Well, enable IPv6. Safely? I don't see how upgrading your gear magically makes the various security threats -- including the current topic of rogue RAs -- go away. Matthew Kaufman
Matthew Kaufman wrote:
On 2/5/2011 8:15 PM, Paul Timmins wrote:
OR just upgrade your gear, and while you're at it, you can now safely enable IPv6 anyway.
Well, enable IPv6. Safely? I don't see how upgrading your gear magically makes the various security threats -- including the current topic of rogue RAs -- go away.
If you upgrade it to something that can filter rogue RA, like I was showing in the previous two examples, that would address the security issues. -Paul
On Feb 5, 2011, at 8:30 PM, Matthew Kaufman wrote:
On 2/5/2011 8:15 PM, Paul Timmins wrote:
OR just upgrade your gear, and while you're at it, you can now safely enable IPv6 anyway.
Well, enable IPv6. Safely? I don't see how upgrading your gear magically makes the various security threats -- including the current topic of rogue RAs -- go away.
Matthew Kaufman
Most rogue RAs are problematic on networks that don't have legitimate RAs to override them. Yes, someone can do a malicious RA, but, the current problem is mostly people doing accidental RAs thanks to Micr0$0ft's convenient "Click here to screw your neighbors" buttons. Owen
On Feb 5, 2011, at 11:15 PM, Paul Timmins wrote:
I know a hospital in Metro Detroit that was offering it on their patient and guest WiFi in 2009. Of course, neither they, nor the individual running the rogue IPv6 router knew that, but as a person running an IPv6 enabled OS, it was really screwing up access to my dual stacked hosts to be getting RAs on their wireless with no prefixes on them. I had to filter out RAs in iptables in order to effectively use their WiFi, which was a mess to begin with.
Wouldn't it have been awesome if, y'know, you hadn't had to worry about the RAs at all, but had just connected your single client machine, and gotten your simple gateway address from the DHCP server along with all the rest of your network configuration settings, just like has worked pretty darned well for a number of years? Oh, right... IPv6, whose mascot should be the camel[1]. Cheers, D [1] http://bit.ly/enLk3c
Derek J. Balling wrote:
On Feb 5, 2011, at 11:15 PM, Paul Timmins wrote:
I know a hospital in Metro Detroit that was offering it on their patient and guest WiFi in 2009. Of course, neither they, nor the individual running the rogue IPv6 router knew that, but as a person running an IPv6 enabled OS, it was really screwing up access to my dual stacked hosts to be getting RAs on their wireless with no prefixes on them. I had to filter out RAs in iptables in order to effectively use their WiFi, which was a mess to begin with.
Wouldn't it have been awesome if, y'know, you hadn't had to worry about the RAs at all, but had just connected your single client machine, and gotten your simple gateway address from the DHCP server along with all the rest of your network configuration settings, just like has worked pretty darned well for a number of years?
Because rogue DHCP servers have never been a problem. Switches supported keeping those secure since before DHCP was even commonly used, right? -Paul
On Feb 5, 2011, at 9:06 PM, John R. Levine wrote:
Sure. Bet you ten bucks that no hotel in North America offers IPv6 this year in the wifi they provide to customers. (Conference networks don't count.)
That could easily be the case this year... However, it's not going to stay that way for long, particularly if corporate buyers specify IPv6 in their RFPs for hotel room blocks. As of January 1st, 2012, ARIN considers IPv4 and IPv6 both necessary for something to be "available via the Internet" per our procurement policy, and we're in the process of informing our service providers (including such things as hotels, payroll and benefit services with web portals, vendors with online support, etc) of that requirement. Note - we're not going to let lack of IPv6 in hotel rooms prevent us from holding a Public Policy Meeting, but making it clear that we'll prefer compliant vendors if there's a viable choice has a real effect on getting attention to the requirement by those in charge. I'm certain that others folks out there also buy things, but I'm only in charge of ARIN. FWIW, /John John Curran President and CEO ARIN
On Feb 5, 2011, at 5:14 PM, Mark Andrews wrote:
In message <20110205150005.40621.qmail@joyce.lan>, John Levine writes:
and saying "by God, this Owen character is right, we're in breach of contract and his definition of the purity of Internet ports has so stunned us with its symmetry and loveliness that we shall bow down and sin no more! Thank you Mr. DeLong from making the blind see again!"
More likely "uh, oh, we've got a loony one here. Maybe if I give him his ten bucks back, he'll go away."
R's, John
I have told a hotel they need to install equipment that supports RA guard as I've checked out. This was a hotel that only offered IPv4.
Hotels ask for feedback on their services. If you see a fault report it in writing.
Rest assured, I do that as well. I also end up usually spending a fair amount of time on the phone with their contracted support desk which is usually staffed by people that can barely spell IP and get confused if you suffix it with v4 or v6. When I inquired about IPv4 and IPv6 support, I had one literally tell me "We don't support either of those. Just ordinary Internet Protocol." Owen
participants (12)
-
Derek J. Balling -
Jima -
Joel M Snyder -
John Curran -
John Levine -
John R. Levine
-
Mark Andrews -
Matthew Kaufman -
Nathan Eisenberg -
Owen DeLong -
Paul Timmins -
Steven Kurylo