nanog mailing list archives
Re: de-peering for security sake
From: Baldur Norddahl <baldur.norddahl () gmail com>
Date: Fri, 25 Dec 2015 20:43:55 +0100
On 25 December 2015 at 20:06, Lee <ler762 () gmail com> wrote:
Enable IPv6 for your users. 1) it's not going to have any "history" & 2) ipv6 probably isn't blocked.
I am not aware of just one single government site in this country (Denmark) that is IPv6 enabled. There are zero danish news sites that are IPv6 enabled. In fact, nothing here is IPv6 enabled - with the exception of all major ISP sites. For some strange reason all ISPs have IPv6 on their websites (but they do not provide IPv6 to their customers). It is sad really.
So now my users can not access government sites because the IP rangeswereowned by a company in a different country two years ago.Find one of your users that's a citizen of said gov't & forward their complaint to the gov't sites. Non-citizen complaints are much easier to ignore..
I am a citizen and yes, they do ignore us. If you can manage to find the right guy, he can probably fix it in a few minutes. It is just that there is no way to get to that guy. The front desk has no clue what you are talking about. To these people we should just stop sending traffic from Romania and it would all be fixed, no? To make it worse it is a really boring game of whack a mole. The users are constantly finding new sites that are either blocking us or are showing the site in the wrong language. Each time we open up a new IP series, it all starts over again. We do not have enough cash on hand to simply buy a real large chunk of IPv4, so we have multiple smaller blocks. With regards to this thread, I am finding a worrying trend for websites to block out of country IP-addresses at the firewall. In the past you could expect that some content would not play or that your credit card payment would be blocked. But now you never get to that stage because sites are dropping the packets at the firewall. Regards, Baldur
Current thread:
- Re: Broadband Router Comparisons, (continued)
- Re: Broadband Router Comparisons Justin Wilson (Dec 24)
- RE: Broadband Router Comparisons Frank Bulk (Dec 24)
- Re: Broadband Router Comparisons Jason Baugher (Dec 24)
- de-peering for security sake Colin Johnston (Dec 24)
- Re: de-peering for security sake Valdis . Kletnieks (Dec 24)
- Re: de-peering for security sake Colin Johnston (Dec 25)
- Re: de-peering for security sake Daniel Corbe (Dec 24)
- Re: de-peering for security sake Stephen Satchell (Dec 24)
- Re: de-peering for security sake Baldur Norddahl (Dec 24)
- Re: de-peering for security sake Lee (Dec 25)
- Re: de-peering for security sake Baldur Norddahl (Dec 25)
- Re: de-peering for security sake Colin Johnston (Dec 25)
- Re: de-peering for security sake Baldur Norddahl (Dec 25)
- Re: de-peering for security sake Colin Johnston (Dec 25)
- Re: de-peering for security sake Owen DeLong (Dec 25)
- Re: de-peering for security sake Mikael Abrahamsson (Dec 25)
- Re: de-peering for security sake Clayton Zekelman (Dec 25)
- Re: de-peering for security sake Hugo Slabbert (Dec 25)
- Re: de-peering for security sake TR Shaw (Dec 25)
- Re: de-peering for security sake Andrew Kirch (Dec 25)
- Re: de-peering for security sake Jared Mauch (Dec 26)