RE: Increasing problems with geolocation/IPv4 access

[John van Oppen <john () vanoppen com>]

Honestly, the only way I’ve found to fix this is completely fill it with subscribers off a BNG and give support a 
script about what to tell customers.

I’ve had folks literally get the wrong TV channels because we assign unused blocks in Portland Oregon out of our parent 
large aggrigates and the geo folks have our whois address in the seattle area so give them seattle channels.    God 
forbid these OTT folks just design the product right and use the verified billing zip code on the account or something 
else that actually is authoritative.

From: NANOG <nanog-bounces+john=vanoppen.com () nanog org> On Behalf Of Josh Luthman
Sent: Monday, January 23, 2023 1:09 PM
To: Jared Mauch <jared () puck nether net>
Cc: nanog <nanog () nanog org>
Subject: Re: Increasing problems with geolocation/IPv4 access

Every block I've gotten I just went through TheBrothersWisp geo location page and just had them fix their information.  
This includes virgin and re-issued blocks from ARIN.

I've had a couple of random issues like Hulu thinking I'm a VPN, PSN blocking a /24 because a /32 failed his password 
too many times, and various streaming issues of which I tell customers to complain to the streaming provider because 
all of the other ones work.

On Fri, Jan 20, 2023 at 7:32 PM Jared Mauch <jared () puck nether net<mailto:jared () puck nether net>> wrote:
I’ve been seeing an increasing problem with IP space not having the ability to be used due to the behaviors of either 
geolocation or worse, people blocking IP space after it’s been in-use for a period of time.

Before I go back to someone at ARIN and say “your shiny unused 4.10 IP space” is non-functional and am at a place where 
I need to start/restart/respawn the timer, I have a few questions for people:

1) Do you see 23.138.114.0/24<http://23.138.114.0/24> in any feeds from a security provider that say it can/should be 
blocked?  If so, I’d love to hear from you to track this down.  Over the new year we had some local schools start to 
block this IP space.

2) many companies have geolocation feeds and services that exist and pull in data.  The reputable people are easy to 
find, there are those that are problematic from time-to-time (I had a few customers leave Sling due to the issues with 
that service).

3) Have you had similar issues?  How are you chasing all the issues?  We’ve seen things from everything works except 
uploading check images to banks, to other financial service companies block the space our customers are in.  If we move 
them to another range this solves the problem.

4) We do IPv6, these places aren’t IPv6 modern at all, so that’s no help.

5) IRR+geofeed are published of course.  I’m thinking that it might be worthwhile that IP space have published 
placeholders when it’s well understood, eg: ARIN 4.9 space, I can predict what our next allocation would be, it would 
be great to have it be pre-warmed.

I’ve only seen a few complaints against all our IP space over time, so I don’t think there’s anything malicious coming 
from the IP space to justify it, but it’s also possible they didn’t make it through.

If you’re with the FKA Savvis side, can you also ping me, I’d like to see if you can reach out to our most recent 
complaint source to see if we can find who is publishing this.  Same if you’re with Merit or the Michigan Statewide 
Educational Network - your teachers stopped being able to post to powerschool for their students over the new year 
break.  They’ve fed it up to their tech people towards the ISD.  Details available off-list.

Any insights are welcome, and as I said, I’d like to understand where the source list is as it starts out working then 
gradually breaks, so someone is publishing things and they are going out further.

- Jared