Submitting Fake Geolocation for blocks to Data Brokers and RIRs

nanoguser100 nanoguser100 at protonmail.com
Wed Apr 21 13:00:36 UTC 2021


I wanted to get the communities' opinion on this.

I am an admin for a quasi-ISP providing cloud hosted desktop solutions for end users. We have POPs all around the world, own our own ASN, and advertise /24s or /23s at each of our POPs fro our large aggregate. As an ISP we submit our blocks to popular geolocation vendors such as Google, Maxmind, IP2, etc and put the proper geolocations in our RIR records (RADB, ARIN, etc).

Increasingly I have run into 'niche needs' where a client has a few users in a country we don't have a POP, say Estonia. This is 'mainly' for localization but also in some cases for compliance (some sites REQUIRE an Estonian IP). With that being said is it common practice to 'fake' Geolocations? In this case the user legitimately lives in Estonia, they just happen to be using our cloud service in Germany. I do want to operate in compliance with all the ToS as I don't want to risk our ranges getting blacklisted or the geo vendors stop accepting our data. I would think it's pretty easy to tell given a traceroute would end in Germany even though you're claiming the IP is in Estonia. How common of a practice is it to 'fake' the geos? Is it an acceptable practice?

Sent with [ProtonMail](https://protonmail.com) Secure Email.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20210421/f09744f6/attachment.html>


More information about the NANOG mailing list