Submitting Fake Geolocation for blocks to Data Brokers and RIRs

Patrick W. Gilmore patrick at ianai.net
Fri Apr 23 15:11:24 UTC 2021


On Apr 22, 2021, at 7:58 PM, nanoguser100 via NANOG <nanog at nanog.org> wrote:
> 
> I see a lot of replies about the legality.  As mentioned I have legitimate reasons for doing this.  I plan on serving customers in country.

Your “legitimate” reason is to avoid someone else’s restrictions on the content they own. You are intentionally falsifying data to keep the owner of something from controlling that thing the way they want to control it.

You and I have different definitions of “legitimate”.


> My questions really are:
> 
> * Is most geo data simply derived from self reporting?

No comment.


> * Do these vendors have verification mechanisms?

Yes.


> * Going to the Estonia\Germany example would a traceroute "terminating" in Germany before being handed off to my network 1ms away be a tell-tale sign the servers are in Germany.

Yes.

BTW: Adding artificial latency to mimic a trip back to Estonia is a bad idea, IMHO.


> * Is the concept of creating "pseudoPOPs" where it's not cost effective to start a POP in the region a 'common practice'?

No, but it is not unheard-of.


> * Do I run the risk of being blacklisted for this practice?

Risk? Blacklisted where?

The risk of another ISP filtering your traffic for this is very low, almost certainly to the right of the decimal, but not mathematically zero to infinite decimal places. As I mentioned before, the risk of geo-loc providers ignoring any of your manual updates in the future is higher, but still low. Most of those things are automated.

-- 
TTFN,
patrick



> 
> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
> On Wednesday, April 21, 2021 9:00 AM, nanoguser100 via NANOG <nanog at nanog.org> wrote:
> 
>> I wanted to get the communities' opinion on this.
>> 
>> I am an admin for a quasi-ISP providing cloud hosted desktop solutions for end users.  We have POPs all around the world, own our own ASN, and advertise /24s or /23s at each of our POPs fro our large aggregate.  As an ISP we submit our blocks to popular geolocation vendors such as Google, Maxmind, IP2, etc and put the proper geolocations in our RIR records (RADB, ARIN, etc).
>> 
>> Increasingly I have run into 'niche needs' where a client has a few users in a country we don't have a POP, say Estonia.  This is 'mainly' for localization but also in some cases for compliance (some sites REQUIRE an Estonian IP).  With that being said is it common practice to 'fake' Geolocations?  In this case the user legitimately lives in Estonia, they just happen to be using our cloud service in Germany.  I do want to operate in compliance with all the ToS as I don't want to risk our ranges getting blacklisted or the geo vendors stop accepting our data.  I would think it's pretty easy to tell given a traceroute would end in Germany even though you're claiming the IP is in Estonia.  How common of a practice is it to 'fake' the geos?  Is it an acceptable practice? 
>> 
>> 
>> Sent with ProtonMail Secure Email.
>> 
> 



More information about the NANOG mailing list