Re: Enterprise Internet - Question

[PC <paul4004 () gmail com>]

Perhaps you have Canadian branches feeding off the same connection and they
will have the reverse problem with geo-location?



On Fri, Jul 15, 2011 at 6:29 AM, Jeff Cartier <
Jeff.Cartier () pernod-ricard com> wrote:

> Thanks for the comments everyone.  They are much appreciated.
> In regards to changing the address of our ARIN block to a US office
> address....are their any trades-offs in doing that?  Just curious.
>
>
> -----Original Message-----
> From: Owen DeLong [mailto:owen () delong com]
> Sent: Thursday, July 14, 2011 5:02 PM
> To: Jeff Cartier
> Cc: nanog () nanog org
> Subject: Re: Enterprise Internet - Question
>
>
> On Jul 14, 2011, at 12:34 PM, Jeff Cartier wrote:
>
> > Hi All,
> >
> > I just wanted to throw a question out to the list...
> >
> > In our data center we feed Internet to some of our US based offices and
> every now and again we receive complaints that they can't access some US
> based Internet content because they are coming from a Canadian based IP.
> > This has sparked an interesting discussion around a few questions....of
> which I'd like to hear the lists opinions on.
> > -          How should/can an enterprise deal with accessibility to
> internet content issues? (ie. that whole coming from a Canadian IP accessing
> US content)
> >
>
> This is an example of why content restriction based on IP address
> geolocation is such a bad idea in general.
>
> Frankly, the easiest thing to do (since most Canadian companies aren't as
> brain-dead) is to update your whois records with the address of the block
> allocated to your datacenter so that it looks like it's in one of your US
> offices. I realize this sounds silly for a variety of reasons, but, it
> solves the problem without expensive or configuration-intensive workarounds
> such as selective NAT, etc.
>
> > o   Side question on that - Could we simply obtain a US based IP address
> and selectively NAT?
> >
> You can, but, you can also hit yourself over the head repeatedly with a
> hammer. Selective NAT will yield more content, but, the pain levels will
> probably be similar.
>
> > -          Does the idea of regional Internet locations make sense?  If
> so, when do they make sense?  For instance, having a hub site in South
> America (ie. Brazil) and having all offices in Venezuela, Peru and Argentina
> route through a local Internet feed in Brazil.
> >
>
> Not really. The whole content-restriction by IP geolocation thing also
> doesn't make sense. Unfortunately, the fact that something is nonsensical
> does not prevent someone from doing it or worse, selling it.
>
> You should do what makes sense for the economics of the topology you need.
> The address geolocation issues can usually be best addressed by manipulating
> whois. If your address block from ARIN is an allocation, you can manipulate
> sub-block address registration issues through the use of SWIP, for example.
>
> > -          Does the idea of having local Internet at each site make more
> sense?  If so why?
> >
>
> That's really more of an economic and policy question within your
> organization than a technical one.
> >
>
> Owen
>
>
>
> __________________________________________________________________
> DISCLAIMER: This e-mail contains proprietary information some or all of
> which may be legally privileged.  It is for the intended recipient only. If
> an addressing or transmission error has misdirected this e-mail, please
> notify the author by replying to this e-mail.  If you are not the intended
> recipient you must not use, disclose, distribute, copy, print, or rely on
> this e-mail.
>
> This message has been scanned for the presence of computer viruses, Spam,
> and Explicit Content.