nanog mailing list archives
Re: Geofeeds are good — was Re: Publishing BGP communties for your network (Re: What's up with BGP communities?)
From: Job Snijders via NANOG <nanog () lists nanog org>
Date: Tue, 27 Jan 2026 18:19:45 +0000
On Tue, Jan 27, 2026 at 07:03:15AM -0800, Ca By via NANOG wrote:
That is why the IETF made geofeeds. My customers started having outages because geolocation firms have bad data, and enterprises use that bad data in firewall and cdn rules which cause outages. For example, geolocation firms provide data that a customer IP is in xyz country but the firewall rules only allow abc country… Anyhow, as a person who publishes geofeed data representing 100s of millions of users, please …everyone… publish and consume first party geofeed data and do not listen to FUD from people trying to sell you the same data that we publish for free.
Geofeed indeed makes for an interesting information source and seems a useful tool to have in the toolbox. Unfortunately, the approach described in the RFC how to authenticate Geofeed data using the RPKI turned out to be a dud: in the last few years I've been unable to find any other people willing to implement & support the scheme. I've come to suspect this failure in market adoption is because the Geofeed authenticator design is just too unergonomic. But whatever the reason, I've not seen anyone on this planet (other than myself) publish Geofeed data with an authenticator. I stopped signing mine. So, as it stands, Geofeed information generally is published & consumed with weak controls on semantic correctness, integrity & authenticity. Perhaps that's fine for what it is? Kind regards, Job ps. Geofeed's failure to take advantage of the RPKI doesn't bode well for the usability of other "Geofeed-inspired" authentication schemes. The IETF should do a better job weeding out such unpractical workflows, for instance by requiring demonstration of actual implementations before RFC publication. _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/nanog () lists nanog org/message/XCF6INKN7FSPLTHZER4QYRVI3FK24KYJ/
Current thread:
- Re: [NANOG] Re: Geofeeds are good — was Re: Publishing BGP communties for your network (Re: What's up with BGP communities?), (continued)
- Re: [NANOG] Re: Geofeeds are good — was Re: Publishing BGP communties for your network (Re: What's up with BGP communities?) John Kristoff via NANOG (Jan 28)
- Re: [NANOG] Re: Geofeeds are good — was Re: Publishing BGP communties for your network (Re: What's up with BGP communities?) Abdullah DevRel of IPinfo via NANOG (Jan 28)
- Re: [NANOG] Re: Geofeeds are good — was Re: Publishing BGP communties for your network (Re: What's up with BGP communities?) Mike Lyon via NANOG (Jan 28)
- Re: [NANOG] Re: Geofeeds are good — was Re: Publishing BGP communties for your network (Re: What's up with BGP communities?) John Kristoff via NANOG (Jan 28)
- Re: [NANOG] Re: Geofeeds are good — was Re: Publishing BGP communties for your network (Re: What's up with BGP communities?) Abdullah DevRel of IPinfo via NANOG (Jan 28)
- Re: [NANOG] Re: Geofeeds are good — was Re: Publishing BGP communties for your network (Re: What's up with BGP communities?) Abdullah DevRel of IPinfo via NANOG (Jan 29)
- Re: [NANOG] Re: Geofeeds are good — was Re: Publishing BGP communties for your network (Re: What's up with BGP communities?) Tom Beecher via NANOG (Jan 28)
- Re: Re: Geofeeds are good — was Re: Publishing BGP communties for your network (Re: What's up with BGP communities?) Chris Adams via NANOG (Jan 28)
- Re: [NANOG] Re: [NANOG] Re: Geofeeds are good — was Re: Publishing BGP communties for your network (Re: What's up with BGP communities?) Peter Folk via NANOG (Jan 28)
- Re: [NANOG] Re: [NANOG] Re: Geofeeds are good — was Re: Publishing BGP communties for your network (Re: What's up with BGP communities?) Abdullah DevRel of IPinfo via NANOG (Jan 28)
- Re: Geofeeds are good — was Re: Publishing BGP communties for your network (Re: What's up with BGP communities?) Job Snijders via NANOG (Jan 27)
- Re: Geofeeds are good — was Re: Publishing BGP communties for your network (Re: What's up with BGP communities?) Warren Kumari via NANOG (Jan 27)
- Re: Geofeeds are good — was Re: Publishing BGP communties for your network (Re: What's up with BGP communities?) Abdullah DevRel of IPinfo via NANOG (Jan 27)
- Re: Geofeeds are good — was Re: Publishing BGP communties for your network (Re: What's up with BGP communities?) Mike Lyon via NANOG (Jan 27)
- Re: Geofeeds are good — was Re: Publishing BGP communties for your network (Re: What's up with BGP communities?) Christopher Hawker via NANOG (Jan 27)
- Re: Geofeeds are good — was Re: Publishing BGP communties for your network (Re: What's up with BGP communities?) Abdullah DevRel of IPinfo via NANOG (Jan 27)
- Re: Geofeeds are good — was Re: Publishing BGP communties for your network (Re: What's up with BGP communities?) Christopher Hawker via NANOG (Jan 27)
- Re: Geofeeds are good — was Re: Publishing BGP communties for your network (Re: What's up with BGP communities?) Ryan Hamel via NANOG (Jan 27)
- Re: Geofeeds are good — was Re: Publishing BGP communties for your network (Re: What's up with BGP communities?) Christopher Hawker via NANOG (Jan 27)
- Re: Geofeeds are good — was Re: Publishing BGP communties for your network (Re: What's up with BGP communities?) Ryan Hamel via NANOG (Jan 27)
- RE: Geofeeds are good — was Re: Publishing BGP communties for your network (Re: What's up with BGP communities?) Gary Sparkes via NANOG (Jan 27)