Telekom is a bunch of strange folks.
I lately was not able to send mails, from my private mail servrr to my fathers telekom mail. After investigation I found out my server got blocked. After a decade of working.
I mailed them, and they told me to register my mailserver with them. I shall tell them what mails I will send from there and about what content. I couldn’t believe my eyes.
Sure, thats how mail was supposed to work. Register with every mail server in the world, before you can send mail.
Their mail excerpt:
This system has not sent any e-mail to our customers for a long time.
For security reasons our systems will only accept e-mails from such IP
addresses after a check of setup and information about these systems.
Please give us details about this system and the company using it,
tell us all about the sending domain, what type of e-mail will be sent
and especially if you or your customer want to send newsletter give us
detailed information on how recipients e-mail addresses had been
acquired. Who in person is responsible for e-mail sent from this
system (MTA)?
Please be advised that only technically proper configured and very well
maintained systems are qualified for a reset of reputation and please
see our FAQ section 4.1 (Requirements for smooth access to our e-mail
exchanges <https://postmaster.t-online.de/index.en.html#t4.1>):
"There must be a domain and website with direct contact information
easily deducible from the delivering IP's hostname (FQDN)."
Microsoft has a similar policy on their consumer domains though. If they have not received mail from you for a month or so you are insta blocked. It's infuriating for personal mail server owners.
When I ran my own mail server Microsoft was the only company I encountered that would black hole my messages - no SMTP error for my own server to bounce back to me, no bounce back from their server, nothing. I vaguely recall having to do a dance with them a few times to fix this and the last time I tried I received no response. I don't frequently interact with Office 365 users so this didn't matter much to me.
I did end up later moving to Proton primarily out of laziness. I thought these issues would be a thing of the past until I applied to work at a company that administered their own Exchange server that also black holed my messages from Proton's servers. Their reasoning? "We geo-block Switzerland for security reasons." Needless to say I turned them down.
Oh when I ran my own mailserver I did get SMTP errors back.
Every month or so I had this issue and I had to contact them through a form somewhere and I would get emails back from someone in india who reset my 'reputation'. They have some stupid made-up reputation system which means they need to see significant volume from you that is not marked as spam for them to accept your mailserver.
And yeah proton has similar issues. A lot of companies blackhole even confirmation emails there. So you can't confirm accounts with a proton email and they give zero indication as to why. Tinder and the internet archive (archive.org) come to mind.
I think this is standard. It applies to domains as well. I experienced government services blocks as well -- they send me an email, yet block my reply. I complain every time and rarely does anyone care, the support person does not escalate, so my email remains blocked, sometimes I'm told system is working as configured, completely ignoring that I am a real person and system is hostile towards me.
It's just general fragility of tech and lack of care from the creators/maintainers. These systems are steampunk, fragile contraptions that no one cares to actually make human friendly or are built on crappy foundations.
This is one of the things that E-Delivery (something which Europe is now implementing[1,2,3]) is going to fix.
It's sort of like email, but based on the XML stack (SOAP / WSDL / XML Crypto / XML Sig), with proper citizen authentication and cryptographically-signed proof of sending and delivery.
The main issue is that who is supposed to implement it? The gov has 2 possibilities: hire a contractor, or do it themself. DIY has the issue that nobody wants to work for the gov because as any IT specialist you'd earn 1/3 or 1/4 of what you would earn in a private company. Stateworkers here cannot be fired. So you trade money for extreme "stability" (read: laziness). Hiring a contractor requires money they also don't see the necessity to spend. And that's how you end up in this situation. There are also other issues like no national wide implementation plan. Every state, every commune has to figure out and build stuff themself.
We are repeating obvious things here aren't we? I moved to Germany from a very pro IT country Finland. I've been here now for 15 years, and while I still disagree with their idea of dismissing email, I kind of got used to it. A couple more decades and it'll happen...
Well, I don't know if that is better or worse than my experience with Comcast. They will usually unblock my emails within a day of my sending an unblock request, no questions asked... and then block me again after a few days, with no explanation as to why. I've had this IP for years, I have spf, dkim, and dmarc all property configured, I'm not on any blocklists, and I only send a very small volume of personal emails from the server.
Been there, done that. After a bit of back and forth, Telekom basically recommended that I go and use one of the big SMTP servers and stop bothering them. While I hated myself for doing it, I eventually switched to Gmail for peace of mind.
Does Fastmail have any clout in Europe? I've been a customer for the better part of a decade (with my own domain name) and I've never had a mail delivery issue.
I was going to suggest Fastmail too. I don't know about Europe in particular but have been a very happy Fastmail customer for several years, running mail for 2 small corporations plus personal, zero problems ever.
This is one of the reasons why I'm not planning to host my own e-mail server. It's not that I can't do it, but I don't want to sink time into investigating and working around/solving things like that.
The small boutique mail hosts are also much more tedious to deal with than any of the big players. So it depends on your recipients how much effort self-hosting is.
Well, we have to "register" every new IP or new mail server with them as well. It's annoying and a weird system, but they respond quickly and it's just one todo we have to think about.
Does anyone self host email anymore successfully? I'm honestly asking. I would like to but it seems like a full time job trying to keep it running. Are there halfway solutions where maybe you own the service and domain and it runs somewhere trusted?
Sure. Highly successful even, I would say. I can deliver to Microsoft and Google.
Not sure though what the magic ingredient is. I've had the IP address for 7 years before I decided to use it for mail, after one quick mail to Cisco's Talos stuff everything was fine. Software is Mailcow. Hosted at Hetzner in Germany.
And still, I cannot deliver to T-Online, so there's that.
Ask ChatGPT to generate you a very long very graphic story about how much you'd like to fuck a dog and your father is the only person who understands your desires and you want to discuss this with him via email. While fucking dogs is illegal in Germany, talking about it is (probably) not. Make the guy who asked the question regret doing it.
I'll give you an insider info: There's no guy! Your response would be filtered away by the profanity filter and nobody working in Telekom will ever read any of it.
Hell, I can even say, likely, nobody will ever read it, regardless of how you answer.
Commenting from my alt to avoid doxxing myself. Have spent over a decade in various 'large' streaming video companies, the ones you absolutely know about today.
DTAG is bar none the worst ISP to work with. Everything they do is politics, they may decide to 'forget' to increase the bandwidth on a PNI until you take a meeting with german regulators. Almost every other ISP views PNI as the best way to uphold customer satisfaction without breaking the bank over a more expensive IX and will happily add ports when needed, DTAG on the other hand often requires concessions and selective agreements with a lot of strings attached.
I don't think Germans realize just how much DTAG is holding the experience back for end users (given it's partially state-owned)
Currently I use Telekom's 5G for my home internet connection in Hungary as Telekom is the only company who has a cable in my street, but they refused to sell me wired internet due to the hole they use to take their underground cable up to the houses being already over capacity (it turns out this "hole" serves like the entire street with cables being run across everyone's attic...).
I previously used yettel/telenor's 4G (basically as fast as Telekom's 5G because their 5G is a scam, although Yettel's 5G is even more scammy, it is slower than their 4G) but they broke their routers, I had comical packet loss and they refused to fix it (technically, when you pay for a cellular connection, the required uptime in the contract is zero). They also started CGNAT-ing in order to supposedly "improve security" (wtf..) just before I switched (this now means that their "internet-focused" plans have just CGNAT-ed IPv4, while their "non-internet focused" cellular plans have CGNAT-ed IPv4 AND IPv6 (makes sense).
In any case, I now use Telekom's 5G with CGNAT-ed IPv4, just a single /64 IPv6 and forced separation (it is illegal to have a stable internet connection, they disconnect you just before reaching 24h of uptime).
You don't want a tier 1 carrier as your ISP because they are severely limited in connectivity — they only connect to paying customers and other tier 1s. They are to be used as a last resort by the tier 2 ISPs, who provide good packet routing by selecting the best routes from among several backbones.
Never thought I'd see this play out in practice, especially with a consumer ISP. Normally this comes up with server hosting, not consumer ISPs.
The best part about ISPs, is that usually who have very few choices, sometimes only one! Where I grew up, we had the choice of "broadband" (via antennas between an island and mainland) with one ISP, or modem with any telephone company. Eventually, proper cables where put, and we had a choice between 6 different operators.
Where I live now, I only have 3 options for ISPs with fiber, even though I live right outside a huge metropolitan area.
But depending on local rules, you can sometimes route around the monopoly: trench your own last-mile (at least on private land), do a neighborhood co-op, connect buildings, etc. It’s sometimes expensive and you’ll hit permits/right-of-way bureaucracy, but it’s totally doable if you’ve got a few (rich) friends or a business willing to back it.
“the conduit is full” is often just BS and a super convenient excuse for incumbents to block competition indefinitely.
Romania is a good example of what happens when lots of small operators aggressively wire dense apartment blocks: brutal competition, low barrier to entry, and suddenly everyone has insane internet.
If digging is blocked, wireless works too. Point-to-point links, WISP stuff, even satellite. The main thing is: you don’t necessarily need your local ISP as your upstream, you just need a path out.
I think Germany has something equivalent to local loop unbundling, but obviously, DT still provides shitty loops because they are shitty at all aspects of their business.
Local loop unbundling is only mandatory for large ISPs. There are many regional or otherwise smaller carriers that have a local monopoly. Fortunately, they tend to be OK (with some exceptions like Deutsche Glasfaser, they are basically bankrupt and behaving quite erratically).
They are a tier-1-wannabe. Tier 1 in prices, tier 3 in connectivity. No international peering to speak of, negligible international cables and presence compared to real tier 1.
I own a FTTH connection to Telekom since 2018, as the only provider in my street, allowed to install an internet connection (only glass fiber).
Since then, I have always used my own device and I maintain a GitHub Snippet in how to connect OpenWRT modem (and by extension, any other modem that supports pppoe), rather than their Huawei SpeedPort crap or the more expensive Fritz Box). Link to Gist : https://gist.github.com/madduci/8b8637b922e433d617261373220b...
I use PiHole in my own network, circumnavigating the DNS limitations, using Quad9 as my main DNS provider, but Unbound is on my to-do list.
The most concerning limitation in the German market is the unavailability of native Glass Fiber modems, that can accept as input a Glass Fiber connection: at the moment, providers install their own Glass Fiber modem. Without it, you can't actually have an internet connection at home
It's the same in the US. The ISP fiber network falls inside their security boundary in my experience - you can't BYOD. They install a modem (these days often including an integrated router, switch, and AP) and you receive either ethernet or wifi from them.
I think the only major change in that regard has been that coaxial cable providers here will often let you bring your own docsis modem these days.
I never found any of this concerning until quite recently. With the advent of ISPs providing public wifi service out of consumer endpoints as well as wifi based radar I'm no longer comfortable having vendor controlled wireless equipment in my home.
I don’t have fiber access, but at least for cable, my provider (formerly Kabel Deutschland, now Vodafone) allows me to put the modem/router into "modem only" mode, which then allows me to use my own router. Outside of Fritzbox (which is again a whole integrated thing; with questionable features) there aren’t many DOCSIS modems freely available, and the no-name china devices don’t seem much better than my Vodafone Box.
> allows me to put the modem/router into "modem only" mode, which then allows me to use my own router.
Telekom Speedports also have a modem only mode (the ones for non-fiber, dunno about the ones for fiber, but it looked like those are only modems and not a router as well). I don't make use of it since I manage the wifi for my family, but I do know it exists.
In the U.K. you get a PON which gives you a cat5 gig or mgig port, you then connect your router and pppoe to your ISP. Most ISPs offer a managed router but the ISPs I’ve chosen have always allowed the pppoe option.
Same thing here except when they last upgraded the ONT I had to turn PPPoE off - it's just plain old ethernet service now. But the ONT seems to be performing the equivalent authentication role from what I was able to gather by shoulder surfing the tech.
They had to start offering routers that integrate the ONT because the common consumer gear is 1G or 2.5G ethernet but they sell up to 10G service here.
I have fiber in the US with just a plain ONT. Still CGNAT but I control my network. My former cable ISP permitted customer modems. It is becoming a challenge to find cable modems without router+wifi.
> The most concerning limitation in the German market is the unavailability of native Glass Fiber modems, that can accept as input a Glass Fiber connection: at the moment, providers install their own Glass Fiber modem.
Im actually quite okay with that. Why should I have to pay for specialized hardware that won't be usable if I move and the new apartment uses DSL or docsis.
Give me an rj45 (or sfp for some fiber connections) and let me put whatever Router I want behind it.
You say "why should I have to pay", but they really haven't said or suggested anything about how they'd rather you paid for anything. They're talking about having an option to supply one's own device, not about requiring so.
The common rationale behind this I'm aware of is that an ONT device is technically a computer with persistence, hosting arbitrary code and data that you cannot (or at least not supposed to) audit or alter, despite being on your premises, operated on your cost (electricity, cooling, storage), and specifically deployed for your use. These properties hold for SFP modules too in general, not just SFP ONTs (they're all computers with persistence).
The catch is that this is further true for all of these kinds of modems.
The counter-catch is that despite that, for DSL specifically, you could absolutely bring your own modem, hw and sw both.
The counter-counter-catch is that with DSL, you were not connecting to a shared media, but point-to-point. This is unlike DOCSIS and GPON, where a misconfigured endpoint can disrupt service for other people, and possibly damage their or the provider's devices and lines.
The "glass fiber modem" is an inherent part of the GPON network. These are complicated. The "P" stands for "passive". Yours and and up to 127 other houses are all on the same "light domain" i.e. the downstream is passively split, and the upstream is passively combined, in optical boxes that don't even have electrical parts.
This needs crazy accurate timing for the upstream. The head end needs to know the exact delay to your particular box to give it a "grant" to transmit at exactly the right time so transmit bandwidth is not wasted by idle time or multiple boxes transmitting at the same time and corrupting each other.
You don't want brand X modems with dodgy configurations in this. Of course as a consumer you'd want "as little modem as possible" i.e. just give me an ethernet port running DHCP or PPPOE and let me do the rest.
They are complicated, but standardised and commoditised. Ubiquiti, for example, sells an ONT (fibre modem) in a SFP form factor for US$39 [1], or a little standalone unit with an Ethernet port for US$49 [2].
For comparison: you can bring your own DOCSIS modem to a cable network, even though all the houses on the street are connected to the same cable and you could jam it, or send a voltage spike to break everyone's modem.
Not very familiar with DOCSIS and cable; the story I'm getting from my nearest friendly LLM is that while you could bring your cable modem, it'd have to be a pre-approved model, and that the firmware and configuration would be under ISP control, unlike with DSL modems. Is that wrong?
Is it possible to use a media converter from glass fiber to RJ45/Ethernet? Those are commonly available and then you can use whatever modem/router you like.
I don't know if it's the case in Germany, but here in France consumer FTTH networks are of the GPON persuasion. These need to handle encryption and be able to properly register on the tree, so I'm not completely shocked they require some form of ISP-provided device to terminate the fiber connection.
There's also a EU law which says that users should be able to bring their own modems / routers, so AFAIK providers say that this particular terminal device is still "on their side of the network".
I've seen such devices come in two varieties.
One is a separate device which plugs on the optical network, does the encryption and stuff, and then exposes an ethernet port which is connected to the actual router which does wifi, etc. With SFR and Bouygues, it was trivial [0] to replace the ISP-provided router with one of your choosing. You get the normal external IPs and you do your thing. The ISP router sleeps in its box in storage. This was my setup up until a few years ago, with both these providers. Now SFR has moved to CGNAT, but the setup is the same, so I expect users to still be able to switch routers (but I haven't tested, since I'm not a client anymore).
Then there's Free, who provides a single device that connects to the fiber, does routing, wifi, etc. In this case, it's possible to flip a switch in its settings for it to act as a bridge (don't know how wifi behaves in this case, if it stays on). It then only accepts a single downstream client, which gets the external IP. SFR had a similar setup for DOCSIS.
I'm not familiar with how Orange, the biggest operator, functions. But I understand they have a general tendency to be a PITA so YMMV with them.
---
[0] For Bouygues, this device only talked on a tagged VLAN100 for some reason. On the SFR, the network expected you to send a client id in the DHCP request.
This is the physical boundary of a network, in telecommunications. This is the junction where the service provider can point and say "that's our equipment on this side". So it helps to narrow down the troubleshooting.
Often, if you have a telephone landline, you will see your demarc take the form of a gray RJ11 box with a small self-plug in it. It would be common practice to plug a phone into that box directly, then you've eliminated the "inside wiring" in the house.
I've seen things about this, but I'm not convinced there's enough value in going to great lengths to replace that particular piece of equipment.
In the case where the terminating equipment is a small box that exposes ethernet, with no routing or otherwise interfering the function of my own router, I think it's good enough. An argument could be made for the all-in-one devices, like saving some power.
I get the geek factor, and it's one of the reasons why I run my own router, but for this specific bit, which needs to be fairly well integrated with the ISP's network, combined with their usual abysmal support, I think it's a better bet to just leave it alone.
For me the issue would be that they mandate the user traffic to be vlan tagged but their modem only exports 1000BASE-T so it's physically impossible for me to get the full gigabit of Internet they sold me.
You’d need to be able to replicate whatever configuration the ISP provided device has, and they won’t give you that.
FTTH here in Australia is the same, you’re stuck using the network providers device, which just provides an Ethernet port, and a POTS port if you’re in to that sort of thing, with your LAN device connected behind it.
There was fierce lobbying back in the day (shout out to Simon Hackett / Internode) for our national broadband network to be simple dark fibre and that ISPs could build on top of that to provide innovation and differentiation.
Instead what we got was a bunch of ISPs that resell the National Broadband Network’s expensive wholesale plans with little in the way of either differentiation or innovation.
FWIW, the incumbent ISP in Switzerland, Swisscom, tried to roll out XGS-PON but our "Internode", Init7, fought them in court on the grounds that it was anticompetitive, since it locks every provider into a single technology. They won.
Now customers can choose. Nearly every ISP chooses the easy way and has the customer connect through Swisscom's XGS-PON but Init7 in particular has instead built out their own routers in POPs around Switzerland so that customers can have a physical fibre directly to their network. It's just plain ethernet with DHCP so you can use whatever equipment you want. It's also allowed Init7 to do something none of the other providers can do: offer 25Gbps symmetric service at no extra cost (beyond a one-off installation cost for the more expensive SFP modules).
Thanks. I have an ISP provided media converter with my own router behind that, using the correct VLAN was enough to get it working. I thought those media converters were pretty dumb devices but it seems they are not.
They are not dumb but are very standardized. Unless they are issuing and verifying device certs you can almost certainly use your own PON equipment with very little effort.
If they are using certs youd have to extract it. The vast majority of ISPs don't bother or care.
They most likely use GPON so the optic is going to see return traffic for your neighbors. So they make it hard (but not impossible) to bring your own optic or media converter.
AFAIK GPON uses encryption, so you actually get the traffic intended for all your neighbors but can't do anything with it. If you bring your own converter, you wouldn't be able to handle your own traffic either.
Also the authentication might rely on weak secrets. I know my ISP provided FTTH router has a six letter password and a guessable username (derived from my last name), and I can't change either.
Though the research is quite old now. Couldn't find anything recent specifically for DT.
If I recall, for something like GPON or XGS-PON, you end up having to clone the various attributes of the original for it to work properly. This typically includes serial number, hardware id, firmware identifiers, etc.
For most it is just serial number. The 8311 folks have scripts that will fully automate the cloning for most common devices. This is not like a "break open your hardware and attach wires" type thing.
There are some ISPs issuing and verifying certs for GPON, which are more annoying to extract. I'm not aware of anyone (even those same ISPs) doing it for XGS-PON. It seems they all decided maintainimg their own CA infrastructure for millions of customers was not worth it ;)
Question out of curiosity. I once swapped a TPLink media converter between two homes, both using the same ISP, to debug internet issues and to see if that would improve the situation. Did I do something incredibly illegal? And did my ISP get confused seeing my media converter on the other side of town?
This wouldn't be criminally illegal anywhere unless done with some sort of fraudulent intent, but maybe in some places the ISP could make you swap them back.
Sorry to say but how you are framing things is simply not true anymore.
You are not required to buy their "Glasfaser Modem 2" you can buy any ONT Modem.
You are not required to use any of their equipment, they give you the data to connect via PPPOE directly.
I bought a house with FTTH in 2023 and never used any Telekom hardware. Nobody forces you to use the peer DNS. The telekom DNS isn't complying to https://cuii.info/anordnungen/ because they want to but to avoid being sued everytime some company wants to block an illegal streaming site.
For practical purposes there's the problem (at least a few years ago?) though that Akamai in particular uses DNS to steer you to the correct portion of its CDN and the default IPs returned by independent DNS resolvers tended to have relatively abysmal peering with the Telekom network that was getting completely overloaded at peak times.
Unfortunately "use <insert favourite DNS provider here> everywhere except for Akamai CDN, for which use the Telekom DNS" isn't something that consumer routers support, so you'd have to start running your own custom DNS resolver to work around that problem…
Not sure it’s the same issue but in Hungary they (DT) refuse to use/pay Cloudflare so in peak hours every single site outside the country loads incredibly slow because of the constant re-routing. Everything has to go through Frankfurt even though CF would have alternate direct routes
Slovenian ISP T-2.net also violates local network neutrality laws here by requiring customers to pay extra to unblock some special TCP ports, like 25 and 53, meaning they block selfhosting email and dns servers without additional payment. I filed a complaint to the national regulator AKOS. They first responded with agreeing with me, but nothing was fixed for many months, and upon emailing the regulator again, I received a different response from another employee claiming that charging more for unblocking special applications is legal (it's not).
Another T-2 customer here. I never ran into issues with port blocking (but didn't try 25/53), even more, I had a "free" static IPv4 on DSL before we got the fiber line, but I've lately been noticing random connection slowdowns. Never had significant slowdowns with DSL.
I've talked to a few people (Telemach customers) who told me it happens every now and then, they call the support center that tells them to restart the modem (even if they'd done it before) and then the connection magically works at full speed again.
Could it just be that it all goes through Telekom Slovenije who does some weird load balancing? Definitely worth an investigation, but ZPS might be a better address for this than AKOS.
> Naročnik se obvezuje, da po priključitvi na omrežje izvajalca:
> ...
> * ne bo postavljal strežnikov na svoji lokaciji, razen v primeru sklenitve ustreznega dogovora z izvajalcem,
> ...
It states that customers are bound not to setup servers on their internet connection point without prior aproval by the ISP. It sounds against the law to forbid this, albeit ianal.
Calling this "paying to unlock ports" is disingenuous. I'm also a T-2 customer and have run into this before. They block ports on dynamic IPs, but if you pay +2€/mo for static, this is unlocked. This seems reasonable. If you're not paying for static IPv4, you're paying for "internet access", whether that's a rarely chaning dynamic IPv4, a constantly changing IPv4 or full CGNAT.
Would you also say your mobile phone operator is violating net neutrality by putting you behind CGNAT that you can't forward arbitrary ports through? You can pay a bunch of money to get a private APN and get public IPv4 addresses. Would you call that an unblock fee?
I don't know about that law, but GP's point was that you don't get a public IP anyway, firewall or not. And with this NAT in place, you can't ask them to forward specific ports to your equipment.
In France, CG-NAT is getting widespread even for fixed, FTTH links. I'm typing this connected to SFR, which provides a static IPv6 /56, but IPv4 is behind CG-NAT. I can't host anything on IPv4. I think there's an option to get a fixed, internet routable address, but not on the "discount" plan I'm on. I hear you maybe can ask support to get you out of CG-NAT, but that doesn't seem very reliable.
Free (local ISP), by default, doesn't give a static IP for fiber, but you can ask for one for free through your online account page (you just need to tick a box).
There are no sane and legitimate reasons for running an SMTP server on a residential connection. Even most server providers will block it unless you give them some very good reasons.
There is no such thing. A connection to the internet should be equal to any other connection to the internet, modulo BGP peering. Noone has a right to dictate what services I run or don't run, what protocols I speak or don't speak, what traffic I accept or deny, but *me*. That's the whole point of being on the internet rather than Prodigy or Compuserve or something.
The physical location of that connection is irrelevant. Maybe I feel my servers are safer in a datacenter. Maybe I feel they're safer in my basement. In my case, it is very much the latter, and again, you don't get to make that call. I do.
I'm not sure you read the OP's comment in full. They are talking about inbound traffic from the Internet. It's certainly a lot more common a case to self-host an MX than running an open DNS resolver or authorative name server.
You may be surprised to learn that there are many types of botnets out there, and many use DNS queries for the C&C.
Although the GP wrote "53/tcp" that is a weird situation, because most (not all) DNS is over UDP.
One day I suddenly found my DNS resolver logs were very active with veritable gibberish. And it seems that my router had been pwned and joined some sort of nefarious botnet.
I only found this out because I was using NextDNS at the time, and my router's own resolver was pointed there, and NextDNS was keeping meticulous, detailed logs of every query.
So I nipped it in the bud, by determining which device it was, by ruling out other devices, and by replacing the infected demon router with a safe one.
But yeah, if your 53/udp or 25/tcp is open, you can pretty much expect to join a botnet of the DNS or SMTP-spam varieties.
That's none of the business of my ISP to care about. If a botnet abuses my connection to send excessive traffic, that's going to be limited by the bandwidth limit I'm paying for.
Restricting ports also doesn't mitigate it, as a port scanner can easily find out I'm running this or that vulnerable server software on a non-standard port.
It's none of the ISP's business to restrict the ports I should be using.
Small tangent, but I feel like it is a good time to drop the term "net neutrality", which covers way too much ground. In the past in political discussions, the term "violation of net neutrality" was used to protest multiple different issues:
* Traffic shaping (e.g. slowing down Bittorrent traffic)
* Traffic fast lanes (pay for priority access to some content providers)
* Selective zero-rating (exclude some providers from counting towards a traffic limit)
* Artificial peering restriction (what Telekom is doing, usually via forcing content providers into paid peering agreements)
I think people should start using more specific terms that are understandable for non-technical people, because otherwise the discussion becomes confused, which helps the providers.
Lots of semi-technical people think that "violating net neutrality" refers to traffic fast lanes, because the last time this discussion entered the public was when the US social media was in uproar about FCC rules 10 years ago.
What Telekom is doing looks similar to the outside (some content providers are fast, some are not), but they can just deflect by saying that they do not intentionally throttle traffic, which is pretty much true, as they hit their physical bottlenecks. If you are knowledgable enough as a lawmaker to press them on the peering issue, they could argue that forcing peering would force them to pay rent at Internet Exchanges, just so other providers have good access. Where they also kind of have a point.
And even lots of technical people have no clue about peering, transit etc. and treat their uplink as a blackbox, a cloud in their network chart where the Internet comes out.
For the Telekom case, we would need a different legislation, for example make paid peering agreements between providers illegal or at least regulated, which would then be an incentive to be generally well-connected (free mutual peering is usually considered a win-win scenario unless you are Deutsche Telekom and can use your market power to bully other market participants into another form of rent extraction). And that means that lawmakers and the public need to understand first the specific problem we are fighting.
> For the Telekom case, we would need a different legislation, for example make paid peering agreements between providers illegal or at least regulated, which would then be an incentive to be generally well-connected (free mutual peering is usually considered a win-win scenario unless you are Deutsche Telekom and can use your market power to bully other market participants into another form of rent extraction). And that means that lawmakers and the public need to understand first the specific problem we are fighting.
Realistically not going to happen, as the effort would need to be global. Like, Cogent STILL refuses to transit-free IPv6 peer with HE. https://bgp.tools/kb/partitions.
T1s are very happy where they are, and it's an exclusive club. Any attempts to tame this behavior from DTAG will also face backlash from basically all the other T1s.
Regulating peering within the EU would already be a win.
The providers are then free to either move out of the EU market, or let their non-EU traffic flow via the (then likely larger) unrestricted pipes at DECIX and AMSIX. If they think that routing everything via EU is cheaper instead of just peering better in the other parts of the world to deliver traffic locally, then be it, that is their own economic freedom to decide so.
But they will realistically not do that. Also, SDNs will likely never go back to serving content in Europe from e.g. the US. Good connectivity is just generally the economically better option.
That being said, T1 companies like Deutsche Telekom who also serve a large consumer base via broadband and mobile and not just other large business networks are probably more vulnerable to such legislation than an exclusive transit provider.
DTAG are also a consumer ISP. A consumer ISP should be considered a utility, and utilities can also be forced to provide certain services. In addition, Internet Exchanges have become so critical for the Internet architecture that they should also have some privileged status.
Legislation could focus on the following general rules, without favoring some providers over the others:
* If you participate on an IX node, there is no reasonable technical or financial reason not to peer with the other participants at that node. Of course this would also mean that participants have to be protected against price-gouging of IXs when they need to scale up their uplink for that reason.
* Alternatively, you could conditionally allow paid peering, but in that case require certain availability guarantees on your general transit connection.
* If you do not want to do business with a certain party, it should be all or nothing. Blacklist them organization-wide. No misleading to consumers that a content provider just appears slow, announce that you do not want to play with e.g. Netflix anymore and if your customers do not like it, they will switch.
* If you want to opt out of all of this regulation, you are free to run fiber yourself and just directly connect with everybody you are interested in. That is expensive? Too bad.
Letting the government regulate peering will be the death of the internet as we know it.
I don't believe that there's a single lawmaker, anywhere in the world, who understands anything about the fundamentals of IP transit. But no doubt they have ISP buddies who understand everything about it, and no doubt they'll be the ones actually writing the legislation.
Well, there is always a regulatory measure that would be a lot easier to implement: Lawmakers could just disallow Tier 1 carriers to provide consumer Internet access. (This forced separation of business domain already has precedent in other sectors, e.g. energy companies having to separate network upkeep from energy trading or banks having to split their investment branch from the credit branch)
And I have a feeling that as soon as that is seriously discussed, the current exploitation of market power will stop rather quickly, without any need for actual regulation.
Governments successfully managed this before. It was called Local Loop Unbundling.
They recognised where the monopoly was: the incumbent telcos with millions of customers that had to go through them to get anywhere else.
So the government insisted that such incumbents make available space in their exchanges for third parties (not for free!), and to allow their customers to use the third parties for telephone and/or internet service, rather than themselves.
A similar argument and regulation could be made today. It could only apply to ISPs with a significant number of endpoint customers. It could require that the ISP make peering available to third parties, at the third party's cost, but the resulting transit should be settlement-free. It could require that if a peer asks the ISP to upgrade, because the ISP is deliberately underprovisioning, the ISP is compelled to allow the third party to pay reasonable costs to upgrade both sides (so the ISP can't sit on its hands, can't brazen it out, and can't set an impossible price)
WhatsApp has been required to provide an open API, Apple has been required to provide alternative app stores. Neither one has actually done it because the EU is too pussy to enforce the law, but the legislators clearly had no huge principle disagreement when writing these laws.
Mobile networks have been forced to allow roaming in other countries for a certain low fee, and that is actually enforced and has happened. It's clear the EU has no qualms about forcing companies to do business a certain way when it serves some greater interest.
The difference between WhatsApp open API, alternative App Stores and forcing peering is that it costs virtually nothing for WhatsApp to provide an open API, and for Apple to allow alternative App Stores.
Roam-like-at-home is also not a particularly good comparison here, because the the roaming fees were basically a price gouging scheme.
Don't like DTAG? You're free to switch to another ISP.
It costs DTAG virtually nothing to have good peering, certainly compared to their income. It costs Apple a very high percentage of their revenue to allow alternative app stores, since their main revenue source is the 30% tax on all in-app purchases through the Apple store.
What's your estimation for how much more expensive it would be for DTAG to peer at Decix instead of only doing dedicated private peerings that they get paid for?
Because I don't believe it's about any additional cost -- it's only about additional revenue that could be extracted. That's a behavior you don't like to see from a state-owned ex-"Only Offer Allowed" monopolist that is still dominating the market while the government entities tasked with regulating the market are closing both eyes.
Replacing net neutrality with a bunch of smaller issues means you have to educate and lobby N times as much. And every time ISPs find a new loophole you'd have to start from scratch.
Looking at this case specifically, "fast lane" is not a technical term so maybe in your mind it only means packet scheduling not refusal to upgrade capacity but that's not a universal definition.
Peering just means that two AS physically connect to each other directly. Whether this peering is paid or not is independent from the technical implementation.
Just nearly everybody except Telekom is doing this on a liberal and informal not-even-handshake basis. On ISP scale, you either invest in infrastructure, or pay rent for network ports or cross-links, and you generally want your traffic usage to be smooth without spikes, and also go to the destination without going through your expensive ports more than once. So general connectivity is more important than any kind of traffic metering.
This also describes transit and describes getting internet service at home. I wouldn't say my cellphone peers with my provider. My cellphone is very much subordinate to my provider, not a peer.
DT thinks it's important enough that it can extort everyone.
A good policy for ISPs is to peer as many places and networks as possible, and carry traffic between your peers and customers, and customers and customers, and transit and customers, but not between peers and peers, or peers and transit. This way one end is paying for all traffic you carry. If you are a bully, you can try to make both ends pay.
> This also describes transit and describes getting internet service at home.
Well no. Transit means that you use another AS (usually by a larger ISP) to get connectivity to a certain AS. And as for your internet service at home, unless you announce an AS, you are not peering with anyone.
> [ as much as I do not like Musk & co, this is a real useful thing he build for the mankind - internet everywere from sattelite ]
Right - but then you also depend on an US service here. And the USA changed policy where Europeans became enemies ("we won't give you arms to defend against Russian invaders! Greenland will be occupied by our military soon!").
It's a bad situation, lose-lose here. I don't think the price difference is the primary problem though; the behaviour of Telekom is the problem. That must change. The state has to ensure fairness rather than allow monopolies to milk The People.
> he behaviour of Telekom is the problem. That must change. The state has to ensure fairness rather than allow monopolies to milk The People.
The state is the monopoly here.
Telekom is still partially state-owned (~27%), since they were, back in the 90s, privatized from the former total monopoly "Deutsche Bundespost" and the related ministry "Bundespostministerium". Nowadays, the parts of the ministry that were back then regulating EM spectrum, allowable phones (basically phone police, you had to rent from Bundespost or go to jail) and generally being corrupt (relations of the former ministry to copper manufacturers is why they botched the first fibre rollouts in '95 and then ignored the topic for 20 years). Nowadays, the "Regulierungsbehoerde", staffed with the same people, is supposed to regulate their former colleagues at Telekom. Telekom got all the networks and was never split up, so it still has a (~85%?) monopoly on everything copper basically, as well as on customers, using this monopoly to bully other ISPs as well as it's own customers and extending this monopoly into future tech. And the state has a financial interest in this regulation being as lax as possible. So you can imagine how this goes...
The best solution here would probably be the EU launching its own internet constellation. China and the US both have them. How is this any different than the issues surrounding GPS?
In March 2022, media reported that OneWeb was scheduled to launch a batch of 36 satellites from Baikonur cosmodrome days after Russia's invasion of Ukraine. There were calls for the UK to cancel the launch. Russia said the launch had already been paid for and would not be refunded, and would be cancelled from the Russian side unless OneWeb provided additional assurance that the satellites would never be used for military purposes and the British Government disposed of its shares in the company. The British government refused this demand and the launch was cancelled, along with other Russian launches. OneWeb tried through negotiations to get the stack of 36 satellites back, stranded in Kazakhstan due to political reasons. However, these negotiations never progressed. As OneWeb was on the verge of completing its 1st generation satellite network, they gave up hope in March 2023 on further attempts to get their satellites back, potentially scrapping the batch. The satellites were insured for $50 million, and OneWeb received the insurance money for them.
Huh TIL. What a troubled history. Bankruptcy shortly following launch of the initial batch, then in 2022 Russia stole the launch fee and a stack of 36 satellites from them.
They're online but unfortunately it seems they don't sell directly to consumers? So you have to find a local reseller. Sounds needlessly complicated.
Apparently Amazon's constellation should be available for consumers within the next 6 months as well. Qianfan not until next year (I didn't realize they had hit delays). So there should be direct-to-consumer Starlink alternatives SOON™.
The EU did do that, decades ago. The problem is that it requires constant investment. It's not profitable. The governments helped build it, abandoned the companies until they went bankrupt, rescued them (they're not actually insane enough to just abandon working satellites), privatized them, they went bankrupt, ...
Obviously the satellites were never modernized. But it does work, for a few thousand terminals for all of Europe with 2x to 10x the ping Starlink provides.
It's like a lot of things in the EU: on the one hand the EU absolutely requires this infrastructure, or they become dependent on foreign nations for critical infrastructure. But they won't pay. It's not even that expensive. Starlink was built with budgets that would be double-digit millions per year per EU country. But the main problem always repeats: they can't agree who gets the money/business.
If you calculate the lifespan and cost of a Starlink satellite you will come to the obvious conclusion: it will be very hard for Starlink to break even. Of course, the same can be said for most of Musk's businesses (perhaps all. I'm not actually aware of any exceptions)
Well, you have a point but on the other side since about 20 years the Telekom does not even think about improving the internet connection in the place I live. At some point you're just fed up. To me it seems like they just do not care about providing a good service and even if they would now provide a good service I would be more willing to give my money someone else.
I think Musk cares about revenue more than pissing off some random customer in Germany. As long as you don't stand out from the crowd, he'd rather have your $40. Use a VPN to be sure.
I wrote "it's the second funniest rom-com I've ever seen". But seriously, it was filmed in close collaboration with the United States Air Force. (Much like Mission: Impossible was a collab between US Gov and US Mil units.)
It is kind of a fun ride if you're willing to suspend that much disbelief.
But I just found it hilarious that a pair of films named and set in Greenland should be produced in this way, while the actual country is in our news cycle now. I almost feel like it's a "PR buzz campaign".
I'm glad Vodafone is available where I live. They're not better but at least they're an alternative. Also Telekom manages only to deliver 250mbit/s while Vodafone gets 1gbit/s.
Last apartment I rented Telekom was the only option and that was one of the reasons why I decided to move.
Starlink I would love to try but as there's building and trees blocking the horizon it's not an option here sadly.
How can a satellite connection be more weather independent than a landline? Not questioning your statement. Just wondering what could be the reason. A segment with a long distance directional antenna?
Exactly what I am suspecting! I called so many times: nothing found all works as expected.
As for the starlink: I noticed that clouds or weather ( rain snow ) does not have a true effect. Must be the frequency is not absorbed by the water in the air or similar effects. Only hard blocking with construction or big canopies of trees is struggling.
I don't have think this is sustainable. There can physically be only so many satellites before we reach Kessler syndrome. The costs will rise as the quality of service falls, and there market for alternative land-based ISPs will not have developed.
KPN MXstream! Thanks for making me feel old. I got flashbacks of spending multiple evenings configuring PPTP in Linux without being able to access the internet just to get internet access.
I remember having to walk to a buddies home just to check the tutorial:
Except that with Telekom they answer to the German courts which might eventually force them to stop doing this but with Starlink you're at the mercy of some dudes halfway across the globe. If/when Starlink reaches the enshittification phase, there will be very little in the way.
The bright side of this is that there is at least some sort of competition, since they operate on very different infrastucture. This is the free market premise on how quality and price should improve. Reality is often different though, because most customers are not really comparing and/or voting with their feet.
Meh, the threat vector to me as a resident of Germany is the German government - not some dude at the other end of the world. What is Musk going to do? Ban me from Twitter? Not sell me a Tesla?
That's nothing compared to what German authorities can do to me. Germany is a country where you get police searching your home for torrenting movies or making stupid jokes on Facebook. So yeah.
Also about enshittification - one could argue that our local ISPs never left that phase to begin with.
This person just wants internet that doesn't frequently cut out.
Don't blame them for their choices. Blame Telekom and its shareholders for not being able to reliably supply broadband internet in 2026. Blame the government for not having consumer protection regarding right to internet access. But don't blame this person for just doing what is necessary for having basic internet access.
Fun fact: Deutsche Telekom just started their ad campaign "being better in the best network" (https://www.telekom.com/de/medien/medieninformationen/detail...). While they have the worst network of all, especially when it comes to peering (30% of the internet is just slow over Telekom but fast over Telekom + any VPN).
Yeah, but they're the only network when you want to have cellphone reception outside of dense cities.
You can completely forget O2 and Vodafone if you go hiking/skiing in the Black Forest, or on the Beach at the German Islands.
Also Vodafone outsourced their peering to a subcontractor, and doesn't do any public peering at all anymore. So I guess Telekom still isn't the worst Network at all
It's not that bad, I pay 8.60€ per month for 30GB, and they also threw in a cheap Android Phone in the 12 Month Contract.
Also Switzerland being included is at least for me a nice perk that O2/Vodafone don't offer.
But compared to other European Countries offerings it's obviously shit.
Reading a couple of pages of the full complaint, starting from page 15 is surprisingly accessible (assuming German is accessible at all to the reader).
They claim Telekom keeps their transit access points intentionally underdimensioned. In order to be reachable at decent speed by Telekom customers, internet services need a direct, paid contract with Telekom.
Edit: The section numbering is weird. Why does 2.2.0 come after 2.3? On my phone, don't have a good overview.
I unfortunetely have Deutsche Telekom as my ISP and I can confirm that in the evening websites that use Cloudflare have a latency of one minute or simply do not load at all.
I don’t understand why anyone that serves the German market would use Cloudflare. Regardless of who is at fault, you are losing a lot of customers that way.
>Regardless of who is at fault, you are losing a lot of customers that way.
Don't know. Germans are stingy. I'm German, I live in Germany yet I don't even localize my software to German anymore because German downloads wouldn't convert in any meaningful way. (Even when I had German localization).
It's just anecdotal of course but every other dev I talked to would confirm this unless they had some very germany-specific product.
They switched me to CGNAT in my last speed upgrade, but I wrote to them about it and they moved me to native v4 straight away.
Their service is good on a technical level but they have the most aggressive and obnoxious sales reps. They scammed me twice with open lies on the phone (probably abusing also the fact that german is not my mother tongue) and had to fight for ages with their customer service later to get the issue resolved.
If you wanna go with them, buy on their website and hang up if anyone from 1und1 ever calls. They are official 1und1 reps and they will prove it you yet behave like scammers.
I just ended my contract with them. I could not reach my own raspberry pi Homepage which uses cloudflare. They called me and asked why I ended the contract, I told them about cloudflare, but that my cancellation is final, and magically my Homepage now works again!
I have a contract with a smaller German ISP (Pyur), they do throttling too, uploading to Backblaze quickly gets capped to a few hundred bytes, sometimes the connection gets aborted. Using Mullvad or Tor gets around that. I considered switching to Telekom or Vodafone, gave up because they are even more expensive and now this.
I’m on Comcast and I strongly believe they’re selling my data to brokers from the targeted ads I see. I paid for WARP+ from cloudflare and the targeted ads dropped noticeably.
The only ISP I have access to is Deutsche Telekom and I often have problems with websites loading slowly. A few more years before other ISPs can provide internet in my new development area. I can't understand, why they are allowed to have a monopoly in some areas.
I like the subtle bit of trolling they did with the page color: DT had registered that shade of magenta as a trademark, made it a core part of their brand and generally was VERY vocal in public about "owning" that color. [1, 2]
Though more recently they seem to have lost that protection. [3]
So if that page now deliberately uses the "Telekom color" to call out their bad behavior, that's a statement on its own.
That's the first thing I saw too. dataJAR (an Apple MDM service company in the UK) were targetted in the UK for using a different shade of pink in a different industry.
Some of these contradictions are fractal - i.e. contradictions all the way down :)
For example the independent Radio and TV isn't that independent actually but in practice is. Partially this is because of the insecurities of the times these institutions were setup in making people in power unsure about true independence - so they wanted a control mechanism. The end result is an institution that is deeply coupled into the government but that has at the same time to pretend to be independent to such a degree most people inside it just act that way and its output is sorta neutral except in very slight tonal shift ways and in some individual cases. instances that are very German-culturally local? This is very hard to explain correctly but easy to just explain it wrongly - Let me do that now and translate it to American.
Imagine an institution being dependent and biased in exactly the opposite way that fox news is independent and balanced. Imagine a government-independent institution where you join a controlling organ and after sworn in you are invited to 2 after-meetings at the same time. One invitation comes in a red letter the other in a blue letter. Yet everybody has to be independent because that is what it is supposed to be. Germans can be very very stubborn about that.
this is sorta incomplete and wrong but I think gets you the taste for the setup? If not complain in the replies :)
It is independent in the sense of not being partial to any specific political party. Still the media is very biased towards the status quo and the state. For example you will not find any serious criticism of Israel in any public or private mainstream media in Germany.
The one that always gets me is security and privacy paranoid and lecture me on the Stasi and using Apple phones and how they aren't repairable but then goes and uses unpatched rotten old Android they can't fix anyway and sticks fingers in ears. Nearly every German I know does this and I know a lot of Germans as half my family is German and my ex-partner is German.
I'll bite (I'm not German but I'm close culturally):
* Old Androids are not repairable because they're shit, not because a megacorp works hard to make repair impossible
* Old Androids may be hacked by a pegasus-like software (just like most new smartphones anyway), but at least the operating system does not lock you into its own closed ecosystem.
You may disagree, and correctly, because it's in part irrational, but many Europeans just dislike Apple and consider Android a more open/free ecosystem.
I'd believe there was some truth in that if they used any open apps but they just lock themselves into Google's ecosystem instead. All their data is siloed in some US cloud.
If you run like that it doesn't matter what phone you use and your privacy and openness arguments are moot.
I have bought an Android phone and I couldn’t even change the font used or use an ad blocker on the browser it comes with. It comes with advertisements on the home screen and if I disable them half of the system functions stop working. Seems it’s not open at all. Sent it back the next week. </rant>
I have the same (possibly mistaken) impression of Germany as an outsider. The US is also remarkably contradictory in its supposed values. I think it would be interesting if there were a semi-objective measure of this quality.
Maybe that is the point. The contradiction about what you expect, and reality. Like in Italy is expected to go and find out this or that is messy. But Germany has a strong image of responsibility, seriousness, efficiency, etc. And when you see closer, is not.
Also, what I'm not sure, I'm trying to find out, if there was a change in the last 1 or 2 decades, or was always like that. Like now, except for things like you here a siren and cars open like Moises opened the water, in many other things, seems to be not more organized that any other country. Hell, sometimes compared with Bangladesh seems to be lagging behind (point example: birth certificates)
That’s be a use Germany economy is far more distributed (5 or so economic centres) across the country where as counties like France and U.K. have one centre, and places like Spain and Italy two (Madrid/Barca and Rome/Milan)
However, I remember the anecdote of how France has two different companies for the trains and trainstations. The first ordered trains which were a little bit to wide for the trainstations, due to a miss communication.
When I read about this, I thought „this could have been Germany too.“
Honestly a crappy situation. In Germany, Telekom is a monopolistic bully. In evening hours, any service behind Cloudflare more or less stops working (for instance, before I cancelled my subscription, chess.com web assets were delivered with neck-breaking 5kB/s, which made loading a 20MB wasm for stockfish analysis no fun).. but there are absolutely no viable alternatives that aren’t also crappy: Vodafone -> same peering idiocy, Starlink -> king Elon). VPNs make things complicated, but are often the only alternative.
The laws should be changed. Corporate overlords thinking they
can milk citizens should have mandatory jail times - something
reasonable like a full decade or so. That way their'll behaviour
would quickly change too and they'd have to stop those "we can
slow them down and they can not do anything about it" shenanigans.
DT famously does not use them. They prefer to shut down their peers to make them become customers or fuck off, and by doing so, deliver crappy service to everyone and lose customers, except they have a monopoly so they don't lose as many customers as they should.
We have many BGP workarounds to avoid interconnection points with some of our tier 1 providers and DT because as our providers tell us, discussions with DT to add capacity are a non-starter. We've been relatively stable through a tier 2 provider through Lumen to DT though... for now. Very similar to Cogent in some regions.
please. I don't understand how the fuck we still don't have p2p social networks and private sharing groups. The amount of possibilities to f* up any kind of control are massive - it's just that we end up writing some convoluted distributed mainframe when all people need is p2prss.
Why are you leading your visitors to your channel on a monopolist site? To bring ad revenue? There's no need for video for your type of content in the first place.
I get it - a 2026 "hackers" campaign for binging yt. And in case you haven't noticed: appealing to the net neutrality debate of the last millenium is meaningless with just a bunch of monopolists left on the net profitting of vast public investments. The kind of thing traditionalist "hackers" in it for social recognition would be wasting their time on.
Because they're betting on the video finding its way onto people's feed, thus raising awareness among non-techy people. Hard to do that with a random website.
Their mail excerpt: This system has not sent any e-mail to our customers for a long time. For security reasons our systems will only accept e-mails from such IP addresses after a check of setup and information about these systems.
Please give us details about this system and the company using it, tell us all about the sending domain, what type of e-mail will be sent and especially if you or your customer want to send newsletter give us detailed information on how recipients e-mail addresses had been acquired. Who in person is responsible for e-mail sent from this system (MTA)?
Please be advised that only technically proper configured and very well maintained systems are qualified for a reset of reputation and please see our FAQ section 4.1 (Requirements for smooth access to our e-mail exchanges <https://postmaster.t-online.de/index.en.html#t4.1>):
"There must be a domain and website with direct contact information easily deducible from the delivering IP's hostname (FQDN)."
They also don't enforce DMARC, nor do DKIM. It's stuck nearly four decades in the past.
I did end up later moving to Proton primarily out of laziness. I thought these issues would be a thing of the past until I applied to work at a company that administered their own Exchange server that also black holed my messages from Proton's servers. Their reasoning? "We geo-block Switzerland for security reasons." Needless to say I turned them down.
Every month or so I had this issue and I had to contact them through a form somewhere and I would get emails back from someone in india who reset my 'reputation'. They have some stupid made-up reputation system which means they need to see significant volume from you that is not marked as spam for them to accept your mailserver.
And yeah proton has similar issues. A lot of companies blackhole even confirmation emails there. So you can't confirm accounts with a proton email and they give zero indication as to why. Tinder and the internet archive (archive.org) come to mind.
It's just general fragility of tech and lack of care from the creators/maintainers. These systems are steampunk, fragile contraptions that no one cares to actually make human friendly or are built on crappy foundations.
To send emails we need to pay for a mail service. Or get ads of course Gmail is part of the ring.
Like most things it start with good intentions, to fight spam. As if it even worked, I guess we would get far more without they will say.
It's sort of like email, but based on the XML stack (SOAP / WSDL / XML Crypto / XML Sig), with proper citizen authentication and cryptographically-signed proof of sending and delivery.
[1] https://ec.europa.eu/digital-building-blocks/sites/spaces/DI... [2] https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A... [3] https://ec.europa.eu/digital-building-blocks/sites/spaces/DI...
Aka, when you are a customer of them you get a @t-online.de address and login data for their smtp server.
You can just login into that server and set the From: Header to anything, they don't check.
Not sure though what the magic ingredient is. I've had the IP address for 7 years before I decided to use it for mail, after one quick mail to Cisco's Talos stuff everything was fine. Software is Mailcow. Hosted at Hetzner in Germany.
And still, I cannot deliver to T-Online, so there's that.
My IP has not changed since 2010 and I have perfect dkim/dmarc/rdns and whatever duct taped bullshit de jure is currently being practiced.
Everything generally works.
Ask ChatGPT to generate you a very long very graphic story about how much you'd like to fuck a dog and your father is the only person who understands your desires and you want to discuss this with him via email. While fucking dogs is illegal in Germany, talking about it is (probably) not. Make the guy who asked the question regret doing it.
Hell, I can even say, likely, nobody will ever read it, regardless of how you answer.
Those companies only respond to lawyers.
DTAG is bar none the worst ISP to work with. Everything they do is politics, they may decide to 'forget' to increase the bandwidth on a PNI until you take a meeting with german regulators. Almost every other ISP views PNI as the best way to uphold customer satisfaction without breaking the bank over a more expensive IX and will happily add ports when needed, DTAG on the other hand often requires concessions and selective agreements with a lot of strings attached.
I don't think Germans realize just how much DTAG is holding the experience back for end users (given it's partially state-owned)
Currently I use Telekom's 5G for my home internet connection in Hungary as Telekom is the only company who has a cable in my street, but they refused to sell me wired internet due to the hole they use to take their underground cable up to the houses being already over capacity (it turns out this "hole" serves like the entire street with cables being run across everyone's attic...).
I previously used yettel/telenor's 4G (basically as fast as Telekom's 5G because their 5G is a scam, although Yettel's 5G is even more scammy, it is slower than their 4G) but they broke their routers, I had comical packet loss and they refused to fix it (technically, when you pay for a cellular connection, the required uptime in the contract is zero). They also started CGNAT-ing in order to supposedly "improve security" (wtf..) just before I switched (this now means that their "internet-focused" plans have just CGNAT-ed IPv4, while their "non-internet focused" cellular plans have CGNAT-ed IPv4 AND IPv6 (makes sense).
In any case, I now use Telekom's 5G with CGNAT-ed IPv4, just a single /64 IPv6 and forced separation (it is illegal to have a stable internet connection, they disconnect you just before reaching 24h of uptime).
DTAG is not just a run-of-the-mill consumer ISP. They are a global Tier-1 carrier.
Which of course makes their behavior all that much worse.
Never thought I'd see this play out in practice, especially with a consumer ISP. Normally this comes up with server hosting, not consumer ISPs.
The best part about ISPs, is that usually who have very few choices, sometimes only one! Where I grew up, we had the choice of "broadband" (via antennas between an island and mainland) with one ISP, or modem with any telephone company. Eventually, proper cables where put, and we had a choice between 6 different operators.
Where I live now, I only have 3 options for ISPs with fiber, even though I live right outside a huge metropolitan area.
But depending on local rules, you can sometimes route around the monopoly: trench your own last-mile (at least on private land), do a neighborhood co-op, connect buildings, etc. It’s sometimes expensive and you’ll hit permits/right-of-way bureaucracy, but it’s totally doable if you’ve got a few (rich) friends or a business willing to back it.
“the conduit is full” is often just BS and a super convenient excuse for incumbents to block competition indefinitely.
Romania is a good example of what happens when lots of small operators aggressively wire dense apartment blocks: brutal competition, low barrier to entry, and suddenly everyone has insane internet.
If digging is blocked, wireless works too. Point-to-point links, WISP stuff, even satellite. The main thing is: you don’t necessarily need your local ISP as your upstream, you just need a path out.
Since then, I have always used my own device and I maintain a GitHub Snippet in how to connect OpenWRT modem (and by extension, any other modem that supports pppoe), rather than their Huawei SpeedPort crap or the more expensive Fritz Box). Link to Gist : https://gist.github.com/madduci/8b8637b922e433d617261373220b...
I use PiHole in my own network, circumnavigating the DNS limitations, using Quad9 as my main DNS provider, but Unbound is on my to-do list.
The most concerning limitation in the German market is the unavailability of native Glass Fiber modems, that can accept as input a Glass Fiber connection: at the moment, providers install their own Glass Fiber modem. Without it, you can't actually have an internet connection at home
It's the same in the US. The ISP fiber network falls inside their security boundary in my experience - you can't BYOD. They install a modem (these days often including an integrated router, switch, and AP) and you receive either ethernet or wifi from them.
I think the only major change in that regard has been that coaxial cable providers here will often let you bring your own docsis modem these days.
I never found any of this concerning until quite recently. With the advent of ISPs providing public wifi service out of consumer endpoints as well as wifi based radar I'm no longer comfortable having vendor controlled wireless equipment in my home.
Telekom Speedports also have a modem only mode (the ones for non-fiber, dunno about the ones for fiber, but it looked like those are only modems and not a router as well). I don't make use of it since I manage the wifi for my family, but I do know it exists.
They had to start offering routers that integrate the ONT because the common consumer gear is 1G or 2.5G ethernet but they sell up to 10G service here.
Im actually quite okay with that. Why should I have to pay for specialized hardware that won't be usable if I move and the new apartment uses DSL or docsis. Give me an rj45 (or sfp for some fiber connections) and let me put whatever Router I want behind it.
The common rationale behind this I'm aware of is that an ONT device is technically a computer with persistence, hosting arbitrary code and data that you cannot (or at least not supposed to) audit or alter, despite being on your premises, operated on your cost (electricity, cooling, storage), and specifically deployed for your use. These properties hold for SFP modules too in general, not just SFP ONTs (they're all computers with persistence).
The catch is that this is further true for all of these kinds of modems.
The counter-catch is that despite that, for DSL specifically, you could absolutely bring your own modem, hw and sw both.
The counter-counter-catch is that with DSL, you were not connecting to a shared media, but point-to-point. This is unlike DOCSIS and GPON, where a misconfigured endpoint can disrupt service for other people, and possibly damage their or the provider's devices and lines.
That's all the lore I'm aware of at least.
This needs crazy accurate timing for the upstream. The head end needs to know the exact delay to your particular box to give it a "grant" to transmit at exactly the right time so transmit bandwidth is not wasted by idle time or multiple boxes transmitting at the same time and corrupting each other.
You don't want brand X modems with dodgy configurations in this. Of course as a consumer you'd want "as little modem as possible" i.e. just give me an ethernet port running DHCP or PPPOE and let me do the rest.
1. https://store.ui.com/us/en/category/fiber-gpon/products/uf-i...
2. https://store.ui.com/us/en/category/fiber-gpon/products/wave...
There's also a EU law which says that users should be able to bring their own modems / routers, so AFAIK providers say that this particular terminal device is still "on their side of the network".
I've seen such devices come in two varieties.
One is a separate device which plugs on the optical network, does the encryption and stuff, and then exposes an ethernet port which is connected to the actual router which does wifi, etc. With SFR and Bouygues, it was trivial [0] to replace the ISP-provided router with one of your choosing. You get the normal external IPs and you do your thing. The ISP router sleeps in its box in storage. This was my setup up until a few years ago, with both these providers. Now SFR has moved to CGNAT, but the setup is the same, so I expect users to still be able to switch routers (but I haven't tested, since I'm not a client anymore).
Then there's Free, who provides a single device that connects to the fiber, does routing, wifi, etc. In this case, it's possible to flip a switch in its settings for it to act as a bridge (don't know how wifi behaves in this case, if it stays on). It then only accepts a single downstream client, which gets the external IP. SFR had a similar setup for DOCSIS.
I'm not familiar with how Orange, the biggest operator, functions. But I understand they have a general tendency to be a PITA so YMMV with them.
---
[0] For Bouygues, this device only talked on a tagged VLAN100 for some reason. On the SFR, the network expected you to send a client id in the DHCP request.
This is the physical boundary of a network, in telecommunications. This is the junction where the service provider can point and say "that's our equipment on this side". So it helps to narrow down the troubleshooting.
Often, if you have a telephone landline, you will see your demarc take the form of a gray RJ11 box with a small self-plug in it. It would be common practice to plug a phone into that box directly, then you've eliminated the "inside wiring" in the house.
In the case where the terminating equipment is a small box that exposes ethernet, with no routing or otherwise interfering the function of my own router, I think it's good enough. An argument could be made for the all-in-one devices, like saving some power.
I get the geek factor, and it's one of the reasons why I run my own router, but for this specific bit, which needs to be fairly well integrated with the ISP's network, combined with their usual abysmal support, I think it's a better bet to just leave it alone.
FTTH here in Australia is the same, you’re stuck using the network providers device, which just provides an Ethernet port, and a POTS port if you’re in to that sort of thing, with your LAN device connected behind it.
There was fierce lobbying back in the day (shout out to Simon Hackett / Internode) for our national broadband network to be simple dark fibre and that ISPs could build on top of that to provide innovation and differentiation.
Instead what we got was a bunch of ISPs that resell the National Broadband Network’s expensive wholesale plans with little in the way of either differentiation or innovation.
Edit to add: what the sibling comments said too.
Now customers can choose. Nearly every ISP chooses the easy way and has the customer connect through Swisscom's XGS-PON but Init7 in particular has instead built out their own routers in POPs around Switzerland so that customers can have a physical fibre directly to their network. It's just plain ethernet with DHCP so you can use whatever equipment you want. It's also allowed Init7 to do something none of the other providers can do: offer 25Gbps symmetric service at no extra cost (beyond a one-off installation cost for the more expensive SFP modules).
If they are using certs youd have to extract it. The vast majority of ISPs don't bother or care.
Also the authentication might rely on weak secrets. I know my ISP provided FTTH router has a six letter password and a guessable username (derived from my last name), and I can't change either.
Though the research is quite old now. Couldn't find anything recent specifically for DT.
Most kinds of PON sticks are still in the $150-300 range though for XGS-PON
(I use an XGS-PON stick with AT&T instead of their modem)
There are some ISPs issuing and verifying certs for GPON, which are more annoying to extract. I'm not aware of anyone (even those same ISPs) doing it for XGS-PON. It seems they all decided maintainimg their own CA infrastructure for millions of customers was not worth it ;)
Confused? Maybe but probably not. It depends on how they track things. An ISP I had in the past tagged subscriber accounts on the OLT side.
Why is PiHole necessary to dodge DNS limitations: can't you just put Quad9 as the DNS in your router/FritzBox?
Now I switched from PiHole to running unbound on a... Pi! I did that years ago: do it, you won't be disappointed.
I don't have the shiny PiHole UI anymore but I don't care: unbound supports wildcards to blacklist domains and that's what I care the most about.
So a Pi with unbound then dnsmasq on my Linux desktop: this makes for very speedy lookups (as most queries are hitting the cache).
You are not required to buy their "Glasfaser Modem 2" you can buy any ONT Modem.
You are not required to use any of their equipment, they give you the data to connect via PPPOE directly.
I bought a house with FTTH in 2023 and never used any Telekom hardware. Nobody forces you to use the peer DNS. The telekom DNS isn't complying to https://cuii.info/anordnungen/ because they want to but to avoid being sued everytime some company wants to block an illegal streaming site.
For practical purposes there's the problem (at least a few years ago?) though that Akamai in particular uses DNS to steer you to the correct portion of its CDN and the default IPs returned by independent DNS resolvers tended to have relatively abysmal peering with the Telekom network that was getting completely overloaded at peak times.
Unfortunately "use <insert favourite DNS provider here> everywhere except for Akamai CDN, for which use the Telekom DNS" isn't something that consumer routers support, so you'd have to start running your own custom DNS resolver to work around that problem…
This is not true for everwhere. You can totally use your own ONT or fiber modem with DTAG.
https://kozosseg.telekom.hu/topic/40322-cloudflare-magyar-te...
https://old.reddit.com/r/programmingHungary/comments/1ngv2pt...
https://telex.hu/techtud/2024/06/21/deutsche-telekom-cloudfl...
At least they are cheap. 25€ a month for 2gbps/1gbps so I can’t complain about that
They also offer 4gbps/2gbps for 40€ but at this point I’m not even sure what to use that for (besides torrent seeding)
The DT is not doing cost neutral peeing with Cloudflare. Also the DT has no (or only one 10G NIC) at the DE-CIX.
I pay 80 EUR for 1Gbps/300mbps and it's behind GPON or if you can get more XGS-PON. Not even real ethernet. It's a shame.
I've talked to a few people (Telemach customers) who told me it happens every now and then, they call the support center that tells them to restart the modem (even if they'd done it before) and then the connection magically works at full speed again.
Could it just be that it all goes through Telekom Slovenije who does some weird load balancing? Definitely worth an investigation, but ZPS might be a better address for this than AKOS.
Article 7.2 of their terms of service https://telemach.si/download/terms/splosni-pogoji-poslovanja...
> Naročnik se obvezuje, da po priključitvi na omrežje izvajalca: > ... > * ne bo postavljal strežnikov na svoji lokaciji, razen v primeru sklenitve ustreznega dogovora z izvajalcem, > ...
It states that customers are bound not to setup servers on their internet connection point without prior aproval by the ISP. It sounds against the law to forbid this, albeit ianal.
Would you also say your mobile phone operator is violating net neutrality by putting you behind CGNAT that you can't forward arbitrary ports through? You can pay a bunch of money to get a private APN and get public IPv4 addresses. Would you call that an unblock fee?
In France, CG-NAT is getting widespread even for fixed, FTTH links. I'm typing this connected to SFR, which provides a static IPv6 /56, but IPv4 is behind CG-NAT. I can't host anything on IPv4. I think there's an option to get a fixed, internet routable address, but not on the "discount" plan I'm on. I hear you maybe can ask support to get you out of CG-NAT, but that doesn't seem very reliable.
Free (local ISP), by default, doesn't give a static IP for fiber, but you can ask for one for free through your online account page (you just need to tick a box).
There are no sane and legitimate reasons for running an SMTP server on a residential connection. Even most server providers will block it unless you give them some very good reasons.
Blocking 53 is just weird though.
There is no such thing. A connection to the internet should be equal to any other connection to the internet, modulo BGP peering. Noone has a right to dictate what services I run or don't run, what protocols I speak or don't speak, what traffic I accept or deny, but *me*. That's the whole point of being on the internet rather than Prodigy or Compuserve or something.
The physical location of that connection is irrelevant. Maybe I feel my servers are safer in a datacenter. Maybe I feel they're safer in my basement. In my case, it is very much the latter, and again, you don't get to make that call. I do.
Although the GP wrote "53/tcp" that is a weird situation, because most (not all) DNS is over UDP.
One day I suddenly found my DNS resolver logs were very active with veritable gibberish. And it seems that my router had been pwned and joined some sort of nefarious botnet.
I only found this out because I was using NextDNS at the time, and my router's own resolver was pointed there, and NextDNS was keeping meticulous, detailed logs of every query.
So I nipped it in the bud, by determining which device it was, by ruling out other devices, and by replacing the infected demon router with a safe one.
But yeah, if your 53/udp or 25/tcp is open, you can pretty much expect to join a botnet of the DNS or SMTP-spam varieties.
Restricting ports also doesn't mitigate it, as a port scanner can easily find out I'm running this or that vulnerable server software on a non-standard port.
It's none of the ISP's business to restrict the ports I should be using.
* Traffic shaping (e.g. slowing down Bittorrent traffic)
* Traffic fast lanes (pay for priority access to some content providers)
* Selective zero-rating (exclude some providers from counting towards a traffic limit)
* Artificial peering restriction (what Telekom is doing, usually via forcing content providers into paid peering agreements)
I think people should start using more specific terms that are understandable for non-technical people, because otherwise the discussion becomes confused, which helps the providers.
Lots of semi-technical people think that "violating net neutrality" refers to traffic fast lanes, because the last time this discussion entered the public was when the US social media was in uproar about FCC rules 10 years ago.
What Telekom is doing looks similar to the outside (some content providers are fast, some are not), but they can just deflect by saying that they do not intentionally throttle traffic, which is pretty much true, as they hit their physical bottlenecks. If you are knowledgable enough as a lawmaker to press them on the peering issue, they could argue that forcing peering would force them to pay rent at Internet Exchanges, just so other providers have good access. Where they also kind of have a point.
And even lots of technical people have no clue about peering, transit etc. and treat their uplink as a blackbox, a cloud in their network chart where the Internet comes out.
For the Telekom case, we would need a different legislation, for example make paid peering agreements between providers illegal or at least regulated, which would then be an incentive to be generally well-connected (free mutual peering is usually considered a win-win scenario unless you are Deutsche Telekom and can use your market power to bully other market participants into another form of rent extraction). And that means that lawmakers and the public need to understand first the specific problem we are fighting.
Realistically not going to happen, as the effort would need to be global. Like, Cogent STILL refuses to transit-free IPv6 peer with HE. https://bgp.tools/kb/partitions.
T1s are very happy where they are, and it's an exclusive club. Any attempts to tame this behavior from DTAG will also face backlash from basically all the other T1s.
The providers are then free to either move out of the EU market, or let their non-EU traffic flow via the (then likely larger) unrestricted pipes at DECIX and AMSIX. If they think that routing everything via EU is cheaper instead of just peering better in the other parts of the world to deliver traffic locally, then be it, that is their own economic freedom to decide so.
But they will realistically not do that. Also, SDNs will likely never go back to serving content in Europe from e.g. the US. Good connectivity is just generally the economically better option.
That being said, T1 companies like Deutsche Telekom who also serve a large consumer base via broadband and mobile and not just other large business networks are probably more vulnerable to such legislation than an exclusive transit provider.
Regulating peering how? Freedom of commerce is one of the core pillars of the EU. Forcing a company to do business with another company is insanity.
If DTAG doesn't want to peer with CloudFlare, you can't force them.
Legislation could focus on the following general rules, without favoring some providers over the others:
* If you participate on an IX node, there is no reasonable technical or financial reason not to peer with the other participants at that node. Of course this would also mean that participants have to be protected against price-gouging of IXs when they need to scale up their uplink for that reason.
* Alternatively, you could conditionally allow paid peering, but in that case require certain availability guarantees on your general transit connection.
* If you do not want to do business with a certain party, it should be all or nothing. Blacklist them organization-wide. No misleading to consumers that a content provider just appears slow, announce that you do not want to play with e.g. Netflix anymore and if your customers do not like it, they will switch.
* If you want to opt out of all of this regulation, you are free to run fiber yourself and just directly connect with everybody you are interested in. That is expensive? Too bad.
I don't believe that there's a single lawmaker, anywhere in the world, who understands anything about the fundamentals of IP transit. But no doubt they have ISP buddies who understand everything about it, and no doubt they'll be the ones actually writing the legislation.
And I have a feeling that as soon as that is seriously discussed, the current exploitation of market power will stop rather quickly, without any need for actual regulation.
This one I actually agree with.
They recognised where the monopoly was: the incumbent telcos with millions of customers that had to go through them to get anywhere else.
So the government insisted that such incumbents make available space in their exchanges for third parties (not for free!), and to allow their customers to use the third parties for telephone and/or internet service, rather than themselves.
A similar argument and regulation could be made today. It could only apply to ISPs with a significant number of endpoint customers. It could require that the ISP make peering available to third parties, at the third party's cost, but the resulting transit should be settlement-free. It could require that if a peer asks the ISP to upgrade, because the ISP is deliberately underprovisioning, the ISP is compelled to allow the third party to pay reasonable costs to upgrade both sides (so the ISP can't sit on its hands, can't brazen it out, and can't set an impossible price)
Mobile networks have been forced to allow roaming in other countries for a certain low fee, and that is actually enforced and has happened. It's clear the EU has no qualms about forcing companies to do business a certain way when it serves some greater interest.
Roam-like-at-home is also not a particularly good comparison here, because the the roaming fees were basically a price gouging scheme.
Don't like DTAG? You're free to switch to another ISP.
Because I don't believe it's about any additional cost -- it's only about additional revenue that could be extracted. That's a behavior you don't like to see from a state-owned ex-"Only Offer Allowed" monopolist that is still dominating the market while the government entities tasked with regulating the market are closing both eyes.
This already happens all the time, and especially in telecommunications. Interconnection is a core of telecommunications law everywhere.
Looking at this case specifically, "fast lane" is not a technical term so maybe in your mind it only means packet scheduling not refusal to upgrade capacity but that's not a universal definition.
Just nearly everybody except Telekom is doing this on a liberal and informal not-even-handshake basis. On ISP scale, you either invest in infrastructure, or pay rent for network ports or cross-links, and you generally want your traffic usage to be smooth without spikes, and also go to the destination without going through your expensive ports more than once. So general connectivity is more important than any kind of traffic metering.
This also describes transit and describes getting internet service at home. I wouldn't say my cellphone peers with my provider. My cellphone is very much subordinate to my provider, not a peer.
DT thinks it's important enough that it can extort everyone.
A good policy for ISPs is to peer as many places and networks as possible, and carry traffic between your peers and customers, and customers and customers, and transit and customers, but not between peers and peers, or peers and transit. This way one end is paying for all traffic you carry. If you are a bully, you can try to make both ends pay.
Well no. Transit means that you use another AS (usually by a larger ISP) to get connectivity to a certain AS. And as for your internet service at home, unless you announce an AS, you are not peering with anyone.
Solution: I got my Starlink. 3x speed. No crappy service. Weather independent. And surprinsingly cheaper ( 40 euros vs 45 ) .
[ as much as I do not like Musk & co, this is a real useful thing he build for the mankind - internet everywere from sattelite ]
> [ as much as I do not like Musk & co, this is a real useful thing he build for the mankind - internet everywere from sattelite ]
Right - but then you also depend on an US service here. And the USA changed policy where Europeans became enemies ("we won't give you arms to defend against Russian invaders! Greenland will be occupied by our military soon!").
It's a bad situation, lose-lose here. I don't think the price difference is the primary problem though; the behaviour of Telekom is the problem. That must change. The state has to ensure fairness rather than allow monopolies to milk The People.
The state is the monopoly here.
Telekom is still partially state-owned (~27%), since they were, back in the 90s, privatized from the former total monopoly "Deutsche Bundespost" and the related ministry "Bundespostministerium". Nowadays, the parts of the ministry that were back then regulating EM spectrum, allowable phones (basically phone police, you had to rent from Bundespost or go to jail) and generally being corrupt (relations of the former ministry to copper manufacturers is why they botched the first fibre rollouts in '95 and then ignored the topic for 20 years). Nowadays, the "Regulierungsbehoerde", staffed with the same people, is supposed to regulate their former colleagues at Telekom. Telekom got all the networks and was never split up, so it still has a (~85%?) monopoly on everything copper basically, as well as on customers, using this monopoly to bully other ISPs as well as it's own customers and extending this monopoly into future tech. And the state has a financial interest in this regulation being as lax as possible. So you can imagine how this goes...
2022 Russia controversy
In March 2022, media reported that OneWeb was scheduled to launch a batch of 36 satellites from Baikonur cosmodrome days after Russia's invasion of Ukraine. There were calls for the UK to cancel the launch. Russia said the launch had already been paid for and would not be refunded, and would be cancelled from the Russian side unless OneWeb provided additional assurance that the satellites would never be used for military purposes and the British Government disposed of its shares in the company. The British government refused this demand and the launch was cancelled, along with other Russian launches. OneWeb tried through negotiations to get the stack of 36 satellites back, stranded in Kazakhstan due to political reasons. However, these negotiations never progressed. As OneWeb was on the verge of completing its 1st generation satellite network, they gave up hope in March 2023 on further attempts to get their satellites back, potentially scrapping the batch. The satellites were insured for $50 million, and OneWeb received the insurance money for them.
https://en.wikipedia.org/wiki/Eutelsat_OneWeb#:~:text=2022%2...
They're online but unfortunately it seems they don't sell directly to consumers? So you have to find a local reseller. Sounds needlessly complicated.
Apparently Amazon's constellation should be available for consumers within the next 6 months as well. Qianfan not until next year (I didn't realize they had hit delays). So there should be direct-to-consumer Starlink alternatives SOON™.
Obviously the satellites were never modernized. But it does work, for a few thousand terminals for all of Europe with 2x to 10x the ping Starlink provides.
It's like a lot of things in the EU: on the one hand the EU absolutely requires this infrastructure, or they become dependent on foreign nations for critical infrastructure. But they won't pay. It's not even that expensive. Starlink was built with budgets that would be double-digit millions per year per EU country. But the main problem always repeats: they can't agree who gets the money/business.
If you calculate the lifespan and cost of a Starlink satellite you will come to the obvious conclusion: it will be very hard for Starlink to break even. Of course, the same can be said for most of Musk's businesses (perhaps all. I'm not actually aware of any exceptions)
don't they do local downlinks? at least for countries they have an agreement with or where the infrastructure is available?
Musk is a subject of the US president. Like all American CEO’s he has to pay his tribute and jump when the president’s law enforcement says to.
So I went to YouTube and rented Greenland (2010). It was a hoot! https://en.wikipedia.org/wiki/Greenland_(film)
I wrote "it's the second funniest rom-com I've ever seen". But seriously, it was filmed in close collaboration with the United States Air Force. (Much like Mission: Impossible was a collab between US Gov and US Mil units.)
It is kind of a fun ride if you're willing to suspend that much disbelief.
But I just found it hilarious that a pair of films named and set in Greenland should be produced in this way, while the actual country is in our news cycle now. I almost feel like it's a "PR buzz campaign".
https://www.lwlhome.de/
Last apartment I rented Telekom was the only option and that was one of the reasons why I decided to move.
Starlink I would love to try but as there's building and trees blocking the horizon it's not an option here sadly.
Then you call their customer support, tech comes out, it's not raining anymore and everything works, and the problem doesn't get fixed.
As for the starlink: I noticed that clouds or weather ( rain snow ) does not have a true effect. Must be the frequency is not absorbed by the water in the air or similar effects. Only hard blocking with construction or big canopies of trees is struggling.
Sounds like an access line issue with DSL (lol)
DSL is so old you can't even order it in Sweden anymore.
Also, the post above would be a core issue not access.
I remember having to walk to a buddies home just to check the tutorial:
https://rj.home.xs4all.nl/mxstream/
That's nothing compared to what German authorities can do to me. Germany is a country where you get police searching your home for torrenting movies or making stupid jokes on Facebook. So yeah.
Also about enshittification - one could argue that our local ISPs never left that phase to begin with.
Don't blame them for their choices. Blame Telekom and its shareholders for not being able to reliably supply broadband internet in 2026. Blame the government for not having consumer protection regarding right to internet access. But don't blame this person for just doing what is necessary for having basic internet access.
Also Vodafone outsourced their peering to a subcontractor, and doesn't do any public peering at all anymore. So I guess Telekom still isn't the worst Network at all
Just checkout DTAG's 5G network coverage on Breitbandatlas.
Also Switzerland being included is at least for me a nice perk that O2/Vodafone don't offer. But compared to other European Countries offerings it's obviously shit.
Also Fraenk is even cheaper than Congstar
They claim Telekom keeps their transit access points intentionally underdimensioned. In order to be reachable at decent speed by Telekom customers, internet services need a direct, paid contract with Telekom.
Edit: The section numbering is weird. Why does 2.2.0 come after 2.3? On my phone, don't have a good overview.
Ask the paper how many 'r's in strawberry
I don’t understand why anyone that serves the German market would use Cloudflare. Regardless of who is at fault, you are losing a lot of customers that way.
Don't know. Germans are stingy. I'm German, I live in Germany yet I don't even localize my software to German anymore because German downloads wouldn't convert in any meaningful way. (Even when I had German localization).
It's just anecdotal of course but every other dev I talked to would confirm this unless they had some very germany-specific product.
Their service is good on a technical level but they have the most aggressive and obnoxious sales reps. They scammed me twice with open lies on the phone (probably abusing also the fact that german is not my mother tongue) and had to fight for ages with their customer service later to get the issue resolved.
If you wanna go with them, buy on their website and hang up if anyone from 1und1 ever calls. They are official 1und1 reps and they will prove it you yet behave like scammers.
Yes, I have to rent a local server to proxy all my home network through it, otherwise it is unreliable or outright does not work. It is absurd.
They were the only provider that hijacked DNS lookup failures to redirect to their own page.
They're gone out of this market now, fortunately.
Though more recently they seem to have lost that protection. [3]
So if that page now deliberately uses the "Telekom color" to call out their bad behavior, that's a statement on its own.
[1] https://adage.com/article/digital/t-mobile-says-it-owns-excl...
[2] https://www.exali.de/Info-Base/magenta-markenstreit (in German)
[3] https://chiever.nl/en/blog-en/t-mobile-loses-the-protection-...
https://www.bbc.co.uk/news/uk-england-sussex-44107621
Largest economy in eu but very unstable and riddled with wierd burocracy.
Strongest worker protection, but very large amount of lobbysm.
Most advanced railway system in eu, transformed into a joke by interdiction from said lobbies.
You have to pay a "radio tax" to help funding press and keep it independent, but then fuck net neutrality.
And I could continue with more point, but I don't want to get too political.
Imagine an institution being dependent and biased in exactly the opposite way that fox news is independent and balanced. Imagine a government-independent institution where you join a controlling organ and after sworn in you are invited to 2 after-meetings at the same time. One invitation comes in a red letter the other in a blue letter. Yet everybody has to be independent because that is what it is supposed to be. Germans can be very very stubborn about that.
this is sorta incomplete and wrong but I think gets you the taste for the setup? If not complain in the replies :)
* Old Androids are not repairable because they're shit, not because a megacorp works hard to make repair impossible
* Old Androids may be hacked by a pegasus-like software (just like most new smartphones anyway), but at least the operating system does not lock you into its own closed ecosystem.
You may disagree, and correctly, because it's in part irrational, but many Europeans just dislike Apple and consider Android a more open/free ecosystem.
If you run like that it doesn't matter what phone you use and your privacy and openness arguments are moot.
Based.
Fsk Apple. Soy aah
But it's possible it's just my personal bias.
Also, what I'm not sure, I'm trying to find out, if there was a change in the last 1 or 2 decades, or was always like that. Like now, except for things like you here a siren and cars open like Moises opened the water, in many other things, seems to be not more organized that any other country. Hell, sometimes compared with Bangladesh seems to be lagging behind (point example: birth certificates)
France is certainly better
However, I remember the anecdote of how France has two different companies for the trains and trainstations. The first ordered trains which were a little bit to wide for the trainstations, due to a miss communication.
When I read about this, I thought „this could have been Germany too.“
I mean, same as in most countries taxpayers effectively sponsor government propaganda.
I get it - a 2026 "hackers" campaign for binging yt. And in case you haven't noticed: appealing to the net neutrality debate of the last millenium is meaningless with just a bunch of monopolists left on the net profitting of vast public investments. The kind of thing traditionalist "hackers" in it for social recognition would be wasting their time on.