[HN Gopher] Deutsche Telekom is throttling the internet
___________________________________________________________________
Deutsche Telekom is throttling the internet
Author : tietjens
Score : 608 points
Date : 2026-01-25 08:22 UTC (1 days ago)
(HTM) web link (netzbremse.de)
(TXT) w3m dump (netzbremse.de)
| chpatrick wrote:
| I know about this issue so it's great that something is being
| done about it, but the page really needs a text explainer instead
| of the just a video.
| dewey wrote:
| Isn't that exactly what is below the video in the "What is this
| about?" section?
| chpatrick wrote:
| That's only a very vague description.
| usr1106 wrote:
| Reading a couple of pages of the full complaint, starting from
| page 15 is surprisingly accessible (assuming German is
| accessible at all to the reader).
|
| They claim Telekom keeps their transit access points
| intentionally underdimensioned. In order to be reachable at
| decent speed by Telekom customers, internet services need a
| direct, paid contract with Telekom.
|
| Edit: The section numbering is weird. Why does 2.2.0 come after
| 2.3? On my phone, don't have a good overview.
| Dilettante_ wrote:
| >Why does 2.2.0 come after 2.3?
|
| Ask the paper how many 'r's in strawberry
| tietjens wrote:
| This is the best text explainer I have found:
| https://cyberlaw.stanford.edu/blog/2025/05/no-two-tier-inter...
| sighansen wrote:
| The only ISP I have access to is Deutsche Telekom and I often
| have problems with websites loading slowly. A few more years
| before other ISPs can provide internet in my new development
| area. I can't understand, why they are allowed to have a monopoly
| in some areas.
| zhouzhao wrote:
| >why they are allowed to have a monopoly in some areas
|
| because no other ISP can enter for a reasonable price. Germany
| should have made the infrastructure open-access for all
| providers, just like they did in Switzerland.
| anthonj wrote:
| Germany always surprise me with continuous contradiction in their
| society.
|
| Largest economy in eu but very unstable and riddled with wierd
| burocracy.
|
| Strongest worker protection, but very large amount of lobbysm.
|
| Most advanced railway system in eu, transformed into a joke by
| interdiction from said lobbies.
|
| You have to pay a "radio tax" to help funding press and keep it
| independent, but then fuck net neutrality.
|
| And I could continue with more point, but I don't want to get too
| political.
| borlox wrote:
| Do you know similarly large, democratic societies without
| contradictions?
| anthonj wrote:
| my impression is that other countries like Italy or France
| are much more consistent in what they are bad or good at.
|
| But it's possible it's just my personal bias.
| fc417fc802 wrote:
| I have the same (possibly mistaken) impression of Germany
| as an outsider. The US is also remarkably contradictory in
| its supposed values. I think it would be interesting if
| there were a semi-objective measure of this quality.
| f1shy wrote:
| Maybe that is the point. The contradiction about what you
| expect, and reality. Like in Italy is expected to go and
| find out this or that is messy. But Germany has a strong
| image of responsibility, seriousness, efficiency, etc.
| And when you see closer, is not.
|
| Also, what I'm not sure, I'm trying to find out, if there
| was a change in the last 1 or 2 decades, or was always
| like that. Like now, except for things like you here a
| siren and cars open like Moises opened the water, in many
| other things, seems to be not more organized that any
| other country. Hell, sometimes compared with Bangladesh
| seems to be lagging behind (point example: birth
| certificates)
| dgxyz wrote:
| The one that always gets me is security and privacy paranoid
| and lecture me on the Stasi and using Apple phones and how they
| aren't repairable but then goes and uses unpatched rotten old
| Android they can't fix anyway and sticks fingers in ears.
| Nearly every German I know does this and I know a lot of
| Germans as half my family is German and my ex-partner is
| German.
| integralid wrote:
| I'll bite (I'm not German but I'm close culturally):
|
| * Old Androids are not repairable because they're shit, not
| because a megacorp works hard to make repair impossible
|
| * Old Androids may be hacked by a pegasus-like software (just
| like most new smartphones anyway), but at least the operating
| system does not lock you into its own closed ecosystem.
|
| You may disagree, and correctly, because it's in part
| irrational, but many Europeans just dislike Apple and
| consider Android a more open/free ecosystem.
| ahoka wrote:
| I have bought an Android phone and I couldn't even change
| the font used or use an ad blocker on the browser it comes
| with. It comes with advertisements on the home screen and
| if I disable them half of the system functions stop
| working. Seems it's not open at all. Sent it back the next
| week. </rant>
| ThrowawayTestr wrote:
| Buy a Samsung not the cheapest possible device from a
| random Chinese seller
| dgxyz wrote:
| I'd believe there was some truth in that if they used any
| open apps but they just lock themselves into Google's
| ecosystem instead. All their data is siloed in some US
| cloud.
|
| If you run like that it doesn't matter what phone you use
| and your privacy and openness arguments are moot.
| kuschku wrote:
| But people don't use the Google cloud offerings that
| much, because they're far too expensive anyway :P
| heraldgeezer wrote:
| >unpatched rotten old Android
|
| Based.
|
| Fsk Apple. Soy aah
| ekianjo wrote:
| > Most advanced railway system in eu
|
| France is certainly better
| direwolf20 wrote:
| I believe Germany's is much more interconnected while
| France's mostly goes from Paris to other places. Mesh versus
| star topology.
| hdgvhicv wrote:
| That's be a use Germany economy is far more distributed (5
| or so economic centres) across the country where as
| counties like France and U.K. have one centre, and places
| like Spain and Italy two (Madrid/Barca and Rome/Milan)
| SvenL wrote:
| Yes, as a German I can agree.
|
| However, I remember the anecdote of how France has two
| different companies for the trains and trainstations. The
| first ordered trains which were a little bit to wide for the
| trainstations, due to a miss communication.
|
| When I read about this, I thought ,,this could have been
| Germany too."
| f1shy wrote:
| In fact German ICEs are limited in speed in Germany because
| of the rails, when they cross to France go faster.
| hermanzegerman wrote:
| Certainly not. Nobody wants to book his train 2 weeks in
| advance to reserve a seat, because otherwise it's "sold out".
| Also Commuter Rail (TER) is a total Joke outside of Ile-de-
| France. Sometimes also even with mandatory reservation. I
| think SNCF confuses itself with an Airline
| blkhawk wrote:
| Some of these contradictions are fractal - i.e. contradictions
| all the way down :) For example the independent Radio and TV
| isn't that independent actually but in practice is. Partially
| this is because of the insecurities of the times these
| institutions were setup in making people in power unsure about
| true independence - so they wanted a control mechanism. The end
| result is an institution that is deeply coupled into the
| government but that has at the same time to pretend to be
| independent to such a degree most people inside it just act
| that way and its output is sorta neutral except in very slight
| tonal shift ways and in some individual cases. instances that
| are very German-culturally local? This is very hard to explain
| correctly but easy to just explain it wrongly - Let me do that
| now and translate it to American.
|
| Imagine an institution being dependent and biased in exactly
| the opposite way that fox news is independent and balanced.
| Imagine a government-independent institution where you join a
| controlling organ and after sworn in you are invited to 2
| after-meetings at the same time. One invitation comes in a red
| letter the other in a blue letter. Yet everybody has to be
| independent because that is what it is supposed to be. Germans
| can be very very stubborn about that.
|
| this is sorta incomplete and wrong but I think gets you the
| taste for the setup? If not complain in the replies :)
| cardanome wrote:
| It is independent in the sense of not being partial to any
| specific political party. Still the media is very biased
| towards the status quo and the state. For example you will
| not find any serious criticism of Israel in any public or
| private mainstream media in Germany.
| u8080 wrote:
| >You have to pay a "radio tax" to help funding press
|
| I mean, same as in most countries taxpayers effectively sponsor
| government propaganda.
| tannhaeuser wrote:
| Complaining about net neutrality in 2026 with yt videos. What a
| joke by pseudo-"hackers."
| dewey wrote:
| It's called being pragmatic, are you going to sponsor the
| bandwidth needed so it can be hosted on a sustainable indie
| server?
| 6r17 wrote:
| please. I don't understand how the fuck we still don't have
| p2p social networks and private sharing groups. The amount of
| possibilities to f* up any kind of control are massive - it's
| just that we end up writing some convoluted distributed
| mainframe when all people need is p2prss.
| egeozcan wrote:
| In life, you have to pick your battles.
| ccozan wrote:
| Telekom is well known for the crappy service - but they have a de
| facto monopoly. For example, when it rains, the line goes down
| where I live.
|
| Solution: I got my Starlink. 3x speed. No crappy service. Weather
| independent. And surprinsingly cheaper ( 40 euros vs 45 ) .
|
| [ as much as I do not like Musk & co, this is a real useful thing
| he build for the mankind - internet everywere from sattelite ]
| heraldgeezer wrote:
| >For example, when it rains, the line goes down where I live.
|
| Sounds like an access line issue with DSL (lol)
|
| DSL is so old you can't even order it in Sweden anymore.
|
| Also, the post above would be a core issue not access.
| blauditore wrote:
| Excuse me, I remember when DSL was the latest and greatest,
| it can't possibly be this old. :')
| jillesvangurp wrote:
| That would be ~25 years ago. I remember getting my first
| ADSL connection around 2000 in the Netherlands when that
| stuff was still very new.
| retired wrote:
| KPN MXstream! Thanks for making me feel old. I got
| flashbacks of spending multiple evenings configuring PPTP
| in Linux without being able to access the internet just
| to get internet access.
|
| I remember having to walk to a buddies home just to check
| the tutorial:
|
| https://rj.home.xs4all.nl/mxstream/
| heraldgeezer wrote:
| I mean yes me too, but that was in 2005. I feel like
| "everyone" got fibre here 10 years ago and if not there is
| 4/5G mobile broadband.
| kybernetyk wrote:
| I'm glad Vodafone is available where I live. They're not better
| but at least they're an alternative. Also Telekom manages only
| to deliver 250mbit/s while Vodafone gets 1gbit/s.
|
| Last apartment I rented Telekom was the only option and that
| was one of the reasons why I decided to move.
|
| Starlink I would love to try but as there's building and trees
| blocking the horizon it's not an option here sadly.
| direwolf20 wrote:
| Vodafone seems also terrible, but maybe better than DT?
| preya2k wrote:
| Not an alternative anymore. Vodafone started doing the same
| shit with their peering at the end of last year.
| ThatMedicIsASpy wrote:
| Both throttle in my area unless we vpn so I just share a vpn
| with a friend to fix it.
| trinix912 wrote:
| Except that with Telekom they answer to the German courts which
| might eventually force them to stop doing this but with
| Starlink you're at the mercy of some dudes halfway across the
| globe. If/when Starlink reaches the enshittification phase,
| there will be very little in the way.
| blauditore wrote:
| The bright side of this is that there is at least some sort
| of competition, since they operate on very different
| infrastucture. This is the free market premise on how quality
| and price should improve. Reality is often different though,
| because most customers are not really comparing and/or voting
| with their feet.
| kybernetyk wrote:
| Meh, the threat vector to me as a resident of Germany is the
| German government - not some dude at the other end of the
| world. What is Musk going to do? Ban me from Twitter? Not
| sell me a Tesla?
|
| That's nothing compared to what German authorities can do to
| me. Germany is a country where you get police searching your
| home for torrenting movies or making stupid jokes on
| Facebook. So yeah.
|
| Also about enshittification - one could argue that our local
| ISPs never left that phase to begin with.
| zelphirkalt wrote:
| He could just turn off Starlink in Germany. And yes, German
| ISPs suck donkey ass.
| amelius wrote:
| He could sell information about which websites you visit.
| ThrowawayTestr wrote:
| So can every website with a tracking cookie
| amelius wrote:
| Only for that website.
| carlosjobim wrote:
| German courts are expected to be much more hostile towards
| German citizens than any foreign powers or individuals.
| shevy-java wrote:
| > And surprinsingly cheaper ( 40 euros vs 45 ) .
|
| > [ as much as I do not like Musk & co, this is a real useful
| thing he build for the mankind - internet everywere from
| sattelite ]
|
| Right - but then you also depend on an US service here. And the
| USA changed policy where Europeans became enemies ("we won't
| give you arms to defend against Russian invaders! Greenland
| will be occupied by our military soon!").
|
| It's a bad situation, lose-lose here. I don't think the price
| difference is the primary problem though; the behaviour of
| Telekom is the problem. That must change. The state has to
| ensure fairness rather than allow monopolies to milk The
| People.
| em-bee wrote:
| are all starlink connections routed through the US?
|
| don't they do local downlinks? at least for countries they
| have an agreement with or where the infrastructure is
| available?
| lucianbr wrote:
| What does it matter where they are routed through? You
| think your Starlink service in Germany is beyond the
| control of Musk or the US government?
| direwolf20 wrote:
| I think Musk cares about revenue more than pissing off
| some random customer in Germany. As long as you don't
| stand out from the crowd, he'd rather have your $40. Use
| a VPN to be sure.
| hdgvhicv wrote:
| Until the us government says to withhold service or to
| tap the line.
|
| Musk is a subject of the US president. Like all American
| CEO's he has to pay his tribute and jump when the
| president's law enforcement says to.
| direwolf20 wrote:
| If you don't stand out, and use a VPN, they can get
| nothing. If they cut your service, well, you can switch
| back to DT, crap as it is.
| em-bee wrote:
| i misread the parent. i read it as depending on the US
| internet but they meant depending on US regulations. so
| yes, it doesn't matter for the latter.
| formerly_proven wrote:
| Who owns and controls starlink? A local downlink dish or a
| US defense contractor?
| ccozan wrote:
| No. My endpoint is in Berlin. Which implies there is a EU
| based major downlink somewhere.
| fc417fc802 wrote:
| The best solution here would probably be the EU launching its
| own internet constellation. China and the US both have them.
| How is this any different than the issues surrounding GPS?
| spwa4 wrote:
| The EU did do that, decades ago. The problem is that it
| requires constant investment. It's not profitable. The
| governments helped build it, abandoned the companies until
| they went bankrupt, rescued them (they're not actually
| insane enough to just abandon working satellites),
| privatized them, they went bankrupt, ...
|
| Obviously the satellites were never modernized. But it does
| work, for a few thousand terminals for all of Europe with
| 2x to 10x the ping Starlink provides.
|
| It's like a lot of things in the EU: on the one hand the EU
| _absolutely_ requires this infrastructure, or they become
| dependent on foreign nations for critical infrastructure.
| But they won 't pay. It's not even that expensive. Starlink
| was built with budgets that would be double-digit millions
| per year per EU country. But the main problem always
| repeats: they can't agree who gets the money/business.
|
| If you calculate the lifespan and cost of a Starlink
| satellite you will come to the obvious conclusion: it will
| be _very_ hard for Starlink to break even. Of course, the
| same can be said for most of Musk 's businesses (perhaps
| all. I'm not actually aware of any exceptions)
| Dylan16807 wrote:
| > If you calculate the lifespan and cost of a Starlink
| satellite you will come to the obvious conclusion: it
| will be very hard for Starlink to break even.
|
| We don't have up to date revenue numbers but let's look
| at spending $5B a year on sattelite launches. That's
| probably around half their current revenue, and they're
| gaining customers quickly. They're doing about 100
| launches a year, and each launch is about 30 $1M
| satellites and $15M of rocket. That fits into the budget.
|
| And for just _maintaining_ the constellation they could
| cut the number of launches in half.
| ccozan wrote:
| Well there is one : Eutelsat OneWeb
| fc417fc802 wrote:
| Huh TIL. What a troubled history. Bankruptcy shortly
| following launch of the initial batch, then in 2022
| Russia stole the launch fee and a stack of 36 satellites
| from them.
|
| They're online but unfortunately it seems they don't sell
| directly to consumers? So you have to find a local
| reseller. Sounds needlessly complicated.
|
| Apparently Amazon's constellation should be available for
| consumers within the next 6 months as well. Qianfan not
| until next year (I didn't realize they had hit delays).
| So there should be direct-to-consumer Starlink
| alternatives SOON(tm).
| ccozan wrote:
| But honestly is like a movie or what? we have Musk, Bezos
| and Xi. Hard to choose. We need netral or less
| controversial player.
| rrr_oh_man wrote:
| For the curious:
|
| 2022 Russia controversy
|
| In March 2022, media reported that OneWeb was scheduled
| to launch a batch of 36 satellites from Baikonur
| cosmodrome days after Russia's invasion of Ukraine. There
| were calls for the UK to cancel the launch. Russia said
| the launch had already been paid for and would not be
| refunded, and would be cancelled from the Russian side
| unless OneWeb provided additional assurance that the
| satellites would never be used for military purposes and
| the British Government disposed of its shares in the
| company. The British government refused this demand and
| the launch was cancelled, along with other Russian
| launches. OneWeb tried through negotiations to get the
| stack of 36 satellites back, stranded in Kazakhstan due
| to political reasons. However, these negotiations never
| progressed. As OneWeb was on the verge of completing its
| 1st generation satellite network, they gave up hope in
| March 2023 on further attempts to get their satellites
| back, potentially scrapping the batch. The satellites
| were insured for $50 million, and OneWeb received the
| insurance money for them.
|
| https://en.wikipedia.org/wiki/Eutelsat_OneWeb#:~:text=202
| 2%2...
| retired wrote:
| A better solution is guaranteed broadband internet for all
| people living in Germany. With heavy fines if ISPs can't
| deliver that.
| throwaway140126 wrote:
| Well, you have a point but on the other side since about 20
| years the Telekom does not even think about improving the
| internet connection in the place I live. At some point you're
| just fed up. To me it seems like they just do not care about
| providing a good service and even if they would now provide a
| good service I would be more willing to give my money someone
| else.
| holowoodman wrote:
| > he behaviour of Telekom is the problem. That must change.
| The state has to ensure fairness rather than allow monopolies
| to milk The People.
|
| The state is the monopoly here.
|
| Telekom is still partially state-owned (~27%), since they
| were, back in the 90s, privatized from the former total
| monopoly "Deutsche Bundespost" and the related ministry
| "Bundespostministerium". Nowadays, the parts of the ministry
| that were back then regulating EM spectrum, allowable phones
| (basically phone police, you had to rent from Bundespost or
| go to jail) and generally being corrupt (relations of the
| former ministry to copper manufacturers is why they botched
| the first fibre rollouts in '95 and then ignored the topic
| for 20 years). Nowadays, the "Regulierungsbehoerde", staffed
| with the same people, is supposed to regulate their former
| colleagues at Telekom. Telekom got all the networks and was
| never split up, so it still has a (~85%?) monopoly on
| everything copper basically, as well as on customers, using
| this monopoly to bully other ISPs as well as it's own
| customers and extending this monopoly into future tech. And
| the state has a financial interest in this regulation being
| as lax as possible. So you can imagine how this goes...
| avra wrote:
| How can a satellite connection be more weather independent than
| a landline? Not questioning your statement. Just wondering what
| could be the reason. A segment with a long distance directional
| antenna?
| Doohickey-d wrote:
| With ADSL: broken waterproofing somewhere along the line,
| water gets into the cables or connections == broken while
| it's raining.
|
| Then you call their customer support, tech comes out, it's
| not raining anymore and everything works, and the problem
| doesn't get fixed.
| ccozan wrote:
| Exactly what I am suspecting! I called so many times:
| nothing found all works as expected.
|
| As for the starlink: I noticed that clouds or weather (
| rain snow ) does not have a true effect. Must be the
| frequency is not absorbed by the water in the air or
| similar effects. Only hard blocking with construction or
| big canopies of trees is struggling.
| attendant3446 wrote:
| My experience was slightly different. I mean, yes, there pretty
| much no 'non crappy' German internet providers, but nothing was
| as bad as Vodafone.
| cyberpunk wrote:
| Telefonica enters the chat.w
| ThatMedicIsASpy wrote:
| Not true.
|
| https://www.lwlhome.de/
| ccozan wrote:
| same as https://www.m-net.de/ Advantage over telekom: they
| own the city and the can lay fiber whereever they want
| without state intervention.
| juliangmp wrote:
| Thats cool and all but the majority of the country still
| has one, or at most two choices :/
| attendant3446 wrote:
| I didn't say there are none at all. And I've heard that
| internet from small internet providers can actually be
| good.
|
| But after living in 3 different apartments there, I never
| had a luxury to be able to connect the internet from a
| small provider. Their coverage is very, very limited. So it
| always was Telekom/Vodafone/o2.
| ThatMedicIsASpy wrote:
| Depending on the age of Starlink you could add 10-30 to the
| bill for its power consumption.
| pona-a wrote:
| I don't have think this is sustainable. There can physically be
| only so many satellites before we reach Kessler syndrome. The
| costs will rise as the quality of service falls, and there
| market for alternative land-based ISPs will not have developed.
| Fnoord wrote:
| > Telekom is well known for the crappy service - but they have
| a de facto monopoly. For example, when it rains, the line goes
| down where I live.
|
| Haha, I used to have that as well when tech swapped from ADSL2
| to VDSL2 (IIRC skipped out on VDSL1), except then the line
| wasn't down, I'd have severe packet loss (which resulted in lag
| in gaming, and disconnects). So they blamed our inner house's
| phone lines. Then some dude came, checked everything in the
| house, and couldn't find the issue. I said of course not, it
| isn't raining.
|
| After it got escalated further it turned out it was rotten
| equipment at the DSLAM. They replaced it and boom, problem was
| gone.
|
| No hair on my head (and I ain't bald _knock on wood_ ) wants to
| have all my internet traffic first routed through an American
| neonazi, but if the choice is nothing (or something severely
| broken) or that, I can see where you are coming from. Whereas I
| can pick between FttH (XGS-PON), DSL (VDSL2), or cable. With
| the latter two being fiber up till a few hunderd meters to my
| house (I know where both PoPs physically are in the
| neighborhood, as I have seen technicians on both places). The
| fiber one is further away, and larger (for more households),
| but that is OK. It can handle that much distance. Technician
| showed me a photo from his smartphone when my fiber got down
| due to specifically my fiber connectivity destroyed at the PoP.
| That was a lot of fiber I saw. Good cable management though.
| ccozan wrote:
| It was a busines decision for me: being in customer meetings
| and suddenly dropping out was unacceptable. Or not being able
| to access critical data. Vodafone LTA coverage is average at
| best and data is severily limited ( 15 GBs ). Really out of
| options here!!
|
| While I chuckled at "American neonazi", the company SpaceX is
| doing great things.
| haunter wrote:
| Not sure it's the same issue but in Hungary they (DT) refuse to
| use/pay Cloudflare so in peak hours every single site outside the
| country loads incredibly slow because of the constant re-routing.
| Everything has to go through Frankfurt even though CF would have
| alternate direct routes
|
| https://kozosseg.telekom.hu/topic/40322-cloudflare-magyar-te...
|
| https://old.reddit.com/r/programmingHungary/comments/1ngv2pt...
|
| https://telex.hu/techtud/2024/06/21/deutsche-telekom-cloudfl...
|
| At least they are cheap. 25EUR a month for 2gbps/1gbps so I can't
| complain about that
|
| They also offer 4gbps/2gbps for 40EUR but at this point I'm not
| even sure what to use that for (besides torrent seeding)
| zhouzhao wrote:
| It's similar.
|
| The DT is not doing cost neutral peeing with Cloudflare. Also
| the DT has no (or only one 10G NIC) at the DE-CIX.
|
| I pay 80 EUR for 1Gbps/300mbps and it's behind GPON or if you
| can get more XGS-PON. Not even real ethernet. It's a shame.
| RHab wrote:
| I just ended my contract with them. I could not reach my own
| raspberry pi Homepage which uses cloudflare. They called me and
| asked why I ended the contract, I told them about cloudflare, but
| that my cancellation is final, and magically my Homepage now
| works again!
| usr1106 wrote:
| 237 pages, wow...
| dzogchen wrote:
| I unfortunetely have Deutsche Telekom as my ISP and I can confirm
| that in the evening websites that use Cloudflare have a latency
| of one minute or simply do not load at all.
|
| I don't understand why anyone that serves the German market would
| use Cloudflare. Regardless of who is at fault, you are losing a
| lot of customers that way.
| kybernetyk wrote:
| >Regardless of who is at fault, you are losing a lot of
| customers that way.
|
| Don't know. Germans are stingy. I'm German, I live in Germany
| yet I don't even localize my software to German anymore because
| German downloads wouldn't convert in any meaningful way. (Even
| when I had German localization).
|
| It's just anecdotal of course but every other dev I talked to
| would confirm this unless they had some very germany-specific
| product.
| stanac wrote:
| One minute latency? Sound like worse experience than dial-up.
| lwde wrote:
| Just switch to 1und1 with good peering (:
| the8472 wrote:
| Do 1&1 customers get CGNAT or a native v4 address? I have had
| issues with the AFTR's port mapping tables running full when
| I was on Unitymedia coax.
| xioxox wrote:
| I get proper IPV4 and IPV6 addresses with Easybell on VDSL.
| I've been with them a long time and they've been pretty
| good.
| arximboldi wrote:
| They switched me to CGNAT in my last speed upgrade, but I
| wrote to them about it and they moved me to native v4
| straight away.
|
| Their service is good on a technical level but they have
| the most aggressive and obnoxious sales reps. They scammed
| me twice with open lies on the phone (probably abusing also
| the fact that german is not my mother tongue) and had to
| fight for ages with their customer service later to get the
| issue resolved.
|
| If you wanna go with them, buy on their website and hang up
| if anyone from 1und1 ever calls. They are official 1und1
| reps and they will prove it you yet behave like scammers.
| heraldgeezer wrote:
| ??? Yes its called peering agreements
| direwolf20 wrote:
| DT famously does not use them. They prefer to shut down their
| peers to make them become customers or fuck off, and by doing
| so, deliver crappy service to everyone and lose customers,
| except they have a monopoly so they don't lose as many
| customers as they should.
| brynx97 wrote:
| We have many BGP workarounds to avoid interconnection points
| with some of our tier 1 providers and DT because as our
| providers tell us, discussions with DT to add capacity are a
| non-starter. We've been relatively stable through a tier 2
| provider through Lumen to DT though... for now. Very similar
| to Cogent in some regions.
| tannhaeuser wrote:
| Why are you leading your visitors to your channel on a monopolist
| site? To bring ad revenue? There's no need for video for your
| type of content in the first place.
|
| I get it - a 2026 "hackers" campaign for binging yt. And in case
| you haven't noticed: appealing to the net neutrality debate of
| the last millenium is meaningless with just a bunch of
| monopolists left on the net profitting of vast public
| investments. The kind of thing traditionalist "hackers" in it for
| social recognition would be wasting their time on.
| trinix912 wrote:
| Because they're betting on the video finding its way onto
| people's feed, thus raising awareness among non-techy people.
| Hard to do that with a random website.
| shevy-java wrote:
| The laws should be changed. Corporate overlords thinking they can
| milk citizens should have mandatory jail times - something
| reasonable like a full decade or so. That way their'll behaviour
| would quickly change too and they'd have to stop those "we can
| slow them down and they can not do anything about it"
| shenanigans.
| madduci wrote:
| I own a FTTH connection to Telekom since 2018, as the only
| provider in my street, allowed to install an internet connection
| (only glass fiber).
|
| Since then, I have always used my own device and I maintain a
| GitHub Snippet in how to connect OpenWRT modem (and by extension,
| any other modem that supports pppoe), rather than their Huawei
| SpeedPort crap or the more expensive Fritz Box). Link to Gist :
| https://gist.github.com/madduci/8b8637b922e433d617261373220b...
|
| I use PiHole in my own network, circumnavigating the DNS
| limitations, using Quad9 as my main DNS provider, but Unbound is
| on my to-do list.
|
| The most concerning limitation in the German market is the
| unavailability of native Glass Fiber modems, that can accept as
| input a Glass Fiber connection: at the moment, providers install
| their own Glass Fiber modem. Without it, you can't actually have
| an internet connection at home
| retired wrote:
| Is it possible to use a media converter from glass fiber to
| RJ45/Ethernet? Those are commonly available and then you can
| use whatever modem/router you like.
| progbits wrote:
| They most likely use GPON so the optic is going to see return
| traffic for your neighbors. So they make it hard (but not
| impossible) to bring your own optic or media converter.
| vladvasiliu wrote:
| AFAIK GPON uses encryption, so you actually get the traffic
| intended for all your neighbors but can't do anything with
| it. If you bring your own converter, you wouldn't be able
| to handle your own traffic either.
| progbits wrote:
| Usually yes, but it depends:
| https://pierrekim.github.io/blog/2016-11-01-gpon-ftth-
| networ...
|
| Also the authentication might rely on weak secrets. I
| know my ISP provided FTTH router has a six letter
| password and a guessable username (derived from my last
| name), and I can't change either.
|
| Though the research is quite old now. Couldn't find
| anything recent specifically for DT.
| zhouzhao wrote:
| You can bring your own modem. You just have to register it.
| madduci wrote:
| But how? There is no information about it, which means,
| it can't be done without any form of reverse engineering
| zhouzhao wrote:
| At least for Germany, you can buy the Digitalisierungsbox
| Glasfasermodem or any other modem. You just have to
| register it with the DTAG via their hotline.
| madduci wrote:
| This is new to me, i didn't know it was possible now
| nandomrumber wrote:
| You'd need to be able to replicate whatever configuration the
| ISP provided device has, and they won't give you that.
|
| FTTH here in Australia is the same, you're stuck using the
| network providers device, which just provides an Ethernet
| port, and a POTS port if you're in to that sort of thing,
| with your LAN device connected behind it.
|
| There was fierce lobbying back in the day (shout out to Simon
| Hackett / Internode) for our national broadband network to be
| simple dark fibre and that ISPs could build on top of that to
| provide innovation and differentiation.
|
| Instead what we got was a bunch of ISPs that resell the
| National Broadband Network's expensive wholesale plans with
| little in the way of either differentiation or innovation.
|
| Edit to add: what the sibling comments said too.
| retired wrote:
| Thanks. I have an ISP provided media converter with my own
| router behind that, using the correct VLAN was enough to
| get it working. I thought those media converters were
| pretty dumb devices but it seems they are not.
| DannyBee wrote:
| They are not dumb but are very standardized. Unless they
| are issuing and verifying device certs you can almost
| certainly use your own PON equipment with very little
| effort.
|
| If they are using certs youd have to extract it. The vast
| majority of ISPs don't bother or care.
| Youden wrote:
| FWIW, the incumbent ISP in Switzerland, Swisscom, tried to
| roll out XGS-PON but our "Internode", Init7, fought them in
| court on the grounds that it was anticompetitive, since it
| locks every provider into a single technology. They won.
|
| Now customers can choose. Nearly every ISP chooses the easy
| way and has the customer connect through Swisscom's XGS-PON
| but Init7 in particular has instead built out their own
| routers in POPs around Switzerland so that customers can
| have a physical fibre directly to their network. It's just
| plain ethernet with DHCP so you can use whatever equipment
| you want. It's also allowed Init7 to do something none of
| the other providers can do: offer 25Gbps symmetric service
| at no extra cost (beyond a one-off installation cost for
| the more expensive SFP modules).
| Namidairo wrote:
| If I recall, for something like GPON or XGS-PON, you end up
| having to clone the various attributes of the original for it
| to work properly. This typically includes serial number,
| hardware id, firmware identifiers, etc.
| retired wrote:
| Question out of curiosity. I once swapped a TPLink media
| converter between two homes, both using the same ISP, to
| debug internet issues and to see if that would improve the
| situation. Did I do something incredibly illegal? And did
| my ISP get confused seeing my media converter on the other
| side of town?
| fc417fc802 wrote:
| Illegal? No, at least not in any sane jurisdiction. It's
| no different than moving a SIM card between phones.
|
| Confused? Maybe but probably not. It depends on how they
| track things. An ISP I had in the past tagged subscriber
| accounts on the OLT side.
| direwolf20 wrote:
| This wouldn't be criminally illegal anywhere unless done
| with some sort of fraudulent intent, but maybe in some
| places the ISP could make you swap them back.
| ewoodrich wrote:
| When I was a kid I used to pack my house's cable modem in
| a backback and bring it to my friend's house a couple
| miles away when I'd visit to play Xbox Live. My dad had a
| back-up dial-up connection for emails and mom didn't use
| the internet very much so usually wouldn't mind unless he
| needed to work. I remember this working at greater
| distances in other places occasionally too.
|
| Earlier, in the dial-up era, my dad didn't feel like
| paying for internet at home and work, so after school I
| would call his office and ask his secretary if he had
| left for his evening meetings yet. If so, she'd
| disconnect his dial-up connection and I'd get a couple
| hours to myself after school.
|
| We didn't have two phone lines at home so I'm not sure
| what happened if he needed it unexpectedly. I think he
| also had a by-the-minute service as a backup or maybe his
| partner in the office had a separate plan? This was all
| done under agreed rules I only vaguely remember so must
| not have been a frequent problem.
|
| Always funny to think back to that era when internet
| wasn't assumed to be a 24/7 thing and losing internet for
| a day wasn't the end of the world...
| DannyBee wrote:
| For most it is just serial number. The 8311 folks have
| scripts that will fully automate the cloning for most
| common devices. This is not like a "break open your
| hardware and attach wires" type thing.
|
| There are some ISPs issuing and verifying certs for GPON,
| which are more annoying to extract. I'm not aware of anyone
| (even those same ISPs) doing it for XGS-PON. It seems they
| all decided maintainimg their own CA infrastructure for
| millions of customers was not worth it ;)
| vladvasiliu wrote:
| I don't know if it's the case in Germany, but here in France
| consumer FTTH networks are of the GPON persuasion. These need
| to handle encryption and be able to properly register on the
| tree, so I'm not _completely_ shocked they require some form
| of ISP-provided device to terminate the fiber connection.
|
| There's also a EU law which says that users should be able to
| bring their own modems / routers, so AFAIK providers say that
| this particular terminal device is still "on their side of
| the network".
|
| I've seen such devices come in two varieties.
|
| One is a separate device which plugs on the optical network,
| does the encryption and stuff, and then exposes an ethernet
| port which is connected to the actual router which does wifi,
| etc. With SFR and Bouygues, it was trivial [0] to replace the
| ISP-provided router with one of your choosing. You get the
| normal external IPs and you do your thing. The ISP router
| sleeps in its box in storage. This was my setup up until a
| few years ago, with both these providers. Now SFR has moved
| to CGNAT, but the setup is the same, so I expect users to
| still be able to switch routers (but I haven't tested, since
| I'm not a client anymore).
|
| Then there's Free, who provides a single device that connects
| to the fiber, does routing, wifi, etc. In this case, it's
| possible to flip a switch in its settings for it to act as a
| bridge (don't know how wifi behaves in this case, if it stays
| on). It then only accepts a single downstream client, which
| gets the external IP. SFR had a similar setup for DOCSIS.
|
| I'm not familiar with how Orange, the biggest operator,
| functions. But I understand they have a general tendency to
| be a PITA so YMMV with them.
|
| ---
|
| [0] For Bouygues, this device only talked on a tagged VLAN100
| for some reason. On the SFR, the network expected you to send
| a client id in the DHCP request.
| B1FIDO wrote:
| The term you're looking for is "demarc" or:
| https://en.wikipedia.org/wiki/Demarcation_point
|
| This is the physical boundary of a network, in
| telecommunications. This is the junction where the service
| provider can point and say "that's our equipment on this
| side". So it helps to narrow down the troubleshooting.
|
| Often, if you have a telephone landline, you will see your
| demarc take the form of a gray RJ11 box with a small self-
| plug in it. It would be common practice to plug a phone
| into that box directly, then you've eliminated the "inside
| wiring" in the house.
| DannyBee wrote:
| The 8311 discord is a great source of technical info and
| help on using your own PON equipment of various sorts with
| providers
| vladvasiliu wrote:
| I've seen things about this, but I'm not convinced
| there's enough value in going to great lengths to replace
| that particular piece of equipment.
|
| In the case where the terminating equipment is a small
| box that exposes ethernet, with no routing or otherwise
| interfering the function of my own router, I think it's
| good enough. An argument could be made for the all-in-one
| devices, like saving some power.
|
| I get the geek factor, and it's one of the reasons why I
| run my own router, but for this specific bit, which needs
| to be fairly well integrated with the ISP's network,
| combined with their usual abysmal support, I think it's a
| better bet to just leave it alone.
| namibj wrote:
| For me the issue would be that they mandate the user
| traffic to be vlan tagged but their modem only exports
| 1000BASE-T so it's physically impossible for me to get
| the full gigabit of Internet they sold me.
| fL0per wrote:
| They most probably sold you 'up to 1 Gb' bandwidth, not
| just '1 Gb'. Overhead is about the same in these cases.
| Your losses are negligible. It's more painful having 4-5
| (on worst time periods/peers) or 6-7 (on best) of the 'up
| to 10 Gb' (clearly sold as such) fiber access I have.
| fL0per wrote:
| > _I 'm not familiar with how Orange, the biggest operator,
| functions. But I understand they have a general tendency to
| be a PITA so YMMV with them._
|
| I can only attest how they work here in Spain: They're not
| the best in terms of the 'openness' of their hardware: (in
| Spanish, feel free to us a translator)
| https://bandaancha.eu/articulos/router-pone-orange-
| jazztel-s...
| viceconsole wrote:
| Can confirm you can still replace the ISP provided router
| from SFR with your own, even if you're on IPv4 CGNAT in
| France. You do still need to configure the DHCP client ID.
|
| My connection has been very reliable since ditching the SFR
| box. My own router plugs into the separate ONT.
|
| SFR also offers good IPv6 support.
| DannyBee wrote:
| Yes, with right kind of PON SFP stick this is possible.
|
| Most kinds of PON sticks are still in the $150-300 range
| though for XGS-PON
|
| (I use an XGS-PON stick with AT&T instead of their modem)
| fc417fc802 wrote:
| > providers install their own Glass Fiber modem
|
| It's the same in the US. The ISP fiber network falls inside
| their security boundary in my experience - you can't BYOD. They
| install a modem (these days often including an integrated
| router, switch, and AP) and you receive either ethernet or wifi
| from them.
|
| I think the only major change in that regard has been that
| coaxial cable providers here will often let you bring your own
| docsis modem these days.
|
| I never found any of this concerning until quite recently. With
| the advent of ISPs providing public wifi service out of
| consumer endpoints as well as wifi based radar I'm no longer
| comfortable having vendor controlled wireless equipment in my
| home.
| Semaphor wrote:
| I don't have fiber access, but at least for cable, my
| provider (formerly Kabel Deutschland, now Vodafone) allows me
| to put the modem/router into "modem only" mode, which then
| allows me to use my own router. Outside of Fritzbox (which is
| again a whole integrated thing; with questionable features)
| there aren't many DOCSIS modems freely available, and the no-
| name china devices don't seem much better than my Vodafone
| Box.
| NekkoDroid wrote:
| > allows me to put the modem/router into "modem only" mode,
| which then allows me to use my own router.
|
| Telekom Speedports also have a modem only mode (the ones
| for non-fiber, dunno about the ones for fiber, but it
| looked like those are only modems and not a router as
| well). I don't make use of it since I manage the wifi for
| my family, but I do know it exists.
| hdgvhicv wrote:
| In the U.K. you get a PON which gives you a cat5 gig or mgig
| port, you then connect your router and pppoe to your ISP.
| Most ISPs offer a managed router but the ISPs I've chosen
| have always allowed the pppoe option.
| fc417fc802 wrote:
| Same thing here except when they last upgraded the ONT I
| had to turn PPPoE off - it's just plain old ethernet
| service now. But the ONT seems to be performing the
| equivalent authentication role from what I was able to
| gather by shoulder surfing the tech.
|
| They had to start offering routers that integrate the ONT
| because the common consumer gear is 1G or 2.5G ethernet but
| they sell up to 10G service here.
| monsieurbanana wrote:
| Faraday fabric is inexpensive, you can use ethernet to your
| own router and wrap the isp's in it.
| kevin_thibedeau wrote:
| I have fiber in the US with just a plain ONT. Still CGNAT but
| I control my network. My former cable ISP permitted customer
| modems. It is becoming a challenge to find cable modems
| without router+wifi.
| verall wrote:
| US ftth in my experience (att + gfiber) are ONT and
| router/wap as separate boxes and you are free to byo
| routerbox but have to use their ONT.
| amluto wrote:
| Supposedly some of the major US providers (at least AT&T)
| have dropped a bunch of the obnoxious, ineffectual security
| stuff in the XGS-PON networks. There are plenty of reports
| online of people quite successfully running an entirely
| third-party stacks using adorable SFP+-format ONTs without
| anything that would credibly be called hacking.
| juliangmp wrote:
| > The most concerning limitation in the German market is the
| unavailability of native Glass Fiber modems, that can accept as
| input a Glass Fiber connection: at the moment, providers
| install their own Glass Fiber modem.
|
| Im actually quite okay with that. Why should I have to pay for
| specialized hardware that won't be usable if I move and the new
| apartment uses DSL or docsis. Give me an rj45 (or sfp for some
| fiber connections) and let me put whatever Router I want behind
| it.
| MarkusWandel wrote:
| The "glass fiber modem" is an inherent part of the GPON
| network. These are complicated. The "P" stands for "passive".
| Yours and and up to 127 other houses are all on the same
| "light domain" i.e. the downstream is passively split, and
| the upstream is passively combined, in optical boxes that
| don't even have electrical parts.
|
| This needs crazy accurate timing for the upstream. The head
| end needs to know the exact delay to your particular box to
| give it a "grant" to transmit at exactly the right time so
| transmit bandwidth is not wasted by idle time or multiple
| boxes transmitting at the same time and corrupting each
| other.
|
| You don't want brand X modems with dodgy configurations in
| this. Of course as a consumer you'd want "as little modem as
| possible" i.e. just give me an ethernet port running DHCP or
| PPPOE and let me do the rest.
| stephen_g wrote:
| They are complicated, but standardised and commoditised.
| Ubiquiti, for example, sells an ONT (fibre modem) in a SFP
| form factor for US$39 [1], or a little standalone unit with
| an Ethernet port for US$49 [2].
|
| 1. https://store.ui.com/us/en/category/fiber-
| gpon/products/uf-i...
|
| 2. https://store.ui.com/us/en/category/fiber-
| gpon/products/wave...
| direwolf20 wrote:
| For comparison: you can bring your own DOCSIS modem to a
| cable network, even though all the houses on the street
| are connected to the same cable and you could jam it, or
| send a voltage spike to break everyone's modem.
| perching_aix wrote:
| Not very familiar with DOCSIS and cable; the story I'm
| getting from my nearest friendly LLM is that while you
| could bring your cable modem, it'd have to be a pre-
| approved model, and that the firmware and configuration
| would be under ISP control, unlike with DSL modems. Is
| that wrong?
| namibj wrote:
| In Germany it's wrong.
| perching_aix wrote:
| How does it work in Germany?
| holowoodman wrote:
| You may either rent/buy a device from your ISP, or you
| may bring your own, at your discretion. ISPs are required
| to accept all devices, of course if your device kills the
| network segment, they will kill your connectivity. But
| they can't refuse to let you connect.
| direwolf20 wrote:
| What happens if your device connects 1000 volts to the
| cable and fries everyone else's device and the head-end?
| holowoodman wrote:
| You get taken to court and sentenced to pay the damages?
| Same thing that happens with the TV cable that runs
| through the whole street. Or the cars parked openly along
| the road. If you damage it, you pay for it.
| AndreasTheDead wrote:
| Your by law allowed to chose your own hardware.
| perching_aix wrote:
| And do they exert any control over the software and
| configuration on it? That was kinda the crux of it after
| all.
| fL0per wrote:
| Here in Spain it was common to get one of these to
| replace the ISP ONT:
|
| https://eu.store.ui.com/eu/en/category/fiber-
| gpon/products/u...
|
| Not that I had the need or anything, but it's similarly
| priced to the example in 2. Seems to me like maybe
| they're phasing it out soon?
| bobmcnamara wrote:
| I cloned mine into an SFP+ for a handful of microseconds of
| latency improvement.
| Fnoord wrote:
| Less W usage as well.
| perching_aix wrote:
| You say "why should I have to pay", but they really haven't
| said or suggested anything about how they'd rather you paid
| for anything. They're talking about having an _option_ to
| supply one 's own device, not about _requiring_ so.
|
| The common rationale behind this I'm aware of is that an ONT
| device is technically a computer with persistence, hosting
| arbitrary code and data that you cannot (or at least not
| supposed to) audit or alter, despite being on your premises,
| operated on your cost (electricity, cooling, storage), and
| specifically deployed for your use. These properties hold for
| SFP modules too in general, not just SFP ONTs (they're all
| computers with persistence).
|
| The catch is that this is further true for all of these kinds
| of modems.
|
| The counter-catch is that despite that, for DSL specifically,
| you could absolutely bring your own modem, hw and sw both.
|
| The counter-counter-catch is that with DSL, you were not
| connecting to a shared media, but point-to-point. This is
| unlike DOCSIS and GPON, where a misconfigured endpoint can
| disrupt service for other people, and possibly damage their
| or the provider's devices and lines.
|
| That's all the lore I'm aware of at least.
| fL0per wrote:
| Very much indeed, a 'rogue ONT' can screw another nearly 63
| users' acess in my area. Oversubscription is very
| noticeable, but just not problematic. 10G FTTH delivering
| 60~70% of the bandwidth is enough I guess. And latencies or
| jitter aren't a thing either.
| zhouzhao wrote:
| >The most concerning limitation in the German market is the
| unavailability of native Glass Fiber modems,
|
| This is not true for everwhere. You can totally use your own
| ONT or fiber modem with DTAG.
| lwde wrote:
| You have the right to router freedom even with FTTH. And
| fortunately, with DTAG FTTH, you can also book 1und1 with good
| peering (:
| madduci wrote:
| router freedom yes, but the Telekom Black Box that takes as
| input the Fiber cable is still a real "black box" that needs
| to be installed
| Fnoord wrote:
| Here in NL I've been able to replace router (Zyxel in my
| case) and ONT (Huawei in my case) with one SFP+ (went with
| some South-Korean one). Only had to register the serial of
| my SFP+.
| lwde wrote:
| nope, just remove the Telekom Black Box/ONT and get a GPON
| SFP (Like Luleey or FS) and register that mac.
| ckbkr10 wrote:
| Sorry to say but how you are framing things is simply not true
| anymore.
|
| You are not required to buy their "Glasfaser Modem 2" you can
| buy any ONT Modem.
|
| You are not required to use any of their equipment, they give
| you the data to connect via PPPOE directly.
|
| I bought a house with FTTH in 2023 and never used any Telekom
| hardware. Nobody forces you to use the peer DNS. The telekom
| DNS isn't complying to https://cuii.info/anordnungen/ because
| they want to but to avoid being sued everytime some company
| wants to block an illegal streaming site.
| iggldiggl wrote:
| > Nobody forces you to use the peer DNS.
|
| For practical purposes there's the problem (at least a few
| years ago?) though that Akamai in particular uses DNS to
| steer you to the correct portion of its CDN and the default
| IPs returned by independent DNS resolvers tended to have
| relatively abysmal peering with the Telekom network that was
| getting completely overloaded at peak times.
|
| Unfortunately "use <insert favourite DNS provider here>
| everywhere except for Akamai CDN, for which use the Telekom
| DNS" isn't something that consumer routers support, so you'd
| have to start running your own custom DNS resolver to work
| around that problem...
| madduci wrote:
| Don't you have the small black glass fiber box that takes as
| input the fiber glass cable and outputs a rj45 port?
| bobmcnamara wrote:
| For PONs you can get a programmable SFP+ and clone the manuif,
| devid, and password into it.
| TacticalCoder wrote:
| > I use PiHole in my own network, circumnavigating the DNS
| limitations, using Quad9 as my main DNS provider, but Unbound
| is on my to-do list.
|
| Why is PiHole necessary to dodge DNS limitations: can't you
| just put Quad9 as the DNS in your router/FritzBox?
|
| Now I switched from PiHole to running _unbound_ on a... Pi! I
| did that years ago: do it, you won 't be disappointed.
|
| I don't have the shiny PiHole UI anymore but I don't care:
| _unbound_ supports wildcards to blacklist domains and that 's
| what I care the most about.
|
| So a Pi with _unbound_ then _dnsmasq_ on my Linux desktop: this
| makes for very speedy lookups (as most queries are hitting the
| cache).
| MaKey wrote:
| You might be able to switch to a different ISP, e. g. 1&1. They
| rent the line from Telekom but you still get their peering.
| jon_adler wrote:
| As a fellow OpenWRT user who tried many DNS solutions including
| unbound, also consider NextDNS. They are pretty awesome.
| xg15 wrote:
| I like the subtle bit of trolling they did with the page color:
| DT had registered that shade of magenta as a trademark, made it a
| core part of their brand and generally was VERY vocal in public
| about "owning" that color. [1, 2]
|
| Though more recently they seem to have lost that protection. [3]
|
| So if that page now deliberately uses the "Telekom color" to call
| out their bad behavior, that's a statement on its own.
|
| [1] https://adage.com/article/digital/t-mobile-says-it-owns-
| excl...
|
| [2] https://www.exali.de/Info-Base/magenta-markenstreit (in
| German)
|
| [3] https://chiever.nl/en/blog-en/t-mobile-loses-the-
| protection-...
| mjlee wrote:
| That's the first thing I saw too. dataJAR (an Apple MDM service
| company in the UK) were targetted in the UK for using a
| different shade of pink in a different industry.
|
| https://www.bbc.co.uk/news/uk-england-sussex-44107621
| andreldm wrote:
| I have a contract with a smaller German ISP (Pyur), they do
| throttling too, uploading to Backblaze quickly gets capped to a
| few hundred bytes, sometimes the connection gets aborted. Using
| Mullvad or Tor gets around that. I considered switching to
| Telekom or Vodafone, gave up because they are even more expensive
| and now this.
| coretx wrote:
| Nothing will come out of this unless all former state monopolists
| are targeted at the same time.
| fbcpck wrote:
| I literally could not ssh into several of my servers since last
| week, and could only do so through my berlin server.
|
| Yes, I have to rent a local server to proxy all my home network
| through it, otherwise it is unreliable or outright does not work.
| It is absurd.
| 0xcb0 wrote:
| Telekom is a bunch of strange folks. I lately was not able to
| send mails, from my private mail servrr to my fathers telekom
| mail. After investigation I found out my server got blocked.
| After a decade of working. I mailed them, and they told me to
| register my mailserver with them. I shall tell them what mails I
| will send from there and about what content. I couldn't believe
| my eyes. Sure, thats how mail was supposed to work. Register with
| every mail server in the world, before you can send mail.
|
| Their mail excerpt: This system has not sent any e-mail to our
| customers for a long time. For security reasons our systems will
| only accept e-mails from such IP addresses after a check of setup
| and information about these systems.
|
| Please give us details about this system and the company using
| it, tell us all about the sending domain, what type of e-mail
| will be sent and especially if you or your customer want to send
| newsletter give us detailed information on how recipients e-mail
| addresses had been acquired. Who in person is responsible for
| e-mail sent from this system (MTA)?
|
| Please be advised that only technically proper configured and
| very well maintained systems are qualified for a reset of
| reputation and please see our FAQ section 4.1 (Requirements for
| smooth access to our e-mail exchanges
| <https://postmaster.t-online.de/index.en.html#t4.1>):
|
| "There must be a domain and website with direct contact
| information easily deducible from the delivering IP's hostname
| (FQDN)."
| Avamander wrote:
| That policy of theirs has existed for a long time now. It's a
| really odd one at that.
|
| They also don't enforce DMARC, nor do DKIM. It's stuck nearly
| four decades in the past.
| 7bit wrote:
| That's Germany in a nutshell.
| lippihom wrote:
| 2026 - 40 = 1986 was right before more mainstream internet
| adoption. Yep checks out, Germany today.
| hedora wrote:
| Were the trains running on time in Germany back then?
| They certainly were 20 years ago, so I assume they were
| in the 80's.
|
| Maybe "strictly worse than 40 years ago"?
| wolvoleo wrote:
| Microsoft has a similar policy on their consumer domains
| though. If they have not received mail from you for a month
| or so you are insta blocked. It's infuriating for personal
| mail server owners.
| alexjplant wrote:
| When I ran my own mail server Microsoft was the only
| company I encountered that would black hole my messages -
| no SMTP error for my own server to bounce back to me, no
| bounce back from their server, nothing. I vaguely recall
| having to do a dance with them a few times to fix this and
| the last time I tried I received no response. I don't
| frequently interact with Office 365 users so this didn't
| matter much to me.
|
| I did end up later moving to Proton primarily out of
| laziness. I thought these issues would be a thing of the
| past until I applied to work at a company that administered
| their own Exchange server that also black holed my messages
| from Proton's servers. Their reasoning? "We geo-block
| Switzerland for security reasons." Needless to say I turned
| them down.
| wolvoleo wrote:
| Oh when I ran my own mailserver I did get SMTP errors
| back.
|
| Every month or so I had this issue and I had to contact
| them through a form somewhere and I would get emails back
| from someone in india who reset my 'reputation'. They
| have some stupid made-up reputation system which means
| they need to see significant volume from you that is not
| marked as spam for them to accept your mailserver.
|
| And yeah proton has similar issues. A lot of companies
| blackhole even confirmation emails there. So you can't
| confirm accounts with a proton email and they give zero
| indication as to why. Tinder and the internet archive
| (archive.org) come to mind.
| gunalx wrote:
| Microsoft and google seems hellbent on destroying classical
| email, by doing this crap. Their interoperability is also
| pretty bad.
| wolvoleo wrote:
| Yes. It's the last phase of embrace, extend, extinguish.
| Typical big tech move.
| fuzzy2 wrote:
| At least they respond quickly to such inquiries. I have given
| up on T-Online Mail. I refuse to follow ridiculous rules like
| these.
| vjerancrnjak wrote:
| I think this is standard. It applies to domains as well. I
| experienced government services blocks as well -- they send me
| an email, yet block my reply. I complain every time and rarely
| does anyone care, the support person does not escalate, so my
| email remains blocked, sometimes I'm told system is working as
| configured, completely ignoring that I am a real person and
| system is hostile towards me.
|
| It's just general fragility of tech and lack of care from the
| creators/maintainers. These systems are steampunk, fragile
| contraptions that no one cares to actually make human friendly
| or are built on crappy foundations.
| hirako2000 wrote:
| We call it the email mafia.
|
| To send emails we need to pay for a mail service. Or get ads
| of course Gmail is part of the ring.
|
| Like most things it start with good intentions, to fight
| spam. As if it even worked, I guess we would get far more
| without they will say.
| calvinmorrison wrote:
| It's one of the downsides of decentralized networks. Trust
| is built or pay-your-way-into'd.
| AnthonyMouse wrote:
| This has nothing to do with decentralized networks. It's
| simple incompetence.
|
| If you haven't received any mail from a mail system
| before (or in a long time) and then it sends you one
| message, it probably _isn 't_ spam, because spammers are
| typically going to send you a _large_ number of messages.
| You also typically want to let the first few messages
| through so the recipient can see them and then classify
| it as spam or not, so that you get some data on how to
| treat future messages from that sender.
|
| This is the same thing a centralized system should be
| doing with individual users. You impose some reputation
| on accounts (e.g. by sender/registration IP address) and
| then if that address starts spamming people it gets
| blocked, and otherwise it doesn't.
| myself248 wrote:
| Is there a government requirement to be reachable by its
| citizens? That would seem to violate it.
| pimeys wrote:
| I mean, yes? But that's by sending a letter, or a fax.
| Email is not part of this...
| plagiarist wrote:
| This should have been updated decades ago to include
| email. Is it possible for any government to function
| properly?
| pimeys wrote:
| We are repeating obvious things here aren't we? I moved
| to Germany from a very pro IT country Finland. I've been
| here now for 15 years, and while I still disagree with
| their idea of dismissing email, I kind of got used to it.
| A couple more decades and it'll happen...
| furst-blumier wrote:
| The main issue is that who is supposed to implement it?
| The gov has 2 possibilities: hire a contractor, or do it
| themself. DIY has the issue that nobody wants to work for
| the gov because as any IT specialist you'd earn 1/3 or
| 1/4 of what you would earn in a private company.
| Stateworkers here cannot be fired. So you trade money for
| extreme "stability" (read: laziness). Hiring a contractor
| requires money they also don't see the necessity to
| spend. And that's how you end up in this situation. There
| are also other issues like no national wide
| implementation plan. Every state, every commune has to
| figure out and build stuff themself.
| miki123211 wrote:
| This is one of the things that E-Delivery (something
| which Europe is now implementing[1,2,3]) is going to fix.
|
| It's sort of like email, but based on the XML stack (SOAP
| / WSDL / XML Crypto / XML Sig), with proper citizen
| authentication and cryptographically-signed proof of
| sending and delivery.
|
| [1] https://ec.europa.eu/digital-building-
| blocks/sites/spaces/DI... [2] https://eur-
| lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A... [3]
| https://ec.europa.eu/digital-building-
| blocks/sites/spaces/DI...
| sam_lowry_ wrote:
| How ugly it is...
| nik736 wrote:
| Well, we have to "register" every new IP or new mail server
| with them as well. It's annoying and a weird system, but they
| respond quickly and it's just one todo we have to think about.
| anal_reactor wrote:
| > about what content
|
| Ask ChatGPT to generate you a very long very graphic story
| about how much you'd like to fuck a dog and your father is the
| only person who understands your desires and you want to
| discuss this with him via email. While fucking dogs is illegal
| in Germany, talking about it is (probably) not. Make the guy
| who asked the question regret doing it.
| egeozcan wrote:
| I'll give you an insider info: There's no guy! Your response
| would be filtered away by the profanity filter and nobody
| working in Telekom will ever read any of it.
|
| Hell, I can even say, likely, nobody will ever read it,
| regardless of how you answer.
|
| Those companies only respond to lawyers.
| anal_reactor wrote:
| Imagine the lawyer reading the case files pffffft
| Cockbrand wrote:
| Been there, done that. After a bit of back and forth, Telekom
| basically recommended that I go and use one of the big SMTP
| servers and stop bothering them. While I hated myself for doing
| it, I eventually switched to Gmail for peace of mind.
| bayindirh wrote:
| This is one of the reasons why I'm not planning to host my
| own e-mail server. It's not that I can't do it, but I don't
| want to sink time into investigating and working
| around/solving things like that.
| Avamander wrote:
| The small boutique mail hosts are also much more tedious to
| deal with than any of the big players. So it depends on
| your recipients how much effort self-hosting is.
| nerdponx wrote:
| Does Fastmail have any clout in Europe? I've been a customer
| for the better part of a decade (with my own domain name) and
| I've never had a mail delivery issue.
| chrisweekly wrote:
| I was going to suggest Fastmail too. I don't know about
| Europe in particular but have been a very happy Fastmail
| customer for several years, running mail for 2 small
| corporations plus personal, zero problems ever.
| Fnoord wrote:
| Nope, but there are various good and cheap e-mail providers
| in EU, such as Soverin, Posteo, Mailbox, Migadu, Tuta, ...
| glitchc wrote:
| Unfortunately some inbound servers will block emails if the
| originating server does not match the From: address.
| fph wrote:
| If you control the domain, you can use SPF to designate
| Google as an authorized sender for your domain.
| Asmod4n wrote:
| but the fun thing about them is, they allow you to impersonate
| any mail address you want with their smtp server.
|
| Aka, when you are a customer of them you get a @t-online.de
| address and login data for their smtp server.
|
| You can just login into that server and set the From: Header to
| anything, they don't check.
| direwolf20 wrote:
| In Germany I'd be surprised if the police didn't come to your
| house when you did that, and take all your computers to find
| evidence you sent it, and you're not getting them back even
| if you're proven innocent.
| AnthonyMouse wrote:
| Isn't that fairly common? You could then put in some other
| address, but you could do the same thing by setting up your
| own mail server, and in the former case you're not even
| really anonymous because the headers are going to show it was
| sent through their mail server and their mail server's logs
| will show which account was used to send the message.
| afiori wrote:
| The email sent from your own separate server will fail
| basic dmarc/SPF/dkim validation the email sent by their own
| servers likely will appear legitimate
| AnthonyMouse wrote:
| It would fail in the same ways unless the from address
| you're using is on their domains, which is then only a
| problem for their own customers rather than innocent
| third parties, and their own customers have the sensible
| option to stop using their service.
| lwhi wrote:
| They just want to make sure you're not a spammer.
| technothrasher wrote:
| Well, I don't know if that is better or worse than my
| experience with Comcast. They will usually unblock my emails
| within a day of my sending an unblock request, no questions
| asked... and then block me again after a few days, with no
| explanation as to why. I've had this IP for years, I have spf,
| dkim, and dmarc all property configured, I'm not on any
| blocklists, and I only send a very small volume of personal
| emails from the server.
| idiotsecant wrote:
| Does anyone self host email anymore successfully? I'm honestly
| asking. I would like to but it seems like a full time job
| trying to keep it running. Are there halfway solutions where
| maybe you own the service and domain and it runs somewhere
| trusted?
| fuzzy2 wrote:
| Sure. Highly successful even, I would say. I can deliver to
| Microsoft and Google.
|
| Not sure though what the magic ingredient is. I've had the IP
| address for 7 years before I decided to use it for mail,
| after one quick mail to Cisco's Talos stuff everything was
| fine. Software is Mailcow. Hosted at Hetzner in Germany.
|
| And still, I cannot deliver to T-Online, so there's that.
| rsync wrote:
| I self host email and have done so, with the same domain,
| since ~2000.
|
| My IP has not changed since 2010 and I have perfect
| dkim/dmarc/rdns and whatever duct taped bullshit de jure is
| currently being practiced.
|
| Everything generally works.
| sam_lowry_ wrote:
| +- same here
| seszett wrote:
| I have been running my mail server for about 20 years now,
| using three different domains.
|
| I have switched servers regularly, mostly between
| OVH/online.net/Hetzner since they are the three big cheap
| European hosts. I have also used various server software, now
| happily running OpenSMTPd.
|
| I have had a few problems with Microsoft in the past but
| contacting them (what made me care enough was marrying
| someone with an @hotmail email address) eventually fixed
| delivery for good. No notable delivery problems otherwise. I
| also run my company's mail server, it works fine too (with a
| much larger volume and different usage patterns), also
| running out of OVH servers.
|
| What I recommend for people who don't want to do sysadmin is
| buying a domain at OVH to use the free email service offered
| with it. It's cheap and works, and it's easy to switch to
| another registrar or provider if needed.
| njt wrote:
| I've been self-hosting my email for a little over 2 decades.
|
| The basic setup has more or less stayed the same, but there's
| some more extra components around it you have to know now
| (spam filtering and SPF/DKIM/DMARC come readily to mind).
|
| To quote Michael Lucas: "everything complicated about emails
| revolves around spam and not getting it". I highly recommend
| his book, "Run Your Own Mail Server".[1]
|
| In short, hosting your own email is not that bad at all. I
| strongly suspect, like many other skills, since it has
| atrophied with the advent of the cloud and people readily
| giving up to the large carriers, it has gotten the reputation
| of being hard, or as you said, a full time job. I don't think
| either of those things are true.
|
| [1] - https://mwl.link/run-your-own-mail-server.html
| hnben wrote:
| I selfhost for >10 years, but only for receiving, i.e. I can
| not send anything from my domain, because I thought that
| would have been to much stress to set up.
|
| My setup: I have a root server with DNS attached to it. On
| there is a postfix, with a minimal config that forwards all
| emails to my real address on posteo.eu. And posteo has not
| given me any trouble with any of my emails at all.
|
| I use this setup, so I can easily give new email-addresses to
| individual web services, and it gives me the option to
| selectively block these addresses.
|
| Last year I brought the big abo from proton, which includes
| throwaway mailadresses, and I am thinking about migrating my
| mail setup there.
| phit_ wrote:
| fwiw t-online.de hasn't been owned by Deutsche Telekom since
| 2015
| yayachiken wrote:
| Small tangent, but I feel like it is a good time to drop the term
| "net neutrality", which covers way too much ground. In the past
| in political discussions, the term "violation of net neutrality"
| was used to protest multiple different issues:
|
| * Traffic shaping (e.g. slowing down Bittorrent traffic)
|
| * Traffic fast lanes (pay for priority access to some content
| providers)
|
| * Selective zero-rating (exclude some providers from counting
| towards a traffic limit)
|
| * Artificial peering restriction (what Telekom is doing, usually
| via forcing content providers into paid peering agreements)
|
| I think people should start using more specific terms that are
| understandable for non-technical people, because otherwise the
| discussion becomes confused, which helps the providers.
|
| Lots of semi-technical people think that "violating net
| neutrality" refers to traffic fast lanes, because the last time
| this discussion entered the public was when the US social media
| was in uproar about FCC rules 10 years ago.
|
| What Telekom is doing looks similar to the outside (some content
| providers are fast, some are not), but they can just deflect by
| saying that they do not intentionally throttle traffic, which is
| pretty much true, as they hit their physical bottlenecks. If you
| are knowledgable enough as a lawmaker to press them on the
| peering issue, they could argue that forcing peering would force
| them to pay rent at Internet Exchanges, just so other providers
| have good access. Where they also kind of have a point.
|
| And even lots of technical people have no clue about peering,
| transit etc. and treat their uplink as a blackbox, a cloud in
| their network chart where the Internet comes out.
|
| For the Telekom case, we would need a different legislation, for
| example make paid peering agreements between providers illegal or
| at least regulated, which would then be an incentive to be
| generally well-connected (free mutual peering is usually
| considered a win-win scenario unless you are Deutsche Telekom and
| can use your market power to bully other market participants into
| another form of rent extraction). And that means that lawmakers
| and the public need to understand first the specific problem we
| are fighting.
| sgjohnson wrote:
| > For the Telekom case, we would need a different legislation,
| for example make paid peering agreements between providers
| illegal or at least regulated, which would then be an incentive
| to be generally well-connected (free mutual peering is usually
| considered a win-win scenario unless you are Deutsche Telekom
| and can use your market power to bully other market
| participants into another form of rent extraction). And that
| means that lawmakers and the public need to understand first
| the specific problem we are fighting.
|
| Realistically not going to happen, as the effort would need to
| be global. Like, Cogent STILL refuses to transit-free IPv6 peer
| with HE. https://bgp.tools/kb/partitions.
|
| T1s are very happy where they are, and it's an exclusive club.
| Any attempts to tame this behavior from DTAG will also face
| backlash from basically all the other T1s.
| yayachiken wrote:
| Regulating peering within the EU would already be a win.
|
| The providers are then free to either move out of the EU
| market, or let their non-EU traffic flow via the (then likely
| larger) unrestricted pipes at DECIX and AMSIX. If they think
| that routing everything via EU is cheaper instead of just
| peering better in the other parts of the world to deliver
| traffic locally, then be it, that is their own economic
| freedom to decide so.
|
| But they will realistically not do that. Also, SDNs will
| likely never go back to serving content in Europe from e.g.
| the US. Good connectivity is just generally the economically
| better option.
|
| That being said, T1 companies like Deutsche Telekom who also
| serve a large consumer base via broadband and mobile and not
| just other large business networks are probably more
| vulnerable to such legislation than an exclusive transit
| provider.
| sgjohnson wrote:
| > Regulating peering within the EU would already be a win.
|
| Regulating peering how? Freedom of commerce is one of the
| core pillars of the EU. Forcing a company to do business
| with another company is insanity.
|
| If DTAG doesn't want to peer with CloudFlare, you can't
| force them.
| direwolf20 wrote:
| WhatsApp has been required to provide an open API, Apple
| has been required to provide alternative app stores.
| Neither one has actually done it because the EU is too
| pussy to enforce the law, but the legislators clearly had
| no huge principle disagreement when writing these laws.
|
| Mobile networks have been forced to allow roaming in
| other countries for a certain low fee, and that is
| actually enforced and has happened. It's clear the EU has
| no qualms about forcing companies to do business a
| certain way when it serves some greater interest.
| sgjohnson wrote:
| The difference between WhatsApp open API, alternative App
| Stores and forcing peering is that it costs virtually
| nothing for WhatsApp to provide an open API, and for
| Apple to allow alternative App Stores.
|
| Roam-like-at-home is also not a particularly good
| comparison here, because the the roaming fees were
| basically a price gouging scheme.
|
| Don't like DTAG? You're free to switch to another ISP.
| luckylion wrote:
| What's your estimation for how much more expensive it
| would be for DTAG to peer at Decix instead of only doing
| dedicated private peerings that they get paid for?
|
| Because I don't believe it's about any additional cost --
| it's only about additional revenue that could be
| extracted. That's a behavior you don't like to see from a
| state-owned ex-"Only Offer Allowed" monopolist that is
| still dominating the market while the government entities
| tasked with regulating the market are closing both eyes.
| direwolf20 wrote:
| It costs DTAG virtually nothing to have good peering,
| certainly compared to their income. It costs Apple a very
| high percentage of their revenue to allow alternative app
| stores, since their main revenue source is the 30% tax on
| all in-app purchases through the Apple store.
| yayachiken wrote:
| DTAG are also a consumer ISP. A consumer ISP should be
| considered a utility, and utilities can also be forced to
| provide certain services. In addition, Internet Exchanges
| have become so critical for the Internet architecture
| that they should also have some privileged status.
|
| Legislation could focus on the following general rules,
| without favoring some providers over the others:
|
| * If you participate on an IX node, there is no
| reasonable technical or financial reason not to peer with
| the other participants at that node. Of course this would
| also mean that participants have to be protected against
| price-gouging of IXs when they need to scale up their
| uplink for that reason.
|
| * Alternatively, you could conditionally allow paid
| peering, but in that case require certain availability
| guarantees on your general transit connection.
|
| * If you do not want to do business with a certain party,
| it should be all or nothing. Blacklist them organization-
| wide. No misleading to consumers that a content provider
| just appears slow, announce that you do not want to play
| with e.g. Netflix anymore and if your customers do not
| like it, they will switch.
|
| * If you want to opt out of all of this regulation, you
| are free to run fiber yourself and just directly connect
| with everybody you are interested in. That is expensive?
| Too bad.
| sgjohnson wrote:
| Letting the government regulate peering will be the death
| of the internet as we know it.
|
| I don't believe that there's a single lawmaker, anywhere
| in the world, who understands anything about the
| fundamentals of IP transit. But no doubt they have ISP
| buddies who understand everything about it, and no doubt
| they'll be the ones actually writing the legislation.
| yayachiken wrote:
| Well, there is always a regulatory measure that would be
| a lot easier to implement: Lawmakers could just disallow
| Tier 1 carriers to provide consumer Internet access.
| (This forced separation of business domain already has
| precedent in other sectors, e.g. energy companies having
| to separate network upkeep from energy trading or banks
| having to split their investment branch from the credit
| branch)
|
| And I have a feeling that as soon as that is seriously
| discussed, the current exploitation of market power will
| stop rather quickly, without any need for actual
| regulation.
| sgjohnson wrote:
| > Lawmakers could just disallow Tier 1 carriers to
| provide consumer Internet access.
|
| This one I actually agree with.
| amiga386 wrote:
| Governments successfully managed this before. It was
| called Local Loop Unbundling.
|
| They recognised where the monopoly was: the incumbent
| telcos with millions of customers that _had_ to go
| through them to get anywhere else.
|
| So the government insisted that such incumbents make
| available space in their exchanges for third parties (not
| for free!), and to allow their customers to use the third
| parties for telephone and/or internet service, rather
| than themselves.
|
| A similar argument and regulation could be made today. It
| could only apply to ISPs with a significant number of
| endpoint customers. It could require that the ISP make
| peering available to third parties, at the third party's
| cost, but the resulting transit should be settlement-
| free. It could require that if a peer asks the ISP to
| upgrade, because the ISP is deliberately
| underprovisioning, the ISP is compelled to allow the
| third party to pay reasonable costs to upgrade _both
| sides_ (so the ISP can 't sit on its hands, can't brazen
| it out, and can't set an impossible price)
| patrickmcnamara wrote:
| > Forcing a company to do business with another company
| is insanity.
|
| This already happens all the time, and especially in
| telecommunications. Interconnection is a core of
| telecommunications law everywhere.
| andersa wrote:
| People use the same word because all of those actions have the
| same result for an end user.
| direwolf20 wrote:
| There's no such thing as paid peering, is there? There's only
| being a customer. DT wants you to buy transit to get access to
| their customers.
| yayachiken wrote:
| Peering just means that two AS physically connect to each
| other directly. Whether this peering is paid or not is
| independent from the technical implementation.
|
| Just nearly everybody except Telekom is doing this on a
| liberal and informal not-even-handshake basis. On ISP scale,
| you either invest in infrastructure, or pay rent for network
| ports or cross-links, and you generally want your traffic
| usage to be smooth without spikes, and also go to the
| destination without going through your expensive ports more
| than once. So general connectivity is more important than any
| kind of traffic metering.
| direwolf20 wrote:
| > peering just means that ...
|
| This also describes transit and describes getting internet
| service at home. I wouldn't say my cellphone peers with my
| provider. My cellphone is very much subordinate to my
| provider, not a peer.
|
| DT thinks it's important enough that it can extort
| everyone.
|
| A good policy for ISPs is to peer as many places and
| networks as possible, and carry traffic between your peers
| and customers, and customers and customers, and transit and
| customers, but not between peers and peers, or peers and
| transit. This way one end is paying for all traffic you
| carry. If you are a bully, you can try to make both ends
| pay.
| yayachiken wrote:
| > This also describes transit and describes getting
| internet service at home.
|
| Well no. Transit means that you use another AS (usually
| by a larger ISP) to get connectivity to a certain AS. And
| as for your internet service at home, unless you announce
| an AS, you are not peering with anyone.
| direwolf20 wrote:
| Peering has everything to do with the physical
| interconnect and nothing to do with the ID numbers used
| to describe that interconnect, IMO.
| yayachiken wrote:
| Then we are just talking about two different things.
|
| On ISP level, routing tables are built via BGP. BGP needs
| Autonomous Systems (AS) as organization unit to work. If
| you are not an AS you are never a peer as you are not on
| equal footing.
|
| As a rule of thumb, if your edge router has a default
| route set, we are very likely talking about different
| scales.
| direwolf20 wrote:
| ISPs are encouraged to -- but rarely do -- use private
| ASNs with single-homed BGP customers.
| 7bit wrote:
| All the points you list contribute to the Internet being
| neutral or not, therefore of course these items come up in
| discussions.
| wmf wrote:
| Replacing net neutrality with a bunch of smaller issues means
| you have to educate and lobby N times as much. And every time
| ISPs find a new loophole you'd have to start from scratch.
|
| Looking at this case specifically, "fast lane" is not a
| technical term so maybe in your mind it only means packet
| scheduling not refusal to upgrade capacity but that's not a
| universal definition.
| Elfener wrote:
| ISPs are the worst.
|
| Currently I use Telekom's 5G for my home internet connection in
| Hungary as Telekom is the only company who has a cable in my
| street, but they refused to sell me wired internet due to the
| hole they use to take their underground cable up to the houses
| being already over capacity (it turns out this "hole" serves like
| the entire street with cables being run across everyone's
| attic...).
|
| I previously used yettel/telenor's 4G (basically as fast as
| Telekom's 5G because their 5G is a scam, although Yettel's 5G is
| even more scammy, it is slower than their 4G) but they broke
| their routers, I had comical packet loss and they refused to fix
| it (technically, when you pay for a cellular connection, the
| required uptime in the contract is zero). They also started
| CGNAT-ing in order to supposedly "improve security" (wtf..) just
| before I switched (this now means that their "internet-focused"
| plans have just CGNAT-ed IPv4, while their "non-internet focused"
| cellular plans have CGNAT-ed IPv4 AND IPv6 (makes sense).
|
| In any case, I now use Telekom's 5G with CGNAT-ed IPv4, just a
| single /64 IPv6 and forced separation (it is illegal to have a
| stable internet connection, they disconnect you just before
| reaching 24h of uptime).
| sgjohnson wrote:
| > ISPs are the worst.
|
| DTAG is not just a run-of-the-mill consumer ISP. They are a
| global Tier-1 carrier.
|
| Which of course makes their behavior all that much worse.
| direwolf20 wrote:
| You don't want a tier 1 carrier as your ISP because they are
| severely limited in connectivity -- they only connect to
| paying customers and other tier 1s. They are to be used as a
| last resort by the tier 2 ISPs, who provide good packet
| routing by selecting the best routes from among several
| backbones.
|
| Never thought I'd see this play out in practice, especially
| with a consumer ISP. Normally this comes up with server
| hosting, not consumer ISPs.
| embedding-shape wrote:
| > You don't want a tier 1 carrier as your ISP
|
| The best part about ISPs, is that usually who have very few
| choices, sometimes only one! Where I grew up, we had the
| choice of "broadband" (via antennas between an island and
| mainland) with one ISP, or modem with any telephone
| company. Eventually, proper cables where put, and we had a
| choice between 6 different operators.
|
| Where I live now, I only have 3 options for ISPs with
| fiber, even though I live right outside a huge metropolitan
| area.
| kebman wrote:
| ISP "choice" is mostly a meme, yeah.
|
| But depending on local rules, you _can_ sometimes route
| around the monopoly: trench your own last-mile (at least
| on private land), do a neighborhood co-op, connect
| buildings, etc. It's sometimes expensive and you'll hit
| permits /right-of-way bureaucracy, but it's totally
| doable if you've got a few (rich) friends or a business
| willing to back it.
|
| "the conduit is full" is often just BS and a super
| convenient excuse for incumbents to block competition
| indefinitely.
|
| Romania is a good example of what happens when lots of
| small operators aggressively wire dense apartment blocks:
| brutal competition, low barrier to entry, and suddenly
| everyone has insane internet.
|
| If digging is blocked, wireless works too. Point-to-point
| links, WISP stuff, even satellite. The main thing is: you
| don't necessarily need _your local ISP_ as your upstream,
| you just need a path out.
| direwolf20 wrote:
| I think Germany has something equivalent to local loop
| unbundling, but obviously, DT still provides shitty loops
| because they are shitty at all aspects of their business.
| ahartmetz wrote:
| Local loop unbundling is only mandatory for large ISPs.
| There are many regional or otherwise smaller carriers
| that have a local monopoly. Fortunately, they tend to be
| OK (with some exceptions like Deutsche Glasfaser, they
| are basically bankrupt and behaving quite erratically).
| fL0per wrote:
| > _Romania is a good example of what happens when lots of
| small operators aggressively wire dense apartment blocks:
| brutal competition, low barrier to entry, and suddenly
| everyone has insane internet._
|
| And it propagated to Spain thanks to the Romanian DIGI
| playing their strong bets for a while. I've had the
| access to the cheapest while also best-uptime-service
| option because of them on the two places I've lived in
| the city. They're still deploying as much as they can and
| meanwhile they offer VULA access where they don't have
| (In Spain thanks to the NEBA regulation, biggest ISPs are
| obligated to ease local access for any other operator)
| own infrastucture.
|
| So it's available also at my parents' as well since a few
| months ago (Internet access still contracted with another
| company which honoured the low price offered back then
| which was subject to some conditions, and even having
| risen prices as much as three or four times, they've
| respected them for staying clients). I didn't see the
| need for the switch, but wouldn't had given much thought
| to it.
| skissane wrote:
| > ISP "choice" is mostly a meme, yeah.
|
| I think Australia's model works really well - the last
| mile is (with occasional exceptions) owned by a
| government-owned ISP, NBNCo. But NBNCo is purely a
| wholesaler, and they only provide service from the
| premises to the local telephone exchange. There are
| dozens of competing retail ISPs, and they own the
| connection from the local exchange onwards. So if one of
| them is screwing you over, you can switch to another. And
| if you have a fibre connection, you can even split your
| fibre connection over multiple retail ISPs-you can sign
| up for new one as a trial without cancelling the old one,
| and then reverting back is literally just swapping an
| Ethernet cable to a different port.
|
| I'm surprised more countries haven't copied it.
| Melatonic wrote:
| Starry is great here in California - they connect to ISP
| backbones and then put point to point WiFi on rooftops of
| apartment buildings. I get 300 down and 200 up (real
| world) with no throttling or BS. 50$ a month no contract.
| Very rare goes down and that's in extreme weather (and
| briefly). Probably better uptime than cable
| Fnoord wrote:
| The day when T-Mobile NL (nowadays known as 'Odido')
| started routing all traffic via DTAG to 'save costs', and
| latency increased because in NL you were routed via
| Frankfurt. And after complaints they actually insisted on
| this. Then the company got bought by investors, who
| immediately changed this back, and also changed the name of
| the company.
| holowoodman wrote:
| They are a tier-1-wannabe. Tier 1 in prices, tier 3 in
| connectivity. No international peering to speak of,
| negligible international cables and presence compared to real
| tier 1.
| wildylion wrote:
| Maybe get some Star link if you can... (Cringe worthy because
| of some musky husky guy, but at least it works for now).
| virtuallynathan wrote:
| Try Starlink?
| xinayder wrote:
| I think this is also relevant, after finding out Telekom, in
| Hungary, has the worst routes possible for some game servers:
|
| https://mtpeering.pages.dev/
| oceze wrote:
| Bojler elado!
| metanonsense wrote:
| Honestly a crappy situation. In Germany, Telekom is a
| monopolistic bully. In evening hours, any service behind
| Cloudflare more or less stops working (for instance, before I
| cancelled my subscription, chess.com web assets were delivered
| with neck-breaking 5kB/s, which made loading a 20MB wasm for
| stockfish analysis no fun).. but there are absolutely no viable
| alternatives that aren't also crappy: Vodafone -> same peering
| idiocy, Starlink -> king Elon). VPNs make things complicated, but
| are often the only alternative.
| oytis wrote:
| I am on o2 and didn't have any problems with availability that
| I would notice.
| jesprenj wrote:
| Slovenian ISP T-2.net also violates local network neutrality laws
| here by requiring customers to pay extra to unblock some special
| TCP ports, like 25 and 53, meaning they block selfhosting email
| and dns servers without additional payment. I filed a complaint
| to the national regulator AKOS. They first responded with
| agreeing with me, but nothing was fixed for many months, and upon
| emailing the regulator again, I received a different response
| from another employee claiming that charging more for unblocking
| special applications is legal (it's not).
| sgjohnson wrote:
| Blocking port 25 is perfectly reasonable.
|
| There are no sane and legitimate reasons for running an SMTP
| server on a residential connection. Even most server providers
| will block it unless you give them some very good reasons.
|
| Blocking 53 is just weird though.
| daneel_w wrote:
| I'm not sure you read the OP's comment in full. They are
| talking about _inbound traffic_ from the Internet. It 's
| certainly a lot more common a case to self-host an MX than
| running an open DNS resolver or authorative name server.
| B1FIDO wrote:
| You may be surprised to learn that there are many types of
| botnets out there, and many use DNS queries for the C&C.
|
| Although the GP wrote "53/tcp" that is a weird situation,
| because most (not all) DNS is over UDP.
|
| One day I suddenly found my DNS resolver logs were very
| active with veritable gibberish. And it seems that my
| router had been pwned and joined some sort of nefarious
| botnet.
|
| I only found this out because I was using NextDNS at the
| time, and my router's own resolver was pointed there, and
| NextDNS was keeping meticulous, detailed logs of every
| query.
|
| So I nipped it in the bud, by determining which device it
| was, by ruling out other devices, and by replacing the
| infected demon router with a safe one.
|
| But yeah, if your 53/udp or 25/tcp is open, you can pretty
| much expect to join a botnet of the DNS or SMTP-spam
| varieties.
| trinix912 wrote:
| That's none of the business of my ISP to care about. If a
| botnet abuses my connection to send excessive traffic,
| that's going to be limited by the bandwidth limit I'm
| paying for.
|
| Restricting ports also doesn't mitigate it, as a port
| scanner can easily find out I'm running this or that
| vulnerable server software on a non-standard port.
|
| It's none of the ISP's business to restrict the ports I
| should be using.
| daneel_w wrote:
| Just like the parent, you too have gotten your ins and
| outs mixed up.
| tsss wrote:
| Whether or not I have a sane reason to use port 25 is none of
| their business.
| myself248 wrote:
| Define "residential connection".
|
| There is no such thing. A connection to the internet should
| be equal to any other connection to the internet, modulo BGP
| peering. Noone has a right to dictate what services I run or
| don't run, what protocols I speak or don't speak, what
| traffic I accept or deny, but *me*. That's the whole point of
| being on the internet rather than Prodigy or Compuserve or
| something.
|
| The physical location of that connection is irrelevant. Maybe
| I feel my servers are safer in a datacenter. Maybe I feel
| they're safer in my basement. In my case, it is very much the
| latter, and again, you don't get to make that call. I do.
| franga2000 wrote:
| Calling this "paying to unlock ports" is disingenuous. I'm also
| a T-2 customer and have run into this before. They block ports
| on dynamic IPs, but if you pay +2EUR/mo for static, this is
| unlocked. This seems reasonable. If you're not paying for
| static IPv4, you're paying for "internet access", whether
| that's a rarely chaning dynamic IPv4, a constantly changing
| IPv4 or full CGNAT.
|
| Would you also say your mobile phone operator is violating net
| neutrality by putting you behind CGNAT that you can't forward
| arbitrary ports through? You can pay a bunch of money to get a
| private APN and get public IPv4 addresses. Would you call that
| an unblock fee?
| direwolf20 wrote:
| I've been told there's a law that my mobile phone operator
| has to turn off all firewalling on my connection if I ask.
| vladvasiliu wrote:
| I don't know about that law, but GP's point was that you
| don't get a public IP anyway, firewall or not. And with
| this NAT in place, you can't ask them to forward specific
| ports to your equipment.
|
| In France, CG-NAT is getting widespread even for fixed,
| FTTH links. I'm typing this connected to SFR, which
| provides a static IPv6 /56, but IPv4 is behind CG-NAT. I
| can't host anything on IPv4. I think there's an option to
| get a fixed, internet routable address, but not on the
| "discount" plan I'm on. I hear you _maybe_ can ask support
| to get you out of CG-NAT, but that doesn 't seem very
| reliable.
|
| Free (local ISP), by default, doesn't give a static IP for
| fiber, but you can ask for one for free through your online
| account page (you just need to tick a box).
| Dylan16807 wrote:
| > They block ports on dynamic IPs, but if you pay +2EUR/mo
| for static, this is unlocked. This seems reasonable.
|
| Why does that seem reasonable to you? Why should dynamic IPs
| not be able to receive incoming connections? It costs them
| nothing to let those packets through.
|
| > disingenuous
|
| Bad.
|
| > Would you also say your mobile phone operator is violating
| net neutrality by putting you behind CGNAT that you can't
| forward arbitrary ports through?
|
| CGNAT is pretty awful, but at least there's a _reason_ for
| connections to fail.
|
| But sure, if I had control I would mandate that CGNAT lets
| you forward ports. Maybe you don't always control the
| external port, but there shouldn't be any other compromises.
|
| > You can pay a bunch of money to get a private APN and get
| public IPv4 addresses. Would you call that an unblock fee?
|
| That's a workaround to get a different connection, not an
| unblock, so no.
| franga2000 wrote:
| Firstly, dynamic IPs are quickly reused, so if one customer
| get an IP onto a bunch of firewall blocklists because they
| were operating services that got exploited (like an open
| relay for spam, email backscatter generator, dns that was
| used for amplification, smb that hosted on-click executable
| windows malware...), this means some random unrelatimg
| customer will now have problems with their internet
| connection. After a while, you could poison a large chunk
| of the pool, then they have to not just deal with you, but
| also a bunch of other angry customers as well as beg all
| the firewall vendors to unblock those IPs.
|
| If you get static, you keep that IP for a while. You suffer
| the consequences of your bad setup, you have to deal with
| FW vendors and after you leave, the IP will be offline for
| long enough that it will probably "cool off".
|
| And secondly, while I don't like it, we need to keep in
| mind net neutrality was not written for selfhosters. It was
| written so an ISP can't zero-rate their own streaming
| service, or block their competitors. It was about internet
| access, not internet participation. The ownerwhelmimg
| majority of people are not and don't care to be "on" the
| internet, they want to "access" things that are on the
| internet. That's why NAT is still everywhere.
| trinix912 wrote:
| Another T-2 customer here. I never ran into issues with port
| blocking (but didn't try 25/53), even more, I had a "free"
| static IPv4 on DSL before we got the fiber line, but I've
| lately been noticing random connection slowdowns. Never had
| significant slowdowns with DSL.
|
| I've talked to a few people (Telemach customers) who told me it
| happens every now and then, they call the support center that
| tells them to restart the modem (even if they'd done it before)
| and then the connection magically works at full speed again.
|
| Could it just be that it all goes through Telekom Slovenije who
| does some weird load balancing? Definitely worth an
| investigation, but ZPS might be a better address for this than
| AKOS.
| jesprenj wrote:
| Telemach is also funny in net-neutrality regard:
|
| Article 7.2 of their terms of service
| https://telemach.si/download/terms/splosni-pogoji-
| poslovanja...
|
| > Narocnik se obvezuje, da po prikljucitvi na omrezje
| izvajalca: > ... > * ne bo postavljal streznikov na svoji
| lokaciji, razen v primeru sklenitve ustreznega dogovora z
| izvajalcem, > ...
|
| It states that customers are bound not to setup servers on
| their internet connection point without prior aproval by the
| ISP. It sounds against the law to forbid this, albeit ianal.
| nottorp wrote:
| DT owned for a long time what remained of the former state phone
| operator in Romania.
|
| They were the only provider that hijacked DNS lookup failures to
| redirect to their own page.
|
| They're gone out of this market now, fortunately.
| zhouzhao wrote:
| Glad to hear again, that Romania is living in the future of the
| Internet.
| nottorp wrote:
| It looks good still, but we're down to 3 major providers. The
| future may bring entshitification yet...
| micw wrote:
| Fun fact: Deutsche Telekom just started their ad campaign "being
| better in the best network" (https://www.telekom.com/de/medien/me
| dieninformationen/detail...). While they have the worst network
| of all, especially when it comes to peering (30% of the internet
| is just slow over Telekom but fast over Telekom + any VPN).
| hermanzegerman wrote:
| Yeah, but they're the only network when you want to have
| cellphone reception outside of dense cities. You can completely
| forget O2 and Vodafone if you go hiking/skiing in the Black
| Forest, or on the Beach at the German Islands.
|
| Also Vodafone outsourced their peering to a subcontractor, and
| doesn't do any public peering at all anymore. So I guess
| Telekom still isn't the worst Network at all
| zhouzhao wrote:
| That is sadly the truth. They also charge the most per GB,
| but you can use any of their resellers like Congstar.
|
| Just checkout DTAG's 5G network coverage on Breitbandatlas.
| hermanzegerman wrote:
| It's not that bad, I pay 8.60EUR per month for 30GB, and
| they also threw in a cheap Android Phone in the 12 Month
| Contract.
|
| Also Switzerland being included is at least for me a nice
| perk that O2/Vodafone don't offer. But compared to other
| European Countries offerings it's obviously shit.
|
| Also Fraenk is even cheaper than Congstar
| zhouzhao wrote:
| 8.60EUR per month? Certainly not from DTAG themselves,
| right?
| hermanzegerman wrote:
| It is, but it was a limited time promotion
|
| https://www.teltarif.de/telekom-aktionstarif-
| prepaid/news/10...
| micw wrote:
| So they should re-label the ad campaign as "Could be worse"
| :-)
| syntaxing wrote:
| I'm on Comcast and I strongly believe they're selling my data to
| brokers from the targeted ads I see. I paid for WARP+ from
| cloudflare and the targeted ads dropped noticeably.
| chorizoking wrote:
| Commenting from my alt to avoid doxxing myself. Have spent over a
| decade in various 'large' streaming video companies, the ones you
| absolutely know about today.
|
| DTAG is bar none the worst ISP to work with. Everything they do
| is politics, they may decide to 'forget' to increase the
| bandwidth on a PNI until you take a meeting with german
| regulators. Almost every other ISP views PNI as the best way to
| uphold customer satisfaction without breaking the bank over a
| more expensive IX and will happily add ports when needed, DTAG on
| the other hand often requires concessions and selective
| agreements with a lot of strings attached.
|
| I don't think Germans realize just how much DTAG is holding the
| experience back for end users (given it's partially state-owned)
| zhouzhao wrote:
| >I don't think Germans realize just how much DTAG is holding
| the experience back for end users
|
| The ones not on HN probably just notice that their internet is
| getting slow after 5 p.m
|
| Trust me, I know how much they suck and I still had to enter a
| 2-year contract just to get fiber optics in my house.
| pimeys wrote:
| They tried to install it to our home too, but our landlord
| just didn't do anything to help them to open doors and now
| we've been soon waiting two years for the connection.
|
| The more I read about DTAG the happier I feel like using our
| cable connection which, upstream excluded, works quite well.
|
| We're about to buy our apartment in Berlin and that changes
| things. I hope we have soonpre choice on the fiber operator.
| mikigraf wrote:
| I thought I was crazy for thinking that Reddit LinkedIn and
| half of the internet becomes unusable past 6pm.. now I know
| why
| account42 wrote:
| Unfortunately, it's not just DTAG but all Internet providers
| are overpriced crap here.
| notTooFarGone wrote:
| As a german I hate DTAG with a passion for many many failures
| in throttling and just for the most expensive prices in europe.
| I just hate Vodafone more which is a hard thing to achieve but
| there are no other options in most cities.
| lc5G wrote:
| How can I learn about which ISPs have better peering and net
| neutrality etc? Are there websites that keep track of this and
| compare it?
| ainiriand wrote:
| Their standard plan offerings could be already be considered
| throttling. I moved to Spain and I have 1gbit up/down.
| cheese_van wrote:
| My offhand impression is that when I was in Germany, consumers
| were oddly suspicious of the Internet in general and very
| suspicious of social media in particular. That suspicion was
| somewhat translated into a lackadaisical attitude about service
| quality. Perhaps that attitude is finally changing because DT
| simply won't care unless there is a sufficiently large enough
| vocal public to force the issue.
___________________________________________________________________
(page generated 2026-01-26 15:01 UTC)