Heh, lucky you, at least you get a message. My ISP just drops traffic to the affected IPs. No ping, no traceroute, just a spinner in the browser until it says "page not found".
Every response and comment from LaLiga, the football organization responsible for this, has been so far that this is a minor issue that only affects a few bunch of nerds who talk about "docker images" or "github repositories" or "whatever that means".
Meanwhile, there are testimonies of smart home devices like anti-theft alarms or automatic doors, that stop working whenever there is a football match, because their backends rely on Cloudflare.
Last week, a woman asked for help on social media, as the GPS tracking app she uses to see where her father with dementia is, went offline during a match. It was getting late and he still wasn't back home, and she couldn't locate the tag he was wearing to find him: https://www.infobae.com/america/agencias/2026/04/05/laliga-d...
It's hard to say this, because no one should experience an event like this, but as stressful as these are, it's the only way to make the mainstream people care about this censorship. "I cannot pull a docker image" will never be on nightly news, but safety and personal security is a more powerful driver for discourses.
> Heh, lucky you, at least you get a message. My ISP just drops traffic to the affected IPs. No ping, no traceroute, just a spinner in the browser until it says "page not found".
This is generally how the GFW works in China. Instead of an overbearing nanny like a school or corporation's DNS blocker, you're left with a sense that you're on a version of the Internet that is just intermittently and somewhat mysteriously broken.
And indeed, in China, a lot of things that probably aren't fully intended to be blocked are not reliably accessible. Implementation varies, so you get strange routing and peering issues. It feels like an Internet that isn't fully formed, that hasn't finished coming together yet.
Nation states and corporations obviously gain some things sometimes by having Internet censorship/blocking frameworks in place. Maybe, sometimes, ordinary people even benefit, too, if it helps shut down illegal and genuinely harmful businesses.
But it feels like the whole world is gradually trending towards more and more Internet censorship without realizing that we are un-building a miraculous thing that took enormous effort and cleverness and expense to build. I wish we could think about this not only in terms of freedom (and we absolutely should think about it in terms of freedom), but how we are disintegrating the infrastructure of communication and computing.
This is generally how the GFW works in China. Instead of an overbearing nanny like a school or corporation's DNS blocker, you're left with a sense that you're on a version of the Internet that is just intermittently and somewhat mysteriously broken.
Oh boy, an excuse to share my favourite great firewall story on a visit to China. Keep in mind, this is 15 years old, so probably doesn't represent the current state of affairs. At the time, my daily news reading habit had me checking BBC and CBC (Canadian Broadcasting Corporation). The BBC site seemed to be working fine, but whenever I clicked on an article on CBC, it was blocked. A few minutes later, I went to show my wife that CBC articles were blocked, and I clicked on the same one again, and it loaded. I clicked on another: blocked. Tried it again after a few minutes and it loaded. Someone was screening the articles in real time for me. When I was done reading, I clicked on several of the weirdest headlines I could find, and after a few minutes, everything was blocked again including ones that had previously worked.
Your last paragraph: it is sad. But we had successful global networks before the Internet (the PSTN, telegraph) and we'll certainly have global networks after this at some point in human history. Perhaps in the the time between the Internet and what's next, the world will become a bit more mature about a few things.
> But we had successful global networks before the Internet (the PSTN, telegraph)
These were ripe with espionage, wiretapping and sabotage. Access to it used to be highly restricted as well, up until the 90s for example you were only allowed to connect government-licensed modems to the German PSTN directly.
> These were ripe with espionage, wiretapping and sabotage.
Just like today's Internet. BGP spoofing, CALEA, DDoS.
> Access to it used to be highly restricted as well ...
And this is where the regression or "downfall" is beginning. Access to the Internet (as in ability to send/receive arbitrary data to the wider Internet) is something I bet is going to be increasingly restricted, but most people won't notice because they don't understand the difference between apps and the Internet.
I'd be surprised if direct access to the Internet is possible for consumers in the next 10 years. Everything will have to be through approved apps (age assurance is going to be the catalyst) that work over registered tunnels contracted through ISPs, if there isn't an outright blurring or merger between the concepts of phone/CPE, ISP and CDN. Your non-tech layperson will not know any difference whatsoever if all they use are their phone plan, streaming/banking apps and Facebook.
Surely this was simply the nature of Deutsche Bundespost / Deutsche Telekom? Like, of course you had to use hardware they had approved to connect to their network.
This was the same in many places. The cost of hardware and connection time limited connections, and no one had cryptography except the government and ultra nerds.
If you're a normal person, you still can't, but it definitely looks like you can by ad-supported social networks. If you have 20 million followers on Facebook, your posts aren't guaranteed to reach them, unless you pay Facebook as an advertiser. Running a web server that handles and actually gets 20 million simultaneous connections for any length of time requires you to spend/have money or not be a normal person.
there's a lot of evidence things do generally get better over time, though. Jon Haidt and his ilk... I forget all involved... have done research into it
obviously it can be bumpy and maybe there's a Great Filter or you happen to live during a bad period but life is certainly much longer and less brutal than it was for 99.9% of human history
All people affected should file a complaint with your ISP and with Oficina de Atención al Usuario de Telecomunicaciones claiming financial loss for arbitrary service censorship.
I've been filing complaints since a year ago, told others to do the same too, nothing happens. There been moments I've meant to deploy fixes to issues but I cannot, because some tooling goes offline.
I've claimed financial loss, claimed sanity loss and everything in-between, but I'm afraid unless something reaches the European/EU courts, Spain will continue to be in the pocket of the La Liga owners.
Straight up fucking censorship with wide collateral being completely accepted in a Western country in 2026, beyond comprehension how this is allowed.
Whenever I get a little down over how much power unelected corporations have in my country, I can at least cheer myself up a little by being thankful that something as stupid as football doesn't have enough power here to control whether or not I have internet access.
The problem is probably just distributed responsibility. If I lived in Spain I'd set their website as my proxy for everything that doesn't work before I filed my complaints so they could directly address each problem..
That's interesting. Do you have further reading? I've seen AFACT v iiNet, but that doesn't look to be the source of "cost of renting", just that the ISP isn't responsible for their users.
> Justice Perram discussed the idea of speculative invoicing within Australia
> Representing to a consumer that they have a liability which they do not may well be misleading and deceptive conduct within the meaning of s 18 of the Australian Consumer Law and it may be equally misleading to represent to someone that their potential liability is much higher than it could ever realistically be. There may also be something to be said for the idea that speculative invoicing might be a species of unconscionable conduct within one or other of s 21 of the Australian Consumer Law or s 12CB of the Australian Securities and Investments Commission Act 2001 (Cth).
> Further, even if speculative invoicing was deemed to be lawful within Australia, the damages that the individual may be liable to are often calculated differently to that of the United States. In Australia, damages are compensatory in nature, meaning to compensate the plaintiff for the loss suffered. One Intellectual Property Lawyer has been quoted as saying, ‘If a film costs $20, the damages would ordinarily be expected to be $20.’
If anyone who’s capable in Spain set a petition or the relevant steps and put it on HN. I’m pretty sure any Spanish resident in HN would be more than happy to take part even if it means to send a Bizum for the cause.
(Sadly as living in Spain for about a year I’m still not in such place to raise this or understand the full steps needed)
If this is done at the DNS level, run your own DNS. If not, use a VPN. Taking this to the courts is a long term solution, but in the short term you want to act on your own to evade censorship and oppression.
If it's purely DNS blocking (no IP redirection or blocking), your own recursive resolver (eg, unbound) shouldn't be affected, assuming the ISP doesn't also intercept unencrypted DNS queries. If there's also interception, encrypted DNS upstream might help (assuming they're not blocked entirely, repressive countries do this, so far not in EU)
I don't think any of them will help in Spain case though, I believe the ISP/court choose to block the IP range entirely, which hit Cloudflare customers. DNS hijinks won't solve those.
It’s football. I’m pretty sure there are a great many countries you could induce to do insane things if the populace could be made to believe that said insane things will help football.
I mean, didn’t El Salvador and Honduras go to war over football back in the 60’s? And I seem to recall there was a football match which helped precipitate the dissolution of Yugoslavia - national identities coalesced around football tribes.
these things need to be brought to an international court who would require the government to act. Otherwise nothing happens, because institutions are completely corrupt.
It takes time, money and a strong legal team, but maybe IT companies maybe can put this together?
Because the EU as a whole is quite happy to censor and generally wield the same tricks as "non-Western" countries in their desires to combat misinformation (however our EU bureaucrats define it), child abuse materials (see Chat Control that thing is not going to go away), and hatred (oh boy).
We've never guaranteed the right to free speech and because we haven't it's a slippery slope all the way back down to the furnaces of autocracy we sprang from.
The Spanish president has come out on record saying we don't deserve anonymity on the internet.
Sadly, it won't accomplish anything. La Liga seems to have enough political power in the country to bury all of that. Probably bribing everyone involved.
It would be great if there was a webpage with clear instructions on how to do this, maybe fill out a few questions and get a printable pdf you can mail, or at least telling you how to file an online complaint. Making complaints very low friction will lead to more of those and perhaps more attention to the issue.
Snail mail uses up physical space so it might get more attention, it would be hilarious to see news reports of truckloads of complaint mail being dumped in front of the whatever office.
It's Spain man. Nothing will happen, maybe they will call their buddies in La Liga to ask what's up if the complains pile up and then will ignore all of them if they are assured everything works as expected.
> there are testimonies of smart home devices like anti-theft alarms or automatic doors, that stop working whenever [...] because their backends rely on Cloudflare.
The fault here lies 100% with horribly designed IoT devices that turn into bricks when they lose internet connection.
> Every response and comment from LaLiga, the football organization responsible for this, has been so far that this is a minor issue that only affects a few bunch of nerds who talk about "docker images" or "github repositories" or "whatever that means".
Translation: go away kid, we're trying to make money here.
This is a great example of why blanket IP blocking is such a terrible enforcement mechanism. Cloudflare hosts hundreds of thousands of services behind shared IP ranges — blocking one IP to stop a piracy stream
takes out everything else on that IP, including Docker registries, API endpoints, and CDNs that have nothing to do with football.
The real fix on your end until Spain sorts this out: set up a pull-through registry cache (e.g. registry:2 with proxy.remoteurl) on a VPS outside Spain, and point your Docker daemon's mirror config at it. Your
GitLab runner pulls from the cache, the cache pulls from Docker Hub via a non-blocked IP. Also insulates you from Docker Hub rate limits.
But yeah, the fact that a court order about football streaming can break docker pull for an entire country is genuinely absurd.
Reading this from India, where stuff like this is pretty much Tuesday business. But that’s not the problem; the problem is precisely the one hour of your life spent trying to figure out whether the issue is your DNS, your VPN, your configuration, or your programming. “The government in the country I’m accessing this from just decided to shut down my IP for the next two hours” rarely crosses your mind.
India has consistently been at the top of the number of Internet blackouts anywhere in the world for years (Access Now keeps track of this through its KeepItOn project). These tend to be brief and localized, triggered by something as mundane as an exam or protest or local incident. It’s such a routine occurrence here that there’s even a reflexive response: mobile data works differently from other connectivity types, so go with that, try new DNS settings, rely on Telegram instead of WhatsApp when the latter fails you, and always have a list of mirrors.
What’s fascinating about this case is that it’s identical except for who is pressing the button LaLiga, a privately owned entity, in place of the government.
Barring an Internet giant suing them in court, it really feels like this is unlikely to change as most just don’t understand the why or the effect.
Someone needs to write a heist movie set in Spain where a key part of the plan is they steal something while La Liga is blocking some key security route.
This is the moral equivalent of shutting the water off for a whole city because one dude's house has a leak. The harms to society clearly and obviously outweigh any possible benefits to society. But if that one dude has the power to shut it all off, and doesn't care...
As a Spaniard, I would be very happy it cloudflare stops serving Spain. The situation is beyond stupid and I know without international pressure and shaming we're not getting rid of this abuse.
This is far from the first time that I see on HN indignation on LaLiga blockings. Sadly all this rage does not seem to lead to any change.
I'd like to suggest some steps that might/should be followed, which I will not pursue personally but in my defense - I do not live in Spain and not affected.
1) (first! low-effort) Somebody should create any space on the internet, where such anecdotes might shared and probably people with common goals of fixing internet access in Spain will meet. E.g. telegram group, discord channel, subreddit...
2) probably create wiki with related research: legal framework and possible actions etc
3) Raise public awareness. Create a resource/website with schedule of past and future "semi-blackouts", simple explanation of possible effects a layman may notice etc
4) Explore legal actions that might be taken. How this issue might be forced to be discussed by politicians? For instance I know that Portugal has official mechanism to put forward petitions, that will be discussed in parliament if get enough votes [1]
Space of possible demands in such petitions is vast. For instance:
- Make LaLiga compensate partly price of internet access
- Force LaLiga to include education notice in the beginning and the of translation with title like "Start of reduced internet connectivity" / "End of reduced internet connectivity"
This behavior of blocking some domains and IP ranges during LaLiga games has become a routine by now. You might also want to check these similar submissions:
As a Spaniard, this also happens to me. You can either use a VPN or just switch DNS servers to one that doesn’t have anycast nodes in Spain.
Cloudflare’s authoritative DNS uses EDNS Client Subnet (ECS) to return different IP pools based on where the query originates. Spanish resolvers get IPs from a range that La Liga blocks. If your recursive resolver is physically outside Spain (or you use DoH/DoT to tunnel to one), Cloudflare returns a different, unblocked pool.
This is inexcusable. Just because sports right holders are worried about piracy doesn’t give them license to break normal internet operations. Spain, get your act together and put your equivalent of the content cartel in the penalty box.
Hah. I have had to use a US-based VPN to access GitHub pretty much every weekend lately. La Liga's efforts to curb pirate TV streams are basically undermining the internet itself at this point.
This is also not new behaviour - Theo posted a YouTube about it nearly a year ago[1].
Very good example as to why using a single, centralised proxy globally by all services is a bad idea. Docker would never have a reason to block anything if they were simply running their own.
For everyone else, small and big, this is the weekly reminder to not use Cloudflare for user-facing access to anything.
> instado por la Liga Nacional de Fútbol Profesional y por Telefónica Audiovisual Digital,
(The trial was initiated by LaLiga and Telefonica...).
"Telefonica" is the (exclusive) distributor for the rights of streaming the matches, and is only (of course?) the main consumer (and business) Telco in Spain: they are in a game they cannot lose. This is such an abuse and no government (this, past, whichever) has done anything about it.
Maybe it’s time to reflect upon the reliance on centralized services?
Not long ago docker hub started rate limiting access and we all turned to blanket solutions like the GitLab registry cache.
I wonder if the IPFS distributed docker registry thing still exists/works.
I wasn't able to pull some images and I lost 1h trying to diagnose network problems in my setup, but it didn't occur to me that "la liga" was the root cause . My workaround was to add "registry-mirrors": ["https://mirror.gcr.io"] in my /etc/docker/daemon.json
Here in Brazil sometimes my ISP goes into a weird state where I can't SSH into a remote machune. Got two ISP links here and still sometimes I need to resort to Mullvad to get stable internet
We had a strange case in Bulgaria. There was a big event on the national stadium. Full with people. Some of the equipment for light/sound was based on modern 5G-based technologies. But because of all the people, caring their devices, the 5G network was so overwhelmed that the light/sound equipment was not able to communicate at all! Of course, they found this at the beginning of the event! :D
To overcome this, one of the organizers went to stage and asked all the audience to stop their 5Gs so that the whole network be released from the traffic.
Unfortunately, it does not make sense for the representatives to invest millions of infrastructure, just because of a single event happened. :(
Humankind is not doing well with implementing new policies. We should really strive for each new policy (like in this case - blocking access to some parts of internet during soccer games):
- Consider running policy in small scale scenario (e.g. testing blocking in small parts of Spain before whole country rollout)
- Implement channels to gather info from those who are faced with results of policy implementation (in this case: the op got webpage with description why the page is blocked - a bit of sanity! It would be better if it was served with HTTP code 451)
- Policy instructions
- When deciding on policy put a date at which policy should be reconsidered and revised using data collected during the time when it was in effect
- ... and some more I have not thought about.
Let's strive to cultivate this principles in all life areas where we can affect how new policies are implemented.
The situation every weekend is getting worse and worse. Honestly, I cannot understand how any goverment who wants freedom for its citizens can allow to block internet access to a whole country only because a private football company asks for it. I guess LaLiga is the 4th statement in Spain...
I had to Google why this happens, blocking cloudflare during football games seems.. Arbitrary, to say the least. Maybe something to do with hooligans trashing entire cities when their team loses? I could almost get behind that, if I thought it would work..
But no, it's apparently to stop piracy!? Turning off half the internet, and mostly the legitimate parts at that (since when do pirates use cloudflare?) seems like probably the worst method to go about it.
Someone ought to start streaming those games illegally without using cloudflare just to demonstrate how stupid this policy is
I'm in Spain as well and it sucks a lot. What I do now is I go thorough Cloudflare 1.1.1.1 VPN (set up on my router). Fixes the issue and there is practically no latency or bandwidth impact.
What Spain does is basically censorship and it's very poorly executed. The docker image registry is only one out of the many collateral victims of this stupid law.
The last sentence of this submission makes no sense. You are in Spain. Allegedly, the country has a representative government. That means that you should have a way to influence the government to fix this idiocy. If, in fact, you don’t, then it is not a representative government and …ahem… further steps may be warranted to remind the government whom they work for.
Probably the only even slightly relevant thread I’ll ever find for this so here goes. There is a certain visitor in the “Madrid Autonomous Community” (whatever that is) which frequently requests just my homepage, no other page on my site, over and over again.
It comes in waves, and it’s not enough to affect anything, but it’s very weird because when I did some digging by looking at the ASN there was actually only one active IP address and if I browse to it I get someone’s Synology NAS login page.
Why would someone setup their NAS to randomly keep pinging my homepage?
What's the current state of the art for VPN'ing through deep packet inspection firewalls? I have imagined building something around TLS and Websockets that connects to a popular cloud provider which is "too big to block". Of course, if they'll block Cloudflare, or all connections outside of the country, maybe _nothing_ is too big to block. I remember some solutions to this in the 2010s, like obfsproxy and shadowsocks, but are there any newer or better options?
Cloudflare could resolve this without negatively impacting fundamental services... just place all newly registered sites (e.g. <30 days) on a dedicated block of IP addresses. That way, Spain's government-ordered censorship could be limited to (mostly) pirate sites. Or they could invest money in vetting customers properly.
But of course, Cloudflare rather prefers to hold their actual large customers (who don't have much of an alternative to CF) and everyday Spaniard users hostage.
Just to confirm it is true. This is LaLiga bringing down essential country-wide infrastructure on soccer hours if your internet access is through main ISPs.
Going to play devil's advocate here but I suspect if Cloudflare had been more cooperative about taking down illegal content, LaLiga would not have resorted to blanket blocking individual IPs.
I would really like to understand more about the process that they should follow but didn't / followed but didn't satisfy them / doesn't exist, in order to remove infringing websites quickly from CloudFlare.
421 comments
Every response and comment from LaLiga, the football organization responsible for this, has been so far that this is a minor issue that only affects a few bunch of nerds who talk about "docker images" or "github repositories" or "whatever that means".
Meanwhile, there are testimonies of smart home devices like anti-theft alarms or automatic doors, that stop working whenever there is a football match, because their backends rely on Cloudflare.
Last week, a woman asked for help on social media, as the GPS tracking app she uses to see where her father with dementia is, went offline during a match. It was getting late and he still wasn't back home, and she couldn't locate the tag he was wearing to find him: https://www.infobae.com/america/agencias/2026/04/05/laliga-d...
It's hard to say this, because no one should experience an event like this, but as stressful as these are, it's the only way to make the mainstream people care about this censorship. "I cannot pull a docker image" will never be on nightly news, but safety and personal security is a more powerful driver for discourses.
> Heh, lucky you, at least you get a message. My ISP just drops traffic to the affected IPs. No ping, no traceroute, just a spinner in the browser until it says "page not found".
This is generally how the GFW works in China. Instead of an overbearing nanny like a school or corporation's DNS blocker, you're left with a sense that you're on a version of the Internet that is just intermittently and somewhat mysteriously broken.
And indeed, in China, a lot of things that probably aren't fully intended to be blocked are not reliably accessible. Implementation varies, so you get strange routing and peering issues. It feels like an Internet that isn't fully formed, that hasn't finished coming together yet.
Nation states and corporations obviously gain some things sometimes by having Internet censorship/blocking frameworks in place. Maybe, sometimes, ordinary people even benefit, too, if it helps shut down illegal and genuinely harmful businesses.
But it feels like the whole world is gradually trending towards more and more Internet censorship without realizing that we are un-building a miraculous thing that took enormous effort and cleverness and expense to build. I wish we could think about this not only in terms of freedom (and we absolutely should think about it in terms of freedom), but how we are disintegrating the infrastructure of communication and computing.
Oh boy, an excuse to share my favourite great firewall story on a visit to China. Keep in mind, this is 15 years old, so probably doesn't represent the current state of affairs. At the time, my daily news reading habit had me checking BBC and CBC (Canadian Broadcasting Corporation). The BBC site seemed to be working fine, but whenever I clicked on an article on CBC, it was blocked. A few minutes later, I went to show my wife that CBC articles were blocked, and I clicked on the same one again, and it loaded. I clicked on another: blocked. Tried it again after a few minutes and it loaded. Someone was screening the articles in real time for me. When I was done reading, I clicked on several of the weirdest headlines I could find, and after a few minutes, everything was blocked again including ones that had previously worked.
The counter-reaction to this era will include additional communication control.
> But we had successful global networks before the Internet (the PSTN, telegraph)
These were ripe with espionage, wiretapping and sabotage. Access to it used to be highly restricted as well, up until the 90s for example you were only allowed to connect government-licensed modems to the German PSTN directly.
> These were ripe with espionage, wiretapping and sabotage.
Just like today's Internet. BGP spoofing, CALEA, DDoS.
> Access to it used to be highly restricted as well ...
And this is where the regression or "downfall" is beginning. Access to the Internet (as in ability to send/receive arbitrary data to the wider Internet) is something I bet is going to be increasingly restricted, but most people won't notice because they don't understand the difference between apps and the Internet.
I'd be surprised if direct access to the Internet is possible for consumers in the next 10 years. Everything will have to be through approved apps (age assurance is going to be the catalyst) that work over registered tunnels contracted through ISPs, if there isn't an outright blurring or merger between the concepts of phone/CPE, ISP and CDN. Your non-tech layperson will not know any difference whatsoever if all they use are their phone plan, streaming/banking apps and Facebook.
This was the same in many places. The cost of hardware and connection time limited connections, and no one had cryptography except the government and ultra nerds.
obviously it can be bumpy and maybe there's a Great Filter or you happen to live during a bad period but life is certainly much longer and less brutal than it was for 99.9% of human history
> a version of the Internet that is just intermittently and somewhat mysteriously broken.
That's actually just how the Internet is. Nothing to do with the great firewall.
I've claimed financial loss, claimed sanity loss and everything in-between, but I'm afraid unless something reaches the European/EU courts, Spain will continue to be in the pocket of the La Liga owners.
Straight up fucking censorship with wide collateral being completely accepted in a Western country in 2026, beyond comprehension how this is allowed.
Here's some commentary on it:
> Justice Perram discussed the idea of speculative invoicing within Australia
> Representing to a consumer that they have a liability which they do not may well be misleading and deceptive conduct within the meaning of s 18 of the Australian Consumer Law and it may be equally misleading to represent to someone that their potential liability is much higher than it could ever realistically be. There may also be something to be said for the idea that speculative invoicing might be a species of unconscionable conduct within one or other of s 21 of the Australian Consumer Law or s 12CB of the Australian Securities and Investments Commission Act 2001 (Cth).
> Further, even if speculative invoicing was deemed to be lawful within Australia, the damages that the individual may be liable to are often calculated differently to that of the United States. In Australia, damages are compensatory in nature, meaning to compensate the plaintiff for the loss suffered. One Intellectual Property Lawyer has been quoted as saying, ‘If a film costs $20, the damages would ordinarily be expected to be $20.’
https://www.kells.com.au/insights/business/dallas-buyers-clu...
(Sadly as living in Spain for about a year I’m still not in such place to raise this or understand the full steps needed)
> run your own DNS
Can you expand on that? How would you go about running your own DNS that wouldn't be affected by football leagues?
I don't think any of them will help in Spain case though, I believe the ISP/court choose to block the IP range entirely, which hit Cloudflare customers. DNS hijinks won't solve those.
I mean, didn’t El Salvador and Honduras go to war over football back in the 60’s? And I seem to recall there was a football match which helped precipitate the dissolution of Yugoslavia - national identities coalesced around football tribes.
It takes time, money and a strong legal team, but maybe IT companies maybe can put this together?
We've never guaranteed the right to free speech and because we haven't it's a slippery slope all the way back down to the furnaces of autocracy we sprang from.
The Spanish president has come out on record saying we don't deserve anonymity on the internet.
Snail mail uses up physical space so it might get more attention, it would be hilarious to see news reports of truckloads of complaint mail being dumped in front of the whatever office.
> there are testimonies of smart home devices like anti-theft alarms or automatic doors, that stop working whenever [...] because their backends rely on Cloudflare.
The fault here lies 100% with horribly designed IoT devices that turn into bricks when they lose internet connection.
> Every response and comment from LaLiga, the football organization responsible for this, has been so far that this is a minor issue that only affects a few bunch of nerds who talk about "docker images" or "github repositories" or "whatever that means".
Translation: go away kid, we're trying to make money here.
When the La Liga match starts, everything that's proxied via CF (including zero access reverse tunnels) stops working.
There's even a website made for checking if the match is on: https://hayahora.futbol/
You can check if your host is affected: https://hayahora.futbol/#comprobador&domain=docker-images-pr...
India has consistently been at the top of the number of Internet blackouts anywhere in the world for years (Access Now keeps track of this through its KeepItOn project). These tend to be brief and localized, triggered by something as mundane as an exam or protest or local incident. It’s such a routine occurrence here that there’s even a reflexive response: mobile data works differently from other connectivity types, so go with that, try new DNS settings, rely on Telegram instead of WhatsApp when the latter fails you, and always have a list of mirrors.
What’s fascinating about this case is that it’s identical except for who is pressing the button LaLiga, a privately owned entity, in place of the government.
Someone needs to write a heist movie set in Spain where a key part of the plan is they steal something while La Liga is blocking some key security route.
I'd like to suggest some steps that might/should be followed, which I will not pursue personally but in my defense - I do not live in Spain and not affected.
1) (first! low-effort) Somebody should create any space on the internet, where such anecdotes might shared and probably people with common goals of fixing internet access in Spain will meet. E.g. telegram group, discord channel, subreddit...
2) probably create wiki with related research: legal framework and possible actions etc
3) Raise public awareness. Create a resource/website with schedule of past and future "semi-blackouts", simple explanation of possible effects a layman may notice etc
4) Explore legal actions that might be taken. How this issue might be forced to be discussed by politicians? For instance I know that Portugal has official mechanism to put forward petitions, that will be discussed in parliament if get enough votes [1]
Space of possible demands in such petitions is vast. For instance:
- Make LaLiga compensate partly price of internet access
- Force LaLiga to include education notice in the beginning and the of translation with title like "Start of reduced internet connectivity" / "End of reduced internet connectivity"
[1] https://participacao.parlamento.pt/initiatives/
My game's server is blocked in Spain whenever there's a football match on: https://news.ycombinator.com/item?id=45358433
Spain’s LaLiga has blocked access to freedom.gov: https://news.ycombinator.com/item?id=47114235
Cloudflare’s authoritative DNS uses EDNS Client Subnet (ECS) to return different IP pools based on where the query originates. Spanish resolvers get IPs from a range that La Liga blocks. If your recursive resolver is physically outside Spain (or you use DoH/DoT to tunnel to one), Cloudflare returns a different, unblocked pool.
AdGuard DNS works well for this.
This is also not new behaviour - Theo posted a YouTube about it nearly a year ago[1].
[1]: https://www.youtube.com/watch?v=1-geGEYEw7g
For everyone else, small and big, this is the weekly reminder to not use Cloudflare for user-facing access to anything.
> instado por la Liga Nacional de Fútbol Profesional y por Telefónica Audiovisual Digital,
(The trial was initiated by LaLiga and Telefonica...).
"Telefonica" is the (exclusive) distributor for the rights of streaming the matches, and is only (of course?) the main consumer (and business) Telco in Spain: they are in a game they cannot lose. This is such an abuse and no government (this, past, whichever) has done anything about it.
Unfortunately, it does not make sense for the representatives to invest millions of infrastructure, just because of a single event happened. :(
Humankind is not doing well with implementing new policies. We should really strive for each new policy (like in this case - blocking access to some parts of internet during soccer games):
- Consider running policy in small scale scenario (e.g. testing blocking in small parts of Spain before whole country rollout)
- Implement channels to gather info from those who are faced with results of policy implementation (in this case: the op got webpage with description why the page is blocked - a bit of sanity! It would be better if it was served with HTTP code 451)
- Policy instructions
- When deciding on policy put a date at which policy should be reconsidered and revised using data collected during the time when it was in effect
- ... and some more I have not thought about.
Let's strive to cultivate this principles in all life areas where we can affect how new policies are implemented.
(edit: linebreaks)
https://news.ycombinator.com/item?id=47480926
The situation every weekend is getting worse and worse. Honestly, I cannot understand how any goverment who wants freedom for its citizens can allow to block internet access to a whole country only because a private football company asks for it. I guess LaLiga is the 4th statement in Spain...
A probably will get even worse the situation with Fastly entering the equation: https://www.fastly.com/press/press-releases/fastly-and-lalig...
But no, it's apparently to stop piracy!? Turning off half the internet, and mostly the legitimate parts at that (since when do pirates use cloudflare?) seems like probably the worst method to go about it.
Someone ought to start streaming those games illegally without using cloudflare just to demonstrate how stupid this policy is
What Spain does is basically censorship and it's very poorly executed. The docker image registry is only one out of the many collateral victims of this stupid law.
Or can this be avoided by using an alternate DNS?
It comes in waves, and it’s not enough to affect anything, but it’s very weird because when I did some digging by looking at the ASN there was actually only one active IP address and if I browse to it I get someone’s Synology NAS login page.
Why would someone setup their NAS to randomly keep pinging my homepage?
I think changing your default DNS servers to Google 8.8.8.8 or Cloudflare 1.1.1.1 might bypass the spanish sunday ban on Cloudlflare.
macOS + Cloudlfare 1.1.1.1 https://developers.cloudflare.com/1.1.1.1/setup/macos/
Google 8.8.8.8 https://developers.google.com/speed/public-dns/docs/using
But of course, Cloudflare rather prefers to hold their actual large customers (who don't have much of an alternative to CF) and everyday Spaniard users hostage.
https://bandaancha.eu/articulos/telefonica-consigue-bloqueos...
I would really like to understand more about the process that they should follow but didn't / followed but didn't satisfy them / doesn't exist, in order to remove infringing websites quickly from CloudFlare.