wrong country for some, but not all websites

[tehesnesnpo]

Hey guys.

I recently migrated from pfsense to opnsense. A few things to relearn b/c they are done a bit different in opnsense, but for the most part a smooth transition and things are good.

My problem is this: some websites think that I am in Mexico, but my firewall and I live in California. bricklink (resale site for lego) and ali express default to Mexican pesos as the currency but switch to US dollar after I log in.

After searching a bit online, this seems to be caused the public IP address issued to me by my ISP. I checked a few of the IP address location websites, and sure enough, most report an accurate location, but a handful report locations in Mexico.

My question now becomes: this is purely on the ISP side, right? Are there any settings in opnsense that would tell some websites but not others that I am in Mexico? I searched thru the settings myself but found nothing about location other than timezone, and that is set correctly. I do not have any VPNs running, so I know its not that.

I reached out to my ISP and the level 1 tech support there seemed to think the problem was on my end, but after some debate, they elevated the ticket to the next tier of support. Those guys were more supportive, but in the could not find anything to fix.

Also, my ISP is a fiber provider. Their ONT/router is currently set to bridge mode. They wanted to set the ONT/router back to normal mode for troubleshooting. This worked, but I am pretty sure that is b/c a different public IP address was issued when the ONT/router was switched back to normal mode. As soon as the ONT/router was switched back to bridge mode again, the same public IP address as before was issued to opnsense, and the problem persisted. 

I am thinking that my ISP could issue me a different IP address that doesn't have this problem, or find a way to fix inaccuracies in the geolocation databases, or whatever. But not sure that is how this sort of thing works.

Any help/guidance you might be able to provide would be most appreciated.

[patient0]

You don't haven any influence over what website uses to determine you location. And it wouldn't matter what router OS you run.
Was it different when you were running pfSense? Did you get an IP from another range?

https://ipinfo.io and https://www.maxmind.com/en/geoip-web-services-demo are two ways (amongst) many to check our public IP.

But again that doesn't really matter, the website's IP geolocation DB is maybe outdated. Or the IP range your ISP uses is only recently allocated to your ISP.

If it's important to you, then do use a VPN to connect to some location in the US and check if it changes.

[millerwissen]

You should check both stacks. the advice from patient0 is sound a VPN will likely get you through any geolocation BS from the ISP DB but both v4 and v6 can affect your experience, and VPN you'd also need both stacks covered and configured for it to work properly.

[tehesnesnpo]

Thanks guys. This jives w/ what I understood from reading online. Also, after thinking about it a little bit more: if a setting in opnsense (or any OS for that matter) could convince the rest of the internet that your IP address was in a different country, VPNs for streaming services and the like would be unnecessary. At any rate, your comments are validating.

Out of curiosity, I fired up my old pfsense installation. I checked the logs and noticed that the IP address issued by my ISP changed about a month ago. This after staying the same as far back as the logs go. The newer IP address was in the same range as the one that opnsense gets, and has the same issue. No real surprise there. But it does hint at maybe this block of IP addresses being new for the ISP. Checking ARIN also suggests that the ISP acquired this block of IP addresses late last year. This particular ISP has been expanding in my area quite a bit over the last few years, too.

So I think it all adds up to the ISP recently acquiring this block of IP addresses, and some geolocating databases lagging behind on updating this in their databases. Its annoying but there isn't much to be done about it - just wait for folks to fix it.

I appreciate the VPN suggestion, but when I tried that out in the past, it causes other more annoying issues.