We suck at error reporting to the user. One of the legacy curses of UNIX is trying to encode all error info in "errno". Then came HTTP, which most languages try to treat as something like a file access. When there's some complex problem at the remote end, the error presented to the user has often been hammered down to some errno value that's vaguely appropriate.
This came up recently on HN in connection with GoGo WiFi on airliners, using satellite links. GoGo doesn't have the satellite bandwidth to let users view streaming video, so they block YouTube and some other sites. The problem is telling the user what's going on. They used an awful hack involving a self-signed fake SSL certificate for YouTube to try to get a coherent message to the user.
According to the IP standard, they should send back an ICMP Destination Unreachable message with a code 13, "Communication administratively prohibited". Most IP/TCP/HTTP/browser stacks won't get that info all the way up to the end user, especially the "Communication administratively prohibited" part. Even if the error code made it to the user, many customers would not interpret "Communication administratively prohibited" as "No, you can't watch Youtube because you're on an airplane and we don't have the bandwidth for that".
On a somewhat irrelevant note, GoGo doesn't use satellite uplink. It uses terrestrial GSM links which are basically cell towers with antennas angled towards the sky.
These are obviously only available mostly during US domestic flights. For international flights, the in-flight internet is provided through satellite uplink but GoGo doesn't provide this service.
> According to the IP standard, they should send back an ICMP Destination Unreachable message with a code 13, "Communication administratively prohibited".
Agreed. However, I've discovered that even folks who really should know better don't know what to do with anything other that port-unreachable:
In the past, I tried setting my ip[6]tables REJECT targets to send back admin-prohibit. For... reasons[0], I was REJECTing IPv6 traffic to Google's networks. I discovered that YouTube on a Nexus device running Android Jellybean would not fail over to IPv4 but would, instead, sit and spin for multiple minutes before reporting a fatal connection failure.
[0] At the time I had a IPv6 tunnel that (for some reason) transferred packets destined for Google very, very slowly.
This came up recently on HN in connection with GoGo WiFi on airliners, using satellite links. GoGo doesn't have the satellite bandwidth to let users view streaming video, so they block YouTube and some other sites. The problem is telling the user what's going on. They used an awful hack involving a self-signed fake SSL certificate for YouTube to try to get a coherent message to the user.
According to the IP standard, they should send back an ICMP Destination Unreachable message with a code 13, "Communication administratively prohibited". Most IP/TCP/HTTP/browser stacks won't get that info all the way up to the end user, especially the "Communication administratively prohibited" part. Even if the error code made it to the user, many customers would not interpret "Communication administratively prohibited" as "No, you can't watch Youtube because you're on an airplane and we don't have the bandwidth for that".