[189619] in North American Network Operators' Group
Re: Netflix VPN detection - actual engineer needed
daemon@ATHENA.MIT.EDU (Blair Trosper)
Fri Jun 3 17:02:36 2016
X-Original-To: nanog@nanog.org
In-Reply-To: <CA+HzidSYcBXww3m+5dvfhMf3DsXZjZ=-Q+HiXP+NPEXtc1xjJg@mail.gmail.com>
From: Blair Trosper <blair.trosper@gmail.com>
Date: Fri, 3 Jun 2016 13:59:58 -0700
To: Spencer Ryan <sryan@arbor.net>
Cc: North American Network Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
I dunno. I could argue that I could -- to extend that idea -- let
literally ANYONE tunnel through my Comcast Business connection to appear to
be in the Bay Area. How's that fundamentally different than a service like
TunnelBroker apart from economies of scale?
More than a few people I know are ready to dump Netflix for this.
Fortunately, where I live, Comcast Business has native dual stack...
On Fri, Jun 3, 2016 at 1:05 PM, Spencer Ryan <sryan@arbor.net> wrote:
> There is no way for Netflix to know the difference between you being in NY
> and using the tunnel, and you living in Hong Kong and using the tunnel.
>
>
> *Spencer Ryan* | Senior Systems Administrator | sryan@arbor.net
> *Arbor Networks*
> +1.734.794.5033 (d) | +1.734.846.2053 (m)
> www.arbornetworks.com
>
> On Fri, Jun 3, 2016 at 4:03 PM, Cryptographrix <cryptographrix@gmail.com>
> wrote:
>
>> Same, but until there's a real IPv6 presence in the US, it's really
>> annoying that they haven't come up with some fix for this.
>>
>> I have no plans to turn off IPv6 at home - I actually have many uses for
>> it, and as much as I dislike the controversy around it, think that adoption
>> needs to be prioritized, not penalized.
>>
>> Additionally, I think that discussing content provider control over
>> regional decisions isn't productive to the conversation, as they didn't
>> build the banhammer (wouldn't you want to control your own content if you
>> had made content specific to regional laws etc?).
>>
>> I.e. - not all shows need to have regional restrictions between New York
>> (where I live) and California (where my IPv6 /64 says I live).
>>
>> I'm able to watch House in the any state in the U.S.? Great - ignore my
>> intra-US proxy connection.
>>
>> My Netflix account randomly tries to connect from Tokyo because I forgot
>> to shut off my work VPN? Fine....let me know and I'll turn *that* off.
>>
>>
>>
>>
>>
>>
>> On Fri, Jun 3, 2016 at 3:49 PM Spencer Ryan <sryan@arbor.net> wrote:
>>
>>> I don't blame them for blocking a (effectively) anonymous tunnel broker.
>>> I'm sure their content providers are forcing their hand.
>>> On Jun 3, 2016 3:46 PM, "Cryptographrix" <cryptographrix@gmail.com>
>>> wrote:
>>>
>>>> Netflix needs to figure out a fix for this until ISPs actually provide
>>>> IPv6
>>>> natively.
>>>>
>>>>
>>>>
>>>> On Fri, Jun 3, 2016 at 3:13 PM Blair Trosper <blair.trosper@gmail.com>
>>>> wrote:
>>>>
>>>> > Confirmed that Hurricane Electric's TunnelBroker is now blocked by
>>>> > Netflix. Anyone nice people from Netflix perhaps want to take a
>>>> crack at
>>>> > this?
>>>> >
>>>> >
>>>> >
>>>> > On Thu, Jun 2, 2016 at 2:15 PM, <mike.hyde1@gmail.com> wrote:
>>>> >
>>>> > > Had the same problem at my house, but it was caused by the IPv6
>>>> > connection
>>>> > > to HE. Turned of V6 and the device worked.
>>>> > >
>>>> > >
>>>> > > --
>>>> > >
>>>> > > Sent with Airmail
>>>> > >
>>>> > > On June 1, 2016 at 10:29:03 PM, Matthew Kaufman (matthew@matthew.at
>>>> )
>>>> > > wrote:
>>>> > >
>>>> > > Every device in my house is blocked from Netflix this evening due to
>>>> > > their new "VPN blocker". My house is on my own IP space, and the
>>>> outside
>>>> > > of the NAT that the family devices are on is 198.202.199.254,
>>>> announced
>>>> > > by AS 11994. A simple ping from Netflix HQ in Los Gatos to my house
>>>> > > should show that I'm no farther away than Santa Cruz, CA as
>>>> microwaves
>>>> > > fly.
>>>> > >
>>>> > > Unfortunately, when one calls Netflix support to talk about this,
>>>> the
>>>> > > only response is to say "call your ISP and have them turn off the
>>>> VPN
>>>> > > software they've added to your account". And they absolutely refuse
>>>> to
>>>> > > escalate. Even if you tell them that you are essentially your own
>>>> ISP.
>>>> > >
>>>> > > So... where's the Netflix network engineer on the list who all of
>>>> us can
>>>> > > send these issues to directly?
>>>> > >
>>>> > > Matthew Kaufman
>>>> > >
>>>> >
>>>>
>>>
>
