[189687] in North American Network Operators' Group
Re: Netflix VPN detection - actual engineer needed
daemon@ATHENA.MIT.EDU (Owen DeLong)
Sat Jun 4 14:45:38 2016
X-Original-To: nanog@nanog.org
From: Owen DeLong <owen@delong.com>
In-Reply-To: <CAPPYGux7smmq1SshBO8Wdbb0SgG_f87jKhtByA1CSAY3nVZ6YQ@mail.gmail.com>
Date: Sat, 4 Jun 2016 11:43:29 -0700
To: Cryptographrix <cryptographrix@gmail.com>
Cc: North American Network Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
Not necessarily a bad idea, but please give everyone at least a /48.
Personally, I found that getting my own /48 was cheap enough that I =
didn=E2=80=99t worry about crowd sourcing.
Today, they are even cheaper effective 1 July than when I got mine, so =
I=E2=80=99m not sure what Matthew is on about.
3x-Small (/40 or smaller) $250 initial, $250/year with Registration =
Services plan (includes voting membership) or $100/year without.
Owen
> On Jun 3, 2016, at 18:40 , Cryptographrix <cryptographrix@gmail.com> =
wrote:
>=20
> We should crowdsource a /40 and split it up into /64's for each of us.
>=20
>=20
> On Fri, Jun 3, 2016 at 9:38 PM Matthew Kaufman <matthew@matthew.at> =
wrote:
>=20
>> If early adopter PI IPv6 was the same price as early adopter PI v4 =
space,
>> my wife would be totally on board with this solution.
>>=20
>> Matthew Kaufman
>>=20
>> (Sent from my iPhone)
>>=20
>>> On Jun 3, 2016, at 6:27 PM, Spencer Ryan <sryan@arbor.net> wrote:
>>>=20
>>> Well if you have PI space just use HE's BGP tunnel offerings.
>>>=20
>>>=20
>>> *Spencer Ryan* | Senior Systems Administrator | sryan@arbor.net
>>> *Arbor Networks*
>>> +1.734.794.5033 (d) | +1.734.846.2053 (m)
>>> www.arbornetworks.com
>>>=20
>>> On Fri, Jun 3, 2016 at 9:24 PM, Raymond Beaudoin <
>>> raymond.beaudoin@icarustech.com> wrote:
>>>=20
>>>> As an alternative, there are multiple cloud service offerings that =
will
>>>> advertise your IPv6 allocations on your behalf direct to a server =
in
>> their
>>>> data centers. It seems pretty tongue-in-cheek, and satisfying, to =
turn
>>>> up a *<insert
>>>> favorite virtual router instance> *and then route through it. The
>> Internet
>>>> is such an amazing place.
>>>>=20
>>>> On Fri, Jun 3, 2016 at 8:15 PM, Cryptographrix <
>> cryptographrix@gmail.com>
>>>> wrote:
>>>>=20
>>>>> Yeah I RAWRed to them pretty hard whilst being as understanding to =
the
>> CS
>>>>> rep that it wasn't their fault.
>>>>>=20
>>>>> They thought I was weird as anything.
>>>>>=20
>>>>> If there are any Verizon FiOS network engineers on the thread, a =
fellow
>>>>> Verizon employee would thank you kindly for an off-thread email
>> regarding
>>>>> BGP advertisement (I'll buy the IPv6 block and the =
drink-of-choice, you
>>>>> configure my account to listen for route advertisement).
>>>>>=20
>>>>> Strange that it has to come to this to get "legit" IPv6 service.
>>>>>=20
>>>>>=20
>>>>>=20
>>>>>=20
>>>>> On Fri, Jun 3, 2016 at 9:08 PM Raymond Beaudoin <
>>>>> raymond.beaudoin@icarustech.com> wrote:
>>>>>=20
>>>>>> I wasn't originally affected on my he.net tunnel, but this =
evening it
>>>>>> started blocking. The recommended ACLs are a functional temporary
>>>>>> workaround, but I've also opened a request with Netflix.
>>>>>>=20
>>>>>> On Fri, Jun 3, 2016 at 7:54 PM, Mark T. Ganzer <
>> ganzer@spawar.navy.mil>
>>>>>> wrote:
>>>>>>=20
>>>>>>> So far I am not seeing a Netflix block on my he.net tunnel yet. =
I
>>>>>> connect
>>>>>>> to the Los Angeles node, so maybe not all of HE's address space =
is
>>>> being
>>>>>>> blocked.
>>>>>>>=20
>>>>>>> Not going to be disabling IPv6 here either. + HAD native IPv6 =
from
>>>> Time
>>>>>>> Warner, but they decided to in their wisdom to disable IPv6 =
service
>>>> for
>>>>>>> anyone that has an Arris SB6183 due to an Arris firmware bug. =
And
>>>> they
>>>>>> are
>>>>>>> taking their sweet time pushing out the fixed firmware update =
that
>>>>>> Comcast
>>>>>>> and Cox seemed to be able to push to their customers last fall.
>>>>>>>=20
>>>>>>> -Mark Ganzer
>>>>>>>=20
>>>>>>>=20
>>>>>>>> On 6/3/2016 4:49 PM, Cryptographrix wrote:
>>>>>>>>=20
>>>>>>>> Depends - how many US users have native IPv6 through their =
ISPs?
>>>>>>>>=20
>>>>>>>> If I remember correctly (I can't find the source at the =
moment),
>>>> HE.net
>>>>>>>> represents something like 70% of IPv6 traffic in the US.
>>>>>>>>=20
>>>>>>>> And yeah, not doing that - actually in the middle of an IPv6 =
project
>>>> at
>>>>>>>> work at the moment that's a bit important to me.
>>>>>>>>=20
>>>>>>>>=20
>>>>>>>>=20
>>>>>>>>=20
>>>>>>>> On Fri, Jun 3, 2016 at 7:45 PM Baldur Norddahl <
>>>>>> baldur.norddahl@gmail.com
>>>>>>>> wrote:
>>>>>>>>=20
>>>>>>>> Den 4. jun. 2016 01.26 skrev "Cryptographrix" <
>>>>>> cryptographrix@gmail.com>:
>>>>>>>>>=20
>>>>>>>>>> The information I'm getting from Netflix support now is =
explicitly
>>>>>>>>> telling
>>>>>>>>>=20
>>>>>>>>>> me to turn off IPv6 - someone might want to stop them before =
they
>>>>>>>>>> completely kill US IPv6 adoption.
>>>>>>>>> Not allowing he.net tunnels is not killing ipv6. You just need
>> need
>>>>>>>>> native
>>>>>>>>> ipv6.
>>>>>>>>>=20
>>>>>>>>> On the other hand it would be nice if Netflix would try the =
other
>>>>>>>>> protocol
>>>>>>>>> before blocking.
>>>>=20
>>=20
>>=20
