[189751] in North American Network Operators' Group
Re: Netflix VPN detection - actual engineer needed
daemon@ATHENA.MIT.EDU (Nicholas Suan)
Mon Jun 6 11:51:25 2016
X-Original-To: nanog@nanog.org
In-Reply-To: <Pine.LNX.4.61.1606052240290.6833@soloth.lewis.org>
From: Nicholas Suan <nsuan@nonexiste.net>
Date: Mon, 6 Jun 2016 11:31:23 -0400
To: Jon Lewis <jlewis@lewis.org>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Sun, Jun 5, 2016 at 10:51 PM, Jon Lewis <jlewis@lewis.org> wrote:
> On Sun, 5 Jun 2016, Owen DeLong wrote:
>
>> What is non-standard about an HE tunnel? It conforms to the relevant RFC=
s
>> and
>> is a very common configuration widely deployed to many thousands of
>> locations
>> around the internet.
>>
>> It=C3=BF=C3=BFs not that Netflix happens to not work with these tunnels,=
the problem
>> is
>> that they are taking deliberate active steps to specifically block them.
>
>
> It's not a question of standard vs non-standard. If Netflix is blocking =
HE
> IPv6 space (tunnel customers), I suspect they're doing so because this is
> effectively an IPv6 VPN service that masks the end-user's real IP making
> invalid any IP-based GEO assumptions Netflix would like to make about
> customer connections in order to satisfy their content licenses.
>
Yes, it's just Netflix being super aggressive about blocking VPNs.
They're basically removing access from any sort of service that can be
used to tunnel.
