[189763] in North American Network Operators' Group
Re: Netflix VPN detection - actual engineer needed
daemon@ATHENA.MIT.EDU (Owen DeLong)
Mon Jun 6 14:05:56 2016
X-Original-To: nanog@nanog.org
From: Owen DeLong <owen@delong.com>
In-Reply-To: <CAOZq8-joaUUnpQJJJzXLK=gFhRY6W9mQzw_WX9hwRAYmJtdeYw@mail.gmail.com>
Date: Mon, 6 Jun 2016 10:57:23 -0700
To: Damian Menscher <menscher@gmail.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
> On Jun 5, 2016, at 16:45 , Damian Menscher <menscher@gmail.com> wrote:
>=20
> On Sun, Jun 5, 2016 at 4:33 PM, Laszlo Hanyecz <laszlo@heliacal.net =
<mailto:laszlo@heliacal.net>> wrote:
>=20
>> On 2016-06-05 22:48, Damian Menscher wrote:
>>=20
>>>=20
>>> What *is* standard about them? My earliest training as a sysadmin =
taught
>>> me that any time you switch away from a default setting, you're =
venturing
>>> into the unknown. Your config is no longer well-tested; you may
>>> experience
>>> strange errors; nobody else will have seen the same bugs.
>>>=20
>>> That's exactly what's happening here -- people are setting up IPv6 =
tunnel
>>> broker connections, then complaining that there are unexpected side
>>> effects.
>>>=20
>>=20
>> There are a lot of non technical Netflix users who are being told to =
turn
>> off IPv6, switch ISPs, get a new VPN, etc. because Netflix has a =
broken
>> system. Those users don't care what IPv6 is, they just learn that =
it's bad
>> because it breaks Netflix. Most users have no way to change these =
things
>> and they just aren't going to be able to use Netflix anymore.
>=20
>=20
> Who are these non-technical Netflix users who accidentally stumbled =
into
> having a HE tunnel broker connection without their knowledge? I =
wasn't
> aware this sort of thing could happen without user consent, and would =
like
> to know if I'm wrong. Only thing I can imagine is if ISPs are using =
HE as
> a form of CGN.
I don=E2=80=99t know if it ever actually happened or not, but I do know =
that there
were router vendors considering implementing automated Tunnel-broker =
IPv6
connectivity in instances where native IPv6 was unavailable.
All of the API hooks necessary to do so are available in Tunnel Broker.
So, it is quite possible that this has happened or will happen in the =
future.
> Another question: what benefit does one get from having a HE tunnel =
broker
> connection? Is it just geek points, or is there a practical benefit =
too?
One can reach IPv6-only content which while a tiny fraction of content =
today will,
by definition be a growing fraction of content in the future.
Owen
