Netflix VPN detection - actual engineer needed

Sat Jun 4 02:18:30 UTC 2016

Typically, yes.
On Jun 3, 2016 10:15 PM, "Mansoor Nathani" <mnathani.lists at gmail.com> wrote:

> The smallest IPv6 prefix for advertising on the Internet via BGP is a /48,
> isn't it?
>
> On Fri, Jun 3, 2016 at 10:11 PM, Cryptographrix <cryptographrix at gmail.com>
> wrote:
>
> > Nope - You'd have the /56 and only people within your /56 (or /64 if you
> > sliced it up nicely) would be able to do things with it routed by your
> ISP.
> >
> > Of course this means we'll have to get our ISPs to listen for our BGP
> > advertisement...
> >
> >
> > On Fri, Jun 3, 2016 at 10:09 PM Mansoor Nathani <
> mnathani.lists at gmail.com>
> > wrote:
> >
> >> Wouldn't the /56 get blocked as soon as Netflix detects multiple
> accounts
> >> logging in from the same IPv6 range?
> >>
> >> On Fri, Jun 3, 2016 at 9:49 PM, Cryptographrix <
> cryptographrix at gmail.com>
> >> wrote:
> >>
> >>> This is a good idea. We should do this.
> >>>
> >>>
> >>>
> >>> On Fri, Jun 3, 2016 at 9:48 PM Raymond Beaudoin <
> >>> raymond.beaudoin at icarustech.com> wrote:
> >>>
> >>> > Make it a /56 each and you've got a deal. Hell, I'll throw in a round
> >>> of
> >>> > drinks.
> >>> >
> >>> > On Fri, Jun 3, 2016 at 8:40 PM, Cryptographrix <
> >>> cryptographrix at gmail.com>
> >>> > wrote:
> >>> >
> >>> >> We should crowdsource a /40 and split it up into /64's for each of
> us.
> >>> >>
> >>> >>
> >>> >> On Fri, Jun 3, 2016 at 9:38 PM Matthew Kaufman <matthew at matthew.at>
> >>> >> wrote:
> >>> >>
> >>> >> > If early adopter PI IPv6 was the same price as early adopter PI v4
> >>> >> space,
> >>> >> > my wife would be totally on board with this solution.
> >>> >> >
> >>> >> > Matthew Kaufman
> >>> >> >
> >>> >> > (Sent from my iPhone)
> >>> >> >
> >>> >> > > On Jun 3, 2016, at 6:27 PM, Spencer Ryan <sryan at arbor.net>
> wrote:
> >>> >> > >
> >>> >> > > Well if you have PI space just use HE's BGP tunnel offerings.
> >>> >> > >
> >>> >> > >
> >>> >> > > *Spencer Ryan* | Senior Systems Administrator | sryan at arbor.net
> >>> >> > > *Arbor Networks*
> >>> >> > > +1.734.794.5033 (d) | +1.734.846.2053 (m)
> >>> >> > > www.arbornetworks.com
> >>> >> > >
> >>> >> > > On Fri, Jun 3, 2016 at 9:24 PM, Raymond Beaudoin <
> >>> >> > > raymond.beaudoin at icarustech.com> wrote:
> >>> >> > >
> >>> >> > >> As an alternative, there are multiple cloud service offerings
> >>> that
> >>> >> will
> >>> >> > >> advertise your IPv6 allocations on your behalf direct to a
> >>> server in
> >>> >> > their
> >>> >> > >> data centers. It seems pretty tongue-in-cheek, and satisfying,
> to
> >>> >> turn
> >>> >> > >> up a *<insert
> >>> >> > >> favorite virtual router instance> *and then route through it.
> The
> >>> >> > Internet
> >>> >> > >> is such an amazing place.
> >>> >> > >>
> >>> >> > >> On Fri, Jun 3, 2016 at 8:15 PM, Cryptographrix <
> >>> >> > cryptographrix at gmail.com>
> >>> >> > >> wrote:
> >>> >> > >>
> >>> >> > >>> Yeah I RAWRed to them pretty hard whilst being as
> understanding
> >>> to
> >>> >> the
> >>> >> > CS
> >>> >> > >>> rep that it wasn't their fault.
> >>> >> > >>>
> >>> >> > >>> They thought I was weird as anything.
> >>> >> > >>>
> >>> >> > >>> If there are any Verizon FiOS network engineers on the
> thread, a
> >>> >> fellow
> >>> >> > >>> Verizon employee would thank you kindly for an off-thread
> email
> >>> >> > regarding
> >>> >> > >>> BGP advertisement (I'll buy the IPv6 block and the
> >>> drink-of-choice,
> >>> >> you
> >>> >> > >>> configure my account to listen for route advertisement).
> >>> >> > >>>
> >>> >> > >>> Strange that it has to come to this to get "legit" IPv6
> service.
> >>> >> > >>>
> >>> >> > >>>
> >>> >> > >>>
> >>> >> > >>>
> >>> >> > >>> On Fri, Jun 3, 2016 at 9:08 PM Raymond Beaudoin <
> >>> >> > >>> raymond.beaudoin at icarustech.com> wrote:
> >>> >> > >>>
> >>> >> > >>>> I wasn't originally affected on my he.net tunnel, but this
> >>> >> evening it
> >>> >> > >>>> started blocking. The recommended ACLs are a functional
> >>> temporary
> >>> >> > >>>> workaround, but I've also opened a request with Netflix.
> >>> >> > >>>>
> >>> >> > >>>> On Fri, Jun 3, 2016 at 7:54 PM, Mark T. Ganzer <
> >>> >> > ganzer at spawar.navy.mil>
> >>> >> > >>>> wrote:
> >>> >> > >>>>
> >>> >> > >>>>> So far I am not seeing a Netflix block on my he.net tunnel
> >>> yet. I
> >>> >> > >>>> connect
> >>> >> > >>>>> to the Los Angeles node, so maybe not all of HE's address
> >>> space is
> >>> >> > >> being
> >>> >> > >>>>> blocked.
> >>> >> > >>>>>
> >>> >> > >>>>> Not going to be disabling IPv6 here either. + HAD native
> IPv6
> >>> from
> >>> >> > >> Time
> >>> >> > >>>>> Warner, but they decided to in their wisdom to disable IPv6
> >>> >> service
> >>> >> > >> for
> >>> >> > >>>>> anyone that has an Arris SB6183 due to an Arris firmware
> >>> bug.  And
> >>> >> > >> they
> >>> >> > >>>> are
> >>> >> > >>>>> taking their sweet time pushing out the fixed firmware
> update
> >>> that
> >>> >> > >>>> Comcast
> >>> >> > >>>>> and Cox seemed to be able to push to their customers last
> >>> fall.
> >>> >> > >>>>>
> >>> >> > >>>>> -Mark Ganzer
> >>> >> > >>>>>
> >>> >> > >>>>>
> >>> >> > >>>>>> On 6/3/2016 4:49 PM, Cryptographrix wrote:
> >>> >> > >>>>>>
> >>> >> > >>>>>> Depends - how many US users have native IPv6 through their
> >>> ISPs?
> >>> >> > >>>>>>
> >>> >> > >>>>>> If I remember correctly (I can't find the source at the
> >>> moment),
> >>> >> > >> HE.net
> >>> >> > >>>>>> represents something like 70% of IPv6 traffic in the US.
> >>> >> > >>>>>>
> >>> >> > >>>>>> And yeah, not doing that - actually in the middle of an
> IPv6
> >>> >> project
> >>> >> > >> at
> >>> >> > >>>>>> work at the moment that's a bit important to me.
> >>> >> > >>>>>>
> >>> >> > >>>>>>
> >>> >> > >>>>>>
> >>> >> > >>>>>>
> >>> >> > >>>>>> On Fri, Jun 3, 2016 at 7:45 PM Baldur Norddahl <
> >>> >> > >>>> baldur.norddahl at gmail.com
> >>> >> > >>>>>> wrote:
> >>> >> > >>>>>>
> >>> >> > >>>>>> Den 4. jun. 2016 01.26 skrev "Cryptographrix" <
> >>> >> > >>>> cryptographrix at gmail.com>:
> >>> >> > >>>>>>>
> >>> >> > >>>>>>>> The information I'm getting from Netflix support now is
> >>> >> explicitly
> >>> >> > >>>>>>> telling
> >>> >> > >>>>>>>
> >>> >> > >>>>>>>> me to turn off IPv6 - someone might want to stop them
> >>> before
> >>> >> they
> >>> >> > >>>>>>>> completely kill US IPv6 adoption.
> >>> >> > >>>>>>> Not allowing he.net tunnels is not killing ipv6. You just
> >>> need
> >>> >> > need
> >>> >> > >>>>>>> native
> >>> >> > >>>>>>> ipv6.
> >>> >> > >>>>>>>
> >>> >> > >>>>>>> On the other hand it would be nice if Netflix would try
> the
> >>> >> other
> >>> >> > >>>>>>> protocol
> >>> >> > >>>>>>> before blocking.
> >>> >> > >>
> >>> >> >
> >>> >> >
> >>> >>
> >>> >
> >>> >
> >>>
> >>
> >>
>