Netflix VPN detection - actual engineer needed

Laszlo Hanyecz laszlo at heliacal.net
Sun Jun 5 23:33:52 UTC 2016



On 2016-06-05 22:48, Damian Menscher wrote:
>
> What *is* standard about them?  My earliest training as a sysadmin taught
> me that any time you switch away from a default setting, you're venturing
> into the unknown.  Your config is no longer well-tested; you may experience
> strange errors; nobody else will have seen the same bugs.
>
> That's exactly what's happening here -- people are setting up IPv6 tunnel
> broker connections, then complaining that there are unexpected side
> effects.
>
>
Damian,

If we were talking about some device that is outputting incorrect 
packets and they are failing to work with Netflix I would agree with 
you, but in this case the packets are standard and everything works 
fine.  Netflix went out of their way to try to find a way to make it not 
work.  The users and geeks aren't just breaking stuff and expecting 
others to work around their broken setup, but this is actually what 
Netflix is doing.  All Netflix can look at is the content of the packet 
and so they're using the source address to discriminate.  It is true 
that some users might be able to work around it if they can get on an 
ISP that gives them an allowed address, but that isn't a good solution 
for an open internet.

There are a lot of non technical Netflix users who are being told to 
turn off IPv6, switch ISPs, get a new VPN, etc. because Netflix has a 
broken system.  Those users don't care what IPv6 is, they just learn 
that it's bad because it breaks Netflix.  Most users have no way to 
change these things and they just aren't going to be able to use Netflix 
anymore.  That's a very selfish way to operate, a huge step backwards, 
and it's a kick in the balls to everyone who works to make technological 
progress on the internet.   The simple truth is that Netflix is trying 
to figure out where people are located, but this is not possible to do 
reliably with current internet technology.  Instead they did something 
that is unreliable, and many customers become collateral damage through 
no fault of their own. All the breakage is on the Netflix side.

-Laszlo




More information about the NANOG mailing list