netflix proxy/unblocker false detection
Mark Tinka
mark.tinka at seacom.com
Sat Jun 27 13:15:19 UTC 2020
On 26/Jun/20 15:48, Owen DeLong wrote:
> I can’t speak for Netflix, but the reality is that there’s really no good
> way to “fix” CGNAT other than migrating to IPv6 and eliminating it.
>
> CGNAT by its nature combines multiple subscribers behind a single address.
>
> When you make subscribers indistinguishable to the content provider, then
> any subscriber in the group committing abuse is likely to get all the
> subscribers in the group cut off. There’s no good way around that.
>
> Expecting content providers to maintain some sort of record of every
> eyeball provider’s CGNAT port mapping policy in order to do more granular
> filtering simply does not scale.
>
> So I don’t know how (or even if) Netflix will answer, but were I in their
> shoes, I’d probably answer as follows:
>
> “IPv4 is a technology which has been extended well past its
> ability to provide a good user experience. CGNAT, while it
> allows providers to try and extend the lifetime of IPv4
> ultimately provides an increasingly degraded user experience.
> We fully support IPv6. Deploying IPv6 support is the best
> path to providing an improved user experience on Netflix
> vs. CGNAT and IPv4.”
>
> Seriously, if you were Netflix, what would be the point of putting serious
> investment into attempts to solve what will become an increasingly intractable
> problem when you already have a clear solution that scales and requires
> relatively easy and inherently necessary upgrades by the eyeball ISP that
> you’ve already completed on your side?
That would be my reading of the situation, if I were Netflix.
While we don't know their true on-the-record position, for sure, I doubt
we'd be far-fetched in assuming this to be case.
Mark.
More information about the NANOG
mailing list