The great Netflix vpn debacle!
Bryan Holloway
bryan at shout.net
Tue Aug 31 18:16:05 UTC 2021
So I've made some progress, but not on the HBO front. (Hulu and Netflix
have been responsive so far.)
Tried the e-mail address on Mike Hammett and Co.'s handy web-page, but
got no response after several days. Ironically we were able to get
through to the "closed-captioning" department, but this isn't
particularly useful.
Does anyone have another possible contact for HBO folks to get some
prefixes unflagged as "VPN"?
To be clear, this is not a geolocate issue. At least according to the
error our users are getting.
Thanks, all!
On 8/28/21 1:51 AM, Justin Krejci wrote:
> +1 on Bryan's message.
>
>
> TL;DR
>
> It seems lots of ISPs are struggling to figure out the why and the where
> of many IP addresses or blocks that are suddenly being blacklisted or
> flagged as VPNs or as out of service area.
>
>
>
>
> I would really love to find, as Bryan said, if there is one particular
> IP reputation data provider who either got real aggressive recently or
> some (contaminated?) data was shared around. If there is I have no
> problem wading through their support processes to get it sorted but as
> it stands I just don't know who to call. It just has been very difficult
> to glean anyactionable info and of course the normal support teams at
> the respective streaming providers mostly just are telling customers to
> call their ISP.... as if every random ISP has some special backdoor
> contact to every streaming provider where we can just get problems
> resolved quickly and easily while we all have a good laugh at people
> being able to watch their preferred movies and shows.
>
>
> At least with email DNSBL filtering you usually get informed which DNSBL
> you are listed on and you can sort that out directly. In this case, the
> overall system of IP reputation based filtering seems still
> comparatively immature. The most I have gotten is after a very long
> phone call with someone at Hulu, they confirmed there is some issue
> affecting multiple networks and they are working on the issue and
> suggested I go through a whitelisting request process which may solve
> the problems but just for Hulu obviously.
>
>
> I have published and tried to register our own geofeed data as defined
> in RFC8805 with as many IP geolocation providers as possible. I have
> checked around to as many IP geolocation and IP reputations sites as I
> can find and everything is either clean/accurate or there is no query
> method open to the public for troubleshooting that I can find. This is
> just yet another example to me of immaturity on dealing with geolocation
> problems: just spinning my wheels in the dark with mud spraying
> everywhere. There does not appear to be any consistency on handling
> issues by the content providers using IP geolocation and reputation to
> filter. If the content providers want to reject client connections they
> ought to provide more actionable information in their errors messages
> for ISPs since they are all just telling the users to call their ISPs.
> It just feels like a vicious circle.
>
>
> So currently we are left with multiple video streaming providers that
> all started to flag many customers across many of our IP blocks all
> beginning earlier this month affecting customers, many of whom have been
> using the same IP address for years without issue until now. Do we try
> and decommission multiple IP subnets shuffle users over to new subnets
> and risk contaminating more subnets if this is an ongoing and
> regularly updated blacklist data set. This would further exacerbate the
> problem across yet more subnets that are getting scarcer. As a tangent,
> I am curious to see how IP geolocation and reputation systems are
> handling IPv6, I suppose they are just grouping larger and larger
> networks together into the same listings.
>
>
> Someone who knows something concrete about this current issue, please
> throw us ISPs a bone.
>
>
> With this email I feel like Leia recording a video plea for help
> addressed to Obi-Wan Kenobi.... help me Nanog Community... you're my
> only hope.
>
>
>
>
>
> ------------------------------------------------------------------------
> *From:* NANOG <nanog-bounces+jkrejci=usinternet.com at nanog.org> on behalf
> of Bryan Holloway <bryan at shout.net>
> *Sent:* Friday, August 27, 2021 4:56 PM
> *To:* Mike Hammett; John Alcock
> *Cc:* nanog at nanog.org
> *Subject:* Re: The great Netflix vpn debacle!
> Is there some new DB that major CDNs are using?
>
> We've been getting several reports of prefixes of ours being blocked,
> claiming to be VPNs, even though we've been using those subnets without
> incident for years.
>
> HBO, Netflix, and Hulu appear to be common denominators. I have to
> wonder if they're all siphoning misinformation off of some new DB
> somewhere ...
>
>
> On 8/14/21 1:45 AM, Mike Hammett wrote:
>> https://thebrotherswisp.com/index.php/geo-and-vpn/
> <https://thebrotherswisp.com/index.php/geo-and-vpn/>
>>
>>
>>
>> -----
>> Mike Hammett
>> Intelligent Computing Solutions <http://www.ics-il.com/ <http://www.ics-il.com/>>
>> <*MailScanner has detected a possible fraud attempt from
> "www.facebook.com" claiming to be*
> https://www.facebook.com/ICSIL><https://plus.google.com/+IntelligentComputingSolutionsDeKalb><https://www.linkedin.com/company/intelligent-computing-solutions><https://twitter.com/ICSIL
> <https://www.facebook.com/ICSIL><https://plus.google.com/+IntelligentComputingSolutionsDeKalb><https://www.linkedin.com/company/intelligent-computing-solutions><https://twitter.com/ICSIL>>
>> Midwest Internet Exchange <http://www.midwest-ix.com/ <http://www.midwest-ix.com/>>
>> <*MailScanner has detected a possible fraud attempt from
> "www.facebook.com" claiming to be*
> https://www.facebook.com/mdwestix><https://www.linkedin.com/company/midwest-internet-exchange><https://twitter.com/mdwestix
> <https://www.facebook.com/mdwestix><https://www.linkedin.com/company/midwest-internet-exchange><https://twitter.com/mdwestix>>
>> The Brothers WISP <http://www.thebrotherswisp.com/ <http://www.thebrotherswisp.com/>>
>> <https://www.facebook.com/thebrotherswisp><https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg
> <https://www.facebook.com/thebrotherswisp><https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>>
>> ------------------------------------------------------------------------
>> *From: *"John Alcock" <john at alcock.org>
>> *To: *nanog at nanog.org
>> *Sent: *Friday, August 13, 2021 2:11:16 PM
>> *Subject: *The great Netflix vpn debacle!
>>
>> Well,
>>
>> It happened. I have multiple subscribers calling in. They can not access
>> Netflix.
>>
>> Any contacts on list for Netflix that I can use to get my up blocks
>> whitelisted?
>>
>> John
>>
More information about the NANOG
mailing list