Re: Netflix VPN detection - actual engineer needed

[Mark Felder <feld () feld me>]

On Sun, Jun 5, 2016, at 17:18, Matt Freitag wrote:
> While it is damaging negative publicity it also makes sense. HE's tunnel
> service amounts to a free VPN that happens to provide IPv6. I would love
> for someone from HE to jump in and explain better how their tunnel works,
> why it's been blocked by Netflix, and what (if anything) they are doing
> to
> mitigate it.
>
> For my part, I also found that my HE tunnel no longer worked with Netflix
> because, again, it amounts to a free VPN service. I had to shut it off.
>
> However, I did discover that my ISP Charter Communications runs a 6rd
> tunnel service for their customers and enabled that on my router instead.
> Here are the settings I put in my ASUS router, taken off of a Tomato
> router
> firmware forum post:
>
> DHCP Option: Disable
> IPv6 Prefix: 2602:100::
> IPv6 Prefix Length: 32
> IPv4 Border Router: 68.114.165.1
> IPv4 Router Mask Length: 0
>
> I'm also using an MTU of 1480 and a Tunnel TTL of 255.
>
> Works great, though I imagine it'll only work for other Charter customers
> who don't care what prefix they get assigned as Charter uses prefix
> delegation to make this work.

That's funny because I tried to switch back to my Charter 6rd tunnel to
solve this and found even worse results. I stopped using Charter's 6rd
because it was terrible (latency mostly) but I was surprised to find
Netflix to be broken, not blocked. In my browser none of the static
elements load after I'm logged in. I pretty much get a black page. It's
not an MTU problem either...

Note, I'm on FreeBSD which doesn't support 6rd completely (there's an
uncommitted stf(4) driver with 6rd support by hrs@ but it was broken
last I checked). Using just a gif tunnel works but I can't contact any
IPs on 2602:100::/32, which is fine because I don't have a reason to
talk directly to any Charter 6rd tunnel users.


-- 
  Mark Felder
  feld () feld me