nanog mailing list archives
Re: Netflix VPN detection - actual engineer needed
From: Eric Kuhnke <eric.kuhnke () gmail com>
Date: Mon, 6 Jun 2016 12:59:37 -0700
None of this is a problem with actual network engineering, HE's tunnels work fine. It goes in the category of political/economic/contractual , not "this is a technical problem we need to solve". The problem exists with business/contractual relationship Netflix has with its content providers, which barring a miraculous data leak from a disgruntled sysadmin at Netflix, will remain completely opaque to everyone on the outside looking in. Due to the large sums of money involved, my best guess is that the recent crackdown on VPN and VPN-like tunnels is a result of major content providers staff that have been provided with greatly increased visibility into Netflix's internal processes for identifying and blocking VPNs. Undoubtedly there are dozens of pages in the contracts defining metrics for geolocation and acceptable vs unacceptable levels of "leakage" of content. On Mon, Jun 6, 2016 at 12:39 PM, Christopher Morrow <morrowc.lists () gmail com
wrote:
On Mon, Jun 6, 2016 at 3:30 PM, Aled Morris <aledm () qix co uk> wrote:Maybe HE's IPv6 tunnel packets could be flagged with a destination option (extension header field) that records the end-user's IPv4 tunnel endpoint so geolocation could be done in the "old fashioned" way on that address. Similar to the way that edns-client-subnet records the end user's address for geolocation purposes.why is this any problem at all for HE to solve? why is this any problem at all for NetFlix to solve? HE just provides transport Netflix is just complying (I suspect) with the wishes of the content owners. complain to your local content owner about this? show the content owners that this sort of restriction in a global economy is silly/counter-productive? explain that: "while I'm a Citizen of locale X, I may often travel around to A, B, C and I'd like for my NetFlix to work in all locations, since I pay good pesos for that access?" Doing any sort of 'authentication' or 'authorization' on src-IP is just .. broken.I have to say though, how many Netflix customers are using HE IPv6tunnels,really? zero percent (to two decimal places)? Aled
Current thread:
- Re: Netflix VPN detection - actual engineer needed, (continued)
- Re: Netflix VPN detection - actual engineer needed Mark Tinka (Jun 06)
- Re: Netflix VPN detection - actual engineer needed Scott Morizot (Jun 06)
- RE: Netflix VPN detection - actual engineer needed Matthew Huff (Jun 06)
- Re: Netflix VPN detection - actual engineer needed Spencer Ryan (Jun 06)
- Re: Netflix VPN detection - actual engineer needed John Peach (Jun 06)
- Re: Netflix VPN detection - actual engineer needed Mark Felder (Jun 06)
- Message not available
- Re: Netflix VPN detection - actual engineer needed Mark Felder (Jun 06)
- Re: Netflix VPN detection - actual engineer needed Aled Morris (Jun 06)
- Re: Netflix VPN detection - actual engineer needed Steven Noble (Jun 06)
- Re: Netflix VPN detection - actual engineer needed Christopher Morrow (Jun 06)
- Re: Netflix VPN detection - actual engineer needed Eric Kuhnke (Jun 06)
- Re: Netflix VPN detection - actual engineer needed Mark Andrews (Jun 06)
- Re: Netflix VPN detection - actual engineer needed Laszlo Hanyecz (Jun 06)
- Re: Netflix VPN detection - actual engineer needed Eric Kuhnke (Jun 06)
- Re: Netflix VPN detection - actual engineer needed Lyndon Nerenberg (Jun 06)
- Re: Netflix VPN detection - actual engineer needed Valdis . Kletnieks (Jun 06)
- Re: Netflix VPN detection - actual engineer needed Ricky Beam (Jun 06)
- Re: Netflix VPN detection - actual engineer needed Nikolay Shopik (Jun 07)
- Re: Netflix VPN detection - actual engineer needed Ricky Beam (Jun 06)
- Re: Netflix VPN detection - actual engineer needed Tore Anderson (Jun 06)
- Re: Netflix VPN detection - actual engineer needed Laszlo Hanyecz (Jun 06)