I’m sorry to say, Blair, that there are, in fact, many who do use HE tunnels for Geo Fence evasion. Sure, it doesn’t represent even a significant fraction of tunnel users, but they exist and they’ve been vocal, thus spoiling it for the rest of us.
Owen > On Jun 6, 2016, at 8:27 PM, Blair Trosper <blair.tros...@gmail.com> wrote: > > Right, but I think we know what Netflix is implying when they say "proxy > unblocker" or "VPN" -- they mean people are deliberately going around > GeoIP. In this case, I don't know anyone who uses TunnelBroker that way. > They're using it for V6. That is to say, everyone I know with this issue > could simply solve it by disabling IPv6 (and TunnelBroker) -- meaning > they're already in the US (or $region) -- and the IPv6 detection on the > CDN/web is what's wrong. > > I think I will go further here and say that the message sort if implies the > user is acting in bad faith, which may raise some animosity towards Netflix. > > On Mon, Jun 6, 2016 at 8:25 PM, Spencer Ryan <sr...@arbor.net> wrote: > >> The tunnelbroker service acts exactly like a VPN. It allows you, from any >> arbitrary location in the world with an IPv4 address, to bring traffic out >> via one of HE's 4 POP's, while completely masking your actual location. >> >> >> *Spencer Ryan* | Senior Systems Administrator | sr...@arbor.net >> *Arbor Networks* >> +1.734.794.5033 (d) | +1.734.846.2053 (m) >> www.arbornetworks.com >> >> On Mon, Jun 6, 2016 at 11:22 PM, Blair Trosper <blair.tros...@gmail.com> >> wrote: >> >>> It should be pointed out that -- the SPECIFIC accusation from Netflix -- >>> is >>> that people on TunnelBroker are on a VPN or proxy unblocker. >>> >>> The data does not bear that out. Hash tag just saying. >>> >>> </soapbox> >>> >>> On Mon, Jun 6, 2016 at 7:53 PM, Ricky Beam <jfb...@gmail.com> wrote: >>> >>>> On Mon, 06 Jun 2016 19:41:14 -0400, Mark Andrews <ma...@isc.org> wrote: >>>> >>>>> What lie? Truly who is lying here. Not the end user. Not HE. There >>> is >>>>> no requirement to report physical location. >>>>> >>>> >>>> The general lie that is IP Geolocation. HE only has what I tell them >>> (100% >>>> unverified), and what MaxMind (et.al.) tell them (~95% unverified.) >>> They >>>> know my IPv4 endpoint address, but that doesn't give them a concrete >>> street >>>> address -- they're guessing in exactly the same way everyone else does. >>> And >>>> more to the point, HE doesn't share that information with anyone. >>> (whois is >>>> populated with your account information. they don't ask where your >>> tunnels >>>> are going.) >>>> >>>> Are they legally required to go to this level? >>>>> >>>> >>>> Possibly, but Netflix isn't going to push this. Win or Lose, they still >>>> lose distribution rights. >>>> >>>> Netflix (and their licensees) know people are using HE tunnels to get >>>>>> around region restrictions. Their hands are tied; they have to show >>>>>> they're doing something to limit this. >>>>>> >>>>> >>>>> No, they do not know. The purpose of HE tunnels is to get IPv6 >>> service. >>>>> The fact that the endpoints are in different countries some of the time >>>>> is incidental to that. >>>>> >>>> >>>> YES. THEY. DO. There have been entire COMPANIES doing this. (which is >>>> likely what sparked this level of response.) Neither HE nor Netflix are >>>> naming names, but a short walk through the more colorful parts of the >>>> internet should be enlightening. >>>> >>>> Garbage. You have to establish the tunnel which requires registering >>>>> a account. It also requires a machine at the other end. Virtual >>>>> or physical they don't move around the world in a DDNS update. The >>>>> addresses associated with a tunnel don't change for the life of >>>>> that tunnel. >>>>> >>>> >>>> True. 'tho, you can list any nonsense address you want. They do nothing >>> to >>>> validate it. (Use my favorite BS address: Independence MT -- pop: zero. >>>> It's a dirt road across a mountain in the middle of absolutely nowhere. >>>> Google it!) >>>> >>>> The tunnel endpoint (your IPv4 address) is known only to HE, and not >>>> exposed to ANYONE. That's not going to EVER change. Once your tunnel has >>>> been setup, that address ("Client IPv4 Address") is not set in stone. >>>> People have dynamic addresses, and HE recognizes this, so there are >>>> numerous methods to change the tunnel endpoint address. (tunnel >>>> configuration page, update through an http(s) request, etc.) THUS, a >>> tunnel >>>> can move; it can be terminated anywhere, at anytime. Not only can one >>>> update the endpoint to a different address on the same box, but to a >>>> completely different box entirely. >>>> >>>> Furthermore, one account can have several tunnels through different >>>> servers that present addresses from different regions. Where I appear >>> to be >>>> in the world, thus, depends on which tunnel I have enabled. (and in >>> which >>>> countries HE has prefixes, which currently appears to be 4) >>>> >>> >> >>