Re: [Bloat] OT: Netflix vs 6in4 from HE.net
I love knowing smart people. Yes, it does appear to be Netflix geo-fencing their services. Given that I only watch Netflix on one computer, I am taking Sebastian's advice and turning off IPv6 DNS queries in Firefox. Thanks again for these responses. Rich > On Mar 21, 2020, at 6:14 PM, Sebastian Moeller wrote: > > Hi Rich, > > since it seems to be IPv6 related, why not use firefox for netflix and > disable IPv6 in firefox (see > https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can#w_ipv6) > maybe that works well enough? > > Best Regards > Sebastian > > > > >> On Mar 21, 2020, at 21:20, Rich Brown wrote: >> >> to Bloat & CeroWrt folks: This is a little OT for either of these lists, but >> I figured there are plenty of experts here, and I would be delighted to get >> your thoughts. >> >> I just tried to view a Netflix movie and got a F7111-5059 error message. >> This prevented the video from playing. (As recently as a month or two ago, >> it worked fine.) >> >> Googling the error message gets to this page >> https://help.netflix.com/en/node/54085 that singles out use of an IPv6 Proxy >> Tunnel. >> >> Sure enough, I'm have a 6in4 tunnel through Hurricane Electric on WAN6. >> Stopping that WAN6 interface caused Netflix to work. >> >> What advice could you offer? (I could, of course, turn off WAN6 to watch >> movies. But that's a drag, and other family members couldn't do this.) Many >> thanks. >> >> Rich >> ___ >> Bloat mailing list >> Bloat@lists.bufferbloat.net >> https://lists.bufferbloat.net/listinfo/bloat > ___ Bloat mailing list Bloat@lists.bufferbloat.net https://lists.bufferbloat.net/listinfo/bloat
Re: [Bloat] [Cerowrt-devel] OT: Netflix vs 6in4 from HE.net
Per the url I posted earlier you can stick something like this into /etc/firewall.user ip -6 route add blackhole 2406:da00:ff00::/96 # AWS ip -6 route add blackhole 2607:FB10::/32 ip -6 route add blackhole 2620:0:ef0::/48 ip -6 route add blackhole 2a00:86c0::/32 I actually used "unreach" and put it in /etc/config/networks config 'route6' 'killnetflix61' option 'interface' 'lan' option 'target' '2406:da00:ff00::/96' option 'type' 'unreachable' option 'proto' '50' ... etc... I then used the proto 50 bit (requires ip-full), to make babel pick it up with a redistribute proto 50 line. (I use this also to propigate /22s around for ipv4) Neither approach is something "joe user" will be able to do. But it turned out to be essentially just as much work to just propigate my native /60s to the entire campus network statically and try to work out what new security holes I'd introduced. I have 22 APs to renumber if I get renumbered, and a few dns entries. On Sat, Mar 21, 2020 at 3:14 PM Sebastian Moeller wrote: > > Hi Rich, > > since it seems to be IPv6 related, why not use firefox for netflix and > disable IPv6 in firefox (see > https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can#w_ipv6) > maybe that works well enough? > > Best Regards > Sebastian > > > > > > On Mar 21, 2020, at 21:20, Rich Brown wrote: > > > > to Bloat & CeroWrt folks: This is a little OT for either of these lists, > > but I figured there are plenty of experts here, and I would be delighted to > > get your thoughts. > > > > I just tried to view a Netflix movie and got a F7111-5059 error message. > > This prevented the video from playing. (As recently as a month or two ago, > > it worked fine.) > > > > Googling the error message gets to this page > > https://help.netflix.com/en/node/54085 that singles out use of an IPv6 > > Proxy Tunnel. > > > > Sure enough, I'm have a 6in4 tunnel through Hurricane Electric on WAN6. > > Stopping that WAN6 interface caused Netflix to work. > > > > What advice could you offer? (I could, of course, turn off WAN6 to watch > > movies. But that's a drag, and other family members couldn't do this.) Many > > thanks. > > > > Rich > > ___ > > Bloat mailing list > > Bloat@lists.bufferbloat.net > > https://lists.bufferbloat.net/listinfo/bloat > > ___ > Cerowrt-devel mailing list > cerowrt-de...@lists.bufferbloat.net > https://lists.bufferbloat.net/listinfo/cerowrt-devel -- Make Music, Not War Dave Täht CTO, TekLibre, LLC http://www.teklibre.com Tel: 1-831-435-0729 ___ Bloat mailing list Bloat@lists.bufferbloat.net https://lists.bufferbloat.net/listinfo/bloat
Re: [Bloat] OT: Netflix vs 6in4 from HE.net
Hi Rich, since it seems to be IPv6 related, why not use firefox for netflix and disable IPv6 in firefox (see https://support.mozilla.org/en-US/kb/firefox-cant-load-websites-other-browsers-can#w_ipv6) maybe that works well enough? Best Regards Sebastian > On Mar 21, 2020, at 21:20, Rich Brown wrote: > > to Bloat & CeroWrt folks: This is a little OT for either of these lists, but > I figured there are plenty of experts here, and I would be delighted to get > your thoughts. > > I just tried to view a Netflix movie and got a F7111-5059 error message. This > prevented the video from playing. (As recently as a month or two ago, it > worked fine.) > > Googling the error message gets to this page > https://help.netflix.com/en/node/54085 that singles out use of an IPv6 Proxy > Tunnel. > > Sure enough, I'm have a 6in4 tunnel through Hurricane Electric on WAN6. > Stopping that WAN6 interface caused Netflix to work. > > What advice could you offer? (I could, of course, turn off WAN6 to watch > movies. But that's a drag, and other family members couldn't do this.) Many > thanks. > > Rich > ___ > Bloat mailing list > Bloat@lists.bufferbloat.net > https://lists.bufferbloat.net/listinfo/bloat ___ Bloat mailing list Bloat@lists.bufferbloat.net https://lists.bufferbloat.net/listinfo/bloat
Re: [Bloat] [Cerowrt-devel] OT: Netflix vs 6in4 from HE.net
Rich Brown wrote: > to Bloat & CeroWrt folks: This is a little OT for either of these > lists, but I figured there are plenty of experts here, and I would be > delighted to get your thoughts. > I just tried to view a Netflix movie and got a F7111-5059 error > message. This prevented the video from playing. (As recently as a month > or two ago, it worked fine.) > Googling the error message gets to this page > https://help.netflix.com/en/node/54085 that singles out use of an IPv6 > Proxy Tunnel. I suspect it's part of a geo-fencing system. > Sure enough, I'm have a 6in4 tunnel through Hurricane Electric on > WAN6. Stopping that WAN6 interface caused Netflix to work. > What advice could you offer? (I could, of course, turn off WAN6 to > watch movies. But that's a drag, and other family members couldn't do > this.) Many thanks. If your only IPv6 is via the tunnel, then I'd blacklist the netflix device from getting IPv6. (Maybe that fails because it's your general purpose laptop) Maybe you would be able to determine what IPv6 destinations are netflix, and blacklist that, but given that it usually uses a stack of EC2, etc. servers, that might be too big a gun. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works|IoT architect [ ] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[ signature.asc Description: PGP signature ___ Bloat mailing list Bloat@lists.bufferbloat.net https://lists.bufferbloat.net/listinfo/bloat
Re: [Bloat] [Cerowrt-devel] OT: Netflix vs 6in4 from HE.net
On Sat, Mar 21, 2020 at 1:20 PM Rich Brown wrote: > > to Bloat & CeroWrt folks: This is a little OT for either of these lists, but > I figured there are plenty of experts here, and I would be delighted to get > your thoughts. > > I just tried to view a Netflix movie and got a F7111-5059 error message. This > prevented the video from playing. (As recently as a month or two ago, it > worked fine.) > > Googling the error message gets to this page > https://help.netflix.com/en/node/54085 that singles out use of an IPv6 Proxy > Tunnel. > > Sure enough, I'm have a 6in4 tunnel through Hurricane Electric on WAN6. > Stopping that WAN6 interface caused Netflix to work. > > What advice could you offer? (I could, of course, turn off WAN6 to watch > movies. But that's a drag, and other family members couldn't do this.) Many > thanks. This happened to me over a year back. http://www.peachyphotos.com/blog/posts/netflix-and-hurricane-electrics-ipv6-service/ Briefly I swtched to just blackholing netflix's ipv6 range, then I tunnled my linode connection, then I switched to just universally using comcast native ipv6 (with source specific routing and static assignments on the key routers). I was VERY reluctant to do this as comcast reserves the right to change your ipv6 addressing at any point, and it changes if you change routers, but having to manually reconfigure a dozen routers and several servers if it ever changes seemed easiest. I dread renumbering... The vast majority of my traffic in the evenings is ipv6 now. > Rich > ___ > Cerowrt-devel mailing list > cerowrt-de...@lists.bufferbloat.net > https://lists.bufferbloat.net/listinfo/cerowrt-devel -- Make Music, Not War Dave Täht CTO, TekLibre, LLC http://www.teklibre.com Tel: 1-831-435-0729 ___ Bloat mailing list Bloat@lists.bufferbloat.net https://lists.bufferbloat.net/listinfo/bloat
[Bloat] OT: Netflix vs 6in4 from HE.net
to Bloat & CeroWrt folks: This is a little OT for either of these lists, but I figured there are plenty of experts here, and I would be delighted to get your thoughts. I just tried to view a Netflix movie and got a F7111-5059 error message. This prevented the video from playing. (As recently as a month or two ago, it worked fine.) Googling the error message gets to this page https://help.netflix.com/en/node/54085 that singles out use of an IPv6 Proxy Tunnel. Sure enough, I'm have a 6in4 tunnel through Hurricane Electric on WAN6. Stopping that WAN6 interface caused Netflix to work. What advice could you offer? (I could, of course, turn off WAN6 to watch movies. But that's a drag, and other family members couldn't do this.) Many thanks. Rich ___ Bloat mailing list Bloat@lists.bufferbloat.net https://lists.bufferbloat.net/listinfo/bloat
