So you have your own server in the US. I would suggest Netflix is seeing that server's public IP address in the US as the origin of requests, which means you get Netflix's approval to download. I don't think the proxy vs port forwarding thing makes a difference.
The apparent difference between Hulu's CDN (Akamai) and Netflix's CDN (I dunno) is that Akamai also checks your location while Netflix's CDN doesn't. As I said, Akamai will most likely be doing geoip on your IP address, which you can only change if you go through your US server. Again, proxy vs port forwarding shouldn't make a difference, unless Akamai is also checking X-Forwarded-For. DNS fiddles won't change the apparent location of any machine. On Thu, Aug 14, 2014 at 9:44 AM, Chris Barnes <chris.p.bar...@gmail.com> wrote: > Hi Christopher, > > You're right that this Akamai hostdoesnt like my location, and you're > right that Bind and DNS *alone* arent going to resolve that. > > But the bigger part of my "fix" that I havent revealed is that I change > the ip address of hosts to point to loop-back addresses on a server in the > US, which then does a TCP redirect to the original host, and this lets me > bypass georestrictions quite nicely. > > For example: > > My computer requests secure.netflix.com > My internal DNS says that host is at 192.168.1.20 > My computer opens a TCP connection (port 80 or 443) to 192.168.1.20 > The daemon listening on 192.168.1.20 on my server in the U.S then > redirects/rewrites the connection to the hoist secure.netflix.com > > Theres no proxying involved because the requests are often over SSL and so > my machine in the middle breaks the SSL security. Its simply a TCP port > redirect. > > So that works perfectly for Netflix because any part of that service that > cares about Geolocation is in the Netflix domain. > > Hulu on the other hand, has services that are outside of the Hulu domain > that take issue with my location - a248.e.akamai.net. > > > you might be wondering why i dont just use a VPN? > > Well I dont want to tunnel all streaming traffic accross it and Netflix > doesnt require all connections to be from the U.S. Only when you browse the > Netflix catalog and when you chose a show/movie to watch does the service > check location, after that the web browser, Apple TV, other media device is > redirected to a CDN to stream the content. and that CDN doesnt care where I > am from. So I get better throughput by not tunnelling the video stream. > > > Now a hosts file would fix this problem very nicely.....but Apple TV > doesnt have a hosts that is accessible and thats where I do most my > streaming from. > > Interestingly, I can watch Hulu on my PC with my current setup with zero > problems. Its when I try on the Apple TV that it talks to > a248.e.akamai.net and throws an error that I'm outside the U.S. > > > > > On Thu, Aug 14, 2014 at 9:27 AM, Christopher Vance <cjsva...@gmail.com> > wrote: > >> From what you've written, it sounds to me as if the issue is where the >> Akamai host thinks you are. If so, then DNS and bind are totally uninvolved. >> >> Geo-location is normally done using IP addresses. You can change your IP >> address by using a proxy, in which case Akamai will understand you to be >> where the proxy is. Depending on the level of Akamai's pickiness, you might >> want configure the proxy not to report who or where it's asking on behalf >> of. >> >> >> On Thu, Aug 14, 2014 at 8:46 AM, Chris Barnes <chris.p.bar...@gmail.com> >> wrote: >> >>> Hey people, >>> >>> Got a bit of a tricky question, well it seems tricky to me. >>> >>> I want to use bind to resolve a single host address for a very large >>> zone I >>> don't own. >>> >>> The background is that I'm trying to circumvent georestrictions on TV >>> streaming site. >>> >>> I've determined that the host on the internet that has an issue with my >>> location is a248.e.akamai.net >>> >>> Now, I don't want to hijack the whole akamai.net domain on my internal >>> DNS >>> because I would be forever adding new DNS records. >>> >>> I tried creating a new master zone named a248.e.akamai.net and setting >>> an A >>> record for the root but it seemed the DNS server was ignoring it and >>> forwarding the request to upstream resolvers, resulting in the real IP >>> being returned...which is not what I want, I want it to return my chosen >>> IP >>> address. >>> >>> Does anyone know of a way I can hijack this one host address while >>> leaving >>> the rest of the domain untouched? >>> >>> -- >>> Kind Regards, >>> >>> Christopher Barnes >>> >>> e. chris.p.bar...@gmail.com >>> -- >>> SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ >>> Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html >>> >> >> >> >> -- >> Christopher Vance >> > > > > -- > Kind Regards, > > Christopher Barnes > > e. chris.p.bar...@gmail.com > -- Christopher Vance -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html