Re: Netflix VPN detection - actual engineer needed

[Owen DeLong <owen () delong com>]

Not necessarily a bad idea, but please give everyone at least a /48.

Personally, I found that getting my own /48 was cheap enough that I didn’t worry about crowd sourcing.

Today, they are even cheaper effective 1 July than when I got mine, so I’m not sure what Matthew is on about.

3x-Small (/40 or smaller) $250 initial, $250/year with Registration Services plan (includes voting membership) or 
$100/year without.

Owen


> On Jun 3, 2016, at 18:40 , Cryptographrix <cryptographrix () gmail com> wrote:
>
> We should crowdsource a /40 and split it up into /64's for each of us.
>
>
> On Fri, Jun 3, 2016 at 9:38 PM Matthew Kaufman <matthew () matthew at> wrote:
>
> > If early adopter PI IPv6 was the same price as early adopter PI v4 space,
> > my wife would be totally on board with this solution.
> >
> > Matthew Kaufman
> >
> > (Sent from my iPhone)
> >
> > > On Jun 3, 2016, at 6:27 PM, Spencer Ryan <sryan () arbor net> wrote:
> > >
> > > Well if you have PI space just use HE's BGP tunnel offerings.
> > >
> > >
> > > *Spencer Ryan* | Senior Systems Administrator | sryan () arbor net
> > > *Arbor Networks*
> > > +1.734.794.5033 (d) | +1.734.846.2053 (m)
> > > www.arbornetworks.com
> > >
> > > On Fri, Jun 3, 2016 at 9:24 PM, Raymond Beaudoin <
> > > raymond.beaudoin () icarustech com> wrote:
> > >
> > > > As an alternative, there are multiple cloud service offerings that will
> > > > advertise your IPv6 allocations on your behalf direct to a server in
> > their
> > > > data centers. It seems pretty tongue-in-cheek, and satisfying, to turn
> > > > up a *<insert
> > > > favorite virtual router instance> *and then route through it. The
> > Internet
> > > > is such an amazing place.
> > > >
> > > > On Fri, Jun 3, 2016 at 8:15 PM, Cryptographrix <
> > cryptographrix () gmail com>
> > > > wrote:
> > > >
> > > > > Yeah I RAWRed to them pretty hard whilst being as understanding to the
> > CS
> > > > > rep that it wasn't their fault.
> > > > >
> > > > > They thought I was weird as anything.
> > > > >
> > > > > If there are any Verizon FiOS network engineers on the thread, a fellow
> > > > > Verizon employee would thank you kindly for an off-thread email
> > regarding
> > > > > BGP advertisement (I'll buy the IPv6 block and the drink-of-choice, you
> > > > > configure my account to listen for route advertisement).
> > > > >
> > > > > Strange that it has to come to this to get "legit" IPv6 service.
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > On Fri, Jun 3, 2016 at 9:08 PM Raymond Beaudoin <
> > > > > raymond.beaudoin () icarustech com> wrote:
> > > > >
> > > > > > I wasn't originally affected on my he.net tunnel, but this evening it
> > > > > > started blocking. The recommended ACLs are a functional temporary
> > > > > > workaround, but I've also opened a request with Netflix.
> > > > > >
> > > > > > On Fri, Jun 3, 2016 at 7:54 PM, Mark T. Ganzer <
> > ganzer () spawar navy mil>
> > > > > > wrote:
> > > > > >
> > > > > > > So far I am not seeing a Netflix block on my he.net tunnel yet. I
> > > > > > connect
> > > > > > > to the Los Angeles node, so maybe not all of HE's address space is
> > > > being
> > > > > > > blocked.
> > > > > > >
> > > > > > > Not going to be disabling IPv6 here either. + HAD native IPv6 from
> > > > Time
> > > > > > > Warner, but they decided to in their wisdom to disable IPv6 service
> > > > for
> > > > > > > anyone that has an Arris SB6183 due to an Arris firmware bug.  And
> > > > they
> > > > > > are
> > > > > > > taking their sweet time pushing out the fixed firmware update that
> > > > > > Comcast
> > > > > > > and Cox seemed to be able to push to their customers last fall.
> > > > > > >
> > > > > > > -Mark Ganzer
> > > > > > >
> > > > > > >
> > > > > > > > On 6/3/2016 4:49 PM, Cryptographrix wrote:
> > > > > > > >
> > > > > > > > Depends - how many US users have native IPv6 through their ISPs?
> > > > > > > >
> > > > > > > > If I remember correctly (I can't find the source at the moment),
> > > > HE.net
> > > > > > > > represents something like 70% of IPv6 traffic in the US.
> > > > > > > >
> > > > > > > > And yeah, not doing that - actually in the middle of an IPv6 project
> > > > at
> > > > > > > > work at the moment that's a bit important to me.
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > On Fri, Jun 3, 2016 at 7:45 PM Baldur Norddahl <
> > > > > > baldur.norddahl () gmail com
> > > > > > > > wrote:
> > > > > > > >
> > > > > > > > Den 4. jun. 2016 01.26 skrev "Cryptographrix" <
> > > > > > cryptographrix () gmail com>:
> > > > > > > > > > The information I'm getting from Netflix support now is explicitly
> > > > > > > > > telling
> > > > > > > > >
> > > > > > > > > > me to turn off IPv6 - someone might want to stop them before they
> > > > > > > > > > completely kill US IPv6 adoption.
> > > > > > > > > Not allowing he.net tunnels is not killing ipv6. You just need
> > need
> > > > > > > > > native
> > > > > > > > > ipv6.
> > > > > > > > >
> > > > > > > > > On the other hand it would be nice if Netflix would try the other
> > > > > > > > > protocol
> > > > > > > > > before blocking.