Re: Netflix banning HE tunnels

[Chris Knipe <savage () savage za org>]

Bwahaha

Ok - that's me, never ever will I look at NexFlix again.

I have my own /48, registered in my own name, my own company, my own
peering links, and my own transit links.  Signup, no problems.  As soon as
I started watching a stream...

Wham, blocked.  Proxy Detected.

It's clear NetFlix has something against IPv6, not tunnels.


On Wed, Jun 8, 2016 at 10:26 PM, Matthew Huff <mhuff () ox com> wrote:

> Yes we do.
>
> The is a document dump with the contract information between Netflix and
> the content providers. A link was sent in this email chain, or you can do a
> search for it. Neither side has been shy about what they are doing. They
> publically have stated they are blocking VPN access to NetFlix.
>
> ----
> Matthew Huff             | 1 Manhattanville Rd
> Director of Operations   | Purchase, NY 10577
> OTA Management LLC       | Phone: 914-460-4039
> aim: matthewbhuff        | Fax:   914-694-5669
>
> From: Spencer Ryan [mailto:sryan () arbor net]
> Sent: Wednesday, June 8, 2016 4:02 PM
> To: Tony Hain <alh-ietf () tndh net>
> Cc: Matthew Huff <mhuff () ox com>; Laszlo Hanyecz <laszlo () heliacal net>;
> North American Network Operators' Group <nanog () nanog org>
> Subject: Re: Netflix banning HE tunnels
>
> We don't know, and will never know if the content providers went to
> Netflix and said "You need to ban based on IP range" speculation at this
> point isn't useful.
>
>
> Spencer Ryan | Senior Systems Administrator | sryan () arbor net<mailto:
> sryan () arbor net>
> Arbor Networks
> +1.734.794.5033 (d) | +1.734.846.2053 (m)
> www.arbornetworks.com<http://www.arbornetworks.com/>
>
> On Wed, Jun 8, 2016 at 4:00 PM, Tony Hain <alh-ietf () tndh net<mailto:
> alh-ietf () tndh net>> wrote:
> Matthew,
>
> I was not complaining about the business model, or the need to comply with
> content provider requirements. The issue is the pathetic implementation
> choice that Netflix made when a trivial alternative was available. I agree
> that setting up rwhois and trusting the 3rd party tunnel providers to
> provide valid information is substantially more effort than the ROI on this
> would justify, but a redirect to IPv4-only requires no additional 3rd party
> trust for geo-loc than an IPv4 connection to begin with, would still catch
> the bad actors, yet works correctly for those trying to move the Internet
> forward.
>
> Tony
>
>
> > -----Original Message-----
> > From: NANOG [mailto:nanog-bounces () nanog org<mailto:
> nanog-bounces () nanog org>] On Behalf Of Matthew
> > Huff
> > Sent: Wednesday, June 08, 2016 12:45 PM
> > To: Laszlo Hanyecz; nanog () nanog org<mailto:nanog () nanog org>
> > Subject: RE: Netflix banning HE tunnels
> >
> > The content providers wouldn't care if it was a very small number of
> people
> > evading their region restrictions, but it isn't a small number. Those
> avoiding
> > it are already not in good faith. While I don't agree with the content
> > providers business model, it's their content, their rules.
> >
> > If you don't think it's right that Netflix is blocking VPNs and tunnels,
> then
> > switch to Hulu and/or Amazon, however it's just matter of time before
> they
> > start blocking VPNs and tunnels themselves.
> >
> > I agree that matching Geolocation with source IP addresses is a bad
> idea, but
> > until someone comes up with a better idea and gets it implemented ( one
> > that can't be modified by the end user), people with a business model
> that
> > depends on it will continue to block based on IP. "Good faith" will be
> > laughed at, and rightly so.
> >
> >
> >
> > ----
> > Matthew Huff             | 1 Manhattanville Rd Director of Operations   |
> > Purchase, NY 10577 OTA Management LLC       | Phone: 914-460-4039<tel:
> 914-460-4039>
> > aim: matthewbhuff        | Fax:   914-694-5669<tel:914-694-5669>
> >
> >
> > > -----Original Message-----
> > > From: NANOG [mailto:nanog-bounces () nanog org<mailto:
> nanog-bounces () nanog org>] On Behalf Of Laszlo
> > > Hanyecz
> > > Sent: Wednesday, June 8, 2016 3:34 PM
> > > To: nanog () nanog org<mailto:nanog () nanog org>
> > > Subject: Re: Netflix banning HE tunnels
> > >
> > >
> > >
> > > On 2016-06-08 18:57, Javier J wrote:
> > > > Tony, I agree 100% with you. Unfortunately I need ipv6 on my media
> > > subnet
> > > > because it's part of my lab. And now that my teenage daughter is
> > > > complaining about Netflix not working g on her Chromebook I'm
> > > starting to
> > > > think consumers should just start complaining to Netflix. Why should
> > > I have
> > > > to change my damn network to fix Netflix?
> > > >
> > > > In her eyes it's "daddy fix Netflix" but the heck with that. The man
> > > hours
> > > > of the consumers who are affected to work around this issue is less
> > > than
> > > > the man hours it would take for Netflix to redirect you with a 301
> > > > to
> > > an
> > > > ipv4 only endpont.
> > > >
> > > > If Netflix needs help with this point me in the right direction.
> > > > I'll
> > > be
> > > > happy to fix it for them and send them a bill.
> > >
> > > They're doing the same thing with IPv4 (banning people based on the
> > > apparent IP address).  Your IPv4 numbers may not be on their blacklist
> > > at the moment, and disabling IPv6 might work for you, but the
> > > underlying problem is the practice of GeoIP/VPN blocking, and the
> > > HE.net tunnels are just one example of the collateral damage.
> > >
> > > I don't know why Netflix and other GeoIP users can't just ask
> > > customers where they are located, instead of telling them.  It is
> > > possible that some user might lie, but what about "assume good faith"?
> > > It shows how much they value you as a customer if they would rather
> > > dump you than trust you to tell them where you are located.
> > >
> > > -Laszlo


-- 

Regards,
Chris Knipe