Re: Netflix VPN detection - actual engineer needed

> On Jun 8, 2016, at 8:13 AM, Baldur Norddahl wrote: > > > > On 2016-06-08 07:27, Mark Andrews wrote: >> In message <20160608070525.06fd5...@echo.ms.redpill-linpro.com>, Tore >> Anderson writes: >>> * Davide Davini >>> >>> Blocking access to

Re: Netflix VPN detection - actual engineer needed

On Wed 2016-Jun-08 11:23:35 -0400, Owen DeLong wrote: On Jun 7, 2016, at 9:21 AM, Mark Felder wrote: On Jun 6, 2016, at 22:25, Spencer Ryan wrote: The tunnelbroker service acts exactly like a VPN. It allows you, from any arbitrary location

Re: Netflix VPN detection - actual engineer needed

On Wednesday, June 8, 2016, Baldur Norddahl wrote: > > > On 2016-06-08 07:27, Mark Andrews wrote: > >> In message <20160608070525.06fd5...@echo.ms.redpill-linpro.com>, Tore >> Anderson writes: >> >>> * Davide Davini >>> >>> Blocking access to

Re: Netflix VPN detection - actual engineer needed

As of last week, I still wasn’t getting an IPv6 address by default on my iPhone 6S+ on T-Mobile. Just saying. Owen > On Jun 7, 2016, at 11:00 AM, Ca By wrote: > > On Tuesday, June 7, 2016, Cryptographrix wrote: > >> Very true - I was being a

Re: Netflix VPN detection - actual engineer needed

On 2016-06-08 17:20, Javier J wrote: Maybe I missed the start of this conversation but why are we talking about blocking Netflix? By blocking the netflix.com IPv6 prefix your browser will automatically fall back to IPv4 because it is using the Happy Eyeballs algorithm.

Re: Netflix banning HE tunnels

Mine, whilst not identifying me personally, has detail down to the correct town and zipcode. On Wed, 8 Jun 2016 10:30:31 -0500 Chris Adams wrote: > Once upon a time, Owen DeLong said: > > Contrary to your repeated assertions, HE tunnels are NOT anonymous. >

Re: Netflix banning HE tunnels

So, how do you identify where an IP address is used? /elvis Excuse the briefness of this mail, it was sent from a mobile device. > On Jun 8, 2016, at 18:41, Spencer Ryan wrote: > > It identifys where you told it you are. It doesn't tell Netflix that your > v4 endpoint is in

Re: Netflix banning HE tunnels

Well, They're clearly to " enraged " to accept/comprehend the situation. Lets go back talking about how to help deploy IPv6 and break the paradigm that was build during the silent film era. - Alain Hebertaheb...@pubnix.net PubNIX Inc.

Re: Netflix VPN detection - actual engineer needed

On 2016-06-08 17:58, Nicholas Suan wrote: On Wednesday, June 8, 2016, Baldur Norddahl > wrote: A start would be blocking 2620:108:700f::/64 as discovered by a simple DNS lookup on netflix.com . I am

Re: Netflix VPN detection - actual engineer needed

On 2016-06-08 07:27, Mark Andrews wrote: In message <20160608070525.06fd5...@echo.ms.redpill-linpro.com>, Tore Anderson writes: * Davide Davini Blocking access to Netflix via the tunnel seems like an obvious solution to me, for what it's worth. And which set of

Re: Netflix VPN detection - actual engineer needed

> On Jun 7, 2016, at 10:22 AM, Ca By wrote: > > On Tuesday, June 7, 2016, Cryptographrix wrote: > >> As I said to Netflix's tech support - if they advocate for people to turn >> off IPv6 on their end, maybe Netflix should stop supporting it on

Re: Netflix VPN detection - actual engineer needed

> On Jun 7, 2016, at 11:50 AM, Davide Davini wrote: > > On 04/06/2016 20:46, Owen DeLong wrote: >> Get your own /48 and advertise to HE Tunnel via BGP. Problem solved. > > Even though that sounds like an awesome idea it does not seem trivial to > me to obtain your

Re: Netflix VPN detection - actual engineer needed

Mark, That would be bad. At least in my case. My addresses (192.159.10.0/24, 192.124.40.0/23, 2620:0:930::/48) are not from a known residential ISP or mobile ISP. However, they are within my household and nowhere else. There’s no valid reason for Netflix to block them. They are not a server

Re: Netflix banning HE tunnels

Once upon a time, Owen DeLong said: > Contrary to your repeated assertions, HE tunnels are NOT anonymous. > > HE operates a perfectly fine RWHOIS server that provides sufficient > information > about each tunnel that it cannot be considered anonymous. Unless that information

Re: Netflix banning HE tunnels

It identifys where you told it you are. It doesn't tell Netflix that your v4 endpoint is in New Zeland and you are watching a bunch of content you are not supposed to have access to. Is this really that hard to understand? *Spencer Ryan* | Senior Systems Administrator | sr...@arbor.net *Arbor

Re: Netflix banning HE tunnels

Getting back on topic here, the biggest group to blame here is the content producers and the MPAA who insist on only giving licenses out for content on a regional/country basis, and I would bet the balance of my bank account that they have forced netflix to block VPNs Tunnels and anything else by

Re: Netflix banning HE tunnels

> On Jun 7, 2016, at 11:25 PM, Ca By wrote: > > On Tuesday, June 7, 2016, chris wrote: > >> I disagree. if they have no native v6 then theres no reason why they >> shouldnt be able to use the v6 from HE and why should the internet treat >> that users

Re: Netflix VPN detection - actual engineer needed

On Wed, Jun 8, 2016, at 10:23, Owen DeLong wrote: > Mark, > > That would be bad. > > At least in my case. > The trailing /s at the end was the sarcasm tag :-) -- Mark Felder f...@feld.me

Re: Netflix VPN detection - actual engineer needed

On 2016-06-08 16:12, Owen DeLong wrote: It’s a link, just like any other link, over which IPv6 can be transmitted. You can argue that it’s a lower quality link than some alternatives, but I have to tell you I’ve gotten much more reliable service at higher bandwidth from that link than from my

Re: Traffic engineering and peering for CDNs

On 6/7/16, 2:46 AM, "NANOG on behalf of Mark Tinka" wrote: > > >On 6/Jun/16 20:03, Tom Smyth wrote: > >> as far as im aware ... a friend of mine on INEX in Ireland said most >>cdns >> use source ip of the DNS requests to determine which

Re: Netflix VPN detection - actual engineer needed

On 6/8/16 9:13 AM, Owen DeLong wrote: > As of last week, I still wasn’t getting an IPv6 address by default on my > iPhone 6S+ > on T-Mobile. turn off mobile hotspot... > Just saying. > > Owen > >> On Jun 7, 2016, at 11:00 AM, Ca By wrote: >> >> On Tuesday, June 7, 2016,

Re: Netflix VPN detection - actual engineer needed

Why? I use Mobile Hotspot… It’s part of the service I pay for. If Cameron can’t make that work, then that’s T-Mobile’s problem, not mine. Owen > On Jun 8, 2016, at 1:25 PM, joel jaeggli wrote: > > On 6/8/16 9:13 AM, Owen DeLong wrote: >> As of last week, I still wasn’t

Re: Netflix banning HE tunnels

On 2016-06-08 18:57, Javier J wrote: Tony, I agree 100% with you. Unfortunately I need ipv6 on my media subnet because it's part of my lab. And now that my teenage daughter is complaining about Netflix not working g on her Chromebook I'm starting to think consumers should just start

RE: Netflix banning HE tunnels

Ca By wrote: > On Tuesday, June 7, 2016, chris wrote: > > > it really feels alot like what net neutrality was supposed to avoid. > > making a policy where there is different treatment of one set of bits > > over another > > > > "your ipv6 bits are bad but if you turn it off

RE: Netflix banning HE tunnels

The content providers wouldn't care if it was a very small number of people evading their region restrictions, but it isn't a small number. Those avoiding it are already not in good faith. While I don't agree with the content providers business model, it's their content, their rules. If you

RE: Netflix banning HE tunnels

Tony, I agree 100% with you. Unfortunately I need ipv6 on my media subnet because it's part of my lab. And now that my teenage daughter is complaining about Netflix not working g on her Chromebook I'm starting to think consumers should just start complaining to Netflix. Why should I have to change

RE: Netflix banning HE tunnels

Yes we do. The is a document dump with the contract information between Netflix and the content providers. A link was sent in this email chain, or you can do a search for it. Neither side has been shy about what they are doing. They publically have stated they are blocking VPN access to

Re: Netflix banning HE tunnels

What does https://www.maxmind.com/en/geoip-demo show for your IPv6 prefix? If it is incorrect, try https://support.maxmind.com/geoip-data-correction-request/ On Jun 8, 2016, at 5:08 PM, Chris Knipe wrote: > > Exactly. > > So what precisely are the metrics they use to

Re: Netflix banning HE tunnels

On Wed, 08 Jun 2016 17:24:48 -0400, Matthew Huff wrote: What does https://www.maxmind.com/en/geoip-demo show for your IPv6 prefix? If it is incorrect, try https://support.maxmind.com/geoip-data-correction-request/ HAH. Funny... 39.76,-98.5 for every HE address I enter. And

Re: Netflix banning HE tunnels

We don't know, and will never know if the content providers went to Netflix and said "You need to ban based on IP range" speculation at this point isn't useful. *Spencer Ryan* | Senior Systems Administrator | sr...@arbor.net *Arbor Networks* +1.734.794.5033 (d) | +1.734.846.2053 (m)

Re: Netflix banning HE tunnels

http://fusion.net/story/287592/internet-mapping-glitch-kansas-farm/ fusion just did a story on how this. On Wed, Jun 8, 2016 at 3:10 PM, Spencer Ryan wrote: > The center of the US is maxmind's unknown location. Fill out the form and > they'll correct it. > > > *Spencer Ryan*

Re: Netflix banning HE tunnels

Bwahaha Ok - that's me, never ever will I look at NexFlix again. I have my own /48, registered in my own name, my own company, my own peering links, and my own transit links. Signup, no problems. As soon as I started watching a stream... Wham, blocked. Proxy Detected. It's clear NetFlix has

Re: Netflix banning HE tunnels

Exactly. So what precisely are the metrics they use to block? I'm not using a proxy at all, its my own ASN... On Wed, Jun 8, 2016 at 11:06 PM, Andy Ringsmuth wrote: > > > On Jun 8, 2016, at 3:52 PM, Chris Knipe wrote: > > > > Bwahaha > > > > Ok -

Re: Netflix banning HE tunnels

The center of the US is maxmind's unknown location. Fill out the form and they'll correct it. *Spencer Ryan* | Senior Systems Administrator | sr...@arbor.net *Arbor Networks* +1.734.794.5033 (d) | +1.734.846.2053 (m) www.arbornetworks.com On Wed, Jun 8, 2016 at 6:09 PM, Ricky Beam

Re: Netflix banning HE tunnels

There is a website where people attempt visiting the precision intersection of latitude and longitude lines and post photos. Why, I'm not quite sure, but there's all sorts of hobbies. I would like to see the clueless federal law enforcement referenced in that article attempt to visit the default

Re: intra-AS messaging for route leak prevention

On 8/Jun/16 14:48, Joe Provo wrote: > > "There are more routing policies in heavan and earth, Sriram > Than are dreamt of in your draft." > > But in my experience, community tagging is by far the widest > deployment due to the broad support and extent of information > which can be carried.

Re: Bogon ASN Filter Policy

On 8/Jun/16 14:56, Michael Hare wrote: > I'm not against the theory of what is being proposed, but I was surprised to > see little discussion of this announcement on list. > > Upon examination on my view of the DFZ from AS3128 I see over 400 upstream > routes falling into this category,

Re: Bogon ASN Filter Policy

Dear Michael, On Wed, Jun 08, 2016 at 12:56:18PM +, Michael Hare wrote: > Upon examination on my view of the DFZ from AS3128 I see over 400 > upstream routes falling into this category, mostly in the 64512 - > 65534 range. Based on our flow bandwidth stats we chose to reach out > to several

RE: Bogon ASN Filter Policy

I'm not against the theory of what is being proposed, but I was surprised to see little discussion of this announcement on list. Upon examination on my view of the DFZ from AS3128 I see over 400 upstream routes falling into this category, mostly in the 64512 - 65534 range. Based on our flow

Re: intra-AS messaging for route leak prevention

On Wed, Jun 08, 2016 at 11:48:36AM +, Sriram, Kotikalapudi (Fed) wrote: > Thanks for the inputs about the inter-AS messaging and route-leak prevention > techniques between neighboring ASes. Certainly helpful information and also > useful > for the draft

Re: intra-AS messaging for route leak prevention

Thanks for the inputs about the inter-AS messaging and route-leak prevention techniques between neighboring ASes. Certainly helpful information and also useful for the draft (draft-ietf-idr-route-leak-detection-mitigation). However, my question was focused on "intra-AS" messaging. About

RE: Netflix banning HE tunnels

Matthew, I was not complaining about the business model, or the need to comply with content provider requirements. The issue is the pathetic implementation choice that Netflix made when a trivial alternative was available. I agree that setting up rwhois and trusting the 3rd party tunnel

Re: Netflix banning HE tunnels

> On Jun 8, 2016, at 3:52 PM, Chris Knipe wrote: > > Bwahaha > > Ok - that's me, never ever will I look at NexFlix again. > > I have my own /48, registered in my own name, my own company, my own > peering links, and my own transit links. Signup, no problems. As soon as

Webmail / IMAPS software for end-user clients in 2016

If you had to put up a public facing webmail interface for people to use, and maintain it for the foreseeable future (5-6 years), what would you use? Roundcube? https://roundcube.net/ Rainloop? http://www.rainloop.net/ Something else? Requirements: Needs to be open souce and GPL, BSD or

Re: Webmail / IMAPS software for end-user clients in 2016

hi ya On 06/08/16 at 06:06pm, Eric Kuhnke wrote: > If you had to put up a public facing webmail interface for people to use, > and maintain it for the foreseeable future (5-6 years), what would you use? > > Roundcube? > https://roundcube.net/ - good > Rainloop? > http://www.rainloop.net/ -

Re: Webmail / IMAPS software for end-user clients in 2016

openwebmail hasn't been updated since 2006... squirrelmail is ancient and barely maintained. Antivirus and antispam are handled by the SMTP system which operates on the backend of the webmail, by the time incoming mail gets to dovecot imap storage for the user accounts it has already been

Re: Webmail / IMAPS software for end-user clients in 2016

On Wed, Jun 8, 2016 at 9:37 PM, alvin nanog wrote: >> Rainloop? >> http://www.rainloop.net/ > - never used > - w/o db support, how you maintain a (real) list of x,000 users and pwd "Direct access to mail server is used (mails are not stored locally on web

Re: Webmail / IMAPS software for end-user clients in 2016

Yes... The mail storage running behind the https based webmail server would be IMAPS to dovecot, which has more than ample functionality for many different ways of storing mail and authenticating users. On Wed, Jun 8, 2016 at 8:55 PM, William Herrin wrote: > On Wed, Jun 8, 2016

Re: Webmail / IMAPS software for end-user clients in 2016

hi yta On 06/08/16 at 06:43pm, Eric Kuhnke wrote: > openwebmail hasn't been updated since 2006... yup.. a minor/major issue > squirrelmail is ancient and barely maintained. last update ( svn ) was Jun 09, 2016 ( today ) http://squirrelmail.org/download.php if you like the "latest/greatest"

RE: Netflix banning HE tunnels

-Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Elvis Daniel Velea Sent: Tuesday, June 07, 2016 6:36 PM To: nanog@nanog.org Subject: Re: Netflix banning HE tunnels Netflix, YOU are the ones forcing people to turn IPv4 off... this is just insane. tens (if not