None of this is a problem with actual network engineering, HE's tunnels work fine. It goes in the category of political/economic/contractual , not "this is a technical problem we need to solve". The problem exists with business/contractual relationship Netflix has with its content providers, which barring a miraculous data leak from a disgruntled sysadmin at Netflix, will remain completely opaque to everyone on the outside looking in. Due to the large sums of money involved, my best guess is that the recent crackdown on VPN and VPN-like tunnels is a result of major content providers staff that have been provided with greatly increased visibility into Netflix's internal processes for identifying and blocking VPNs. Undoubtedly there are dozens of pages in the contracts defining metrics for geolocation and acceptable vs unacceptable levels of "leakage" of content. On Mon, Jun 6, 2016 at 12:39 PM, Christopher Morrow <morrowc.lists@gmail.com
wrote:
On Mon, Jun 6, 2016 at 3:30 PM, Aled Morris <aledm@qix.co.uk> wrote:
Maybe HE's IPv6 tunnel packets could be flagged with a destination option (extension header field) that records the end-user's IPv4 tunnel endpoint so geolocation could be done in the "old fashioned" way on that address.
Similar to the way that edns-client-subnet records the end user's address for geolocation purposes.
why is this any problem at all for HE to solve? why is this any problem at all for NetFlix to solve?
HE just provides transport Netflix is just complying (I suspect) with the wishes of the content owners.
complain to your local content owner about this? show the content owners that this sort of restriction in a global economy is silly/counter-productive? explain that: "while I'm a Citizen of locale X, I may often travel around to A, B, C and I'd like for my NetFlix to work in all locations, since I pay good pesos for that access?"
Doing any sort of 'authentication' or 'authorization' on src-IP is just .. broken.
I have to say though, how many Netflix customers are using HE IPv6 tunnels, really? zero percent (to two decimal places)?
Aled