Netflix and IPv6 via tunnelbroker

Neflix blocks access to its con­tent if you con­nect via tunnelbroker.net.
I could search the inter­net for the IPv6 net ran­ges that net­flix uses, but the­se are ope­ra­ted by AWS and may chan­ge at any time. Bad.
My simp­le and non-intru­si­ve solu­ti­on: sin­ce I alre­a­dy use a local name­ser­ver (bind9) in my LAN, why not con­fi­gu­re it so that it returns no AAAA addres­ses for net­flix? The­re is a state­ment: filter-aaaa-on-v4 that does the trick. Unfort­u­na­te­ly, one can­not use this set­ting per zone, it is a glo­bal setting.
My solu­ti­on: for­ward all queries for netflix.com to ano­ther name­ser­ver that has filter-aaaa-on-v4 set.

My main ser­ver configuration:

zone "netflix.com" {
        type forward;
        forward only;
        forwarders {
                192.168.1.91;
        };
};

And on 192.168.1.91:

options {
    directory "/var/cache/bind";
    filter-aaaa-on-v4 yes;
    recursion yes;
    forwarders {
        8.8.8.8;
        8.8.4.4;
    };
    forward only;
};

That’s it!

2 Comments

Add a Comment

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert