Hurricane Electric's IPv6 Tunnel Broker Forums

Tunnelbroker.net Specific Topics => Questions & Answers => Topic started by: DJX on October 03, 2022, 04:26:30 PM

Title: Netflix IPv6 DNS Domains
Post by: DJX on October 03, 2022, 04:26:30 PM
Since Netflix blocks HE IPv6 addresses, I have been filtering AAAA queries on my DNS servers to force clients to connect over IPv4. Only problem is, I haven't found all the DNS domains I need to filter. This is my current list but I'm still missing some as some content is still getting blocked (or silently filtered out as not available)

Quote
*.netflix.com
*.netflix.net
*.nflxvideo.net
*.nflxso.net

Anyone have more Netflix domains I can filter AAAA queries on?
Thanks!
Title: Re: Netflix IPv6 DNS Domains
Post by: tjeske on October 12, 2022, 07:30:43 AM
Have you tried running Wireshark to look for all relevant DNS requests?
Title: Re: Netflix IPv6 DNS Domains
Post by: DJ1975 on October 13, 2022, 11:08:39 AM
I attempted the same thing but decided to stop. Under my circumstances, it looked like the netflix player required access to the domains you mentioned as well as *.amazonaws.com.

Restricting that domain to v4 only caused some issues with logins on various sites (for me. No idea how appliable that is for someone else).

I ended up creating a VLAN with no v6 address applied on the "LAN" side. Using a player, chromecast, or PC from that VLAN enforces v4-only for all traffic.

YMMV
Title: Re: Netflix IPv6 DNS Domains
Post by: DJX on November 14, 2022, 04:05:57 PM
Have you tried running Wireshark to look for all relevant DNS requests?
I would but the problem only exists on embedded devices like TVs and streaming media players.
So I can't run wireshark against them.

With my current DNS filters:
Quote
*.netflix.com,*.nflxext.com,*.netflix.net,*.nflximg.net,*.nflxvideo.net,*.nflxso.net
Works fine in Firefox or Chrome.

I'll play with possibly adding AmazonAWS.
Title: Re: Netflix IPv6 DNS Domains
Post by: DJX on November 22, 2022, 04:54:16 PM
Well, I've added AmazonAWS and still not working on the embedded devices.
First boot-up is fine but subsequent accesses everything is locked out with a proxy message or silently hidden.
Fine on PC but I have no idea what these embedded devices are doing.

Current DNS filter:
Code: [Select]
EQ,*.amazonaws.com.,*.netflix.com.,*.nflxext.com.,*.netflix.net.,*.nflximg.net.,*.nflxvideo.net.,*.nflxso.net.