Hurricane Electric's IPv6 Tunnel Broker Forums

Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Author Topic: Windows Server 2016 DNS Filter for Netflix and others  (Read 334 times)

DJX

  • Newbie
  • *
  • Posts: 15
    • View Profile
Windows Server 2016 DNS Filter for Netflix and others
« on: October 25, 2017, 07:52:47 AM »

As many are aware, Netflix does not allow it's customers to stream through HE.
I tried a few different approaches to force machines over to IPv4.
My final solution was filter out AAAA records from DNS queries.
If anyone else out there has Server 2016, here is an example PowerShell command that you can run against a server running DNS:

Add policy:
Code: [Select]
Add-DnsServerQueryResolutionPolicy -Name "Filter AAAA Requests" -action deny -fqdn "EQ,*.netflix.com" -QType "EQ,AAAA
Verify policy:
Code: [Select]
Get-DnsServerQueryResolutionPolicy -Name "Filter AAAA Requests" | fl
$Policy = Get-DnsServerQueryResolutionPolicy -Name "Filter AAAA Requests"
$Policy.Criteria

You can also modify an existing policy to add or remove domains if you find other services not working correctly over IPv6:

Code: [Select]
Set-DnsServerQueryResolutionPolicy -Name "Filter AAAA Requests" -fqdn "EQ,*.netflix.com,*.youtube.com,*.1e100.net" -QType "EQ,AAAA"
« Last Edit: February 16, 2018, 12:00:19 PM by DJX »
Logged