I have been griping about Netflix's handling of IPv6 as it interacts with their GeoIP database. This leads them to believe that I am behind a proxy (as I use Hurricane Electric's excellent IPv6 Tunnel Broker service).
Netflix could fix this problem themselves (if they chose to do it0> The simplest approach would be to trigger a redirect to an IPv4 only version of the site if they don't like the IPv6 source address. However, they don't want to do that (it is work, I suppose). This leaves me no choice but to take action on my side (I'm getting grief from my kids that they can't watch their shows). The problem doesn't affect viewing Netflix on the big screen as we use Tivo boxes for that (and I guess they only support IPv4).
My setup at home uses dnscache as a local DNS cache, and I also have a DNS server written in Perl that handles special domains like my SPF record (and its references) and my ip6.arpa space.
To fix the Netflix problem, I added a forwarding entry to dnscache to point netflix.com to my local perl DNS server. The implementation of the handler for this is:
sub no_aaaa_handler { my ($base, $qname, $qclass, $qtype, $peerhost) = @_; my ($rcode, @ans, @auth, @add);
$rcode = "NXDOMAIN";
my $res = Net::DNS::Resolver->new( nameservers => [qw(8.8.8.8 8.8.4.4)]);
if ($qtype eq 'ANY') { $qtype = 'A'; }
my $ans = $res->send($qname, $qtype, $qclass);
if ($ans) { @ans = grep { $_->type ne "AAAA" } $ans->answer; @add = grep { $_->type ne "AAAA" } $ans->additional; $rcode = $ans->header->rcode; }
push @auth, @soa if $rcode eq 'NXDOMAIN';
return ($rcode, \@ans, \@auth, \@add, { aa => 1 });}
Problem solved -- traffic to Netflix is now forced over IPv4, and they think that they know where we live (actually, Maxmind gets the town right, though most of the others don't. They nearly all get the state right).
No comments:
Post a Comment