Warning

 

Close

Confirm Action

Are you sure you wish to do this?

Confirm Cancel
BCM
Member Login

Site Notices
Posted: 4/16/2017 8:07:20 PM EDT
I use Private Internet Access' VPN on my computer 24/7 (yes, even before Congress rescinded the ISP data selling rules). Generally, this works great. But as you may know, Netflix started blocking streaming if they could see you were using a VPN (or at least that you were coming from the exit node of a known VPN). I get that people would do this to get around geographic blocking policies of Netflix. More recently, Amazon Prime streaming has been blocking VPNs as well. 

I can shut down the VPN and then access everything. I'm in the USA and not trying to get around geo-blocking. But I still want the VPN to surf while streaming video. The IT guys at work suggested adding static routes to the the routing table so that the operating system bypasses the VPN for those particular IP addresses. I know how to do this. But how do you get the list of IP addresses used by Netflix or Amazon for streaming? 

I realize the list is probably dozens, if not hundred of IP addresses. But, would this idea work?

Just to joust at some windmills, I spent 30 minutes in a chat with Amazon support (even got up to 2nd tier). The first guy didn't understand what I was asking. The 2nd guy did understand. He said they didn't have a list of IP addresses. I laughed and said, "Of course they do." He said they couldn't release that information. I suggested that allowing people to route around their VPN allows Amazon to continue to abide by its geo-locking agreements with content holders and allows the user to run the VPN for everything else. It's a win-win. He agreed, but said it couldn't be released. Oh well. 
Link Posted: 4/16/2017 8:25:25 PM EDT
Link Posted: 4/16/2017 8:32:10 PM EDT
Discussion ForumsJump to Quoted PostQuote History
Quoted:
I have the same issue, my workaround was a Windows 10 virtual Machine on the host machine surf on the vm
View Quote
Correct, easiest is to surf from the VPN. Otherwise it will be a lot of trial and error to figure out routing tables, and places like Netflix and Amazon are going to change their IPs pretty frequently.
Link Posted: 4/19/2017 2:54:33 PM EDT
i have my pfsense at the house set up as ovpn client to hide what I do from my ISP, like what we normally all think about doing with a VPN.  i also have it set up as ovpn server so when im away my phone/tablet/laptop can vpn into my house and solve the problem you are talking about.  you can even create different ovpn servers at your house, 1 that allows ovpn clients to use your ISP's IP address (for netflix), and the other for remote clients to use your single pay-for VPN provider.

pfsense makes this all stupid easy, even with cert based auth.  dont have to deal with PBR or anything like that.
Link Posted: 4/19/2017 3:09:08 PM EDT
disable vpn
stream
use netstat while streaming

get IP.
Link Posted: 4/19/2017 3:10:27 PM EDT
Discussion ForumsJump to Quoted PostQuote History
Quoted:
i have my pfsense at the house set up as ovpn client to hide what I do from my ISP, like what we normally all think about doing with a VPN.  i also have it set up as ovpn server so when im away my phone/tablet/laptop can vpn into my house and solve the problem you are talking about.  you can even create different ovpn servers at your house, 1 that allows ovpn clients to use your ISP's IP address (for netflix), and the other for remote clients to use your single pay-for VPN provider.

pfsense makes this all stupid easy, even with cert based auth.  dont have to deal with PBR or anything like that.
View Quote
Are you doing anything to hide your traffic from the VPN providers ISP?  Changing the exit point doesn't really prevent the traffic from being monetized.
Link Posted: 4/19/2017 3:32:23 PM EDT
Discussion ForumsJump to Quoted PostQuote History
Quoted:


disable vpn
stream
use netstat while streaming

get IP.
View Quote
That would get you an IP sure.  But netflix and amazon have CDN entry/exit all over the place, there are probably thousands of individual IPs that could be the source of the traffic.
Link Posted: 4/19/2017 3:46:40 PM EDT
Discussion ForumsJump to Quoted PostQuote History
Quoted:


That would get you an IP sure.  But netflix and amazon have CDN entry/exit all over the place, there are probably thousands of individual IPs that could be the source of the traffic.
View Quote
sure, now you know the IP you find out the CDN, look up their ip blocks with ARIN and just basically statically route an entire subnet for a CDN.


If you wanted Amazon's networks you can just look that up with ARIN by their ASN
Link Posted: 4/19/2017 4:10:12 PM EDT
Discussion ForumsJump to Quoted PostQuote History
Quoted:



sure, now you know the IP you find out the CDN, look up their ip blocks with ARIN and just basically statically route an entire subnet for a CDN.


If you wanted Amazon's networks you can just look that up with ARIN by their ASN
View Quote
I want to see the OP of this thread do that, because it would amuse me.
Link Posted: 4/19/2017 4:20:59 PM EDT
nah im really not worried about that as much as getting a nasty letter from my real ISP for whatever it is i may/not do with the internet.  though sometimes i do use tor.  though never in fullscreen mode.  i also have a digital ocean droplet running  ovpn server as well for whenever i want another public ip to use to do stuff.
Link Posted: 4/20/2017 11:43:59 AM EDT
I block netflix streaming at work but not their main webpage.

Most of the observed streaming I saw was to this network: 108.175.32.0/20

ARIN and ROBTEX agree that Netflix owns it:
https://whois.arin.net/rest/net/NET-108-175-32-0-1/pft?s=108.175.32.0
https://www.robtex.com/?route=108.175.32.0/20

All of the Netflix owned/registered subnets are here:
https://whois.arin.net/rest/org/SS-144/nets

Or just turn off your VPN when you want to stream.
Link Posted: 4/20/2017 11:50:42 AM EDT
Somewhat of a hijack, but what are some of the better vpn options for someone who doesn't want to pay for it? Is that even an option? Is there a way to quickly turn it off and on?
Link Posted: 4/20/2017 12:01:44 PM EDT
Discussion ForumsJump to Quoted PostQuote History
Quoted:
Somewhat of a hijack, but what are some of the better vpn options for someone who doesn't want to pay for it? Is that even an option? Is there a way to quickly turn it off and on?
View Quote
If you don't have to pay for something, that means that you are likely the product up for sale.  Would you trust them with your data and traffic?

Yes you can turn the client on and off easily.
Top Top