Felix Palmen :freebsd: :c64:<p>Adventures getting <a href="https://mastodon.bsd.cafe/tags/Netflix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Netflix</span></a> to work in a somewhat complex home <a href="https://mastodon.bsd.cafe/tags/network" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>network</span></a> 🤯</p><p>I decided to give their plan with ads a chance, sounding like a somewhat fair deal. First issue was, I couldn't even register. It only offered me US plans. Figured that's because my <a href="https://mastodon.bsd.cafe/tags/IPv6" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IPv6</span></a> connectivity is tunnelled through <a href="https://mastodon.bsd.cafe/tags/HE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HE</span></a> (for reasons, different story). Of course using an endpoint here in Germany, but nevertheless, Netflix seemed to think it's a US located address.</p><p>Running my own <a href="https://mastodon.bsd.cafe/tags/bind9" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bind9</span></a> instance, I found a way to hide relevant AAAA records (netflix' own domain and also amazonws) by adding a view only operating on local loopback and filtering out ALL AAAA records, and then adding forward-only zones for these domains to this local view. Horrible, but works, now I could register, forcing <a href="https://mastodon.bsd.cafe/tags/IPv4" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IPv4</span></a>.</p><p>One particularly cheap "smart-tv" still couldn't connect to netflix, always showing me an error that I was using some "VPN". 🤨 No way to analyze what exactly was happening there, but I finally found a solution for that as well: I created an entirely new network segment (with its own <a href="https://mastodon.bsd.cafe/tags/vlan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vlan</span></a> on the switch). I don't offer IPv6 in this segment at all, and only allow it to access the internet as well as my local <a href="https://mastodon.bsd.cafe/tags/dns" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dns</span></a> server. Putting all tv sets and my <a href="https://mastodon.bsd.cafe/tags/minidlna" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>minidlna</span></a> instance into this segment, everything finally works.</p><p>The nice thing is, I always wanted to isolate the tv sets anyways, and this is now finally done, they're unable to see the rest of my home network! 🥳 Still a bit sad I have to restrict them to IPv4 for now, just to work around netflix' geolocation stuff... 🫤</p>