I'm blocking Netflix IPv6 subnets on my router with ICMPv6 no-route-to-host. Windows, Mac and Android clients all seem to immediately fall back to IPv4 and play as normal. It seems like a better solution than disabling IPv6 outright.
I won't take a risk of blocking something that actually one day could change. Instead, I've changed how my DNS-resolver should react on lookups on netflix.com, by adding netflix.com as a forwarder-zone. The forwarder leads to another local resolver that filters all AAAA-pointers on lookups. So as soon as any authorized client (even if they are outside my own network) they will only receive the list of ipv4-addresses. The benefits of this is that I never need to configure a network to work without ipv6 for only one host and I can use the solution wherever I am:).
I also wrote down a "note to self"-style post about this yesteday, in case of it happens again: http://tornevalls.se/blog/2016...
Slashdot Mirror
I'm blocking Netflix IPv6 subnets on my router with ICMPv6 no-route-to-host. Windows, Mac and Android clients all seem to immediately fall back to IPv4 and play as normal. It seems like a better solution than disabling IPv6 outright.
Mikrotik RouterOS syntax:
I won't take a risk of blocking something that actually one day could change. Instead, I've changed how my DNS-resolver should react on lookups on netflix.com, by adding netflix.com as a forwarder-zone. The forwarder leads to another local resolver that filters all AAAA-pointers on lookups. So as soon as any authorized client (even if they are outside my own network) they will only receive the list of ipv4-addresses. The benefits of this is that I never need to configure a network to work without ipv6 for only one host and I can use the solution wherever I am :).
I also wrote down a "note to self"-style post about this yesteday, in case of it happens again: http://tornevalls.se/blog/2016...