Update 9/3/2016: It seems this triggers the VPN-detection mechanism on Netflix’ services, blocking access to all streaming. Thankfully it seems Internode has worked out how to make Netflix content unmetered on IPV6, so it’s no longer required!
Currently access to Netflix via Internode is unmetered, but not if you’re using their IPv6 connectivity. I’ve got a Mikrotik router and wanted to see if I could force it down to IPv4 without disabling connectivity for my desktop machine (which I use mainly for Netflix). It seems just blocking one range (currently) is enough:
- 2001:44b8:b070:25::/64
- 2001:44b8:b070:26::/64 (added 11/08/15)
I’ll update it as I find out more, please feel free to leave comments with IP ranges that need blocking. 🙂
It seems if you’re running a DNS server that’s capable of it, you might be able to block AAAA responses for “ipv6*.nflxvideo.net” as the request I was seeing was for “ipv6_1.lagg0.c001.syd001.iinet.isp.nflxvideo.net”. Just another idea.
Implementing firewall rules to block the traffic is fairly simple, here’s the method.
From the command line (updated 9/3/16 for posterity):
From the interface:
Navigate to IPV6, then firewall. From the “Filter Rules” tab click “Add New”
Fill out these details, ignore everything else. It can’t hurt to add a comment as well.
For both options, remember to move the block up higher in your list than other things which may allow the traffic through.