Hey guys,
I selfhost a server at home where I run a couple of services. Wireguard is one of them. I also have another house where I live every couple of weeks for a few days. Netflix blocked me on the second house for account sharing. As I run my own wireguard and the tv in the second house runs AndroidTV I created a wireguard config (I run wg-easy) and installed the official Wireguard app on AndroidTV. Sadly netflix still blocks me which is weird because all traffic of that tv seems to be running over the tunnel.

Here is the config:

` [Interface] PrivateKey = XXX Address = 10.8.0.3/24 DNS = 1.1.1.1 MTU = 1420

[Peer] PublicKey = XXX PresharedKey = XXX AllowedIPs = 0.0.0.0/0 PersistentKeepalive = 0 Endpoint = vpn.XXXde:51820 `

I also posted this on reddit selfhosted where it sadly got removed. Some suggestions were that somehow DNS requests or IPv6 traffic still got through without using the wireguard tunnel which doesn’t make much sense because usually the wireguard app puts everything through the tunnel.
I also edited the conf to also tunnel all ipv6 traffic with adding ::/0 under allowed IPs but that also didn’t resolved the problem.
Is there anything else I could try? Are there different solutions? I’m aware that there are other approaches to this problem (using Jellyfin) but I really want to figure out this problem as it doesn’t make any sense to me. The whole traffic should be going over my home server and it seems it doesn’t.
Has anyone gotten this kind of setup to work?

Thanks for any help, have a good day!

@LDerJim@lemmy.world
link
fedilink
English
11Y

Have you tried updating your Netflix Household via https://help.netflix.com/en/node/128339 ?

@JoeKrogan@lemmy.world
link
fedilink
English
3
edit-2
1Y

Did you try Netflix in the browser to rule out an issue with the app.

I have adguard home on my server and have the server wireguard IP as the DNS ip too so I can see all the DNS requests my devices make and block stuff. I disable ipv6 myself to keep things simpler.

It should work for you though.

Another option they can’t detect is use a router with a wireguard connection, then Netflix can go suck a lemon 🍋😉

Edit: Perhaps they are doing some timing on your connections and there is a difference between your primary connection and the VPN one .

krolden
link
fedilink
English
2
edit-2
1Y

Try adding ::/0 to your AllowedIPs

Edit: nvm you tried that

Definitely complicated to root cause. Please share if ya figure out the hard parts 😄

An idea: Netflix could be fingerprinting TUN interfaces on the TV.

One thing I’d consider trying is Tailscale in userspace networking mode on a distinct network host at location 2, which’ll start a SOCKS/HTTP proxy that the TV can use for outbound connections.

Bonus: any devices incompatible with Tailscale can use the proxies.

If you’d like to take a stab at this, Headscale is a self-hosted version of Tailscale’s service. Personally, I use Caddy to automatically manage letsencrypt certs while proxying requests to Headscale.

Politically Incorrect
link
fedilink
English
18M

Maybe a DNS leaking problem.

@coriolis@lemmy.world
link
fedilink
English
18M

Did you solve it? I am in the same situation and nothing seems to help… Maybe wireguard, being inside a docker bridge network, isn’t forwarding correctly IPV6 packets. Or maybe Netflix checks more than just the public IP

Create a post

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.

Rules:

  1. Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

  • 1 user online
  • 76 users / day
  • 109 users / week
  • 241 users / month
  • 850 users / 6 months
  • 1 subscriber
  • 1.53K Posts
  • 8.72K Comments
  • Modlog