1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Need IP addresses for Netflix and others for Policy Based Routing

Discussion in 'VPN' started by DTS, Oct 10, 2018.

  1. DTS

    DTS Occasional Visitor

    Joined:
    Aug 28, 2015
    Messages:
    34
    How can I find the full list of the IP addresses to use for Netflix and other services (Hulu, Tidal, Pandora, etc.) when I enable policy-based routing as described in threads like this one?

    For example, if I ping hulu.com, I get an IP address:
    PING hulu.com (88.221.131.142)​
    dig hulu.com gives me the same single IP address. But I'm sure they use multiple servers. So how do we find them all?

    I've heard that dig is a way to do it. Here are my dig results for netflix:

    dig netflix.com
    netflix.com. 1 IN A 34.227.4.120
    netflix.com. 1 IN A 34.232.235.235
    netflix.com. 1 IN A 52.206.23.236
    netflix.com. 1 IN A 34.236.214.109
    netflix.com. 1 IN A 34.233.159.233
    netflix.com. 1 IN A 107.23.104.215
    netflix.com. 1 IN A 54.82.145.47
    netflix.com. 1 IN A 52.3.32.33

    However, compared to the reference post, every IP is different. None of them are in agreement.

    Source IP 0.0.0.0 Destination IP 23.21.160.0/24 lface WAN
    Source IP 0.0.0.0 Destination IP 54.204.43.0/24 lface WAN
    Source IP 0.0.0.0 Destination IP 107.20.154.0/24 lface WAN
    Source IP 0.0.0.0 Destination IP 54.243.253.0/24 lface WAN
    Source IP 0.0.0.0 Destination IP 50.19.210.0/24 lface WAN
    Source IP 0.0.0.0 Destination IP 23.23.191.0/24 lface WAN
    Source IP 0.0.0.0 Destination IP 107.20.151.0/24 lface WAN
    Source IP 0.0.0.0 Destination IP 54.204.2.0/24 lface WAN
    Source IP 0.0.0.0 Destination IP 107.20.177.0/24 lface WAN
    Source IP 0.0.0.0 Destination IP 54.225.192.0/24 lface WAN
    Source IP 0.0.0.0 Destination IP 174.129.2.0/24 lface WAN
    Source IP 0.0.0.0 Destination IP 75.101.139.0/24 lface WAN

    Bottom line: how do we find the full list of IP addresses for a certain service for policy-based routing rules (in openvpn client)? It seems like many companies would want or need lists like this to block certain services from being used at work. I expected this would be an easy thing to look up, but I have not found it yet.
     
  2. doczenith1

    doczenith1 Senior Member

    Joined:
    Sep 19, 2014
    Messages:
    440
    Location:
    MI
    DTS likes this.
  3. Xentrk

    Xentrk Very Senior Member

    Joined:
    Jul 21, 2016
    Messages:
    1,683
    Location:
    The Land of Smiles
    I need to update the README with this information.

    You can lookup the ASN using the site https://bgp.he.net/AS6427. Type the name of the company you are looking for in the search box. For example, typing in Hulu returns a list which contains AS23286. You can then clone IPSET_Netflix.sh for the streaming service you want to selectively route. dnsmasq.log file is your friend. The method for mining dnsmasq is in the section IPSET_Netflix_Domains.sh
     
    Stevens243 likes this.