Check your service statusCable National
Ask a question
Reply
Boffin
cybmole
Posts: 255
Registered: ‎28-08-2009

netflix ps3 dns firewall rules

there are known issues with netflix on PS3 via unblock us or unotelly or similar

Apparently  netflix back end is now doing a forced lookup of public DNS servers which is breaking smart DNS.. ONlt PS3 is affected for now, so USA netflix on PC is OK. iN my case the PS3 still works but often only after I exit & restart the netflix app to bypass the " we are having trouble playing this sitle" error

The workaround for routers which allow it is to block a list of public DNS see below - my question is: can this be done within the superhub?

By blocking access to the DNS servers causing the problems you will be able to make sure that the PlayStation 3 will choose the smartDNS servers every time. This requires you to use a router with a firewall.

You will need to block access to the following IP addresses in your router:

8.8.8.8
8.8.4.4
209.244.0.3
209.244.0.4
208.67.222.222
208.67.220.220

Please use plain text.
Omniscient
gary_dexter
Posts: 13,073
Registered: ‎25-07-2011

Re: netflix ps3 dns firewall rules

You cannot change any DNS settings on the SuperHub. 

 

Modem Mode was put on there for advanced users who want to use their own equipment for such things

 

The Superhub is a user friendly device made for the "not so techie" so it is simple to use and setup. 

 

Throwing in menus and options for DNS settings may confuse general users and they might tweak and change important settings without realising what they are doing. 

*****
If you think my answer has helped - please provide me with a Kudos rating and mark as Helpful Answer!!
I do not work for Virgin Media - all opinions expressed are of my own and all answers are provided from my own and past experiences.
Office 365, Dynamics CRM and Cloud Computing Jedi
Please use plain text.
Boffin
cybmole
Posts: 255
Registered: ‎28-08-2009

Re: netflix ps3 dns firewall rules

[ Edited ]

I know that you can't change the DNS which the superhub is set to,

I don't need to do that - I set my smart dns at device level which works OK for PCs & for PS3, except for this ps3+netflix issue.

I want to add blocking rules for the addresses listed in my 1st post, which I thought was very clear as to the issue & the needed fix.

 

i think I may be able to use domain blocking for the entries on that list ?

Please use plain text.
Superuser
ravenstar68
Posts: 5,658
Registered: ‎01-11-2009

Re: netflix ps3 dns firewall rules


cybmole wrote:

there are known issues with netflix on PS3 via unblock us or unotelly or similar

Apparently  netflix back end is now doing a forced lookup of public DNS servers which is breaking smart DNS.. ONlt PS3 is affected for now, so USA netflix on PC is OK. iN my case the PS3 still works but often only after I exit & restart the netflix app to bypass the " we are having trouble playing this sitle" error

The workaround for routers which allow it is to block a list of public DNS see below - my question is: can this be done within the superhub?

By blocking access to the DNS servers causing the problems you will be able to make sure that the PlayStation 3 will choose the smartDNS servers every time. This requires you to use a router with a firewall.

You will need to block access to the following IP addresses in your router:

8.8.8.8
8.8.4.4
209.244.0.3
209.244.0.4
208.67.222.222
208.67.220.220


Sorry but your post makes no sense whatsoever.

 

The Netflix Back end means their servers.  So assuming the back end is indeed doing forced DNS lookups, how is it communicating that info to the PS3 client?  It certainly won't be using Google DNS or OpenDNS or even whatever the second IP set is to communicate the results of it's lookups back to the client so blocking those IP's would be pointless.

 

Where have you got this information from?

 

Anyway you can't block IP's on the SH1 or SH2 so you'd need to put the thing into modem mode and purchase your own router to do this.

 

Ravenstar68

________________________________________


Only use Helpful answer if your problems been solved.

Please use plain text.
Boffin
cybmole
Posts: 255
Registered: ‎28-08-2009

Re: netflix ps3 dns firewall rules

[ Edited ]

the data I posted came from unotelly, similar information is being provided by unblock-us. I am confident that they are talking sense: if the PS3 app calls out  to a public Dns ddress  - then blocking access to those IP values in router will prevent that. I was able to add those values to domain blocking in the super hub , & netflix on PC still worksOk - will test PS3 netflix later

 

http://help.unotelly.com/support/solutions/articles/79969--netflix-error-aip-701-ps3-fix

update.

1. i think that info may be badly written - but their business is DNS management for whih I'm a paying customer - I don't doubt their overall competence.  there is lots of related info via google supporting the case that blocking acesss to those DNS will fix all PS3 netflix error messages.

2. surely "domain blocking" under "parental controls" in the superhub advanced controls is there it block specific IP addresses, so why do you say that it cannot be done ? - proof that it does work is below. 8.8.8.8 and similar are now inaccessible from this PC, after changing adding dowmain blocks to my router settings:

Oops! Google Chrome could not connect to 8.8.8.8

Please use plain text.
Boffin
cybmole
Posts: 255
Registered: ‎28-08-2009

Re: netflix ps3 dns firewall rules

[ Edited ]

Just tested the PS3 netflix app - started 3 movies , all played with no errors, so I am hopeful that I have a solution, despite the naysayers.

 

i also find independent confirmation here, that this is a valid solution:

 

http://support.unblock-us.com/customer/portal/articles/1192850-solutions-for-those-having-region-iss...

 

read the above- which gives a better explanaiton of the root cause,  then follow the link to 

http://support.unblock-us.com/customer/portal/articles/1256861-netflix-on-the-ps3-virgin-media-super...

 

NB you havw to tweak their 1st set of  instuctions, because you cannot change superhub DNS - so you leave that set to VM and enter your smart paid-for DNS values in PS3 network settings,and in PC network settings as needed.to get netflix USA

 

Please use plain text.
Boffin
cybmole
Posts: 255
Registered: ‎28-08-2009

Re: netflix ps3 dns firewall rules

[ Edited ]

more on this: I have been reading other google links / other workarounds posted by smart dns service providdes.

 

it seems that another way is to block DNS lookups by locking on port 53 for the PS3' mac address i.e.

 

"Finally a solution to the ps3 netflix problem… Block the ports 53 in tcp/udp for dns for PS3 "

 

my setup is OK at present so I have no plane to test this but I'm thinking it could be done with the port forwarding and/or the mac filtering sections ?. I have DHCP reserved = static IP addresses assigned to all my devices already in the router, ( did that ages ago to improve xbox live)  so I know that my PS3 will always be on 192.168,0.12 & I have the PS3's MAC address to hand

 

can the router be made to block port 53 for that IP address or for a specified MAC address

Please use plain text.
Omniscient
gary_dexter
Posts: 13,073
Registered: ‎25-07-2011

Re: netflix ps3 dns firewall rules

I dont think so

 

what you are asking seems pretty advanced for the SH, I would suggest getting your own router and putting the SH into modem mode

*****
If you think my answer has helped - please provide me with a Kudos rating and mark as Helpful Answer!!
I do not work for Virgin Media - all opinions expressed are of my own and all answers are provided from my own and past experiences.
Office 365, Dynamics CRM and Cloud Computing Jedi
Please use plain text.
Superuser
ravenstar68
Posts: 5,658
Registered: ‎01-11-2009

Re: netflix ps3 dns firewall rules

[ Edited ]

cybmole wrote:

more on this: I have been reading other google links / other workarounds posted by smart dns service providdes.

 

it seems that another way is to block DNS lookups by locking on port 53 for the PS3' mac address i.e.

 

"Finally a solution to the ps3 netflix problem… Block the ports 53 in tcp/udp for dns for PS3 "

 

my setup is OK at present so I have no plane to test this but I'm thinking it could be done with the port forwarding and/or the mac filtering sections ?. I have DHCP reserved = static IP addresses assigned to all my devices already in the router, ( did that ages ago to improve xbox live)  so I know that my PS3 will always be on 192.168,0.12 & I have the PS3's MAC address to hand

 

can the router be made to block port 53 for that IP address or for a specified MAC address


Given that Unotelly, Tunlr etc work by modifying your DNS clients to point use their DNS servers, that's definitely a crazy suggestion.

 

Are you suggesting blocking port 53 outbound or inbound?

 

If you read on how DNS works either suggestion is bound to fail.

 

When a client makes a DNS request it is made from a random high numbered port to udp port 53 on the DNS server.

 

The reply comes back from port 53 to the same high numbered port that made the request.

 

Unotelly etc work by changing the address in the DNS reply for Netflix, Hulu etc to pint at their respective VPN's

 

therefore by blocking all outbound udp packets where the destination is port 53 you would break Unotelly, Tunlr and Unblock US also as well as all normal DNS lookups from the PS3

 

The first solution you made has more merit as if the netflix client does include it's own DNS client, it is possibly programmed to fall back to those set up on the PS3 if lookups to openDNS and GoogleDNS fail.

 

Ravenstar68

________________________________________


Only use Helpful answer if your problems been solved.

Please use plain text.
Boffin
cybmole
Posts: 255
Registered: ‎28-08-2009

Re: netflix ps3 dns firewall rules

[ Edited ]

ok -

the block port 53 was not my own idea, I found it here

http://tunlr.net/forums/topic/solution-how-to-fix-the-recent-netflix-issue-with-ps3updated-22-06-201...

 

& clearly it worked for that poster. see his post copied  below.

 

I was curious as to whether, technically, the superhub could be set up to do that. i.e. can it host rules that apply only to a specified MAC address - I suspect not 

 

Dear All,

Finally a solution to the ps3 netflix problem… Block the ports 53 in tcp/udp for dns for PS3 . I did it in the dd-wrt router on the access restrictions page, add the mac id of ps3, then add a new entry in blocked services something like dns0 and port 53~53 . Save, apply settings and BINGO!! everything back to normal. All credits go to the unblock-us support for the solution! I assure u guys… THIS WORKS!!!

 

NB He did not get any feedback to this post so maybe its crazy, maybe not . Me, I tend to distrust anyone who signs off with  All Caps + 3 exclamation marks but maybe I am out of touch with social trends :smileyhappy:

Please use plain text.