Category: technology

Broken Smart DNS for US Netflix – Here’s the Fix

There’s a bit of a war starting online, and it looks like it might get a bit nasty.  Only a few days ago, Netflix announced that they would be launching a Australian/New Zealand version of it’s popular media streaming site.   There was one slight issue though for the global media giant, it estimated there were already over 200,000 Netflix US members already streaming from Australia. Now this wasn’t some strange mass exodus of US citizens in search of Aussie beer and TV. It referred to  the fact that loads of Australian’s fed up with the local online offerings and their TV stations were using programs like . to stream US Netflix already.

Unblock and Watch American Netflix in Canada using VPN or Smart DNS proxies

They were also using some configured proxies, although mostly these don’t work any more and the new Smart DNS technology to bypass the blocks. Normally when you sign up for a Netflix account, you actually receive a global enabled one.  This means that what you see is actually based on your location.  So my UK Netflix account turns into a US one when I’m physically in the USA, it’s a German account when in Germany and so on.  Which is fine except for one small problem, the US version of Netflix has literally thousands more films, movies and TV shows than any other version. The UK version of Netflix is ok, but the US version is awesome.

So everyone started to use methods which hide their IP addresses and get access to the US version of Netflix (although Canadian Netflix isn’t too bad either).  One of the most important was Smart DNS, which is the easiest way to get access on devices like Smart Phones, Smart TVs and other such devices.   This is the service I use and it comes highly recommended. But that looks like it was stopping, over the last few weeks Netflix has updated it’s client software on these devices and built in something that stops Smart DNS working (here’s exactly how Smart DNS works).   Now on any of these updated devices, you can only access your legitimate country version of Netflix, which means if you’re not in a Netflix enabled country you can’t watch it at all. Basically they’ve updated their systems so that third party DNS servers can’t be used to resolve the addresses of the Netflix Site.  This means that none of the Smart DNS solutions work any more.

How to Fix Broken Smart DNS for Netflix

Fortunately there is a solution which follows, I have demonstrated on my router a Netgear WNDR 4500 but you should be able to do this on most decent routers. Basically Netflix is forcing everyone to use specific DNS servers, the Open DNS and Google ones, in order to stop the Smart DNS trickery working.  The fix ensures that these DNS servers are not accessible and the client will then go back to the Smart DNS ones – So here’s the fix, first go into your routers configuration screens – mine is accessed by putting it’s internal ip address into a browser . i.e. http://192.168.1.1 which gives me this screen. netgear-smartdnsfix1 You then need to move down to Advanced settings and select Static Routes.  From this screen we need to make sure that the four public DNS servers that Netflix is trying to force us to use are not accessible. fixrbokensmartdns2

Here’s the screen (click to enlarge), and you need to simply add a route for each DNS server to ensure it never gets to it’s destination.
Commonly the information required is –  Destination IP address – the address of the DNS servers as follows:

  • 8.8.8.4  Google DNS
  • 8.8.8.8 Google DNS2
  • 208.67.222.222 Open DNS
  • 209.244.0.3   Open DNS

Subnet Mask  – Put in 255.255.255.255 Gateway IP address – Your Router or a made up internal IP address – mines set to a PC 192.168.1.253 Metric – 2 This should ensure that none of your devices will be able to access any of these DNS servers, thwarting Netflix’s plan and making Smart DNS work yet again – hooray!!  The last check to see if it’s working is to ping any of the devices to see if they can be accessed. pingcheck-dns Here’s an example, you can see the Google DNS server is not reachable.  Now Netflix runs like a dream again and connects to the USA version without a hitch.  This obviously relies on you having a router which allows static routes to be set up, however this is not always possible – the crappy routers most ISPs hand out are usually locked down so you can’t get access to these.   There are other potential solutions which I’ll check out and hopefully post up here if I get chance.

Is Smart DNS Safe? Using Free Smart DNS Codes

A lot of people are starting to use Smart DNS instead of the traditional methods of accessing geo-blocked content.   However people still seem to overlook the huge potential risks in using these free codes and servers that conveniently appear on the internet.

is smart dns safe

But first let us back track and attempt to give a short overview of Smart DNS and what it’s actually used for.  It is basically the next step in the war against web sites who want to control access to their content based on your location.  If configured correctly it has the potential to give anyone access to sites like BBC, HBO, ABC, ITV, Pandora and Netflix irrespective or where you live.  SO you can watch the US version of Netflix from Ottowa, then switch to the UK only version of BBC iPlayer without any problems.

Of course, VPNs and proxies already allow this – however the beauty of the Smart DNS proxy solution is that it works almost seamlessly in the background and can be enabled on virtually any network enabled device.  In the past, people have searched how to get proxy or VPN authentication working on games consoles, iPads, mobile phones or Smart TVs.  This can often be very difficult and sometimes it’s virtually impossible.  With Smart DNS it’s not required, simply change your DNS server and it’s done, it takes minutes and then it’s done – watch this for a demo.

It’s easy to see why it’s becoming more popular, incredibly easy to use and you can simply set and forget.  However it’s important to understand how this actually works and you’ll find the majority of smart dns reviews somewhat lacking in explanations.

How Smart DNS Works

To properly consider the risks of using this technique, it’s obviously useful to have an idea of how it works.   Instead of using your standard DNS server usually assigned by your ISP on connection, you are instead forwarding all DNS requests (the lookups that tell your computer where to find a certain web site) to a specially configured Smart DNS server.  This server will run a DNS forwarder (such as DNSmasq) which will intercept certain domain names, these will be typically the geo-blocked sites like BBC, Hulu  and Netflix.

All other requests will be resolved normally, however any request for the specific geo-blocked sites will be routed to a remote proxy in the correct location.  So for example if you request a video from BBC iPlayer your browser will automatically be redirected to a UK proxy where the connection will be made.  If you then switch to Hulu, your request will be redirected to a US based proxy instead.   Basically you will be rerouted to specific servers using the DNS forwarder – this will all be done in the background.

It’s a very simple and clever technological work around, a well configured and fast Smart DNS server works incredibly well.  You’ll be redirected through a proxy when you need to be to access the site, otherwise the DNS requests will be resolved normally.

So are there any risks to this method?

Unfortunately there are,  simply because you are giving a third party server almost complete control of your web browsing.  There is absolutely nothing to stop this server from rerouting any web request you make – here’s an example.

  • You type in paypal/home banking site  into your web browser as you want to pay some bills.
  • The Smart DNS server reroutes your connection to a different website where a mirror of Paypal/your bank site is stored.
  • You login to the fake version of the website using your username and password.
  • Your account details are stolen and your account accessed.

If it was done well, you would be completely unaware of this happening. You will have given the Smart DNS server complete control of your browsing and the ability to decide which web site it sends you to.

This is the main issue (although there are some others), the fact that anyone can knock together a Smart DNS server and use it to steal usernames and passwords quickly and easily.    All they need to do is release it on the net and post a few ‘found these free dns codes’ type messages on social media sites like Facebook and Youtube, they’ll soon have a flood of potential victims.   It’s an incredibly profitable cybercrime, people can have their various accounts plundered, identity stolen whilst thinking they’re getting a great deal whilst watching the BBC for free!

Remember changing your DNS setting hands over complete control of all your web browsing.

So back to the main question – is smart dns safe ? Well if you’re using free DNS codes found on random posts on internet forums and bulletin boards no almost certainly not.   They have the same inherent risk that using free proxies and vpns have – basically why would people do this for free, well they don’t there will always be an ulterior motive usually involving your personal details.

Of course the commercial Smart DNS services are a completely different matter.  They are on the whole run by legitimate companies who secure their DNS servers and the proxies that they route through.  The problem with these is not whether they are legitimate, but the fact that they are easier to block than VPN services.   For example Netflix have waged war on all methods of bypassing their region locks and 99% of Smart DNS services stopped working in 2016.   The technology is unfortunately much more vulnerable to blocking than the VPN services like Identity Cloaker, and of course doesn’t offer any encryption or security to your connection.

Still there’s no doubt it is easier to set up than a VPN on things like Smart TVs and media streamers so a commercial Smart DNS service is still useful to many people. However you should always check first that it works with the media sites you require, many don’t work with the BBC too.

At the moment you can try out a Smart DNS proxy review for free on probably the most advanced Smart DNS system  (only one that works with Netflix) –
FREE Trial of Unblock US Here

Try it out and see how it works for you.

The Netflix Throttling Mystery – The VPN Solution?

There is of course a big problem with the most popular sites on the internet, and that’s the amount of  traffic they generate.  As our use of media sites like Netflix, BBC iPlayer and Hulu which stream video across the net increase then so do the costs for the people who have to carry that traffic – the ISP.

IS Netflix Being Throttled

It’s kind of tough when you think about it, each time someone subscribes to Netflix, the ISP of that customer will see their traffic usage sky rocket.  Combine this with some users downloading hundreds of Gigabytes a week from BitTorrent sites and you can see there problem.  Each customer will cost more and more to support, while these other companies effectively transmit their service over your infrastructure.   If all ISPs charged a bandwidth costs, that wouldn’t matter much – but the current status is that due to competition most offer unmetered access.

The big telecoms giants in America seem to have come up with a solution, although it’s not a terribly popular one.  Comcast and Verizon are being increasingly suspected of throttling traffic to these sites, especially to the vastly popular Netflix.  This effectively means that your data is un-metered normally but the speed will be capped when you access specific sites or transmit certain data like streaming video or accessing BBC iPlayer, Netflix or Hulu for example.

On the whole, this behavior is generally denied, it’s commercially bad news to admit that you will cripple the speed of some of the world’s most popular sites.  It’s of course, extremely annoying to watch a film and wait every ten minutes for it to buffer!

The evidence is mounting and some users on Comcast and Verizon have discovered that if they stream video over a VPN connection then they see huge speed increases.  A virtual private network of course shouldn’t increase your speed at all, you are adding another hop to the journey of your data, plus a layer of encryption too.  Although the fastest VPN providers like . will normally see minimal performance impact you wouldn’t expect to see a huge speed boost.

Speeding Up Netflix Yet this is what seems to be happening to many – stream direct from Netflix and your connection will struggle.   Fire up a VPN connection and stream through that some people are getting 10 or 20 times the throughput.  This increase has been reported by many people who have repeated the test using different sites and VPNs.

There are some other potential explanations, one of the most plausible is that some network pipes are simply becoming saturated.  If Netflix traffic is normally travelling down specific links to reach these big telecom providers, then there’s going to be a huge amount of traffic there.   Watching Netflix in the USA over a VPN will provide an alternate route, perhaps one with little congestion – hence the speed boost.

The jury’s out at the moment, both these scenarios could be true.  It’s definitely the case that using a VPN not only allows you access to the different language variants of sites like Netflix (Canadian or UK users can get US Netflix for example) but also boosts speed significantly.

Using DNS to Fightback

There’s a lot of information on this site, about the various methods used to filter, block and deny access to specific websites. Content filters, geo-blocking and firewalls now form part of the internet’s infrastructure rather than existing in isolation to protect genuinely secure networks. Of course, there have always been ways around them and in reality if you had something like the portable version of Identity Cloaker stored on a USB drive, you were normally able to bypass them. But in reality most people wouldn’t want to get involved in the world of proxies, VPNs and encryption because basically they just wanted to watch stuff online.

After all if you’re faced with a big shiny flat screen Smart TV, and you find you can’t watch a video on YouTube or The Simpsons on Hulu – then downloading PC software is not going to get your far. The reality is that we access the internet in so many different ways nowadays and via a computer is just one of these. In my home just for an example, the devices capable of browsing the internet include computers, tablets, phones, TVs, an Xbox and a WiiU and probably more. The challenge is to enable those devices to have unrestricted access to specific websites, not just the computers.

There in lies the difficulty, you can’t install PC based software on your phone, TV and Games console. The most you’ll be able to control is the device’s network settings from some generic menu like this –

wiiu-networksettings

This will be the same for your phone, Smart TV and tablet – most devices will allow you access to these settings somehow. Although there are some which don’t – the annoying Roku won’t let you manually change all these network settings for some reason ( Geek Note : although you can remotely assign them through DHCP).

Fortunately now this is all it takes is to use Smart DNS – which you can see from this video demonstrating the procedure on an iPad.

So to bypass all but the most fiendish network blocks all you need to do is to be able to manually alter the DNS settings. Unlock BBC iPlayer, Hulu, Pandora and Netflix on any electronic device you need, just by using Smart DNS.

It’s a wonderful piece of technology, designed to bypass the commercialism and control that corporations are seeking to impose on the internet user. It’s simple to use, cheap and doesn’t impact your connection, so I thoroughly recommend it. Remember the video above – Change DNS iPad settings enables Smart DNS on the tablet but it works the same on any internet enabled device, just find those network settings and change your DNS server to a Smart one.

What’s a VPN and Do You Need One?

There is no doubt that the term VPN causes much confusion throughout the IT industry never mind the public.  This is due to a number of reasons, but the confusion is largely to do with evolving technologies and how VPNs adapt with them.  The traditional definition of a VPN (Virtual Private Network) is as follows;

A private network for voice and data built with carrier services.

It’s a definition that was perfectly adequate for many years however, more recently, a VPN has come to describe the establishing of private and encrypted tunnels through the internet for transporting voice and data. So here’s some more up to date and hopefully more accurate definitions as described by the LAN Times Encyclopedia of Networking –

  • Voice VPN – a single carrier handles all your voice call switching. The ‘virtual’ in VPN implies that the carrier creates a virtual voice-switching network for use by utilising it’s own switching equipment.
  • Carrier-based voice data VPN – Packet, frame and cell switching networks carry information in discrete bundles (packets) that are routed through a mesh of network switches to their destination. Carriers can program virtual circuits into these networks that simulate dedicated connections between perhaps specific sites or locations (within a company’s control). A web of these virtual circuits can form a virtual private network over a controlled packed switched network.

The new guy on the block and the most likely technology if you see it mentioned on the internet outside the IT department is this –

  • Internet VPN – an internet VPN is similar to the previous two definitions except that the IP-based internet is the underlying network.

So in definition an Internet VPN is simply a secure way to move packets across the internet using specialised equipment. It can be done using a variety of methods using a Transport mode, encrypting just the payload and leaving the headers readable so the packet can be forwarded by any hardware across the internet. The other method is Tunnel mode, which can be used with protocols like IP, IPX and SNA to encrypt and encapsulate into new IP packets for distribution, this technique is more secure as it also hides both the source and destination of the packet as well.

A Tunnel mode Internet VPN is probably the most likely technology that is being discussed when you see and hear discussion of a VPN online. Here’s a practical example of one of the commercially popular VPN technologies available on the internet, for an individual who doesn’t want to invest in the extensive infrastructure required – this is an example of how you can buy VPN online.

Here you can see a low cost, highly secure internet VPN which can be used to provide security, hide all your online activities and obscure your exact location from any web site you visit.  It’s in my opinion the best UK VPN you can buy without moving into the high cost business market.  This particularly has become much more important over the years with the rise of geolocation, where web sites block access based on your location. Using a VPN tunnel you can change your virtual location at will, which millions now use as useful tool to watch websites that are normally inaccessible to them.