It is well known in the movie and TV Shows community that US subscribers tend to get the best Netflix goodies. It is also well known that Netflix presents its catalogue based on what they detect your IP address to be. This presents opportunities for the tech-savvy among us. You can pay for Zimbabwe, South African or whatever-your-preferred country’s Netflix and use that account to access US Netflix.
The ingredients and underlying problems
I have covered this in other articles in the past but generally, you need either SmartDNS or a specialist VPN. I generally recommend SmartDNS because it’s easier to set up and results in the best overall experience. This article will assume you are using SmartDNS. There are several services you can use just Google SmartDNS and pick one you one.
Personally, I recommend SmartDNSProxy because it’s the service that I have been using for the past four or so years and it comes with South African DNS servers. In my experience, that means you will hardly notice the difference between your normal ISP-provided servers e.g. 5.11.11.5 and their servers in terms of latency. I also have an account with SmartyDNS but their service is a little bit slower due to them only having European servers.
Setting up SmartDNS is very simple. All you need to do is change your device’s DNS servers and you are good to go. Just like magic if you visit services such as BBC’s Player, TVNZ or SBS they start working instead of showing you location errors.
However, this doesn’t work always work mostly because Netflix works hard to defeat circumvention. Watching US Netflix on your phone or laptop is as simple as changing DNS servers as outlined above but if you have a TV Box like me, Netflix has another trick up its sleeves. The smartTV/ TV Box Netflix app comes with inbuilt DNS servers hardcoded.
This means that the app bypasses your configured servers each time it goes on the internet. The app doesn’t get to use your SmartDNSProxy configured servers and thus is able to tell that you are actually not in the US. The only way around this is to do what is known as static routing. The best router to do this is of course one that comes with the specialist Linux distro known as OpenWrt.
So for our guide, we will assume you have the following basic ingredients:
- A router that you have flashed OpenWrt on. You can buy cheap TP-Link routers in town and flash OpenWrt onto them.
- An active service with SmartDNSProxy. They have a package that’s going for US$42 for three years that comes with free premium VPN you can also just sign up for a trial.
Doing static routing
Static routing is a powerful feature available to OpenWrt routers. It allows you to manually define the routes your packets to the internet will take. In this case, we will be defining a series of routes that will intercept Netflix packets and force them to go via our SmartDNSProxy set up where we can trick Netflix into thinking we are in the US.
To do this you just need to fire up your OpenWrt router, set up ssh on it, log in via ssh into the router and run the following commands one after the other.
iptables -I FORWARD -d 8.8.8.8/255.255.255.255 -j REJECT&&iptables -I FORWARD -d 8.8.4.4/255.255.255.255 -j REJECT
iptables -I FORWARD -d 45.57.0.0/255.255.128.0 -j REJECT
These first two commands tell our router to not route traffic to those IP addresses which are well known Google DNS addresses. Naturally I am assuming you are not using them in your other devices on this network because if you are you can run into issues. You can get around this by configuring your OpenWrt router to hand out SmartDNSProxy DNS servers instead.
This can be done on the command line using the following commands:
uci -q delete network.wan.dns
uci add_list network.wan.dns=”154.127.57.224″
uci add_list network.wan.dns=”129.232.164.26″ uci set network.wan.peerdns=”0″
uci set network.wan6.peerdns=”0″ uci commit network /etc/init.d/network restart
You can try Netflix on your Android TV to see if it’s now working. Usually, this is all you need to do. Make sure to restart your Network device several times to confirm if you are now getting US Netflix. If you are still getting errors you can login into your router’s ssh interface again and take a more aggressive stance.
iptables -I FORWARD -d 108.175.32.0/255.255.240.0 -j REJECT
iptables -I FORWARD -d 198.38.96.0/255.255.224.0 -j REJECT
iptables -I FORWARD -d 198.45.48.0/255.255.240.0 -j REJECT
iptables -I FORWARD -d 185.2.220.0/255.255.252.0 -j REJECT
iptables -I FORWARD -d 23.246.0.0/255.255.192.0 -j REJECT
iptables -I FORWARD -d 37.77.184.0/255.255.248.0 -j REJECT
iptables -I FORWARD -d 45.57.0.0/255.255.128.0 -j REJECT
This will do it for you but once in a while, you can get the occasional internet error for no reason due to accidental blocking. You can get around this by simply adding MAC-based static routing-OpenWrt is a powerful piece of software. I will touch on that on another day.
Automatically activating your IP with SmartDNSProxy using Openwrt
One issue that can crop up is that SmartDNSProxy requires you to activate your current IP in order to use their service. This can get annoying fast if you live in Zimbabwe and your router is not on backup power. Each time it restarts you need to go into your SmartDNS Proxy dashboard and activate the service.
This can be automated but there is a trick to it. The SmartDNSProxy API uses https and the OpenWrt OpenSSL library is quite large. You can get around this by installing the curl package instead and setting up a cronjob to run regularly by polling your specific API URL found in the dashboard.
Share
Home
What’s your take?