Bypass ISP YouTube throttling

I think I may have found an improvement to this blocking situation, and I'd like some more eyes to check it out before I go writing a blog post and plastering it on Reddit/HN/etc.

So, here's the situation. I found that, while blocking the 206.111.0.0/16 IP block worked great for desktop systems, it was causing my non-PC devices (Xbox 360, Apple TV) to fail to use YouTube at all.

Also, as has been noted elsewhere, when using this block trick, there is a ~3 second delay when loading videos, before the failure of the blocked IP loading kicks over to the Google datacenter IPs.

So, I thought... what if, instead of blocking those IPs, we rewrote the attempts to reach them?

I loaded a YouTube video on my desktop, and then in a connection monitor (iftop), I watched what IP address I was getting kicked over to after YouTube stopped trying to load on the blocked IP.

I then took that address and changed my iptables rule to rewrite attempts to go to the blocked IP block to go to that IP instead:

iptables -t nat -I OUTPUT --dest 206.111.0.0/16 -p tcp -j DNAT --to-dest 208.117.252.11

As soon as I did that, the Apple TV's YouTube app started working again, and loading fast. Also, loading videos in YouTube on my desktop no longer had a delay.

But I have tested this for all of about 10 minutes. I need to test further to see if I'm actually on to something. And also to see if there's any issue with rewriting all YouTube attempts to that one IP address that I sniffed out. Possibly there's a better way than rewriting to just the one address? I have some iptables skills but I'm no guru.

Legion, did you make any further headway on that?

Thin_J wrote:

Legion, did you make any further headway on that?

I still need to do some more back-and-forth comparison, but I haven't run into anything yet that makes me think I got it wrong.

*Legion* wrote:

before I go writing a blog post and plastering it on Reddit/HN/etc.

So... have you written any more details about this somewhere?

Edit: Can't get quote to display properly. Meh.

xxSoullissxx wrote:
*Legion* wrote:

before I go writing a blog post and plastering it on Reddit/HN/etc.

So... have you written any more details about this somewhere?

Edit: Can't get quote to display properly. Meh.

Hang around and post a few times. That's a spammer prevention tool based on the new account.

Hey Legion, did you ever get your improved command to work better?

I need to revisit this! I've had that iptables rule running on my router since I wrote this. I have hardly thought about it since, which maybe means it's working? Because I have hardly been reminded to go back and mess with it again.

I need to A/B test this to confirm that it's actually doing something. I'm out of town for the next couple of weeks, but maybe when I get back.

Could you call your ISP and just tell them to stop it?

Baron Of Hell wrote:

Could you call your ISP and just tell them to stop it?

IMAGE(http://i.imgur.com/e3nY9BF.gif)