realpath.org

An IPv6 tunnel as a free VPN alternative to unblock YouTube content in your country

Most music videos on YouTube are still not available in Germany because of an ongoing dispute between YouTube and the GEMA, Germany’s main performance rights organisation. This has been very annoying for German YouTube users but so far no solution for the conflict is in sight.

Multiple solutions are available for users, one of them being proxy solutions through browser plugins like ProxTube. However, unless you run all traffic through a proxy (instead of only the videos as is the case with ProxTube), this has the disadvantage that blocked videos won’t even show up in your YouTube searches. Additionally those free extensions often suffer from the problem of having high traffic costs to run their proxy servers, so they try shady things like injecting ads on other sites.

Another way is a regular VPN with an endpoint in another country which has its disadvantages as well. Most providers will route all your traffic through their VPN, usually reducing the bandwidth and increasing latency. Most also give you only a private IP address and use some form of carrier grade NAT.

Choosing a foreign IPv6 tunnel endpoint

YouTube has been available over IPv6 for everyone since Google permantenly enabled AAAA records for all their services on World IPv6 Launch Day in June 2012. However, most end-user ISPs including mine still don’t offer native IPv6 connections to their customers.

The global ISP Hurricane Electric provides a free IPv6 tunnel broker service which you can use to set up a tunnel within minutes. The nice thing about this service is that you can easily choose the tunnel endpoint from multiple locations in Asia, Europe and North America. I chose London as a tunnel endpoint because it’s fairly close so that IPv6 connections don’t add a lot of latency. While I get an average latency of 27 ms to YouTube of IPv4, it’s almost doubled to 52 ms over IPv6. However, in practice this difference is not really noticable.

Fortunately my router is a FRITZ!Box which is able to directly set up the tunnel (as 6in4 in the web interface) and announce the /64 prefix in my local network. Now all devices connected to my network will automatically get an IPv6 address without any additional configuration.

When any device in my network connects to YouTube over IPv6 through the tunnel, Google will now assume a user from London, so all videos blocked in Germany because of the GEMA conflict are available to me.

Configuring Chrome on OS X to prefer IPv6

If you use OS X, the whole solution might not actually work because OS X doesn’t implement RFC 3484 correctly. This RFC specifies that if an operating system has a native IPv6 connection it should prefer it if a host is available through both IPv4 and IPv6. Unfortunately getaddrinfo on OS X uses its own heuristics to find out which protocol is faster, so eventually it will prefer the IPv4 connection since it doesn’t use a tunnel. So far I couldn’t find any way to configure OS X to always prefer IPv6 (like Linux’s /etc/gai.conf).

However, recent versions of Chrome include their own experimental DNS resolver which does prefer IPv6. It’s disabled by default, but you can open up chrome://flags/ and change Built-in Asynchronous DNS to Enabled. IPv6 will now get a headstart of 300ms before falling back to IPv4, so make sure that the latency through the tunnel is not too high.