Hacker Timesnew | past | comments | ask | show | jobs | submitlogin

Get a raspberry pi, set up two vlans, run wireguard, and send 100% of your uplink traffic to a remote vpn endpoint.

This gets you off their IP, and also has the added benefit of not letting them analyze your traffic.



And adds 20ms+ latency, another complex point of failure, and potential problems depending on the reputation of the IP address block of wherever you're hosting the endpoint. I've used VPNs to smooth over various Starlink problems since I got the service and it helps but it's not a great solution.


My he.net ipv6 tunnel adds about 2ms of latency on average, which I can totally live with.


At least when I was doing this, it also meant that I blocked Netflix and a few other services for my entire network.


Can you use that over a CGNAT?


Most likely you wouldn't with CGNAT, unfortunately, at least I can't see how. They need to ping your IPv4 address to set up.

As an aside, they also want to ping your IPv6 daily (at least in my logs) to keep the tunnel alive; otherwise quite stable.

I'm fortunate to not have to deal with CGNAT. But still waiting for IPv6. A he.net tunnel works for now for what I need: stable IPv6 for SSH tunneling from my IPv6 mobile.


There is no other solution that doesn’t allow SpaceX to snoop on all your traffic, unfortunately.


Having a non-residential IP address is likely to get you blocked from services like Netflix.

It would be nice if there were some way to decouple connectivity from addressing, without becoming a second-class citizen of the internet.


A good way is to refuse to give money to such services, which being unable to access them, dovetails nicely.

Incidentally this also makes torrenting safe, and everything on Netflix can be downloaded via BitTorrent.


That's an interesting point. I wonder what Starlink is doing with any DMCA complaints aimed at IP address traffic.


4K high bitrate HDR / dolby vision + dolby atmos is surprisingly a pain to find in general.


I don't use Netflix but that never happened to me.


I'd go so far as to say that it's actually never happened to anyone that doesn't use Netflix.


I can't tell if this is a 'by definition' comment or if you mean that Netflix is the only major service which blocks VPN IPs.

The latter isn't quite true, sometimes a site is having a bad day and sets up Cloudflare rules which make VPN access impractical or impossible, but it's more true than not: I can usually use Netflix off a VPN, just not consistently.


Oddly the hardest part of this right now is getting your hands on a raspberry pi!


You can get wireguard running on any consumer network appliance capable of running OpenWRT.


Why two VLAN's? Are you worried the traffic is analyzed by the ISP locally?


When I use a VPN I get significantly more CAPTCHAs.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: