So I thought I had found a convenient solution to the household problem.
Me an my family all have FritzBox routers. They have some built in vpn functionality which works perfectly fine. With that you can for example specify, that only the tv uses the vpn to route its traffic through - in this case - my home network which is the household. Maybe I just had luck but I thought this was working fine, however some time ago this stopped working.
This means, even tho the tv is using the vpn - i can verify that for example by looking at the ip - it still gives the household error.
How is that possible? How does netflix “know” where the tv is, when the traffic is routed through me ?
Netflix is known for blacklisting VPN IP addresses.
With a VPN provider, more than 1 customer could have the same IP address.
In order to use a VPN to bypass the household restriction, you need the main household running a VPN server while the other users run a VPN client to your VPN server.
I’m reading that they’re hosting the vpn on one house.
Fairly sure they’re doing exactly what you wrote.
As someone else mentioned, I am not using a vpn provider or vps. Idk how technically correct this is but I assume my router is hosting the vpn server and the other router is connecting to it.
When I look at sites like whatsmyip the ip of the TV is the same as my public ip, so the routing itself works.
The router is currently using the ipsec protocol I believe. I guess some leakage must be happening at some end? Maybe I am able to monitor the traffic somehow and resolve it like this. And I think the router supports another protocol, maybe that one works.
If the VPN is connecting to a VPS, that could be the issue.
If the main household is hosting the VPN, the client IP addresses may be leaking and exposed to Netflix.
I host a Wireguard server on an opnsense router and have been doing this for over 2 years and no one connecting to my router via their Wireguard client has ever had an issue.
Try a different protocol such as Wireguard or OpenVPN.
The VPN tunnel may not be leaking the IP but it could be that the client device is dropping the VPN connection while continuing to stream Netflix.
Do the client devices have a VPN kill switch?
I agree. Likely leaking.
Just saying I’m fairly sure they’re hosting it based on what I’m reading.
I will try a different protocol, maybe that works.
There isn’t a killswitch I believe. The router is doing everything, there is nothing running directly on the TV. However when the vpn is not active / my router is not reachable, the TV doesn’t have a connection to the internet because the router still tries to route everything through my network. So I don’t really think there ist stuff leaking but what else should it be I guess.
It’s the clients who are using the service outside the main household that need the killswitch. It may not be due to the VPN protocol at all.
By client you mean the TV or the router in the TVs network?
“Client” refers to people who are using the service outside the main household and it is the client devices that need a killswitch.
Okay, I will keep that in mind if the other protocol doesn’t work 
Thank you
You’re welcome.
Based on your description of the problem, it doesn’t appear to be an issue with the VPN protocol.
Yeah probably. But trying that is faster than setting up something else probably, since I doubt I can use vpn my router provides if that doesn’t work out.
You could ask each client to check their settings to see if there is a killswitch.
Without the killswitch, the protocol may not matter.
The router itself doesn’t have that option, I know that. But I think it’s doing it already by default, but maybe not quiet well ^^
Are you referring to the router running the VPN server at the main household?
Doesn’t matter much if the VPN server has a killswitch.
Both actually. The router of the client and my router are the same. Or rather same brand but different model.
But I thought about this again: the client router can specify that all traffic from certain devices - this case the TV - shall be routed through the vpn first.
Even when the vpn is not reachable, the router still tries to use it. So for example you couldn’t browse the internet on the TV when the vpn is not working, since the router does never default to “normal” routing or at least that’s what it looks like.
To me this sounds like a killswitch wouldn’t change anything in this case or did I miss something?
With the client router specifying which devices must use the VPN to access services, regardless of whether the VPN is working, this would act as a pseudo kill switch.
Is it possible that people outside the household are using devices that are not being forced to use the VPN? For example, you have 2 devices at a different location and both of these devices are forced to use the VPN for internet access but a 3rd device is introduced and it’s MAC address is not added to the list of devices that must use the VPN.
Not sure if I understand that correctly.
Currently only the TV is forced to use the vpn. All other devices in the client network don’t. However those devices didn’t use Netflix when we were testing it, if that matters.