C3emfcb0Nzt0xiDj 1 Posted ... Hi guys, I'm observing *terrible* performance when I'm connected to AirVPN. I testet multiple servers (Germany, Netherlands, Switzerland). To debug things I disconnected and just ping'ed around a bit. So my connection is basically fine. Below 10ms ping to google.de, no lost packets. Same for a couple of other servers. However, when I ping any of the AirVPN entry IPs, I get 10-20% packet loss. I'm on german Telekom vDSL 50, using openvpn on Linux. This seems to have started recently (maybe with the beginning of the Corona crisis?). I'm not sure how to continue to debug this. Is this a ISP issue? I'm pretty sure if I call the Telekom they will tell me it's AirVPNs fault - if I manage to get somebody on the line who understands what ping and vpn is.... 😕 Thanks & regards Simon$> ping -i 0.2 -W 0.2 -c 100 -q 134.19.179.170 PING 134.19.179.170 (134.19.179.170) 56(84) bytes of data. --- 134.19.179.170 ping statistics --- 100 packets transmitted, 75 received, 25% packet loss, time 19940ms rtt min/avg/max/mdev = 56.086/56.708/60.311/0.535 ms $> ping -i 0.2 -W 0.2 -c 100 -q www.google.de PING www.google.de (172.217.18.99) 56(84) bytes of data. --- www.google.de ping statistics --- 100 packets transmitted, 100 received, 0% packet loss, time 19890ms rtt min/avg/max/mdev = 8.340/8.830/11.517/0.445 ms Quote Share this post Link to post
OpenSourcerer 1442 Posted ... I'm on Telekom Supervectoring 250/40 here, and my performance is very good. It's not an ISP issue. We need more info about your setup. If you're using Eddie, in Logs tab click the lifebelt icon and paste or upload the output here, please. If not Eddie, then Logs alone. Maybe also write which router you use, could be important. Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
Staff 10019 Posted ... @C3emfcb0Nzt0xiDj It doesn't look like a server or server line problem. You can see from the ping matrix that there is no packet loss between servers in the countries you mention. For a cross-check this is what we see from a couple of ISPs from Italy: $ ping -i 0.2 -W 0.2 -c 100 -q 134.19.179.170 PING 134.19.179.170 (134.19.179.170) 56(84) bytes of data. --- 134.19.179.170 ping statistics --- 100 packets transmitted, 100 received, 0% packet loss, time 19869ms rtt min/avg/max/mdev = 35.528/37.343/50.654/2.551 ms Another cross-check comes from @giganerd who uses your very same ISP so the matter is quite puzzling. Can you have your ISP perform a remote check on your nearest DSLAM and last mile? Kind regards Quote Share this post Link to post
C3emfcb0Nzt0xiDj 1 Posted ... Hi guys, Thanks for your replies. I will try to get the Telekom onto this. And also try the standards... restart router, try a different router, restore config, etc. But in the meantime I did some traceroute'ing. And it seems to me that the issue is located somewhere around7 global-layer.amster51.ams.seabone.net (195.22.213.67) 61.165 ms 61.485 ms * because starting with this node I see dropped packets.$> traceroute 134.19.179.138 traceroute to 134.19.179.138 (134.19.179.138), 30 hops max, 60 byte packets 1 XXXXXXXX (10.42.13.1) 0.287 ms 0.314 ms 0.362 ms 2 XXXXXXXX (10.42.3.2) 1.398 ms 1.394 ms 1.502 ms 3 62.155.246.161 (62.155.246.161) 6.479 ms 6.532 ms 7.234 ms 4 217.0.198.14 (217.0.198.14) 9.371 ms 9.462 ms 9.619 ms 5 62.157.250.38 (62.157.250.38) 9.782 ms 9.838 ms 9.663 ms 6 ae22.amster51.ams.seabone.net (195.22.213.233) 23.526 ms 22.800 ms 22.362 ms 7 global-layer.amster51.ams.seabone.net (195.22.213.67) 61.165 ms 61.485 ms * 8 185.23.212.7 (185.23.212.7) 77.749 ms !X 72.755 ms !X 72.768 ms !X Regards Simon Quote Share this post Link to post
OpenSourcerer 1442 Posted ... I can confirm a certain latency difference starting from there, too: $ sudo traceroute -T 134.19.179.138 traceroute to 134.19.179.138 (134.19.179.138), 30 hops max, 60 byte packets 1 fritz.box (192.168.110.1) 0.400 ms 0.437 ms 0.481 ms 2 62.155.242.252 (62.155.242.252) 4.944 ms 4.958 ms 4.956 ms 3 217.5.116.90 (217.5.116.90) 10.883 ms 11.054 ms 11.056 ms 4 62.157.250.38 (62.157.250.38) 13.723 ms 13.777 ms 13.780 ms 5 ae22.amster51.ams.seabone.net (195.22.213.233) 20.015 ms 25.495 ms 20.221 ms 6 global-layer.amster51.ams.seabone.net (195.22.213.67) 61.690 ms 54.340 ms 54.744 ms 7 185.23.212.7 (185.23.212.7) 70.447 ms !X 70.470 ms !X 70.470 ms !X If you can tell me which server this is, I might even check that server myself. Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
C3emfcb0Nzt0xiDj 1 Posted ... Hi giganerd, It's one of the servers from Austria. Not sure which. I always have the config generator resolve the IPs for me. 😕 But as stated before, this affects many AirVPN IPs, not just that single one. In this example I ping'ed DE-Frankfurt_Menkalinan:$> ping -q -c 100 -i 0.2 -W 0.2 141.98.102.226 PING 141.98.102.226 (141.98.102.226) 56(84) bytes of data. --- 141.98.102.226 ping statistics --- 100 packets transmitted, 81 received, 19% packet loss, time 21ms rtt min/avg/max/mdev = 50.396/51.710/62.131/1.260 ms Btw. I can't even get a complete traceroute through to that server at all:$> traceroute 141.98.102.226 traceroute to 141.98.102.226 (141.98.102.226), 30 hops max, 60 byte packets 1 XXXXXXXXX (10.42.3.2) 0.885 ms 0.844 ms 0.913 ms 2 62.155.246.161 (62.155.246.161) 5.845 ms 5.797 ms 5.764 ms 3 217.5.118.50 (217.5.118.50) 9.263 ms 9.868 ms 10.492 ms 4 62.157.249.186 (62.157.249.186) 54.654 ms 54.658 ms * 5 ae-2.r21.frnkge13.de.bb.gin.ntt.net (129.250.6.41) 63.095 ms 62.955 ms * 6 ae-0.a00.frnkge13.de.bb.gin.ntt.net (129.250.2.25) 56.690 ms * * 7 ae-8-501.a00.frnkge13.de.ce.gin.ntt.net (213.198.52.62) 52.857 ms 52.687 ms * 8 vlan2916.agg1.fra4.de.m247.com (212.103.51.48) 19.470 ms 37.120.220.131 (37.120.220.131) 1 9.691 ms 37.120.220.118 (37.120.220.118) 22.206 ms 9 vlan2919.as11.fra4.de.m247.com (212.103.51.151) 19.904 ms 19.481 ms vlan2917.as11.fra4.de. m247.com (212.103.51.191) 25.012 ms 10 * * * 11 * * * 12 * * * 13 * * * 14 * * * 15 * * * 16 * * * 17 * * * 18 * * * 19 * * * 20 * *^C But that could be normal. I want to believe it is a misconfiguration on my end, but I can't find anything in my routers config that could cause this (again Linux+openvpn+custom IPtables+Telekom Speedport Smart 3). Especially since the drop seems to happen way outside of my local network. There is no special handling for the AirVPN IPs in my IPtables rules and ping works for all other IPs on the internet I have tested so far. I will continue to dig around and test different configs on my end. Thanks & Regards Simon Quote Share this post Link to post
OpenSourcerer 1442 Posted ... 1 $ ping -q -c100 -i0,2 -W0,2 menkalinan.airvpn.org PING menkalinan.airvpn.org (141.98.102.226) 56(84) bytes of data. --- menkalinan.airvpn.org ping statistics --- 100 packets transmitted, 100 received, 0% packet loss, time 19938ms rtt min/avg/max/mdev = 9.692/10.004/10.526/0.185 ms $ 2 $ ping6 -q -c100 -i0,2 -W0,2 2001:ac8:20:98:5307:a6cf:d139:d129 PING 2001:ac8:20:98:5307:a6cf:d139:d129(2001:ac8:20:98:5307:a6cf:d139:d129) 56 data bytes --- 2001:ac8:20:98:5307:a6cf:d139:d129 ping statistics --- 100 packets transmitted, 96 received, 4% packet loss, time 19868ms rtt min/avg/max/mdev = 10.231/11.463/14.491/0.589 ms $ 3 $ ping6 -q -c100 -i0,2 -W0,2 2001:ac8:20:98:5307:a6cf:d139:d129 PING 2001:ac8:20:98:5307:a6cf:d139:d129(2001:ac8:20:98:5307:a6cf:d139:d129) 56 data bytes --- 2001:ac8:20:98:5307:a6cf:d139:d129 ping statistics --- 100 packets transmitted, 92 received, 8% packet loss, time 19882ms rtt min/avg/max/mdev = 10.746/11.862/14.791/0.965 ms $ 4 $ ping -q -c100 -i0,2 -W0,2 menkalinan.airvpn.org PING menkalinan.airvpn.org (141.98.102.226) 56(84) bytes of data. --- menkalinan.airvpn.org ping statistics --- 100 packets transmitted, 100 received, 0% packet loss, time 19858ms rtt min/avg/max/mdev = 9.691/10.794/13.338/1.038 ms $ 5 $ ping6 -q -c100 -i0,2 -W0,2 2001:ac8:20:98:ba0a:dabc:45a8:c67c PING 2001:ac8:20:98:ba0a:dabc:45a8:c67c(2001:ac8:20:98:ba0a:dabc:45a8:c67c) 56 data bytes --- 2001:ac8:20:98:ba0a:dabc:45a8:c67c ping statistics --- 100 packets transmitted, 97 received, 3% packet loss, time 19877ms rtt min/avg/max/mdev = 10.498/11.469/12.197/0.265 ms All Menkalinan, of course. v4 ping entry IP 1 v6 ping entry IP 1 Same as 2 for assurance Same as 1 for assurance v6 ping entry IP 3 v4 is good for me, v6 has some packet loss. Let's do a traceroute there: $ sudo traceroute6 -T 2001:ac8:20:98:5307:a6cf:d139:d129 traceroute to 2001:ac8:20:98:5307:a6cf:d139:d129 (2001:ac8:20:98:5307:a6cf:d139:d129), 30 hops max, 80 byte packets 1 fritz.box (UGA hidden) 0.793 ms 1.039 ms 1.182 ms 2 2003:0:8505:e000::1 (2003:0:8505:e000::1) 6.420 ms 6.467 ms 6.472 ms 3 2003:0:1307:400a::1 (2003:0:1307:400a::1) 12.067 ms 12.070 ms 12.116 ms 4 2003:0:1307:400a::2 (2003:0:1307:400a::2) 12.118 ms 12.210 ms 12.305 ms 5 ae-2.r21.frnkge13.de.bb.gin.ntt.net (2001:728:0:2000::189) 16.269 ms ae-2.r20.frnkge13.de.bb.gin.ntt.net (2001:728:0:2000::111) 12.268 ms ae-2.r21.frnkge13.de.bb.gin.ntt.net (2001:728:0:2000::189) 15.925 ms 6 ae-2.a00.frnkge13.de.bb.gin.ntt.net (2001:728:0:2000::25a) 13.010 ms 10.473 ms 10.369 ms 7 ae-8-501.a00.frnkge13.de.ce.gin.ntt.net (2001:728:0:5000::57e) 11.474 ms 11.698 ms 11.669 ms 8 vlan99.agg1.fra4.de.m247.com (2001:ac8:10:10::189) 12.421 ms vlan2981.agg2.fra4.de.m247.com (2001:ac8:10:10::3bb) 12.352 ms vlan2916.agg1.fra4.de.m247.com (2001:ac8:10:10::f30e) 12.408 ms 9 vlan2917.as11.fra4.de.m247.com (2001:ac8:10:10::2c31) 13.017 ms 13.330 ms * 10 2001:ac8:20:98:5307:a6cf:d139:d129 (2001:ac8:20:98:5307:a6cf:d139:d129) 12.867 ms 12.949 ms * Latency is good, but the last few hops seem to be wonky there. Now, how about an Austrian server, since you mentioned it? Alderamin here: $ ping -q -c100 -i0,2 -W0,2 185.9.19.106 PING 185.9.19.106 (185.9.19.106) 56(84) bytes of data. --- 185.9.19.106 ping statistics --- 100 packets transmitted, 100 received, 0% packet loss, time 19880ms rtt min/avg/max/mdev = 24.429/24.589/25.339/0.141 ms $ $ ping6 -q -c100 -i0,2 -W0,2 2001:ac8:29:5::2 PING 2001:ac8:29:5::2(2001:ac8:29:5::2) 56 data bytes --- 2001:ac8:29:5::2 ping statistics --- 100 packets transmitted, 95 received, 5% packet loss, time 19884ms rtt min/avg/max/mdev = 21.986/22.463/23.354/0.217 ms $ $ sudo traceroute -T alderamin.airvpn.org traceroute to alderamin.airvpn.org (185.9.19.106), 30 hops max, 60 byte packets 1 fritz.box (192.168.110.1) 0.349 ms 0.389 ms 0.437 ms 2 62.155.242.252 (62.155.242.252) 4.822 ms 4.941 ms 4.943 ms 3 217.5.117.129 (217.5.117.129) 10.872 ms 10.920 ms 10.924 ms 4 ffm-b4-link.telia.net (213.248.93.186) 22.962 ms 23.142 ms 23.144 ms 5 ffm-bb1-link.telia.net (62.115.114.88) 26.891 ms ffm-bb2-link.telia.net (62.115.114.90) 25.123 ms 25.129 ms 6 prag-bb1-link.telia.net (62.115.121.119) 33.636 ms 30.876 ms 30.667 ms 7 win-b4-link.telia.net (62.115.112.199) 26.152 ms 26.790 ms win-b4-link.telia.net (62.115.113.69) 23.726 ms 8 m247-ic-316932-win-b4.c.telia.net (62.115.146.19) 24.850 ms 25.299 ms 25.278 ms 9 106.19.9.185.in-addr.arpa (185.9.19.106) 26.697 ms 26.794 ms 26.693 ms $ $ sudo traceroute6 -T 2001:ac8:29:5::2 traceroute to 2001:ac8:29:5::2 (2001:ac8:29:5::2), 30 hops max, 80 byte packets 1 fritz.box (UGA hidden) 0.779 ms 1.063 ms 1.206 ms 2 2003:0:8505:e000::1 (2003:0:8505:e000::1) 5.460 ms 5.549 ms 5.548 ms 3 2003:0:130b::1 (2003:0:130b::1) 11.926 ms 11.927 ms 11.917 ms 4 2003:0:130b:11::2 (2003:0:130b:11::2) 57.317 ms 57.283 ms 57.306 ms 5 eth-26-1-0.pni1.fra2.de.m247.com (2001:ac8:10:10::152) 13.440 ms 13.442 ms 13.654 ms 6 xe-2-2-0-0.bb2.nyc1.us.m247.com (2001:ac8:10:10::1d0) 13.653 ms 11.693 ms * 7 te-2-4-0.bb2.vie1.at.m247.com (2001:ac8:10:10::33) 23.257 ms te-5-11-0.bb2.vie1.at.m247.com (2001:ac8:10:10::a175) 23.261 ms te-2-4-0.bb2.vie1.at.m247.com (2001:ac8:10:10::33) 23.709 ms 8 2001:ac8:29:5::2 (2001:ac8:29:5::2) 23.157 ms 23.732 ms 23.673 ms Mild packet loss on v6, there, it seems. Traceroute also shows one little timeout on hop 6. Let's do a server not hosted by M247. Mesarthim for example is with Contabo in Munich: $ ping -q -c100 -i0,2 -W0,2 mesarthim.airvpn.org PING mesarthim.airvpn.org (79.143.191.166) 56(84) bytes of data. --- mesarthim.airvpn.org ping statistics --- 100 packets transmitted, 100 received, 0% packet loss, time 19947ms rtt min/avg/max/mdev = 15.700/15.843/16.503/0.126 ms $ $ ping6 -q -c100 -i0,2 -W0,2 2a02:c205:0:1031:79f8:734d:afb7:43c PING 2a02:c205:0:1031:79f8:734d:afb7:43c(2a02:c205:0:1031:79f8:734d:afb7:43c) 56 data bytes --- 2a02:c205:0:1031:79f8:734d:afb7:43c ping statistics --- 100 packets transmitted, 100 received, 0% packet loss, time 19855ms rtt min/avg/max/mdev = 25.722/25.965/26.945/0.190 ms $ $ sudo traceroute -T mesarthim.airvpn.org traceroute to mesarthim.airvpn.org (79.143.191.166), 30 hops max, 60 byte packets 1 fritz.box (192.168.110.1) 0.278 ms 0.310 ms 0.358 ms 2 62.155.242.252 (62.155.242.252) 4.831 ms 4.826 ms 4.920 ms 3 217.5.116.102 (217.5.116.102) 10.754 ms 11.503 ms 11.638 ms 4 62.157.249.170 (62.157.249.170) 11.844 ms 11.852 ms 11.842 ms 5 ae0.r3.muc3.m-online.net (212.18.6.177) 17.899 ms 17.895 ms 18.059 ms 6 gw01.contabo.net (93.104.204.34) 18.814 ms 29.022 ms 17.613 ms 7 166.186.143.79.in-addr.arpa (79.143.191.166) 17.555 ms 17.131 ms 17.577 ms $ $ sudo traceroute6 -T 2a02:c205:0:1031:79f8:734d:afb7:43c traceroute to 2a02:c205:0:1031:79f8:734d:afb7:43c (2a02:c205:0:1031:79f8:734d:afb7:43c), 30 hops max, 80 byte packets 1 fritz.box (UGA hidden) 0.506 ms 0.581 ms 0.647 ms 2 2003:0:8505:e000::1 (2003:0:8505:e000::1) 4.888 ms 5.000 ms 5.004 ms 3 dtag-ic-319284-ffm-b4.c.telia.net (2001:2000:3080:104f::2) 11.314 ms 11.485 ms 11.467 ms 4 * * * 5 2001:2000:3019:6b::1 (2001:2000:3019:6b::1) 33.992 ms 34.166 ms 34.169 ms 6 mcn-b2-v6.telia.net (2001:2000:3018:59::1) 33.982 ms 33.272 ms 33.324 ms 7 gigahosting-ic-138043-mcn-b2.c.telia.net (2001:2000:3080:5eb::2) 22.616 ms * 22.714 ms 8 2a02:c205:0:1031:79f8:734d:afb7:43c (2a02:c205:0:1031:79f8:734d:afb7:43c) 26.951 ms 27.035 ms 27.034 ms Looks like there are some mild packet loss issues with M247's IPv6 connectivity, but all in all it works as it should. Do you have the possibility to test in another network? Even if it's GSM. Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
C3emfcb0Nzt0xiDj 1 Posted ... Hi giganerd, Thanks for all your help. I did another test. This time I connected my notebook directly to the Telekom router, bypassing my linux firewall/router entirely (and with it all the possible configuration issues it might have). No improvement. So this has to be an issue with the Telekom/Speedport. You got me to a good idea though: use IPv6! So I ran the same test as you did above: $> ping6 -q -c100 -i0.2 -W0.2 2001:ac8:20:98:5307:a6cf:d139:d129 PING 2001:ac8:20:98:5307:a6cf:d139:d129(2001:ac8:20:98:5307:a6cf:d139:d129) 56 data bytes --- 2001:ac8:20:98:5307:a6cf:d139:d129 ping statistics --- 100 packets transmitted, 97 received, 3% packet loss, time 19877ms rtt min/avg/max/mdev = 10.018/10.967/14.139/0.554 ms As you can see, there is some packet loss, but by far less than with IPv4. This is really a weird problem. I have never seen such a thing before. It feels like some form of rate-limiting. I guess I really have to call the Telekom 😞 I'll keep digging.... Thanks & Regards Simon Quote Share this post Link to post
C3emfcb0Nzt0xiDj 1 Posted ... PS: That other server you mentioned, Mesarthim in Munich is fine: ping -q -c100 -i0.2 -W0.2 79.143.191.166 PING 79.143.191.166 (79.143.191.166) 56(84) bytes of data. --- 79.143.191.166 ping statistics --- 100 packets transmitted, 100 received, 0% packet loss, time 19877ms rtt min/avg/max/mdev = 16.069/16.709/17.753/0.280 ms Quote Share this post Link to post
OpenSourcerer 1442 Posted ... 9 minutes ago, C3emfcb0Nzt0xiDj said: It feels like some form of rate-limiting. I guess I really have to call the Telekom 😞 If I don't have a problem with IPv4, how come you think Telekom's to blame? Innocent until proven guilty (Rechtsstaatlichkeitsprinzip, by the way ) In the router try to disable pretty much all firewall and security stuff temporarily and try again. If you have another router you can check, then do this, even better. We need to rule out everything you own before pointing fingers. But then again, you do seem to have a good connection to Contabo. I'd say "Maybe it's really only the routing to M247?", but then again, I connect there just fine, and our traceroute results suggest we used a similar route on v4 to get to the M247 servers. Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
C3emfcb0Nzt0xiDj 1 Posted ... Hi giganerd, You are right of course. But strictly speaking the Speedport belongs the Telekom - I did only rent it 😉 I will try resetting it to factory defaults and running a firmware update (it seems there is one available). Thanks & Regards Simon Quote Share this post Link to post
OpenSourcerer 1442 Posted ... Just now, C3emfcb0Nzt0xiDj said: You are right of course. But strictly speaking the Speedport belongs the Telekom - I did only rent it 😉 I will try resetting it to factory defaults and running a firmware update (it seems there is one available). That doesn't matter much, unless you explicitly didn't get the credentials when you subscribed, though by law ISPs are required to hand them out, even if you rent a router. But yes, maybe do the update first. Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
C3emfcb0Nzt0xiDj 1 Posted ... Hi giganerd, I resetted the router to factory defaults (+reboot) and ran firmware upgrade (+reboot). I tested after each step without improvement. Now I also disabled all protection functions I could find (+reboot). For reasons I do not understand the connection to DE-Frankfurt_Menkalinan (141.98.102.226) seems to be fine now (0% loss). But for example 134.19.179.170 (Austria?) is still bad. ---- 30 seconds later ---- (while I was typing this message) WTF... now the connection to 134.19.179.170 is fine too. in fact all servers I tested before are fine too now. I have no clue what just happened. oO But now all pings go though with 0% loss. So... problem solved? Thanks & regards Simon Quote Share this post Link to post
OpenSourcerer 1442 Posted ... 5 hours ago, C3emfcb0Nzt0xiDj said: So... problem solved? No? Your router is Swiss Cheese. Carefully reenable the features one by one again and see after which it starts showing this behavior again. Then leave this one feature disabled until you reenabled all that doesn't cause this behavior. Maybe even evaluate your life choices regarding the rental of hardware from ISPs. Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
C3emfcb0Nzt0xiDj 1 Posted ... Hi giganerd, 17 hours ago, giganerd said: No? Your router is Swiss Cheese There were only two functions which I actually could disable: BotNet protection - it's supposed to redirect http requests to an info website in case my network is infested with a bot IPv6 privacy - configures when my IPv6 prefix is changed (not really related in my opinion, since I connect with IPv4) They both did not make me feel particularly unsafe when I disabled them I re-enabled both functions - no issues (so far). I could imagine that the botnet protection could possibly interfer with VPN traffic, but it's a wild guess. It might even only trigger after a certain amount of time or after certain amount of traffic. The description text says it's based on a blacklist and that it only redirects traffic to port 80, but it does not say if it actually blocks anything. Leaning even more out of the window here, I could imagine that IPs of a VPN provider easily end up in such blacklists. But again, this is all speculation. 17 hours ago, giganerd said: Maybe even evaluate your life choices regarding the rental of hardware from ISPs. I strictly speaking do not need the Speedport (except for the DSL modem part). My linux router could do it all by itself, but at that time when my old modem broke down, the Telekom talked me into this. Also I'm switching ISPs "soon" to "Deutsche Glasfaser". So I will not be able to use / do not need a dedicated DSL modem/router any more in the future. They assured me, that I will just get a plain RJ45 cable which runs ethernet with IPv4/IPv6 and that I will not need any additional hardware on my part (expect for my own router). Lets see if that holds true. Anyways, thanks for your help and support! I will report back here should the problem re-appear. Regards Simon Quote Share this post Link to post
OpenSourcerer 1442 Posted ... 1 hour ago, C3emfcb0Nzt0xiDj said: I could imagine that the botnet protection could possibly interfer with VPN traffic, but it's a wild guess. It might even only trigger after a certain amount of time or after certain amount of traffic. The description text says it's based on a blacklist and that it only redirects traffic to port 80, but it does not say if it actually blocks anything. Leaning even more out of the window here, I could imagine that IPs of a VPN provider easily end up in such blacklists. Well, if the description is "redirect http requests", then port 80 and maybe also 443 for HTTPS are educated guesses. Not sure about its effectiveness, though. And yes, the last sentence is possible. 1 hour ago, C3emfcb0Nzt0xiDj said: Also I'm switching ISPs "soon" to "Deutsche Glasfaser". I envy you. I want it, too, sadly I live in a city which only recently saw an upgrade to Supervectoring. FTTH is therefore a long way ahead. 1 hour ago, C3emfcb0Nzt0xiDj said: They assured me, that I will just get a plain RJ45 cable which runs ethernet with IPv4/IPv6 and that I will not need any additional hardware on my part (expect for my own router). Lets see if that holds true. This is only insofar true as they provide an ONU (Optical Network Unit) – the device which converts between optical signals from the GPON and electical (Ethernet) signals. In Telekom's FTTH implementation I only ever saw a separate, fixed ONU to which you connect a router of your choice on its WAN port. But I hear the most expensive Speedports also feature a fibre interface. And as you say, DG outlines that any device capable of WAN can be used to connect to their network, which means they will certainly provide the ONU, if it's not already installed at your place, which it usually is. Makes me wonder why AVM pushed out two fibre models for AON and GPON, respectively. Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
C3emfcb0Nzt0xiDj 1 Posted ... 7 hours ago, giganerd said: I envy you. I want it, too, sadly I live in a city which only recently saw an upgrade to Supervectoring. FTTH is therefore a long way ahead. Yeah, I ordered the full 1GBE flatrate 🙂 Only days later, the Telekom upgraded me to vDSL 50 (free of charge) and the Speedport started to report 250MBit/s downstream - so I guess this means I'm also on Supervectoring? but can't use it due to my contract. But I wonder how the entire crisis now affects their schedule. They wanted to start drilling this month... 7 hours ago, giganerd said: But I hear the most expensive Speedports also feature a fibre interface. I have an old enterprise grade switch (IBM 48-ports) as backbone on my network. It also features two 10GBE SFP+ ports. So I could simply buy a cheap 1GBE fibre transceiver from ebay and plug in the fibre cable directly. But I would rather use them as uplink for my file-server and/or a second switch at some point in the future.... 🙂 The guy on the phone was like "You need a router from us dude to get full speed.", then I told him about my setup.... at first there was some silence, then he just said "Ok... that will work too" Have a nice day! And lets hope you get FTTH soon too. Regards Simon Quote Share this post Link to post
OpenSourcerer 1442 Posted ... 7 hours ago, C3emfcb0Nzt0xiDj said: Yeah, I ordered the full 1GBE flatrate 🙂 *cries in DSL* May I ask where you live? 7 hours ago, C3emfcb0Nzt0xiDj said: Only days later, the Telekom upgraded me to vDSL 50 (free of charge) and the Speedport started to report 250MBit/s downstream - so I guess this means I'm also on Supervectoring? but can't use it due to my contract. It only means that DSL synchronized with a DSL profile fit for Supervectoring, which also means that you are technically using Supervectoring hardware (router, DSLAM, etc.), but yes, you are being throttled to what you subscribed. 7 hours ago, C3emfcb0Nzt0xiDj said: The guy on the phone was like "You need a router from us dude to get full speed.", then I told him about my setup.... at first there was some silence, then he just said "Ok... that will work too" Usually support deals with amateurs, or those who call themselves knowledgable on the phone while making beginners' mistakes at the same time. So the Speedport is natually the only router able to maximize throughput, also because it comes with Telekom support – makes it easier to QoS for this group of people. It's rare you find someone like you building Enterprise-grade home networks, and those people hardly ever call support. If they build networks like that, they don't need support. Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post