0

I have a very bad internet connection, so I had a 4G/LTE modem to access the internet. Behind it is an asus router to which all my devices are connected. But this was a bit slow recently, so I upgraded to a 5G router, Huawei 5G CPE Pro 2, at a different provider (Telekom in Germany). Then I noticed some connection issues here and there and started investigating, though my networking knowledge is very basic.

Now I noticed something weird to me. If I use traceroute to see the route to some site using the 4G modem, traceroute shows me 15 hops to the target.

traceroute to example.com (93.184.216.34), 30 hops max, 60 byte packets

1 router.asus.com (192.168.2.1) 0.146 ms 0.179 ms 0.172 ms

2 192.168.1.250 (192.168.1.250) 0.646 ms 0.799 ms 0.884 ms

3 192.168.225.1 (192.168.225.1) 3.115 ms 3.578 ms 4.800 ms

. (Multiple detailed hops) .

15 93.184.216.34 (93.184.216.34) 143.814 ms 148.034 ms 146.367 ms

But if I do this with the 5G modem, I get the first two hops from here to the modem, and then only stars.

traceroute to example.com (93.184.216.34), 30 hops max, 60 byte packets

1 router.asus.com (192.168.2.1) 0.127 ms 0.160 ms 0.154 ms

2 192.168.8.1 (192.168.8.1) 0.613 ms 0.608 ms 0.652 ms

3 * * *

4 * * *

... only stars

30 * * *

What could that be? Is there some networking or IP shenanigans that the provider uses? Changing the DNS entry does not change it.

Thanks.

Improve this question
2
  • DNS is unrelated. This is strictly about packet TTL (does that transfer over PPP?) and ICMP TTL Exceeded messages.
    – Daniel B
    Commented Jul 16, 2021 at 12:23
  • PPP carries IP packets, so yes it would also carry the packet TTL which is part of the IP header.
    – grawity_u1686
    Commented Jul 16, 2021 at 12:24

1 Answer 1

Reset to default
1

The provider probably just blocks most UDP ports. (Traceroute on Linux sends UDP packets, starting at port 33434 and increasing for each probe.) It is not completely unlikely for an LTE operator to block all but a few "known" UDP ports, e.g. with the goal of banning BitTorrent.

It is also possible that the provider blocks certain ICMP messages, but that's a bit less likely. Try to run mtr or traceroute --icmp to the same destinations; if they work, UDP is the problem, if they don't, something else is. (And perhaps try them with a very large hop limit – all the way to mtr --max-ttl 255 instead of the default 30.)

If you have root access to a server somewhere else, run a tcpdump -n udp on it, then run a UDP portscan from your home LTE connection (using nmap). Compare the packets that nmap sends with the ones that the server receives (paying attention to the ones that it doesn't receive).

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .