0

first off - I read this, but it's only partial coverage. I have VPN in the mix here.

I have bad latency, packet loss ==> sometimes unusable, wobbly VoIP in WFH meetings.

To do my ISP's job for them, I run mtr to google.com, and then find the first IP that belongs to google, step backward by one IP and mtr to that IP (#11)- now I'm totally inside ISP. mtr trace is shown below

Is this a reasonable approach? I need to do it so the ISP support team doesn't just shift the blame and say "it's not us!". Point of all this is so that whole mtr experience is within the ISP network

Packet loss at #10 is usually 15% or higher 40% is not unusual.

Now, when I connect to a VPN, all my latency problems disappear. What's that about? Is my ISP is messing with my traffic? There's no gain for them, why would they do it?

My work laptop blocks installation and operation of VPN software, so I really hope to solve this (get the ISP to solve it) so my work-life is better.

So, the biggest questions I have

  1. is my ISP messing with me? Not sure why they would do this.
  2. the reserved IPs being visible to me seems strange, but not sure about this. I thought all reserved IPs belonged behind firewalls and in server-rooms?
  3. would any reasonable ISP jump out of their network for a hop and then jump back in?

Am I on the right track here, pressing them to accept that #10 IP needs attention? This has been going on for 3+ years, on and off

mtr trace

Improve this question
1
  • "would any reasonable ISP jump out of their network for a hop and then jump back in?" - what I mean is "would an ISP exit their network, then re-enter it?". Based on the comprehensive answer you've given I believe question #3 is not important, but thanks for offering to revisit
    – user192127
    Commented Jun 20 at 0:55

1 Answer 1

Reset to default
1

  1. Not likely. Why would they? I bet they are just too lazy to investigate this. One more customer, one less, who cares?

  2. It's link IP address. Technically, IPs are generally needed to only terminate connections, but to forward packets IP isn't used any way. When you set up default route like "default via 192.168.1.1", this 192.168.1.1 only used to record NIC behind which the gateway exists and gateway's MAC address to send Ethernet packet; the IP address of the gateway itself is never used. Also the gateway isn't able to understand how your packet reached it. So you can use any address for that, as long as NIC and MAC happen to be the same, or use no address at all (provided you have a fancy networking stack that is able to be directly set up like this).

The same is in Internet. Operators need IP addresses on their routers; they are used to establish BGP (routing protocol) sessions to exchange routes, and when the RIB entry is selected to be added into the FIB, to provide a "target" NIC and MAC for the FIB entry (i.e. "to create a route"). Normally, nobody sees them, since they aren't used when forwarding. These are often called "link addresses". And, this also means that link addresses technically don't need to be public, so some administrators choose to use private addresses, to conserve precious public IPv4 addresses.

But it all changes when the forwarding system (router) needs to actually originate a packet. A ICMP TTL Exceeded message requires an originator IP address, and the router has nothing else than to put it's link address into the packet. This is the only way you happen to see its link address at all.

  1. The mentioned BGP builds the upper level route, expressed as a list of AS (autonomous system) numbers to traverse, in such a way so the same AS won't be entered twice. But ISP networks can more complex and logically partitioned into several ASs. In that case, the concept of "exiting and reentering" isn't that simple, it's not "a single network" anymore from Internet standpoint.

The trace shows #10 may have problems, but it doesn't necessarily means it does have them. For instance, systems process ICMP at a least privilege, they freely drop or ignore them if they have actual work to do. It's like a hint, showing to administrators where to start searching. For you, a hint may be that since the hops past this one don't show similar problems, the forwarding in the #10 happens normally, and its packets loss indicates ICMP throttling rather than problems. If there was a steady increase of the packet loss after some hop, that would mean there is something with that hop (or the link before it).

I've had similar situation, it was in a business setup (e.g. an organization suffered), it lasted for more than a year, and we only get to resolve it by chance when one of our past employees happened to move to work for that ISP for a brief period and they voluntarily initiated the investigation.

So, if you have any way to press them, do it. Read your contract, and so on.

If VPN works better, you may better off be solving this by actually requesting the VPN to be installed on your laptop. Show your administrators this trace, explain your experiences, write a note to your manager that the networking problems you have may prevent you from working efficiently, but that it may be solved with VPN, to grease bureaucratic wheels in your organization to turn faster.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .