General Discussion
  >> Mobile Broadband (3G, 4G, 5G etc)


Register (or login) on our website and you will not see this ad.


Pages in this thread: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | [10] | 11 | 12 | (show all)   Print Thread
Standard User RobertoS
(elder) Thu 24-Sep-20 11:01:55
Print Post

Re: Three is finally working properly OMFG.


[re: Appy] [link to this post]
 
@Appy & @jchamier

Maybe I should keep out of the way! blush

__________________________________________________________
Sovereignty Means Sovereignty

My broadband basic info/help site - www.robertos.me.uk. Domains, sites and mail hosting - Tsohost & Ionos.
Connections: OnePlus 8 Pro max 165Mbps down, 24Mbps up on Three, and B311 4G, tbb tests normally 35-45Mpbs down, 65Mbps off-peak, 9-24 up.
========================
To argue with mindless bigots is foolish.
Standard User richi
(member) Thu 24-Sep-20 12:46:39
Print Post

Re: Three is finally working properly OMFG.


[re: Appy] [link to this post]
 
It's not just parental controls: There are some sites blocked regardless. The system appears to work by snooping on DNS requests, then proxying/blocking connections to the IP addresses of suspicious domains.

Solution: Use DoH or DNSCrypt. You also should use the 3internet APN (so if you're a Smarty user, you're SoL).

70/30 Three unlimited SIMO, replacing 3 km ADSL line.
Previously: BT ISDN, Nildram, Plusnet, 186k, EFH, Be*, Plusnet (again), Pulse8, Sky, Plusnet Business, TalkTalk Retail.

Edited by richi (Thu 24-Sep-20 12:50:28)

Standard User jchamier
(eat-sleep-adslguide) Thu 24-Sep-20 13:40:40
Print Post

Re: Three is finally working properly OMFG.


[re: RobertoS] [link to this post]
 
In reply to a post by RobertoS:
Maybe I should keep out of the way! blush

It got quite low level. Not many people dig into their ISP at this depth smile

21 years of broadband connectivity since 1999 trial - Live BQM


Register (or login) on our website and you will not see this ad.

Standard User Appy
(learned) Thu 24-Sep-20 15:59:30
Print Post

Re: Three is finally working properly OMFG.


[re: richi] [link to this post]
 
I'm not convinced that it's got anything to do with DNS.

I've been running a test all day which opens a SSL connection on port 443 vs port 563 on news.tweaknews.eu and then times how long it takes. I've then plotted the times on a chart. You'd expect to see the same data but port 443 has lots more times where it stalls & times out (at 127 seconds). Note, the stalling problem does not seem to be an issue today in general usage, unlike yesterday where it was very noticeable and very intrusive.

https://www.wheep.co.uk/443v563-240920.PNG

Edited by Appy (Thu 24-Sep-20 15:59:50)

Standard User RobertoS
(elder) Thu 24-Sep-20 18:24:15
Print Post

Re: Three is finally working properly OMFG.


[re: Appy] [link to this post]
 
Those 443 times look like powers of 2 or if your 127 is consistent (2n - 1) throughout. Is the halfway one 63 seconds?

Even if true, I'm not sure how relevant it is, but might be to people who know what they're talking about.

__________________________________________________________
Sovereignty Means Sovereignty

My broadband basic info/help site - www.robertos.me.uk. Domains, sites and mail hosting - Tsohost & Ionos.
Connections: OnePlus 8 Pro max 165Mbps down, 24Mbps up on Three, and B311 4G, tbb tests normally 35-45Mpbs down, 65Mbps off-peak, 9-24 up.
========================
To argue with mindless bigots is foolish.

Edited by RobertoS (Thu 24-Sep-20 18:26:13)

Standard User RobertoS
(elder) Thu 24-Sep-20 18:27:45
Print Post

Re: Three is finally working properly OMFG.


[re: jchamier] [link to this post]
 
In reply to a post by jchamier:
In reply to a post by RobertoS:
Maybe I should keep out of the way! blush
It got quite low level. Not many people dig into their ISP at this depth smile
smile
That is a kind interpretation. smile

__________________________________________________________
Sovereignty Means Sovereignty

My broadband basic info/help site - www.robertos.me.uk. Domains, sites and mail hosting - Tsohost & Ionos.
Connections: OnePlus 8 Pro max 165Mbps down, 24Mbps up on Three, and B311 4G, tbb tests normally 35-45Mpbs down, 65Mbps off-peak, 9-24 up.
========================
To argue with mindless bigots is foolish.
Standard User Appy
(learned) Thu 24-Sep-20 19:13:21
Print Post

Re: Three is finally working properly OMFG.


[re: RobertoS] [link to this post]
 
Yes, some are 63 seconds. Here's some lines from the log file. First column is unix timestamp, 2nd is SSL connection time. Once again, only on port 443 not port 563

1600950488.41534,63.3658871650696,
1600951155.57224,63.3058650493622,
1600954998.48472,63.344251871109,
1600962240.69723,63.3089048862457,
1600965814.82116,63.3274939060211,
1600968861.71342,63.3499038219452,
Standard User richi
(member) Thu 24-Sep-20 19:38:26
Print Post

Re: Three is finally working properly OMFG.


[re: Appy] [link to this post]
 
In reply to a post by Appy:
I'm not convinced that it's got anything to do with DNS.
It hasn't. I wasn't talking about the TLS negotiation problem. I was replying the point about website filtering.

The DNS snooping is how they decide which TCP connections to block or at least reroute via a proxy. Because they can't possibly proxy everything!

The block/grey lists are based on hostnames or URLs, not IP addresses (but they might cache the associated IPs). So they snoop/proxy the DNS packets (even if you don't use Three's DNS) and intercept the connection to decide whether to block it.

The design comes from the IWF child-porn filter, which ISPs solemnly promised would never suffer mission-creep and become a way of blocking other content, uh-uh, no way, pinky swear, Scout's honour (I was in one of those meetings when they said that).

Then the entertainment industry got a load of injunctions, forcing ISPs to ban certain "unlawful" torrent sites, so guess what happened. And then, drip-drip-drip, we are where we are today.

70/30 Three unlimited SIMO, replacing 3 km ADSL line.
Previously: BT ISDN, Nildram, Plusnet, 186k, EFH, Be*, Plusnet (again), Pulse8, Sky, Plusnet Business, TalkTalk Retail.
Standard User jchamier
(eat-sleep-adslguide) Thu 24-Sep-20 19:44:50
Print Post

Re: Three is finally working properly OMFG.


[re: richi] [link to this post]
 
In reply to a post by richi:
And then, drip-drip-drip, we are where we are today.

Unless you use A&A:
https://www.aa.net.uk/broadband/

We do not have, in our network, any equipment installed to filter access to any part of the public Internet for our customers as a whole. We will give 12 months notice if we ever add any such filtering.

This claim relates to the passing or normal unicast IPv4 and IPv6 packets to and from the public Internet based on the appropriate standards and RFCs. This means packets can be dropped because a link is full or there is a technical fault, or because they are malformed in some way, or clearly spoofed or incorrect source addresses. In the case of some sort of attack we can take steps to manage that. Only packets actually addressed to your IP addresses will get to you, and similarly only packets from you that are from your IP addresses will get to the Internet (BCP38). We don't control the rest of the Internet and so cannot bypass corporate or national firewalls or filtering outside of our network. However, we aim to deal with peers and carriers that have similarly open policies where possible.


21 years of broadband connectivity since 1999 trial - Live BQM
Standard User Appy
(learned) Thu 24-Sep-20 20:03:11
Print Post

Re: Three is finally working properly OMFG.


[re: richi] [link to this post]
 
Hmm seems a little far fetched to me, but I'll explore the possibility. I have DoH set up on my network but not using it at the moment. I'll reconfigure to see if that solves the issue. Personally, I think they are trying to inspect everything on port 443 and port 80 which is why we have issues.
Pages in this thread: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | [10] | 11 | 12 | (show all)   Print Thread

Jump to