In reply to a post by utis:

Well, to be a DDoS flooder you would generate at least megabits/s of malicious traffic or something. With TCP UDP you can generate up to the physical limit so my dozen kbit/s of ICMP of non-malicious traffic is nothing really. Nothing to warrant limit or treat it as automatically malicious. Btw the first DDoS is distributed. You cannot be distributed with a single connection. This is likely someone at Vodafone just had idea that circa 5 simultaneous pings is enough for home users... Its like someone would decide you can watch only 5 youtube streams at a single time. Might work for most but not for all. Which is not good at all for advanced home users needing..

But anyway I want first to confirm if anyone can confirm this or have any specific tips from their experience on this..

Have you checked if there are any DoS or security type settings on the Vodafone router? I've known routers treat more than one ping a minute as a DoS and block it, it was under a security setting rather than firewall setting, but suspect that only affected incoming pings though. There shouldn't really be any restriction on outbound pings.

I've just queried pfSense for ICMP traffic from my home network and there is 20 or so firewall states relating to ICMP with various things pinging in and out constantly.

I agree with you that to have any sort of restriction on outbound traffic is wrong of Vodafone if that is what they have done. It's your connection and you should be able to use it as you see fit, and devices ping out all the time.

I would say it is a personal thing how many simultaneous youtube video streams to watch, how many downloads to have at the same time, etc etc. As long as it is not abuse or malpractice I would expect no limitations.. Otherwise one might start asking to you really need 500mbit/s FTTP at since 99% things work over 50mbit/s.

If I choose to use network/internet monitoring tools like mtr, smokeping RIPE Atlas probe - yes absolutely I need it not limited.

Each to their own but for me the youtube video streaming sounds a lot more interesting and productive than running multiple prompts with pings/traces running in them.

I put my anorak away many years ago

Thanks,

Yes checked few times - there is only one option "Firewall", even after unticking and rebooting nothing changed in the ICMP limit department.

Trying to get through to the 3rd line at Vodafone but the 2nd line multiple days wants to do all the self-healing magic multiple times and also check prostate before trying to understand what ICMP limit is and where the problem might actually really be

I can't argue some find youtube more interesting than pornhub. Although youtube has specifically one button for nerds too! But when it comes to troubleshooting neither really arouses as much as old good ping/mtr/smokeping etc

Well if Vodafone goes the way to heavily limit ICMP then this is not going to be recommended broadband by the network profesionals for sure as it becomes much more difficult to monitor with classic networking tools..

In reply to a post by utis:

Well if Vodafone goes the way to heavily limit ICMP then this is not going to be recommended broadband by the network profesionals for sure as it becomes much more difficult to monitor with classic networking tools..

They apply no such limits to their broadband.

The limit is on the firewall of the Vodafone router. Change router and the problem is gone.

Most ISP provided routers don't even respond to ICMP Pings so Vodafone are actually ahead of many others on this 1.

I don't know any "network professionals" who would use an ISP supplied router.

Ok I might be behind that trend not to use default router no matter what as dogma. I would consider pretty much any FTTP device provided for 100s mbit/s of traffic capable of passing tens, hundreds of kbits/s ICMP traffic as bare minimum when it comes to networking RFC standards. Why would you accept that default device is incapable of indiscriminate IP forwarding at miniscule levels? This is the first time I see. And not talking about router responding itself, but about IP forwarding independently whether its UDP/TCP/ICMP.. This is really basics.

One could say real pros have dual power plants, leased line fibre etc.. But reality is when it comes to basics professionals need to question and get things fixed as nothing will get fixed itself. The old age pros philosophy of bug reporting and getting things fixed rather workarounds for each basic bare minimum..

You don’t even need to use a router - just go directly into the ONT with your laptop/PC to double check.

Thanks, do I need to run PPPoE to connect PC directly to the ONT? Thanks

PPPoE. Call them to get the creds. Are you on Openreach or CityFibre?