Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 
19282 posts

Uber Geek
+1 received by user: 2600
Inactive user


  Reply # 559346 18-Dec-2011 20:15
Send private message

I will show this thread to some people I work with and see what they say

John

3889 posts

Uber Geek
+1 received by user: 163


  Reply # 559355 18-Dec-2011 20:30
Send private message

freitasm: A proxy is a "man in the middle".


Ok, so if it's a 'man in the middle' for port 80 (http), what does a trace route and ping (which use port 0?) tell us?

Do we need an http/TCP trace route to best understand what's going on?

Also, if it's an http man in the middle, who does the dns look up, the client and then the proxy also does it?

Also, what does the use of the VPN prove?  If it works fast on when the OP uses his VPN connection then what do we know?






Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


BDFL - Memuneh
61332 posts

Uber Geek
+1 received by user: 12079

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 559360 18-Dec-2011 20:33
Send private message

DonGould: Ok, so if it's a 'man in the middle' for port 80 (http), what does a trace route and ping (which use port 0?) tell us?



Only that speed/latency doesn't seem to be a problem. Trace route doesn't use ports.

DonGould: Also, if it's an http man in the middle, who does the dns look up, the client and then the proxy also does it?


Both do DNS lookups. 

DonGould: Also, what does the use of the VPN prove?  If it works fast on when the OP uses his VPN connection then what do we know?


We know that the proxy is not interfering with http requests sent over an encrypted connection.


 




3889 posts

Uber Geek
+1 received by user: 163


  Reply # 559373 18-Dec-2011 21:06
Send private message

freitasm:

1. Only that speed/latency doesn't seem to be a problem. Trace route doesn't use ports.

2.  Both do DNS lookups. 

3. We know that the proxy is not interfering with http requests sent over an encrypted connection.

 


Ok... 

1. - Ok so we've proven that the problem is not being caused by some router congestion some where.  ( the traceroute utility by default uses User Datagram Protocol (UDP) datagrams with destination port numbers from 33434 to 33534. - Source)

2.  Cool, ok, so that starts to explain why the INITIAL response might be so slow.  First the OP's computer is doing a DNS look up, and then the Cache Engine is doing a DNS look up.

3.  Agreed.  I suspect that the http traffic doesn't go anywhere near the proxy at all, or if it does, the packets are just ignored and passed though. 

However, when the VPN is used, what DNS servers are used? 

Are the DNS servers on the end of the VPN used, as the VPN becomes the machines default route, or are iHugs DNS servers still used?






Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


BDFL - Memuneh
61332 posts

Uber Geek
+1 received by user: 12079

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 559375 18-Dec-2011 21:09
Send private message

DonGould: 3.  Agreed.  I suspect that the http traffic doesn't go anywhere near the proxy at all, or if it does, the packets are just ignored and passed though. 


HTTP traffic over any VPN DO NOT GO THROUGH THE ISP'S PROXY. When the VPN is not in use HTTP traffic GOES THROUGH THE ISP'S PROXY.

DonGould: However, when the VPN is used, what DNS servers are used?  Are the DNS servers on the end of the VPN used, as the VPN becomes the machines default route, or are iHugs DNS servers still used? 


DNS is provided by the VPN service.

If you want to discuss how a VPN works please create another topic.




3889 posts

Uber Geek
+1 received by user: 163


  Reply # 559379 18-Dec-2011 21:26
Send private message

freitasm: HTTP traffic over any VPN DO NOT GO THROUGH THE ISP'S PROXY. When the VPN is not in use HTTP traffic GOES THROUGH THE ISP'S PROXY.

DNS is provided by the VPN service.


Cool...  So, we've now narrowed down the fault to one of two areas, slow iHug DNS or slow iHug proxy and proven out that it's not a computer, router or connection problem at all.

So, the OP should raise a GZ fault - report a fault in addition to your post

Other users should also be getting the same problem?






Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


BDFL - Memuneh
61332 posts

Uber Geek
+1 received by user: 12079

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 559383 18-Dec-2011 21:27
Send private message

There's still the possibility of his Avast doing something to the connection. The way it works it's like a proxy as well, scanning inbound content.





3889 posts

Uber Geek
+1 received by user: 163


  Reply # 559386 18-Dec-2011 21:38
Send private message

freitasm: There's still the possibility of his Avast doing something to the connection. The way it works it's like a proxy as well, scanning inbound content.



Sorry I don't understand.

Avast would proxy either the VPN or Non-VPN connection wouldn't it?

If the problem is not occuring when he's using the VPN connection, but is happening when he's not using the VPN, then that would prove the problem is in the network wouldn't it?

Or, is Avast not used when he's using the VPN connection?

Does the web browser send packets direct to the VPN and not via the Avast proxy?

(Again, not wanting to debate how a VPN work, but wanting to focus on proving the fault out of the OPs network.)






Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


BDFL - Memuneh
61332 posts

Uber Geek
+1 received by user: 12079

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 559387 18-Dec-2011 21:40
Send private message
3889 posts

Uber Geek
+1 received by user: 163


  Reply # 559390 18-Dec-2011 21:52
Send private message

freitasm: Ooops, you are right.


I have to confess, I don't use those programs, so I wasn't to sure how they work, so I wasn't actually assuming I was right or wrong, I was simply attempting to tease out how it works, as much to help the OP just prove out where the fault might be so that this doesn't just become a 'provider says my pc is the problem' type debate.  :)

I have been using proxy systems for almost 15 years, and the only thing I know for sure is that the more I learn the more I just discover I simply don't know about them.  Kinda wish pTinson was online, he seems to be the guru of this stuff! :)






Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


BDFL - Memuneh
61332 posts

Uber Geek
+1 received by user: 12079

Administrator
Trusted
Geekzone
Lifetime subscriber

19282 posts

Uber Geek
+1 received by user: 2600
Inactive user


  Reply # 560352 21-Dec-2011 17:30
Send private message

I can confirm The IP engineers have seen this thread and they can not replicate the issue and see nothing in the stats that suggest their is an issue,

Might pay to log a ticket with the fixed broadband team

John

1 | 2 
View this topic in a long page with up to 500 replies per page Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.