Should I give up and just get a static IP?

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › Should I give up and just get a static IP?

1 | 2 | 3

4012 posts

Uber Geek
+1 received by user: 2710

ID Verified

Trusted

TEAMnetwork

Subscriber

#3233594 22-May-2024 19:30

Biglegs:

Yes! I have exactly that experience! We run streaming throughout the day on several devices - radio, Quboze etc and they continue to run even though everything else appears to have ground to a halt. I also use Teams, and a mid-call meeting will continue, even though I'm getting 404 messages on everything else.

This replicates exactly what I am experiencing too

Any views expressed on these forums are my own and don't necessarily reflect those of my employer.

mentalinc

3384 posts

Uber Geek
+1 received by user: 1023

Trusted

#3233596 22-May-2024 19:52

So really sounding like something in the device dying, and since you can't force it to happen, and is sporadic its hard to get diagnostics logs for the vendor to review.

CPU: AMD 5900x | RAM: GSKILL Trident Z Neo RGB F4-3600C16D-32GTZNC-32-GB | MB: Asus X570-E | GFX: EVGA FTW3 Ultra RTX 3080Ti| Monitor: LG 27GL850-B 2560x1440

Quic: https://account.quic.nz/refer/473833 R473833EQKIBX

nztim

4012 posts

Uber Geek
+1 received by user: 2710

ID Verified

Trusted

TEAMnetwork

Subscriber

#3233627 22-May-2024 20:36

mentalinc:
So really sounding like something in the device dying, and since you can't force it to happen, and is sporadic its hard to get diagnostics logs for the vendor to review.

Its not just the OP having this problem and its
not all the time, I just swapped our my SonicWALL for. mikrotik to see if it addresses the issue but as its so sporadic when it occurs I will just have to wait and aee.

Any views expressed on these forums are my own and don't necessarily reflect those of my employer.

sdavisnz

1017 posts

Uber Geek
+1 received by user: 310

Trusted

#3233639 22-May-2024 21:57

following

with orcon/2d . i feel my connection is suffering from the same.

Voice gives context

mentalinc

3384 posts

Uber Geek
+1 received by user: 1023

Trusted

#3233684 23-May-2024 09:08

Suggest those having issue note the specific device and firmware version to help narrow it down.

CPU: AMD 5900x | RAM: GSKILL Trident Z Neo RGB F4-3600C16D-32GTZNC-32-GB | MB: Asus X570-E | GFX: EVGA FTW3 Ultra RTX 3080Ti| Monitor: LG 27GL850-B 2560x1440

Quic: https://account.quic.nz/refer/473833 R473833EQKIBX

wipash

21 posts

Geek
+1 received by user: 7

ID Verified

#3233697 23-May-2024 09:46

nztim:
Biglegs:

Yes! I have exactly that experience! We run streaming throughout the day on several devices - radio, Quboze etc and they continue to run even though everything else appears to have ground to a halt. I also use Teams, and a mid-call meeting will continue, even though I'm getting 404 messages on everything else.

This replicates exactly what I am experiencing too

Are you guys getting actual 404 errors, or just general connection failures? A 404 would suggest that DNS is working and you're connecting to some server, not necessarily the right one though.

If it's a 404, try some tools like one of these to see what IP you are connecting to:

Test-NetConnection -DiagnoseRouting -InformationLevel Detailed failedsite.com
Test-NetConnection -TraceRoute -InformationLevel Detailed failedsite.com
nslookup failedsite.com
ping failedsite.com
tracert failedsite.com

Then you could use a tool like this to compare your results: https://www.digwebinterface.com/ (and/or post them here)

HP

Shop now for HP laptops and other devices (affiliate link).

noroad

1025 posts

Uber Geek
+1 received by user: 675

Trusted

#3233704 23-May-2024 10:12

nztim:
Biglegs:

Yes! I have exactly that experience! We run streaming throughout the day on several devices - radio, Quboze etc and they continue to run even though everything else appears to have ground to a halt. I also use Teams, and a mid-call meeting will continue, even though I'm getting 404 messages on everything else.

This replicates exactly what I am experiencing too

What I am about to say applies to CGN users, not static ip users. From someone who has experience setting up CGNAT on ISP BNG's this sounds like port exhaustion on the ISP's BNG. Each end user generally gets pre-allocated a block of ports (say 1k or 2k) from a public ip. All translations for this end user are done out of this block with in use sessions being maintained for as long as they are passing traffic or the session is closed. Sessions (ip/port) are timed out and available for re-allocation for the end users next session after an amount of inactivity time (if not closed by the application). Should a user use all of their allocation block a well setup BNG will allocate them another block of ports for the time they need it. So you can have a situation where a heavy user of an ISP who has not been generous with port block allocation can not initiate new sessions until others are cleared. Some user applications use a lot of ports for various reasons (often lazy coding) and don't play nice. This issue is made worse by the general move to UDP for application traffic over TCP as UDP is connectionless so the ISP CGNAT device can only close a session on a timeout instead of a clean session closure that TCP allows for.

noroad

1025 posts

Uber Geek
+1 received by user: 675

Trusted

#3233705 23-May-2024 10:15

noroad:

What I am about to say applies to CGN users, not static ip users. From someone who has experience setting up CGNAT on ISP BNG's this sounds like port exhaustion on the ISP's BNG. Each end user generally gets pre-allocated a block of ports (say 1k or 2k) from a public ip. All translations for this end user are done out of this block with in use sessions being maintained for as long as they are passing traffic or the session is closed. Sessions (ip/port) are timed out and available for re-allocation for the end users next session after an amount of inactivity time (if not closed by the application). Should a user use all of their allocation block a well setup BNG will allocate them another block of ports for the time they need it. So you can have a situation where a heavy user of an ISP who has not been generous with port block allocation can not initiate new sessions until others are cleared. Some user applications use a lot of ports for various reasons (often lazy coding) and don't play nice. This issue is made worse by the general move to UDP for application traffic over TCP as UDP is connectionless so the ISP CGNAT device can only close a session on a timeout instead of a clean session closure that TCP allows for.

Just for referance and to upskill people on how this stuff actually works under the bonnet.

https://www.juniper.net/documentation/us/en/software/junos/cli-reference/topics/ref/statement/block-allocation-edit-services-nat-source-port-usf.html

Biglegs

53 posts

Master Geek
+1 received by user: 12

Subscriber

#3234037 24-May-2024 08:13

Thank you for those observations and suggestions. I think I've established with Ubiquiti support that DNS is failing when the issue occurs but there a few other tools there I could explore. And BTW I changed the connection from pppeop to dhcp just to see if it works, and it does!

My instinct tells me that the 'block' thing could be a factor. The disconnections are more likely to happen sooner when I've many guests/extra devices using it, and there are lots UDP connections (Facetime, teams etc) .IN those cases it may happen within 24 - 48 hours, but it can be a week or so under my normal network conditions.

If the 'block allocation' is running out as being suggested, then I don't see how there's anything I can do other than ask 2Degrees to review the cgnat configuration - or get a static IP if I'm understanding this correctly.

noroad

1025 posts

Uber Geek
+1 received by user: 675

Trusted

#3234039 24-May-2024 08:15

Biglegs:

If the 'block allocation' is running out as being suggested, then I don't see how there's anything I can do other than ask 2Degrees to review the cgnat configuration - or get a static IP if I'm understanding this correctly.

Correct

nztim

4012 posts

Uber Geek
+1 received by user: 2710

ID Verified

Trusted

TEAMnetwork

Subscriber

#3234058 24-May-2024 08:57

Update from me, pulled out the SonicWALL and put a Mikrotik in for 48 hours, using the ISPs DNS 202.127.8.1 and 202.127.8.2 and was good for a day until last night

Got website timeouts/connection reset at peak times, (round 6-8pm) refresh the page and it works

I was streaming at the time just fine and Wife was on a zoom call.

This is really starting to pull my hear out, port exhaustion on the BNG as mentioned above will not be a thing for me as I am not on CG-NAT but I am wondering if there is some kind of simultaneous connection limit being hit.

Any views expressed on these forums are my own and don't necessarily reflect those of my employer.

Dell

Shop now for Dell laptops and other devices (affiliate link).

noroad

1025 posts

Uber Geek
+1 received by user: 675

Trusted

#3234108 24-May-2024 10:52

nztim:

This is really starting to pull my hear out, port exhaustion on the BNG as mentioned above will not be a thing for me as I am not on CG-NAT but I am wondering if there is some kind of simultaneous connection limit being hit.

Knowing what I do about the Callplus/Vocus/2degrees network (I doubt there is much change from when I worked on it) there will not be any limits if you are on a public ip. I would suggest logging it with them with a comprehensive list of your fault finding steps and ask them to escalate to the network team.

Biglegs

53 posts

Master Geek
+1 received by user: 12

Subscriber

#3272824 17-Aug-2024 11:30

I thought I'd update this thread with my experience pursuing this problem, as there was valuable feedback and information provided from contributors.

After contacting 2D support I had a battle convincing 1st level support that a Unifi UDM Pro wasn't a cheap nasty router and that they had quite a number of customers successfully using them on their service. The fact that I used to have a Fritzbox sometime back that suffered from a similar issue didn't seem to make a difference.

Eventually all the work I'd done with Unifi support (who were very responsive) seemed to convince them the issues weren't at my end, although we went off down a rabbit hole when they suddenly suspected I was trying to run server that wouldn't connect (I wasn't). Eventually they consulted their senior tech who appeared to agree that CGNAT possibly wasn't coping with a high number of IOT and other clients trying to connect. That may be the issue, and they agreed to provision a static IP address for 1 month for free to see if the issues went away.

Unsurprisingly this seems to have worked, the connection is solid as a rock. The question for me now is if CGNAT doesn't deliver for all its customers, should I have to pay for an IP address to fix it? I have no desire to expose internal services to the wider internet and would be quite happy with a CGNAT solution - sol long as it worked reliably. Apparently it doesn't.

The one month 'free' will be up shortly. I'd be interested in others' experience. Are there any 2D people out there who'd be prepared to comment?

noroad

1025 posts

Uber Geek
+1 received by user: 675

Trusted

#3272847 17-Aug-2024 12:46

Biglegs:

Unsurprisingly this seems to have worked, the connection is solid as a rock. The question for me now is if CGNAT doesn't deliver for all its customers, should I have to pay for an IP address to fix it? I have no desire to expose internal services to the wider internet and would be quite happy with a CGNAT solution - sol long as it worked reliably. Apparently it doesn't.

The one month 'free' will be up shortly. I'd be interested in others' experience. Are there any 2D people out there who'd be prepared to comment?

Clearly your internal network requirements are not suitable for the CGNAT settings that 2degrees are using. These settings are across the customer base so I doubt they will adjust them to make your requirements work. You can ask them to keep the static IP seeing as it fixes your issue but will they charge you for it? That's up to you to negotiate with them or go elsewhere I would suggest.