T-Mobile Monitor IP
-
@rcoleman-netgate Thanks for replying. I generally have my primary and failover IPv4 monitor IPs set to a couple of servers in Cloudflare's AS (104.x.0.1 and 104.x.1.1 respectively) that consistently respond to pings. After searching I tried a handful of Hurricane Electric tunnel addresses, and as a last act of desperation tried 8.8.8.8 (my DNS server is not Google) before searching and finding this thread. Same behavior regardless of IP address used... 30-50 ms pings through my primary gateway, and about 19/20 pings timeout once it's used as the failover monitor IP for T-Mobile.
-
@tcw Interesting. I wasn't aware.
You can turn off the monitoring ACTION but maintain the monitor without any impact on your system
-
@rcoleman-netgate One poster on the T-Mobile community site indicated that Microsoft Teams determines host connectivity by pinging teams.microsoft.com, and people trying to use Teams recently on fixed wireless had all kinds of issues/disconnections. I don't think I'm brave enough to try this during a real work meeting, yet.
I realize there are separate options to disable monitoring and monitoring action, but in this case since the monitor is reporting erroneous information, would it just make more sense to disable monitoring on the secondary WAN altogether? Fortunately the monitoring works on the primary IP and the gateway fails over and back properly (at least with manually unplugging the primary WAN cable to test).
And I'm sure this is entirely a coincidence, but community.t-mobile.com is now throwing sporadic 403s for me.
-
As of this morning, pings are working and my gateway monitoring shows online (I did disable monitoring action and will leave it that way for the time being). Can anyone else who's had issues with ICMP confirm? Maybe T-Mo got the memo?
-
@tcw CG-NAT is just a mess on its own that I suspect it will fluctuate from one week to another, or even day to day.
-
This may or may not be related, but ever since I've had TMHI I've gotten messages like this:
Oct 24 17:10:31 router dpinger[26660]: TMHI_DHCP6 2620:fe::9: duplicate echo reply received Oct 24 17:10:32 router dpinger[26660]: TMHI_DHCP6 2620:fe::9: duplicate echo reply received Oct 24 17:10:44 router dpinger[26660]: TMHI_DHCP6 2620:fe::9: duplicate echo reply received Oct 24 17:10:46 router dpinger[26282]: TMHI_DHCP 149.112.112.112: duplicate echo reply received Oct 24 17:11:44 router dpinger[26282]: TMHI_DHCP 149.112.112.112: duplicate echo reply received Oct 24 17:12:40 router dpinger[26282]: TMHI_DHCP 149.112.112.112: duplicate echo reply receivedSo maybe their duplicate ping generator has been acting up.
-
@tcw Pings still not working for me. Did you ping within diagnostics or outside the gateway
-
@dem Yeah same here
-
@skull07 If I understand everything correctly, assigning a monitor IP to a gateway opens a state, so any subsequent traffic to that IP is routed through that gateway. So yes, I am pinging that IP in a terminal window and getting responses, as well as pfSense pinging that same IP from the firewall itself to measure packet loss for gateway monitoring (same mechanics as from Diagnostics/Ping).
-
@skull07 I am also having this issue with T-Mobile home internet. I get the "duplicate echo reply received" alerts in dpinger but there are no duplicates happening at least not in the packet trace of the WAN interface, I am using an ATT connection as my backup WAN. I seem to get phantom packet loss indications as well randomly where there really are no packets lost. I tried using unique singular public IP's that are not accessed by my systems and the problem still happens. It's something to do with the T-Mobile router and/or CGNAT which does not allow you to use passthrough mode or any options at all for that matter. It also blocks traceroute attempts to get an idea of intermediate gateways. Of course using this router makes for a double and maybe triple NAT scenario but I have no other way to get internet where I live and for most things it works fantastic. Just cant use dpinger anymore to get an idea of the link quality. If anyone does ever figure out what's going on here please post.
