The firewall appears to be blocking outgoing text messages from my phone ...

dotdash

@lifespeed said in The firewall appears to be blocking outgoing text messages from my phone ...:

There is a problem with the phone, as I thought had been demonstrated by all the Samsung Android phone complaints in this post. But Verizon doesn't control the phone OS, they can't do a thing. Try calling Samsung? Yeah, good luck with that. The only practical answer is to ditch Samsung phones if you have an IPv6 home network.

It seems that it would be more practical to just disable ipv6 on the wireless network if you are using wifi calling. Try turning it on again when you get a new phone. Doesn't seem very practical to buy a new phone when you could make a simple configuration change that will fix the issue. Unless you just want an excuse to buy a new phone.

lifespeed

@dotdash said in The firewall appears to be blocking outgoing text messages from my phone ...:

@lifespeed said in The firewall appears to be blocking outgoing text messages from my phone ...:
It seems that it would be more practical to just disable ipv6 on the wireless network if you are using wifi calling. Try turning it on again when you get a new phone. Doesn't seem very practical to buy a new phone when you could make a simple configuration change that will fix the issue. Unless you just want an excuse to buy a new phone.

You're entitled to your opinion. But on MY network, which I just went through considerable time and expense to upgrade, I choose to abandon the bugged device rather than compromise network functionality.

dotdash

@lifespeed
I was addressing your statement that 'the only practical answer is to ditch samsung phones' and offering an alternative. You are free to do whatever you want on YOUR network.

JKnott

@lifespeed said in The firewall appears to be blocking outgoing text messages from my phone ...:

But Verizon doesn't control the phone OS, they can't do a thing.

I don't know about Verizon, but my company provides some support for phones they sell.

JKnott

@lifespeed said in The firewall appears to be blocking outgoing text messages from my phone ...:

It appears the only complaints in this thread are Samsung Android, all my Android Pixels are fine with pfSense IPv6.

My Pixel 2 also works fine.

JKnott

@dotdash said in The firewall appears to be blocking outgoing text messages from my phone ...:

when you could make a simple configuration change that will fix the issue

That doesn't fix the issue, it masks it.

dotdash

@JKnott said in The firewall appears to be blocking outgoing text messages from my phone ...:

That doesn't fix the issue, it masks it.

For most people, it results in no difference in functionality. Again, I was just stating that getting a new phone (or phones) was not the only practical solution.

thezfunk

@dotdash Disabling IPv6 internally fixed it for me too. I have no use or need for IPv6 on my internal network so it will stay disabled forever or until there is a good reason to use it internally.

lifespeed

On my network I have a PC running various servers, pointed to externally by IPv6. While it is, of course, possible to remain mired in the past NAT'ing IPv4 that seemed a backwards approach to my new network installation. You're all free to take the approach you see fit, but seeing that Samsung is clearly a bugged device, I choose not to downgrade my new network to accommodate it. The 10Gb optical switch, running a few cables, and building and setting up pfSense was a serious undertaking. The hell with Samsung.

JKnott

@dotdash

Not letting the companies involved know won't get it fixed either.

JKnott

@lifespeed

Having spent most of my career as a tech, it annoys me to see people who just accept a problem, without trying to get it resolved.

lifespeed

@JKnott said in The firewall appears to be blocking outgoing text messages from my phone ...:

Having spent most of my career as a tech, it annoys me to see people who just accept a problem, without trying to get it resolved.

You know it's nearly impossible to interact with Samsung as a consumer, and they probably already know anyway. It isn't my job to beta test their crap. From my perspective the problem is resolved - bad device identified and removed. Now, stuff I design? I test it and fix it.

JKnott

@lifespeed

As I mentioned, my cell company provides initial support for the phones they sell. If necessary, it then goes to the manufacturer. While Samsung may not listen to individuals, they're likely to pay more attention to major carriers.

However, if you don't try, nothing will happen.

lifespeed

@JKnott said in The firewall appears to be blocking outgoing text messages from my phone ...:

@lifespeed

As I mentioned, my cell company provides initial support for the phones they sell. If necessary, it then goes to the manufacturer. While Samsung may not listen to individuals, they're likely to pay more attention to major carriers.

However, if you don't try, nothing will happen.

I already used Verizon support. Once you mention wifi they don't care. If it works on the cell tower, and it does, it's not their problem.

Let me tell you something I've learned about software bugs, which you're probably well aware of. When you buy a device with a bug, there is no guarantee when or even if it will be fixed. If you can't live with the bug, don't buy the product based on promises of a future fix. If you already have the device, and the bug is intolerable (which it is, in this case), your only sure solution is to ditch the product.

It may seem like I have a poor attitude towards this, and maybe I do. But my attitude has been shaped by these exact experiences of crap support. You seem pretty optimistic about the whole tech support process.

JKnott

@lifespeed said in The firewall appears to be blocking outgoing text messages from my phone ...:

I already used Verizon support. Once you mention wifi they don't care. If it works on the cell tower, and it does, it's not their problem.

You might not recall but, a year ago, I had a similar sort of problem. IPv6 was failing on my Internet connection. I was able to demonstrate the problem to tier 2 support, but the people responsible for maintaining the network refused to look at it because I was using my own router (pfSense), despite the fact that I could even identify the failing system by name (thanks to Wireshark). Only by constantly pushing, even calling the office of the president, was I able to get them moving. a senior tech showed up at my home, with his own modem, and saw it also failed. He then took his modem to the head end, where it worked on 3 other systems, but failed on the one I was connected to and had identified. The responsible people then accepted it was their problem. So, if you make enough noise, things happen. Since you're clearly not the only one having the issue, make noise about it. Maybe someone in the right place will notice.

Also, isn't Verizon one of those companies that uses WiFi, via customer modems, to provide service to other customers? If so, then it's no longer just your problem. It will likely affect any customer that uses WiFi calling, even when away from home.

BTW, crap support happens because too many people let it happen.

lifespeed

From my Ubiquiti Unifi controller monitoring their 10Gb SFP+ switch and wireless access point:

Client Galaxy-Note9 is having trouble resolving a domain name to an IP address (DNS timeout).

JKnott

@lifespeed

Can you do a packet capture of that? With a managed switch, you should be able to set up port mirroring, so that you can use Wireshark.

lifespeed

@JKnott I have a 1Gb Netgear GS716Tv3 (managed) uplinked to a 10Gb Ubiquiti US-16-XG (unmanaged). The WAP could be moved to the Netgear for port mirroring.

Do I plug a Wireshark laptop into the mirrored port and let it capture for a few hours until this event occurs?

JKnott

@lifespeed

Yes, you configure the mirror port so that it copies the traffic from the AP to the computer running Wireshark. You can set up filters to narrow down the captures. for example, you could have something like ether host <MAC address> and port 53. This will capture all DNS packets to/from the phone's MAC address, whether IPv4 or IPv6.

You could probably do the same with the pfSense Packet Capture, but I find Wireshark is better to work with.

lifespeed

@JKnott

Wireshark is awful. The Samsung Note9 IPv6 ends in 75a0, here is a capture while a wifi call was received (successfully) by Note9.

No.	Time	Source	Destination	Protocol	Length	Info
10262	4.084411	2601:646:8c03:52a0:e0b9:xxxx:xxxx:75a0	2601:646:8c03:52a0:225:90ff:febb:bf0c	DNS	104	Standard query 0x9e25 AAAA settings.crashlytics.com
10265	4.101972	2601:646:8c03:52a0:225:90ff:febb:bf0c	2601:646:8c03:52a0:e0b9:xxxx:xxxx:75a0	DNS	167	Standard query response 0x9e25 AAAA settings.crashlytics.com CNAME crashlytics.l.google.com AAAA 2607:f8b0:4005:809::2003
10267	4.105301	2601:646:8c03:52a0:e0b9:xxxx:xxxx:75a0	2601:646:8c03:52a0:225:90ff:febb:bf0c	DNS	104	Standard query 0x8ebc A settings.crashlytics.com
10277	4.118522	2601:646:8c03:52a0:225:90ff:febb:bf0c	2601:646:8c03:52a0:e0b9:xxxx:xxxx:75a0	DNS	155	Standard query response 0x8ebc A settings.crashlytics.com CNAME crashlytics.l.google.com A 172.217.6.35
11872	4.618443	2601:646:8c03:52a0:e0b9:xxxx:xxxx:75a0	2601:646:8c03:52a0:225:90ff:febb:bf0c	DNS	97	Standard query 0xc948 AAAA e.crashlytics.com
11943	4.636643	2601:646:8c03:52a0:225:90ff:febb:bf0c	2601:646:8c03:52a0:e0b9:xxxx:xxxx:75a0	DNS	273	Standard query response 0xc948 AAAA e.crashlytics.com CNAME events-endpoint-i-1172912053.us-east-1.elb.amazonaws.com SOA ns-1119.awsdns-11.org
11983	4.641550	2601:646:8c03:52a0:e0b9:xxxx:xxxx:75a0	2601:646:8c03:52a0:225:90ff:febb:bf0c	DNS	97	Standard query 0x526e A e.crashlytics.com
12011	4.658921	2601:646:8c03:52a0:225:90ff:febb:bf0c	2601:646:8c03:52a0:e0b9:xxxx:xxxx:75a0	DNS	292	Standard query response 0x526e A e.crashlytics.com CNAME events-endpoint-i-1172912053.us-east-1.elb.amazonaws.com A 54.227.236.206 A 54.235.102.234 A 54.235.130.173 A 54.235.139.111 A 54.235.145.134 A 54.235.153.229 A 54.225.77.36 A 54.225.80.137
12454	4.789122	2601:646:8c03:52a0:e0b9:xxxx:xxxx:75a0	2601:646:8c03:52a0:225:90ff:febb:bf0c	DNS	104	Standard query 0xaf22 AAAA analytics.localytics.com
12457	4.806773	2601:646:8c03:52a0:225:90ff:febb:bf0c	2601:646:8c03:52a0:e0b9:xxxx:xxxx:75a0	DNS	225	Standard query response 0xaf22 AAAA analytics.localytics.com CNAME queuer-prod-elb.53.localytics.com SOA ns-1150.awsdns-15.org
12458	4.811377	2601:646:8c03:52a0:e0b9:xxxx:xxxx:75a0	2601:646:8c03:52a0:225:90ff:febb:bf0c	DNS	104	Standard query 0x788e A analytics.localytics.com
12485	4.853485	2601:646:8c03:52a0:225:90ff:febb:bf0c	2601:646:8c03:52a0:e0b9:xxxx:xxxx:75a0	DNS	265	Standard query response 0x788e A analytics.localytics.com CNAME queuer-prod-elb.53.localytics.com A 52.204.176.87 A 52.204.205.76 A 34.232.55.250 A 34.234.107.175 A 34.234.135.110 A 34.239.78.187 A 52.71.187.57 A 52.72.139.236
31900	18.065314	2601:646:8c03:52a0:e0b9:xxxx:xxxx:75a0	2601:646:8c03:52a0:225:90ff:febb:bf0c	DNS	105	Standard query 0xe763 AAAA lh3.googleusercontent.com
31901	18.080418	2601:646:8c03:52a0:225:90ff:febb:bf0c	2601:646:8c03:52a0:e0b9:xxxx:xxxx:75a0	DNS	162	Standard query response 0xe763 AAAA lh3.googleusercontent.com CNAME googlehosted.l.googleusercontent.com AAAA 2607:f8b0:4005:807::2001
31903	18.083509	2601:646:8c03:52a0:e0b9:xxxx:xxxx:75a0	2601:646:8c03:52a0:225:90ff:febb:bf0c	DNS	105	Standard query 0xf396 A lh3.googleusercontent.com
31905	18.083534	2601:646:8c03:52a0:225:90ff:febb:bf0c	2601:646:8c03:52a0:e0b9:xxxx:xxxx:75a0	DNS	171	Standard query response 0xf396 A lh3.googleusercontent.com CNAME googlehosted.l.googleusercontent.com A 172.217.6.65