Unable to access any network that uses the same ISP as I do
-
If you say it works via using some other device. Keep in mind that said other device might get a different IP than pfsense got.
I would check what IP you have with mask, so you know the whole range. And what this other IP your trying to access is.. What is the mask on that - are they on the same network, or different ones?
If the IP is on the same network, then pfsense would think its on the same L2 and not send traffic anywhere then directly out its interface. Maybe the isp use private vlans and don't allow devices on the same L2 to talk to each other.
The simple way to know is just sniff on the other end public IP.. When you send traffic there does it get there? If so then you have something else going on, improper port forward, firewall rules, firewall on the dest device behind the other end. etc..
If it doesn't get there, then its being blocked somewhere between you and them.
-
@jdogtotherescue, your ISP already knew who you are. Did you or someone in your home network posted anti-government or anti-lockdown messages on social media recently?
-
@jdogtotherescue said in Unable to access any network that uses the same ISP as I do:
My ISP provides a connection that If you wanted to, you could plug in a simple desktop switch and obtain an address and access the internet. No NAT required on our end
Are you actually receiving a public IP when you do that?
Steve
-
@stephenw10 said in Unable to access any network that uses the same ISP as I do:
Are you actually receiving a public IP when you do that?
Great question ;)
Since he says he can plug in a switch and get how many IPs? 2, 10, 100? I find it highly unlikely that any isp in this day an age would just hand out more than 1 IPv4 address without some added charge or special account (that pays for it)..
For all we know he is behind a CGnat? Are these IPv4 addresses your connecting to or IPv6?
-
@johnpoz said in Unable to access any network that uses the same ISP as I do:
I find it highly unlikely that any isp in this day an age would just hand out more than 1 IPv4 address without some added charge or special account (that pays for it)..
I get 2 and I'm not the only one. I first heard about this in a user forum for my ISP and verified it myself.
-
Well your isp must be sitting on plenty of IPv4 space.. If they are not charging you for more than 1, they are loosing out on income if you ask me. Or your already paying for some sort of premium package that is covering the cost of the extra IP be it you use it or not.
You have ISPs that have to use cgnat, and then you have others that have IPv4 to burn.. Seems a bit unfair if you ask me.
The RIRs like Arin should really get more strict, and better distribute the IPv4 space. Its turned into who ever has the most money can just buy up the space they need, and others can just sit on space they are not even using.
-
Here's some info about my ISP. When I first got Internet access through them, in the late 90's, they were offering the @home service. As for the address space distribution, you have to consider the history. Way back in the dark ages, the Internet was primarily a U.S. network that later extended into Canada and which was mainly connecting defense research sites. Crossing the ocean was didn't happen much, as there wasn't much bandwidth available before undersea fibre cables. As a result, most of the addresses were already assigned in the U.S., before the rest of the world got involved. Of course, some companies have sold off their surplus. When I was at IBM, back in the late 90's they had the entire 9.0.0.0 /8 block, among others. Some other companies also had similarly huge blocks.
Of course, the proper solution to the address shortage is to move to IPv6 as quickly as possible.
-
@JKnott said in Unable to access any network that uses the same ISP as I do:
the proper solution to the address shortage is to move to IPv6 as quickly as possible.
While I agree with you, its not happening... And might not for 20+ more years.. No matter how much you want it too.. The major players have no need to move to it, and many isp don't even support it, nor even have roadmaps of going to it..
There are major players that don't even support it yet..
https://whynoipv6.com/Out of the top 1000 Alexa sites, only 388 has IPv6 enabled, and 788 of them use nameservers with IPv6 enabled.
Of the total 902708 sites only 27.1% of them have IPv6. This is a huge shame!An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 25.07.1 | Lab VMs 2.8, 25.07.1 -
@stephenw10 Yes. I was able to access that new IP address from a more remote client and it worked just fine.
-
@johnpoz said in Unable to access any network that uses the same ISP as I do:
While I agree with you, its not happening... And might not for 20+ more years.. No matter how much you want it too.. The major players have no need to move to it, and many isp don't even support it, nor even have roadmaps of going to it..
That's head in sand stupidity. As you mentioned, many ISPs have to use CGNAT, which means they're providing their customers inferior service. Comast started their move to IPv6, because they couldn't seamlessly manage their network with IPv4. Having to use NAT, even without CGNAT gets in the way for many people. There's another thread here where someone is trying to run 2 web sites on 1 IP address. This is needed simply because they have a single address.
BTW, my ISP is a major one. As that ARIN info shows they have over 5M IPv4 addresses. They are currently¹ the only telecom company that covers all of Canada, coast to coast. In addition to Internet, they also provide cell phone service, home phone, cable TV, security monitoring and more. They have been providing native IPv6 for over 4 years and used tunnels for a few years before that.
- I used to work for the other company that covered the entire country, but it went bust several years ago. I also have some personal connection to Rogers. They used to be a major shareholder in the company I used to work for and I have since done some work for them or with them, including cable head end, cell network and a data centre, along with providing fibre to several companies.
-
@stephenw10 said in Unable to access any network that uses the same ISP as I do:
Are you actually receiving a public IP when you do that?
Why I said:
@Pippin said in Unable to access any network that uses the same ISP as I do:
Try disabling RFC1918 rule.
Would still be interesting to see a traceroute.....
-
@jdogtotherescue, I think Steve knows more about the US internet and law. I am not sure what happened when someone already got warned and flagged by US ISP. I did hear about spending time in jail because of torrenting. If you are torrenting, how about using a VPN provider outside the USA and EU juristic like Nordvpn in Panama. Anyway if you want to know about ISP, watch last week Joe Rogan interview with Edward Snowden.
-
Jail is pretty severe if all they did is violate the Terms of Service. Sharing an Internet connection is considered theft of service. Torrents are in themselves not illegal, unless the content is, but may violate an ISPs ToS. Was that guy who got jail for a torrent doing something like pirating movies?
-
@AKEGEC said in Unable to access any network that uses the same ISP as I do:
I think Steve knows more about the US internet and law.
Probably not, I'm in the UK.
-
-
"Sharing" is theft. Also, the ISPs are forced to do it by the movie studios.
-
@JKnott said in Unable to access any network that uses the same ISP as I do:
"Sharing" is theft. Also, the ISPs are forced to do it by the movie studios.
20 years ago if you said you don not believe your ISP, people would call you paranoid and 10 years ago if you said you used a VPN provider, people would also call you a criminal (pirate, pedophile).
You need ISP for your internet access but that does not mean ISP has the right to take over your family, friends and yours security and privacy rights. -
"Sharing" movies etc. was theft long before there was an Internet. Movies, TVs shows, records, books and more have long been covered by copyright laws. I have no idea what you mean by your post.
-
@AKEGEC : check out the consumer rights and other usage conditions of your ISP.
When signing up, you agree with them.An ISP has no interest about using or selling private things of a user. Eventually, always, some one will find out .... and then the ISP will die - go out of business.
Btw : if a major knows that a ISP knows (or is able to see) that a ISP client shares private info (the movie) then the major will probably 'attack' the ISP. Because it's just a simple fact knows as 'stealing'.
So, ISP's will reference to local laws, and some own laws (selling conditions) like "one shall not try to lauch nukes that do not belong to you ...".Also : when you share an Internet connection you have to trust the person(s) who you share with.
Like sharing your car.
Your house.
No trust ? Abuse ? Simple. Don't share - issue closed.@AKEGEC said in Unable to access any network that uses the same ISP as I do:
but that does not mean ISP has the right to take over your family, friends and yours security and privacy rights
Humm. I'm living in Europe. So basic human rights are part of our (ancient) constitution. They have tried everything in Europe for the last 20 (or more ?) centuries. We hold the absolute world record of trying out different types of societies -and the quantity of people that perished because of it is daunting - still, something like voting (democracy) was already created before the birth of Christ, somewhere in Greece.
Because the system wasn't perfect, some 3 centuries ago, people had a opportunity to leave (instead of simply not being happy : they went oversees and created the USA while doing so).What I mean : I have the luxury to say that I don't understand your remark.
My ISP is like my boss, land lord, tax services, my bank, water company, my electric company, assurances, the food I buy, my car .... and what the f**k, my own wife.
My ISP ? Ah, common on, that is the new one on the block, w'll see about that one. Let's deal with the others first, as they were there first. ^^No "help me" PM's please. Use the forum, the community will thank you.
Edit : and where are the logs ?? -
We are getting off topic here.
