Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Dpinger used to monitor vpn gateway connections - blocked

    Scheduled Pinned Locked Moved Traffic Monitoring
    4 Posts 3 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • 4
      4o4rh
      last edited by

      I have two VPN connections with ExpressVPN.
      If the monitor address is set to google, they should with 50% packet loss

      from my linux pc, if I use linux traceroute, I get the following results

      • I believe this is a UDP traceroute
        traceroute to google.com (172.217.23.174), 30 hops max, 60 byte packets
        1  10.x.x.x (10.x.x.x)  35.904 ms  35.882 ms  35.873 ms
        2  hosted-by-i3d.net (31.204.154.1)  35.864 ms  35.853 ms  35.843 ms
        3  100ge.cr0-br3.smartdc.rtm.i3d.net (109.200.218.166)  35.830 ms 100ge.cr1-br3.smartdc.rtm.i3d.net (109.200.218.246)

      • I believe this is an ICMP traceroute
        traceroute -I to google.com (172.217.23.174), 30 hops max, 60 byte packets
        1  10.x.x.x (10.x.x.x)  26.314 ms  26.318 ms  26.316 ms
        2  * * *
        3  * * *

      If i understand this correctly, it seems that hosted-by-i3d.net (31.204.154.1) does not pass ICMP

      Are there any other options/way i can monitor the vpn connection to enable failover of the vpn connection.

      1 Reply Last reply Reply Quote 0
      • luckman212L
        luckman212 LAYER 8
        last edited by

        Here are some other anycast dns servers you can try for monitors… see if any of them are more reachable/reliable than 8.8.8.8....

        Oracle-Dyn
        216.146.35.35
        216.146.36.36

        HurricaneElectric
        74.82.42.42

        Level3
        4.2.2.1
        4.2.2.2
        4.2.2.3
        4.2.2.4
        4.2.2.5
        4.2.2.6

        1 Reply Last reply Reply Quote 0
        • MikeV7896M
          MikeV7896
          last edited by

          Just a note to luckman212… Verizon and Level 3 have no affiliation with each other. Those IP addresses you posted belong to Level 3.

          Level 3 was recently acquired by CenturyLink, in an effort to increase business/enterprise services. Verizon has nothing to do with them.

          The S in IOT stands for Security

          1 Reply Last reply Reply Quote 0
          • luckman212L
            luckman212 LAYER 8
            last edited by

            Thanks for the info
            I corrected my post…

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.