road runner FAIL!

G

goodcooper

[H]F Junkie
Joined
Nov 4, 2005
Messages
9,771
trying to do some work on a test network i setup, and i discover this:

roadrunnerfail.png


i don't even know how to call them and complain
 
I'm not sure why you would since it's not their problem.

Your router (192.168.10.1) doesn't know where 10.255.2.10 is so it sends it out it's default route- which would be your ISP.

If that IP is internal to your network it's Network Admin fail.
 
I think he's talking about the high latency, not where the trace is going.

Call them and tell them your latency is crap?
 
I'm not sure why it's a fail, with such a lack of information.

shit happens.

maybe they know of the issue and are working on it?

I guess you just need something to bitch about, huh?
 
would need a bit more information on the setup before declaring a fail. Is this a site-to-site VPN link or something? Point-to-point link perhaps?
 
lol maybe you guys aren't seeing that, but road runner is routing me through to a private IP somewhere in Cincinnati....

it's more than likely an issue with whoever in Cincinnati screwed up their network routing, but road runner shouldn't be routing to a private IP...

i'm using that address as an internal test server with some vpn stuff... it was showing a ping reply to that address even when i wasn't connected to VPN and i was wondering why in the world.... that's when i ran the traceroute and found that the ISP is routing me to a private IP... most of you on other ISPs will find if they try to traceroute to a private IP they'll start getting timeouts past their gateways...
 
Ah, I see. Strange that something actually responds. That means there's a route to a bad IP AND the device exists. Oops.. lol. :rolleyes:
 
Okay, I got you now. I've seen that happen sometimes on my home MediaCom connection. I'll be VPNed into a client and pinging one of their servers, disconnect and 10-15 minutes later realize I still have the cmd window open and I'm getting replies. Part of the problem, I've discovered, is that MediaCom has this "walled garden" thingy where if you don't pay your bill your modem gives you a private 10.x.x.x IP address and you can only get to their pay my bill website.
 
I've seen that with Cox as well. I can't remember what the exact range was, but it was a whole /16 block of 10.x that Cox would reply to.

Riley
 
They probably use private address space in their network its not uncommon for ISPs to do so.
 
Captain Colonoscopy said:
Okay, I got you now. I've seen that happen sometimes on my home MediaCom connection. I'll be VPNed into a client and pinging one of their servers, disconnect and 10-15 minutes later realize I still have the cmd window open and I'm getting replies. Part of the problem, I've discovered, is that MediaCom has this "walled garden" thingy where if you don't pay your bill your modem gives you a private 10.x.x.x IP address and you can only get to their pay my bill website.
Click to expand...

The walled garden is also used to setup new modems, and it is where you get sent if you are naughty and get dmca notices.
 
ISPs sometimes use a VPRN or VRF to prevent spill over of private IP space into their main routing protocol but nobody is perfect.
 
Yeah, looks like they did not have route filtering working properly.
 
What's going on is that Roadrunner (and other Cable ISPs) use private RFC1918 addresses (10.0.0.0/8 commonly used, 172.16.0.0/16, and 192.168.0.0/16) and assign said addresses to a network management interface on the HFC interface of the cable modem. They do this for obvious reasons: to remotely manage the cable modems, pull SNMP information about the cable modems, push out firmware updates to modems, push out the Config files, etc.

So yes, you can basically hook up a laptop/computer/etc to a Roadrunner cable modem and "discover" all kinds of cable modems and what not on your local subnet. For instance, the cable modem I have has a subnet mask of 255.255.252.0 on the HFC interface, thus there are possibly 1,024 other devices on the segment. I don't believe I can see anything outside of that as that would require routing and hopefully they have that locked down.

Yes, it is annoying, especially if you are trying to implement those ranges on your own internal network, and you run into weird issues like being able to ping those addresses on your local network, even if you aren't using those IP addresses. Time Warner Cable has been called out several times on this problem, most recently last year if I remember in 2600 magazine. It would appear they are either unwilling to make the necessary changes or cannot address this issue due to the design of the cable modems. Somehow I don't think the cable modem manufacturers would let this be an issue, and would create a filter on the cable modem that the provider can enable or disable bridging data from the HFC interface to the Ethernet/USB interfaces. We all know they can filter NetBIOS, WWW servers, DHCP servers, DNS servers from leaking onto the providers networks from customers side.
 
Last edited:
I remember when I first got cable internet about 12 years ago. You could browse all of the shared files of anyone who had their computer plugged directly into their modem as if we were all on one big LAN. A few people even had their entire C drive shared; I would drop a little text file in their startup folder letting them know that wasn't the best idea.
 
That's interesting. Definitely some congestion somewhere.

But what's more interesting is you aren't getting specific route for something on your LAN.

Really the only thing you can do, is give their NOC the traceroute details, and tell them one or more of their circuits is congested.
 
I've seen this a couple of times before too. the hospital i was at was using a private fiber line for connectivity to a handful of other hospitals. As part of this a major ISP in the area' provided the "internet" for this connection. It would hop over 2 or 3 10.0.x.x address before going out to the internet again. I called a guy I knew that worked in the NOC at that ISP and he said they knew about it... Just the way they setup the connection.
 
I know of a few SP's in my area as well that do this as well, if I tracert a private address it spills over into INS's network before stopping at a Qwest IX, same thing w/ Iowa Telecom/Windstream as well.

We use private address space on our network as well for provisioning ONT's and STB's but have prevented it from being seen by the customer.
 
hawk82 said:
I don't believe I can see anything outside of that as that would require routing and hopefully they have that locked down.
Click to expand...

What? Hopefully they have routing locked down? Please explain lol



And BTW all the people who mentioned you can't use that private IP space because your ISP was...If your routing is properly setup you normally use your ISP for a default route however if you used multiple private ranges they would be directly connected networks and favored by your router.

If you have a more complex routing setup using IGPs this still wouldn't be an issue you would have the routes in the routing table for more specific traffic and not use the default route.


hawk82 said:
Yes, it is annoying, especially if you are trying to implement those ranges on your own internal network, and you run into weird issues like being able to ping those addresses on your local network, even if you aren't using those IP addresses. Time Warner Cable has been called out several times on this problem, most recently last year if I remember in 2600 magazine. It would appear they are either unwilling to make the necessary changes or cannot address this issue due to the design of the cable modems. Somehow I don't think the cable modem manufacturers would let this be an issue, and would create a filter on the cable modem that the provider can enable or disable bridging data from the HFC interface to the Ethernet/USB interfaces. We all know they can filter NetBIOS, WWW servers, DHCP servers, DNS servers from leaking onto the providers networks from customers side.
Click to expand...

You actually wouldn't run into any issues see my above comment...

People run into issues with double NATing private IP space not a scenario like this.

Uhhh and bridging data between the HFC interface and Ethernet please explain its not bridged.

In the scenario above the ISP is pushing the private IP space into its IGP which is where the traceroute is going and you're most likely hitting some private ISP equipment with a ACL on it.

Almost all ISPs use private ISP thats what the RFC is for...They don't route it outside of their own AS however.
 
Last edited:
Kinda funny they would have private IPs or route them, but yeah shoulod not really be an issue if you happen to have that range locally as your router should favor it.

Even with double or triple natting if you do it properly you wont have problems.

I had a triple nat going for a bit and it worked fine, it was a temp setup since I just added a firewall to my existing setup. I was actually going to leave it for fun but port forwarding is a PITA when you have to do the same setting on 3 routers lol. As long as you use different ranges for each NAT you are ok.
 
ISPs route private IPs because they use them for management of gear Cox/Comcast/TW use those IPs for video equipment also.

If they really wanted to seperate the traffic the could use a VRF or VPRN for a separate routing instance.
 
You must log in or register to reply here.
Back
Top