We are having internet problems today. We use a Comcast business connection. We have a /29 network from Comcast. We have these IP address:
50.x.x.249, 50.x.x.250, 50.x.x.251, 50.x.x.252, 50.x.x.253
The gateway is 50.x.x.254.
The Comcast modem is on the WAN side of pfSense. Our LAN is on 192.168.1.x. It’s been working fine for months.
Today it is slow and intermittent. I tried some traceroutes to google.com.
Here’s what I think is a “normal” traceroute.
ross@saturn:~$ traceroute 188.8.131.52 traceroute to 184.108.40.206 (220.127.116.11), 30 hops max, 60 byte packets 1 192.168.1.1 (192.168.1.1) 0.348 ms 0.312 ms 0.275 ms 2 ourname.com (50.x.x.254) 485.721 ms 486.209 ms 486.645 ms 3 * * * 4 * * * 5 * * * 6 * * * 7 * he-2-5-0-0-cr01.newyork.ny.ibone.comcast.net (18.104.22.168) 497.526 ms 497.503 ms 8 he-0-12-0-0-pe03.111eighthave.ny.ibone.comcast.net (22.214.171.124) 497.049 ms * * 9 * as15169-2-c.111eighthave.ny.ibone.comcast.net (126.96.36.199) 427.788 ms 459.177 ms 10 188.8.131.52 (184.108.40.206) 459.310 ms 459.365 ms 459.326 ms 11 220.127.116.11 (18.104.22.168) 458.997 ms 459.951 ms 459.858 ms 12 lga15s45-in-f6.1e100.net (22.214.171.124) 459.541 ms 459.338 ms 459.485 ms
I think that looks okay although it’s slow. Here to Google is usually about 40 ms.
Then it gets weird. Sometimes a traceroute to the same IP address gives this:
ross@saturn:~$ traceroute 126.96.36.199 traceroute to 188.8.131.52 (184.108.40.206), 30 hops max, 60 byte packets 1 192.168.1.1 (192.168.1.1) 0.313 ms 0.292 ms 0.258 ms 2 100.99.197.221 (100.99.197.221) 334.391 ms 334.715 ms 334.832 ms 3 * * * 4 * * * 5 * * * 6 * * * 7 * he-2-5-0-0-cr01.newyork.ny.ibone.comcast.net (220.127.116.11) 373.861 ms 374.827 ms 8 he-0-12-0-0-pe03.111eighthave.ny.ibone.comcast.net (18.104.22.168) 374.509 ms * * 9 * as15169-2-c.111eighthave.ny.ibone.comcast.net (22.214.171.124) 701.375 ms 699.541 ms 10 126.96.36.199 (188.8.131.52) 700.174 ms 700.083 ms 700.355 ms 11 184.108.40.206 (220.127.116.11) 700.070 ms 700.462 ms 701.599 ms 12 lga15s45-in-f6.1e100.net (18.104.22.168) 701.384 ms 701.225 ms 701.685 ms
Why on earth is that 100.99.197.221 showing up? It seems like pfSense went there as the first hop instead of our gateway. According to http://whois.domaintools.com/100.99.197.221 that is in Belarus but I’ve read RFC6598 and I don’t think it is supposed to be publicly routable. If I do a traceroute to 100.99.197.221 from a different connection, it really does go to Belarus (.by) and takes quite a few hops to get there so the one hope from my LAN to that address doesn’t seem real.
We haven’t changed anything recently and everything has been working well until now. Does this look like a problem with the ISP (Comcast) or something at our end? We’ve been through the initial “reboot the modem” thing with Comcast but I’m at a bit of a loss to know what to do next.
It seems to go reasonably well speed wise after a modem reboot but slows down when we push any significant traffic from our LAN. It seems to stay slow even after that traffic stops.
Could someone please confirm the following test setup in case I’m missing something obvious. I disconnect the modem from the pfSense WAN and connect the modem to a Windows laptop. I set the laptop IP address to 50.x.x.249, the mask to 255.255.255.248 and gateway to 50.x.x.254. If I do that, I can’t get to anywhere, not even the gateway. Everything is “not reachable”. I’ve tried two different computers. I’m sure the cable between the computer and modem is okay so I don’t know why that doesn’t work or why pfSense does work, at least somewhat.
Thanks for any help.
It’s not in Belarus. And the website you used has outdated information.
That IP address space really is shared-use private nonroutable address space. But some or all of it was previously assigned, and some routers might still know old routes for it.
As for why you’re seeing it in traceroutes, I could not say for sure. It is Comcast, after all, and only they can give you a concrete answer. But since the whole point of that address space is so that ISP networks can give their routing infrastructure private addresses, freeing up some IPv4 addresses, it stands to reason that Comcast is slowly but surely renumbering their infrastructure to use the RFC 6598 addresses.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.