Trouble reaching IPv4 websites
Hi everybody!
I have some trouble with reaching IPv4 websites every now and then. My internet connection is via "Unitymedia" so meaning Coax-Cable. As long as i am connected, everything is fine. Speed is good, connection is stable.
But every 1-3 Days (seems randomly) i am not able to connect to any IPv4 website. When i do a IPv4 check, i don't have any IPv4. Of course i reached out for my ISP, but they couldn't find out any issue from their side. I changed my router, for checking if there is a problem, but it doesn't change anything...error still occurs. I searched and searched and searched but couldn't find any solution (or maybe didn't understand)...and then downloaded Wireshark.
While the error occurs, and i start Wireshark its showing a message like:
"81.210.176.137 192.168.178.20 ICMP 106 Destination unreachable (Communication administratively filtered)"
This doesn't appear when i restart my router & the connection is "repaired".
Problem is: i have no clue what im seeing/where the problem is coming from. Is it my network? Or is it my ISP having an error?
Here is a link to an actual capture file: https://www.dropbox.com/s/snzo6uqrujc...
Screenshots, and much more useful, capture files, can be added to a public share, e,g, Google Drive, DropBox etc. and a link to the file posted back here.
True, thanks for the advice!
https://www.dropbox.com/s/snzo6uqrujc...
You now show the situation after it occurred, what happens before is unknown. What does trigger the administrative filter to kick in? What kind of traffic do you generate from your network out to the internet that's flagged? I can only assume the filters are dropped when your link drops, since this seems to resolve the situation temporarily.
Yeh, you're probably right about that.
Of course there are several machines in the Network (2x Macbook, 2x iPhone, 1x Windows PC, 1x Panasonic TV). The strange thing is, all these machines have been in two other networks before (even all together and single) but with another ISP in a different city and there has never been any error.
But the fact, that contacting the ISP even while the error is still on and the hotline does not seem to find any error on their side they told me the error is probably within my home-network. Of course people on the hotline never heard of whireshark, nor have any idea of what's going on...
I just have to figure out, where the problem is: on my Homenetwork or on the ISP side.
If i get you right, i am blocked (for whatever reason) by my ISP and it ...(more)
I'm going to let Wireshark run through the night today, hoping that the error occurs again till tomorrow afternoon maybe. Im going to upload it asap.
I don't know who has the router with IPv4 address 81.210.176.137 which reports the filtering, but the DNS resolves to ip-81-210-176-137.hsi17.unitymediagroup.de so that suggests an ISP upstream from you.
Thanks all for your replies so far!
I was lucky and Wireshark was running today in the morning while the error occurs.
Today, strangely, it had this error and after a while it just went to working normal. But that's not usual. I once waited more than 24h without a restart of my router but it wasn't working until i restarted. So usually i have to restart the router and then it works again.
What i forgot to mention is, that my ISP doesn't give me a native IPv4. I have a "Dual-Stack" IPv4. Sorry, to not to mention it, i guess its an important information for you helping me out!@Jaap: I think this is the router of my ISP. But im not aware of any uploading
Here is the link to the file: https://www.dropbox.com/s/0mwtbde61nv...
@BioTo: Due to the fact that only new IPv4 connections get blocked, and that your client reaches the end of the available IPv4 ports, I can imagine that a NAT device (probably your Fritz!Box) has no more free ports for NAT. You should doublecheck the open TCP connections and the program that is using them on your clients. Have you checked the IPv4 Internet connection status and the logs of your Fritz!Box when the issue occures? A packet capture from the Fritz!Box (https://192.168.178.1/html/capture.html) of the routing interface during the error could be also helpful.
BTW: Is it only your Apple client which is having the issue, or all devices in your LAN?
@JasMan thanks. I'm sorry to disappoint you about that capture thing. I've tried it, but as it seems the "experts" from Fritz have disabled this function in the up-to-date Fritz IOS! For wtf reason i don't know. How do i check the open TCP connections? Sorry, im really not a network expert... . Yes, i have checked the internet connection and error logs of the Fritzbox when the error occurs. There is no issue its saying. It even says, that it is connected. I added two screenshots for you. They're made some days ago, but it always is like this when the error occurs. https://www.dropbox.com/s/caqz1v11nup...https://www.dropbox.com/s/20v9mjigywd... . The error just pops up. Even while surfing, at the same website it just does stop to work. What is your opinion that there is something wrong with the AFTR of ...(more)
@BioTo: Strange, I'm using a FB7560 (VDSL) with v7.12 and the capture site is still available. You could try to access the page by going to Inhalt\Fritz!Box Support. But I'm not sure anymore if the capture will help, due your line is using DS-lite. So 81.210.176.137 is definitly a router of UM and not the IPv4 address of your FB. I thought your line uses fully DS. I saw that a lot of UM customers have the same issue as you. So I think we will be not able to help you, because it's a problem of the provider. Even if we find out that e.g. all NAT ports are in use, this will be something that only your provider can solve.
I was a customer of UM in the past. When I upgraded my contract to a higher bandwidth ...(more)