From: John <graysky@archlinux.us>
To: mdt@emdete.de
Cc: wireguard@lists.zx2c4.com
Subject: Re: Traffic on port 53 fails on LTE but works on WiFi
Date: Mon, 19 Nov 2018 03:40:47 -0500 [thread overview]
Message-ID: <CAO_nJAaTdB5+8UJODas0giO3AAfZuW3YYFwaL3vZoO9JH-sv+Q@mail.gmail.com> (raw)
In-Reply-To: <1542611942.d09p50zvb2.astroid@morple.none>
Thank you both for the replies. I first tried reducing the MTU
(/etc/wireguard/wg0.conf setting MTU = xxxx) where I tried values of
1360, 1300, 1200, and 1100 but all met with the same result.
I next tried the suggestion to run `tcpdump udp port 53` when I have a
problematic client connect on LTE and when I have a successful
connection on LTE (different providers). I need to read up more of
this output before I post publicly as I might be disclosing personal
privacy info. I will say that each of them contain some lines like:
... Type63103 (Class 50031)? <BAD PTR>[|domain]
... Type4168 (Class 47859)? <BAD PTR>[|domain]
The difference is that the problematic client seems to only contain
lines with either 256 or 512 sizes (I assume sizes).
time stamp IP blah.myvzw.com.9725 > wireguard.domain: 256 [xxxxa]
[xxxxq] [xxxn] [xxxxau][|domain]
time stamp IP wireguard.37024 > dns.quad9.net.domain: xxx+ PTR?
xxx.x.xxx.xxx.xx-addr.arpa. (44)
time stamp IP blah.myvzw.com.9725 > wireguard.domain: 512 [xxxxa]
[xxxxq] [xxxn] [xxxxau][|domain]
But the successful client connection has these plus a number of lines
where the 256 or 512 is 1024. Again, I need to read about not
disclosing personal info before I post the entire dump file.
Is the little info I did post diagnostic?
On Mon, Nov 19, 2018 at 2:32 AM M. Dietrich <mdt@emdete.de> wrote:
>
> Hi John,
>
> Quotation from John at November 18, 2018 19:55:
> > ... on port 53 ... do _not_ work when I connect via LTE
> > (Verizon supplying the data). On LTE, I am no longer able
> > to transfer data to/from the server peer but I can handshake
> > with it.
>
> Vodafone blocks UDP traffic on port 53 in LTE.
>
> > 1) What can I try on the server peer side to diagnose?
>
> I would check with tcpdump. it seems Verizon does some package
> inspection, maybe reducing MTU will do?
>
> > 2) Do people feel that Verizon is actively blocking the
> > connection on port 53?
>
> Not with Verizon but Vodafone which does a complete block -
> not even the handshake goes through. Not sure about the cause
> for that, maybe they want to control your DNS that way.
>
> Regards,
> M. Dietrich
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
next prev parent reply other threads:[~2018-11-19 15:11 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-11-18 18:55 Traffic on port 53 fails on LTE but works on WiFi John
2018-11-19 4:26 ` Quan Zhou
2018-11-19 7:32 ` M. Dietrich
2018-11-19 8:40 ` John [this message]
2018-11-19 8:54 ` Matthias Urlichs
2018-11-19 16:02 ` Roman Mamedov
2018-11-19 9:57 ` Problem to load wireguard LKM in Archlinux Tosh
2018-11-19 15:04 ` John
2018-11-19 15:25 Traffic on port 53 fails on LTE but works on WiFi Jacob Schooley
2018-11-19 20:24 ` John
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAO_nJAaTdB5+8UJODas0giO3AAfZuW3YYFwaL3vZoO9JH-sv+Q@mail.gmail.com \
--to=graysky@archlinux.us \
--cc=mdt@emdete.de \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).