Reliance Jio 4G: Strange public IPv4 address assigned behind NAT

  • Thread starter Thread starter varkey
  • Start date Start date
  • Replies Replies 86
  • Views Views 24,367
@Sushubh That is not what we want in this case. Jio is assigning random (as it appears) public IPv4 IP addresses (which is not even their own) to users behind NAT, so the publicly visible IP address would be Jio's and different from the one assigned to the device itself.
 
varkey said:
Exactly, it's only a /29 so the number of unreachable hosts are just 8 or so. Plus it's all UK Defence department's so not somewhere I'd want to reach. 🤣🤣
Click to expand...
The /29 subnet is an implementation bug; 3GPP data bearers are point-to-point links to the gateway. With slightly complicated routing rules, the only unreachable host would be the one with the same IP as yours i.e. 25.33.186.52.

You can do a traceroute to nearby IPs and subnets to see if packets are going to their actual destination or are getting routed inside Jio network.
 
elepton said:
With slightly complicated routing rules, the only unreachable host would be the one with the same IP as yours i.e. 25.33.186.52.
Click to expand...

And the other 7 IPs in the same /29 subnet because of the implementation peculiarity on Linux-based devices.
 
But its not always /29, right now its a /25 and an appropriate route for the rest of the /25 subnet also got created.

Code: 
root@LEDE:~# ip address show eth0.2
8: eth0.2@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff
    inet 10.0.1.10/24 brd 10.0.1.255 scope global eth0.2
       valid_lft forever preferred_lft forever
    inet 56.85.35.191/25 brd 56.85.35.255 scope global eth0.2
       valid_lft forever preferred_lft forever
    inet6 fe80::290:a9ff:fe05:a0d5/64 scope link
       valid_lft forever preferred_lft forever
root@LEDE:~#
root@LEDE:~# route | grep eth0.2
default         56.85.35.192    0.0.0.0         UG    20     0        0 eth0.2
10.0.1.0        *               255.255.255.0   U     0      0        0 eth0.2
56.85.35.128    *               255.255.255.128 U     20     0        0 eth0.2

Traceroute over this connection looks weird, they seem to be blocking ICMP or it doesn't work at all. I cannot even ping the gateway as shown.
 

elepton said:
And the other 7 IPs in the same /29 subnet because of the implementation peculiarity on Linux-based devices.
Click to expand...

Yeah, I guess. Although I wonder, who made this screw up and why haven't they fixed it already. Using public IPv4 address space which is not even theirs behind a NAT doesn't much sense at least to me. Did they run out of the 10.0.0.0/8 subnet perhaps, that they had to borrow public IP address to use in their private network! 😛 😉 🤣 Jk
 
varkey said:
But its not always /29, right now its a /25 and an appropriate route for the rest of the /25 subnet also got created.
Click to expand...

I have no idea why its doing that. A /30 subnet is sufficient.

varkey said:
Code: 
56.85.35.128    *               255.255.255.128 U     20     0        0 eth0.2

Traceroute over this connection looks weird, they seem to be blocking ICMP or it doesn't work at all. I cannot even ping the gateway as shown.
Click to expand...

That's not the actual gateway - that's probably the internal IP address of another 4G device. As far as I can tell, the IPv4 gateway address of the data bearer is not provided by the network. As its a point-to-point link, the gateway does not have to have an address in the same subnet - it can have an address in any subnet. Traceroute usually works.

You can put the same SIM in your phone and traceroute from there. Dongles can sometimes produce weird results.

By the way, what's the 10.0.1.0/24 subnet for? And is IPv6 disabled on the dongle?
 
As far as the setup is concerned, this is not through a JioFi dongle (although the setup itself shouldn't matter, cause even @Nikhil Sharma is seeing the same behaviour). I use an outdoor LTE CPE device with the JIo SIM inserted, in bridge mode (with IP passthrough enabled) and the WAN interface on my router is configured in DHCP client mode. So it gets the IP address (Jio WAN) directly over DHCP.

I can't really access the device physically at the moment as I am accessing it remotely plus being an outdoor device can't really go and take out the SIM 😉

The passthrough works similar to how its described here -- Manual:Interface/LTE - MikroTik Wiki

So I don't think it actually does a PPP connection, and appears to be something based on QMI/MBIM. Since it doesn't do PPP, I guess it is possible for QMI/MBIM to support non ppp type setups? PPP as you rightly said doesn't care of the subnet, and the gateway can be from any subnet for that matter.

By the way, what's the 10.0.1.0/24 subnet for? And is IPv6 disabled on the dongle?
Click to expand...

That's the LTE CPE's management subnet. Since the device is in bridge/IP passthrough mode, I had to assign an IP address from the management subnet to the same interface to be able to access the management UI.

Yep, IPv6 is disabled on the LTE device.
 
varkey said:
As far as the setup is concerned, this is not through a JioFi dongle (although the setup itself shouldn't matter, cause even @Nikhil Sharma is seeing the same behaviour). I use an outdoor LTE CPE device with the JIo SIM inserted, in bridge mode (with IP passthrough enabled) and the WAN interface on my router is configured in DHCP client mode. So it gets the IP address (Jio WAN) directly over DHCP.

I can't really access the device physically at the moment as I am accessing it remotely plus being an outdoor device can't really go and take out the SIM 😉

The passthrough works similar to how its described here -- Manual:Interface/LTE - MikroTik Wiki

So I don't think it actually does a PPP connection, and appears to be something based on QMI/MBIM. Since it doesn't do PPP, I guess it is possible for QMI/MBIM to support non ppp type setups? PPP as you rightly said doesn't care of the subnet, and the gateway can be from any subnet for that matter.



That's the LTE CPE's management subnet. Since the device is in bridge/IP passthrough mode, I had to assign an IP address from the management subnet to the same interface to be able to access the management UI.

Yep, IPv6 is disabled on the LTE device.
Click to expand...
I'm interested in getting a outdoor LTE CPE. @varkey can you please guide me on that.
Thanks
 
How is it performing? What are the signal gains and speeds you are getting in comparison to phone or jiofi
 
Well, it works and I like a dedicated device instead of a phone hotspot or JioFi. This lets me connect to my existing network and use it as a backup WAN and is transparent for a user when a failover happens. JioFi also works for that use case, but can't place it outside to maximise the signal.

However since it doesn't support carrier aggregation (CA), my phone which supports CA performs better in areas of the house with better signal. But it wouldn't be consistent cause in some areas of the house the signal is weak.

I get around 20-25 Mbps over this device depending on the time, sometimes it goes down to 10-15 Mbps, depending on the congestion etc.
My phone with CA does 30-40 Mbps easily from some rooms.

@anubhav11
 

Top