BSNL enabled CG NAT!!!

  • Thread starter Thread starter rajil.s
  • Start date Start date
  • Replies Replies 7
  • Views Views 4,345
R

rajil.s

Messages
639
Location
Lucknow
ISP
BSNL
Hello,

My internet suddenly stopped working and router is showing a private ip address. It seems that BSNL is giving out private ip addresses instead of internet routable ones.

My router shows a private ip address:
Code: 
#ifconfig
  pppoe-wan Link encap:Point-to-Point Protocol 
  inet addr:10.208.217.58  P-t-P:10.208.216.1  Mask:255.255.255.255
  UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1460  Metric:1
  RX packets:120 errors:0 dropped:0 overruns:0 frame:0
  TX packets:3604 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:3
  RX bytes:19052 (18.6 KiB)  TX bytes:797432 (778.7 KiB)

Doing a trace to BSNL DNS works but google DNS fails.
Code: 
#mtr -4 --report 218.248.255.203
Start: Sat Mar 19 05:52:29 2016
Unable to allocate IPv6 socket for nameserver communication: Address family not supported by protocol
HOST: box  Loss%  Snt  Last  Avg  Best  Wrst StDev
  1.|-- 192.168.1.1  0.0%  10  0.3  0.3  0.2  0.3  0.0
  2.|-- 10.208.216.1  0.0%  10  64.6  65.0  63.9  66.1  0.3
  3.|-- 218.248.166.198  0.0%  10  64.7  64.9  64.3  65.7  0.0
  4.|-- 218.248.251.182  0.0%  10  76.6  75.8  75.2  76.6  0.0
  5.|-- 218.248.255.203  0.0%  10  75.7  75.7  74.2  77.1  0.5

# mtr -4 --report 8.8.8.8
Start: Sat Mar 19 05:54:39 2016
Unable to allocate IPv6 socket for nameserver communication: Address family not supported by protocol
HOST: box  Loss%  Snt  Last  Avg  Best  Wrst StDev
  1.|-- 192.168.1.1  0.0%  10  0.2  0.2  0.2  0.3  0.0
  2.|-- 10.208.216.1  0.0%  10  64.8  64.7  63.7  65.2  0.3
  3.|-- 218.248.166.206  0.0%  10  65.8  64.9  63.7  66.3  0.5
  4.|-- 218.248.235.197  0.0%  10  98.0  98.4  97.9  99.0  0.0
  5.|-- ???  100.0  10  0.0  0.0  0.0  0.0  0.0

Anybody is aware of this change? Is there anyway to go back to the previous internet routable ip address instead of this NAT?

Thanks
 
I guess your region is out of IPv4 addresses. 🙁 This is the first time that I'm seeing CGNAT on BSNL ADSL broadband. I had expected 2G/3G to get CGNAT first.

Is this a new connection?

Nice to see that you're likely running OpenWrt. If you are interested in digging further, add option pppd_options 'debug' to the wan interface in /etc/config/network and check the system log (with logread or webui). Post the lines starting with pppd.

Maybe there will be a service name in the ppp logs which will give public IPs. Other than that, the only option will be to reconnect and hope you get a public IP.

You can also try enabling IPv6 and see if you get a public IPv6 address. If IPv6 works then you can use 464XLAT or a tunnel or VPN to get working IPv4.
 
No, this is an old connection. Openwrt is my router OS of choice 🙂

Here is the pppd log
Code: 
Sat Mar 19 19:49:45 2016 daemon.info pppd[23723]: Plugin rp-pppoe.so loaded.
Sat Mar 19 19:49:45 2016 daemon.info pppd[23723]: RP-PPPoE plugin version 3.8p compiled against pppd 2.4.7
Sat Mar 19 19:49:45 2016 daemon.notice pppd[23723]: pppd 2.4.7 started by root, uid 0
Sat Mar 19 19:49:45 2016 daemon.debug pppd[23723]: Send PPPOE Discovery V1T1 PADI session 0x0 length 4
Sat Mar 19 19:49:45 2016 daemon.debug pppd[23723]:  dst ff:ff:ff:ff:ff:ff  src ab:fc:0f:15:21:d5
Sat Mar 19 19:49:45 2016 daemon.debug pppd[23723]:  [service-name]
Sat Mar 19 19:49:45 2016 daemon.debug pppd[23723]: Recv PPPOE Discovery V1T1 PADO session 0x0 length 175
Sat Mar 19 19:49:45 2016 daemon.debug pppd[23723]:  dst ab:fc:0f:15:21:d5  src 97:48:af:95:c2:3f
Sat Mar 19 19:49:45 2016 daemon.debug pppd[23723]:  [AC-name lkw-ras-bng-ksb-01-B2024120601745] [service-name cnt.bsnl.in] [service-name operation.in] [service-name education2home.in] [service-name tvaritplus.bsnl.in] [service-name sancharsoftupe.com] [service-name qabsnl.in] [service-name nmeiti.in] [
Sat Mar 19 19:49:45 2016 daemon.debug pppd[23723]: service-name upepostal.in]
Sat Mar 19 19:49:45 2016 daemon.debug pppd[23723]: Send PPPOE Discovery V1T1 PADR session 0x0 length 4
Sat Mar 19 19:49:45 2016 daemon.debug pppd[23723]:  dst 97:48:af:95:c2:3f  src ab:fc:0f:15:21:d5
Sat Mar 19 19:49:45 2016 daemon.debug pppd[23723]:  [service-name]
Sat Mar 19 19:49:45 2016 daemon.debug pppd[23723]: Recv PPPOE Discovery V1T1 PADS session 0x54d length 41
Sat Mar 19 19:49:45 2016 daemon.debug pppd[23723]:  dst ab:fc:0f:15:21:d5  src 97:48:af:95:c2:3f
Sat Mar 19 19:49:45 2016 daemon.debug pppd[23723]:  [service-name] [AC-name lkw-ras-bng-ksb-01-B2024120601745]
Sat Mar 19 19:49:45 2016 daemon.debug pppd[23723]: PADS: Service-Name: ''
Sat Mar 19 19:49:45 2016 daemon.info pppd[23723]: PPP session is 1357
Sat Mar 19 19:49:45 2016 daemon.warn pppd[23723]: Connected to 97:48:af:95:c2:3f via interface eth1
Sat Mar 19 19:49:45 2016 daemon.debug pppd[23723]: using channel 166
Sat Mar 19 19:49:45 2016 kern.info kernel: [37035.540000] pppoe-wan: renamed from ppp1
Sat Mar 19 19:49:45 2016 daemon.info pppd[23723]: Using interface pppoe-wan
Sat Mar 19 19:49:45 2016 daemon.notice pppd[23723]: Connect: pppoe-wan <--> eth1
Sat Mar 19 19:49:45 2016 daemon.debug pppd[23723]: sent [LCP ConfReq id=0x1 <mru 1492> <magic 0xdfe11421>]
Sat Mar 19 19:49:45 2016 daemon.debug pppd[23723]: rcvd [LCP ConfReq id=0x20 <mru 1460> <auth chap MD5> <magic 0x2f572df4>]
Sat Mar 19 19:49:45 2016 daemon.debug pppd[23723]: sent [LCP ConfAck id=0x20 <mru 1460> <auth chap MD5> <magic 0x2f572df4>]
Sat Mar 19 19:49:45 2016 daemon.debug pppd[23723]: rcvd [LCP ConfNak id=0x1 <mru 1460>]
Sat Mar 19 19:49:45 2016 daemon.debug pppd[23723]: sent [LCP ConfReq id=0x2 <mru 1460> <magic 0xdfe11421>]
Sat Mar 19 19:49:46 2016 daemon.debug pppd[23723]: rcvd [LCP ConfAck id=0x2 <mru 1460> <magic 0xdfe11421>]
Sat Mar 19 19:49:46 2016 daemon.debug pppd[23723]: sent [LCP EchoReq id=0x0 magic=0xdfe11421]
Sat Mar 19 19:49:46 2016 daemon.debug pppd[23723]: rcvd [CHAP Challenge id=0x1 <e3a55a1b84b093d25707888b7631c28b>, name = "lkw-ras-bng-ksb-01"]
Sat Mar 19 19:49:46 2016 daemon.debug pppd[23723]: sent [CHAP Response id=0x1 <970c340eec479417d2c382fd14b9e632>, name = "blahblahblah"]
Sat Mar 19 19:49:46 2016 daemon.debug pppd[23723]: rcvd [LCP EchoRep id=0x0 magic=0x2f572df4]
Sat Mar 19 19:49:46 2016 daemon.debug pppd[23723]: rcvd [CHAP Success id=0x1 "CHAP authentication success, unit 5497"]
Sat Mar 19 19:49:46 2016 daemon.info pppd[23723]: CHAP authentication succeeded: CHAP authentication success, unit 5497
Sat Mar 19 19:49:46 2016 daemon.notice pppd[23723]: CHAP authentication succeeded
Sat Mar 19 19:49:46 2016 daemon.notice pppd[23723]: peer from calling number 97:48:AF:95:C2:3F authorized
Sat Mar 19 19:49:46 2016 daemon.debug pppd[23723]: sent [IPCP ConfReq id=0x1 <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-dns2 0.0.0.0>]
Sat Mar 19 19:49:46 2016 daemon.debug pppd[23723]: sent [IPV6CP ConfReq id=0x1 <addr fe80::fc3a:a434:c8b2:667c>]
Sat Mar 19 19:49:46 2016 daemon.debug pppd[23723]: rcvd [IPCP ConfReq id=0xd8 <addr 10.208.216.1>]
Sat Mar 19 19:49:46 2016 daemon.debug pppd[23723]: sent [IPCP ConfAck id=0xd8 <addr 10.208.216.1>]
Sat Mar 19 19:49:46 2016 daemon.debug pppd[23723]: rcvd [IPCP ConfNak id=0x1 <addr 10.208.216.81> <ms-dns1 218.248.255.203> <ms-dns2 218.248.255.195>]
Sat Mar 19 19:49:46 2016 daemon.debug pppd[23723]: sent [IPCP ConfReq id=0x2 <addr 10.208.216.81> <ms-dns1 218.248.255.203> <ms-dns2 218.248.255.195>]
Sat Mar 19 19:49:46 2016 daemon.debug pppd[23723]: rcvd [LCP ProtRej id=0x21 80 57 01 01 00 0e 01 0a fc 3a a4 34 c8 b2 66 7c]
Sat Mar 19 19:49:46 2016 daemon.debug pppd[23723]: Protocol-Reject for 'IPv6 Control Protocol' (0x8057) received
Sat Mar 19 19:49:46 2016 daemon.debug pppd[23723]: rcvd [IPCP ConfAck id=0x2 <addr 10.208.216.81> <ms-dns1 218.248.255.203> <ms-dns2 218.248.255.195>]
Sat Mar 19 19:49:46 2016 daemon.notice pppd[23723]: local  IP address 10.208.216.81
Sat Mar 19 19:49:46 2016 daemon.notice pppd[23723]: remote IP address 10.208.216.1
Sat Mar 19 19:49:46 2016 daemon.notice pppd[23723]: primary  DNS address 218.248.255.203
Sat Mar 19 19:49:46 2016 daemon.notice pppd[23723]: secondary DNS address 218.248.255.195

It is rejecting IPV6 as well. I guess my only option will be to ditch BSNL rather than keeping up with this crap.

There is a single AC-name of 'lkw-ras-bng-ksb-01-B2024120601745'. I guess i am out of luck?

Does AIRTEL use CG-NAT?

Thanks
 
Last edited:
Airtel wireline broadband does not use CGNAT as far as I know. Airtel mobile broadband uses CGNAT.

You can see several service names in the logs: [service-name cnt.bsnl.in] [service-name operation.in] [service-name education2home.in] [service-name tvaritplus.bsnl.in] [service-name sancharsoftupe.com] [service-name qabsnl.in] [service-name nmeiti.in] [service-name upepostal.in]. I had a vague hope that there might be a new service name here which supported public IPs. In OpenWrt webui: network -> interfaces -> edit WAN interface, you can enter some of these service names and try your luck.

The other solution is to go to your exchange and ask for your connection to be shifted to the public IP pool. You can opt for static IP as a last resort. The people taking care of static IPs will know about public IP pools.

Regarding the DSLAM rejecting IPv6, it might be that BSNL opted to use a different method than IPV6CP for giving IPv6 addresses. In the wan6 interface of OpenWrt, try other options like Dual Stack Lite, DHCPv6 etc. Try the gateway address 10.208.216.1 (or whichever gateway you get) for any field that requires a remote IP address for e.g. the DS-Lite AFTR field.
 
Try a DNS lookup of google.com with dig or nslookup to see if it is mangling DNS as part of any IPv6 transition mechanism.
Code: 
dig google.com A google.com AAAA @218.248.255.203
dig google.com A google.com AAAA @218.248.255.195

One unusual thing is that it is using RFC1918 private addresses instead of the newer RFC6598 Shared Address Space 100.64.0.0/10 which is specifically meant for CGNATs.
 
Here is what i get
Code: 
$ dig google.com A google.com AAAA @218.248.255.203

; <<>> DiG 9.10.3-P2 <<>> google.com A google.com AAAA @218.248.255.203
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15118
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; QUESTION SECTION:
;google.com.  IN  A

;; ANSWER SECTION:
google.com.  212  IN  A  216.58.220.46

;; Query time: 0 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Sun Mar 20 19:02:16 IST 2016
;; MSG SIZE  rcvd: 55

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 34769
;; flags: qr rd; QUERY: 0, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; Query time: 73 msec
;; SERVER: 218.248.255.203#53(218.248.255.203)
;; WHEN: Sun Mar 20 19:02:16 IST 2016
;; MSG SIZE  rcvd: 12


$dig google.com A google.com AAAA @218.248.255.195

; <<>> DiG 9.10.3-P2 <<>> google.com A google.com AAAA @218.248.255.195
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58798
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; QUESTION SECTION:
;google.com.  IN  A

;; ANSWER SECTION:
google.com.  113  IN  A  216.58.220.46

;; Query time: 0 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Sun Mar 20 19:03:55 IST 2016
;; MSG SIZE  rcvd: 55

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11718
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;google.com.  IN  AAAA

;; ANSWER SECTION:
google.com.  127  IN  AAAA  2404:6800:4007:805::200e

;; AUTHORITY SECTION:
com.  172341  IN  NS  h.gtld-servers.net.
com.  172341  IN  NS  j.gtld-servers.net.
com.  172341  IN  NS  e.gtld-servers.net.
com.  172341  IN  NS  m.gtld-servers.net.
com.  172341  IN  NS  c.gtld-servers.net.
com.  172341  IN  NS  g.gtld-servers.net.
com.  172341  IN  NS  d.gtld-servers.net.
com.  172341  IN  NS  l.gtld-servers.net.
com.  172341  IN  NS  i.gtld-servers.net.
com.  172341  IN  NS  f.gtld-servers.net.
com.  172341  IN  NS  k.gtld-servers.net.
com.  172341  IN  NS  b.gtld-servers.net.
com.  172341  IN  NS  a.gtld-servers.net.

;; Query time: 75 msec
;; SERVER: 218.248.255.195#53(218.248.255.195)
;; WHEN: Sun Mar 20 19:03:55 IST 2016
;; MSG SIZE  rcvd: 291
 

DNS64 seems unlikely inside the PPPoE connection then. I guess the best chance for a public address is to get DHCPv6 working.

Apart from that the only realistic option would be to contact the local BSNL exchange or the SDO in your area and ask to be shifted to the public IP pool.
 

Similar threads

JB701
Private networks from outside local network accessible?
Replies
3
Views
1,269
JB701
JB701
  • Article Article
Powernet Fiber Review 300Mbps SuperNet LCO
Replies
9
Views
4,246
JB701
R
Overcoming high TCP congestion during the day
Replies
0
Views
808
rajil.s
Top