Lots of hosts do not respond for my internet connection

Question

Lots of hosts do not respond for my internet connection

meeuw opened this issue 2 years ago · comments

Hi,

Thanks for this list, this is going to be super useful for my little project to find out what port ranges are used for cgnat!

I noticed that I don't get any response for lots of hosts in the hourly updated valid_ipv4s.txt using my own script pystun, I tried to validate this by running "run.sh" on Fedora 35 but that's even worse (all hosts seem to fail):

OK 0 , DNS failure 78 , p/Timeout 0 , Timeout 508 , Incorrect 47

I guess there could be a difference in connectivity depending on the Internet connection, it would also be very helpful if the capabilities of the stun servers are available.

pradt2 · Answer 1 · Mon Feb 07 2022 07:16:47 GMT+0800 (China Standard Time)

Hi @meeuw, thanks for opening the issue. I just ran your script against all valid_ipv4s.txt and virtually all hosts responded correctly.

It seems to me that your firewall/network provider might be blocking UDP traffic. Could you check if this is the case?

Dick Marinus · Answer 2 · Tue Feb 08 2022 04:00:03 GMT+0800 (China Standard Time)

Thank you for your reply (as well as the suggestions for pystun).

I've ran your modified script on my internet connection and from an EC2 instance (VPS on AWS) and about 15 hosts don't respond, maybe I'm geo blocked? Anway, many hosts do respond, I might have too high expectations from "always online", it's still very useful.

pradt2 · Answer 3 · Tue Feb 08 2022 09:30:28 GMT+0800 (China Standard Time)

@meeuw All right, thanks for confirming.

15 unresponsive hosts seem quite high (I get 2-3 when I run your script locally running on a WiFi and behind a CG-NAT) so it might be the case that some of the listed providers block AWS/Azure/GCP IP ranges.

However, I take your point that you expect all hosts from the list to respond. Unfortunately, most of these STUN servers aren't ran with any uptime or quality of service guarantees, so some can always be down even if they were operational at the hourly check time.

One idea that springs to mind would be to use the past checks (e.g. in a "sliding-window" fashion) to find the most reliable services, and publish them in a separate list. It should be fairly straightforward as each check is recorded as a separate commit, and there is a few months' worth of data now in the repository.

If I were to implement this, would you be able to re-run your script in a few different environments to see if there is any improvement?

Dick Marinus · Answer 4 · Mon Feb 21 2022 04:18:35 GMT+0800 (China Standard Time)

If I were to implement this, would you be able to re-run your script in a few different environments to see if there is any improvement?

Sorry for the delay, yes most definitely!

Like I said, maybe I'm geoblocked, I haven't thoroughly checked but it seemed the same hosts were not responding everytime I tried.

This is the list ATM, will try again tomorrow:

Response from 13.250.110.196:3478 -> Timeout or other error
Response from 18.141.235.117:3478 -> Timeout or other error
Response from 23.21.199.62:3478 -> Timeout or other error
Response from 31.13.72.3:3478 -> Timeout or other error
Response from 62.157.116.5:3478 -> Timeout or other error
Response from 66.228.54.23:3478 -> Timeout or other error
Response from 78.111.79.151:3478 -> Timeout or other error
Response from 83.64.250.246:3478 -> Timeout or other error
Response from 88.198.151.128:3478 -> Timeout or other error
Response from 106.55.202.232:3478 -> Timeout or other error
Response from 109.224.232.102:3478 -> Timeout or other error
Response from 124.64.206.224:8800 -> Timeout or other error
Response from 178.63.107.149:3478 -> Timeout or other error
Response from 188.64.120.28:3478 -> Timeout or other error
Response from 212.211.179.42:3478 -> Timeout or other error
Response from 213.157.4.53:3478 -> Timeout or other error
Response from 217.119.210.45:3478 -> Timeout or other error

Dick Marinus · Answer 5 · Tue Feb 22 2022 03:44:32 GMT+0800 (China Standard Time)

List as of today, looks familiar:

Response from 13.250.110.196:3478 -> Timeout or other error
Response from 18.141.235.117:3478 -> Timeout or other error
Response from 23.21.199.62:3478 -> Timeout or other error
Response from 31.13.72.3:3478 -> Timeout or other error
Response from 62.157.116.5:3478 -> Timeout or other error
Response from 66.228.54.23:3478 -> Timeout or other error
Response from 78.111.79.151:3478 -> Timeout or other error
Response from 83.64.250.246:3478 -> Timeout or other error
Response from 88.198.151.128:3478 -> Timeout or other error
Response from 124.64.206.224:8800 -> Timeout or other error
Response from 178.63.107.149:3478 -> Timeout or other error
Response from 188.64.120.28:3478 -> Timeout or other error
Response from 212.211.179.42:3478 -> Timeout or other error
Response from 213.157.4.53:3478 -> Timeout or other error
Response from 217.119.210.45:3478 -> Timeout or other error

pradt2 · Answer 6 · Fri Feb 25 2022 17:59:39 GMT+0800 (China Standard Time)

Thanks for this. It's indeed very strange that these hosts don't work for you repeatedly. I'll take a look into this next week

Aron Homberg · Answer 7 · Sat Mar 05 2022 06:32:47 GMT+0800 (China Standard Time)

@meeuw Wait, how do you actually check if they are "unavailable"? Do you "ping" them? Because as by my tests, all of those don't respond to "ping" / ICMP requests -> timeout, while they work very well when "treated right": via https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/

Aron Homberg · Answer 8 · Sat Mar 05 2022 06:34:00 GMT+0800 (China Standard Time)

For example:

Dick Marinus · Answer 9 · Thu Mar 10 2022 03:46:47 GMT+0800 (China Standard Time)

Hi @kyr0 ! I'm using the script linked in this issue:
https://gist.github.com/meeuw/d25665c2ab8d68ecee7bd65a71ed365b

pradt2 · Answer 10 · Mon Mar 14 2022 04:35:00 GMT+0800 (China Standard Time)

@kyr0 What was your setup when you did the check? Did you use a AWS/Azure/GCP VM, or a local machine w/ a consumer ISP?