RailPro > RailPro Specific Help & Discussion
Difficulty with instillation
nortoneye:
Tim Ring and I had a long discussion regarding my ISP requiring a change in their system to allow RPA to pass through their internal firewall and the assigning of a static IP to me. The thing that could well be happening is with the repeal of net neutrality ISPs are free to charge for access to certain sites, increased band width. ect. Tim has the contact information for the carrier and may give them a call to see if this is the reason the extra charge to allow RPA through the ISP's firewall. This could be an issue that spreads to other ISP providers as well but Tim has never seen it before.
Alan:
Doesn't surprise me in the least. Telecoms didn't fight tooth and nail to defeat net neutrality just for the fun of it. Bend over consumer, here it comes. My cable bill went up $19 last month with no change in service.
G8B4Life:
Warning; Long post
Sigh! I really am at a loss to explain the absolute refusal to accept that the problem in probably 99% of cases could be the choice he made and programmed into his system, and a baffling misunderstanding of how ISP's can connect people to the internet.
--- Quote ---All Internet providers must offer IPV4 networking (Huge vast majority of the internet ) and ALL IPV4 is by definition globally routable! IPV4 is globally routable by design. This statement has the appearance of trying to get people to pay for a manufactured technical problem. It has nothing to do with the internet begin globally routable, or our server, or your equipment.
--- End quote ---
This is just the most baffling thing I have heard. All IPv4 is not globally routable. As I pointed out 6 posts back, IPv4 has private address ranges which are NOT globally routable (IPv6 is the same). These ranges are reserved, and are typically used for private networks, such a network in your home, or in the case of Carrier Grade NAT (also called Large Scale NAT or Nat444), your ISP.
And it has everything to do with his server, and his software.
--- Quote ---This has nothing to do with fiber connection or static vs dynamic addressing. In our area ATT offers fiber and the default settings work just fine with our server. The huge vast majority of home internet suppliers use dynamic IPs. If our server was not compatible with dynamic IPs than
most of our customers would not be able to use our server.
--- End quote ---
Well he got that right at least, whether your connection is fibre, cable or whatever the physical medium is has no bearing on this issue. Whether you have a static or dynamic IP by itself also has no bearing on the issue. What has a bearing is how the ISP makes the connection between you and the internet, and what firewalling they may do, but that's another subject.
I'll probably be accused of scaremongering again but I'll continue with the topic of CGNAT, if anyone's still reading this thread they might find it interesting.
Jim's case has little chance of being a part of the Net Neutrality scandal but probably has everything to do with IPv4 address exhaustion, which I'll explain for those that want to fall asleep.
For those that don't know, for all intensive purposes all public IPv4 addresses have been allocated - that means no more can be gotten from the official registries responsible for allocating them. This does not mean that there are no more left, your ISP probably has plenty left in stock to allocate to their customers. When they run out though they have to find someone selling some of theirs. The question is how many has your ISP bought? an IPv4 address is not cheap, the current rate is somewhere in the order of $US18.00 each. If your ISP is small they might have only bought something like a /18 block which is 16,384 addresses (that's $294,912 in IP Addresses). Now when your ISP goes over 16,000 odd customers they either need to buy another block of addresses if they want to keep giving each customer a public IP address or implement a way of preserving their pool of public address and only give a public ip address to customers who say they really need one. That implementation is called Carrier Grade NAT.
This image shows a typical (but simplified) ISP -> customer connection where the customer has a public IP address. CPE stands for Customer Premises Equipment, and is your router (which may be combined all-in-one with a modem).
Note that on the home side of the CPE you have a private IP address - no one can type this address into a web browser or other software and reach you, and on the ISP side of the CPE you have a public IP address. Anyone in the world could type that number into a web browser and in most cases reach your router (don't worry, your router would just drop the attempted connection unless you had specific services running or the router was unsecure). In this scenario there is only one round of Network Address Translation (NAT), which is done by your router, which you should be in control of.
And this image shows the CGNAT implementation (again simplified).
In this scenario now there are two private networks, the one on the home side of the CPE and one on the ISP side of the CPE. Both your and the ISP's routers are performing NAT (called double NAT). This can be a huge problem as explained next.
So what is NAT? Network Address Translation, and this, in the best layman's terms I can think of is what it does. When you request a website in your browser, it instructs your computer to send a request to your router saying "I want what is at IP address 123.123.123.123, port 80 and it needs to come back to IP Address 192.168.0.15 port 9169). You router then forwards that request to the router at your ISP but replaces the return address with it's own (it needs to come back to 148.56.218.16 port 9169) and remembers where it must send it back to when it receives the reply. Your router and most routers on the internet don't change the return to port.
With CGNAT, at an ISP level, the story is very different. The request is carried out the same way but the CGNAT router also changes the return port number (called Port Address Translation) and this breaks anything that uses a fixed port number, like RailPro Assistant.
This is how the connection to Rings Server from RailPro Assistant would look like in the non CGNAT scenario:
Now ,this is with CGNAT:
Note the CGNAT router has changed the from port. There is now no return path to the customer PC as the proceeding router will not have the reply from Rings server on port 80 mapped to an address for it to forward it to as it's expecting a reply to port 3647 from Rings server, and Ring's server won't reply to the router anyway when it see's that the from port was not 80.
This also not to say that even in the non CGNAT scenario that there couldn't be routers along the path taken by the request across in internet that don't change the from port but it's a less likely scenario.
Here's a configuration guide from Cisco that explains a bit about CGNAT, including the Port Address Translation (halfway down the page or so) if anyone is inclined to read it: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/xe-16/nat-xe-16-book/iadnat-cgn.html
The bad part is more CGNAT is coming as the adoption of IPv6 is, in a general sense slow and the scarcity of IPv4 addresses becomes more and more prevalent.
If you've read this far and are still awake you've done well.
- Tim
Alan:
Excellent explanation Tim. You made it easy to understand. I read the whole post without falling asleep. ;D But I still think net neutrality repeal will end up hitting my wallet.
G8B4Life:
Thanks Alan. It took me a long time to carefully write that post and create the diagrams so I'm glad you were able to follow it - and not fall asleep.
I realised after writing that post that I know some people that I believe are located behind CGNAT, and if I'm not mistaken I'll be over at their place in a week or so. I should be able to run some tests.
- Tim
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version