Need an Expert Advisor. I somehow broke the laws of internet physics.

[msantore22]

so to get to the point, im gonna start by saying i'm so very genuinely confused right now.  earlier this morning i was trying advanced techniques to bypass netflix's U.S. content block. but let me make this clear This post is not about bypassing the block. its much bigger than that. so there i was i was trying all sorts of things involving vpns, my opnsense firewall. etc. when i randomly  stopped to ping a netflix domain name. and thats when i first noticed this bug. atleast i believe it has to be a bug. like what else would cause this? this whatever it was was completely unbelievable.

I somehow tricked my ISP to originate packets from the destination, instead of from my local pc. this bug makes every ip address i Ping or tracert to have 1MS. it doesnt matter if its from japan, or uk, or U.S   the ping is always 1ms.

so i tested a video game. i've always had 60ms in video games before today. so right away i felt the change in responsiveness. but to my surprise the game still reported my original ping of 60ms. but it felt fluid. more fluid than usual. 


i've included screenshots of ping tests from various websites/servers. i can make a youtube video if people are absolutely skeptical. but im not sure how this can be explained. and i need an expert to tell it to me straight! how the heck did this even happen?


this only seems to affect Cable Internet. i swapped to my DSL internet and it didnt work there. only cable was affected. and i could swap back and it did it again

here's a youtube demonstration

[DoctorNick]

oh forget what I said, you broke the laws of the univers my child!!!!

[msantore22]

i'm so confused, there has to be some kind of explanation.

[Dedayog]

I interpret this "I somehow tricked my ISP to originate packets from the destination, instead of from my local pc."  to mean that every time you test ping, you're testing destination to destination since your ISP now thinks it's the destination.

 

SO you're basically doing ISP to itself, no?

[msantore22]

19 minutes ago, Dedayog said:

I interpret this "I somehow tricked my ISP to originate packets from the destination, instead of from my local pc."  to mean that every time you test ping, you're testing destination to destination since your ISP now thinks it's the destination.

 

SO you're basically doing ISP to itself, no?

if you look at the tracert in the screenshot, the tracert goes to a google ip address. and the first address in the tracert, what is normally the home address what should be my ip, is somehow googles ip.

[brwainer]

I think you need to elaborate on what you have done to try to evade Netflix’s geo block. My “expert” opinion (I do not consider myself an network expert because I know what I do not know about networking, and I work with some true “experts”, but a Fortune 500 company is happy to keep paying me a lot of money to be a Network Engineer and solve odd problems like yours) is that you’ve caused your router to respond to every ping request itself. This might be due to some NAT or routing related policy you’ve made.

 

Edit: to explain the traceroute results, Windows traceroute defaults to using standard ping packets (ICMP Echo Requests) so anything that’s affecting ping will affect the default Windows traceroute. It is also possible to traceroute using UDP packets which is the default in Linux. I don’t know off the top of my head whether and how you can make Windows tracert use UDP instead of ICMP.

[msantore22]

20 minutes ago, brwainer said:

I think you need to elaborate on what you have done to try to evade Netflix’s geo block. My “expert” opinion (I do not consider myself an network expert because I know what I do not know about networking, and I work with some true “experts”, but a Fortune 500 company is happy to keep paying me a lot of money to be a Network Engineer and solve odd problems like yours) is that you’ve caused your router to respond to every ping request itself. This might be due to some NAT or routing related policy you’ve made.

 

Edit: to explain the traceroute results, Windows traceroute defaults to using standard ping packets (ICMP Echo Requests) so anything that’s affecting ping will affect the default Windows traceroute. It is also possible to traceroute using UDP packets which is the default in Linux. I don’t know off the top of my head whether and how you can make Windows tracert use UDP instead of ICMP.

thanks for your reply. i appreciate it. it might be a routing policy but its definitely not nat. the only settings i played around with in my firewall were unbound dns settings. and on the vpn side of things i played around with routing specific netflix domains through local my dns server instead of my vpn, but it didnt help in the unblocking process.

What i did do with the routing was i forced openvpn to run alongside my internet connection instead of as a layer on top. so my ip did not change but im still connected to the vpn. i used the route-nopull function. i litterally cant see anything out of the ordinary in my settings that would cause my vpn to make my internet do what i described above

[TomChaai]

To me it feels like something in your local setup is spoofing ICMP and pretending to be whatever you try to trace, anything you trace/ping is simply one hop away and less than 1ms in ping.

This is not possible in term of public internet routing and pure physics, it must be something locally.

Try route print and see if the default route for anything internet is 127.0.0.1/localhost and redirects to something set up on your PC.

[msantore22]

here's something interesting, the ip addresses feel like they are caching, both the domains and the ip addresses. i wonder if it has something to do with my vpn settings.

normally 1.1.1.1 and unbound dns only caches domains but what if my vpn is making it cache the ip addresses too? that would explain the near instant connection with tracert.

 

idk at this point though. here's my vpn settings. they arent standard every day settings for sure. put "route-nopull" in your client file, if anyones gonna try this out

[msantore22]

7 minutes ago, TomChaai said:

To me it feels like something in your local setup is spoofing ICMP and pretending to be whatever you try to trace, anything you trace/ping is simply one hop away and less than 1ms in ping.

This is not possible in term of public internet routing and pure physics, it must be something locally.

Try route print and see if the default route for anything internet is 127.0.0.1/localhost and redirects to something set up on your PC.

good catch! i tried route print and the plot thickened. my vpn server ip is using my local router gateway?!?!?!?

===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
    " vpn server ip"   255.255.255.255      192.168.1.1       1
===========================================================================

[TomChaai]

1 minute ago, msantore22 said:

good catch! i tried route print and the plot thickened. my vpn server ip is using my localhost gateway?!?!?!?

===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
    " vpn server ip"   255.255.255.255      192.168.1.1       1
===========================================================================

Check the active route section, the persistent route looks fine to me, it just says next hop for "vpn server IP" is 192.168.1.1, which I believe is how your internet works even without your customised setup.

[msantore22]

3 minutes ago, TomChaai said:

Check the active route section, the persistent route looks fine to me, it just says next hop for "vpn server IP" is 192.168.1.1, which I believe is how your internet works even without your customised setup.

so all i see are these:
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.64     20
     vpn server ip  255.255.255.255      192.168.1.1     192.168.1.64    276
    static isp ip  255.255.255.255      192.168.1.1     192.168.1.64     21
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331

 

for the static isp ip its located in another province. i dont know enough about networking to tell if these are good or not