3Network mobile broadband addressing and routing

  • Thread starter Thread starter James Egan
  • Start date Start date
J

James Egan

I am a bit puzzled by one or two 3mobile broadband issues and was
hoping someone might be able to explain it for me.

In particular I was wondering about port forwarding on my HSDPA/UMTS
router and whether or not it would work. The three.co.uk website
actually has a "how to" for setting up port forwarding on a Huawei
D100 router so I guess it's supposed to work but I don't know how.

I was expecting the router WAN ip address to be an assigned public
address from 3 but it isn't. In fact it is an address on private
network 10.0.0.0/8

These are the assigned addresses which are all private
Router ip 10.118.214.4
Router default gateway 10.64.64.64
Router DNS 172.31.140.69
Router DNS 172.31.76.69

A check on my public ip address using a web checker returns
217.171.129.71 which reverse looks up to nat71.mia.three.co.uk, part
of 3's "NAT Pool for Mobiles".

So if I am getting Internet access from a pool of NAT devices, how can
port forwarding work on my router unless the public ip address maps to
the routers (private) WAN ip address on a 1 to 1 basis? Perhaps it
does?

To try and shed some light I tried a tracert from one of the xp pc's
to www.dslreports.com but was even more bemused when it returned...

Tracing route to www.dslreports.com [209.123.109.175]
over a maximum of 30 hops:

1 2 ms 2 ms 2 ms 192.168.7.2
2 111 ms 120 ms 128 ms 172.31.88.36
3 128 ms 129 ms 129 ms 172.31.152.22
4 129 ms 129 ms 129 ms 217.171.129.125
5 128 ms 129 ms 130 ms 217.171.128.36
6 130 ms 129 ms 109 ms 172.31.252.114
7 148 ms 139 ms 140 ms 195.50.90.153
8 149 ms 159 ms 150 ms ae-34-52.ebr2.London1.Level3.net
[4.69.139.97]
9 ...


The first address is the private ip address of my router, the next two
hops are private addresses at 3, then two hops around public ip
addresses from 3's nat pool for mobiles, then a hop back inside 3's
private network and then finally out into the ether via level3
communications.

Thanks for any helpful explanations.


Jim.
 
I am a bit puzzled by one or two 3mobile broadband issues and was
hoping someone might be able to explain it for me.

In particular I was wondering about port forwarding on my HSDPA/UMTS
router and whether or not it would work. The three.co.uk website
actually has a "how to" for setting up port forwarding on a Huawei
D100 router so I guess it's supposed to work but I don't know how.

I was expecting the router WAN ip address to be an assigned public
address from 3 but it isn't. In fact it is an address on private
network 10.0.0.0/8

These are the assigned addresses which are all private
Router ip 10.118.214.4
Router default gateway 10.64.64.64
Router DNS 172.31.140.69
Router DNS 172.31.76.69

A check on my public ip address using a web checker returns
217.171.129.71 which reverse looks up to nat71.mia.three.co.uk, part
of 3's "NAT Pool for Mobiles".

So if I am getting Internet access from a pool of NAT devices, how can
port forwarding work on my router unless the public ip address maps to
the routers (private) WAN ip address on a 1 to 1 basis?  Perhaps it
does?

To try and shed some light I tried a tracert from one of the xp pc's
towww.dslreports.combut was even more bemused when it returned...

Tracing route towww.dslreports.com[209.123.109.175]
over a maximum of 30 hops:

  1     2 ms     2 ms     2 ms  192.168.7.2
  2   111 ms   120 ms   128 ms  172.31.88.36
  3   128 ms   129 ms   129 ms  172.31.152.22
  4   129 ms   129 ms   129 ms  217.171.129.125
  5   128 ms   129 ms   130 ms  217.171.128.36
  6   130 ms   129 ms   109 ms  172.31.252.114
  7   148 ms   139 ms   140 ms  195.50.90.153
  8   149 ms   159 ms   150 ms  ae-34-52.ebr2.London1.Level3.net
[4.69.139.97]
  9   ...

The first address is the private ip address of my router, the next two
hops are private addresses at 3, then two hops around public ip
addresses from 3's nat pool for mobiles, then a hop back inside 3's
private network and then finally out into the ether via level3
communications.

Thanks for any helpful explanations.

Don't get too exercised by the weird traceroute.
Remember how it actually works.
Each intermediate hop sends a response back to
the traceroute originator however there is no
guarantee how that response will be routed.

For example the response from
6 130 ms 129 ms 109 ms 172.31.252.114

could be entering the public internet at one of several points
and it just might happen that the router/firewall that handles it
is not natting the traffic as might be convenient for you.

Obviously if your router is not getting a public address
then you will not be able to publish any open ports
on to the internet. Maybe if you ask the provider
they can fix it for you? Of course getting through to
a clueful person might not be so easy.
 
It must depend on something. On the £5 handset data add-on,
or when using the "free" data they add to your account when you
top up now, I have only ever been assigned net 10 addresses.
This is using "three.co.uk" as the APN.

I'm definitely on the high speed network with a 10.x.x.x address.
Three never actually gave me any instructions for APN etc. I just
googled them up and currently am using "three.co.uk" as APN, "guest"
as username and "*99***1#" as phone number

The choice of assigned address could depend on the APN, with
"3internet" being the other choice (that's how AT&T does this
in the USA), or might depend on whether the £10 broadband add-on
has been purchased, or some combination of these, or something
else entirely. It would be interesting to know what is required
to get a public address in case I someday need to use an
application which requires it (e.g. my employer's VPN).

I just tried it with "3internet" as the APN and was assigned a public
address rather than a private one so it appears your assertion is
correct.

Incidentally I'm on the 15gB for £15 package.



Jim.
 
AT&T in the USA also uses 2 APNs which do the same thing
though, unlike 3 apparently, they restrict the APN which gives out
public addresses to those who've paid for higher-tariff data plans.
The other thing AT&T does is to block incoming TCP connections
even with the public address APN. I'm down to a single laptop
at the moment so I can't test this, but I assume you will be finding
out what 3 does shortly.

I can telnet into the router using the external ip address so there's
no blocking on port 23 at least.


Jim.
 
Back
Top