Comment by zzyzxd
17 hours ago
I have a GL.iNet travel router. When I am not travel, it connects to the router's second WAN port. If my main internet goes down, it takes me 30 seconds to tether my phone and failover manually. My carrier detects and throttles hotspot traffic by measuring packets TTL, so I tweaks the router's iptables to dodge that. Typically I get over 400 Mbps.
From time to time I get the itch to improve my home network uptime, and I have to keep reminding myself that the current setup is fine.
(Tangential, regarding GL.Net routers: I find it satisfying that these routers run OpenWRT out of the box, and top the "Travel routers" category on Amazon: "Overall Pick" and "Amazon's Choice".)
It's probably because usually normal people don't but routers because they get them included in their internet subscription. So the people buying them have a specific reason to that normal routers don't do
It's a travel router which power users buy to get good connectivity away from home and office. An hotel won't offer you that (and chances are that they'll try to rip you off on their wifi).
I run several GL.Net routers in a mesh across two continents, some have Starlink and cellular, some on regular ol' fiber. They are bulletproof, highly recommend.
How do you do that in a mesh?
3 replies →
> My carrier detects and throttles hotspot traffic by measuring packets TTL, so I tweaks the router's iptables to dodge that.
Could you elaborate on this?
Some mobile phone providers check the packet TTL to limit tethering.
Network packets commonly have start with default TTL values of 64, 128, or 255. Each hop in the network subtracts 1.
When phone connects direct to carrier (cell tower, I assume) the carrier will see TTL of 64.
A laptop tethered to a phone introduces a hop so laptop-to-phone TTL is 64, phone-to-carrier TTL is 63.
Carriers can then limit bandwidth if network packet that don't have a common TTL.
For `iptables` look at `--ttl-inc 1` (to add back the 1 so 63 => 64) or `--ttl-set 64`.
Alternatively, you set the tethered devices to use a TTL of 65, e.g. linux/mac `sysctl -w net.inet.ip.ttl=65`
Thank you for explaining this, I had always wondered how a carrier could tell a device was tethered if a router was not passing on tethered device details.
1 reply →
How do you figure out what detection method a carrier is using?
1 reply →
You can easily manipulate and set TTL to whatever is needed with a Mikrotik router. Override TTL for all devices behind it.
/ip firewall mangle add chain=postrouting out-interface=lte1 action=change-ttl new-ttl=set:64 passthrough=yes comment="Set TTL for Mobile Hotspot"
I have a friend that is also curious. Their fibre cable was cut by addicts trying to find a source of copper that took a few days to be repaired. Using their hot spot during the outage used up their allotted hot spot bandwidth for the month. My friend would be very interested in how to avoid potential down time in the future.
Might I suggest an email address added to your HN profile, lest a publicly posted reply result in observation by a nefarious telecom employee who just might obviate the proposed solution to your friend’s conundrum.
2 replies →
TTL++l0l
Sure, it's widely known.
Default TTL is usually 64.
Phone traffic TTL is 64.
But when behind the phone-as-router/gateway, compy traffic TTL is...63!
Out of curiosity what carrier are you using?
Pulled the thread on this a bit and it seems that it will be highly carrier-dependent and will likely be flakey if it works at all.
TTL is one of the simplest methods carriers use to detect if there's an extra hop but very unlikely to be their only line of defense against methods like this.
Is your phone connected to the router through a cable or wirelessly?
They can do both - cable or bluetooth. Don't think wifi
I have AT&T Fiber and 99% of the time it's fantastic, but there are several instances of 30-60 second downtime a day and I have a 5G modem with a Google Fi data sim as a backup. Failover is nearly-instant with a Unifi UDM.
The data sim costs nothing extra on top of my cellular plan and just counts towards my (already very generous) monthly limit of 50GB.