You are not logged in.
- Topics: Active | Unanswered
#51 2024-12-18 19:02:33
- seth
- Member
- From: Don't DM me only for attention
- Registered: 2012-09-03
- Posts: 71,649
Re: [Solved]Cannot curl or browse certain websites on a fresh arch install
An adblocker in the router?
I was thinking of a pihole or so.
Offline
#52 2024-12-18 19:24:03
- Lumenohr
- Member
- Registered: 2024-12-15
- Posts: 37
Re: [Solved]Cannot curl or browse certain websites on a fresh arch install
An adblocker in the router?
Nope, within the browser. I don't know of any adblocker in the router.
I was thinking of a pihole or so.
We don't have one of those.
Offline
#53 2024-12-18 19:38:37
- seth
- Member
- From: Don't DM me only for attention
- Registered: 2012-09-03
- Posts: 71,649
Re: [Solved]Cannot curl or browse certain websites on a fresh arch install
curl -vL "http://lutris.net:443"
curl -vL "http://lutris.net:8443"Both should get you a 400 error.
Are you ok w/ revealing the nature/type of the concerned router and maybe your ISP or if this is maybe behind a corporate firewall or some proxy system?
Someone's clearly mucking around w/ the ssl connections on 443, but seems to ignore 8443 - and this also seems to target cloudflare specifically.
Offline
#54 2024-12-18 20:07:37
- Lumenohr
- Member
- Registered: 2024-12-15
- Posts: 37
Re: [Solved]Cannot curl or browse certain websites on a fresh arch install
curl -vL "http://lutris.net:443"
* Host lutris.net:443 was resolved.
* IPv6: 2606:4700:3030::6815:1001, 2606:4700:3030::6815:3001, 2606:4700:3030::6815:4001, 2606:4700:3030::6815:5001, 2606:4700:3030::6815:7001, 2606:4700:3030::6815:2001, 2606:4700:3030::6815:6001
* IPv4: 104.21.16.1, 104.21.48.1, 104.21.32.1, 104.21.80.1, 104.21.64.1, 104.21.112.1, 104.21.96.1
* Trying [2606:4700:3030::6815:1001]:443...
* Immediate connect fail for 2606:4700:3030::6815:1001: Network is unreachable
* Trying [2606:4700:3030::6815:3001]:443...
* Immediate connect fail for 2606:4700:3030::6815:3001: Network is unreachable
* Trying [2606:4700:3030::6815:4001]:443...
* Immediate connect fail for 2606:4700:3030::6815:4001: Network is unreachable
* Trying [2606:4700:3030::6815:5001]:443...
* Immediate connect fail for 2606:4700:3030::6815:5001: Network is unreachable
* Trying [2606:4700:3030::6815:7001]:443...
* Immediate connect fail for 2606:4700:3030::6815:7001: Network is unreachable
* Trying [2606:4700:3030::6815:2001]:443...
* Immediate connect fail for 2606:4700:3030::6815:2001: Network is unreachable
* Trying [2606:4700:3030::6815:6001]:443...
* Immediate connect fail for 2606:4700:3030::6815:6001: Network is unreachable
* Trying 104.21.16.1:443...
* Connected to lutris.net (104.21.16.1) port 443
* using HTTP/1.x
> GET / HTTP/1.1
> Host: lutris.net:443
> User-Agent: curl/8.11.1
> Accept: */*
>
* Request completely sent off
* Recv failure: Connection reset by peer
* closing connection #0
curl: (56) Recv failure: Connection reset by peercurl -vL "http://lutris.net:8443"
* Host lutris.net:8443 was resolved.
* IPv6: 2606:4700:3030::6815:4001, 2606:4700:3030::6815:5001, 2606:4700:3030::6815:7001, 2606:4700:3030::6815:2001, 2606:4700:3030::6815:6001, 2606:4700:3030::6815:1001, 2606:4700:3030::6815:3001
* IPv4: 104.21.32.1, 104.21.80.1, 104.21.64.1, 104.21.112.1, 104.21.96.1, 104.21.16.1, 104.21.48.1
* Trying [2606:4700:3030::6815:4001]:8443...
* Immediate connect fail for 2606:4700:3030::6815:4001: Network is unreachable
* Trying [2606:4700:3030::6815:5001]:8443...
* Immediate connect fail for 2606:4700:3030::6815:5001: Network is unreachable
* Trying [2606:4700:3030::6815:7001]:8443...
* Immediate connect fail for 2606:4700:3030::6815:7001: Network is unreachable
* Trying [2606:4700:3030::6815:2001]:8443...
* Immediate connect fail for 2606:4700:3030::6815:2001: Network is unreachable
* Trying [2606:4700:3030::6815:6001]:8443...
* Immediate connect fail for 2606:4700:3030::6815:6001: Network is unreachable
* Trying [2606:4700:3030::6815:1001]:8443...
* Immediate connect fail for 2606:4700:3030::6815:1001: Network is unreachable
* Trying [2606:4700:3030::6815:3001]:8443...
* Immediate connect fail for 2606:4700:3030::6815:3001: Network is unreachable
* Trying 104.21.32.1:8443...
* Connected to lutris.net (104.21.32.1) port 8443
* using HTTP/1.x
> GET / HTTP/1.1
> Host: lutris.net:8443
> User-Agent: curl/8.11.1
> Accept: */*
>
* Request completely sent off
< HTTP/1.1 400 Bad Request
< Server: cloudflare
< Date: Wed, 18 Dec 2024 20:00:33 GMT
< Content-Type: text/html
< Content-Length: 253
< Connection: close
< CF-RAY: -
<
<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>cloudflare</center>
</body>
</html>
* shutting down connection #0Are you ok w/ revealing the nature/type of the concerned router and maybe your ISP or if this is maybe behind a corporate firewall or some proxy system?
Someone's clearly mucking around w/ the ssl connections on 443, but seems to ignore 8443 - and this also seems to target cloudflare specifically.
Well, according to the portal of my router the device is a HG8145V5 and my ISP is Globe for the Philippines. I don't know about a corporate firewall or proxy system, but is that something I can check with the portal? I have the ability to log into it as an admin.
Offline
#55 2024-12-18 20:28:23
- seth
- Member
- From: Don't DM me only for attention
- Registered: 2012-09-03
- Posts: 71,649
Re: [Solved]Cannot curl or browse certain websites on a fresh arch install
https://community.cloudflare.com/t/webs … -is/616516
https://community.cloudflare.com/t/clou … ons/684955
(both reach until this summer)
So this seems some pattern w/ the ISP or country, but that doesn't explain how or why your phone gets around that.
Can you see what cloudflare IP it resolves for lutris.net?
Have you tried to set 1.1.1.1 as (primary) DNS in your router?
Offline
#56 2024-12-18 20:51:05
- Lumenohr
- Member
- Registered: 2024-12-15
- Posts: 37
Re: [Solved]Cannot curl or browse certain websites on a fresh arch install
https://community.cloudflare.com/t/webs … -is/616516
https://community.cloudflare.com/t/clou … ons/684955(both reach until this summer)
So this seems some pattern w/ the ISP or country, but that doesn't explain how or why your phone gets around that.
Interesting, I did hear about similar problems when looking into this, but didn't know it was to this extent. Very problematic and a head scratcher.
Can you see what cloudflare IP it resolves for lutris.net?
Gives me
104.21.112.1 when using wget.
Have you tried to set 1.1.1.1 as (primary) DNS in your router?
I think I tried that before, but I can try it again.
Edit: As a note, it should be under DHCP server config in the admin portal right?
Last edited by Lumenohr (2024-12-18 20:53:07)
Offline
#57 2024-12-18 21:00:10
- seth
- Member
- From: Don't DM me only for attention
- Registered: 2012-09-03
- Posts: 71,649
Re: [Solved]Cannot curl or browse certain websites on a fresh arch install
I think I tried that before, but I can try it again.
https://sg.o3.huawei.com/enbpitserviceg … r82gj2.png
Looks like, yes.
Offline
#58 2024-12-18 21:03:25
- Lumenohr
- Member
- Registered: 2024-12-15
- Posts: 37
Re: [Solved]Cannot curl or browse certain websites on a fresh arch install
Yeah I've set it to 1.1.1.1 as the primary DNS but still no fish.
Offline
#59 2024-12-18 21:26:48
- seth
- Member
- From: Don't DM me only for attention
- Registered: 2012-09-03
- Posts: 71,649
Re: [Solved]Cannot curl or browse certain websites on a fresh arch install
Meh.
Btw, before you go up in arms and demand the heads of your local government - I stumbled over complaints that your ISP routes over Honkong.
https://community.cloudflare.com/t/rout … elp/162820
https://www.reddit.com/r/InternetPH/com … ?rdt=37025
But that was also 4 and 2 years ago…
I guess I don't have to explain why that might be a problem these days 
Where does
tracepath lutris.netlead you before reaching cloudflare?
Oh, and iirc you said the phone uses one.one.one.one rather than 1.1.1.1 ?
Offline
#60 2024-12-18 22:47:40
- Lumenohr
- Member
- Registered: 2024-12-15
- Posts: 37
Re: [Solved]Cannot curl or browse certain websites on a fresh arch install
tracepath lutris.net:
1?: [LOCALHOST] pmtu 1500
1: _gateway 1.771ms
1: _gateway 1.601ms
2: _gateway 1.676ms pmtu 1492
2: 10.166.66.89 11.586ms
3: 10.155.113.134 13.025ms asymm 2
4: 180.191.13.45 44.466ms asymm 3
5: no reply
6: no reply
7: 103.231.152.33 79.108ms asymm 5
8: 162.158.160.159 66.877ms asymm 7
9: no reply
10: no reply
11: no reply
12: no reply
13: no reply
14: no reply
15: no reply
16: no reply
17: no reply
18: no reply
19: no reply
20: no reply
21: no reply
22: no reply
23: no reply
24: no reply
25: no reply
26: no reply
27: no reply
28: no reply
29: no reply
30: no reply
Too many hops: pmtu 1492
Resume: pmtu 1492 Oh, and iirc you said the phone uses one.one.one.one rather than 1.1.1.1 ?
Yeah it seems to be the greyed out dns when explicitly setting it on phone.
I guess I don't have to explain why that might be a problem these days
Yeah.
Offline
#61 2024-12-19 09:08:02
- seth
- Member
- From: Don't DM me only for attention
- Registered: 2012-09-03
- Posts: 71,649
Re: [Solved]Cannot curl or browse certain websites on a fresh arch install
Bingo 
◉ whois 103.231.152.33
inetnum: 103.231.152.0 - 103.231.155.255
netname: BBIXHK-HK
descr: BBIX HONG KONG
country: HK
…◉ geoiplookup 103.231.152.33
GeoIP Country Edition: HK, Hong Kong
GeoIP City Edition, Rev 1: HK, 00, N/A, N/A, N/A, 22.257799, 114.165703, 0, 0I'm not saying that's the cause, but I do know for a fact that Winnie the Pooh has a super-tiny tail… and the behavior smells a lot like that, notably since there's no whatsoever problem on 8443
Can you check the path on your phone?
Offline
#62 2024-12-19 14:59:23
- Lumenohr
- Member
- Registered: 2024-12-15
- Posts: 37
Re: [Solved]Cannot curl or browse certain websites on a fresh arch install
On my phone:
tracepath lutris.net
1?: [LOCALHOST] pmtu 1500
1: globebroadband.net 8.428ms
1: globebroadband.net 9.472ms
2: globebroadband.net 6.566ms pmtu 1492
2: 10.166.66.89 22.044ms
3: 10.155.113.134 15.798ms asymm 2
4: 180.191.13.45 51.001ms asymm 3
5: no reply
6: no reply
7: 103.231.152.33 93.418ms asymm 5
8: 162.158.160.55 78.385ms asymm 6
9: no reply
10: no reply
11: no reply
12: no reply
13: no reply
14: no reply
15: no reply
16: no reply
17: no reply
18: no reply
19: no reply
20: no reply
21: no reply
22: no reply
23: no reply
24: no reply
25: no reply
26: no reply
27: no reply
28: no reply
29: no reply
30: no reply
Too many hops: pmtu 1492
Resume: pmtu 1492Seems like the same is true for the phone:
whois 103.231.152.33:
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '103.231.152.0 - 103.231.155.255'
% Abuse contact for '103.231.152.0 - 103.231.155.255' is 'abuse@bbix.net'
inetnum: 103.231.152.0 - 103.231.155.255
netname: BBIXHK-HK
descr: BBIX HONG KONG
country: HK
org: ORG-BHKP1-AP
admin-c: BHKP1-AP
tech-c: BHKP1-AP
abuse-c: AB1030-AP
status: ASSIGNED PORTABLE
remarks: --------------------------------------------------------
remarks: To report network abuse, please contact mnt-irt
remarks: For troubleshooting, please contact tech-c and admin-c
remarks: Report invalid contact via www.apnic.net/invalidcontact
remarks: --------------------------------------------------------
mnt-by: APNIC-HM
mnt-routes: MAINT-BBIXHK-HK
mnt-irt: IRT-BBIXHK-HK
last-modified: 2022-11-23T03:53:56Z
source: APNIC
irt: IRT-BBIXHK-HK
address: FLAT/RM 402 4/F, NEW LANDWIDE COMMERCIAL BLDG 73 KIMBERLEY ROAD, TSIM SHA TSUI, KOWLOON
e-mail: abuse@bbix.net
abuse-mailbox: abuse@bbix.net
admin-c: BHKP1-AP
tech-c: BHKP1-AP
auth: # Filtered
remarks: abuse@bbix.net was validated on 2024-12-12
mnt-by: MAINT-BBIXHK-HK
last-modified: 2024-12-12T01:49:23Z
source: APNIC
organisation: ORG-BHKP1-AP
org-name: BBIX HONG KONG PTE. LIMITED
org-type: LIR
country: HK
address: Room 901, Boss Commercial Centre,
address: 28 Ferry Street,
address: Jordan
phone: +81-3-6889-9257
e-mail: abuse@bbix.net
mnt-ref: APNIC-HM
mnt-by: APNIC-HM
last-modified: 2023-09-05T02:16:22Z
source: APNIC
role: ABUSE BBIXHKHK
country: ZZ
address: FLAT/RM 402 4/F, NEW LANDWIDE COMMERCIAL BLDG 73 KIMBERLEY ROAD, TSIM SHA TSUI, KOWLOON
phone: +000000000
e-mail: abuse@bbix.net
admin-c: BHKP1-AP
tech-c: BHKP1-AP
nic-hdl: AB1030-AP
remarks: Generated from irt object IRT-BBIXHK-HK
remarks: abuse@bbix.net was validated on 2024-12-12
abuse-mailbox: abuse@bbix.net
mnt-by: APNIC-ABUSE
last-modified: 2024-12-12T01:49:47Z
source: APNIC
role: BBIX HONG KONG PTE LIMITED administrator
address: Room 901, Boss Commercial Centre, 28 Ferry Street, Jordan, Kowloon
country: HK
phone: +81-3-6889-9257
fax-no: +81-3-6889-9257
e-mail: abuse@bbix.net
admin-c: BHKP1-AP
tech-c: BHKP1-AP
nic-hdl: BHKP1-AP
mnt-by: MAINT-BBIXHK-HK
last-modified: 2022-11-28T00:32:03Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.25 (WHOIS-JP3)geoiplookup 103.231.152.33:
GeoIP Country Edition: HK, Hong Kong
GeoIP City Edition, Rev 1: HK, 00, N/A, N/A, N/A, 22.257799, 114.165703, 0, 0
GeoIP ASNum Edition: IP Address not foundLast edited by Lumenohr (2024-12-19 15:04:35)
Offline
#63 2024-12-19 18:48:09
- seth
- Member
- From: Don't DM me only for attention
- Registered: 2012-09-03
- Posts: 71,649
Re: [Solved]Cannot curl or browse certain websites on a fresh arch install
Phone starts at
1: globebroadband.net 8.428ms
1: globebroadband.net 9.472ms
2: globebroadband.net 6.566ms pmtu 1492arch through
1: _gateway 1.771ms
1: _gateway 1.601ms
2: _gateway 1.676ms pmtu 1492ping -c1 _gateway
ping -c1 globebroadband.netBut the latency is drastically different and globebroadband.net resolves to 199.191.50.185 here - the phone doesn't seem to be on the same subnet after all?
Offline
#64 2024-12-20 03:01:56
- Lumenohr
- Member
- Registered: 2024-12-15
- Posts: 37
Re: [Solved]Cannot curl or browse certain websites on a fresh arch install
ping -c1 _gateway
PING _gateway (192.168.254.254) 56(84) bytes of data.
64 bytes from _gateway (192.168.254.254): icmp_seq=1 ttl=64 time=1.93 ms
--- _gateway ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 1.928/1.928/1.928/0.000 msping -c1 globebroadband.net
PING globebroadband.net (199.191.50.185) 56(84) bytes of data.
64 bytes from 199.191.50.185: icmp_seq=1 ttl=243 time=211 ms
--- globebroadband.net ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 211.141/211.141/211.141/0.000 msBut the latency is drastically different and globebroadband.net resolves to 199.191.50.185 here - the phone doesn't seem to be on the same subnet after all?
Maybe because it's a mobile device? At any rate, ill be traveling for a bit so unfortunately this issue could be something to check later on. Interestingly enough, a lot of information was discovered abt this specific problem through this thread. Hopefully when I get back it is either fixed or a solution can be found.
Offline
#65 2024-12-20 08:47:39
- seth
- Member
- From: Don't DM me only for attention
- Registered: 2012-09-03
- Posts: 71,649
Re: [Solved]Cannot curl or browse certain websites on a fresh arch install
Maybe because it's a mobile device?
You had previously claimed it would be in the same LAN as the other hosts, but apparently it's not - you're using some mobile data plan.
So it's more likely to be between your router and your ISP, not Winnie The Pooh.
Offline
#66 2024-12-21 16:34:02
- Lumenohr
- Member
- Registered: 2024-12-15
- Posts: 37
Re: [Solved]Cannot curl or browse certain websites on a fresh arch install
Maybe because it's a mobile device?
You had previously claimed it would be in the same LAN as the other hosts, but apparently it's not - you're using some mobile data plan.
So it's more likely to be between your router and your ISP, not Winnie The Pooh.
Interesting. Are you sure? I was certain it was using WiFi and not mobile data, though. Perhaps you're right, but I was almost certain I had turned off my data.
Offline
#67 2024-12-21 18:46:38
- seth
- Member
- From: Don't DM me only for attention
- Registered: 2012-09-03
- Posts: 71,649
Re: [Solved]Cannot curl or browse certain websites on a fresh arch install
The first hop in your LAN will be _gateway (or its IP, 192.168.254.254) but your phone goes straight to the public 199.191.50.185
Afterwards the traffic becomes the same, though: 10.166.66.89 and 10.155.113.134 are private ranges (probably part of a CGN) then 180.191.13.45 is globe.com.ph, 103.231.152.33 is in HK and 162.158.160.* is already cloudflare.
Offline