AT&T mobile intercepting TCP sockets?

• Previous message (by thread): AS 205869 - BGP hijacking source
• Next message (by thread): AT&T mobile intercepting TCP sockets?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I ran into an odd issue with access to a website I manage from AT&T
mobile devices this weekend.  The website worked for everybody not on
AT&T mobile, and AT&T mobile users could access other sites; the problem
was just this combination.

Android and iOS phones, as well as a Linux system tethered to an Android
phone, all had the same problem.  On the Linux system, I disabled IPv6
in Firefox, and it could then connect.  Browsers got various "connection
reset" type errors; on Linux, I could telnet to port 80 or 443, and it
would connect and immediately close.

The site does have an IPv6 address, but I had missed getting the
webserver to listen on IPv6 (my mistake).  Adding that looks to have
solved the problem.

When I ran tcpdump on the server and had someone try to connect from
their AT&T mobile iPhone, I saw three connection attempts a few tenths
of a second apart (all refused by the server).

My question is this: is AT&T mobile intercepting the TCP socket (and
not handling "connection refused" correctly)?  Is that a known thing?

-- 
Chris Adams <cma at cmadams.net>

• Previous message (by thread): AS 205869 - BGP hijacking source
• Next message (by thread): AT&T mobile intercepting TCP sockets?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]