Verizon/Qwest single end-user difficulty vs Xfinity

Sat Mar 18 21:53:21 UTC 2023

You mentioned using a non-standard port for your ssh/rsync, have you tried
changing that to something other than what your using?
Keep in mind some of these providers might be blocking non-standard ports
as this is a common method to abuse others and might be a cheaper
alternative to dealing with the constant pile of abuse complaints.

Maybe not just a thought.

-Joe

On Sat, Mar 18, 2023 at 2:51 PM Jeff Woolsey <jlw at jlw.com> wrote:

> Verizon 5G Internet Support is not at a high-enough pay grade to assess
> this problem...  So I'm turning to y'all.
>
> I'm trying to save $$$ and increase speed, using Verizon 5G Home
> Internet to replace XFinity, even though they gave me a faster modem a
> few weeks ago.  I run both of the modems in Bridge/Passthrough mode.
>
> A friend of mine is nice enough to offer some offsite backup space, and
> I use rsync over ssh to get there.  He's 1500 miles away.  He uses a
> non-standard ssh port (keeps the doorknob twisters away).   This sort of
> thing has been working without difficulty over Xfinity (my end) for
> years.  He also changed his connection almost a month ago now, to Qwest,
> I believe.
>
> I try the same thing over Verizon [1] and ssh always times out, no
> response.  We are also NTP peers, and that doesn't work well over
> Verizon either. ICMP traceroutes and pings succeed.  UDP traceroutes do
> not get any further than 207.109.3.78 (last hop before destination) .
> Not every traceroute offers TCP, but MacOS does, and nothing responds to
> any of that, even at the usual ssh port.  UDP traceroutes to either port
> behave like an ordinary one, which it is.
>
> Since I can get there via xfinity, I can traceroute, ping, but not ssh
> back through Verizon.
>
> I also set up an incoming (xfinity) port from the same non-standard ssh
> port forwarding to regular ssh on a different system on my LAN, and when
> I ssh -p <port>  that from Verizon (even cellphone data),  I get that
> other system, and that works fine.  The 207... router is not in that path.
>
> I can also ping the Verizon connection from Xfinity (and vice versa).
>
> Go figure.
>
> [1] This same difficulty occurs in Verizon's Looking Glass, from several
> different places, and other Looking Glasses (e.g. Cogent, Equinix).  It
> also occurs on my Verizon phone data connection (not WiFi).  If he were
> serving more stuff out of his home, this would be a bigger problem.
>
>
> --
> Jeff Woolsey {woolsey,jlw}@{jlw,jxh}.com first.last@{gmail,jlw}.com
> Spum bad keming.
> Nature abhors a straight antenna, a clean lens, and empty storage.
> "Delete! Delete! OK!" -Dr. Bronner on disk space management
> "Card sorting, Joel." -me, re Solitaire
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20230318/56fadc80/attachment.html>