carrier networking strange things
My configuration is as follows:
my linux laptop ---eth---> openbsd_fw ---usb---> 4g_modem ----> internet
If I run MTR to 8.8.8.8 it gives me the following:
Host Loss% Snt Last Avg Best Wrst StDev
1. _gateway 0.0% 18 22.4 24.7 22.3 28.6 1.8
2. 192.168.86.33 0.0% 18 218.0 85.9 42.7 247.9 71.0
3. 192.168.86.33 0.0% 17 145.9 223.4 145.9 255.3 40.0
4. (waiting for reply)
5. 192.168.83.30 0.0% 17 43.7 46.9 41.1 61.9 4.7
6. (waiting for reply)
7. 10.178.86.145 0.0% 17 58.4 56.6 51.8 71.1 4.5
8. 83.224.40.198 0.0% 17 56.7 57.4 51.8 62.8 3.4
9. 83.224.40.197 0.0% 17 54.5 56.3 51.1 59.9 2.5
10. 83.224.40.217 0.0% 17 62.5 62.3 56.7 68.3 3.7
11. 185.210.48.1 0.0% 17 60.6 63.0 58.5 68.7 3.1
12. 72.14.238.234 0.0% 17 59.4 63.9 56.8 71.8 3.8
13. 216.239.50.221 0.0% 17 61.6 61.0 57.8 66.7 2.2
14. dns.google 0.0% 17 60.5 62.6 58.3 70.7 3.8
As you can see the second hop and the third have the same ip on a private network 192.168.86. The 5th hop is an other C class private network and the 7th is under 10.x If i connect to that machine they seem proxy because I receive the following error:
Tunnel Connection Failed
and
Connection refused
because the port 80 is open and listening.
My questions are:
- why my provider uses so much private ip in his network ?
- why the second and third hop have the same ip ?
- why there are proxy or tunneling software listening on the hops ? I find it strange because as I know https is not cacheable.
All of IP addresses 1 - 7 may well exist only between your laptop and the 4G modem. As the whole path is wired, there's no way to set up a MITM in between; unless there's another way to access your firewall. The 4G modem requires connection to a service provider, and it will only connect to the provider who provided the SIM Card, so a MITM in between the modem and the service provider is also extremely unlikely.
Tunnels in this context have nothing to do with caching, they're just a way to route traffic in a specific way. To quote Wikipedia:
An IP tunnel is an Internet Protocol (IP) network communications channel between two networks. It is used to transport another network protocol by encapsulation of its packets.
Usually tunnels are used because it simplifies the routing one way or another. In this context something may be internally configured to use a tunnel, for example the Ethernet-over-USB interface that connects the modem to the firewall. Can't say much more than that without knowing more of the setup; the hardware and the configuration.
Connection refused has nothing to do with port 80, only the fact that your client isn't authorized to connect to that tunnel.