A Network analysis » History » Version 13
piat, charles ugo, 03/21/2015 11:44 AM
1 | 1 | piat, charles ugo | h1. A Network analysis |
---|---|---|---|
2 | 1 | piat, charles ugo | |
3 | 12 | piat, charles ugo | --- |
4 | 12 | piat, charles ugo | |
5 | 1 | piat, charles ugo | Summary of Noteworthy Events: |
6 | 12 | piat, charles ugo | |
7 | 1 | piat, charles ugo | h2. Major Abnormalities: |
8 | 13 | piat, charles ugo | |
9 | 13 | piat, charles ugo | {{>toc}} |
10 | 1 | piat, charles ugo | |
11 | 3 | VEILLARD GAROZ, Loïc | Your ISP's DNS server is slow to lookup names |
12 | 1 | piat, charles ugo | |
13 | 1 | piat, charles ugo | h2. Minor Aberrations: |
14 | 1 | piat, charles ugo | |
15 | 1 | piat, charles ugo | Certain TCP protocols are blocked in outbound traffic |
16 | 3 | VEILLARD GAROZ, Loïc | Certain UDP protocols are blocked in outbound traffic |
17 | 3 | VEILLARD GAROZ, Loïc | We detected at least one proxy |
18 | 3 | VEILLARD GAROZ, Loïc | The network latency was somewhat high |
19 | 3 | VEILLARD GAROZ, Loïc | The time to set up a TCP connection was somewhat high |
20 | 3 | VEILLARD GAROZ, Loïc | Network bandwidth may be low |
21 | 3 | VEILLARD GAROZ, Loïc | Network packet buffering may be excessive |
22 | 3 | VEILLARD GAROZ, Loïc | The NAT's DNS proxy doesn't fully implement the DNS standard |
23 | 1 | piat, charles ugo | |
24 | 1 | piat, charles ugo | h2. Address-based Tests: |
25 | 1 | piat, charles ugo | |
26 | 2 | VEILLARD GAROZ, Loïc | NAT detection: NAT Detected |
27 | 10 | VEILLARD GAROZ, Loïc | Local Network Interfaces: OK |
28 | 10 | VEILLARD GAROZ, Loïc | DNS-based host information: OK |
29 | 10 | VEILLARD GAROZ, Loïc | NAT support for Universal Plug and Play (UPnP): Not found |
30 | 1 | piat, charles ugo | |
31 | 1 | piat, charles ugo | h2. Reachability Tests |
32 | 1 | piat, charles ugo | |
33 | 4 | VEILLARD GAROZ, Loïc | h3. TCP connectivity: |
34 | 1 | piat, charles ugo | |
35 | 4 | VEILLARD GAROZ, Loïc | Direct TCP connections to remote FTP servers (port 21) succeed, but do not receive the expected content. |
36 | 1 | piat, charles ugo | Direct TCP access to remote SSH servers (port 22) is allowed. |
37 | 1 | piat, charles ugo | Direct TCP access to remote SMTP servers (port 25) is allowed. |
38 | 1 | piat, charles ugo | Direct TCP access to remote DNS servers (port 53) is allowed. |
39 | 1 | piat, charles ugo | Direct TCP access to remote HTTP servers (port 80) is allowed. |
40 | 1 | piat, charles ugo | Direct TCP access to remote POP3 servers (port 110) is allowed. |
41 | 1 | piat, charles ugo | Direct TCP access to remote RPC servers (port 135) is allowed. |
42 | 1 | piat, charles ugo | Direct TCP access to remote NetBIOS servers (port 139) is allowed. |
43 | 1 | piat, charles ugo | Direct TCP access to remote IMAP servers (port 143) is allowed. |
44 | 1 | piat, charles ugo | Direct TCP access to remote SNMP servers (port 161) is allowed. |
45 | 1 | piat, charles ugo | Direct TCP access to remote HTTPS servers (port 443) is allowed. |
46 | 1 | piat, charles ugo | Direct TCP access to remote SMB servers (port 445) is allowed. |
47 | 1 | piat, charles ugo | Direct TCP access to remote SMTP/SSL servers (port 465) is allowed. |
48 | 1 | piat, charles ugo | Direct TCP access to remote secure IMAP servers (port 585) is allowed. |
49 | 1 | piat, charles ugo | Direct TCP access to remote authenticated SMTP servers (port 587) is allowed. |
50 | 1 | piat, charles ugo | Direct TCP access to remote IMAP/SSL servers (port 993) is allowed. |
51 | 1 | piat, charles ugo | Direct TCP access to remote POP/SSL servers (port 995) is allowed. |
52 | 1 | piat, charles ugo | Direct TCP access to remote OpenVPN servers (port 1194) is allowed. |
53 | 1 | piat, charles ugo | Direct TCP connections to remote PPTP Control servers (port 1723) succeed, but do not receive the expected content. |
54 | 1 | piat, charles ugo | Direct TCP access to remote SIP servers (port 5060) is allowed. |
55 | 1 | piat, charles ugo | Direct TCP access to remote BitTorrent servers (port 6881) is allowed. |
56 | 1 | piat, charles ugo | Direct TCP access to remote TOR servers (port 9001) is allowed. |
57 | 1 | piat, charles ugo | |
58 | 6 | VEILLARD GAROZ, Loïc | h3. UDP connectivity : |
59 | 1 | piat, charles ugo | |
60 | 6 | VEILLARD GAROZ, Loïc | The client was able to send fragmented UDP traffic. |
61 | 1 | piat, charles ugo | The client was able to receive fragmented UDP traffic. |
62 | 7 | VEILLARD GAROZ, Loïc | UDP access to remote DNS servers (port 53) appears to pass through a firewall or proxy. The client was unable to transmit a non-DNS traffic on this UDP port, but was able to transmit a legitimate DNS request. |
63 | 1 | piat, charles ugo | A DNS proxy or firewall caused the client's direct DNS request to arrive from another IP address. Instead of your IP address, the request came from 88.202.120.241. |
64 | 1 | piat, charles ugo | A DNS proxy or firewall generated a new request rather than passing the client's request unmodified. |
65 | 1 | piat, charles ugo | Direct UDP access to remote NTP servers (port 123) is allowed. |
66 | 1 | piat, charles ugo | Direct UDP access to remote NetBIOS NS servers (port 137) is allowed. |
67 | 1 | piat, charles ugo | Direct UDP access to remote NetBIOS DGM servers (port 138) is allowed. |
68 | 1 | piat, charles ugo | Direct UDP access to remote IKE key exchange servers (port 500) is allowed. |
69 | 1 | piat, charles ugo | Direct UDP access to remote OpenVPN servers (port 1194) is allowed. |
70 | 1 | piat, charles ugo | Direct UDP access to remote Slammer servers (port 1434) is allowed. |
71 | 1 | piat, charles ugo | Direct UDP access to remote L2 tunneling servers (port 1701) is allowed. |
72 | 1 | piat, charles ugo | Direct UDP access to remote IPSec NAT servers (port 4500) is allowed. |
73 | 1 | piat, charles ugo | Direct UDP access to remote RTP servers (port 5004) is allowed. |
74 | 1 | piat, charles ugo | Direct UDP access to remote RTCP servers (port 5005) is allowed. |
75 | 1 | piat, charles ugo | Direct UDP access to remote SIP servers (port 5060) is allowed. |
76 | 1 | piat, charles ugo | Direct UDP access to remote VoIP servers (port 7078) is allowed. |
77 | 1 | piat, charles ugo | Direct UDP access to remote VoIP servers (port 7082) is allowed. |
78 | 1 | piat, charles ugo | Direct UDP access to remote SCTP servers (port 9899) is allowed. |
79 | 1 | piat, charles ugo | Direct UDP access to remote Steam gaming servers (port 27005) is allowed. |
80 | 1 | piat, charles ugo | Direct UDP access to remote Steam gaming servers (port 27015) is allowed. |
81 | 1 | piat, charles ugo | |
82 | 8 | VEILLARD GAROZ, Loïc | h3. Traceroute: OK |
83 | 1 | piat, charles ugo | |
84 | 9 | VEILLARD GAROZ, Loïc | h3. Path MTU: OK |
85 | 1 | piat, charles ugo | |
86 | 9 | VEILLARD GAROZ, Loïc | h3. Hidden Proxy Detection: |
87 | 1 | piat, charles ugo | |
88 | 9 | VEILLARD GAROZ, Loïc | Netalyzr detected the following proxies: |
89 | 9 | VEILLARD GAROZ, Loïc | Port: 80 (HTTP), Response Time: 2 ms |
90 | 9 | VEILLARD GAROZ, Loïc | Port: 443 (HTTPS), Response Time: 3 ms |
91 | 1 | piat, charles ugo | |
92 | 9 | VEILLARD GAROZ, Loïc | h2. Network Access Link Properties: |
93 | 1 | piat, charles ugo | |
94 | 9 | VEILLARD GAROZ, Loïc | Network performance: Latency: 720 ms, Loss: 0.0% |
95 | 1 | piat, charles ugo | The round-trip time (RTT) between your computer and our server is 720 ms, which is quite high. This may be due to a variety of factors, including a significant distance between your computer and our server, a particularly slow or poor network link, or problems in your network. |
96 | 1 | piat, charles ugo | We recorded no packet loss between your system and our server. |
97 | 1 | piat, charles ugo | During this test, the client observed 2 reordered packets. |
98 | 9 | VEILLARD GAROZ, Loïc | TCP connection setup latency: 580ms |
99 | 1 | piat, charles ugo | The time it takes your computer to set up a TCP connection with our server is 580 ms, which is somewhat high. This may be due to a variety of factors, including distance between your computer and our server, a slow network link, or other network traffic. |
100 | 9 | VEILLARD GAROZ, Loïc | Background measurement of network health: no transient outages |
101 | 9 | VEILLARD GAROZ, Loïc | Network bandwidth : Upload 4.5 Mbit/s, Download 160 Kbit/s |
102 | 1 | piat, charles ugo | Your Uplink: We measured your uplink's sending bandwidth at 4.5 Mbit/s. This level of bandwidth works well for many users. |
103 | 1 | piat, charles ugo | Your Downlink: We measured your downlink's receiving bandwidth at 160 Kbit/s. This rate could be considered quite slow, and will affect your user experience if you perform large transfers. |
104 | 1 | piat, charles ugo | During this test, the client observed 5 reordered packets. |
105 | 9 | VEILLARD GAROZ, Loïc | Network buffer measurements: Uplink 880 ms, Downlink is good |
106 | 1 | piat, charles ugo | We estimate your uplink as having 880 ms of buffering. This level can in some situations prove somewhat high, and you may experience degraded performance when performing interactive tasks such as web-surfing while simultaneously conducting large uploads. Real-time applications, such as games or audio chat, may also work poorly when conducting large uploads at the same time. |
107 | 1 | piat, charles ugo | We were not able to produce enough traffic to load the downlink buffer, or the downlink buffer is particularly small. You probably have excellent behavior when downloading files and attempting to do other tasks. |
108 | 1 | piat, charles ugo | |
109 | 11 | VEILLARD GAROZ, Loïc | h2. HTTP Tests: |
110 | 1 | piat, charles ugo | |
111 | 9 | VEILLARD GAROZ, Loïc | Address-based HTTP proxy detection: OK |
112 | 9 | VEILLARD GAROZ, Loïc | Content-based HTTP proxy detection: OK |
113 | 9 | VEILLARD GAROZ, Loïc | HTTP proxy detection via malformed requests: OK |
114 | 9 | VEILLARD GAROZ, Loïc | Filetype-based filtering: OK |
115 | 9 | VEILLARD GAROZ, Loïc | HTTP caching behavior: OK |
116 | 9 | VEILLARD GAROZ, Loïc | JavaScript-based tests: OK |
117 | 9 | VEILLARD GAROZ, Loïc | Sensitive proxy-introduced HTTP headers: OK |
118 | 9 | VEILLARD GAROZ, Loïc | |
119 | 11 | VEILLARD GAROZ, Loïc | h2. DNS Tests: |
120 | 9 | VEILLARD GAROZ, Loïc | |
121 | 9 | VEILLARD GAROZ, Loïc | Restricted domain DNS lookup: OK |
122 | 9 | VEILLARD GAROZ, Loïc | Unrestricted domain DNS lookup: OK |
123 | 9 | VEILLARD GAROZ, Loïc | DNS resolver address: OK |
124 | 9 | VEILLARD GAROZ, Loïc | DNS resolver properties: Lookup latency 860 ms |
125 | 1 | piat, charles ugo | Your ISP's DNS resolver requires 860 ms to conduct an external lookup. It takes 100 ms for your ISP's DNS resolver to lookup a name on our server. |
126 | 1 | piat, charles ugo | This is particularly slow, and you may see significant performance degradation as a result. |
127 | 1 | piat, charles ugo | Your resolver correctly uses TCP requests when necessary. |
128 | 1 | piat, charles ugo | Your resolver is using QTYPE=A for default queries. |
129 | 1 | piat, charles ugo | Your resolver is not automatically performing IPv6 queries. |
130 | 1 | piat, charles ugo | Your DNS resolver requests DNSSEC records. |
131 | 1 | piat, charles ugo | Your DNS resolver advertises the ability to accept DNS packets of up to 4096 bytes. |
132 | 1 | piat, charles ugo | Your DNS resolver can successfully receive a smaller (~1400 byte) DNS response. |
133 | 1 | piat, charles ugo | Your DNS resolver is unable to receive a large (>1500 byte) DNS response successfully, even though it advertises itself as EDNS-enabled. |
134 | 1 | piat, charles ugo | Your DNS resolver accepts DNS responses of up to 1472 bytes. |
135 | 1 | piat, charles ugo | Your resolver does not use 0x20 randomization. |
136 | 1 | piat, charles ugo | Your ISP's DNS server cannot use IPv6. |
137 | 1 | piat, charles ugo | Your DNS resolver may have significant transport-problems with the upcoming DNSSEC deployments. The resolver is incapable of handling UDP fragmentation. |
138 | 9 | VEILLARD GAROZ, Loïc | DNS glue policy: OK |
139 | 9 | VEILLARD GAROZ, Loïc | DNS resolver port randomization: OK |
140 | 9 | VEILLARD GAROZ, Loïc | DNS lookups of popular domains: OK |
141 | 9 | VEILLARD GAROZ, Loïc | DNS external proxy: OK |
142 | 9 | VEILLARD GAROZ, Loïc | DNS results wildcarding: OK |
143 | 9 | VEILLARD GAROZ, Loïc | DNS-level redirection of specific sites: OK |
144 | 9 | VEILLARD GAROZ, Loïc | Direct probing of DNS roots: OK |
145 | 1 | piat, charles ugo | |
146 | 11 | VEILLARD GAROZ, Loïc | h2. IPv6 Tests: |
147 | 1 | piat, charles ugo | |
148 | 9 | VEILLARD GAROZ, Loïc | DNS support for IPv6: OK |
149 | 9 | VEILLARD GAROZ, Loïc | IPv4, IPv6, and your web browser: No IPv6 support |
150 | 9 | VEILLARD GAROZ, Loïc | IPv6 connectivity: No IPv6 support |
151 | 1 | piat, charles ugo | |
152 | 9 | VEILLARD GAROZ, Loïc | |
153 | 9 | VEILLARD GAROZ, Loïc | h2. Host Properties: |
154 | 9 | VEILLARD GAROZ, Loïc | |
155 | 9 | VEILLARD GAROZ, Loïc | System clock accuracy: OK |
156 | 9 | VEILLARD GAROZ, Loïc | Browser properties: OK |
157 | 9 | VEILLARD GAROZ, Loïc | Uploaded data: OK |