Saturday, January 23, 2010

General: Test your ISP!

Here is a handy site to see what shenanigans your ISP might be up to - Netalyzr

Here are my results!

Summary of Noteworthy Events
Address-based Tests +
NAT detection (?): NAT Detected
DNS-based host information (?): OK
Reachability Tests +
TCP connectivity (?): OK
UDP connectivity (?): OK
Path MTU (?): OK
Network Access Link Properties
Network latency measurements (?): Latency: 250ms Loss: 0.0%
The round-trip time (RTT) between your computer and our server is 250 msec, which is good.
We recorded no packet loss between your system and our server.
TCP connection setup latency (?): 250ms
The time it takes your computer to set up a TCP connection with our server is 250 msec, which is good.
Network background health measurement (?): no transient outages
During most of Netalyzr's execution, the applet continuously measures the state of the network in the background, looking for short outages. During testing, the applet observed no such outages.
Network bandwidth measurements (?): Upload 220 Kbit/sec, Download 1.3 Mbit/sec
Your Uplink: We measured your uplink's sending bandwidth at 220 Kbit/sec. This rate could be considered somewhat slow, and may affect your user experience if you perform large transfers.
Your Downlink: We measured your downlink's receiving bandwidth at 1.3 Mbit/sec. This level of bandwidth works well for many users.
Network buffer measurements (?): Uplink 4600 ms, Downlink 1400 ms
We estimate your uplink as having 4600 msec of buffering. This is quite high, and you may experience substantial disruption to your network performance when performing interactive tasks such as web-surfing while simultaneously conducting large uploads. With such a buffer, real-time applications such as games or audio chat can work quite poorly when conducting large uploads at the same time.
We estimate your downlink as having 1400 msec of buffering. This is quite high, and you may experience substantial disruption to your network performance when performing interactive tasks such as web-surfing while simultaneously conducting large downloads. With such a buffer, real-time applications such as games or audio chat can work quite poorly when conducting large downloads at the same time.
HTTP Tests +
Address-based HTTP proxy detection (?): OK
Header-based HTTP proxy detection (?): OK
HTTP proxy detection via malformed requests (?): OK
Filetype-based filtering (?): OK
HTTP caching behavior (?): OK
JavaScript-based tests (?): OK
DNS Tests
Restricted domain DNS lookup (?): OK
We are able to successfully lookup a name which resolves to the same IP address as our webserver. This means we are able to conduct many of the tests on your DNS server.
Unrestricted domain DNS lookup (?): OK
We are able to successfully lookup arbitrary names from within the Java applet. This means we are able to conduct all test on your DNS server.
Direct EDNS support (?): OK
EDNS-enabled requests for small responses are answered successfully.
EDNS-enabled requests for medium-sized responses are answered successfully.
EDNS-enabled requests for large responses are answered successfully.
DNS resolver address (?): OK
The IP address of your ISP's DNS Resolver is 61.9.188.40, which resolves to dns.dav.bigpond.net.au. Additional nameservers observed for your host: 61.9.194.56
DNS resolver properties (?): Lookup latency: 200ms
Your ISP's DNS resolver requires 200 msec to conduct an external lookup.
Your resolver is using QTYPE=A for default queries.
Your resolver is not automatically performing IPv6 queries.
Your DNS resolver does not use EDNS.
Your DNS resolver can successfully accept large responses.
Your resolver does not use 0x20 randomization, but will pass names in a case-sensitive manner.
Your NAT has a built in DNS proxy. The DNS request was received from 61.9.188.40
DNS glue policy (?): OK
Your ISP's DNS resolver does not accept generic additional (glue) records — good.
Your ISP's DNS resolver does not accept additional (glue) records which correspond to nameservers.
Your ISP's DNS resolver does not follow CNAMEs.
DNS resolver port randomization (?): OK
Your ISP's DNS resolver properly randomizes its local port number.
The following graph shows DNS requests on the x-axis and the detected source ports on the y-axis.

port sequence plot

DNS lookups of popular domains (?): OK
77 of 77 popular names were resolved successfully.
7 popular names have a mild anomaly. The ownership suggested by the reverse name lookup does not match our understanding of the original name. The most likely cause is the site's use of a Content Delivery Network.
2 popular names have a mild anomaly: we are unable to find a reverse name associated with the IP address provided by your ISP's DNS server. This is most likely due to a slow responding DNS server or misconfiguration on the part of the domain owner.
DNS external proxy (?): OK
Your host ignores external DNS requests.
DNS results wildcarding (?): Warning

Your ISP's DNS server returns IP addresses even for domain names which should not resolve. Instead of an error, the DNS server returns an address of 199.101.28.130, which resolves to www.bigpondsitehelp.com. You can inspect the resulting HTML content here.

There are several possible explanations for this behavior. The most likely cause is that the ISP is attempting to to profit from customer's typos by presenting advertisements in response to bad requests, but it could also be due to an error or misconfiguration in the DNS server.

The big problem with this behavior is that it can potentially break any network application which relies on DNS properly returning an error when a name does not exist.

The following lists your DNS server's behavior in more detail.

  • www.{random}.com is mapped to 199.101.28.130.
  • www.{random}.org is mapped to 199.101.28.130.
  • fubar.{random}.com is correctly reported as an error.
  • www.yahoo.cmo [sic] is mapped to 199.101.28.130.
  • nxdomain.{random}.netalyzr.icsi.berkeley.edu is correctly reported as an error.
Host Properties
System clock accuracy (?): Warning
Your computer's clock is 14 seconds slow.
Browser properties (?): OK
The following parameters are sent by your web browser to all web sites you visit:
  • User Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6 (.NET CLR 3.5.30729)
  • Accept: text/html,application/xhtml+xml,application/xml; q=0.9,*/*; q=0.8
  • Accept Language: en-us,en;q=0.5
  • Accept Encoding: gzip,deflate
  • Accept Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Java identifies your operating system as Windows Vista.
Uploaded Data (?): OK
The following additional data was uploaded by the applet:

No comments: