DHCP issues on RSAweb?

B

brattex

Well-Known Member
Joined
Jun 19, 2009
Messages
183
Reaction score
55
Location
Durban
Hi all

About a week ago I noticed that my 120/120 line was suffering heavy latency and seemingly dropped packets.

Speed tests showed max 10Mbps but mostly 5Mbps and 0.5s latency.

Ping tests show lots of DUP replies from the target internet sites.

I couldn't access my 192.168.1.0/24 network to test my router.

Connecting to my ONT directly with Ethernet cables gave me 120/120.

If my router's WAN is unplugged, I can access my router just fine. With WAN plugged in, I time out trying to access the web interface.

So, I told RSAweb to release and renew my router's IP and they said they couldn't.

I then spoofed my router MAC, got a new IP, and everything is back to normal. I can also access my router admin page again.

A few days later, same problem, so I spoof a new MAC, get a new router IP, and it's back to normal.

This has happened three or four times in the past week.

Now I hear someone else I know on RSAweb is also having connectivity issues.

My first thought was RSAweb may have had an overlapping lease time and they reset DHCP leases, and I simply overlapped with a new leased IP. But the repeated problem days later leads me to a new interpretation:

RSAweb might have a rogue DHCP, a misconfigured DHCP, or there's a MITM issue.

Any thoughts?
 
Sounds like unknown unicast flooding and sounds like FrogFoot as the FNO.

RSAWeb needs to ask to have Mac forced forwarding to be enabled. It will force the unicast flooding in the vlan to the gateway instead of down every person's line.
 
IOPS said:
Move to a better ISP.
Click to expand...
There's no heroism in projecting cyber hubris without a meaningful suggestion. Propose an alternative ISP if you have an answer for everything?

Afrihost - Pure Fibre Feedback Thread Part 2

Just had another disconnect, service and ethernet lights go out on ONT
mybroadband.co.za

Did you move away from Afrihost? because according to MYBB they're top of 2023 https://mybroadband.co.za/news/broadband/517093-south-africas-top-rated-isps-for-2023.html and yet, you experienced problems with them less than a month ago, so where to from here?
 
Last edited:
cavedog said:
Sounds like unknown unicast flooding and sounds like FrogFoot as the FNO.

RSAWeb needs to ask to have Mac forced forwarding to be enabled. It will force the unicast flooding in the vlan to the gateway instead of down every person's line.
Click to expand...
Thanks! I'll communicate this idea to the technical guys (I am talking via a helpdesk operator) ...

Unfortunately, nothing I am suggesting to them is registering with them as a "them" problem, so any suggestions I am making that there is actually a technical issue is falling on deaf ears / stonewalled / denied / not understood.

Would be nice if they followed a logical process of elimination - the fact that my WAN IP works intermittently but only after I spoof should hopefully prompt them to look into it but so far, no dice (one week later). I think the information is being lost between the helpdesk operator and the technical staff.

Hopefully I will accumulate a few "me too" responses to build a case that they can't ignore :-P

Again, thanks for the idea.
 
brattex said:
Thanks! I'll communicate this idea to the technical guys (I am talking via a helpdesk operator) ...

Unfortunately, nothing I am suggesting to them is registering with them as a "them" problem, so any suggestions I am making that there is actually a technical issue is falling on deaf ears / stonewalled / denied / not understood.

Would be nice if they followed a logical process of elimination - the fact that my WAN IP works intermittently but only after I spoof should hopefully prompt them to look into it but so far, no dice (one week later). I think the information is being lost between the helpdesk operator and the technical staff.

Hopefully I will accumulate a few "me too" responses to build a case that they can't ignore :p

Again, thanks for the idea.
Click to expand...

Yeah so RSAWeb needs to ask Frogfoot to enable calix mac forced forwarding that will clean that traffic up right away and you will have a much better experience.
 
cavedog said:
Yeah so RSAWeb needs to ask Frogfoot to enable calix mac forced forwarding that will clean that traffic up right away and you will have a much better experience.
Click to expand...
Will do - right now I'm ticking all their playbook steps. :p

Currently, I'm being asked to ping the DHCP IP address that I get assigned...And I'm asking them why they can't ping it...

The next step they want me to do is to unplug router, and ping the IP and I'm a bit /shrug because the router will be disconnected...

As soon as they are satisfied that I've done all their playbook steps, I hope they'll listen to the ideas I've forwarded to them... And again, thanks for your input! Will keep y'all updated!
 
Last edited:
cavedog said:
Yeah so RSAWeb needs to ask Frogfoot to enable calix mac forced forwarding that will clean that traffic up right away and you will have a much better experience.
Click to expand...
I have been drumming on about this for many years, on this forum also - why is client isolation not on by default? @Frogfoot Fibre

Frogfoot are not the only ones!

In my opinion is is quite a security risk, one could in theory spin up a dhcp server and perform MITM attacks=not good.

In fairness to frogfoot I can't tag other FNO's as they don't have reps on MyBB.
 
I took the plunge and asked the general public on Facebook, and I am getting a LOT of responses to affirm my suspicions... I am now wearing my data scientist hat and accumulating data :cool:
 
brattex said:
There's no heroism in projecting cyber hubris without a meaningful suggestion. Propose an alternative ISP if you have an answer for everything?
Click to expand...

You're right.

The only heroes are those ISPs who have representation on this forum.

The rest are in the Dumbcunt Pool.

And as far as I know, that includes RSAWEB.

Unfortunately.
 
eddief1 said:
I have been drumming on about this for many years, on this forum also - why is client isolation not on by default? @Frogfoot Fibre

Frogfoot are not the only ones!

In my opinion is is quite a security risk, one could in theory spin up a dhcp server and perform MITM attacks=not good.

In fairness to frogfoot I can't tag other FNO's as they don't have reps on MyBB.
Click to expand...
Agreed!! Never understood why Frogfoot does this.
 
brattex said:
I took the plunge and asked the general public on Facebook, and I am getting a LOT of responses to affirm my suspicions... I am now wearing my data scientist hat and accumulating data :cool:
Click to expand...

Thread Revive! Its is 2025 and I am having that exact same problem.

FrogFoot and RSAWeb.

Have you managed to resolve this issue or even remember how it was remediated?
 
brattex said:
Hi all

About a week ago I noticed that my 120/120 line was suffering heavy latency and seemingly dropped packets.

Speed tests showed max 10Mbps but mostly 5Mbps and 0.5s latency.

Ping tests show lots of DUP replies from the target internet sites.

I couldn't access my 192.168.1.0/24 network to test my router.

Connecting to my ONT directly with Ethernet cables gave me 120/120.

If my router's WAN is unplugged, I can access my router just fine. With WAN plugged in, I time out trying to access the web interface.

So, I told RSAweb to release and renew my router's IP and they said they couldn't.

I then spoofed my router MAC, got a new IP, and everything is back to normal. I can also access my router admin page again.

A few days later, same problem, so I spoof a new MAC, get a new router IP, and it's back to normal.

This has happened three or four times in the past week.

Now I hear someone else I know on RSAweb is also having connectivity issues.

My first thought was RSAweb may have had an overlapping lease time and they reset DHCP leases, and I simply overlapped with a new leased IP. But the repeated problem days later leads me to a new interpretation:

RSAweb might have a rogue DHCP, a misconfigured DHCP, or there's a MITM issue.

Any thoughts?
Click to expand...
Good day,

Please send us a direct message with your details and we will look into this for you.

Kind regards.
 
etienne.cpt said:
Thread Revive! Its is 2025 and I am having that exact same problem.

FrogFoot and RSAWeb.

Have you managed to resolve this issue or even remember how it was remediated?
Click to expand...

Still have strange issues.

Here's a quick summary of what to do... LMK if this doesn't or does help.

  • Run speed test on your device
  • Plug computer directly into ONT Ethernet port. Run speed test again
  • If you get max in ONT then try refresh DHCP IP assigned to your router... If that doesn't work, spoof the router MAC and confirm it has a new IP to your original one.
  • Run another speed test through the router
  • Run another speed test with direct connection
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X