VPS and localization

[lapinus57]

Now, my MPTCP works

And I have a new problem with IP localization. Many websites (replay, shop) check the location. My VPS are located in germany and I live in France. How to solve it to get an localization in france

Specifications

• OpenMPTCProuter version v0.30.4 r7204-8be3af93b4
• OpenMPTCProuter VPS version 0.43
• OpenMPTCProuter platform: (x86_64)

[Ysurac]

Not many way: buy a VPS in France. Else you can use ByPass to use a wan directly for these sites.

[lapinus57]

quels VPS en France ont le meilleur prix avec des données de trafic maximales et IPv6

J'ai choisi 1and1 pour leur 400mb / s et le prix que je n'avais pas vu si ipv6 était supporté, et nous pourrions nous engager pour 1 mois

L'idéal est un VPS avec un minimum de 200mb / s en France, avec ipv6 (est-ce vraiment nécessaire? Juste pour avoir tout au vert ?) avec possiblité d'engagement de 6 mois maximum.

J'ai deux connexions 4G et une ADSL (la 4G de free est devenu asthmatique chez moi en 5 minutes la connexion peut passé de 0-2mbps a 20-60mbps)

[Ysurac]

En France, avec IPv6 et 200Mb/s y'a FirstHeberg. Pour la 4G de Free ça dépend l'utilisation de l'antenne et comment elle est connectée. Ca arrive assez souvent que ça sature en FH (Faisceau Hertzien), surtout pendant les vacances.

[lapinus57]

many thanks I took a VPS at FirstHeberg, operational in 1 hour. On the other hand I still have no ipv6 access

[Ysurac]

You should have. Test on the VPS that there is an IPv6 address with ip -6 addr

[lapinus57]

root@vps-37029:~# ip -6 addr 1: lo: <LOOPBACK,UP,LOWER_UP,80000> mtu 65536 state UNKNOWN qlen 1000 inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000 inet6 2a03:75c0:3c:90a5::1/64 scope global valid_lft forever preferred_lft forever inet6 fe80::2a3:efff:fe05:456e/64 scope link valid_lft forever preferred_lft forever 4: omr-6in4@NONE: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1480 state UNKNOWN qlen 1000 inet6 fe80::aff:ff01/64 scope link valid_lft forever preferred_lft forever inet6 fe80::a00:1/64 scope link valid_lft forever preferred_lft forever 5: gt-tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1400 state UNKNOWN qlen 500 inet6 fe80::667a:f239:2daf:3a2f/64 scope link flags 800 valid_lft forever preferred_lft forever 6: gt-udp-tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1280 state UNKNOWN qlen 500 inet6 fe80::a6f4:b8b6:5682:ecb7/64 scope link flags 800 valid_lft forever preferred_lft forever

[Ysurac]

Strange, this should work. Did you wait a little on status page ? Glorytun TCP is activated ?

[lapinus57]

root@vps-37029:~# glorytun show server gt-udp-tun0: pid: 415 bind: 0.0.0.0 port 65001 mtu: 1280 cipher: chacha20poly1305

j'ai attendu toute la nuit et toujours pas d'acés ipv6 sur les connexions 4g j'ai multipath blocked on the connexion

[Ysurac]

This is glorytun UDP on the server. I want to know if you use Glorytun TCP on OpenMPTCProuter (it's the default setting) and set the key for it ? What is exactly the error in OpenMPTCProuter about IPv6 ? And IPv6 work on the VPS ? (curl -6 ifconfig.co)

Pour le "multipath blocked" c'est étrange, les FAI français ne bloquent pas MPTCP. Tu utilises quoi pour te connecter ? clef USB ? routeurs ? qu'elles sont les modéles ? Normalement le multipath blocked signifie que MPTCP est bloqué, ce qui empêche l'aggrégation.

[lapinus57]

Pour le "multipath blocked" j'utilise des routeur Huawei B525s-23a

[lapinus57]

curl: (52) Empty reply from server

the error shows in openmptcp tab state is no Ipv6 access

[lapinus57]

[Ysurac]

The curl error is on the VPS ? So the VPS didn't have IPv6 access... Strange, no problem for me on a FirstHeberg VPS. Can you give me the result of ip -6 route on the VPS ?

[lapinus57]

The curl error is on the VPS

root@OpenMPTCProuter:~# ip -6 route default from fe80::a00:2 dev 6in4-omr6in4 proto static metric 1024 pref medium fdb5:ebd0:71c5::/64 dev eth0 proto static metric 2048 pref medium unreachable fdb5:ebd0:71c5::/48 dev lo proto static metric 2147483647 error -113 pref medium fe80::a00:2 dev 6in4-omr6in4 proto kernel metric 256 pref medium fe80::/64 dev 6in4-omr6in4 proto kernel metric 256 pref medium fe80::/64 dev tun0 proto kernel metric 256 pref medium fe80::/64 dev eth0 proto kernel metric 256 pref medium fe80::/64 dev wan1 proto kernel metric 256 pref medium fe80::/64 dev wan2 proto kernel metric 256 pref medium fe80::/64 dev wan3 proto kernel metric 256 pref medium default via fe80::a00:1 dev 6in4-omr6in4 proto static metric 1024 pref medium default dev eth0 proto static metric 2048 pref medium

[Ysurac]

I need ip -6 route on the VPS. The error is on the VPS part. The VPS doesn't seems to have a working IPv6 access.

[lapinus57]

sorry after work my brain is HS and my eyes show me what my brain wants. (I am optometrist I work 10 hours a day)

< OpenMPCTProuter VPS 0.43 > Last login: Fri Aug 10 03:48:23 2018 from 77.154.202.xxx root@vps-37029:~# ip -6 route 2a03:75c0:3c:90a5::/64 dev eth0 proto kernel metric 256 pref medium fd00::/8 via fe80::a00:2 dev omr-6in4 metric 1024 pref medium fe80::/64 dev eth0 proto kernel metric 256 pref medium fe80::/64 dev omr-6in4 proto kernel metric 256 pref medium fe80::/64 dev gt-tun0 proto kernel metric 256 pref medium fe80::/64 dev gt-udp-tun0 proto kernel metric 256 pref medium default via fe80::1 dev eth0 metric 1024 pref medium

[Ysurac]

I have exactly the same configuration, and it's working for me ;) Can you run traceroute6 ifconfig.co on the VPS ?

[lapinus57]

root@vps-37029:~# traceroute6 ifconfig.co traceroute to ifconfig.co (2400:cb00:2048:1::681c:15f8), 30 hops max, 80 byte packets 1 2a03:75c0:21::1 (2a03:75c0:21::1) 1.149 ms 0.816 ms 0.835 ms 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 *

[Ysurac]

Can you try this:

/etc/init.d/shorewall6 stop
curl -6 ifconfig.co
/etc/init.d/shorewall6 start

This will check if it's not a firewall problem. If you don't get your IPv6 as answer, it's a routing problem at FirstHeberg side...

[lapinus57]

root@vps-37029:~# /etc/init.d/shorewall6 stop [ ok ] Stopping shorewall6 (via systemctl): shorewall6.service. root@vps-37029:~# curl -6 ifconfig.co curl: (7) Failed to connect to ifconfig.co port 80: Connection timed out root@vps-37029:~# /etc/init.d/shorewall6 start [ ok ] Starting shorewall6 (via systemctl): shorewall6.service. root@vps-37029:~#

[Ysurac]

So this seems to be a routing problem on FirstHeberg side. You can check that your IPv6 in your account is the same as the IP defined.

[lapinus57]

on my account i have another ipv6

[Ysurac]

I think it's the problem. Try to set this ip in /etc/network/interfaces and reboot.

[lapinus57]

no ipv6

[lapinus57]

both ipv6 are identical, but I still have the error no ipv6 access

for the multipath blocked on the connection it may be that it is a sim for tablet (sim card on hand)

[Ysurac]

For IPv6 no idea, you can try to reinstall, and (before installing OpenMPTCProuter) test if you get IPv6 access. If not contact FirstHeberg.

For multipath I added a MPTCP Support Check tab in System->OpenMPTCProuter. This can (sometimes) tell you where multipath tag is removed.

[PxxBxx]

Sorry to ask something not related to the thread, but it may be related to the issue topic : Do you know of a "french VPS that has a legit IP" ? I mean, not an anonymous IP, in order not to be geoblocked by maxmind and other databases. Using OVH VPS, my IP is geoblocked for the majority of streaming platforms (6play, Netflix, ...) I manage using omr-bypass (it works great), but If you know of a VPS hosting that gives legit "ISP IPs" I'd love to know. Thanks @Ysurac OpenMPTCPRouter is really really great, I can work at home, and my big family (we're 5) can enjoy gaming/streaming at the same time with 3 wans. Note : I'm still on 0.29.1 actually, it works really well I wait to have 1 day vacation to test new releases.

[Ysurac]

It's not anonymous IP for IP of datacenters. Netflix block all IP that are not from xDSL connections. Firstheberg seems to be not too much blocked for now, but this can change soon...

[PxxBxx]

I know it's not really anonymous on a classic VPS (because contact information, and sometime credit card informations), but I have 3 IPs at OVH, and the 3 of them are "anonymous" in the maxmind database, it's surely related as them not being "ISP assigned". I really don't want to try and go with OTB, having OVH ISP IPs, the opening price was good (9.99/mo.) but now it's overpriced for a simple "mptcp/socks endpoint". As soon as I have time, I'll try to put a rpi by a friend having a ISP fiber access, and having my VPS to tunnel through it (waste of bandwidth, but 100Mbps+ is never fully used). Or maybe adapt your VPS script to dedicate a RPI (the OMR client RPI will then connect to a second RPI by a friend's ISP public IP). Sad these limitations for people wanting a full internet access :'( (work, and personal usage)

[Ysurac]

OVH sell ADSL access, it's why they can give ISP address for OTB. I don't use sites that don't want me to use them :)

For VPS script to RPI, it's an idea. But this need to patch a kernel for Raspberry. I will look at this.

[PxxBxx]

name it OpenMPTCPTravelRouter :) I'm joking, your OMR solution is really efficient, a bit of omr-bypass configuration and everything is working, I work remotely using this (OK, UDP sucks on MPTCP for Skype/Slack/Webex/..., but omr-bypass makes it great again. It must be related to the gigue between different WAN's lags)

[Ysurac]

Did you try Glorytun UDP instead of Glorytun TCP ? This may be better for UDP (or not).

[PxxBxx]

Yes, I tried both, not much better UDP vs TCP. But I don't have any methodology to compare, I just call co-workers over skype/slack/webex, and both are awful. Only with bypass to a dedicated wan does it work perfectly. Actually, I use 3x 4G wan with MPTCP, and 1x ADSL wan, dedicated to udp applications. (my adsl sucks at 1.2Mbps, but it's perfect for calls)

[vincentraffin]

J'ai exactement le même souci que @lapinus57 : comment a-t-il corrigé son souci ? If someone got the same issue than @lapinus57 (No IPv6 access), how did he solve the issue ?

[mykelinho]

dans système / assistant de configuration décoché la coche "Activé IPV6" ?

[vincentraffin]

Du coup, j'ai changé de VPS. Je suis passé de Firstheberg à Scaleway. ça fonctionne très bien contrairement à ce qui est mentionné dans la doc

[Ysurac]

Au moment de la rédaction de la doc il était compliqué d'utilise un noyau Linux personnalisé sur les VPS scaleway, donc pas de support de MPTCP et pas d'agrégation possible (sauf avec MLVPN ou Glorytun UDP). Si cela a changé, et qu'un uname -a affiche bien que le kernel avec support MPTCP est utilisé je peux modifier la doc.

[Ysurac]

Effectivement le support du noyau personnalisé a été ajouté en avril : https://blog.online.net/2018/04/19/scaleway-feature-improvements-custom-kernel-security-group-live-reload-imagehub-packer/

[vincentraffin]

Yep ! Linux scw-**xxxxxx** 4.14.64-mptcp-178ca7b #1 SMP Tue Sep 4 17:54:05 UTC 2018 x86_64 GNU/Linux où xxxxxx est l'id du serveur.

[KoRnEr007]

Bonjour les IP scaleway sont vraiment localisées en France ? y a t il un blocage comme pour OVH ? Cdt Jon

[vincentraffin]

Pour ma part, oui, le FAI vu est Online SAS. Je n'ai pas constaté de blocage mais je n'ai pas de Netflix. J'utilise uniquement Amazon Prime Video et c'est OK.

[KoRnEr007]

Merci pour ton retour, tu as pris l'offre 1-XS ou 1-S ? Jon

[vincentraffin]

1-S car j'ai environ 120Mbps en cumulé (4G + ADSL) et le but d'OpenMPTCProuter est bien de cumuler ! (+ le profit de l'IP fixe pour la 4G, + le failover)

[KoRnEr007]

Ok je viens de prendre aussi cette offre, je vais tester ce soir, a mon avis je vais virer mon VPS de chez OVH.. L'ip n'est meme pas vu comme en France....

Alors tout est ok sauf netflix qui ne fonctionne pas avec cette ip donc OMR-bypass