# obscure connection problem (windows OK/linux NOK)

## truc

Hello,

A friend of mine is facing a weird problem with his internet access(DHCP):

When plugging a computer with windows, everything works fine, but when he plugs in his linux laptop, he gets an IP via DHCP, but internet almost doesn't work:

if the first thing he does is a ping, the latency keeps increasing for no apparent reason:

```
64 bytes from mil01s16-in-f24.1e100.net (173.194.35.24): icmp_req=1 ttl=50 time=654 ms

64 bytes from mil01s16-in-f24.1e100.net (173.194.35.24): icmp_req=2 ttl=50 time=2777 ms

64 bytes from mil01s16-in-f24.1e100.net (173.194.35.24): icmp_req=3 ttl=50 time=7338 ms

64 bytes from mil01s16-in-f24.1e100.net (173.194.35.24): icmp_req=4 ttl=50 time=7716 ms

64 bytes from mil01s16-in-f24.1e100.net (173.194.35.24): icmp_req=5 ttl=50 time=630 ms

64 bytes from mil01s16-in-f24.1e100.net (173.194.35.24): icmp_req=6 ttl=50 time=635 ms

64 bytes from mil01s16-in-f24.1e100.net (173.194.35.24): icmp_req=7 ttl=50 time=688 ms

64 bytes from mil01s16-in-f24.1e100.net (173.194.35.24): icmp_req=8 ttl=50 time=644 ms

64 bytes from mil01s16-in-f24.1e100.net (173.194.35.24): icmp_req=9 ttl=50 time=649 ms

64 bytes from mil01s16-in-f24.1e100.net (173.194.35.24): icmp_req=10 ttl=50 time=659 ms

64 bytes from mil01s16-in-f24.1e100.net (173.194.35.24): icmp_req=11 ttl=50 time=640 ms

64 bytes from mil01s16-in-f24.1e100.net (173.194.35.24): icmp_req=12 ttl=50 time=644 ms

64 bytes from mil01s16-in-f24.1e100.net (173.194.35.24): icmp_req=13 ttl=50 time=654 ms

64 bytes from mil01s16-in-f24.1e100.net (173.194.35.24): icmp_req=14 ttl=50 time=615 ms

64 bytes from mil01s16-in-f24.1e100.net (173.194.35.24): icmp_req=15 ttl=50 time=655 ms

64 bytes from mil01s16-in-f24.1e100.net (173.194.35.24): icmp_req=16 ttl=50 time=719 ms

64 bytes from mil01s16-in-f24.1e100.net (173.194.35.24): icmp_req=17 ttl=50 time=639 ms

64 bytes from mil01s16-in-f24.1e100.net (173.194.35.24): icmp_req=18 ttl=50 time=639 ms

64 bytes from mil01s16-in-f24.1e100.net (173.194.35.24): icmp_req=19 ttl=50 time=1586 ms

64 bytes from mil01s16-in-f24.1e100.net (173.194.35.24): icmp_req=20 ttl=50 time=1257 ms

64 bytes from mil01s16-in-f24.1e100.net (173.194.35.24): icmp_req=21 ttl=50 time=7690 ms

64 bytes from mil01s16-in-f24.1e100.net (173.194.35.24): icmp_req=22 ttl=50 time=6980 ms

64 bytes from mil01s16-in-f24.1e100.net (173.194.35.24): icmp_req=21 ttl=50 time=7690 ms

64 bytes from mil01s16-in-f24.1e100.net (173.194.35.24): icmp_req=23 ttl=50 time=7425 ms     
```

TCP connections are only just worst, nothing is usable.

The thing is that I don't have access to his computer, I can only ask him to perform some tests then ask him to send me the result via email.

This isn't a MTU problem, I've asked him to lower it, but it didn't change anything.

He doesn't have a real public IP address, I know the ISP might do something weird(would not be the first time), but I just have no idea what. I'll ask him to capture some traffic from linux and windows, but right now, I'd like to know if you happen to have any idea on this?

Thanks a bunch!

----------

## Jaglover

Knowing what ISP it is would help, right now we have even no clue what's the country. I hear in some countries NAT is done at ISP level and customers get addresses in private address range, is this what we are dealing here with?

----------

## PaulBredbury

Something to try:

echo 1 > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_be_liberal

----------

## truc

Jaglover, it is a _small_ ISP in Central African Republic called Telecel, I highly doubt you've ever heard of it before  :Wink: , they have some public IPs, but AFAICT they are reserved for NAT 1:1 for some other privileged clients...

One thing to keep in mind is that they often don't know what they're doing.  I know they use 'Cubika Sistema de gestion acceso a Internet' to manage their "clients" but I don't know if that's of any use for you to know

PaulBredbury, I'm not really confident about it since the problem affects every protocols. I've asked him to try it anyway. will report back.

Thank you both for your replies  :Exclamation: 

----------

