AS CGNAT Route Blocking

Rafumfps · January 18, 2024, 8:21pm

Hello everyone, I wanted to know if openwrt has a way to block these AS routes, my game is horrible when I fall on these routes, I've heard that in pfsense there is something that does this. It would be possible to block these routes or script with new fw4 with nfatbles nop openwrt.

Rastreando a rota para . [185.41.141.196]
com no máximo 30 saltos:

  1     1 ms    <1 ms    <1 ms  OpenWrt.lan [10.10.1.1]
  2     6 ms     5 ms     5 ms  143-208-125-252.fleetnet.com.br [143.208.125.252]
  3     6 ms     5 ms     5 ms  192.168.235.6
  4     9 ms     2 ms     1 ms  143-208-125-129.fleetnet.com.br [143.208.125.129]
  5    13 ms    17 ms    17 ms  as49544.saopaulo.sp.ix.br [187.16.220.229]
  6     *        *        *     Esgotado o tempo limite do pedido.
  7     *        *        *     Esgotado o tempo limite do pedido.
  8     *        *        *     Esgotado o tempo limite do pedido.
  9     *        *        *     Esgotado o tempo limite do pedido.
 10     *        *        *     Esgotado o tempo limite do pedido.
 11     *        *        *     Esgotado o tempo limite do pedido.
 12     *        *        *     Esgotado o tempo limite do pedido.
 13     *        *        *     Esgotado o tempo limite do pedido.
 14     *        *        *     Esgotado o tempo limite do pedido.
 15     *        *        *     Esgotado o tempo limite do pedido.
 16     *        *        *     Esgotado o tempo limite do pedido.
 17     *        *        *     Esgotado o tempo limite do pedido.
 18     *        *        *     Esgotado o tempo limite do pedido.
 19     *        *        *     Esgotado o tempo limite do pedido.
 20     *        *        *     Esgotado o tempo limite do pedido.
 21     *        *        *     Esgotado o tempo limite do pedido.
 22     *        *        *     Esgotado o tempo limite do pedido.
 23     *        *        *     Esgotado o tempo limite do pedido.
 24     *        *        *     Esgotado o tempo limite do pedido.
 25     *        *        *     Esgotado o tempo limite do pedido.
 26     *        *        *     Esgotado o tempo limite do pedido.
 27     *        *        *     Esgotado o tempo limite do pedido.
 28     *        *        *     Esgotado o tempo limite do pedido.
 29     *        *        *     Esgotado o tempo limite do pedido.
 30     *        *        *     Esgotado o tempo limite do pedido.

Rastreamento concluído.

this could be a very interesting project for openwrt. If you already have something, please put links because I didn't find anything talking about the subject.

maurer · January 19, 2024, 1:35am

Where did you "heard" it?

Is this what you're looking for?

M10 · January 19, 2024, 5:11am

Rent a cheap vps and put all game graffic thru it, or just all traffic.

eduperez · January 19, 2024, 8:50am

I cannot comprehend how could a device influence on the routes that packets follow after they leave such device...

moeller0 · January 19, 2024, 9:12am

Yes, routing means deciding where to forward a packet between different alternatives. Unless you have multiple internet connections from different ISPs to your home network you really only have one option and that is forward packets to your single ISP. And that ISP will then decide where to hand this over to the next AS. (And on the return path again in reverse, each AS is free to decide how to forward a given packet*)
As end-users with an ISP with unfortunate routing, you can try different VPN providers, these might at the same time well connected to your ISP and the target AS so packets send via such a VPN might take a different network path which might (or might not) be better than your ISP's forwarding path. But note that this is out of your control so you need to use trial and error to figure out whether/which VPN gives you better network paths.

*) Most try to minimise their cost so network paths tend to be relative stable between AS, but certainly not set in stone, and might even change during the course of a day depending on load.

greem · January 19, 2024, 9:12am

Unless you have some sort of route peering relationship with your ISP (and if you're paying for a consumer connection that you state is using CGNAT, then you aren't) you have no influence on the route traffic takes to get beyond your local network and then back again.

It just isn't possible.

Also - what do you mean by "AS routes"? Every single network that's connected to the Internet, such as that of your ISP, is given an AS (Autonomous System) Number. That's how the internet glues together, using the Border Gateway Protocol (BGP).

When you see a hostname prefixed by the letters "as", it simply signifies which specific AS that router interface sits in.

Rafumfps · January 20, 2024, 7:56pm

This as ix.br that my route uses is horrible for games, my game seems to have a crash, but when it changes route to a webex my packets flow and the game runs smoothly. Webex gives me a ping return, now this ix.br does not return a ping.

greem · January 20, 2024, 9:40pm

Nothing on the internet has to reply to an ICMP Ping request. Many routers prioritise them (and other things) waaaaaay down the pile of what they are doing, because replying involves their control plane and they would rather not have the control plane needlessly processing other people's packets.

Sadly (for you) traditional traceroute is not a good diagnostic measure for network throughput.

Rafumfps · January 23, 2024, 6:19am

At no time did I talk about network performance, I'm just saying that servers that don't ping back, this with my little experience, I always monitor the IP of my game's server, from my own experience these pings don't return my game It's horrible, and all the servers that return my ping, my game is smooth.