Facing a weird routing issue

[Sanemi]

Hi
I’m From Kerala. Currently I’m using Airtel 5G/4G services & also using Asianet Broadband (AS17465) it’s primary upstream is Airtel (AS9498) so almost everything international surfing will route via Airtel.

The issue is that while I’m traceroute or the time required to open an international website ex: bgp.tools is 300+ms every time in both the broadband and in the Airtel 5G .
While tracerouting I found that a IP address 182.79.247.0/24 prefix is suspect/causing the routing issue .
It’s weird that the IP address is location is Chennai . Normally pings from Kerala ~ Chennai is 14-30ms. But this 182.79.247.0/24 IP address prefix is 160-200+. This issue is also in Airtel 5G/4G .I tried experimenting in another Airtel Upstream Broadband Kerala Vision (AS138754) the same IP address/prefix is causing the weird routing issue.

Is there any way to report/improve this issue ? By contacting the Airtel ?

Traceroute Image:IMG-3934 hosted at ImgBB

 

[Anurag Bhatia]

I see that this was reported in Oct but since there are no replies here - It's worth discussing it further.

182.79.247.0/24 - is not visible in routing table anymore. Are you still having this issue? If yes, share the IPv4 address which you are getting or CGNATed behind and I can try looking into it's routing. From partial trace you shared earlier - it shows Zayo AS6461 in picture which is not expected. Please share latest IPs and it worth worth exploring on why that is happening.

 

[Sanemi]

Here is a traceroute of Kerala Vision Broadband (AS138754)

IMG-4403 hosted at ImgBB

Image IMG-4403 hosted in ImgBB

ibb.co

 

[Anurag Bhatia]

Hi

I looked into the forward trace i.e Kerala Vision > bgp.tools as you shared. Forward seem fine. Latency is little higher. I suspect bad return path here. Please share your wan IPv4 so can try to find the return path here. Expected latency here should be around 140ms. Thus you are off by around 40ms.

The IP in middle is OK. It's not a routed IP on the global table (and that is normal). ISPs many times use IPs on their internal routers where the aggregate is not originated in BGP because it won't serve any purpose except attracting random scanning traffic, DDoS etc. The jump on hop5 in your trace is because of return. Likely IP is somewhere in the EU on a Airtel router.

 

[Sanemi]

@Anurag Bhatia wan ip is 103.189.143.91

 

[Anurag Bhatia]

This is announced behind Tata Comm, Airtel, Reliance Communications and Vodafone - 103.189.143.0/24 - bgp.he.net . So we need to find what kind of return path bgp.tools is having towards you. This is actually more tricky in your case because of so many upstream + fact that there is not a single IP in entire /24 or even /23 with open ICMP. Thus I have to rely on latency of middle hops which is not the best way.

1. I think return is NOT via AS1299 - AS9498 because your forward trace shows 163ms on Arelion AS1299 hops 6-9. If bgp.tools was using Arelion to return, latency would not have jumped.
2. It is not likely Tata Comm because Tata seems to have active route via Airtel and likely other side would have picked Airtel due to shorter AS_PATH.
3. So either return is via Vodafone or Reliance Comm.

Absolute minimum latency here should be: London-Chennai (140ms) + 8-9ms (Chennai-Kochi). So 148ms or so.

You may cross check if latency is high with all endpoints in UK. Check your latency with: 194.8.28.4, 5.57.94.168, 94.76.229.204, 193.192.2.132. If latency is broadly around 148-150ms it's OK.

If not then try mailing bgp.tools person (contact details on peeringdb and request for return path towards you: PeeringDB). That would give some insights on where the latency is jumping.

 

[WieldyBinkie]

Return path is via LINX LON > 9498 > 138754

 

[Anurag Bhatia]

How do you know that?
If you are assuming that path because both are at LINX then it may not be true.

 

[WieldyBinkie]

Fetching Measurement: 85453558
Traceroute from 192.168.2.171 to 103.189.143.91 (103.189.143.91):
1 192.168.2.1 1.101ms 0.954ms 0.718ms
2 cyclone-flat.p2p.b621.net (185.230.223.200) 5.993ms 6.281ms 6.726ms
3 lo.router-cam-a.mythic-beasts.com (93.93.133.4) 5.582ms 6.32ms 5.843ms
4 lo.router-cam-d.mythic-beasts.com (93.93.133.19) 6.165ms 6.208ms 5.974ms
5 lo.router-sov-d.mythic-beasts.com (93.93.133.7) 7.504ms 7.872ms 7.977ms
6 lo.router-sov-c.mythic-beasts.com (93.93.133.6) 7.307ms 7.876ms 7.151ms
7 195.66.226.204 7.861ms 5.361ms 5.291ms
8 2(SERVFAIL (182.79.175.107) 188.887ms 171.352ms 171.462ms
9 122.184.141.50 175.703ms 175.082ms 176.174ms
10 * * *
11 103.191.186.6 172.069ms 172.578ms 172.847ms
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
255 * * *

 

[Anurag Bhatia]

Interesting. That explains.

7 195.66.226.204 7.861ms 5.361ms 5.291ms
8 2(SERVFAIL (182.79.175.107) 188.887ms 171.352ms 171.462ms

Unclear jump here. Unable to certain if 182.79.175.107 is in Chennai. Logically it should be but unclear. IPs not routed and Airtel's looking glass has been down from few months. Either 182.79.175.107 is in Singapore resulting in: London > Singapore > Chennai kind of path here. Chennai-Singapore roundtrip is 32ms (hence 16ms one way). So if Chennai -> Mumbai -> London and back should be 140ms but if one leg is via Singapore, then still we should be at 156ms. Middle hops are not best for latency guess but since end to end latency is also high, there is un-clear additional latency of 30ms coming in here.

I will buzz friends at KV to find out. The usual method in these cases is for someone at KV to get into their router with Airtel drop to ping bgp.tools picking Airtel's IP as the source (ensuring that forward & return is Airtel). If that is also high - it will be an Airtel issue.

Expect a while before there's an update on this.