Re: Verizon EV-DO and local addresses

[Jason Martens <me jasonmartens com>]

Dan Williams wrote:
> On Fri, 2008-10-24 at 13:26 -0500, Jason Martens wrote:
>   
> > Hey all,
> >    I just learned some interesting information about Verizon's EV-DO 
> > policies.  I have a Verizon card, and I could connect just fine, but 
> > every time it would disconnect after less than a minute with the 
> > following message:
> >
> > Oct 24 12:46:37 tank pppd[17248]: Script /etc/ppp/ip-up started (pid 17292)
> >
> > Oct 24 12:46:45 tank pppd[17248]: Script /etc/ppp/ip-up finished (pid 17292), status = 0x0
> >
> > Oct 24 12:47:14 tank pppd[17248]: rcvd [LCP TermReq id=0xb]
> >
> > Oct 24 12:47:14 tank pppd[17248]: LCP terminated by peer
> >
> > Oct 24 12:47:14 tank pppd[17248]: Connect time 0.7 minutes.
> >
> > I tried adding the lcp-echo-failure and -interval options, but this made 
> > no difference for me.  Since I work for a company using lots of Verizon 
> > cards, I placed a call to enterprise support, and they informed me that 
> > if they detect *any* private address traffic over the EV-DO connection, 
> > they terminate it.  Sure enough, after disabling all of my local 
> > interfaces, the connection has been up for > 30 minutes now. 
> >
> > However, I really wanted to use the EV-DO for internet access, but eth0 
> > for lan access.  I added this rule which I think sends all 10.* 
> > addresses out the local interface instead of ppp0, but I'm not an expert 
> > in iptables by any stretch so use at your own risk:
> >
> > iptables -I OUTPUT -o eth0 -s 10.0.0.0/8
> >     
>
> What's the routing table when you're connected on the card?  Can you
> paste in the output of '/sbin/route -n' for me?
>
> A guy I work with uses his Verizon card all the time and AFAIK hasn't
> encountered this issue yet, despite using recent SVN snapshots of NM.
>
> Thanks!
> Dan
>   
Here's what I have now that seems to be working.  The 172.16.254.0 and 
the 10.0.0.0 were added manually.  I can try this again without the 
above iptables rule, and there may be something about the order that 
things came up in, because I was noticing DNS traffic trying to go out 
the ppp0 interface at first (I'm still using local DNS, no split setup now).

tank:~# /sbin/route -n

Kernel IP routing table

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

66.174.54.4     0.0.0.0         255.255.255.255 UH    0      0        0 ppp0

172.16.254.0    10.1.20.54      255.255.255.0   UG    0      0        0 eth1

10.1.0.0        0.0.0.0         255.255.0.0     U     0      0        0 eth1

10.0.0.0        10.1.20.54      255.0.0.0       UG    0      0        0 eth1

0.0.0.0         0.0.0.0         0.0.0.0         U     0      0        0 ppp0


Maybe Verizon uses different network rules in different markets? This 
was in Chicago.

Jason Martens