Something on my network seems miscofigured?

[alphaomega]

Something on my network seems miscofigured?

 

And I can't seem to find out what the issue is.

 

My ISP recently doubled my speed and all appeared well

until I attempted to access forums(dot)androidcentral(dot)com.

 

I can't ping the site and a traceroute does not complete sucessfully.

 

In order to accomodate the new speeds I was supposed to

upgrade my cable modem.

 

I had just swapped out my old cable modem with a newer one

a few days before I got the notice so I called the number

to order the new cable modem and asked if I still

needed to order yet another new cable modem and was told yes.

 

Did some research on the new cable modem I just got and

it is supposed to be able to accomodate the new speeds (50 Mbps down).

 

The new cable modem is a Surfboard Model Name: SB6141

which has a built in dhcp server with no option to disable.

 

I then contacted tech support to double check if I actually needed

to upgrade the modem yet again seeing is the new cable modem

I just got was supposed to be able to handle the new speeds.

 

Was told that I did not actually need to order yet another cable modem

since the one I have now can handle the new speeds.

 

The cable modem was provisioned for the new speeds and all was well except

when I tried to access that one site (was wanting to read a thread there).

 

network setup is like this:

coax-cable-in --> surfboard-cable-modem --> belkin-n300-router --> wired-machine.

 

I checked if the site was down for everyone or just me and

it said the site was up and it was just me.

 

I can get to the site if I go to it using a site like anonymouse.org.

 

temporarily changed my network setup like this:

coax-cable-in --> surfboard-cable-modem --> wired-machine.

and I could get to the site without a problem.

 

switched back to my original setup and started looking through

the router settings and noticed this in the security log.

**Smurf** 192.168.1.118->> 192.230.66.0, Type:8, Code:0 (from LAN Inbound)

This happens when I try to ping the site.

**Smurf** 192.230.66.0, 80->> 192.168.1.118, 54246 (from WAN Inbound)

This happens when I try to go to the site in the browser.

 

192(dot)230(dot)66(dot)0 is the ip address I get for forums(dot)androidcentral(dot)com.

 

If I turn off the firewall in the router I can get to the site

but that is not something I want to do.

 

Does anyone have any ideas what might possibly be the problem?

 

If there is any other information I can provide to help isolate

the issue just ask and will try to provide it.

 

All I know is I don't know what the problem is exactly.

 

Thanks in advance for reading all this mumbo jumbo.

[abarbarian]

I'd tell the smurfs mother to keep her child under control.

 

Sorry I could not resist.Afraid I can offer no good advice, best of luck.Impressed with your bug tracking though.

Edited March 26, 2015 by abarbarian

[securitybreach]

Yes, your modem is just fine since it is DOCSIS 3.0 and "capable of up to 343 Mbps and upload speeds up to 131 Mbps based on Cable provider service" http://www.amazon.co...d/dp/B007IMPMW4

 

Oddly enough, smurf is the name of DDOS attack https://en.wikipedia...ki/Smurf_attack

 

Type 8 Code 0 Echo Request (ping) - means the site sends you a packet, which should be directly replied with an echo reply http://www.networkso...otocol/icmp.htm

 

Make sure you are not blocking ping requests in you router's NAT firewall. Usually this isn't a problem but http://forums.androidcentral.com/ is trying to ping you back when you visit.

[alphaomega]

Yes, your modem is just fine since it is DOCSIS 3.0 and "capable of up to 343 Mbps and upload speeds up to 131 Mbps based on Cable provider service" http://www.amazon.co...d/dp/B007IMPMW4

 

Oddly enough, smurf is the name of DDOS attack https://en.wikipedia...ki/Smurf_attack

 

Type 8 Code 0 Echo Request (ping) - means the site sends you a packet, which should be directly replied with an echo reply http://www.networkso...otocol/icmp.htm

 

Make sure you are not blocking ping requests in you router's NAT firewall. Usually this isn't a problem but http://forums.androidcentral.com/ is trying to ping you back when you visit.

 

The belkin router has an option to block wan pings and when I turn that off

I am still seeing the the smurfs in the logs and cannot get to the site.

 

Turned off the firewall on the machine and still could not get to the site.

Turned the firewall on the machine back on.

 

Turned off the firewall on the belkin router and I can get the the site

with wan pings blocked and not blocked. No smurfs in the logs.

 

So it looks like it is the routers firewall that is blocking the "smurfs"

and not allowing me to get to the site with the firewall on.

 

It's probably not a good idea to turn off the firewall in the router.

 

I do not see any options to alter the firewall rules in the router.

 

I'm confused and not sure what else (if anything) I can try.

[securitybreach]

That is pretty odd... sorry I am not for sure why that is happening but it has to be a setting in your nat firewall. Can you take a screenshot of the settings?

[alphaomega]

with the firewall on the router off, firewall on the computer on, and wan pings blocked.

# traceroute forums.androidcentral.com
traceroute to forums.androidcentral.com (192.230.66.0), 30 hops max, 60 byte packets
1 gateway (192.168.1.1) 0.253 ms 0.258 ms 0.252 ms
2 * * *
3 24.28.133.145 (24.28.133.145) 31.603 ms 31.603 ms 41.615 ms
4 agg50.snavtxuu01r.texas.rr.com (24.175.33.176) 21.911 ms 22.910 ms 23.069 ms
5 agg11.snavtxuu02r.texas.rr.com (24.175.32.214) 22.696 ms agg24.snantxvy01r.texas.rr.com (24.175.32.216) 23.045 ms agg11.snavtxuu02r.texas.rr.com (24.175.32.214) 22.815 ms
6 agg23.dllatxl301r.texas.rr.com (24.175.32.146) 26.870 ms 23.458 ms 22.430 ms
7 bu-ether26.hstqtx0209w-bcr00.tbone.rr.com (66.109.6.54) 23.465 ms 23.364 ms 23.366 ms
8 0.ae4.pr1.dfw10.tbone.rr.com (107.14.19.97) 28.641 ms bu-ether12.dllstx976iw-bcr00.tbone.rr.com (66.109.6.39) 28.662 ms 28.584 ms
9 0.ae1.pr1.dfw10.tbone.rr.com (107.14.17.234) 26.854 ms ix-23-0.tcore2.DT8-Dallas.as6453.net (66.110.57.97) 26.740 ms 26.745 ms
10 ix-23-0.tcore2.DT8-Dallas.as6453.net (66.110.57.97) 25.206 ms 26.589 ms ae-7.r07.dllstx09.us.bb.gin.ntt.net (129.250.9.193) 23.017 ms
11 ae-7.r07.dllstx09.us.bb.gin.ntt.net (129.250.9.193) 21.238 ms ae-3.r01.dllstx04.us.bb.gin.ntt.net (129.250.2.209) 29.019 ms ae-7.r07.dllstx09.us.bb.gin.ntt.net (129.250.9.193) 27.954 ms
12 * ae-3.r01.dllstx04.us.bb.gin.ntt.net (129.250.2.209) 26.776 ms *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *

# traceroute -T forums.androidcentral.com
traceroute to forums.androidcentral.com (192.230.66.0), 30 hops max, 60 byte packets
1 gateway (192.168.1.1) 0.250 ms 0.321 ms 0.329 ms
2 * * *
3 24.28.133.145 (24.28.133.145) 28.064 ms 29.077 ms 29.036 ms
4 agg50.snavtxuu01r.texas.rr.com (24.175.33.176) 25.095 ms 26.239 ms 26.257 ms
5 agg24.snantxvy01r.texas.rr.com (24.175.32.216) 26.264 ms agg11.snavtxuu02r.texas.rr.com (24.175.32.214) 25.863 ms 25.960 ms
6 agg23.dllatxl301r.texas.rr.com (24.175.32.146) 33.816 ms agg23.hstqtxl301r.texas.rr.com (24.175.32.156) 17.896 ms 25.318 ms
7 bu-ether26.hstqtx0209w-bcr00.tbone.rr.com (66.109.6.54) 26.700 ms bu-ether44.dllstx976iw-bcr00.tbone.rr.com (107.14.19.92) 28.911 ms 28.943 ms
8 bu-ether22.dllstx976iw-bcr00.tbone.rr.com (107.14.19.216) 30.582 ms 0.ae1.pr1.dfw10.tbone.rr.com (107.14.17.234) 29.051 ms bu-ether12.dllstx976iw-bcr00.tbone.rr.com (66.109.6.39) 30.305 ms
9 0.ae2.pr1.dfw10.tbone.rr.com (107.14.17.236) 28.929 ms ix-23-0.tcore2.DT8-Dallas.as6453.net (66.110.57.97) 28.518 ms 0.ae4.pr1.dfw10.tbone.rr.com (107.14.19.97) 70.794 ms
10 ix-23-0.tcore2.DT8-Dallas.as6453.net (66.110.57.97) 27.407 ms 27.515 ms ae-7.r07.dllstx09.us.bb.gin.ntt.net (129.250.9.193) 19.859 ms
11 ae-3.r01.dllstx04.us.bb.gin.ntt.net (129.250.2.209) 21.960 ms ae-7.r07.dllstx09.us.bb.gin.ntt.net (129.250.9.193) 30.323 ms 29.195 ms
12 ae-0.incapsula.dllstx04.us.bb.gin.ntt.net (129.250.204.182) 28.973 ms ae-3.r01.dllstx04.us.bb.gin.ntt.net (129.250.2.209) 29.573 ms 29.387 ms
13 192.230.66.0 (192.230.66.0) 29.266 ms 29.196 ms ae-0.incapsula.dllstx04.us.bb.gin.ntt.net (129.250.204.182) 26.604 ms

 

That is pretty odd... sorry I am not for sure why that is happening but it has to be a setting in your nat firewall. Can you take a screenshot of the settings?

The router firewall only has an enable/disable option with the following notes:

Your Router is equipped with a firewall that will protect your network from a wide array of common hacker attacks including Ping of Death (PoD) and Denial of Service (DoS) attacks. You can turn the firewall function off if needed. Turning off the firewall protection will not leave your network completely vulnerable to hacker attacks, but it is recommended that you turn the firewall on whenever possible.

[securitybreach]

Wow, so no Firewall options?

[alphaomega]

Wow, so no Firewall options?

None that I can see.

At one point I tried adding my machine to the DMZ and I could not get any response from a traceroute.

Every hop timed out with no response.

 

I have another router (wrt 54g) that I am going to try and see if I have better luck with.

Not sure If I'll have time as a family emergency came up.

 

edit: and yet another thing I notice with my download speeds.

If the router firewall in on I'm getting around 10-15Mbps down.

If the router firewall is off I'm getting around 35-45Mbps down.

 

I'm going to switch routers and see what happens.

 

edit2: another possibility is to see about ordering the cable modem w/built in router

they originally said I needed to order for the new speeds and fork over some additional

fees to turn on wi-fi access on my account (taking my router out of the equation).

Edited March 26, 2015 by alphaomega

[alphaomega]

I switched out the belkin n300 for the linksys wrt54g.

I am now seeing the download speeds I should be seeing

(edit 2: Well that did not last long. I am back to seeing about 1/2 down what I should be)

and I can get to the site in question without issue.

 

traceroute from the router:

traceroute to forums.androidcentral.com (192.230.66.0) ,30 hops max,40 byte packet
1 173.174.240.1 (173.174.240.1) 20. 0 ms 10. 0 ms 10. 0 ms
2 24.28.134.209 (24.28.134.209) 40. 0 ms 30. 0 ms 20. 0 ms
3 24.175.33.176 (24.175.33.176) 10. 0 ms 10. 0 ms 10. 0 ms
4 24.175.32.214 (24.175.32.214) 10. 0 ms 10. 0 ms 10. 0 ms
5 24.175.32.156 (24.175.32.156) 10. 0 ms 10. 0 ms 20. 0 ms
6 66.109.6.108 (66.109.6.108) 20. 0 ms 20. 0 ms 20. 0 ms
7 107.14.19.218 (107.14.19.218) 20. 0 ms 20. 0 ms 20. 0 ms
8 107.14.19.97 (107.14.19.97) 20. 0 ms 20. 0 ms 20. 0 ms
9 66.110.57.97 (66.110.57.97) 20. 0 ms 20. 0 ms 20. 0 ms
10 129.250.9.193 (129.250.9.193) 20. 0 ms 30. 0 ms 10. 0 ms
11 129.250.2.209 (129.250.2.209) 20. 0 ms 20. 0 ms 20. 0 ms
12 129.250.204.182 (129.250.204.182) 20. 0 ms * 20. 0 ms
13 192.230.66.0 (192.230.66.0) 10. 0 ms 30. 0 ms 20. 0 ms
Traceroute Complete.

Something tells me there was something wrong in the belkin's firewall settings

(which I cannot chage) that is thinking legtimate traffic to/from that site is getting

flagged as a smurf attack (belkin router firmware is up to date).

 

 

Who knows?

I'll see how it goes for now...

 

 

edit:

traceroutes from the computer:

# traceroute forums.androidcentral.com
traceroute to forums.androidcentral.com (192.230.66.0), 30 hops max, 60 byte packets
1 gateway (192.168.1.1) 3.480 ms 3.668 ms 3.917 ms
2 * * *
3 tge1-0-0.snantx3500-10k1.satx.rr.com (24.28.134.209) 35.226 ms 36.201 ms 36.562 ms
4 agg50.snavtxuu01r.texas.rr.com (24.175.33.176) 23.582 ms 24.920 ms 25.125 ms
5 agg24.snantxvy01r.texas.rr.com (24.175.32.216) 24.462 ms 30.497 ms agg11.snavtxuu02r.texas.rr.com (24.175.32.214) 29.288 ms
6 agg23.hstqtxl301r.texas.rr.com (24.175.32.156) 36.579 ms agg23.dllatxl301r.texas.rr.com (24.175.32.146) 25.044 ms 35.073 ms
7 bu-ether16.hstqtx0209w-bcr00.tbone.rr.com (66.109.6.108) 27.587 ms bu-ether14.dllstx976iw-bcr00.tbone.rr.com (66.109.6.88) 35.437 ms 35.185 ms
8 0.ae4.pr1.dfw10.tbone.rr.com (107.14.19.97) 33.178 ms 33.355 ms 33.554 ms
9 ix-23-0.tcore2.DT8-Dallas.as6453.net (66.110.57.97) 34.205 ms 33.714 ms 0.ae2.pr1.dfw10.tbone.rr.com (107.14.17.236) 32.795 ms
10 ix-23-0.tcore2.DT8-Dallas.as6453.net (66.110.57.97) 30.920 ms 33.851 ms ae-7.r07.dllstx09.us.bb.gin.ntt.net (129.250.9.193) 19.797 ms
11 ae-7.r07.dllstx09.us.bb.gin.ntt.net (129.250.9.193) 25.945 ms ae-3.r01.dllstx04.us.bb.gin.ntt.net (129.250.2.209) 31.707 ms ae-7.r07.dllstx09.us.bb.gin.ntt.net (129.250.9.193) 27.833 ms
12 ae-3.r01.dllstx04.us.bb.gin.ntt.net (129.250.2.209) 29.502 ms * 29.765 ms
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *

 

# traceroute -T forums.androidcentral.com
traceroute to forums.androidcentral.com (192.230.66.0), 30 hops max, 60 byte packets
1 gateway (192.168.1.1) 5.961 ms 5.595 ms 5.468 ms
2 * * *
3 tge1-0-0.snantx3500-10k1.satx.rr.com (24.28.134.209) 36.516 ms 36.250 ms 35.283 ms
4 agg50.snavtxuu01r.texas.rr.com (24.175.33.176) 25.604 ms 25.352 ms 25.109 ms
5 agg11.snavtxuu02r.texas.rr.com (24.175.32.214) 24.918 ms agg24.snantxvy01r.texas.rr.com (24.175.32.216) 37.287 ms 37.025 ms
6 agg23.hstqtxl301r.texas.rr.com (24.175.32.156) 41.739 ms 35.521 ms agg23.dllatxl301r.texas.rr.com (24.175.32.146) 38.729 ms
7 bu-ether14.dllstx976iw-bcr00.tbone.rr.com (66.109.6.88) 35.378 ms 22.567 ms 42.288 ms
8 bu-ether12.dllstx976iw-bcr00.tbone.rr.com (66.109.6.39) 39.987 ms 0.ae2.pr1.dfw10.tbone.rr.com (107.14.17.236) 41.761 ms bu-ether12.dllstx976iw-bcr00.tbone.rr.com (66.109.6.39) 34.846 ms
9 ix-23-0.tcore2.DT8-Dallas.as6453.net (66.110.57.97) 31.715 ms 0.ae1.pr1.dfw10.tbone.rr.com (107.14.17.234) 36.694 ms ix-23-0.tcore2.DT8-Dallas.as6453.net (66.110.57.97) 31.394 ms
10 ix-23-0.tcore2.DT8-Dallas.as6453.net (66.110.57.97) 31.163 ms 29.014 ms ae-7.r07.dllstx09.us.bb.gin.ntt.net (129.250.9.193) 42.201 ms
11 ae-7.r07.dllstx09.us.bb.gin.ntt.net (129.250.9.193) 41.593 ms 27.291 ms 23.899 ms
12 ae-3.r01.dllstx04.us.bb.gin.ntt.net (129.250.2.209) 29.314 ms 28.806 ms ae-0.incapsula.dllstx04.us.bb.gin.ntt.net (129.250.204.182) 28.222 ms
13 192.230.66.0 (192.230.66.0) 23.722 ms 24.591 ms 30.562 ms

 

Running speedtests from the tablet:

The app I use for speedtests gives me around 12Mbps down.

Running a speedtest from Ookla gives me around 180Mbps down.

Running a speedtest from Speakeasy gives me around 80Mbps up/down.

LOL

I should be getting 50Mbps down / 5 Mbps up.

Arrgh. What is going on?

Edited March 27, 2015 by alphaomega

[V.T. Eric Layton]

The first thing I see right away here is that you're NOT leaving your own local network when you attempt to ping/traceroute the android site. An IP addy of 192.x.x.x is a local address on your own network. It is NOT the IP of the forums.androidcentral.com, which is actually...

 

[size=4]vtel57@ericsbane06~:$ ping -c3 forums.androidcentral.com[/size]
PING iolqy.x.incapdns.net (199.83.135.0) 56(84) bytes of data.
64 bytes from 199.83.135.0: icmp_seq=1 ttl=57 time=39.2 ms
64 bytes from 199.83.135.0: icmp_seq=2 ttl=57 time=40.0 ms
64 bytes from 199.83.135.0: icmp_seq=3 ttl=57 time=38.8 ms

 

[size=4]vtel57@ericsbane06~:$ whois 199.83.135.0[/size]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# http://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=199.83.135.0?showDetails=true&showARIN=false&ext=netref2
#

NetRange:       199.83.128.0 - 199.83.135.255
CIDR:           199.83.128.0/21
NetName:        INCAPSULA
NetHandle:      NET-199-83-128-0-1
Parent:         NET199 (NET-199-0-0-0-0)
NetType:        Direct Assignment
OriginAS:       AS19551
Organization:   Incapsula Inc (INCAP-5)
RegDate:        2011-01-14
Updated:        2012-02-24
Ref:            http://whois.arin.net/rest/net/NET-199-83-128-0-1

OrgName:        Incapsula Inc
OrgId:          INCAP-5
Address:        3500 SOUTH DUPONT HIGHWAY
City:           Dover
StateProv:      DE
PostalCode:     19901
Country:        US
RegDate:        2010-09-15
Updated:        2014-06-12
Ref:            http://whois.arin.net/rest/org/INCAP-5

OrgNOCHandle: INCAP2-ARIN
OrgNOCName:   Incapsula Operations
OrgNOCPhone:  +1-866-250-7659 
OrgNOCEmail:  ip@incapsula.com
OrgNOCRef:    http://whois.arin.net/rest/poc/INCAP2-ARIN

OrgAbuseHandle: INCAP1-ARIN
OrgAbuseName:   Incapsula AbuseDesk
OrgAbusePhone:  +1-866-250-7659 
OrgAbuseEmail:  abuse@incapsula.com
OrgAbuseRef:    http://whois.arin.net/rest/poc/INCAP1-ARIN

OrgTechHandle: INCAP2-ARIN
OrgTechName:   Incapsula Operations
OrgTechPhone:  +1-866-250-7659 
OrgTechEmail:  ip@incapsula.com
OrgTechRef:    http://whois.arin.net/rest/poc/INCAP2-ARIN

OrgTechHandle: BRONS9-ARIN
OrgTechName:   Bronstein, Tomer 
OrgTechPhone:  +1-866-250-7659 
OrgTechEmail:  tomer@incapsula.com
OrgTechRef:    http://whois.arin.net/rest/poc/BRONS9-ARIN

 

Your issue is with that Belkin router, I believe.

[securitybreach]

Well you have to understand that speed tests will be different depending on the server you select to test on. That and not all files will download at the same speed as this not only depends on your speed but also the speed of the server/website you are downloading from. For instance, I get 120mbps download on speedtest sites when I choose a close server but I rarely get anywhere close to that speed on actual downloads.

 

Also I agree with Eric, your traceroute shows your not even leaving your own network (192.168.x.x) and it sounds like the problem may be your router.

[alphaomega]

[quote name='V.T. Eric Layton' timestamp='1427417117' post='419155']
The first thing I see right away here is that you're NOT leaving your own local network when you attempt to ping/traceroute the android site. An IP addy of 192.x.x.x is a local address on your own network. It is NOT the IP of the forums.androidcentral.com, which is actually...

[code][size=4]vtel57@ericsbane06~:$ ping -c3 forums.androidcentral.com[/size]
PING iolqy.x.incapdns.net (199.83.135.0) 56(84) bytes of data.
64 bytes from 199.83.135.0: icmp_seq=1 ttl=57 time=39.2 ms
64 bytes from 199.83.135.0: icmp_seq=2 ttl=57 time=40.0 ms
64 bytes from 199.83.135.0: icmp_seq=3 ttl=57 time=38.8 ms
[/code]

[code][size=4]vtel57@ericsbane06~:$ whois 199.83.135.0[/size]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# http://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=199.83.135.0?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 199.83.128.0 - 199.83.135.255
CIDR: 199.83.128.0/21
NetName: INCAPSULA
NetHandle: NET-199-83-128-0-1
Parent: NET199 (NET-199-0-0-0-0)
NetType: Direct Assignment
OriginAS: AS19551
Organization: Incapsula Inc (INCAP-5)
RegDate: 2011-01-14
Updated: 2012-02-24
Ref: http://whois.arin.net/rest/net/NET-199-83-128-0-1

OrgName: Incapsula Inc
OrgId: INCAP-5
Address: 3500 SOUTH DUPONT HIGHWAY
City: Dover
StateProv: DE
PostalCode: 19901
Country: US
RegDate: 2010-09-15
Updated: 2014-06-12
Ref: http://whois.arin.net/rest/org/INCAP-5

OrgNOCHandle: INCAP2-ARIN
OrgNOCName: Incapsula Operations
OrgNOCPhone: +1-866-250-7659
OrgNOCEmail: ip@incapsula.com
OrgNOCRef: http://whois.arin.net/rest/poc/INCAP2-ARIN

OrgAbuseHandle: INCAP1-ARIN
OrgAbuseName: Incapsula AbuseDesk
OrgAbusePhone: +1-866-250-7659
OrgAbuseEmail: abuse@incapsula.com
OrgAbuseRef: http://whois.arin.net/rest/poc/INCAP1-ARIN

OrgTechHandle: INCAP2-ARIN
OrgTechName: Incapsula Operations
OrgTechPhone: +1-866-250-7659
OrgTechEmail: ip@incapsula.com
OrgTechRef: http://whois.arin.net/rest/poc/INCAP2-ARIN

OrgTechHandle: BRONS9-ARIN
OrgTechName: Bronstein, Tomer
OrgTechPhone: +1-866-250-7659
OrgTechEmail: tomer@incapsula.com
OrgTechRef: http://whois.arin.net/rest/poc/BRONS9-ARIN
[/code]

Your issue is with that Belkin router, I believe.
[/quote]

this is what I get:
[code]
$ ping -c3 forums.androidcentral.com
PING iolqy.x.incapdns.net (192.230.66.0) 56(84) bytes of data.
64 bytes from 192.230.66.0: icmp_seq=1 ttl=52 time=24.8 ms
64 bytes from 192.230.66.0: icmp_seq=2 ttl=52 time=20.8 ms
64 bytes from 192.230.66.0: icmp_seq=3 ttl=52 time=24.3 ms

--- iolqy.x.incapdns.net ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2005ms
rtt min/avg/max/mdev = 20.858/23.353/24.898/1.789 ms
[/code]

[code]
# whois 192.230.66.0

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# http://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=192.230.66.0?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 192.230.64.0 - 192.230.127.255
CIDR: 192.230.64.0/18
NetName: INCAPSULA-NETWORK
NetHandle: NET-192-230-64-0-1
Parent: NET192 (NET-192-0-0-0-0)
NetType: Direct Assignment
OriginAS: AS19551
Organization: Incapsula Inc (INCAP-5)
RegDate: 2013-05-08
Updated: 2013-05-08
Ref: http://whois.arin.net/rest/net/NET-192-230-64-0-1

OrgName: Incapsula Inc
OrgId: INCAP-5
Address: 3500 SOUTH DUPONT HIGHWAY
City: Dover
StateProv: DE
PostalCode: 19901
Country: US
RegDate: 2010-09-15
Updated: 2014-06-12
Ref: http://whois.arin.net/rest/org/INCAP-5

OrgNOCHandle: INCAP2-ARIN
OrgNOCName: Incapsula Operations
OrgNOCPhone: +1-866-250-7659
OrgNOCEmail: ip@incapsula.com
OrgNOCRef: http://whois.arin.net/rest/poc/INCAP2-ARIN

OrgAbuseHandle: INCAP1-ARIN
OrgAbuseName: Incapsula AbuseDesk
OrgAbusePhone: +1-866-250-7659
OrgAbuseEmail: abuse@incapsula.com
OrgAbuseRef: http://whois.arin.net/rest/poc/INCAP1-ARIN

OrgTechHandle: INCAP2-ARIN
OrgTechName: Incapsula Operations
OrgTechPhone: +1-866-250-7659
OrgTechEmail: ip@incapsula.com
OrgTechRef: http://whois.arin.net/rest/poc/INCAP2-ARIN

OrgTechHandle: BRONS9-ARIN
OrgTechName: Bronstein, Tomer
OrgTechPhone: +1-866-250-7659
OrgTechEmail: tomer@incapsula.com
OrgTechRef: http://whois.arin.net/rest/poc/BRONS9-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# http://www.arin.net/public/whoisinaccuracy/index.xhtml
#
[/code]

[code]
# nslookup - 8.8.8.8
> forums.androidcentral.com
Server: 8.8.8.8
Address: 8.8.8.8#53

Non-authoritative answer:
forums.androidcentral.com canonical name = iolqy.x.incapdns.net.
Name: iolqy.x.incapdns.net
Address: 192.230.66.0
> exit
[/code]

I thought it was 192.168.x.x that was reserved and not routable.
From the results I get they are on 192.230.x.x.

I also beleive the issue is with the belkin router.

If this is them pinging me back
[code]
**Smurf** 192.168.1.118->> 192.230.66.0, Type:8, Code:0 (from LAN Inbound)
[/code]
wouldn't turning off the blocking of wan pings allow that in?
I shouldn't have to turn the firewall off completely to allow that through.
and I wouldn't want to forward port 80 in.

[alphaomega]

Well you have to understand that speed tests will be different depending on the server you select to test on. That and not all files will download at the same speed as this not only depends on your speed but also the speed of the server/website you are downloading from. For instance, I get 120mbps download on speedtest sites when I choose a close server but I rarely get anywhere close to that speed on actual downloads.

 

Also I agree with Eric, your traceroute shows your not even leaving your own network (192.168.x.x) and it sounds like the problem may be your router.

Because the tests aren't exactly that accurate I tend to clear my cache and run

multiple tests using various locations and just average it in my head as a baseline.

[crp]

hi OP, you are correct 192.168.x.x is non-routable . 10.x.x.x is the only classA that is non-routable

my tracert shows

d:\>tracert forums.androidcentral.com
Tracing route to iolqy.x.incapdns.net [192.230.66.0]
over a maximum of 30 hops:
 1	 1 ms    <1 ms    <1 ms  192.168.11.11
 2	 1 ms	 1 ms	 1 ms  qwestmodem.Home [192.168.0.1]
 3    26 ms    26 ms    25 ms  tukw-dsl-gw68.tukw.qwest.net [63.231.10.68]
 4    27 ms    26 ms    28 ms  tukw-agw1.inet.qwest.net [71.217.186.25]
 5    27 ms    28 ms    27 ms  sea-brdr-02.inet.qwest.net [67.14.41.18]
 6    27 ms    27 ms    27 ms  ae1.sea23.ip4.gtt.net [199.229.230.213]
 7    98 ms   125 ms   104 ms  xe-1-0-3.dal33.ip4.gtt.net [141.136.109.150]
 8    96 ms    97 ms    97 ms  gtt-gw.ip4.gtt.net [173.241.130.154]
 9    96 ms    95 ms    96 ms  ae-0.incapsula.dllstx04.us.bb.gin.ntt.net [129.250.204.182]
10    95 ms    96 ms    95 ms  192.230.66.0
Trace complete.

comparing to yours and considering that using a proxy server got you to the target web page, I am wondering if there was a switching office between you and that site which was having problems.The Belkin interpreted it as a smurf attack and the other firewalls as just static noise.

[V.T. Eric Layton]

Yup. My mistake...

 

https://en.wikipedia.org/wiki/Private_network#Private_IPv4_address_space

 

---

 

My nslookup for forums.androidcentral.com:

 

forums.androidcentral.com canonical name = iolqy.x.incapdns.net.

Name: iolqy.x.incapdns.net

Address: 199.83.135.0

 

There's still something fishy going on with your router/dns.