About 9 months ago, I made a few posts around my Ubuntu Linux router upgrade project. Since then, Ubuntu has more than met the need and the goal. While my original notes were for 8.04 ("Hardy Heron"), they have since been successfully repeated on 8.10 ("Intrepid Ibex") and 9.04 ("Jaunty Jackalope").
Unfortunately, I cannot say I've had the same success with Alltel's wireless Internet service. (Alltel has since been acquired by Verizon Wireless, though there hasn't yet been any noticeable changes as a customer.) To be fair, I've been pretty impressed with Alltel's voice service. Their data services also seem to work well for temporary / mobile usage, especially for Blackberries and other smart phones. However, I often fail to comprehend how this service can be deservingly called "Internet" given some of the issues.
The most frustrating issue is the frequency and apparent length of disconnections. This has been an ongoing issue since I first started using the service back in September. I've learned that there is a hard 12-hour timeout, after which any connection will be terminated regardless of usage. While this is certainly an annoyance, it is an issue that I could live with - if it was the only issue. However, on a much to frequent basis, I'll seemingly get stuck in continued rounds of disconnections - repeatedly getting disconnected after periods of anywhere from a few seconds to a few minutes. This can go on for minutes or hours, and usually happens from at least once a week to several times a day. Even going to the extreme of disconnecting the wireless modem and "giving it a rest" for 10 minutes does not help. Each disconnection is rather disruptive, especially as each new connection brings a new IP address - which makes it practically impossible to gracefully resume many types of connections.
I am not the only one having these issues. A few Google searches show a number of other users with related issues with Alltel (and also Verizon), but no currently known solutions.
This is not a signal strength issue, as the reported RSSI is almost always at one of the two best reportable values: -63 or -47 dBm, or 4/5 - 5/5 bars. I've tried adding an external antenna, which made no difference. I'm unable to find any correlations to the time of day or other environmental factors.
Alltel technical support is all to eager to blame this on my use of Linux. However, the problems are identical if not worse when using Windows and their QuickLink Mobile software (made by SmithMicro Software). If anything, Linux is better able to handle the connection and any necessary re-dialing. Trying the data card on different computers (a desktop and 3 available laptops) does not change anything. My current data card is a UTStarcom / Pantech UM175AL. At one point I tried a loaner Huawei EC228 card, which also made no difference in the issues. Worse, Alltel got the accounts mixed up and ended changing the phone and account numbers on the UM175 that I had to keep, and I received a threat of legal action in the mail for breach of contract!
I've seen a number of theories for the cause of these disconnections, and have tried various solutions to them all, but without any success. This includes setting various MTU values, asyncmap settings, adjusting for LCP echo failures / timeouts, tweaking the AT commands sent in the modem chat script, and making sure that there isn't any private-address traffic being sent over the connection.
I've contacted Alltel's technical support many times to try to resolve this issue, always speaking with their separate "data card support" department, and probably totaling at least 20 hours of phone time. The original theory was that the data card was bouncing between Alltel and Sprint towers, and loosing the connection each time this happened. They updated the preferred roaming list (PRL) on the device several times, without any affect. An interesting fix they tried was setting the device to "static" mode. Supposedly this doesn't refer to a static vs. dynamic IP address, but it did result in obtaining a persistent IP address. This also did appear to help with the connection stability - but not perfectly. Most critically, this mode caused an unfortunate side effect: I could no longer receive any incoming connections. Alltel's response was that incoming connections are not supported. Many ISP's, especially residential, block common server ports - such as 80 for HTTP and 25 for SMTP. This is a debatable practice, but doesn't affect "simple" activities such as web browsing and email. However, in this "static" mode, it was as if I was behind another firewall with all incoming ports being blocked - affecting a number of Internet uses including remote desktop applications, VPN clients, instant-messaging file transfers with family and friends, or even online games.
Some of my relatives also experience the same issues. However, with pretty much only checking their email a few times per week, they seldom notice the issues. Eventually, we moved closer to Appleton - about 15 miles closer - and while this has slightly improved things, it is still not acceptable. Now that other Internet options are available, including cable and DSL, I would have switched already if we weren't stuck with the 2 year contract, and with over a year remaining yet. We would have better service at half the price.
This is another issue I found while checking-up on some things in the aftermath of the DNS cache poisoning vulnerability reported by Dan Kaminsky. The first issue I noticed was an alert on a report from the ICSI Netalyzer hosted by UC Berkeley: No DNS Port Randomization. There have been too many issues with ISP DNS servers in the past, e.g. DNS hijacking by several companies including Charter Communications, Comcast, and Time Warner. Due to this and other various ISP issues, along with being able to improve performance through local caching, I typically run my own DNS server for my home network. I thought I may have had it set to forward all DNS requests to the DNS server address received through DHCP from the ISP, and that I'd just change it to do its own recursive resolution.
This is where things got interesting.
Alltel is not only playing tricks with their own DHCP-advertised DNS servers, but are intercepting all outgoing DNS traffic (UDP port 53) and acting as a transparent proxy.
This is quickly confirmed through one of the same tools that can be used to check for the DNS cache poisoning vulnerability: porttest.dns-oarc.net.
On my Alltel PPP connection, the peer's IP address is currently 126.96.36.199.
The client IPs seen by the port test tool are 188.8.131.52 and 184.108.40.206.
Neither of these addresses are mine, which are in a completely different subnet.
None of these addresses currently have pointer records (PTR) registered, though I recall seeing them resolve to
windstream.net on Windstream Communications only about a week ago.
ARIN WHOIS does show that all these addresses belong to Alltel Communications.
The ICSI Netalyzer results seem to reflect this as well.
Two points listed under Reachability Tests / General Connectivity were "A DNS proxy or firewall caused the applet's direct DNS request to be sent from another address. Instead of your IP, the request came from 220.127.116.11" and "A DNS proxy or firewall generated a new request rather than passing the applet's request unmodified".
Interestingly, both were listed simply as information rather than warnings.
Many people tout OpenDNS or other 3rd-party DNS servers in situations like this.
Even though OpenDNS follows some of the same practices, such as redirecting invalid lookups instead of sending
NXDOMAIN by default, at least they provide options to control and disable this functionality.
Unfortunately, it is impossible to query any specific DNS server - OpenDNS or otherwise - while Alltel is intercepting these requests.
The only work-around I can think of short of Alltel fixing this would be finding a DNS server that provides service on a non-standard port, or sending all DNS queries through some available VPN to another location.
I found this forum thread from February that showed a few other users complaining of similar issues with Alltel redirecting DNS requests.
While the issue apparently had been resolved, it only appears to have been temporary.
Since there is nothing as a user that I can currently do to avoid these issues, I can only hope that Alltel is on top of things, including having other measures in place for avoiding DNS poisoning.
Alltel finally decided to do something for me. As previously mentioned, I've lost count of how many calls I've made to Alltel technical support. Several times, I also visited the Alltel corporate retail store, and brought with me printed connection log that showed my excessive number of connections and disconnections. About a week ago, I made one last trip to the corporate retail store. After talking with the same store manager I happened to previously speak with a few months ago, he agreed to cancel my contract with no early termination fee. It wasn't an ideal solution for either of us - I'd rather have a working, mobile connection, and I'd hope that they'd value and want to keep my business. However, at least now I don't have to continue paying for service that doesn't work. I will soon be signed-up with faster, more reliable, and less expensive DSL service.
- EVDOforums.com: Alltel EVDO Service: Disconnections, DNS proxying, and other issues
- WirelessAdvisor.com foruums: Pantech UM175AL Disconnect