Thursday, July 30, 2009

Alltel / Verizon Wireless Internet: Disconnections, DNS, and other issues

About 9 months ago, I made a few posts around my Ubuntu Linux router upgrade project. Since then, Ubuntu has more than met the need and the goal. While my original notes were for 8.04 ("Hardy Heron"), they have since been successfully repeated on 8.10 ("Intrepid Ibex") and 9.04 ("Jaunty Jackalope").

Unfortunately, I cannot say I've had the same success with Alltel's wireless Internet service. (Alltel has since been acquired by Verizon Wireless, though there hasn't yet been any noticeable changes as a customer.) To be fair, I've been pretty impressed with Alltel's voice service. Their data services also seem to work well for temporary / mobile usage, especially for Blackberries and other smart phones. However, I often fail to comprehend how this service can be deservingly called "Internet" given some of the issues.

Disconnections

The most frustrating issue is the frequency and apparent length of disconnections. This has been an ongoing issue since I first started using the service back in September. I've learned that there is a hard 12-hour timeout, after which any connection will be terminated regardless of usage. While this is certainly an annoyance, it is an issue that I could live with - if it was the only issue. However, on a much to frequent basis, I'll seemingly get stuck in continued rounds of disconnections - repeatedly getting disconnected after periods of anywhere from a few seconds to a few minutes. This can go on for minutes or hours, and usually happens from at least once a week to several times a day. Even going to the extreme of disconnecting the wireless modem and "giving it a rest" for 10 minutes does not help. Each disconnection is rather disruptive, especially as each new connection brings a new IP address - which makes it practically impossible to gracefully resume many types of connections.

I am not the only one having these issues. A few Google searches show a number of other users with related issues with Alltel (and also Verizon), but no currently known solutions.

This is not a signal strength issue, as the reported RSSI is almost always at one of the two best reportable values: -63 or -47 dBm, or 4/5 - 5/5 bars. I've tried adding an external antenna, which made no difference. I'm unable to find any correlations to the time of day or other environmental factors.

Alltel technical support is all to eager to blame this on my use of Linux. However, the problems are identical if not worse when using Windows and their QuickLink Mobile software (made by SmithMicro Software). If anything, Linux is better able to handle the connection and any necessary re-dialing. Trying the data card on different computers (a desktop and 3 available laptops) does not change anything. My current data card is a UTStarcom / Pantech UM175AL. At one point I tried a loaner Huawei EC228 card, which also made no difference in the issues. Worse, Alltel got the accounts mixed up and ended changing the phone and account numbers on the UM175 that I had to keep, and I received a threat of legal action in the mail for breach of contract!

I've seen a number of theories for the cause of these disconnections, and have tried various solutions to them all, but without any success. This includes setting various MTU values, asyncmap settings, adjusting for LCP echo failures / timeouts, tweaking the AT commands sent in the modem chat script, and making sure that there isn't any private-address traffic being sent over the connection.

I've contacted Alltel's technical support many times to try to resolve this issue, always speaking with their separate "data card support" department, and probably totaling at least 20 hours of phone time. The original theory was that the data card was bouncing between Alltel and Sprint towers, and loosing the connection each time this happened. They updated the preferred roaming list (PRL) on the device several times, without any affect. An interesting fix they tried was setting the device to "static" mode. Supposedly this doesn't refer to a static vs. dynamic IP address, but it did result in obtaining a persistent IP address. This also did appear to help with the connection stability - but not perfectly. Most critically, this mode caused an unfortunate side effect: I could no longer receive any incoming connections. Alltel's response was that incoming connections are not supported. Many ISP's, especially residential, block common server ports - such as 80 for HTTP and 25 for SMTP. This is a debatable practice, but doesn't affect "simple" activities such as web browsing and email. However, in this "static" mode, it was as if I was behind another firewall with all incoming ports being blocked - affecting a number of Internet uses including remote desktop applications, VPN clients, instant-messaging file transfers with family and friends, or even online games.

Some of my relatives also experience the same issues. However, with pretty much only checking their email a few times per week, they seldom notice the issues. Eventually, we moved closer to Appleton - about 15 miles closer - and while this has slightly improved things, it is still not acceptable. Now that other Internet options are available, including cable and DSL, I would have switched already if we weren't stuck with the 2 year contract, and with over a year remaining yet. We would have better service at half the price.

DNS Concerns

This is another issue I found while checking-up on some things in the aftermath of the DNS cache poisoning vulnerability reported by Dan Kaminsky. The first issue I noticed was an alert on a report from the ICSI Netalyzer hosted by UC Berkeley: No DNS Port Randomization. There have been too many issues with ISP DNS servers in the past, e.g. DNS hijacking by several companies including Charter Communications, Comcast, and Time Warner. Due to this and other various ISP issues, along with being able to improve performance through local caching, I typically run my own DNS server for my home network. I thought I may have had it set to forward all DNS requests to the DNS server address received through DHCP from the ISP, and that I'd just change it to do its own recursive resolution.

This is where things got interesting. Alltel is not only playing tricks with their own DHCP-advertised DNS servers, but are intercepting all outgoing DNS traffic (UDP port 53) and acting as a transparent proxy. This is quickly confirmed through one of the same tools that can be used to check for the DNS cache poisoning vulnerability: porttest.dns-oarc.net. On my Alltel PPP connection, the peer's IP address is currently 75.116.231.29. The client IPs seen by the port test tool are 75.116.63.155 and 75.116.63.156. Neither of these addresses are mine, which are in a completely different subnet. None of these addresses currently have pointer records (PTR) registered, though I recall seeing them resolve to windstream.net on Windstream Communications only about a week ago. ARIN WHOIS does show that all these addresses belong to Alltel Communications.

The ICSI Netalyzer results seem to reflect this as well. Two points listed under Reachability Tests / General Connectivity were "A DNS proxy or firewall caused the applet's direct DNS request to be sent from another address. Instead of your IP, the request came from 75.116.63.156" and "A DNS proxy or firewall generated a new request rather than passing the applet's request unmodified". Interestingly, both were listed simply as information rather than warnings. Many people tout OpenDNS or other 3rd-party DNS servers in situations like this. Even though OpenDNS follows some of the same practices, such as redirecting invalid lookups instead of sending NXDOMAIN by default, at least they provide options to control and disable this functionality. Unfortunately, it is impossible to query any specific DNS server - OpenDNS or otherwise - while Alltel is intercepting these requests. The only work-around I can think of short of Alltel fixing this would be finding a DNS server that provides service on a non-standard port, or sending all DNS queries through some available VPN to another location. I found this forum thread from February that showed a few other users complaining of similar issues with Alltel redirecting DNS requests. While the issue apparently had been resolved, it only appears to have been temporary. Since there is nothing as a user that I can currently do to avoid these issues, I can only hope that Alltel is on top of things, including having other measures in place for avoiding DNS poisoning.

Update (2009-08-26):

Alltel finally decided to do something for me. As previously mentioned, I've lost count of how many calls I've made to Alltel technical support. Several times, I also visited the Alltel corporate retail store, and brought with me printed connection log that showed my excessive number of connections and disconnections. About a week ago, I made one last trip to the corporate retail store. After talking with the same store manager I happened to previously speak with a few months ago, he agreed to cancel my contract with no early termination fee. It wasn't an ideal solution for either of us - I'd rather have a working, mobile connection, and I'd hope that they'd value and want to keep my business. However, at least now I don't have to continue paying for service that doesn't work. I will soon be signed-up with faster, more reliable, and less expensive DSL service.

Related postings:

7 comments:

Unknown said...

Nice to read the wireless internet article..I am using the airtel wireless internet in india for my Laptop working very very fast..I check out the Uploading speed 567Kbps,Downloading Speed is 997Kbps i find those speed in ip-details.com..

Unknown said...

Yep. I am currantly on my 3rd Alltell internet card. I have had nothing but problems with my internet connection since Verizon took over. I have called and called and called with no avail. I use to be able to play WoW with this internet just fine, now its almost impossible. I am so annoyed with it. It constantly drops my connection, though the card will show to be running just fine with 3 bars. I have a laptop and run Vista. Any help would be appreciated. I miss raiding /cry

Mecklenberg said...

I had great Alltel service until the end of August - enter Verizon! It took me 45 minutes with 60 tries to connect just now, and I was disconnected in 30 seconds. I tried the suggestions, and calling. No luck. Do we have airtel internet here?

COmtn said...

October status: I spent a month trying to get my Alltel wireless Internet set up. The Huawei aircard worked great, BBerry Internet phone worked great, but the Cyfre 3G router they sold me with it was a disaster. Besides other problems, 3 of us computer "experts" couldn't get it to work with standard WPA-PSK, spotty without it. Alltel "tech support" actually told me there was nothing they could do; Cyfre wouldn't return calls. I finally returned the router and got a Cradlepoint CTR500. Worked perfectly within 10 minutes. DL speed 1-1.5 Mbps, UL up to 300kbps. In 2 weeks it's been down once for a minute, even during a major snowstorm. I had to have both home and mobile computer-based ISP, so cabled access was not an option. I love this!
The secret seems to be that not all aircards are compatible with all 3G routers. Check all manufacturers' compatibility with the other unit.
On the plus side, Alltel's phone-based customer support was very polite, helpful and supportive. Their tech team should take lessons from them.

Unknown said...

As my contract neared expiration I was turned off on my Alltel aircard. When I tried to call tech support I was informed I waould have to wait until the next day between 8 to 5 to get an answer. When I called I was informed they turned off my servic e to force me to contact them. I asked why they had not called anf they said they had tried. I asked if the had left a voice mail. They never did answer. They then informed me that I would be permanently disabled on 6 March, 2010. My reward for being an Alltel customer for over 10 years, Yes things are definitely different since Verizon entered the picture. Wireless internet and cutomer service have deteriorated. Now I am waiting for the next trick as Alltel winds down and their moneymaking contracts expire.
Start looking for other plans.

Unknown said...

I have the same problem as 'Crazy George' here in rural Southern Illinois. My my wireless internet went down and when I called Alltel they said they had done it to force me to call them. This is the only internet service available to me and although it is well beyond painfully slow, it is better than nothing. Alltel then told me that as of 6-30-2010 I would be permanently disconnected. When I activated my account with them I was required to buy their wireless modem and I opted to buy a Cradlepoint router. Now they are saying that I am just basically out of luck as far as internet service goes. It seems to me that they would be required to at least fulfill the contract? There are 8 months left on it. Does anyone have any suggestions? Searching for a new provider has yeilded nothing.

Anonymous said...

I am having the same issue's as anyone else, except that i am a gamer, so the Alltel 3g wireless hotspot, the ugly white thing... it just love's to give me about 30 seconds of good connection, then just decides to eigther dissconnect, overheat, battery die's, or just act retarded. For those that are in america, i suggest using a different internet provider. For the cost, i can get 1.2maxMb/s dload speed, and 500kb of upload speed from windstream for the same cost... when i first started looking for better internet, i was on my 4th hotspot. 2 of which had to be turned back in because they had problems... and to my surprise, alltel and the maker of the stupid device, never even considered fixing any of the problems. They just put in a new thing last month that turn's your hotspot off if inactive for 10 mins... but instead of fixing the old problems, new one's popped up. It disconnects whenever it wants. It still overheat's. The charger cord has to be jerry rigged just so i can charge the battery on it. my advice is that if anyone is looking to change to this device, or is looking at a way to fix some problems. dont... just get windstream or hughes net... or groundline/satellite internet. it is way better on cost to reliability.