Image for post
Image for post

I’ve written about Virgin Media and the IPv6 story previously. Something interesting I discovered recently when I was poking around on my network I noticed that there were suddenly two IPv6 routes from a prefix I didn’t recognise, but soon found out they appeared to be from Virgin Media. So I investigated a bit further!

Signs of IPv6 inbound soon?

Something is definitely happening with IPv6 on the Virgin Media WAN side. I can’t be sure exactly when these routes starting appearing, but I’m pretty confident it is fairly recent. Right now, it appears something on the WAN side has changed and my router is picking up two IPv6 routes from it. …


Image for post
Image for post
The Virgin Media Hub3, probably the most infamous ISP provided router ever.

TR-069 is a common protocol used by a variety of Internet Service Providers and network device manufactures for remote administration of network equipment such as switches and routers, so firmware or configuration updates can be pushed on a large scale basis. In the past there have been notable exploits and attacks leveraging TR-069, mainly on consumer routers.

An interesting event occurred, which led me down a bit of a rabbit hole on what looks like a recent change made by Virgin Media in their network, exposed by Shodan.io.

I use Shodan with a paid plan along with it’s IP monitoring service to track various IP addresses that I have to keep an eye on things, on 21st October I got a notification from Shodan, saying an IP address I have monitored suddenly showed TCP 7547 open on a Virgin Media UK IP address. …


Image for post
Image for post

I recently decided that I would get a second fixed broadband line in addition to my existing broadband connection, given my increased working from home pattern per recent world events. Shopping around I found Vodafone Business Broadband a cheap and decent enough package. I decided to go with their Superfast 2 option. This article is intending to be useful for other customers who use Vodafone VDSL but decided they want to bring their own modem to party!

Bringing your own modem (BYOM)

You don’t have to do this, but for my usage and purposes, the Vodafone WiFI Hub (aka the THG3000) isn’t going to cut it, because it lacks any form of bridge mode/modem mode. Regardless I got one anyway. Unfortunately, ever since BT stopped providing and supporting VDSL modems a while ago, the ISPs have had to fill this gap and it’s often the case that such kit is a router/modem combined. Already having an established network setup with an OpenWrt router, I don’t need another router doing NAT, I just want a WAN connection I can hook into an existing router directly, where I can do failover configuration. …


When your main ISP falls short, time to tunnel your way out of trouble!

Image for post
Image for post

I recently decided to test out the L2TP relay service from Andrews & Arnold. I have never had broadband services with them, but had read and heard great things. They offer a L2TP relay service, where you can basically use their network, without having a broadband line with them. Instead you connect via your existing broadband provider (in my case Virgin Media) via L2TP (Layer 2 Tunneling Protocol).

Why would you do this? Well, to explain the quick back story why I became interested in this offering, you might need to read my rather lengthy article on the problems that specifically affect Virgin Media customers with 6in4 IPv6 tunnels. Right now Virgin Media does not have a native IPv6 deployment and because of this, a small group of customers (including myself) are using 6in4 to basically fill in this gap. The problem is, IPv6 with 6in4 through providers like Hurricane Electric or tunnelbroker.ch from SecureBit performs horribly on Virgin Media residential and business connections, and it’s not the tunnel providers, it’s 100% a Virgin Media problem. The issue has been brought back into the spotlight again more recently thanks to ISPReview. …


Water, water everywhere!

Image for post
Image for post

My Dell XPS 9530 was recently the victim of an unfortunate incident involving a mug of water. The outcome, a not very happy and bleepy (beep codes) Dell laptop. While I’ve opened a lot of electronics in my time, I hadn’t up until this point ever needed to do it specifically for water damage but hey there’s always a first time for everything right?! Join me on my diagnosis and assessment of what a water spill can do in a very short space of time to electronic hardware components.

Assessing the damage

Popping off the bottom case to inspect the initial damage. Initially it doesn’t look too bad. There are signs of corrosion below on the PCB below which is the I/O daughterboard for the SD card reader/USB ports (right side), the tell-tale sign is usually discolouration around chips or capacitors where current flows through. …


I wanted SSH access back that badly, I decided to enable it again, by force!

Image for post
Image for post

I’ve been posting about the 4GEE Home Router a lot lately. My main focus has been around regaining SSH access to the router which was once originally possible, but since disabled by EE/Alcatel, in newer firmware updates. My motivation for doing this, is mostly my own curiosity and it’s not always the case an ISP provided router has SSH access available. I’ve already covered this subject in a previous article where I also showed some of the hidden features this router has.

In order to regain SSH access, I looked at a few areas, which mostly led to dead ends, except one, the backup and restore feature. For reference purposes, this was all done with the firmware HH70_E1_02.00_24. …


Image for post
Image for post

Did you know the 4GEE Home Router has several hidden settings pages within the firmware and its own JSON-RPC web API?

The 4GEE Home Router itself is a rebadged Alcatel HH70 used by EE. Behind the scenes it is running a modified version of OpenWrt and is running the GoAhead web server from EmbedThis that serves the EE branded web interface. This can be found in the response headers when accessing the web interface:

curl -v http://192.168.1.1/index.html
* Trying 192.168.1.1...
* TCP_NODELAY set
* Connected to 192.168.1.1 (192.168.1.1) port 80 (#0)
> GET /index.html HTTP/1.1
> Host: 192.168.1.1
> User-Agent: curl/7.58.0
> Accept: */*
>
* HTTP 1.0, assume close after body
< HTTP/1.0 200 OK
< Date: Sun May 17 12:59:38 2020
< Server: GoAhead-Webs/2.5.0


Sorry in advance IPv6 purists, you will be triggered.

Image for post
Image for post

I recently setup mwan3 with a two WAN failover policy that works for both IPv4 and IPv6. I found out a lot of information about various aspects around OpenWrt, IPv6 and mwan3 and thought I’d document them to help others who may be looking at doing something similar.

mwan3 and IPv6

There are a few key areas related to mwan3 and IPv6 that you need to be aware of:

  1. You need to split your IPv4 and IPv6 interfaces as mwan3 currently doesn’t support dual stack interfaces. This is more verbose and increases the amount of network interfaces but can be mananged by using alias interfaces. For your WAN interfaces, you would want to have something like WAN and WAN6. For your second WAN, you’d want WANB and WANB6 and so on. You could also use the naming convention of WAN_6 WANB_6 however you could potentially trigger a known issue with this naming convention, explained here: https://github.com/openwrt/packages/issues/13133


Virgin Media logo
Virgin Media logo

This is a question that has come up a few times in the past. Customers of Virgin Media in the UK on it’s residential broadband have questioned if Virgin Media is traffic shaping protocol 41, the important protocol behind 6in4 IPv6 tunnels, provided by the likes of Hurricane Electric. Virgin Media have consistently denied any shaping of any kind is occurring, but I’m not convinced there isn’t something going on in their network. So I decided to dig a little deeper.

Virgin Media doesn’t “filter” protocol 41, so they aren’t blocking it, we know that for sure as you can run 6in4 tunnels on a Virgin Media connection. …


Image for post
Image for post
Press shot of 4GEE home router

Here’s how I setup a secondary WAN for failover using the 4GEE Home Router as another WAN connection.

Just prefacing this with a small disclaimer, I don’t necessarily endorse doing this specific setup, I chose using EE 4G broadband because I’m already an EE customer and it was the most accessible way for me to obtain another broadband line easily at a reasonable cost.

I’m running OpenWrt on my Linksys WRT3200ACM, it’s single WAN port is being used by my fibre connection from the Virgin Media Super Hub 3 router/modem (running in modem only mode). In order for to bring EE 4G into the mix I need to have another WAN interface configured, most routers will only have one designated WAN port as is the case with mine, but that doesn’t mean you can’t create another! …

About

James White

I'm a web developer, but also like writing about technical networking and security related topics, because I'm a massive nerd!

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store