Community discussions

MikroTik App
 
telecomnetwork2022
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Thu Dec 22, 2022 5:15 pm

ISP

Sat Dec 31, 2022 12:35 pm

i have
Last edited by telecomnetwork2022 on Fri Jan 06, 2023 10:22 am, edited 3 times in total.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: ISP & SPEEDTEST

Sat Dec 31, 2022 12:46 pm

You most probably can't do it. Provider is determined by speedtest server and passed to browser/app via encrypted (https) communication connection which you can not change.
 
erlinden
Forum Guru
Forum Guru
Posts: 1900
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: ISP & SPEEDTEST

Sat Dec 31, 2022 12:47 pm

What problem does it solve? By the public IP address you are always able to determine the ISP.
 
telecomnetwork2022
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Thu Dec 22, 2022 5:15 pm

Re: ISP & SPEEDTEST

Sat Dec 31, 2022 1:09 pm

i found this buts i think too old its not working for me

https://jarkom.net/mengubah-ip-publik-d ... unakan-vpn
 
pe1chl
Forum Guru
Forum Guru
Posts: 10183
Joined: Mon Jun 08, 2015 12:09 pm

Re: ISP & SPEEDTEST

Sat Dec 31, 2022 2:21 pm

Likely you can only achieve what you want by getting one of the commercial VPN services (that is compatible with RouterOS) and route ALL your traffic via that VPN.
(which requires that your router has hardware acceleration for the chosen VPN, or else it will be quite slow)

All those methods that try to identify the traffic are going to fail, either now or in the future.
 
telecomnetwork2022
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Thu Dec 22, 2022 5:15 pm

Re: ISP & SPEEDTEST

Sat Dec 31, 2022 2:25 pm

so i have 2 wan with load balance

when make speedtest show me WAN1 ISP Providor Name sometimes show me WAN2 ISP Providor Name

Can i set any speedtest connection to WAN1 ?
 
pe1chl
Forum Guru
Forum Guru
Posts: 10183
Joined: Mon Jun 08, 2015 12:09 pm

Re: ISP & SPEEDTEST

Sat Dec 31, 2022 2:34 pm

No.
 
User avatar
ingdaka
Trainer
Trainer
Posts: 452
Joined: Thu Aug 30, 2012 3:06 pm
Location: Albania
Contact:

Re: ISP & SPEEDTEST

Sat Dec 31, 2022 3:41 pm

You can set DST port 8080 but this will work only with speedtest.net, all servers or OOKLA use port 8080.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10183
Joined: Mon Jun 08, 2015 12:09 pm

Re: ISP & SPEEDTEST

Sat Dec 31, 2022 4:00 pm

LibreSpeed uses the normal http/https ports, nothing makes it different from a normal website. And it shows the ISP info as well.
 
telecomnetwork2022
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Thu Dec 22, 2022 5:15 pm

Re: ISP & SPEEDTEST

Sun Jan 01, 2023 11:04 am

You can set DST port 8080 but this will work only with speedtest.net, all servers or OOKLA use port 8080.
I Have Adress List contain a website and his IP can you help me to make rule send any connection for this site from client to wan2 not wan 1
 
pe1chl
Forum Guru
Forum Guru
Posts: 10183
Joined: Mon Jun 08, 2015 12:09 pm

Re: ISP & SPEEDTEST

Sun Jan 01, 2023 12:28 pm

It is not possible to make rules for someone else's router when they have not posted an export of their current configuration.
 
telecomnetwork2022
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Thu Dec 22, 2022 5:15 pm

Re: ISP & SPEEDTEST

Sun Jan 01, 2023 1:55 pm

It is not possible to make rules for someone else's router when they have not posted an export of their current configuration.
nothing possible in mikrotik
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 3169
Joined: Sun May 01, 2016 7:12 pm
Location: California

Re: ISP & SPEEDTEST

Sun Jan 01, 2023 2:07 pm

It is not possible to make rules for someone else's router when they have not posted an export of their current configuration.
nothing possible in mikrotik
Too much is possible is the problem, why a sanitized posting of the config helps.

See viewtopic.php?t=182601
 
telecomnetwork2022
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Thu Dec 22, 2022 5:15 pm

Re: ISP & SPEEDTEST

Mon Jan 02, 2023 10:43 am

Nothing impossible in mikrotik the problem sloved

solution :
replace youtube for any website or ip want

Image
Image
Image
Image


thanks for ibrahim almasry egypetion
 
pe1chl
Forum Guru
Forum Guru
Posts: 10183
Joined: Mon Jun 08, 2015 12:09 pm

Re: ISP & SPEEDTEST

Mon Jan 02, 2023 11:24 am

Nothing impossible in mikrotik the problem sloved

solution :
replace youtube for any website or ip want
Yes, THAT is not a problem. The problem is to make this work "for any speedtest" as you originally asked!
You cannot know the IP and not even the DNS name of every speedtest in advance. That is where it fails.
 
telecomnetwork2022
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Thu Dec 22, 2022 5:15 pm

Re: ISP & SPEEDTEST

Mon Jan 02, 2023 11:58 am

Nothing impossible in mikrotik the problem sloved

solution :
replace youtube for any website or ip want
Yes, THAT is not a problem. The problem is to make this work "for any speedtest" as you originally asked!
You cannot know the IP and not even the DNS name of every speedtest in advance. That is where it fails.
no thats wrong you can make it easy throw this following code

ADD Role in Managle = Prerouting / TPC IP 6 protocol / in TSL HOST write *speedtest* and in action make add to address list
the rule will monitor any connection from speedtest website and APP and add all ip in address list (tested 100%)
just you can change aby website want in TSL HOST write *speedtest*

but you cant add all speedtest website in world this is possible so i was needed website one as i mentioned in top post
 
pe1chl
Forum Guru
Forum Guru
Posts: 10183
Joined: Mon Jun 08, 2015 12:09 pm

Re: ISP & SPEEDTEST

Mon Jan 02, 2023 12:40 pm

How does your solution work when you go to http://44.137.42.33/ ??
Or even when you go to http://speedtest.pi9noz.ampr.org/ which is the DNS name of that address?
 
telecomnetwork2022
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Thu Dec 22, 2022 5:15 pm

Re: ISP & SPEEDTEST

Mon Jan 02, 2023 1:08 pm

How does your solution work when you go to http://44.137.42.33/ ??
Or even when you go to http://speedtest.pi9noz.ampr.org/ which is the DNS name of that address?
Just Write *ampr* in TSL host and the rule will automaticly add all ips and domain to the new list
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: ISP & SPEEDTEST

Mon Jan 02, 2023 1:24 pm

@telecomnetwork2022:
@pe1chl is absolutely right, and it is perfectly useless to contradict him,
it is impossible to know in advance all the names and all the IPs of the dozens of thousands of speedtests that exist.

Just for example, not all speedtest have speed and test on name:
speedsmart . net
fast . com
meter . net
etc.

And tag "speed" you can broken connection, for example for "speed pay", "fast pay", etc.

(and with TLS 1.3 any "TLS" rule is absolutely useless)
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: ISP & SPEEDTEST

Mon Jan 02, 2023 1:29 pm

@pe1chl
🍾
 
telecomnetwork2022
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Thu Dec 22, 2022 5:15 pm

Re: ISP & SPEEDTEST

Mon Jan 02, 2023 1:33 pm

@telecomnetwork2022:
@pe1chl is absolutely right, and it is perfectly useless to contradict him,
it is impossible to know in advance all the names and all the IPs of the dozens of thousands of speedtests that exist.

Just for example, not all speedtest have speed and test on name:
speedsmart . net
fast . com
meter . net
etc.

And tag "speed" you can broken connection, for example for "speed pay", "fast pay", etc.

(and with TLS 1.3 any "TLS" rule is absolutely useless)
no connection will not broken just he go to another isp in mikrotik are thats right
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: ISP & SPEEDTEST

Mon Jan 02, 2023 2:06 pm

no connection will not broken just he go to another isp in mikrotik are thats right
I do not want go on details, but, for example, simply the payment platform want the same IP,
if one of called subdomains or domain with other names is reached with the other IP,
for security reason can not be completed the payment.
 
telecomnetwork2022
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Thu Dec 22, 2022 5:15 pm

Re: ISP & SPEEDTEST

Mon Jan 02, 2023 2:27 pm

no connection will not broken just he go to another isp in mikrotik are thats right
I do not want go on details, but, for example, simply the payment platform want the same IP,
if one of called subdomains or domain with other names is reached with the other IP,
for security reason can not be completed the payment.
in this case you can remove TSL host domain and fill address list manual with IP website you want thank
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: ISP & SPEEDTEST

Mon Jan 02, 2023 2:42 pm

it is impossible to know in advance all the names and all the IPs of the dozens of thousands of speedtests that exist.
...and the lists are constantly changing, the same site can very well have different IPs for each test done.

Ok, you don't like to get the point, I don't like to answer this again.
 
telecomnetwork2022
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Thu Dec 22, 2022 5:15 pm

Re: ISP & SPEEDTEST

Mon Jan 02, 2023 2:58 pm

it is impossible to know in advance all the names and all the IPs of the dozens of thousands of speedtests that exist.
...and the lists are constantly changing, the same site can very well have different IPs for each test done.

Ok, you don't like to get the point, I don't like to answer this again.
any way . Thank you for your join my post
 
pe1chl
Forum Guru
Forum Guru
Posts: 10183
Joined: Mon Jun 08, 2015 12:09 pm

Re: ISP & SPEEDTEST

Mon Jan 02, 2023 3:13 pm

How does your solution work when you go to http://44.137.42.33/ ??
Or even when you go to http://speedtest.pi9noz.ampr.org/ which is the DNS name of that address?
Just Write *ampr* in TSL host and the rule will automaticly add all ips and domain to the new list
That will not work because this server does not use TLS. Furthermore, it would be unwarranted because the ampr.org domain contains many services and only a few speedtest servers.

It also is not clear why you want all this at all. It seems like you are bothered by the fact that the users reveal that your traffic is sometimes routed via ISP #2, that must be hidden from them.
However, what if they instead of a speedtest visit a "what is my IP" site? E.g. whatismyip.com. That will display the same (or even more) information.
Are you going to redirect those to ISP #1 as well? Where does it end?
no connection will not broken just he go to another isp in mikrotik are thats right
That is not really true, the first connection to any site that matches your criteria is likely to be broken. You cannot route a TCP connection that is already established halfway through.
 
telecomnetwork2022
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Thu Dec 22, 2022 5:15 pm

Re: ISP & SPEEDTEST

Mon Jan 02, 2023 4:23 pm



Just Write *ampr* in TSL host and the rule will automaticly add all ips and domain to the new list
That will not work because this server does not use TLS. Furthermore, it would be unwarranted because the ampr.org domain contains many services and only a few speedtest servers.

It also is not clear why you want all this at all. It seems like you are bothered by the fact that the users reveal that your traffic is sometimes routed via ISP #2, that must be hidden from them.
However, what if they instead of a speedtest visit a "what is my IP" site? E.g. whatismyip.com. That will display the same (or even more) information.
Are you going to redirect those to ISP #1 as well? Where does it end?
no connection will not broken just he go to another isp in mikrotik are thats right
That is not really true, the first connection to any site that matches your criteria is likely to be broken. You cannot route a TCP connection that is already established halfway through.
oH ? Are you mean the server can route just one connection in same time ?
 
pe1chl
Forum Guru
Forum Guru
Posts: 10183
Joined: Mon Jun 08, 2015 12:09 pm

Re: ISP & SPEEDTEST

Mon Jan 02, 2023 4:52 pm

oH ? Are you mean the server can route just one connection in same time ?
No, what I mean is: when loadbalancing has initiated a connection via ISP #2 and you detect that using your TLS host rule, it is too late to reroute that to ISP #1.
Depending on how you do the rerouting, the connection will either fail or it will complete via ISP #2 (and only the next connection will be rerouted).
 
telecomnetwork2022
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Thu Dec 22, 2022 5:15 pm

Re: ISP & SPEEDTEST

Mon Jan 02, 2023 4:59 pm

oH ? Are you mean the server can route just one connection in same time ?
No, what I mean is: when loadbalancing has initiated a connection via ISP #2 and you detect that using your TLS host rule, it is too late to reroute that to ISP #1.
Depending on how you do the rerouting, the connection will either fail or it will complete via ISP #2 (and only the next connection will be rerouted).
I understand you but in case we can move the rule in up it will have priority to excute by server before other rule is that right ?
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: ISP & SPEEDTEST

Mon Jan 02, 2023 8:30 pm

No. The way TCP works (TLS is no exception) is this:
  1. client sends TCP packet without payload, only meaningful thing is SYN flag
  2. server sends reply without any payload. The only meaningful thing are SYN+ACK flags
  3. client sends anotger packet. Most often is again without payload, only ACK flag. Sometimes this packet carries some payliad, but not often
  4. client sends payload, which in TLS case carries SNI (in v1.2 and earlier it's plaintext, in v1.3 it's encrypted as well)
  5. server sends TLS feedback
  6. data exchange starts

So only in step #4 it's possible to re-route request via another ISP (if that's what you want) and that's waaay too late to "save" the connection ... and server will drop connection (because change in SRC address will be seen as invalid connection from the new SRC address). And this really doesn't depend on rule priority on router/firewall ...
If address list updating works as intended, the next connection attempt will be routed towards ISP#2 already in step #1 and connection will eventually succeed.
 
telecomnetwork2022
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Thu Dec 22, 2022 5:15 pm

Re: ISP & SPEEDTEST

Tue Jan 03, 2023 11:16 am

No. The way TCP works (TLS is no exception) is this:
  1. client sends TCP packet without payload, only meaningful thing is SYN flag
  2. server sends reply without any payload. The only meaningful thing are SYN+ACK flags
  3. client sends anotger packet. Most often is again without payload, only ACK flag. Sometimes this packet carries some payliad, but not often
  4. client sends payload, which in TLS case carries SNI (in v1.2 and earlier it's plaintext, in v1.3 it's encrypted as well)
  5. server sends TLS feedback
  6. data exchange starts

So only in step #4 it's possible to re-route request via another ISP (if that's what you want) and that's waaay too late to "save" the connection ... and server will drop connection (because change in SRC address will be seen as invalid connection from the new SRC address). And this really doesn't depend on rule priority on router/firewall ...
If address list updating works as intended, the next connection attempt will be routed towards ISP#2 already in step #1 and connection will eventually succeed.
Thank for everybody What matters is that my issue has been resolved
 
pe1chl
Forum Guru
Forum Guru
Posts: 10183
Joined: Mon Jun 08, 2015 12:09 pm

Re: ISP & SPEEDTEST

Tue Jan 03, 2023 12:34 pm

Thank for everybody What matters is that my issue has been resolved
We don't think so. Either you had no issue at all, or it has not been (completely) resolved. Because that is impossible.
 
telecomnetwork2022
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Thu Dec 22, 2022 5:15 pm

Re: ISP & SPEEDTEST

Tue Jan 03, 2023 3:45 pm

Thank for everybody What matters is that my issue has been resolved
We don't think so. Either you had no issue at all, or it has not been (completely) resolved. Because that is impossible.
Can you Explaine me what the different between pcc load balance Firewall Mangle Rule and the Rule i use to Reroute Connection to onother ISP
the tow Rule = Same Resault but in pcc load balance the route will go automatic \
tow rule have mark connections and prerouting
and in Reroute Connection will go manual
 
telecomnetwork2022
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Thu Dec 22, 2022 5:15 pm

Re: ISP & SPEEDTEST

Tue Jan 03, 2023 10:02 pm

CAN YOU SEE THIS VIDEO ?
https://youtu.be/XuTuIonXsns
 
ganggumalam
just joined
Posts: 3
Joined: Wed Dec 06, 2017 2:02 am
Contact:

Re: ISP

Tue Jan 31, 2023 11:46 pm

if you want to rename ISP on speedtest you view https://damastik.com/change-mikrotik-is ... speedtest/

Who is online

Users browsing this forum: BinaryTB, Bing [Bot] and 72 guests