portmaster icon indicating copy to clipboard operation
portmaster copied to clipboard

Published 20 hours ago verified publisher icon safing

Why ICMP ping 1.1.1.1 ?

Open Rexadev opened this issue 2 years ago • 6 comments

image

Use 9.9.9.9

Rexadev avatar Aug 27 '22 12:08 Rexadev

As far as I know it is used to check if the device is online. Right @dhaavi?

ghost avatar Aug 29 '22 06:08 ghost

Not quite, but similar.

Portmaster never actually send a ping all the way to 1.1.1.1 - these are traceroute packages with low TTL values. Portmaster uses these to determine where on the Internet it is, without any server involved, and thus, maximum privacy.

In pretty much every case, the packet would never reach 1.1.1.1, but only your ISP.

1.1.1.1 is preferred over 9.9.9.9, as it is more common and it is easier to hide.

dhaavi avatar Sep 15 '22 13:09 dhaavi

Portmaster uses these to determine where on the Internet it is,

What

without any server involved, and thus, maximum privacy.

What

In pretty much every case, the packet would never reach 1.1.1.1, but only your ISP.

How? Why?

Rexadev avatar Sep 15 '22 17:09 Rexadev

Should also use 9.9.9.9 and 8.8.8.8 as fallback @dhaavi

Rexadev avatar Sep 21 '22 09:09 Rexadev

Portmaster uses these to determine where on the Internet it is,

What

The Portmaster tries to identify it's location so it can choose a somewhat near entry-node into the SPN. Also, this serves as an online check so the PM knows if the device is online or not.

without any server involved, and thus, maximum privacy.

What

In pretty much every case, the packet would never reach 1.1.1.1, but only your ISP.

As @dhaavi already explained, the ICMP packets are sent with low TTL values which means they will expire early when being handed between the routers of your ISP. The router that expires the packet send and ICMP error message back to the portmaster. This packet contains the IP address of the router. The portmaster uses this error messages to detect the first router that has a public IP and thus is the one that is actually exposed to the internet. This is the same technique as used in traceroute applications.

Should also use 9.9.9.9 and 8.8.8.8 as fallback

Also, there's no need for a fallback because the packets never actually reach the target server. And as @dhaavi also explained, 1.1.1.1 is preferred over 9.9.9.9 as it's more common and add some additional "noise" to the packets sent to your ISP.

ppacher avatar Sep 22 '22 10:09 ppacher

The Portmaster tries to identify it's location so it can choose a somewhat near entry-node into the SPN. Also, this serves as an online check so the PM knows if the device is online or not.

I dont use SPN

Rexadev avatar Sep 22 '22 13:09 Rexadev

Interesting since you complain about the SPN DNS Exit Node rules not being working....

Nevertheless, I'll discuss with the team if there's still a reason to try to identify the network location even if the SPN is not used. While I'm working on most of Portmaster core parts I'm not entirely sure if that check is required for captive portal detection. I'll post here as soon as I have more information on that.

ppacher avatar Sep 25 '22 17:09 ppacher

Interesting since you complain about the SPN DNS Exit Node rules not being working....

Sorry I misread the documentation and was in a hurry to report

Rexadev avatar Sep 25 '22 18:09 Rexadev