Tracert information. Need everyones help that is having lag or connection issues please.

Goldie · April 2014

Not sure about all of this "tracert" talk, but this helped me a GREAT deal! Try it out as a simple fix, it doesn't stop all of the loadscreen crashes and stalls, but greatly increased load times and slightly increased my FPS overall. Not saying this is a fix all by any means but it did make a huge difference!

http://youtu.be/iOqRVTXbq2M

Wreaken · April 2014

chizarira39rwb17_ESO wrote: »

Where did you get the IP address that you are using from?

In task manager under resource manager > networking activity > check eso.exe

wrlifeboil · April 2014

chizarira39rwb17_ESO wrote: »

Where did you get the IP address that you are using from?

If you mean the eso server, run "perfmon /res" as adminstrator while eso is running, go to the Network tab and look for the ip address for eso.exe

chizarira39rwb17_ESO · April 2014

OK cos the one I am using I am getting from their game consultant and it is different

Tristis Oris · April 2014

the server has no IP address, its a cluster with a bunch of IP addresses. In consultant you ping external address of the gateway through which all traffic goes.

chizarira39rwb17_ESO · April 2014

Oh guess that doesnt help that I am probably giving the wrong information to my service provider then *sigh*

Uncle_Bob · April 2014

I can really see this happening...

ZOS - "Excuse me internet, OP says you're slow, can you fix your network so they have a better experience online"

Auric_ESO · April 2014

chizarira39rwb17_ESO wrote: »

The only thing I cant figure out is why I am only affected after 3pm my time, I can play perfectly fine prior to that - this is why I am thinking it is something to do with my ISP. I am hoping that I might get a result that might actually be of use to other players with this problem - here's hoping

Either 1of two things. Load goes up on a bad connection and starts to have issue or more likely it's called time of day routing. Carrier will often have a schedule to whom they route thier traffic to depending on who is cheapest. They could be making a routing change at 3pm and then you start hitting the bad hop

Auric_ESO · April 2014

Wreaken wrote: »

wrlifeboil wrote: »

Viperoz wrote: »

wrlifeboil wrote: »

Viperoz wrote: »

This is my trace-route tonight during the lag period.
Tracing route to 198.20.200.167 over a maximum of 30 hops

5 183 ms 181 ms 182 ms 203.134.2.138
6 183 ms 181 ms 202 ms 173.241.128.13
7 194 ms 193 ms 202 ms 77.67.78.94
8 242 ms 241 ms 244 ms 12.122.86.202
9 245 ms 243 ms 241 ms 12.122.31.133
10 241 ms 242 ms 243 ms 12.122.28.177
11 238 ms 238 ms 239 ms 12.122.138.25
12 12.250.61.26 reports: Destination net unreachable.

Trace complete.

tracert -d 198.20.200.55

Tracing route to 198.20.200.55 over a maximum of 30 hops

5 182 ms 182 ms 181 ms 203.134.2.138
6 182 ms 182 ms 181 ms 173.241.128.13
7 279 ms 194 ms 193 ms 77.67.78.94
8 242 ms 241 ms 240 ms 12.122.86.202
9 240 ms 239 ms 239 ms 12.122.31.133
10 241 ms 241 ms 241 ms 12.122.28.177
11 320 ms 270 ms 328 ms 12.122.138.25
12 * * * Request timed out.
13 * * * Request timed out.
14 12.250.61.22 reports: Destination net unreachable.

Just curious, try a traceroute to AT&T on the West Coast at 192.205.36.9.

Times out at jump 7 173.241.128.13

You are going to have to beg/plead with your ISP to change its routing tables as the poster above wrote. I've forgotten the specifics about how Aussies got their best pings to WoW's Los Angeles server years ago but one routing went through Washington state. I know it is or was possible to get into AT&T's network through Hawaii (which is very reliable if you live in Hawaii) to play WoW but never heard of Aussies being routed that way.

Not correct, at all.

Netcoding can dictate where it pulls from, aside from many other things that it does, for example. The way that lag is "prevented" is that it is hidden. Information that does not exist yet (it happened in Australia, but you won't know for ~100+ miliseconds, because its traveling at only the speed of light to your computer) is simply made up. Thats right, you make up the information, and your computer will play with the made up information.

In ~100 milliseconds, the information of your opponent will appear. Its a bit slow, but it should be enough to synchronize things just a little bit.

So really, a good "netcode" predicts what your opponent will do, and then displays it to you with reasonable accuracy. It can be cubic splines (in a FPS) or something similar... but at the end of the day, your netcode will have to make up information if your players want "low lag" in these conditions.

It is possible that maybe the netcoding of the game needs some fine tuning or optimizing.

That being said, ZOS has the power to talk to the companies and convey with them on how to resolve the issue with the ports at the node to allow free flow through, and it would be in ZOS's best interest to do so and not just for Australian users, EU and USA players will benefit from it also.

Only sorta correct. They have the ability to affect only those that they connect directly carrierA to and by extension to whomever carrierA connects to (carrierB). If the problem lies on carrierF's connection the most they can do is polite email asking them to fix it. They cannot directly influence them to do anything.

Kalston · April 2014

Those things are pretty complicated but what you need to understand is that bandwidth isn't free and unlimited (even for ISPs and other companies) and gaming is not really a priority for the vast majority of ISPs (unlike trading for example, where they always use the most responsive and most expensive routes). Good luck convincing them (I'm not saying it's impossible), and issues like these are fixed by using a VPN (in case you didn't already know) but that usually costs some money. *here I am assuming the problem is not on Zeni's end because I have seen no conclusive proof that it is*

But I'll say it again : your traceroutes show (almost) nothing. Just a bunch of routers. I have no issues (not even packet loss) on zeni servers and yet my traceroutes will show the same final "unreachable destination" (and the last IP is also the same) as Viperoz even though I'm playing from Europe with 140ms.

If you run a WinMTR for a while then we can see the packet loss and get a much better idea of where the problem is. Tracert is not the appropriate tool to diagnose an issue that isn't happening 100% of the time.

I've even seen ISPs blocking tracerts btw (and no, it was not a firewall or my router and it took a while for them to fix it, and that's just because I asked them to

tracetcp still worked though / or doing tracert behind my vpn)

Wreaken · April 2014

Uncle_Bob wrote: »

I can really see this happening...

ZOS - "Excuse me internet, OP says you're slow, can you fix your network so they have a better experience online"

Nice try to look witty, but that's not how communication relations work.

Wreaken · April 2014

Auric_ESO wrote: »

Wreaken wrote: »

wrlifeboil wrote: »

Viperoz wrote: »

wrlifeboil wrote: »

Viperoz wrote: »

This is my trace-route tonight during the lag period.
Tracing route to 198.20.200.167 over a maximum of 30 hops

5 183 ms 181 ms 182 ms 203.134.2.138
6 183 ms 181 ms 202 ms 173.241.128.13
7 194 ms 193 ms 202 ms 77.67.78.94
8 242 ms 241 ms 244 ms 12.122.86.202
9 245 ms 243 ms 241 ms 12.122.31.133
10 241 ms 242 ms 243 ms 12.122.28.177
11 238 ms 238 ms 239 ms 12.122.138.25
12 12.250.61.26 reports: Destination net unreachable.

Trace complete.

tracert -d 198.20.200.55

Tracing route to 198.20.200.55 over a maximum of 30 hops

5 182 ms 182 ms 181 ms 203.134.2.138
6 182 ms 182 ms 181 ms 173.241.128.13
7 279 ms 194 ms 193 ms 77.67.78.94
8 242 ms 241 ms 240 ms 12.122.86.202
9 240 ms 239 ms 239 ms 12.122.31.133
10 241 ms 241 ms 241 ms 12.122.28.177
11 320 ms 270 ms 328 ms 12.122.138.25
12 * * * Request timed out.
13 * * * Request timed out.
14 12.250.61.22 reports: Destination net unreachable.

Just curious, try a traceroute to AT&T on the West Coast at 192.205.36.9.

Times out at jump 7 173.241.128.13

You are going to have to beg/plead with your ISP to change its routing tables as the poster above wrote. I've forgotten the specifics about how Aussies got their best pings to WoW's Los Angeles server years ago but one routing went through Washington state. I know it is or was possible to get into AT&T's network through Hawaii (which is very reliable if you live in Hawaii) to play WoW but never heard of Aussies being routed that way.

Not correct, at all.

Netcoding can dictate where it pulls from, aside from many other things that it does, for example. The way that lag is "prevented" is that it is hidden. Information that does not exist yet (it happened in Australia, but you won't know for ~100+ miliseconds, because its traveling at only the speed of light to your computer) is simply made up. Thats right, you make up the information, and your computer will play with the made up information.

In ~100 milliseconds, the information of your opponent will appear. Its a bit slow, but it should be enough to synchronize things just a little bit.

So really, a good "netcode" predicts what your opponent will do, and then displays it to you with reasonable accuracy. It can be cubic splines (in a FPS) or something similar... but at the end of the day, your netcode will have to make up information if your players want "low lag" in these conditions.

It is possible that maybe the netcoding of the game needs some fine tuning or optimizing.

That being said, ZOS has the power to talk to the companies and convey with them on how to resolve the issue with the ports at the node to allow free flow through, and it would be in ZOS's best interest to do so and not just for Australian users, EU and USA players will benefit from it also.

Only sorta correct. They have the ability to affect only those that they connect directly carrierA to and by extension to whomever carrierA connects to (carrierB). If the problem lies on carrierF's connection the most they can do is polite email asking them to fix it. They cannot directly influence them to do anything.

Yep and that's all we are asking, and 9 times out of ten, most carriers are more then happy to help.

Wreaken · April 2014

louisrabierb16_ESO wrote: »

Those things are pretty complicated but what you need to understand is that bandwidth isn't free and unlimited (even for ISPs and other companies) and gaming is not really a priority for the vast majority of ISPs (unlike trading for example, where they always use the most responsive and most expensive routes). Good luck convincing them (I'm not saying it's impossible), and issues like these are fixed by using a VPN (in case you didn't already know) but that usually costs some money. *here I am assuming the problem is not on Zeni's end because I have seen no conclusive proof that it is*

But I'll say it again : your traceroutes show (almost) nothing. Just a bunch of routers. I have no issues (not even packet loss) on zeni servers and yet my traceroutes will show the same final "unreachable destination" (and the last IP is also the same) as Viperoz even though I'm playing from Europe with 140ms.

If you run a WinMTR for a while then we can see the packet loss and get a much better idea of where the problem is. Tracert is not the appropriate tool to diagnose an issue that isn't happening 100% of the time.

I've even seen ISPs blocking tracerts btw (and no, it was not a firewall or my router and it took a while for them to fix it, and that's just because I asked them to tracetcp still worked though / or doing tracert behind my vpn)

The issue here is, VPN's, Proxies and tunnelling services are not supported by ZOS.

So until they support it, it is a hit and miss with possible bans.

Uncle_Bob · April 2014

Wreaken wrote: »

Uncle_Bob wrote: »

I can really see this happening...

ZOS - "Excuse me internet, OP says you're slow, can you fix your network so they have a better experience online"

Nice try to look witty, but that's not how communication relations work.

my bad, forgot to close the tag

</sarcasm>

Kalston · April 2014

Wreaken wrote: »

The issue here is, VPN's, Proxies and tunnelling services are not supported by ZOS.

So until they support it, it is a hit and miss with possible bans.

Of course they are, there is no such thing as "supporting" a VPN unless you don't really know what it is. I've used one myself many times on ESO. It's just a virtual network adapter with a higher priority than your physical one so that Windows routes the traffic through it. * Applications just see a different IP.

It is exactly the same as using a different connection/ISP and that is the whole point for someone like me (when I'm at home, the vpns I use at work are used for security reasons of course). If vpns were not allowed then people with a dynamic ip wouldn't be able to play either.

*and that is only a basic, user friendly VPN. You could tell your OS to only route some specific traffic through it rather than use it for everything.

chizarira39rwb17_ESO · April 2014

OK well I have run game consultant reports both last night when I couldnt interact in game and this morning when I could - to me they looked both the same. I used the IP addresses from those game consultant reports to run ping and tracert from the command prompt and have emailed the results to Iprimus. Can I suggest that anyone else that is with Iprimus open a support ticket with them and do the same, Dont talk to level 1 support though, they dont have a clue, get yourselves escalated to level 2 - at least the guy I spoke to opened a ticket for me and seemed to have some idea what he was talking about

Wreaken · April 2014

louisrabierb16_ESO wrote: »

Wreaken wrote: »

The issue here is, VPN's, Proxies and tunnelling services are not supported by ZOS.

So until they support it, it is a hit and miss with possible bans.

Of course they are, there is no such thing as "supporting" a VPN unless you don't really know what it is. I've used one myself many times on ESO. It's just a virtual network adapter with a higher priority than your physical one so that Windows routes the traffic through it. * Applications just see a different IP.

It is exactly the same as using a different connection/ISP and that is the whole point for someone like me (when I'm at home, the vpns I use at work are used for security reasons of course). If vpns were not allowed then people with a dynamic ip wouldn't be able to play either.

*and that is only a basic, user friendly VPN. You could tell your OS to only route some specific traffic through it rather than use it for everything.

I live in Australia, the home of dynamic IP's and connect just fine without a VPN. Everytime I reset my modem, I get assigned with a new IP address and it connects, just fine.

A lot of Developers block the IP addresses commonly asscioated with VPN's, Tunneling services and proxies because they hide behind masked IP addresses, now unless you set up your VPN or the service uses your IP address then that is a different story which some do today because of this issue.

The only thing I see VPN's being useful for is if you are having trouble connecting to the launcher/client and you create a point-to-point connection through the use of a dedicated connection that would be otherwise blocked OR having issues, essentially becoming a tunnel.

That all being said, a multitude of people have reported not being able to connect to ESO using tunnelling services like WTFast, Smoothping etc. Most of these companies that are more well known have a compatibility list and ESo hits none of them with a forum full of people asking for help and the Programmers on these sites saying it is out of their hands until ZOS allows it.

Auric_ESO · April 2014

Wreaken wrote: »

louisrabierb16_ESO wrote: »

Wreaken wrote: »

The issue here is, VPN's, Proxies and tunnelling services are not supported by ZOS.

So until they support it, it is a hit and miss with possible bans.

Of course they are, there is no such thing as "supporting" a VPN unless you don't really know what it is. I've used one myself many times on ESO. It's just a virtual network adapter with a higher priority than your physical one so that Windows routes the traffic through it. * Applications just see a different IP.

It is exactly the same as using a different connection/ISP and that is the whole point for someone like me (when I'm at home, the vpns I use at work are used for security reasons of course). If vpns were not allowed then people with a dynamic ip wouldn't be able to play either.

*and that is only a basic, user friendly VPN. You could tell your OS to only route some specific traffic through it rather than use it for everything.

I live in Australia, the home of dynamic IP's and connect just fine without a VPN. Everytime I reset my modem, I get assigned with a new IP address and it connects, just fine.

A lot of Developers block the IP addresses commonly asscioated with VPN's, Tunneling services and proxies because they hide behind masked IP addresses, now unless you set up your VPN or the service uses your IP address then that is a different story which some do today because of this issue.

The only thing I see VPN's being useful for is if you are having trouble connecting to the launcher/client and you create a point-to-point connection through the use of a dedicated connection that would be otherwise blocked OR having issues, essentially becoming a tunnel.

That all being said, a multitude of people have reported not being able to connect to ESO using tunnelling services like WTFast, Smoothping etc. Most of these companies that are more well known have a compatibility list and ESo hits none of them with a forum full of people asking for help and the Programmers on these sites saying it is out of their hands until ZOS allows it.

Edit: deleted my whole post after reading your post again. The only reason to use a VPN in relation to a game is if the route used by the VPN is better than going over the internet (battle ping, wtfast, etc) or to bypass a really bad route in the general internet. Bath can be useful. Never heard of developers blocking common VPN service companies unless they are shady. I've been running servers and playing fps and mmo's since ut99. Maybe that came up once but I've never heard of it.

Edit: I've read your last paragraph like 5 times now and it doesn't make any sense. Zos doesnt need to allow people to use thier tunneling software. You cant even tell. Unless it's not a VPN and it's something else. Now I gotta go look because that's got to be wrong. I just used a VPN from my home in Los Angeles to UCLA and eso ran fine. Then ran it to a VPN in Japan and it runs fine though leggy. It's not a VPN thing

RinaldoGandolphi · April 2014

I am, not sure how you think this is going to solve anything.

the last 8 hops from MY system to that address ALL say

* Request timeout
* Request Timeout
* Request Timeout
* Request Timeout
* Request Timeout
* Request Timeout
* Request Timeout
* Request Timeout

However this doesn't mean anything at all. I have never had any disconnect issues whatsoever with this game.

All those "Request Timeout" message only mean the upstream gateways are rejecting ICMP Code 3 "Destination Host Unreachable Packets"

Many ISP do this for security reason, and they are not going to open these up either I can tell you that. They may respond to standard ping, but block the other ICMP Codes. It all depends on network requirements and there is no right or wrong way...I allow:

ICMP Echo Request
ICMP Echo Reply
ICMP Destination Host Unreachable
ICMP Time Exceeded

On the networks I run, and block the rest. I am a Network Engineer, I have held CompTIA Network +, Cisco CCNA(Cisco Certified Network Administrator) and CCNP (Cisco Certified Network Professional), and the Microsoft Windows and Server certifications. Your talking to a guy who makes his own CAT5E, and Cat6 cables for his networks because pre-made ones are junk and I can't tell you how many i have seen bought that fail cable testing.

ICMP Destination Host Unreachable means the upstream router can't find the specified IP Address in its routing table. Thats what that message means. It could be a configuration error on the part of Zenimax and BGP(Border Gateway Protocol).

Furthermore, 198.20.200.55 doesn't even have a proper DNS record set up for it. I just queried Level 3 Communications DNS Servers (They are part of the DNS Backbone for the North American Region, I would call them "part of the DNS Root Zone" and there is no DNS information available for that IP Address via NSlookup.....run nslookup 198.20.200.55 on your commandline, if Level 3 has no records, then the root zone doesn't either,and that could be a problem.

Your prepared to blame other ISP's when Zenimax don't even have a proper DNS record for their servers? Honestly?

Lastly, ICMP was never designed to be used to test/verify connectivity

RFC 792

The Internet Protocol is not designed to be absolutely reliable. The
purpose of these control messages is to provide feedback about
problems in the communication environment, not to make IP reliable.
There are still no guarantees that a datagram will be delivered or a
control message will be returned. Some datagrams may still be
undelivered without any report of their loss. The higher level
protocols that use IP must implement their own reliability procedures
if reliable communication is required.

You can't ping MSN.com, yet its still reachable and usable. Thats just one of many examples why ICMP shouldn't be relied on the be a absolute test of connectivity, because it wasn't designed for that purpose, the RFC 792 even says it wasn't.

Also, since Zenimax's server and game files are not Open Source, we are not privy to know exactly how they are handling things. 9 out of 10 home consumer routers block all ICMP, so online games work by falling back on some form of UDP and checksums (to put it very simply), and in that case those Destination Unreachable messages may not have anything to do with your connectivity issues.

Lastly, just doing a standard ping of Zenimax server 198.20.200.55 results in a "Request Timed Out Message" which means Zenimax is blocking ICMP (Echo Request and Echo Reply at least) anyways.....

I don't think these destination unreachable messages are anything to be concerned about...the fact i receive 8 "request timed out" messages before reaching there server tells me most of the routers between me and Zenimax are blocking ICMP code anyways and is not a reliable manner of testing my connection because I have never been kicked from this unless they are doing maintenance, and none of my friends are either. not one of my 25 + friends are having problems with this game connection wise.

Then again I am on Comcast in the USA, and say what you want bad about Comcast, but they were the 1st ISP in the USA to go full blown IPv6...there network is 100% ready and has been for nearly 3 years....most other countries let alone other US ISP are not even close to the IPv6 deployment Comcast has rolled out.

Disconnects in this game are 100% related to Latency...your download and upload spped don't mean squat when it comes to latency....a player with a 1.5MB DSL connection and a latency of 30MS will have a better expereince in any online game then a player with a 75MB connection and a latency of 65ms....

Go to http://www.pingtest.net/

and run a pingtest (requires Java) test various locations across the world.

If your ping is more then 70ms to the US then your going to have issues with this game, and nothing short of moving the EU server is going to solve that. using pingtest from Australia, and run a test against a server on the east coast..say Washington DC, etc...if your latency is higher then 70, maybe even 60, expect issues....its just the nature of the beast.

I have a latency of 23ms and a solid A+ connection, perhaps thats why I don't have any issues.

Best of luck folks!

Wreaken · April 2014

Auric_ESO wrote: »

Wreaken wrote: »

louisrabierb16_ESO wrote: »

Wreaken wrote: »

The issue here is, VPN's, Proxies and tunnelling services are not supported by ZOS.

So until they support it, it is a hit and miss with possible bans.

Of course they are, there is no such thing as "supporting" a VPN unless you don't really know what it is. I've used one myself many times on ESO. It's just a virtual network adapter with a higher priority than your physical one so that Windows routes the traffic through it. * Applications just see a different IP.

It is exactly the same as using a different connection/ISP and that is the whole point for someone like me (when I'm at home, the vpns I use at work are used for security reasons of course). If vpns were not allowed then people with a dynamic ip wouldn't be able to play either.

*and that is only a basic, user friendly VPN. You could tell your OS to only route some specific traffic through it rather than use it for everything.

I live in Australia, the home of dynamic IP's and connect just fine without a VPN. Everytime I reset my modem, I get assigned with a new IP address and it connects, just fine.

A lot of Developers block the IP addresses commonly asscioated with VPN's, Tunneling services and proxies because they hide behind masked IP addresses, now unless you set up your VPN or the service uses your IP address then that is a different story which some do today because of this issue.

The only thing I see VPN's being useful for is if you are having trouble connecting to the launcher/client and you create a point-to-point connection through the use of a dedicated connection that would be otherwise blocked OR having issues, essentially becoming a tunnel.

That all being said, a multitude of people have reported not being able to connect to ESO using tunnelling services like WTFast, Smoothping etc. Most of these companies that are more well known have a compatibility list and ESo hits none of them with a forum full of people asking for help and the Programmers on these sites saying it is out of their hands until ZOS allows it.

Wreaken. You sound amazingly like you know what you are talking about but your entire post makes no sense. Devs don't block VPN ports or protocols. Otherwise nobody could connect. Ie like you did say a VPN is like a tunnel. But not from you to the eso server but from you to a wtfast endpoint hopefully fairly close to Dallas then your traffic runs normally through the internet to eso. It just gets you over the internet via a properly routed optioned route. Just to test I just ran eso through a VPN through work and it runs fine. Both via an ssl and IPSec tunnel. Don't know why I did since I know exactly what I am talking about. It's my job to know.

VPN's are only temp fixes to something that shouldn't exist in the first place, but unfortunately do. VPN's aren't even really suppose to be designed for online gaming, but again, are sometimes needed for people who have issues connecting. VPN's are technically a WAN, and are really only needed if you want the extra security of using your system or accounts (game accounts in this scenario) over a public network, for example your local WiFi hot spots or from a LAN at your local coffee shop.

Another example here would be if your college blocks certain ports, the user can forward traffic from those blocked ports to another local machine which will still connect to the remote server's port that has those ports open. That is of course if your network admin won't allow traffic through those ports of course, then a VPN is a work around in this instance.

IP security (IPSec): IPSec is often used to secure Internet communications and can operate in two modes. Transport mode only encrypts the data packet message itself while Tunneling mode encrypts the entire data packet. This protocol can also be used in tandem with other protocols to increase their combined level of security.
Layer 2 Tunneling Protocol (L2TP)/IPsec: The L2TP and IPsec protocols combine their best individual features to create a highly secure VPN client. Since L2TP isn't capable of encryption, it instead generates the tunnel while the IPSec protocol handles encryption, channel security, and data integrity checks to ensure all of the packets have arrived and that the channel has not been compromised.
Secure Sockets Layer (SSL) and Transport Layer Security (TLS): SSL and TLS are used extensively in the security of online retailers and service providers. These protocols operate using a handshake method. As IBM explains, "A HTTP-based SSL connection is always initiated by the client using a URL starting with https:// instead of with http://. At the beginning of an SSL session, an SSL handshake is performed. This handshake produces the cryptographic parameters of the session." These parameters, typically digital certificates, are the means by which the two systems exchange encryption keys, authenticate the session, and create the secure connection.
Point-to-Point Tunneling Protocol (PPTP): PPTP is a ubiquitous VPN protocol used since the mid 1990s and can be installed on a huge variety of operating systems has been around since the days of Windows 95. But, like L2TP, PPTP doesn't do encryption, it simply tunnels and encapsulates the data packet. Instead, a secondary protocol such as GRE or TCP has to be used as well to handle the encryption. And while the level of security PPTP provides has been eclipsed by new methods, the protocol remains a strong one, albeit not the most secure.
Secure Shell (SSH): SSH creates both the VPN tunnel and the encryption that protects it. This allows users to transfer information unsecured data by routing the traffic from remote fileservers through an encrypted channel. The data itself isn't encrypted but the channel its moving through is. SSH connections are created by the SSH client, which forwards traffic from a local port one on the remote server. All data between the two ends of the tunnel flow through these specified ports.

People playing games through a VPN are only really utilizing PPTP layer and are still, themselves, client based and you are still required to use their software to create a PPTP connection.

If ZOS wants too, they can block a VPN software when ever they want or see fit and I would be willing to bet that they have blocked some, same as they have blocked some tunnelling services.

Anyways, at the end of the day, VPN's, Proxies and Tunnelling services are all one in the same, they are basically all WAN's and you connect to their networks through the use of an ISP. What layer of security they use is up to them, you either get a top level security feature with them or none at all, which is why when you go in to this level of connection facility, people need to be educated on how their connections are encrypted or if at all.

Auric_ESO · April 2014

Actually I think it's just comcast blocking Icmp. I've done many traceroutes to the various ips that zos uses and it's only thier last hop that doesn't respond to Icmp requests. I can see all the hops up to it. I'm just in this thread about the misinformation about VPN and compatibility with eso

stungateb14_ESO · April 2014

Problem is ZOS for whatever reason decided to not support IPv6 in a world thats streaming video's and music 24/7 IPv4 is gridlocked.

Wreaken · April 2014

stungateb14_ESO wrote: »

Problem is ZOS for whatever reason decided to not support IPv6 in a world thats streaming video's and music 24/7 IPv4 is gridlocked.

Yeah we raised that issue as well, why the hell they didn't allow IPv6 is beyond me.

Auric_ESO · April 2014

Wreaken wrote: »

Auric_ESO wrote: »

Wreaken wrote: »

louisrabierb16_ESO wrote: »

Wreaken wrote: »

The issue here is, VPN's, Proxies and tunnelling services are not supported by ZOS.

So until they support it, it is a hit and miss with possible bans.

Of course they are, there is no such thing as "supporting" a VPN unless you don't really know what it is. I've used one myself many times on ESO. It's just a virtual network adapter with a higher priority than your physical one so that Windows routes the traffic through it. * Applications just see a different IP.

It is exactly the same as using a different connection/ISP and that is the whole point for someone like me (when I'm at home, the vpns I use at work are used for security reasons of course). If vpns were not allowed then people with a dynamic ip wouldn't be able to play either.

*and that is only a basic, user friendly VPN. You could tell your OS to only route some specific traffic through it rather than use it for everything.

I live in Australia, the home of dynamic IP's and connect just fine without a VPN. Everytime I reset my modem, I get assigned with a new IP address and it connects, just fine.

A lot of Developers block the IP addresses commonly asscioated with VPN's, Tunneling services and proxies because they hide behind masked IP addresses, now unless you set up your VPN or the service uses your IP address then that is a different story which some do today because of this issue.

The only thing I see VPN's being useful for is if you are having trouble connecting to the launcher/client and you create a point-to-point connection through the use of a dedicated connection that would be otherwise blocked OR having issues, essentially becoming a tunnel.

That all being said, a multitude of people have reported not being able to connect to ESO using tunnelling services like WTFast, Smoothping etc. Most of these companies that are more well known have a compatibility list and ESo hits none of them with a forum full of people asking for help and the Programmers on these sites saying it is out of their hands until ZOS allows it.

Wreaken. You sound amazingly like you know what you are talking about but your entire post makes no sense. Devs don't block VPN ports or protocols. Otherwise nobody could connect. Ie like you did say a VPN is like a tunnel. But not from you to the eso server but from you to a wtfast endpoint hopefully fairly close to Dallas then your traffic runs normally through the internet to eso. It just gets you over the internet via a properly routed optioned route. Just to test I just ran eso through a VPN through work and it runs fine. Both via an ssl and IPSec tunnel. Don't know why I did since I know exactly what I am talking about. It's my job to know.

VPN's are only temp fixes to something that shouldn't exist in the first place, but unfortunately do. VPN's aren't even really suppose to be designed for online gaming, but again, are sometimes needed for people who have issues connecting. VPN's are technically a WAN, and are really only needed if you want the extra security of using your system or accounts (game accounts in this scenario) over a public network, for example your local WiFi hot spots or from a LAN at your local coffee shop.

Another example here would be if your college blocks certain ports, the user can forward traffic from those blocked ports to another local machine which will still connect to the remote server's port that has those ports open. That is of course if your network admin won't allow traffic through those ports of course, then a VPN is a work around in this instance.
IP security (IPSec): IPSec is often used to secure Internet communications and can operate in two modes. Transport mode only encrypts the data packet message itself while Tunneling mode encrypts the entire data packet. This protocol can also be used in tandem with other protocols to increase their combined level of security.

Layer 2 Tunneling Protocol (L2TP)/IPsec: The L2TP and IPsec protocols combine their best individual features to create a highly secure VPN client. Since L2TP isn't capable of encryption, it instead generates the tunnel while the IPSec protocol handles encryption, channel security, and data integrity checks to ensure all of the packets have arrived and that the channel has not been compromised.

Secure Sockets Layer (SSL) and Transport Layer Security (TLS): SSL and TLS are used extensively in the security of online retailers and service providers. These protocols operate using a handshake method. As IBM explains, "A HTTP-based SSL connection is always initiated by the client using a URL starting with https:// instead of with http://. At the beginning of an SSL session, an SSL handshake is performed. This handshake produces the cryptographic parameters of the session." These parameters, typically digital certificates, are the means by which the two systems exchange encryption keys, authenticate the session, and create the secure connection.

Point-to-Point Tunneling Protocol (PPTP): PPTP is a ubiquitous VPN protocol used since the mid 1990s and can be installed on a huge variety of operating systems has been around since the days of Windows 95. But, like L2TP, PPTP doesn't do encryption, it simply tunnels and encapsulates the data packet. Instead, a secondary protocol such as GRE or TCP has to be used as well to handle the encryption. And while the level of security PPTP provides has been eclipsed by new methods, the protocol remains a strong one, albeit not the most secure.

Secure Shell (SSH): SSH creates both the VPN tunnel and the encryption that protects it. This allows users to transfer information unsecured data by routing the traffic from remote fileservers through an encrypted channel. The data itself isn't encrypted but the channel its moving through is. SSH connections are created by the SSH client, which forwards traffic from a local port one on the remote server. All data between the two ends of the tunnel flow through these specified ports.

People playing games through a VPN are only really utilizing PPTP layer and are still, themselves, client based and you are still required to use their software to create a PPTP connection.

If ZOS wants too, they can block a VPN software when ever they want or see fit and I would be willing to bet that they have blocked some, same as they have blocked some tunnelling services.

Anyways, at the end of the day, VPN's, Proxies and Tunnelling services are all one in the same, they are basically all WAN's and you connect to their networks through the use of an ISP. What layer of security they use is up to them, you either get a top level security feature with them or none at all, which is why when you go in to this level of connection facility, people need to be educated on how their connections are encrypted or if at all.

you'll note that I did edit my post when I realized you said vpn IPs and I translated that in my head as ports because who cares about desination IPs.

I jsut tested both wtfast and battleping and both work jsut fine. In addition I see no issues on thier boards that it doesnt work with ESO. I understand all of the above, I'm a ccna and ccne. Why are you thinking that eso has to do anything to support vpns or vpn gaming services. They do, just tested it via cisco ssl client, ipsec client, wtfast and battleping.

Wreaken · April 2014

woodsro wrote: »

I have a latency of 23ms and a solid A+ connection, perhaps thats why I don't have any issues.

Best of luck folks!

I cut your post down to save page space.

Rerun those tracerts using pathping instead.

If people are having packet loss issues at a certain node, it is up to ZOS to do the best they can to help resolve that issue because they simply cannot expect everyone to go out and buy tunnelling, VPN or proxy software to over come it.

They need to get some communication relations going between them and the nodes that are likely blocking the largest amount of traffic to their servers.

Wreaken · April 2014

Auric_ESO wrote: »

Wreaken wrote: »

Auric_ESO wrote: »

Wreaken wrote: »

louisrabierb16_ESO wrote: »

Wreaken wrote: »

The issue here is, VPN's, Proxies and tunnelling services are not supported by ZOS.

So until they support it, it is a hit and miss with possible bans.

Of course they are, there is no such thing as "supporting" a VPN unless you don't really know what it is. I've used one myself many times on ESO. It's just a virtual network adapter with a higher priority than your physical one so that Windows routes the traffic through it. * Applications just see a different IP.

It is exactly the same as using a different connection/ISP and that is the whole point for someone like me (when I'm at home, the vpns I use at work are used for security reasons of course). If vpns were not allowed then people with a dynamic ip wouldn't be able to play either.

*and that is only a basic, user friendly VPN. You could tell your OS to only route some specific traffic through it rather than use it for everything.

I live in Australia, the home of dynamic IP's and connect just fine without a VPN. Everytime I reset my modem, I get assigned with a new IP address and it connects, just fine.

A lot of Developers block the IP addresses commonly asscioated with VPN's, Tunneling services and proxies because they hide behind masked IP addresses, now unless you set up your VPN or the service uses your IP address then that is a different story which some do today because of this issue.

The only thing I see VPN's being useful for is if you are having trouble connecting to the launcher/client and you create a point-to-point connection through the use of a dedicated connection that would be otherwise blocked OR having issues, essentially becoming a tunnel.

That all being said, a multitude of people have reported not being able to connect to ESO using tunnelling services like WTFast, Smoothping etc. Most of these companies that are more well known have a compatibility list and ESo hits none of them with a forum full of people asking for help and the Programmers on these sites saying it is out of their hands until ZOS allows it.

Wreaken. You sound amazingly like you know what you are talking about but your entire post makes no sense. Devs don't block VPN ports or protocols. Otherwise nobody could connect. Ie like you did say a VPN is like a tunnel. But not from you to the eso server but from you to a wtfast endpoint hopefully fairly close to Dallas then your traffic runs normally through the internet to eso. It just gets you over the internet via a properly routed optioned route. Just to test I just ran eso through a VPN through work and it runs fine. Both via an ssl and IPSec tunnel. Don't know why I did since I know exactly what I am talking about. It's my job to know.

VPN's are only temp fixes to something that shouldn't exist in the first place, but unfortunately do. VPN's aren't even really suppose to be designed for online gaming, but again, are sometimes needed for people who have issues connecting. VPN's are technically a WAN, and are really only needed if you want the extra security of using your system or accounts (game accounts in this scenario) over a public network, for example your local WiFi hot spots or from a LAN at your local coffee shop.

Another example here would be if your college blocks certain ports, the user can forward traffic from those blocked ports to another local machine which will still connect to the remote server's port that has those ports open. That is of course if your network admin won't allow traffic through those ports of course, then a VPN is a work around in this instance.
IP security (IPSec): IPSec is often used to secure Internet communications and can operate in two modes. Transport mode only encrypts the data packet message itself while Tunneling mode encrypts the entire data packet. This protocol can also be used in tandem with other protocols to increase their combined level of security.

Layer 2 Tunneling Protocol (L2TP)/IPsec: The L2TP and IPsec protocols combine their best individual features to create a highly secure VPN client. Since L2TP isn't capable of encryption, it instead generates the tunnel while the IPSec protocol handles encryption, channel security, and data integrity checks to ensure all of the packets have arrived and that the channel has not been compromised.

Secure Sockets Layer (SSL) and Transport Layer Security (TLS): SSL and TLS are used extensively in the security of online retailers and service providers. These protocols operate using a handshake method. As IBM explains, "A HTTP-based SSL connection is always initiated by the client using a URL starting with https:// instead of with http://. At the beginning of an SSL session, an SSL handshake is performed. This handshake produces the cryptographic parameters of the session." These parameters, typically digital certificates, are the means by which the two systems exchange encryption keys, authenticate the session, and create the secure connection.

Point-to-Point Tunneling Protocol (PPTP): PPTP is a ubiquitous VPN protocol used since the mid 1990s and can be installed on a huge variety of operating systems has been around since the days of Windows 95. But, like L2TP, PPTP doesn't do encryption, it simply tunnels and encapsulates the data packet. Instead, a secondary protocol such as GRE or TCP has to be used as well to handle the encryption. And while the level of security PPTP provides has been eclipsed by new methods, the protocol remains a strong one, albeit not the most secure.

Secure Shell (SSH): SSH creates both the VPN tunnel and the encryption that protects it. This allows users to transfer information unsecured data by routing the traffic from remote fileservers through an encrypted channel. The data itself isn't encrypted but the channel its moving through is. SSH connections are created by the SSH client, which forwards traffic from a local port one on the remote server. All data between the two ends of the tunnel flow through these specified ports.

People playing games through a VPN are only really utilizing PPTP layer and are still, themselves, client based and you are still required to use their software to create a PPTP connection.

If ZOS wants too, they can block a VPN software when ever they want or see fit and I would be willing to bet that they have blocked some, same as they have blocked some tunnelling services.

Anyways, at the end of the day, VPN's, Proxies and Tunnelling services are all one in the same, they are basically all WAN's and you connect to their networks through the use of an ISP. What layer of security they use is up to them, you either get a top level security feature with them or none at all, which is why when you go in to this level of connection facility, people need to be educated on how their connections are encrypted or if at all.

you'll note that I did edit my post when I realized you said vpn IPs and I translated that in my head as ports because who cares about desination IPs.

I jsut tested both wtfast and battleping and both work jsut fine. In addition I see no issues on thier boards that it doesnt work with ESO. I understand all of the above, I'm a ccna and ccne. Why are you thinking that eso has to do anything to support vpns or vpn gaming services. They do, just tested it via cisco ssl client, ipsec client, wtfast and battleping.

Hmm, I haven't checked in the last few days,but the 21st patch broke tunnels and proxies.

I am just curious as to what ZOS's stand on this is. Are they willing to work with the communication sectors to resolve node issues or are they going to rely on everyone to just run third party software to resolve their issues?

Further more, is there going to be support for IPv6 connections?

Auric_ESO · April 2014

grrr...a server or client code cant break tunnels! <stomps off muttering> Well maybe if it uses the same ports as ssl/ipsec or the client tries to detect/close it but that would be stupid. It can only ban IPs of known vpn networks (if they really wanted to, but who would do that, its so idiotic its beyond the realm of possibility!). Lets just keep vpn/poxies out of this thread and focus on your whole point of trying to detect if network latency bad routing or such is happening and trying to help people with that problem.

Wreaken · April 2014

Auric_ESO wrote: »

grrr...a server or client code cant break tunnels! <stomps off muttering> Well maybe if it uses the same ports as ssl/ipsec or the client tries to detect/close it but that would be stupid. It can only ban IPs of known vpn networks (if they really wanted to, but who would do that, its so idiotic its beyond the realm of possibility!). Lets just keep vpn/poxies out of this thread and focus on your whole point of trying to detect if network latency bad routing or such is happening and trying to help people with that problem.

I agree, with everything you said here.

Auric_ESO · April 2014

kay, well good luck in your efforts, I was trying to help out alot of people with virgin media problems over in the uk when eso first opened and it was defiantely a trial to work with forum people (especially when you got people like me butting in).

Valije · April 2014

I want to add my tests too.

From Spain to EU server.

C:\Users\x>tracert 198.20.200.80

Traza a 198.20.200.80 sobre caminos de 30 saltos como máximo.

  1    <1 ms    <1 ms    <1 ms  192.168.0.1
  2     8 ms     7 ms     7 ms  10.131.224.1
  3     8 ms    15 ms    20 ms  2.140.116.91.static.mundo-r.com [91.116.140.2]
  4     8 ms     8 ms     8 ms  10.1.203.75
  5    34 ms    31 ms    33 ms  mad-b2-link.telia.net [213.248.74.9]
  6    55 ms    55 ms    58 ms  prs-bb2-link.telia.net [80.91.254.70]
  7    62 ms    62 ms    65 ms  ldn-bb2-link.telia.net [80.91.246.176]
  8   178 ms   164 ms   156 ms  ash-bb4-link.telia.net [213.248.65.210]
  9   151 ms   152 ms   158 ms  ash-b2-link.telia.net [80.91.252.97]
 10   172 ms   170 ms   172 ms  192.205.33.25
 11   189 ms   193 ms   187 ms  cr81.wshdc.ip.att.net [12.122.135.98]
 12   193 ms   197 ms   196 ms  cr1.wswdc.ip.att.net [12.122.135.86]
 13   208 ms     *      199 ms  cr2.sl9mo.ip.att.net [12.122.18.29]
 14   192 ms   199 ms   204 ms  cr1.sl9mo.ip.att.net [12.122.2.217]
 15   206 ms     *      208 ms  cr2.dlstx.ip.att.net [12.122.3.221]
 16     *        *      194 ms  ggr3.dlstx.ip.att.net [12.122.138.25]
 17     *        *        *     Tiempo de espera agotado para esta solicitud.
 18     *        *        *     Tiempo de espera agotado para esta solicitud.
 19     *        *        *     Tiempo de espera agotado para esta solicitud.
 20     *        *        *     Tiempo de espera agotado para esta solicitud.
 21     *        *        *     Tiempo de espera agotado para esta solicitud.
 22     *        *        *     Tiempo de espera agotado para esta solicitud.
 23     *        *        *     Tiempo de espera agotado para esta solicitud.
 24     *        *        *     Tiempo de espera agotado para esta solicitud.
 25     *        *        *     Tiempo de espera agotado para esta solicitud.
 26     *        *        *     Tiempo de espera agotado para esta solicitud.
 27     *        *        *     Tiempo de espera agotado para esta solicitud.
 28     *        *        *     Tiempo de espera agotado para esta solicitud.
 29     *        *        *     Tiempo de espera agotado para esta solicitud.
 30     *        *        *     Tiempo de espera agotado para esta solicitud.

Traza completa.

As you can see I have less than 10 ms inside my ISP. Then the connection enters the carrier in Madrid and then it is routed to London (ldn-bb2-link.telia.net [80.91.246.176]).

Inside Europe the latency is about 60 ms. Then we get to the real issue, the jump under the Atlantic, from London to Asburn, VA. Here those times more than doubles and we are now in 150-170 ms. Add a bit more inside telia and AT&T backbones and it surpasses 200 ms.

These times are using simple and fast tools. Ingame the feeling is about half a second and one second of lag. When you get lag spikes (or saturated servers) the things jump around.

For those who say this is not an issue, think again. Yes, it is not a fast paced game, but it really is noticeable. Network coding and predicting algorithms can help a lot, but right now it is not working that good.