Where are you located and your IP address prefix? Also what DNS server are you using?
I never face problem with Cloudflare at all. I always use domain name instead of IP address.
At the moment when I ping cloudflare-dns.com, things look okay.


However, if I manually ping the IP address in your graph, I do get high ping.
So I am not sure if DNS returns you an overloaded server or how.
The TTL for cloudflare-dns.com is 300 seconds so I don't think they configure it wrongly.

I installed unbound and use the pihole conf.
Restart unbound and try dig some website but unbound doesn't respond, it shows time out.

Then I connect VPN.
Restart unbound and try dig some website, this time it works like a charm.

I suspect TM interfere something with unbound.

Recursive resolver is always done in plaintext. This method cannot be used to bypass Great Firewall of China anymore. Long time back it does work.
From a censorship point of view, this method only works for low tech censor.

But I am not sure if your problem is related to TM blocking it since it works for me. Do you manage to get a log when running on TM?
I have a suspicion it could be due to IP blacklist. TM bought a few blocks of IPv4 address and they could be on sale due to their bad history.
This can also explain why some people get "better experience" after changing IP address.

JB, 2001:e68:5432:9034::/64, Self-built Adguard-Home DNS server with smartdns(With multiple upstream DNS).

For the overload server,i used CloudflareST to TCPping 40k cloudflare ipv6 address.
All will be having issue within the time. (this second low ping fast speed-18ms,and the next second or after awhile,it suddenly like shit speed and latency-70ms)

Another test with tcpping cloudflare ipv6 with 443 port at around 9pm
Ping statistics for 2400:cb00:2049:0:f1:9017:23f8:cd71:443
2801 probes sent.
2782 successful, 19 failed. (0.68% fail)
Approximate trip times in milli-seconds (successful connections only):
Minimum = 13.994ms, Maximum = 1745.812ms, Average = 363.208ms

ping to Cloudflare ipv6 dns address at 9pm


Edited:
Add cloudflare.com ipv6 smokeping


This post has been edited by go626201: May 30 2024, 01:58 AM

Alright. Now I understand the extend of your problem.
For TM it is easy, 2001:e68:/32 is one bgp entry.
Cloudflare is complicated: https://bgpview.io/asn/13335#prefixes-v6

I tried a few of your example with the matching prefix and they all route differently. When you tried different IP address, you must first make sure they are a different prefix from BGP point of view. Then you need to traceroute to see if they take a different route. Blindly pinging many IP addresses will give you the same result if they are from the same bgp entry.

In your case, or rather cloudflare case in general, it very much comes down to traffic engineering. I am not even sure how TM and Cloudflare peers and how they agree on traffic engineering parameters and all.

EDIT
traceroute can only see egress route from your point of view. ingress is always unknown and another mystery unless you can perform traceroute from that one cloudflare endpoint.

EDIT2:
A question: Does smokeping resolve a new IP address every time it ping? Or at least respect the TTL entry of the domain?

This post has been edited by kwss: May 30 2024, 02:27 AM

anybody notice TM silently change to private ip address even not 100mbps package users?

Which package? 800Mbps here ok. Still public. I think a few 300Mbps got private. Those who got free upgrade from 100-300?

Whoa. Thanks bro
Been looking for an answer for this and even the TM chat couldn't answer this question

Last time I got a Sharp 60" Android TV for RM99 monthly for 2 years which equates to RM2376
The contract is ending in June this year, let's see if I can get this 65" for the same price or not

This is default plaintext method, which doesn't work for me.

This is when i connected to VPN and it works.

I tweak the unbound config to go through DoT method, and it works without vpn.

Just sharing my experience here.

This post has been edited by Kadaj: May 30 2024, 02:49 PM

I just notice today that my ip been privated.

i am using 300mbps, not free upgrade from 100 to 300.

Mine using 300Mbps( free speed upgrade to 500Mbps)..and still on public ip...and actively using my public ip access.

Could be a mistake by TM since you're on 300Mbps. I just checked my neighbour's and they're still on public IP. They are 100Mbps, possibly upgraded to 300Mbps by now. Can't check their speed because they're still using Asus RT-N12.

HI Guys.. Need some help.. I just got a call from unifi that finally i will get free upgrade from 800mbps to 1gbps. but they said have to installl their own router. Cant i continue to use my own router coz mine is new and is wifi 6 TP link Archer AX 73. My house is kinda large so previously using mesh did not help but after using this router speeds everywhere in the house is quite good even without mesh.. will their upgraded router be any better ?..appreciate some sifu advice.. thanks

Also will unifi be better or moving altogether to celcom fibre 1gbps?

This post has been edited by hussain: May 30 2024, 11:47 AM

I try contact TM on this, thanks for your info

Yes, it does resolve new address with domain name host. Should be follow the ttl, i think.

PRIVATE IP
30 Mbps
50 Mbps
100 Mbps
300 Mbps

PUBLIC IP
500 Mbps
800 Mbps
1 Gbps
2 Gbps

I have a feeling TM is throttling speed during this time. When I use the internet for browsing international sites after 2PM, speed is back to its normal state.

Slowness is peaked at night

Thanks for your info

ask technician to install bridge mode and all done.

Meaning? Sorry not very tech savvy