Just do the same speedtest while connected to your router through a cable, or if you router has a speedtest on that, try that i guess.

That's speedtest cli

https://www.speedtest.net/apps/cli

i know but private ip if he complaint we can't solve

just open that exe? i just try, speed test half way, it auto close

From a strict technical perspective TM didn't block NPTv6 "directly". What they are doing is not assigning IPv6 address to endpoint and they are just doing prefix delegation with /64.
I believe your focus should be RIPE-690 but since you already mentioned RFC 6177 then just add RIPE-690 to the list. Once correctly implemented, you don't need NPTv6 anymore.
One thing with network operator is nobody likes RFC. Best Current Operational Practice for Operators do a better job to help network operator understand stuff.

If it is up to me to implement RIPE-690, here is how I am going to do it:
First I will submit a plan to APNIC to request another /32 block of IPv6 prefix.
I will keep all the existing setup intact. This is so that people who don't need more address don't need to do anything but still have working IPv6. All the existing router don't need to change.
I will then allow all account holders to request for a static /56 or /48 from the Unifi portal.
The BNG will then route those prefix accordingly.

There are many advantage to this setup:
1. Dynamic IPv6 prefix is useless. You cannot configure it to your Kubernetes cluster, libvirt network, etc when they keep changing.
2. Everyone will have a working IPv6 network by default without complicated setup, as it is now.
3. TM don't need to redo their address planning

It is very easy for a censor with active probe to spot commercial VPN service and it is implemented in Great Firewall of China.
This is how they do it:
1. DPI categorize the connection as VPN.
2. Signal the probe to do active scanning (just like nmap)
3. If the result comes back as positive then put the IP address into the VPN blocklist.

You can easily do this yourself using nmap. All commercial VPN provider has multiple open port to accept different VPN protocol, along with certificate that positively identify themselves.

Another way for censor to identify VPN is they have inside access to social network. If they don't like your post, they will "subpoena" your information and just add the IP address and the active probe signature to VPN blocklist. This will effectively cut off your VPN access because your IP is blocked outright.

Borrowing the principle from Tor, many China citizen workaround this by connecting to CDN which act as a guard node, which then connects to their compute instance acting as exit node.
ACL will be deployed in exit node to block attempt of active probe. AWS has made doing this very easy with their managed prefix list:
https://aws.amazon.com/blogs/networking-and...zon-cloudfront/
By using EC2 Instance Endpoint Connect you do not need to expose your SSH port too. So your exit node will have absolutely zero open port for the censor's probe to scan:
https://docs.aws.amazon.com/AWSEC2/latest/U...using-eice.html

By doing this, even if the censor blacklist your exit node IP address, your VPN still works because you are not connecting directly to it.

I have a working anti-censorship VPN and have done extensive threat modelling and pen testing on it. I even tested it in China.
Of course the active probe can also detect if your CDN is acting as a front door to bypass censorship and there are various ways to bypass it.
This is a more advanced topic for the censor and I should disclose nothing to educate them. Let's see if the Malaysia censor is as competent as China.

Personally, I’ve used Tailscale with exit node in china. Worked perfectly fine when I was on China Unicom. It was only bad on China telecom since TIME has bad upload to it.

Today Update (Status: Closed):


Their Reply:
I guess can't comment any further, the case has been locked, I can't add comment about RIPE-690 😭

I think only way is try use my influence with Pendakwah Teknologi YouTuber, he can bashing ISP,


Note: I don't care anymore, here my case number, if anyone want make a report of IPv6, go ahead...

I notice it's been a while now that everyday after around 9pm, something funny is going on with Unifi.

I am having hard time accessing my office server (Office on Maxis fiber) at full speed after around 9pm from home (Unifi plan), even I turn on Tailscale also maximum can only achieve below 100kbps. But, I can achieve full speed when I use my mobile data.

Anyone got any insider news on what actually is going on with Unifi? Is it just temporary or it's going to be there permanently? I'm contemplating to switch out from Unifi, paying full price but not getting the full service.

TM installer came to replace the fiberhome with D-Link Black ONR. He changed it to GPON Bridge as per my request, and the PPPoE up for few minutes, then down with the message



He switched it back to GPON Router mode but failed to establish PPPoE connection. And he brought back the D-Link ONR, said got issue with it.

Could it be related to this?

Since the D-Link do not have the option to set VLAN ID in GPON Bridge, I need to set the VLAN ID 500 in my own router?

This post has been edited by loonsave: Jul 31 2024, 03:30 PM

Can't say much about efficiency but they're certainly punctual. Right on the last day of July. /s

Finally got my FSU +100Mbps free download speed upgrade.


DPN-FX3060V 2.5Gbps still in box. Use back old Huawei for now.

Update: Just noticed package name updated to "Unifi Home 1Gbps - Pro Upgrade"

This post has been edited by soonwai: Jul 31 2024, 10:20 PM

People like me might be stuck since it looks like the OLT I'm connected to is bound to the ONU/ONR. If I change to another ONU I can't connect.

Unless the PON stick can spoof MAC or whatever else hardware IDs they're using to bind the account.

All this is very concerning. However much I try to secure my network and privacy the giant hole there is unpatchable because its the way the ISP operates. Heck they can just cut all internet access any time if they want. Imagine a malicious actor getting into their network and causing mayhem...

I was regretting not getting a Mikrotik router but now I feel a bit better if that setting didn't solve the issue

Wait, so originally switching to your old ONU it couldnt connect (meaning your account was hardware-binded), but after technician came over now you can switch to whichever ONU it can work?

When I told the technicians to remove the hardware bind they told me cannot, so I sort of speculated (together with some other members here) that it could be that the OLT I'm unfortunately connected to requires some kind of hardware bind.

Not sure but I my technician came for fix black box 1 indian guy after spend almost 30 mins he gave up and give me 2 choice either replace black box combo with Skyworth use bridge or router or 2nd use old modem. They reset fiberhome modem and redone the setup to work

I still have not received any contact about the upgrade. Last contacted TM livechat in June and they asked me to keep waiting.

run cmd/powershell/terminal first then run that exe from there
otherwise it will just terminate and close when it completes

Like finally. Did any recontract occured ?

Try chat again. I chose Order Enquiry. Then show them the ss which says upgrade from Jan until July. If dun have, just use mine. I didn't have to but ask them to escalate if they don't and get a report number. After that waaaiit some more.

Even after all that, mine took awhile.
20240707 Chat and report number
20240711 Call from Unifi CS 03-79647000 to agree to FSU TNC
20240727 Modify Package order created
20240731 Installation

Yeah, finally! I suppose can be faster if chase them a bit or use MCMC but nvm lah. No recontract according to phone call received earlier where the FSU TNC was read out and agreed to.

Not sure if the service acceptance form got state anything about contract or otherwise.

Next want to see if I can change my Ultimate to Ruby pack. RM60 -> RM30

This post has been edited by soonwai: Jul 31 2024, 07:49 PM

Improved customer service,but service quality worst...
Haven't get the free 1G speed upgrade yet...
Will ask TM again after 2weeks when i complete resign from my current job.

how much u paying for the 800mbps plan?