Hi All, I singned up celcom digi 500mbps fibre package. I notice a slightly higher ping response. For a example : 1.1.1.1 #is returning 15 ms, previous ISPs i used I get as low as 2ms.

Given my technical knowledge this latency is due to the CGNAT nature of the IP, I want to ask opinion if i subscribe to static IP will my latency reduce?

Plus my building the port is actually given my TM, celcomdigi just tap that.

Using Static IP will solve your issue because that IP was specially assigned to you.

But you should report to CelcomDigi first & request for a different CGNAT IP. Because the CGNAT was shared with few Users thus the latency is slightly slow.
Comparing 15 ms with 2 ms, may not pose much of a difference unless you are running a home server or gaming PUBG or similar games.

Since you have just sign-up, if the speed is not satisfactory you can cancel the subscriptions and use back Unifi.

Hope this helps...

Not sure if related, but my celcomdigi riding on allo has bad ping compare to my previous isp (200++ vs below 30ms) when try to connect to zscaler server at Singapore.

Currently already raise ticket to mcmc due to CD closed ticket without doing nothing

Ohh, just to add on, i try to use vpn, the routing improve significantly, so yes its CD problems

This post has been edited by iXora.ix: Nov 14 2024, 07:08 AM

Subscribed to CD Fibre 300mbps under TIME infra.

Realized the CGNAT policy on CD is very aggressive causing a lot of browsing issue even on Lyn forum.

My symptoms is always the first request to the website will work, then subsequent request to the same website timeout and fail.

Highly suspicious of the aggressive clearing of the NAT translation tables and high frequency of ports reuse policy causing browsing issue.

When the request fail, I quickly load the same request using incognito or VPN or cellular network, it loads instantly. Hence the problem is isolated to my home fibre network.


Before this on Maxis Fibre + public IP never had this issue.

Anyone facing the same situation?

Ah now that you know, this has to do with the lease time allocation and refresh of their CGNAT gateways becoming more often during peak hours.

To think a big company like SialkomDiGi employs inexperience monkey administrators who didn't see this coming or have not a single idea what they are doing..

When you're connected to VPNs or stream online radio/media, it's going to be a serious issue because every few mins (depending on traffic level) the connection will pause now and then disrupting your streams before resuming.

To give you how deplete and shortage CelcomDiGi which calls itself Malaysia's largest mobile telco after their merger, their IPv4 blocks is even fewer than Yes (YTL Communications). That is how serious it is!

AS10030 - CelcomDiGi 74k IPV4 addresses


AS38466 - U Mobile 32k IPV4 addresses


AS45960 - YES 82k IPV4 addresses


AS9534 - Maxis Communications 502k IPV4 addresses


For a company that is even larger subscriber base than Maxis, they have lesser IPv4 blocks than even a small ISP such as YES?
That is why they cannot even afford to sell public IP to their customers..only a handful so the recycling and refreshing is very AGGRESSIVE.

Time has like 742k while TM being the Wholesale ISP of the country has like 3.2M IPv4 addresses..

This post has been edited by petpenyubobo: Jan 30 2025, 09:13 PM

hello, noob here when it comes to cgnat,

just want to ask, what benefit do they get from recycling or refreshing the connection? like wont the same users just be connected again? what even is the point of this agressive refresh?

LYN can be accessed via IPv6, why bother about IPv4?

Damn. Thanks for sharing this insight. Confirmed my hypothesis altogether.

Looks like I need to look into setting up a private VPN trunk to SG for my whole home network to mitigate this issue.

IPv6 is such a pain to support natively. My AdguardHome instance installed on a local cheapo NAS is not IPv6 supported hence if I enable IPv6, the annoying ads will pop up everywhere. Even OpenVPN AS is not IPv6 supported natively.

Waiting for that day contract ends or CD start offering Public IP as a paid service…

Another solution, if you have a relative or ur besties with a public IP fiber and let you put a small mini pc or rpi4 to run a wireguard vpn or tailscale exit node, should be fine, u only bayar the power and internet jer..or use for free hehe

Celcom after merger their networks become disappointing.

AFAIK, currently celcom ip subnet using single upstream Cogent for most routing connectivity to international

AS10030 CELCOMNET-AP - Celcom Axiata Berhad, MY
74,752 IPv4 Addresses

AS4818 DiGi Telecommunications Sdn Bhd.
332,800 IPv4 Addresses

how come digi have more IPv4 than celcom axiata ?

This post has been edited by JLA: Jan 31 2025, 03:30 PM

The situation is like this, if say you're enjoying a video or radio stream with CGNAT after verifying with Cloudflare for say 15 mins, suddenly your stream breaks and stops loading when the CGNAT gateway IP gets recycled.

During peak hours it gets even worst the CGNAT IPs gets cycled more often because the ISP's IP blocks is limited changing gateway IPs.

It's troublesome and very inconvenient because to make the stream work again you need to go through another round of Cloudflare captcha verifications..
Then after a short interval it breaks again.

With VPN it doesn't help much although you can still keep your Cloud-flare protected link alive because the VPN's exit is fixed IP, but the re-connection to your VPN server on your CGNAT will also pause the video/online radio streaming intermittently.

I'm also experiencing the same problem now streaming radio on my CelcomDiGi 5G with CGNAT.

If you combined all three Celcom + DiGi = CelcomDiGi,no where near Maxis's 502k.