cancel
Showing results for 
Search instead for 
Did you mean: 

Has anybody else encountered corrupted HTTPS streams lately?

New Member

Has anybody else encountered corrupted HTTPS streams lately?

Certain files downloaded via HTTPS are failing for me with the OpenSSL error "error:1408F119Smiley FrustratedSL routinesSmiley FrustratedSL3_GET_RECORD:decryption failed or bad record mac".

As far as I can tell, this very generic error means "I didn't like the packet I just got, it makes no sense; aborting connection." (Indeed, viewing a packet dump shows TCP RST being sent by my client to the server shortly after.)

I have found one file that almost consistently triggers the error: the Django (Python web framework) package at https://pypi.python.org/packages/source/D/Django/Django-1.8.3.tar.gz#md5=31760322115c3ae51fbd8ac85c9... If I download it in wget on Linux or Firefox on Windows, the download fails midway through almost every time. (wget spits out the error message; Firefox just says "failed")

I have tried the download both with my new router (running OpenWRT) and directly connected to my Gen4 HT1000 modem. Both cases fail. I'm examining packet captures from the router and from a tap between the router and the modem to see if I can shed more light on the issue, but there's not much to see so far. In all cases, I am running with Web Acceleration off, as always. I am willing to make sanitized package captures available to HughesNet engineers if it'll help with diagnostics.

I have one theory: IPv4 vs IPv6. I've had native IPv6 for awhile now through my homemade Linux router; IPv6 bypasses HughesNet's IPv4 CGN gateways. I'm going to investigate to see if the downloads fail ONLY with IPv4. Sadly, that server above only offers IPv4, so I need to find another large download on a dual-stack host that I can use for testing.

So: does anyone else get errors with that file (or any other large file on HTTPS)? Testing this issue is very annoying because it eats up my bandwidth allocation. I will have to run more tests early in the morning...

For what it's worth, my connection has been more unstable lately; it has gone down several times in the evenings the past month. But from what I read, that may be weather at the ground station.
135 REPLIES 135
Associate Professor

Re: Has anybody else encountered corrupted HTTPS streams lately?

Haven't seen you around these parts in a long time...  Tried the link you gave, downloads perfectly fine for me, IPv4 only network here...

Have you considered opting for the HT1100 instead of HT1000?  It's free to change out...

Now, I will say this... Yesterday while downloading a 3.7GB ISO of Win10 TP, I had 3 failed downloads in a row, all towards the end... Was not a pretty day...
New Member

Re: Has anybody else encountered corrupted HTTPS streams lately?

Yeah, I've been busy. Just earned my C.S. degree and I'm heading back for grad school. (I know, I know; masochistic.)

I might consider the modem if it's likely that's what it is. However, is that "free" for a swap-out or a no-questions-asked replacement? I did pay for this modem (+transmitter). I kinda want to keep it.
New Member

Re: Has anybody else encountered corrupted HTTPS streams lately?

Also: my SQF is in the 110-120 range and there are no trees or other obstructions between it and the sky. I doubt the dish has moved; our installer (fantastic guy) did a great job mounting it to the roof.
New Member

Re: Has anybody else encountered corrupted HTTPS streams lately?

Update: it affects HTTP as well (anything TCP).

From looking at a packet dump of a HTTP connection, the server shovels data at the client and the client says "Yeah, yeah, I acknowledge packet #1, #2, #3..." etc. But it looks like the server stops receiving these ACK packets from the client after some time. (This is a lot of dropped ACKs, not just one; if it was just a few, the next successful ACK would implicitly acknowledge the packets that would've been acknowledged by the missing ACKs). After awhile the server cuts the connection because it thinks the client isn't receiving the data.

Either way, the issue is in or past the modem. I'm working with a friend to get package captures on both sides of the network to see what's going on.
Associate Professor

Re: Has anybody else encountered corrupted HTTPS streams lately?

Could be the modem, or transmitter flaking out... Noticing any packet loss at all?  As for the upgraded modem, I am unsure of how customers who purchased them would go about getting swapped...

I mean, it IS possible there's a gateway issue... but that is unlikely... the ODU would be more likely to fail IMO.  Curiously what was your IPGW again, as well as your general location?
New Member

Re: Has anybody else encountered corrupted HTTPS streams lately?

Currently AMA19HNSIGW31B002Adv, Northern Cali. According to the diag logs, a few days ago it was AMA19HNSIGW31B001Adv, then before that AMA19HNSIGW31B001Adv again, AMA19HNSIGW31B001Adv again (the logs go back to the 10th). The disassociation reasons were "not reachable - CMM not received" 

I've noticed images not loading or loading partway on really image-heavy pages the past few weeks, but most of my browsing has been light. I've had some long-running IRC sessions blip maybe once or twice a week. Perhaps it only manifests under heavy load?

As I mentioned, the modem has gone out on occasion, mostly during evening hours. I think there's been three or four small outages this month, for up to 30 minutes in length. SQF falls to 10-30 and climbs back up when connectivity is reestablished. I haven't paid attention to the lights because I put electrical tape over them--they're way too bright for a bedroom. Usually the error code is 11.2.2 ("Outroute is locked to an unknown carrier") when it goes down. (I've seen this happen before over the past year or two; I just kinda accepted it as an occasional "HughesNet thing")

I left ping running on google.com for the past few minutes and got this:
--- google.com ping statistics ---444 packets transmitted, 441 received, 0% packet loss, time 443116ms
rtt min/avg/max/mdev = 569.368/639.534/1651.974/102.078 ms, pipe 2

It probably dropped one or two of the packets (the third missing packet is likely the one that got sent right before I hit ^C).
New Member

Re: Has anybody else encountered corrupted HTTPS streams lately?

I should also mention that I've been really lucky; unlike some of the people here, I very often see 10MBit/s. Maybe running with Web Acceleration set firmly to "off" has something to do with that, or having a very clear view of the sky, or my signal is bouncing off an invisible deflector dish, or something.
New Member

Re: Has anybody else encountered corrupted HTTPS streams lately?

I just tried it with Firefox on Mint 17.2 and got the same error however the file is available via the software manager in Mint or Ubuntu.  Have you tried to download it using software manager or synaptic.  I do have the 1100 modem so dont think it is the 1000 modem.
New Member

Re: Has anybody else encountered corrupted HTTPS streams lately?

Hey Jezra

I tried the link you put in there and no go same error came up wonder what is  up.  All three of us are using some form of Linux there has to be a common glitch.