Skip to main content

I placed a search on Google and this is the response I got back.

"This network is blocked due to unaddressed abuse complaints about malicious behavior. This page checks to see if it's really a human sending the requests and not a robot coming from this network.”

What does this mean? Is Google trying to block my use of its service because of issues with T-Mobile?

Is this still happening for anyone else?  Its been 2 weeks of this now and I am unable to use search bars on some websites now because they are google based.  Any solution???


https://support.google.com/websearch/thread/2596872?hl=en&sjid=7174573382521956451-NA

Essentially, this is because T-Mobile uses CGNAT, which assigns multiple users to a single IP address and then T-Mobile directs the traffic from there. My guess is that T-Mobile as over-allocated the number of users per IP to the point where Google is triggering the Captcha due to excess traffic. 

So, in other words, T-Mobile may have hundreds of people assigned to one IP, but Google sees this as a single network. So when everyone is sending Google searches, Google sees this as abuse and begins doing the Captcha. The only way to fix this would be either a static IP (which is only available for Business accounts), pure IPv6, or a VPN that isn't over-allocated.

Google will not provide individual assistance, and this is a symptom of T-Mobile's continued reliance on 6to4 translation. T-Mobile needs to move to pure IPv6. Until one of those solutions is done, this will only get worse.

 


This is seriously still happening? My service will be canceled soon, this is an insanely simple issue that should not take a corporation as large as T-Mobile a full month to fix.


This is seriously still happening? My service will be canceled soon, this is an insanely simple issue that should not take a corporation as large as T-Mobile a full month to fix.

This is occurring amongst several ISPs, so moving to another isn't a guarantee your issue will be resolved. Unfortunately it isn't a simple issue because T-Mobile and other ISPs have been reluctant to transition to strictly IPv6 networks. This is only going to become more of a problem as the number of users per IP increases. Google just happens to be the lowest threshold so far, but I would predict we will see more sites having this issue as time goes on. Because these sites see large amounts of traffic coming from a single IP address, they are going to default to it being abuse because they cannot differentiate between actual abuse versus hundreds of users using the same public IPv4 address. As that number expands, this is going to trigger more sites' Denial-of-Service (DOS) automatic protections. T-Mobile needs to fix it, but that need was months or years ago. Now the timetable has shifted and will continue to get worse, at least in my expectations.


The real fix for this is to transition to a true IPv6 network in which each user gets a unique IP address instead of using CGNAT, which assigns hundreds of users (or however many T-Mobile is doing) to a single public IPv4 address. To put it in perspective, there are about 3.7 billion public IPv4 addresses. However in a traditional sense, each device would need to have a single distinct IP address. With over 8 billion people on earth, that isn't practical. In the past, this was dealt with by using local addresses that were then handled through a single public address per network (which is why you can have a 192.168.1.1 on your network and so can your neighbor). From there, your router will take incoming data from the outside world and intelligently route it to the correct device in your home. This is the way it was for decades, where each individual subscriber would have a unique address. But due to IPv4 number exhaustion, T-Mobile and other ISPs have gone to a second level of routing in which they have an IPv4 address that is assigned to multiple subscribers and they act like the router in your home to send the data streams to the right subscriber (likely by using IPv6, interestingly enough). So T-Mobile can't get any more IPv4 addresses, as there aren't many left, so they are just expanding the number per public IP (conjecture on my part, but I'd wager it is pretty accurate). Thus, Google sees a ton of traffic, it triggers their protection system, and here we are. I fully expect this will expand to further sites as time goes on.


The other side to this is that a single subscriber that *is* sending excessive data whether that is knowingly or unknowingly (e.g. malware or botnet), then they can flag it for every subscriber that is assigned that public IP. So this could be a multi-faceted issue, but only T-Mobile can fix this.


The way T-Mobile is using IP addresses is more akin to how postal codes work instead of how addresses work. But because it is IPv4, it is like only including your zip code in your address on outgoing mail. T-Mobile knows your "direct address", but to everyone else you just appear as your "zip code". But that is a symptom of a bigger problem.


I can’t believe this hasn’t been fixed yet!


Using a web-based IP lookup https://www.showmyip.com/ my IPv4 address is currently shown as being in East Providence, RI.  Abour a week ago, for several days, it was shown as being in Baltimore, MD.  I am in Vermont.  However, I don’t see this creating a problem for me, except for occasionally having to change the prefillled zip code of the closest store location on a retailer’s website (e.g. Lowes or Home Depot).  Should I be aware of other issues due to have an IP address 250 miles away?


Yes still happening every day all day. 


Using a web-based IP lookup https://www.showmyip.com/ my IPv4 address is currently shown as being in East Providence, RI.  Abour a week ago, for several days, it was shown as being in Baltimore, MD.  I am in Vermont.  However, I don’t see this creating a problem for me, except for occasionally having to change the prefillled zip code of the closest store location on a retailer’s website (e.g. Lowes or Home Depot).  Should I be aware of other issues due to have an IP address 250 miles away?

The only issues I have seen are for services that restrict based on geolocation of your IP. Luckily this is becoming less commonplace, but it is still pervasive. Services offering live local channels via streaming are commonly affected (i.e. Hulu Live, YouTube TV, etc). Otherwise, your IP location doesn't matter tremendously but my might see better performance from certain locations. But even that is likely to be minimal. 

One more note is that some online services also monitor the geolocation information and may trigger a security exception on your account if they see you connecting from multiple locations over a short enough period of time. This would include stuff like your online banking, if used. Other secure connections can be finicky, but typically just require contacting the service provider to inform them.

I wish T-Mobile was more forthcoming with the issues that come from how their network is setup, but being honest and upfront isn't good for new membership initiatives. 


@TMHI-Sucks, “I wish T-Mobile was more forthcoming with the issues that come from how their network is setup, but being honest and upfront isn't good for new membership initiatives.” 

Would you know if this type of IP address assignment is a charateristic of all fixed wireless internet providers (e.g. Verizon and AT&T)  or is it just T-Mobile?


@TMHI-Sucks, “I wish T-Mobile was more forthcoming with the issues that come from how their network is setup, but being honest and upfront isn't good for new membership initiatives.” 

Would you know if this type of IP address assignment is a charateristic of all fixed wireless internet providers (e.g. Verizon and AT&T)  or is it just T-Mobile?

I would say you would have to research each one on a case-by-case basis, but I would expect all wireless carriers are using CGNAT, at least for their mobile customers and probably for their Internet customers as well. I believe Starlink is also CGNAT. As far as wired carriers, I also believe some are CGNAT as well, as I have heard of similar reports from users of other wired ISPs such as Spectrum and Xfinity. But I haven't done a tremendous amount of research outside of T-Mobile, honestly. 


Same issue (North Florida) for over 2 weeks.  I work from home and this is ridiculous. I’ve been very happy with T-Mobile up to now but the fact that they cant get this resolved is concerning. May be time to switch providers again...

 

 


Same thing happening in Jax FL for about the last 2 weeks.  Pretty annoying, I do think some of y'all need to calm down a bit... 


Same thing happening in Jax FL for about the last 2 weeks.  Pretty annoying, I do think some of y'all need to calm down a bit... 

Come back to me when you've been dealing with it 10-20 times a day for nearly 3 weeks 😅. And when you actually have to solve the captchas, they are annoyingly non-specific. Like... "select pictures of motorcycles" but it actually wants you to select moped, motorcycles, and any other motorcycle-like vehicles. But the really infuriating ones are where it wants to select all the squares containing a certain item in the image... do I include the mirrors of the moped as being part of the "motorcycle"? What about the squares containing just the edge of the motorcycle? Because apparently I'm *not* human according to Google. It is an annoying game of semantics and pictionary for a false alarm that is consistently interrupting your workflow.


You could always try a different search engine.  Duck Duck Go, Qwant, or even Bing or one of the many others.


You could always try a different search engine.  Duck Duck Go, Qwant, or even Bing or one of the many others.

But that's the thing... this is just a symptom of a bigger problem. The problem is that the amount of traffic per IP address is high enough to set off Google's anti-DDOS mechanism. As more users sign up, I still believe this will spread.


You could always try a different search engine.  Duck Duck Go, Qwant, or even Bing or one of the many others.

But that's the thing... this is just a symptom of a bigger problem. The problem is that the amount of traffic per IP address is high enough to set off Google's anti-DDOS mechanism. As more users sign up, I still believe this will spread.

Is it?  Maybe Google could relax their ridiculous anti-DDOS system because we know the bots are smarter than the average person.  All depends on how you want to look at solving the problem instead of trying to find an excuse to blame T-Mobile.


TMHI-Sucks - If they’ve been using CGNAT all along why has it just now popped up? The issue has been only happening for the past two weeks for us, fine before then?

… and why hasn’t T-Mobile acknowledged the problem… ? Heck their tech support said it was our Mesh Wifi that was causing the problem and that it wasn’t compatible… all I could do to not laugh!

Seriously T-Mobile, get with it and fix your network…


TMHI-Sucks - If they’ve been using CGNAT all along why has it just now popped up? The issue has been only happening for the past two weeks for us, fine before then?

… and why hasn’t T-Mobile acknowledged the problem… ? Heck their tech support said it was our Mesh Wifi that was causing the problem and that it wasn’t compatible… all I could do to not laugh!

Seriously T-Mobile, get with it and fix your network…

My guess is that it is a combination of more and more users being allocated to each IP, meaning that more traffic is going over each IP. It may be that it is just now tipping over the threshold set by Google for those IPs with higher numbers of users. Essentially, my guess is T-Mobile is adding customers, but not new IP addresses to the pool. Again, this is only a best guess by me as I'm not a T-Mobile employee. 

In terms of acknowledgement, they have acknowledged it is an issue, but have not provided any resolutions. They are also horrible with information dissemination, so their staff often has no clue.


Same thing happening in Jax FL for about the last 2 weeks.  Pretty annoying, I do think some of y'all need to calm down a bit... 

Come back to me when you've been dealing with it 10-20 times a day for nearly 3 weeks 😅. And when you actually have to solve the captchas, they are annoyingly non-specific. Like... "select pictures of motorcycles" but it actually wants you to select moped, motorcycles, and any other motorcycle-like vehicles. But the really infuriating ones are where it wants to select all the squares containing a certain item in the image... do I include the mirrors of the moped as being part of the "motorcycle"? What about the squares containing just the edge of the motorcycle? Because apparently I'm *not* human according to Google. It is an annoying game of semantics and pictionary for a false alarm that is consistently interrupting your workflow.

Well, you’re right.  That’s quite a bit more annoyance than I’m going through.  I get 4 or 5 a day and so far they’re only checkmarks.


The issue seems to be slowly getting worse for my area at least.  Google isn’t even accepting the CAPTHA verification on a couple of my devices.  I just recorded 6 minutes of CAPTHA entries (motorcycles, crosswalks, traffic lights, stairs, and busses) and still couldn’t get into a normal Google search.  Finally gave up….   


This issue is happening in Louisiana, for me the IP’s that are having the issue are all on the 172.59.104.xx subnet. Called and was told it is an issue with google, but google will not resolve the issue and says its tmobile. This morning I could not even get to this tmobile community site without the use of my vpn.


….Called and was told it is an issue with google, but google will not resolve the issue and says its tmobile….

 

I can’t see how T-Mobile can blame Google for the issue when my neighbors all use the internet from different providers (Verizon included) without issue.  If it’s only happening with T-Mobile, then they have to get their IP locations corrected.


Reply