We offer a service to allow you to make use of our Internet access service but without having a broadband line from us. The service uses a standard system called Layer Two Tunneling Protocol (L2TP) which allows you (using suitable software or equipment) to connect to us via another Internet access service.
Not all ISPs are equal, and A&A customers find our service very useful. We have many features that people appreciate including fixed IPv4, a block of IPv6, no censorship or monitoring. A good technical support team. Good peering and connectivity. And simply the right attitude to privacy and human rights.
Some technical issues you may encounter with other ISPs include dynamic IP or blocking of incoming ports; making it hard or impossible to run servers on your connection; or worse still Carrier Grade NAT (where there are extra layers of NAT within your ISP). Our service can allow these issues to be bypassed.
Using this service allows people to use us as their ISP via another ISP. Sadly, this does not fix congestion and speed issues in the other ISP, but it can address many other issues.
A 3Mb/s internet service is rather 2005, but actually having a fixed IPv4 address and IPv6 without any NAT or CGNAT in the way does have its uses in some circumstances:
For domestic (non VAT registered) customers we offer our 5TB/month service at £10.00 pcm, capped at 400Mb/s, no minimum term. There are no extra charges. If you exceed the 5TB/month quota then your service simply slows down to 3Mb/s using quota from the next month.
For business customers we offer our 10TB/month service at £15.00 +VAT pcm, capped at 600Mb/s, no minimum term. There are no extra charges. If you exceed the 10TB/month quota then your service simply slows down to 6Mb/s using quota from the next month. Business customers can also request a /29 block of IP addresses - contact us to have this added.
In order to connect to our L2TP service you need a device that supports L2TP. We have articles on our Support Pages with examples on how to set up various devices, but the following are examples of devices that support L2TP:
There is no encryption, this is plain L2TP and not to be confused with a 'VPN'. You can run encrypted servers through the L2TP tunnel as normal - eg https for web sites, or you can run an encrypted VPN through the L2TP service.
As with our broadband service we create our Constant Quality Monitoring (CQM) graphs for L2TP connections. We send an LCP echo every second and graph loss, latency and usage. Typically with L2TP over mobile networks the graphs often have various levels of latency, and spikes of loss. This is down to the mobile connection rather than the L2TP service. However, these graphs do give a good indication of the 'quality' of the underlying connection.
My parents have Sky ADSL, it is slow and laggy. When I ordered L2TP from AAISP to use over Sky ADSL, connection purrs along like a finely tuned sports car.
Note on L2TP relay
We also offer L2TP relay of normal broadband service and mobile data SIMs on to your own LNS - this is provided at no extra charge. We also offer L2TP access to your broadband service login as a backup at no extra cost over the price for your normal broadband service. The service described here is a separate L2TP access service independent of our normal broadband internet access.
Required equipment
Depending on how you're wanting to connects to us you'll need either a router that supports L2TP tunnels, or your computer to support L2TP.
We have articles in the Knowledge Base for setting up Windows, Apple and Linux operating systems as well as various hardware routers from FireBrick, Cisco, Routerboard and others.
L2TP as a backup to my existing AAISP broadband
If you already have broadband provided by us then by default you are able to use your same login credentials to login in to us over L2TP. This makes for an effective way to use keep your IPs and so on working by using L2TP over another ISP whilst your main DSL service is being fixed.
NAT and port mapping
There will be no NAT and no CGNAT (carrier grade NAT) being performed at our side. The L2TP connection will be given a public IP address that is fixed and will be the same one each time you connect. Depending on your configuration and setup, your router/device may well do NAT.
We do not block any ports, you'll be free to run internet facing services as you wish. Again, depending on your configuration and setup, your router/device may well be able to perform port mapping to internal devices as you wish.
Our Business-grade L2TP can optionally include a small block of public IP addresses, do contact us if you wish to have a block routed - this would be in addition to the single 'WAN' address that is also allocated to each L2TP connection. As long as your router/device is able to disable NAT, then these IPs can be used on your LAN.
We'd always recommend the use of firewalls to protect your network.
Connection details
See the L2TP Knowledge Base pages for connection details and help in setting up your equipment.
Why is there no IPsec?
Our L2TP service is NOT encrypted. It is L2TPv2 over UDP.
The reason for this, is that we have set up the service to be very similar to our normal DSL services. Your traffic going over our L2TP service is just as 'safe' asit would be is it was going over your normal internet connection. You would usually be using encrypted protocols - eg HTTPS, so much of your traffic within our L2TP service will be encrypted anyway - just as it would if you were not using our L2TP service.
Your ISP could be monitoring and logging your communications, though it is unclear if current or proposed legislation would permit them to look inside the L2TP tunnel.
Further technical information
You will need an L2TP client device (a FireBrick can do this), or software. Many operating systems have an L2TP client built in.
You will be allocated a username and password to use, and a single fixed IPv4 as well as a block of IPv6. These are then assigned via PPP and DHCPv6 as normal.
Using an A&A IP address you will have access to our various free services such as DNS resolvers and outgoing email servers just like any broadband customer. You are also subject to our Acceptable Use Policy like any other broadband customer.
You may have to set a lower MTU to accommodate the host ISP, possibly as low as 1462 (or lower for some ISPs). In theory fragments will work to allow 1500 MTU on our service, but fragments are inefficient, and if everyone sends fragmented packets that could degrade the service.
You will need to use the "hostname" (sort of L2TP tunnel-level login) of "AAISP" and the endpoint of l2tp.aa.net.uk or 90.155.53.19. You are allocated a username and password to use when you order.
Reverse DNS
We can set up reverse DNS (rDNS) for the IPv4 and IPv6 addresses on L2TP in a few ways, we can also delegate to your own nameservers if you wish. Get in touch for help with this.
Moving IPs to broadband
If you start with L2TP and later want to move the IP addresses to a broadband line with us, then this is possible. Get in touch.
Limitations
Our L2TP service is an 'over the top' service - where it runs over your existing internet connection. If your existing internet connection is very poor then using our L2TP probably won't make it any better. We do apply traffic prioritisation and staff can cap the speed so as to stop the traffic in the L2TP from hitting the limits of your underlying internet connection which can improve the overall performance. However, if your underlying internet connection has problems such as dropouts, packetloss, variable latency etc, then the L2TP service may also suffer due to these problems. If in doubt, please contact our Technical Support Team.