What is gstatic generate 204 captive portal login ISP page

Everyone on the planet might some time came across generate_204 captive portal login page, What is it actually? have you ever doubted! Gstatic Generate_204 captive portal is an Network Portal Detection service bundled with Google related services and with hardware devices like Android smartphone, Android tablet, Android TV, Google TV, Google Chrome, Google Chrome background services,  Chromebook, Chrome OS Shill and other Chromium services.   
What is generate 204 captive portal login, no Internet Techzost blog


What is Generate_204 captive portal

Gstatic Generate_204 captive portal is an Network Portal Detection service bundled with Google related services which handles No Internet connectivity in Google products like Android smartphone, Google TV, Google Chrome, Google Drive background services and more. 

What is Captive portal

Captive portal is an webpage which is displayed to users who are connected to Wifi network or wired network with No IP connectivity or No Internet connectivity, it's like gatekeeper before you access to network resources from your Internet service provider's (ISP) Gateway, Captive portals display a login page which you need to authenticate with your username and password provided by your broadband internet service provider or with public hotspots subscription.

How does Captive portal like Google Gstatic Generate_204 works

  • Different ISP use various Implementation methods like HTTP redirect, ICMP redirect, Redirect by DNS and more. Mostly Redirect by DNS Captive portal Implementation method used by many ISPs.
  • Assume a client from android smartphone request domain resource, https://blog.techzost.com from Google chrome browser, instantly DNS is lookup service begins. In No Internet connectivity stutation, Gateway of ISP will forward all DNS queries from unauthenticated users to ISPs default Captive portal webpage, if dns request are hit by background by Google Chrome related services, internal network portal detection service hit generate_204 error and redirects to internet service providers captive page.
  • The HTTP requests fail because the TCP connection to clients3.google.com can never be established.  The portal code tries multiple times for up to 10 seconds to connect to clients3.google.com.  If it cannot connect it marks the service as being in a captive portal.  This determination is somewhat unreliable because very high latency connections, lossy connections and other network issues can also result in failure to connect to clients3.google.com.  
  • Google Gstatic Generate 204 Captive portal lookup service aka Google Offline Indicator.
    • https://www.googleapis.com/generate_204, 
    • https://clients1.google.com/generate_204, 
    • https://clients2.google.com/generate_204, 
    • https://clients3.google.com/generate_204, 
    • https://clients4.google.com/generate_204,
    • https://gstatic.com/generate_204,
    • http://connectivitycheck.gstatic.com/generate_204
  • On Android versions Lollipop and older, when Chrome detects a network change, it sends a cookieless request to http://connectivitycheck.gstatic.com/generate_204 or http://clients4.google.com/generate_204 
  • Only after successful authentication of captive portal will resume internet services back to normal.  

Technical overview of Network Portal Detection in Chromium projects

This is generate_204 captive portal implementation in chromium projects like Chrome and might be with New Microsoft edge because it's derived from open source chromium os. 

  • Shill Service State Machine workflow diagramChrome OS Shill flow diagram - What is generate 204 captive portal login, no Internet Techzost blog
  • Reverse Path Filtering - In Chrome OS Reverse path filtering is built in kernel which drops packets received over a network interface inconsistent with the outbound routing tables. 
  • To avoid dropped packets problem when trying to determine captive portal state when connected to multiple networks like WiFi, Wired Ethernet and/or a Mobile Broadband connection. 
  • Shill disables reverse path filtering globally and on a per device basis while it is running the portal detection code
  • Shill Implementation with libcurl to determine the portal state, libcurl tries to query DNS entries without caching and strictly not to allow any reuse of lookups and for entire transaction within 10 second timeout connection termination. 
  • Web Proxies are fully supported by shill libcurl port forwarding request through web proxies, Ip address of proxy server must given to libcurl. 

List of Companies, Services and Products which use captive portal detection


Google and Android Captive Portal Detection Generate 204
  • connectivitycheck.gstatic.com/generate_204
  • connectivitycheck.android.com/generate_204
  • www.googleapis.com/generate_204
  • clients1.google.com/generate_204
  • clients2.google.com/generate_204
  • clients3.google.com/generate_204
  • clients4.google.com/generate_204
  • gstatic.com/generate_204
  • connectivitycheck.gstatic.com/generate_204
 
Apple iPhone, iPad with iOS 6 Captive Portal Detection
  • gsp1.apple.com
  • *.akamaitechnologies.com
  • www.apple.com
  • apple.com
 
Apple iPhone, iPad with iOS 7, 8, 9 and recent versions of OS X
  • www.appleiphonecell.com
  • *.apple.com
  • www.itools.info
  • www.ibook.info
  • www.airport.us
  • www.thinkdifferent.us
  • *.apple.com.edgekey.net
  • *.akamaiedge.net
  • *.akamaitechnologies.com

Microsoft Windows
  • ipv6.msftncsi.com
  • ipv6.msftncsi.com.edgesuite.net
  • www.msftncsi.com
  • www.msftncsi.com.edgesuite.net
  • teredo.ipv6.microsoft.com
  • teredo.ipv6.microsoft.com.nsatc.net 
Many individual products and services might also have dynamic Captive Portal Detection. 

Source:
Google Chrome Privacy Whitepaper, Chrome 85.0.4183.121 - https://www.google.com/chrome/privacy/whitepaper.html
Network Portal Detection, The Chromium Projects - https://www.chromium.org/chromium-os/chromiumos-design-docs/network-portal-detection
13.1. Reverse Path Filtering, Linux Advanced Routing & Traffic Control, Chapter 13. Kernel network parameters - https://tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.kernel.rpf.html
How Automatic Detection of Captive Portal works - https://success.tanaza.com/s/article/How-Automatic-Detection-of-Captive-Portal-works
How to enable/disable the Automatic Detection of Classic Hotspot Captive Portal and automatic opening of the Splash Page - https://success.tanaza.com/s/article/How-to-enable-disable-the-Automatic-Detection-of-Captive-Portal-and-automatic-opening-of-the-Splash-Page
What is Connectivitycheck Gstatic com generate_204
Troubleshooting Automatic Captive Portal Detection - https://kb.fortinet.com/kb/documentLink.do?externalID=FD42223
Can't connect to home WiFi (generate_204) - https://www.reddit.com/r/chromeos/comments/2xo3wg/cant_connect_to_home_wifi_generate_204/


Previous Post Next Post