dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
5413
share rss forum feed

NinjaAction

join:2007-09-26
Calgary, AB
reply to kevinds

Re: Shaw Blocking ports now?

said by kevinds:

But from my testing, TCP Port 21 is not blocked by Shaw.

Missed your edit, sorry. Silly question but did you say you were on business 50? I assume were you testing from a 2nd residendial connection huh?


rustydusty

join:2009-09-29
Red Deer, AB
reply to NinjaAction

SAN's use either SSD's or 15K SAS and 10K SATA rarely, unless budget is getting tight, not 7200-10k SATA like every NAS on the planet. A NAS is designed for large amounts of storage, not speed or IO's. You will figure this out when you get into a full VDI enviroment.

www.whiptail.com




rustydusty

join:2009-09-29
Red Deer, AB
reply to NinjaAction

Slowing moving the entire user base of 120 from a standard workstation enviroment to a full VDI. Having issues with thinapp of some programs, but making progress. Here's a teaser of our main VDI machine. About 25 other virtual machines across 2 other boxes. You got 4 VM's? That's childs play


NinjaAction

join:2007-09-26
Calgary, AB

said by rustydusty:

That's childs play

LOL exactly, and thats why i have a 2000$ qnap and not a true 30k+ SAN.

The qnap is doing a great job so far for my needs in the office. I don't work in the IT world for any large corperations so i dont forsee me moving into anything crazy like you have there.

I work in the Automation and critical control in the oil and gas sector. Rarely will we deploy anything on that scale, we do however have some critical servers out there albeit small which run Citrix Zenserver with Marathon Lock Step technology. We have 2 small sans on that girl. I like the vmware stuff better tho.


rustydusty

join:2009-09-29
Red Deer, AB
reply to NinjaAction

250,000 IO's is a bit much for even a VDI, but we even have a MySQL database on it now, and it doesn't even show up on graphs. The whiptail is extreme high end data center quality hardware, but we didn't want any issues. It is now loaded with SSD's, where as it was only half full in the picture. Anyways, I love my job!


NinjaAction

join:2007-09-26
Calgary, AB

I'll bet, I Lol'd at the amount of ram on that system you got:)

Back on topic, P21 is still not working for me, all i've done is rebooted everything and made sure no firewalls are running, also recreated the port forward entry in my router. Still no worky worky.

Probably something on my end tho, i'll troubleshoot more later......its the weekend and family duty calls.



rustydusty

join:2009-09-29
Red Deer, AB
reply to NinjaAction

Yeah, it's full of memory now. The other 3 esxi boxes have around 60-80GB memory. Almost a full rack of equipment now. What router are you using? Just the Shaw Cisco/SMC? I've heard nothing but problems with port forwarding on Shaw's latest devices. Maybe a firmware update has messed up port forward on the devices.


kevinds
Premium
join:2003-05-01
Calgary, AB
kudos:3
Reviews:
·Shaw
reply to NinjaAction

Actually DHCP address instead of static.

The DHCP addresses have the restrictions, the statics don't. Currently outgoing port 25 works from my static, but not from this test machine's DHCP address.

Disabling the shaping is done at the modem, everything else is done with ACL's at the router, so it depends on your IP address - the DHCP address pool has the outgoing 25 block, the static addresses do not.

1. Try bypassing your router completely
2. Try 'telnet 127.0.0.1 21' from the FTP server

--
Yes, I am not employed and looking for IT work. Have passport, will travel.


stolen

join:2004-04-12
Calgary, AB
kudos:2
reply to NinjaAction

They are blocking some ports, but not 21/22. They are also not blocking *incoming* 25, only outgoing 25.

here's a scan of my open ports remotely:


PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
110/tcp open pop3
143/tcp open imap
554/tcp filtered rtsp
5050/tcp open mmcc
6112/tcp filtered dtspc
8080/tcp filtered http-proxy
8081/tcp open blackice-icecap
9090/tcp open zeus-admin
16959/tcp filtered subseven


and a comparison of local scan of the same machine:

PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
110/tcp open pop3
143/tcp open imap
5050/tcp open mmcc
8080/tcp open http-proxy
8081/tcp open blackice-icecap
9090/tcp open zeus-admin

Which suggests that they are blocking incoming 554, 6112, 8080 and 16959. (these could also be from the firewall/network on the side that I don't have control over)

outgoing, I only see port 25 blocked.

This is on a residential BB50 package.

NinjaAction

join:2007-09-26
Calgary, AB

Anyways sorry guys.....my ports are not blocked. The nat table in my router was corrupt or something.....POS Netgear running dd-wrt.....had to reflash dd-wrt to get it to work, not even a 30-30-30 reset would do it.


kevinds
Premium
join:2003-05-01
Calgary, AB
kudos:3
Reviews:
·Shaw

On the bright side,

You are running DD-WRT now instead of the Netgear firmware

Glad it is fixed, was worried for a moment that Shaw was starting to block a whole bunch of ports - starting where you are.
--
Yes, I am not employed and looking for IT work. Have passport, will travel.


NinjaAction

join:2007-09-26
Calgary, AB

Actually it(WNR-3500L) was running dd-wrt all along. Thats why i was suprised. The netgear firware didn't last 5 minutes in this thing after i cracked the package open, it was running almost 2 yrs without a hiccup so i suppose i cant be too upset.



Rastamon

@208.87.54.x
reply to rustydusty

haha 147gb and 36 machines eh. Full VDI. This machine * 5. Nexus 5000 infrastructure.




avenger07

@shawcable.net
reply to NinjaAction

If you suspect ports being block (which shaw never has done) use a non standard port and tell your clients to connect to the port you have chosen



rustydusty

join:2009-09-29
Red Deer, AB
reply to NinjaAction

We only have about 12 out of the 125 users on so far



rustydusty

join:2009-09-29
Red Deer, AB
reply to NinjaAction

Can't fully deploy until all programs thinapp properly.