Search similar:
|
|
uniqs 2449 |
|
|
|
|
UCOZ
Anon
2012-Oct-24 10:27 am
[Connectivity] UCOZ server blocked by ComcastComcast is blocking access to one of our servers [193.109.247.157]
The issues has been reported to us by numerous users from different States, all of them with Comcast.
We would appreciate your help in this matter.
Here are a couple tracert:
Tracing route to ladieschoice.ucoz.com [193.109.247.157] over a maximum of 30 hops:
1 * * * Request timed out. 2 * * * Request timed out. 3 40 ms 23 ms 16 ms te-2-1-ur02.rollingmdws.il.chicago.comcast.net [ 68.86.118.173] 4 * * * Request timed out. 5 * * * Request timed out. 6 * * * Request timed out. 7 * * * Request timed out. 8 * * * Request timed out. 9 * * * Request timed out. 10 * * * Request timed out. 11 * * * Request timed out. 12 * * * Request timed out. 13 * * * Request timed out. 14 * * * Request timed out. 15 * * * Request timed out. 16 * * * Request timed out. 17 * * * Request timed out. 18 * * * Request timed out. 19 * * * Request timed out. 20 * * * Request timed out. 21 * * * Request timed out. 22 * * * Request timed out. 23 * * * Request timed out. 24 * * * Request timed out. 25 * * * Request timed out. 26 * * * Request timed out. 27 * * * Request timed out. 28 * * * Request timed out. 29 * * * Request timed out. 30 * * * Request timed out.
Tracing route to progressivemind.ucoz.com [193.109.247.157] over a maximum of 30 hops:
1 1ms 1ms 2ms 192.168.1.1 2 2 43ms 16ms 20ms c-98.220.192.1.hsd1.il.comcast.net [98.220.192.1] 3 11ms 12ms 12ms te-6-2-ur04.wchicagoil.il.chicago.comcast.net [68.77.229.149] 4 * * * Request timed out. 5 * * * Request timed out. 6 * * * Request timed out. 7 * * * Request timed out. 8 * * * Request timed out. 9 * * * Request timed out. 10 * * * Request timed out. 11 * * * Request timed out. 12 * * * Request timed out. 13 * * * Request timed out. 14 * * * Request timed out. 15 * * * Request timed out. 16 * * * Request timed out. 17 * * * Request timed out. 18 * * * Request timed out. 19 * * * Request timed out. 20 * * * Request timed out. 21 * * * Request timed out. 22 * * * Request timed out. 23 * * * Request timed out. 24 * * * Request timed out. 25 * * * Request timed out. 26 * * * Request timed out. 27 * * * Request timed out. 28 * * * Request timed out. 29 * * * Request timed out. 30 * * * Request timed out. | | ropeguru Premium Member join:2001-01-25 Mechanicsville, VA
2 recommendations |
ropeguru
Premium Member
2012-Oct-24 11:34 am
My guess is that they are not blocking it. I would say it is more of a routing issue.
Here is a traceroute from one of Comcast's Looking Glass sites:
1 te-1-4-0-6-102-cr01.newyork.ny.ibone.comcast.net (66.208.229.6) 4 msec 4 msec 4 msec
2 tengigabitethernet2-3.ar5.NYC1.gblx.net (64.211.60.129) [AS 3549] 0 msec 0 msec 0 msec
3 ae5-40G.scr4.NYC1.gblx.net (67.17.105.237) [AS 3549] 0 msec 0 msec 20 msec
4 ae14-0-20G.scr4.FRA4.gblx.net (67.16.166.45) [AS 3549] 136 msec 84 msec 84 msec
5 lag2.ar4.fra4.gblx.net (67.16.145.242) [AS 3549] 88 msec 84 msec 88 msec
6 rostelecom-ojsc.ethernet10-3.ar4.fra4.gblx.net (64.211.193.170) [AS 3549] 84 msec 84 msec 84 msec
7 46.61.141.134 [AS 12389] 136 msec 46.61.141.218 [AS 12389] 136 msec 46.61.141.134 [AS 12389] 136 msec
8 msk-bgw1-ae0-21.rt-comm.ru (213.59.5.109) [AS 8342] 124 msec 120 msec msk-bgw1-ae0-83.rt-comm.ru (195.161.4.137) [AS 8342] 124 msec
9 mnogobyte.c.rt-comm.ru (217.106.2.30) [AS 8342] 124 msec 120 msec 124 msec
10 ix.quickline-gw.cust.mnogobyte.net (77.220.168.98) [AS 42632] 120 msec quickline-gw.cust.mnogobyte.net (77.220.168.22) [AS 42632] 124 msec ix.quickline-gw.cust.mnogobyte.net (77.220.168.98) [AS 42632] 120 msec
| | KearnstdSpace Elf Premium Member join:2002-01-22 Mullica Hill, NJ
1 recommendation |
to UCOZ
it could be those specific sites are having a problem because I can access the home page www.ucoz.com | | koitsu MVM join:2002-07-16 Mountain View, CA Humax BGW320-500
1 recommendation |
to ropeguru
I'm in agreement with ropeguru , this looks like a route announcement problem. It may not be with Comcast at all, but with an uplink provider on Comcast's side, or an uplink provider on UCOZ's side (I believe there are a couple). This could all be the case of BGP filtering somewhere; someone may have forgotten to permit a route announcement for a certain prefix or AS on some routers but allowed it on others. It could also be a prefix length limit being reached somewhere. Before I get started: why is this being posted on DSLR/BBR? Why hasn't UCOZ used peeringdb to reach out to the official Comcast folks? All their contact info is available, including a phone number: » www.peeringdb.com/privat ··· p?id=822(If asked for a login/pass, use guest/guest) Please reach out to Comcast via official means and not some public forum! This is what the peeringdb is for!193.109.247.157 is part of 193.109.247.0/24, which is AS29076. Furthermore, when did this issue begin? Using BGPlay I can see there were some route changes recently but that doesn't necessarily indicate anything (and the BGPlay instance I'm looking at is not Comcast-peered). | | NetFixerFrom My Cold Dead Hands Premium Member join:2004-06-24 The Boro Netgear CM500 Pace 5268AC TRENDnet TEW-829DRU
|
to UCOZ
Well, FWIW, I can't do a traceroute from my Comcast connection either, but it seems to work from my AT&T Mobility connection using a tethered cell phone, and using my backup AT&T DSL connection.
C:\>use-comcast.cmd
Pinging 192.168.9.1 with 32 bytes of data:
Reply from 192.168.9.1: bytes=32 time<1ms TTL=64
Ping statistics for 192.168.9.1:
Packets: Sent = 1, Received = 1, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
C:\>route change 0.0.0.0 mask 0.0.0.0 192.168.9.1 metric 10
You are now using the Comcast Business Class connection!
C:\>tracert ladieschoice.ucoz.com
Tracing route to ladieschoice.ucoz.com [193.109.247.157]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms ap2.dcs-net [192.168.9.1]
2 32 ms 13 ms 27 ms 67.177.172.1
3 9 ms 9 ms 8 ms xe-4-0-0-0-sur01.murfreesboro.tn.nash.comcast.net [68.85.50.125]
4 9 ms 9 ms 9 ms xe-3-1-2-0-ar03.nashville.tn.nash.comcast.net [68.85.174.17]
5 10 ms 12 ms 12 ms ae-2-0-ar01.goodslettvll.tn.nash.comcast.net [68.85.174.238]
6 19 ms 19 ms 19 ms pos-5-4-0-0-cr01.56marietta.ga.ibone.comcast.net [68.86.90.189]
7 * * * Request timed out.
8 * * * Request timed out.
9 * * * Request timed out.
10 ^C
C:\>use-att3g.cmd
C:\>rasdial "AT&T Mobility"
Connecting to AT&T MOBILITY...
Verifying username and password...
Registering your computer on the network...
Successfully connected to AT&T MOBILITY.
Command completed successfully.
C:\>tracert ladieschoice.ucoz.com
Tracing route to ladieschoice.ucoz.com [193.109.247.157]
over a maximum of 30 hops:
1 * * * Request timed out.
2 216 ms 203 ms 181 ms 172.26.248.2
3 193 ms 267 ms 153 ms 172.16.7.82
4 900 ms 442 ms 140 ms 10.251.11.23
5 256 ms 119 ms 120 ms 10.251.10.2
6 117 ms 114 ms 116 ms 10.252.1.7
7 209 ms 114 ms 114 ms 209-183-048-002.mobile.mymmode.com [209.183.48.2]
8 154 ms 156 ms 162 ms 172.16.75.1
9 182 ms 139 ms 184 ms 12.88.242.189
10 170 ms 199 ms 200 ms cr2.dlstx.ip.att.net [12.122.138.46]
11 326 ms 171 ms 189 ms gar26.dlstx.ip.att.net [12.123.16.109]
12 159 ms 181 ms 246 ms 4.68.62.229
13 170 ms 191 ms 175 ms vlan80.csw3.Dallas1.Level3.net [4.69.145.190]
14 157 ms 160 ms 158 ms ae-83-83.ebr3.Dallas1.Level3.net [4.69.151.158]
15 178 ms 179 ms 160 ms ae-7-7.ebr3.Atlanta2.Level3.net [4.69.134.22]
16 222 ms 191 ms 401 ms ae-2-2.ebr1.Washington1.Level3.net [4.69.132.86]
17 192 ms 223 ms 303 ms ae-71-71.csw2.Washington1.Level3.net [4.69.134.134]
18 190 ms 408 ms 178 ms ae-72-72.ebr2.Washington1.Level3.net [4.69.134.149]
19 278 ms 633 ms 281 ms ae-44-44.ebr2.Paris1.Level3.net [4.69.137.61]
20 298 ms 300 ms 277 ms ae-46-46.ebr1.Frankfurt1.Level3.net [4.69.143.137]
21 490 ms 649 ms 473 ms ae-71-71.csw2.Frankfurt1.Level3.net [4.69.140.6]
22 278 ms 300 ms 284 ms ae-2-70.edge3.Frankfurt1.Level3.net [4.69.154.71]
23 264 ms 272 ms 311 ms IPTRIPLEPLA.edge3.Frankfurt1.Level3.net [212.162.40.194]
24 514 ms 289 ms 312 ms 217.65.1.81
25 307 ms 324 ms 324 ms ae4-40-rt1.msk.cloud-ix.net [217.65.1.77]
26 351 ms 338 ms 456 ms po14-9-fibius.msk.datahouse.ru [217.65.1.250]
27 313 ms 359 ms 364 ms dev.ucoz.net [193.109.247.157]
Trace complete.
C:\>use-att3g.cmd /disconnect
C:\>rasdial "AT&T Mobility" /disconnect
Command completed successfully.
C:\>use-att.cmd
Pinging 192.168.1.254 with 32 bytes of data:
Reply from 192.168.1.254: bytes=32 time=93ms TTL=253
Ping statistics for 192.168.1.254:
Packets: Sent = 1, Received = 1, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 93ms, Maximum = 93ms, Average = 93ms
C:\>route change 0.0.0.0 mask 0.0.0.0 192.168.9.9 metric 10
You are now using the Windcrest AT&T backup connection!
C:\>tracert ladieschoice.ucoz.com
Tracing route to ladieschoice.ucoz.com [193.109.247.157]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms ps1.dcs-net [192.168.9.9]
2 3 ms 3 ms 3 ms ap1-dcs-net [192.168.8.254]
3 55 ms 58 ms 80 ms 192.168.1.254
4 35 ms 34 ms 36 ms adsl-74-179-200-1.bna.bellsouth.net [74.179.200.1]
5 167 ms 138 ms 126 ms 70.159.210.120
6 161 ms 186 ms 171 ms 70.159.210.122
7 153 ms 246 ms 174 ms 70.159.210.119
8 248 ms 224 ms 178 ms 12.81.32.52
9 249 ms 246 ms 209 ms 12.81.32.45
10 203 ms 216 ms 219 ms 74.175.192.198
11 249 ms 262 ms 260 ms cr1.nsvtn.ip.att.net [12.122.148.14]
12 254 ms 274 ms 317 ms cr2.attga.ip.att.net [12.122.28.105]
13 226 ms 59 ms 44 ms 12.122.117.121
14 125 ms 106 ms 111 ms ae15.edge5.atlanta2.level3.net [4.68.62.225]
15 205 ms 196 ms 189 ms vlan51.ebr1.Atlanta2.Level3.net [4.69.150.62]
16 272 ms 240 ms 274 ms ae-63-63.ebr3.Atlanta2.Level3.net [4.69.148.241]
17 226 ms 271 ms 304 ms ae-2-2.ebr1.washington1.level3.net [4.69.132.86]
18 267 ms 171 ms 199 ms ae-81-81.csw3.Washington1.Level3.net [4.69.134.138]
19 256 ms 66 ms 62 ms ae-82-82.ebr2.Washington1.Level3.net [4.69.134.153]
20 200 ms 245 ms 279 ms ae-41-41.ebr2.Paris1.Level3.net [4.69.137.49]
21 150 ms 185 ms 259 ms ae-48-48.ebr1.Frankfurt1.Level3.net [4.69.143.145]
22 146 ms 145 ms 148 ms ae-91-91.csw4.Frankfurt1.Level3.net [4.69.140.14]
23 312 ms 400 ms 162 ms ae-4-90.edge3.Frankfurt1.Level3.net [4.69.154.199]
24 287 ms 273 ms 348 ms iptriplepla.edge3.frankfurt1.level3.net [212.162.40.194]
25 255 ms 234 ms 233 ms 217.65.1.81
26 424 ms 379 ms 360 ms ae4-40-rt1.msk.cloud-ix.net [217.65.1.77]
27 189 ms 188 ms 321 ms po14-9-fibius.msk.datahouse.ru [217.65.1.250]
28 352 ms 322 ms 331 ms dev.ucoz.net [193.109.247.157]
Trace complete.
Possibly a similar cause as in several recent threads in this forum regarding accessing hosting sites on the other side of the big pond (although those sites were in the UK, France, and Germany, not in Russia). FWIW, this forum is a user helping other users forum, not a direct help forum for Comcast. If you register with this site, you can officially ask for help from Comcast using this site's » Comcast Direct forum. | | |
to UCOZ
I am unable to access that site on my Comcast Business connection, but it loads just fine on my VZW android phone | | koitsu MVM join:2002-07-16 Mountain View, CA Humax BGW320-500
|
koitsu
MVM
2012-Oct-24 12:08 pm
Note for Comcast customers reading this thread: there is no point in doing traceroutes, trying to visit websites, or pinging the site from your Comcast connection. It's not going to work -- Comcast's routers do not see the route for the netblock in question. That is what ropeguru and I are talking about. :-)From Comcast's route server (route-server.newyork.ny.ibone.comcast.net; you can telnet there): route-server.newyork.ny.ibone>show ip bgp 193.109.247.157
BGP routing table entry for 193.109.247.157/32, version 1499832930
Paths: (8 available, best #7, table Default-IP-Routing-Table, not advertised to EBGP peer)
Advertised to update-groups:
2
64650, (received & used)
68.86.80.11 (metric 80255) from 68.86.80.11 (68.86.1.11)
Origin incomplete, metric 0, localpref 100, valid, internal
Community: 64650:50001 no-export
64650, (received & used)
68.86.1.40 (metric 69750) from 68.86.80.12 (68.86.1.12)
Origin incomplete, metric 0, localpref 100, valid, internal
Community: 64650:50001 no-export
Originator: 68.86.1.40, Cluster list: 68.86.1.12
64650, (received & used)
68.86.80.10 (metric 81900) from 68.86.80.10 (68.86.1.10)
Origin incomplete, metric 0, localpref 100, valid, internal
Community: 64650:50001 no-export
64650, (received & used)
68.86.80.13 (metric 73765) from 68.86.80.13 (68.86.1.13)
Origin incomplete, metric 0, localpref 100, valid, internal
Community: 64650:50001 no-export
64650, (received & used)
68.86.80.7 (metric 74330) from 68.86.80.7 (68.86.1.7)
Origin incomplete, metric 0, localpref 100, valid, internal
Community: 64650:50001 no-export
64650, (received & used)
68.86.1.5 (metric 69635) from 68.86.80.6 (68.86.1.6)
Origin incomplete, metric 0, localpref 100, valid, internal
Community: 64650:50001 no-export
Originator: 68.86.1.5, Cluster list: 68.86.1.6
64650, (received & used)
68.86.80.2 (metric 65535) from 68.86.80.2 (68.86.1.2)
Origin incomplete, metric 0, localpref 100, valid, internal, best
Community: 64650:50001 no-export
64650, (received & used)
68.86.80.0 (metric 66795) from 68.86.80.0 (68.86.1.0)
Origin incomplete, metric 0, localpref 100, valid, internal
Community: 64650:50001 no-export
Two things to note: 1. The BGP routing table entry is for the /32, not the /24 which is supposedly advertised. That's already an indicator something is amiss. 2. The AS pathing for this /32 goes straight to AS64650, which is an internal AS (non-public). This could be a blackhole AS for Comcast, or it could be an AS used as a dumping ground for prefixes which aren't seen. Using my own VPS box IP purely as a comparison model, you can see what things "should" look like: route-server.newyork.ny.ibone>show ip bgp 206.125.172.42
BGP routing table entry for 206.125.168.0/21, version 1502935195
Paths: (8 available, best #3, table Default-IP-Routing-Table)
Flag: 0x1900
Advertised to update-groups:
2
25973 25795, (received & used)
68.86.1.11 (metric 80255) from 68.86.80.13 (68.86.1.13)
Origin IGP, metric 0, localpref 300, valid, internal
Community: 7922:11 7922:3020
Originator: 68.86.1.11, Cluster list: 68.86.1.13
25973 25795, (received & used)
68.86.1.11 (metric 80255) from 68.86.80.12 (68.86.1.12)
Origin IGP, metric 0, localpref 300, valid, internal
Community: 7922:11 7922:3020
Originator: 68.86.1.11, Cluster list: 68.86.1.12
25973 25795, (received & used)
68.86.80.11 (metric 80255) from 68.86.80.11 (68.86.1.11)
Origin IGP, metric 0, localpref 300, valid, internal, best
Community: 7922:11 7922:3020
25973 25795, (received & used)
68.86.1.11 (metric 80255) from 68.86.80.10 (68.86.1.10)
Origin IGP, metric 0, localpref 300, valid, internal
Community: 7922:11 7922:3020
Originator: 68.86.1.11, Cluster list: 68.86.1.10
25973 25795, (received & used)
68.86.1.11 (metric 80255) from 68.86.80.0 (68.86.1.0)
Origin IGP, metric 0, localpref 300, valid, internal
Community: 7922:11 7922:3020
Originator: 68.86.1.11, Cluster list: 68.86.1.0
25973 25795, (received & used)
68.86.1.11 (metric 80255) from 68.86.80.6 (68.86.1.6)
Origin IGP, metric 0, localpref 300, valid, internal
Community: 7922:11 7922:3020
Originator: 68.86.1.11, Cluster list: 68.86.1.6
25973 25795, (received & used)
68.86.1.11 (metric 80255) from 68.86.80.7 (68.86.1.7)
Origin IGP, metric 0, localpref 300, valid, internal
Community: 7922:11 7922:3020
Originator: 68.86.1.11, Cluster list: 68.86.1.7
25973 25795, (received & used)
68.86.1.11 (metric 80255) from 68.86.80.2 (68.86.1.2)
Origin IGP, metric 0, localpref 300, valid, internal
Community: 7922:11 7922:3020
Originator: 68.86.1.11, Cluster list: 68.86.1.2
So yes, I would say this is definitely a BGP-related issue. Someone isn't picking up a route announcement or isn't announcing a route somewhere in the mix. | | | tshirt Premium Member join:2004-07-11 Snohomish, WA
2 recommendations |
tshirt to UCOZ
Premium Member
2012-Oct-24 12:11 pm
to UCOZ
The last time ucoz reported comcast as blocking them, » [Connectivity] uCoz server blocked by Comcast it turn out to be due to malware/phishing schemes being run off those servers. Strangely enough it's the same IP again. Perhaps ucoz should investigate the sites FIRST rather than rushing over here to blame comcast. | | koitsu MVM join:2002-07-16 Mountain View, CA Humax BGW320-500
2 recommendations |
koitsu
MVM
2012-Oct-24 12:14 pm
said by tshirt:The last time ucoz reported comcast as blocking them, »[Connectivity] uCoz server blocked by Comcast it turn out to be due to malware/phishing schemes being run off those servers. Strangely enough it's the same IP again.
Perhaps ucoz should investigate the sites FIRST rather than rushing over here to blame comcast. I had no idea of that issue/history -- thank you very much! Yes, Comcast could indeed be null-routing their prefix then, to keep Comcast customers from getting infected by something. Can't say I blame them if that's the case. UCOZ will need to talk directly to Comcast's NOC (see my previous post for details, re: peeringdb has the necessary stuff) to work this out. There's nothing the rest of us can do. UCOZ going forward should be able to determine if they're null routed or not (see previous post of mine for using their route views srever), and then contact Comcast. Using DSLR/BBR as a "communication gateway" for this sort of thing is depressing and sad, especially if it keeps recurring. This isn't the place for "disputes" of this nature to get worked out. :/ | | Caddyroger Premium Member join:2001-06-11 To the west 1 edit |
to UCOZ
I am able to connect to the site from the west coast. I am using Comcast | | |
UCOZ
Anon
2012-Oct-24 2:39 pm
OK .. as for the malware/phishing angle, are we to assume that Comcast is correct and all the other ISPs are just clueless??
Now, assuming that the issue is with something other than Comcast, somebody must explain, in definitive terms possibly, why customers with any ISP other than Comcast has no problems reaching our server.
Not looking for a dispute, but this needs to be resolved.
Thank you for your feedback and help guys! | | ropeguru Premium Member join:2001-01-25 Mechanicsville, VA |
ropeguru
Premium Member
2012-Oct-24 2:48 pm
I would not venture to say that all other ISP's are clueless but more like Comcast is more pro active against these types of sites when customers complain.
I will let someone else like Koitsu or Netfixer chime in on the other explanation. | | NetFixerFrom My Cold Dead Hands Premium Member join:2004-06-24 The Boro Netgear CM500 Pace 5268AC TRENDnet TEW-829DRU
1 recommendation |
NetFixer
Premium Member
2012-Oct-24 3:26 pm
said by ropeguru:I would not venture to say that all other ISP's are clueless but more like Comcast is more pro active against these types of sites when customers complain.
I will let someone else like Koitsu or Netfixer chime in on the other explanation. Actually, I already provided a possible solution. The OP could register on this site and open a thread in the » Comcast Direct forum. Whether this is actually a case of Comcast doing malware site blocking, or just a run of the mill router misconfiguration problem (which seems to be more likely), that would at least get someone at Comcast to look at the problem. | | |
UCOZ
Anon
2012-Oct-24 4:56 pm
Thanks!
will do | | |
to koitsu
10-4 | | JohnInSJ Premium Member join:2003-09-22 Aptos, CA |
to UCOZ
Wow that IP address is all kinda bad - listed in multiple sites as malware/phising source.
I'd block it. | | UCOZ join:2012-10-24 Beverly Hills, CA |
to NetFixer
Thanks ... I did that | | jlivingood Premium Member join:2007-10-28 Philadelphia, PA |
to JohnInSJ
said by JohnInSJ:Wow that IP address is all kinda bad - listed in multiple sites as malware/phising source.
I'd block it. I believe that is the issue - it is a source for (at least) phishing. Hopefully the hosting company can clean it up. | |
|