dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
27
share rss forum feed


ropeguru
Premium
join:2001-01-25
Mechanicsville, VA

2 recommendations

reply to UCOZ

Re: [Connectivity] UCOZ server blocked by Comcast

My guess is that they are not blocking it. I would say it is more of a routing issue.

Here is a traceroute from one of Comcast's Looking Glass sites:


1 te-1-4-0-6-102-cr01.newyork.ny.ibone.comcast.net (66.208.229.6) 4 msec 4 msec 4 msec

2 tengigabitethernet2-3.ar5.NYC1.gblx.net (64.211.60.129) [AS 3549] 0 msec 0 msec 0 msec

3 ae5-40G.scr4.NYC1.gblx.net (67.17.105.237) [AS 3549] 0 msec 0 msec 20 msec

4 ae14-0-20G.scr4.FRA4.gblx.net (67.16.166.45) [AS 3549] 136 msec 84 msec 84 msec

5 lag2.ar4.fra4.gblx.net (67.16.145.242) [AS 3549] 88 msec 84 msec 88 msec

6 rostelecom-ojsc.ethernet10-3.ar4.fra4.gblx.net (64.211.193.170) [AS 3549] 84 msec 84 msec 84 msec

7 46.61.141.134 [AS 12389] 136 msec
46.61.141.218 [AS 12389] 136 msec
46.61.141.134 [AS 12389] 136 msec

8 msk-bgw1-ae0-21.rt-comm.ru (213.59.5.109) [AS 8342] 124 msec 120 msec
msk-bgw1-ae0-83.rt-comm.ru (195.161.4.137) [AS 8342] 124 msec

9 mnogobyte.c.rt-comm.ru (217.106.2.30) [AS 8342] 124 msec 120 msec 124 msec

10 ix.quickline-gw.cust.mnogobyte.net (77.220.168.98) [AS 42632] 120 msec
quickline-gw.cust.mnogobyte.net (77.220.168.22) [AS 42632] 124 msec
ix.quickline-gw.cust.mnogobyte.net (77.220.168.98) [AS 42632] 120 msec


koitsu
Premium,MVM
join:2002-07-16
Mountain View, CA
kudos:23

1 recommendation

I'm in agreement with ropeguru See Profile, this looks like a route announcement problem. It may not be with Comcast at all, but with an uplink provider on Comcast's side, or an uplink provider on UCOZ's side (I believe there are a couple). This could all be the case of BGP filtering somewhere; someone may have forgotten to permit a route announcement for a certain prefix or AS on some routers but allowed it on others. It could also be a prefix length limit being reached somewhere.

Before I get started: why is this being posted on DSLR/BBR? Why hasn't UCOZ used peeringdb to reach out to the official Comcast folks? All their contact info is available, including a phone number:

»www.peeringdb.com/private/partic···p?id=822

(If asked for a login/pass, use guest/guest)

Please reach out to Comcast via official means and not some public forum! This is what the peeringdb is for!

193.109.247.157 is part of 193.109.247.0/24, which is AS29076.

Furthermore, when did this issue begin? Using BGPlay I can see there were some route changes recently but that doesn't necessarily indicate anything (and the BGPlay instance I'm looking at is not Comcast-peered).
--
Making life hard for others since 1977.
I speak for myself and not my employer/affiliates of my employer.


koitsu
Premium,MVM
join:2002-07-16
Mountain View, CA
kudos:23
Note for Comcast customers reading this thread: there is no point in doing traceroutes, trying to visit websites, or pinging the site from your Comcast connection. It's not going to work -- Comcast's routers do not see the route for the netblock in question. That is what ropeguru See Profile and I are talking about. :-)

From Comcast's route server (route-server.newyork.ny.ibone.comcast.net; you can telnet there):

route-server.newyork.ny.ibone>show ip bgp 193.109.247.157
BGP routing table entry for 193.109.247.157/32, version 1499832930
Paths: (8 available, best #7, table Default-IP-Routing-Table, not advertised to EBGP peer)
  Advertised to update-groups:
     2
  64650, (received & used)
    68.86.80.11 (metric 80255) from 68.86.80.11 (68.86.1.11)
      Origin incomplete, metric 0, localpref 100, valid, internal
      Community: 64650:50001 no-export
  64650, (received & used)
    68.86.1.40 (metric 69750) from 68.86.80.12 (68.86.1.12)
      Origin incomplete, metric 0, localpref 100, valid, internal
      Community: 64650:50001 no-export
      Originator: 68.86.1.40, Cluster list: 68.86.1.12
  64650, (received & used)
    68.86.80.10 (metric 81900) from 68.86.80.10 (68.86.1.10)
      Origin incomplete, metric 0, localpref 100, valid, internal
      Community: 64650:50001 no-export
  64650, (received & used)
    68.86.80.13 (metric 73765) from 68.86.80.13 (68.86.1.13)
      Origin incomplete, metric 0, localpref 100, valid, internal
      Community: 64650:50001 no-export
  64650, (received & used)
    68.86.80.7 (metric 74330) from 68.86.80.7 (68.86.1.7)
      Origin incomplete, metric 0, localpref 100, valid, internal
      Community: 64650:50001 no-export
  64650, (received & used)
    68.86.1.5 (metric 69635) from 68.86.80.6 (68.86.1.6)
      Origin incomplete, metric 0, localpref 100, valid, internal
      Community: 64650:50001 no-export
      Originator: 68.86.1.5, Cluster list: 68.86.1.6
  64650, (received & used)
    68.86.80.2 (metric 65535) from 68.86.80.2 (68.86.1.2)
      Origin incomplete, metric 0, localpref 100, valid, internal, best
      Community: 64650:50001 no-export
  64650, (received & used)
    68.86.80.0 (metric 66795) from 68.86.80.0 (68.86.1.0)
      Origin incomplete, metric 0, localpref 100, valid, internal
      Community: 64650:50001 no-export
 

Two things to note:

1. The BGP routing table entry is for the /32, not the /24 which is supposedly advertised. That's already an indicator something is amiss.

2. The AS pathing for this /32 goes straight to AS64650, which is an internal AS (non-public). This could be a blackhole AS for Comcast, or it could be an AS used as a dumping ground for prefixes which aren't seen.

Using my own VPS box IP purely as a comparison model, you can see what things "should" look like:

route-server.newyork.ny.ibone>show ip bgp 206.125.172.42
BGP routing table entry for 206.125.168.0/21, version 1502935195
Paths: (8 available, best #3, table Default-IP-Routing-Table)
Flag: 0x1900
  Advertised to update-groups:
     2
  25973 25795, (received & used)
    68.86.1.11 (metric 80255) from 68.86.80.13 (68.86.1.13)
      Origin IGP, metric 0, localpref 300, valid, internal
      Community: 7922:11 7922:3020
      Originator: 68.86.1.11, Cluster list: 68.86.1.13
  25973 25795, (received & used)
    68.86.1.11 (metric 80255) from 68.86.80.12 (68.86.1.12)
      Origin IGP, metric 0, localpref 300, valid, internal
      Community: 7922:11 7922:3020
      Originator: 68.86.1.11, Cluster list: 68.86.1.12
  25973 25795, (received & used)
    68.86.80.11 (metric 80255) from 68.86.80.11 (68.86.1.11)
      Origin IGP, metric 0, localpref 300, valid, internal, best
      Community: 7922:11 7922:3020
  25973 25795, (received & used)
    68.86.1.11 (metric 80255) from 68.86.80.10 (68.86.1.10)
      Origin IGP, metric 0, localpref 300, valid, internal
      Community: 7922:11 7922:3020
      Originator: 68.86.1.11, Cluster list: 68.86.1.10
  25973 25795, (received & used)
    68.86.1.11 (metric 80255) from 68.86.80.0 (68.86.1.0)
      Origin IGP, metric 0, localpref 300, valid, internal
      Community: 7922:11 7922:3020
      Originator: 68.86.1.11, Cluster list: 68.86.1.0
  25973 25795, (received & used)
    68.86.1.11 (metric 80255) from 68.86.80.6 (68.86.1.6)
      Origin IGP, metric 0, localpref 300, valid, internal
      Community: 7922:11 7922:3020
      Originator: 68.86.1.11, Cluster list: 68.86.1.6
  25973 25795, (received & used)
    68.86.1.11 (metric 80255) from 68.86.80.7 (68.86.1.7)
      Origin IGP, metric 0, localpref 300, valid, internal
      Community: 7922:11 7922:3020
      Originator: 68.86.1.11, Cluster list: 68.86.1.7
  25973 25795, (received & used)
    68.86.1.11 (metric 80255) from 68.86.80.2 (68.86.1.2)
      Origin IGP, metric 0, localpref 300, valid, internal
      Community: 7922:11 7922:3020
      Originator: 68.86.1.11, Cluster list: 68.86.1.2
 

So yes, I would say this is definitely a BGP-related issue. Someone isn't picking up a route announcement or isn't announcing a route somewhere in the mix.

--
Making life hard for others since 1977.
I speak for myself and not my employer/affiliates of my employer.


C_Chipperson
Monster Rain
Premium
join:2009-01-17
00000
kudos:3
10-4