dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
24
share rss forum feed


koitsu
Premium,MVM
join:2002-07-16
Mountain View, CA
kudos:23
reply to koitsu

Re: [Connectivity] UCOZ server blocked by Comcast

Note for Comcast customers reading this thread: there is no point in doing traceroutes, trying to visit websites, or pinging the site from your Comcast connection. It's not going to work -- Comcast's routers do not see the route for the netblock in question. That is what ropeguru See Profile and I are talking about. :-)

From Comcast's route server (route-server.newyork.ny.ibone.comcast.net; you can telnet there):

route-server.newyork.ny.ibone>show ip bgp 193.109.247.157
BGP routing table entry for 193.109.247.157/32, version 1499832930
Paths: (8 available, best #7, table Default-IP-Routing-Table, not advertised to EBGP peer)
  Advertised to update-groups:
     2
  64650, (received & used)
    68.86.80.11 (metric 80255) from 68.86.80.11 (68.86.1.11)
      Origin incomplete, metric 0, localpref 100, valid, internal
      Community: 64650:50001 no-export
  64650, (received & used)
    68.86.1.40 (metric 69750) from 68.86.80.12 (68.86.1.12)
      Origin incomplete, metric 0, localpref 100, valid, internal
      Community: 64650:50001 no-export
      Originator: 68.86.1.40, Cluster list: 68.86.1.12
  64650, (received & used)
    68.86.80.10 (metric 81900) from 68.86.80.10 (68.86.1.10)
      Origin incomplete, metric 0, localpref 100, valid, internal
      Community: 64650:50001 no-export
  64650, (received & used)
    68.86.80.13 (metric 73765) from 68.86.80.13 (68.86.1.13)
      Origin incomplete, metric 0, localpref 100, valid, internal
      Community: 64650:50001 no-export
  64650, (received & used)
    68.86.80.7 (metric 74330) from 68.86.80.7 (68.86.1.7)
      Origin incomplete, metric 0, localpref 100, valid, internal
      Community: 64650:50001 no-export
  64650, (received & used)
    68.86.1.5 (metric 69635) from 68.86.80.6 (68.86.1.6)
      Origin incomplete, metric 0, localpref 100, valid, internal
      Community: 64650:50001 no-export
      Originator: 68.86.1.5, Cluster list: 68.86.1.6
  64650, (received & used)
    68.86.80.2 (metric 65535) from 68.86.80.2 (68.86.1.2)
      Origin incomplete, metric 0, localpref 100, valid, internal, best
      Community: 64650:50001 no-export
  64650, (received & used)
    68.86.80.0 (metric 66795) from 68.86.80.0 (68.86.1.0)
      Origin incomplete, metric 0, localpref 100, valid, internal
      Community: 64650:50001 no-export
 

Two things to note:

1. The BGP routing table entry is for the /32, not the /24 which is supposedly advertised. That's already an indicator something is amiss.

2. The AS pathing for this /32 goes straight to AS64650, which is an internal AS (non-public). This could be a blackhole AS for Comcast, or it could be an AS used as a dumping ground for prefixes which aren't seen.

Using my own VPS box IP purely as a comparison model, you can see what things "should" look like:

route-server.newyork.ny.ibone>show ip bgp 206.125.172.42
BGP routing table entry for 206.125.168.0/21, version 1502935195
Paths: (8 available, best #3, table Default-IP-Routing-Table)
Flag: 0x1900
  Advertised to update-groups:
     2
  25973 25795, (received & used)
    68.86.1.11 (metric 80255) from 68.86.80.13 (68.86.1.13)
      Origin IGP, metric 0, localpref 300, valid, internal
      Community: 7922:11 7922:3020
      Originator: 68.86.1.11, Cluster list: 68.86.1.13
  25973 25795, (received & used)
    68.86.1.11 (metric 80255) from 68.86.80.12 (68.86.1.12)
      Origin IGP, metric 0, localpref 300, valid, internal
      Community: 7922:11 7922:3020
      Originator: 68.86.1.11, Cluster list: 68.86.1.12
  25973 25795, (received & used)
    68.86.80.11 (metric 80255) from 68.86.80.11 (68.86.1.11)
      Origin IGP, metric 0, localpref 300, valid, internal, best
      Community: 7922:11 7922:3020
  25973 25795, (received & used)
    68.86.1.11 (metric 80255) from 68.86.80.10 (68.86.1.10)
      Origin IGP, metric 0, localpref 300, valid, internal
      Community: 7922:11 7922:3020
      Originator: 68.86.1.11, Cluster list: 68.86.1.10
  25973 25795, (received & used)
    68.86.1.11 (metric 80255) from 68.86.80.0 (68.86.1.0)
      Origin IGP, metric 0, localpref 300, valid, internal
      Community: 7922:11 7922:3020
      Originator: 68.86.1.11, Cluster list: 68.86.1.0
  25973 25795, (received & used)
    68.86.1.11 (metric 80255) from 68.86.80.6 (68.86.1.6)
      Origin IGP, metric 0, localpref 300, valid, internal
      Community: 7922:11 7922:3020
      Originator: 68.86.1.11, Cluster list: 68.86.1.6
  25973 25795, (received & used)
    68.86.1.11 (metric 80255) from 68.86.80.7 (68.86.1.7)
      Origin IGP, metric 0, localpref 300, valid, internal
      Community: 7922:11 7922:3020
      Originator: 68.86.1.11, Cluster list: 68.86.1.7
  25973 25795, (received & used)
    68.86.1.11 (metric 80255) from 68.86.80.2 (68.86.1.2)
      Origin IGP, metric 0, localpref 300, valid, internal
      Community: 7922:11 7922:3020
      Originator: 68.86.1.11, Cluster list: 68.86.1.2
 

So yes, I would say this is definitely a BGP-related issue. Someone isn't picking up a route announcement or isn't announcing a route somewhere in the mix.

--
Making life hard for others since 1977.
I speak for myself and not my employer/affiliates of my employer.


C_Chipperson
Monster Rain
Premium
join:2009-01-17
00000
kudos:3

10-4