dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
10719
Mikeysama
join:2007-08-14
Lady Lake, FL

Mikeysama

Member

ISP-level block of Phantasy Star Online 2 servers?

Basically, I am having some unusual (but apparently not uncommon) accessing the severs of the Japanese MMORPG Phantasy Star Online 2. The problems started June 18th, when the servers were taken down in response to a continuous DDoS attack.

Sega of Japan announced that measures were being put in place, and a little over a week later, the servers came back online. However, most people outside of Japan attempting access the servers were met with errors, and the official website (pso2.jp) is also inaccessible. While one might reasonably suspect that an IP range ban has been put in place, the evidence indicates otherwise.

»www.reddit.com/r/PSO2/co ··· updated/

As this thread indicates, Time Warner customers are now able to access the servers, and tracert results widely suggest that the requests are being stopped well before they actually reach Sega's servers. I figured I'd ask here on a forum of networking experts and CenturyLink support specialists. If it IS my ISP blocking access to this game, perhaps asked to by Sega to counter the DDoS, then I'd like to know when I can expect to have access again. Here are my tracert results (with home IP removed):

»pastebin.com/AHw28HLu

Thank you for your time.

Napsterbater
Meh
MVM
join:2002-12-28
Milledgeville, GA
(Software) OPNsense
Ubiquiti UniFi UAP-AC-PRO

1 edit

Napsterbater

MVM

Look like a routing or BGP issue, probably on the side of pso2.jp (or whoever is announcing their IP Block)

Cogent gets destination unreachable very early in their network.

C:\Windows\system32>tracert pso2.jp
 
Tracing route to pso2.jp [210.189.209.8]
over a maximum of 30 hops:
 
  1    <1 ms    <1 ms    <1 ms  car1.napshome.local [10.0.1.3]
  2     5 ms     2 ms     3 ms  gpon-local.xceleratebroadband.com [10.40.0.1]
  3     2 ms     3 ms     3 ms  gpon-local.xceleratebroadband.com [172.16.1.2]
  4    12 ms    11 ms    11 ms  38.122.47.121
  5     *     38.122.47.121  reports: Destination host unreachable.
 
Trace complete.
 

Edit: and to add, there is a lot of fail in that Reddit, take anything with a grain of salt.
Napsterbater

Napsterbater

MVM

Also Level3 is showing no route.

Route results for 210.189.208.0/23 from Atlanta, GA
 
No routes found for 210.189.208.0/23.
 
Mikeysama
join:2007-08-14
Lady Lake, FL

2 edits

Mikeysama

Member

Ah. What sort of conclusions do you suppose could be reached based on all this? If it's a BGP thing it seems odd that they'd continue to block traffic for this long after the DDoS has ended.

(update): »www.reddit.com/r/PSO2/co ··· _access/

There may actually be something to this.

Napsterbater
Meh
MVM
join:2002-12-28
Milledgeville, GA
(Software) OPNsense
Ubiquiti UniFi UAP-AC-PRO

Napsterbater

MVM

Not really, still some BS in that post.

Level3 and Cogent are both big international players, much more so then TWC.

It appears that the owner of 210.189.208.0/23 (AS4694) is not announcing its network to non JP ISP's either on purpose (based on talk of supposedly a DDOS) or not.

The difference between TWC and Cogent and Level3 is that TWC buys transit from other ISP's it cant gain access to directly. Cogent and Level3 are Tier1 providers and as a rule they don't (except in maybe in very rare cases)

TWC is using that transit trough other JP ISP's that AS4694 is announcing their routes to in order to get to the destination.

And this talk of blocking by all of these other ISP because of DDOS protection and stuff, they generally wont do that unless they are the target from said ISP. AS4694 simply stopped announcing their 210.189.208.0/23 route (via BGP) to those other ISP, thus the networks have no idea how to get to them. Cogent, Level3, Charter and any other ISP that currently cant access the 210.189.208.0/23 network have nothing they need to do, if AS4694 wants people on those network to access their game/site, they will fix it and announce the route to them.

TLDR: AS4694 is not announcing 210.189.208.0/23 to non JP networks, no one is "blocking" access to them except themselves.
reaper527
join:2014-07-07
Woburn, MA

reaper527

Member

quote:
AS4694 simply stopped announcing their 210.189.208.0/23 route (via BGP) to those other ISP, thus the networks have no idea how to get to them. Cogent, Level3, Charter and any other ISP that currently cant access the 210.189.208.0/23 network have nothing they need to do, if AS4694 wants people on those network to access their game/site, they will fix it and announce the route to them.

this doesn't explain why the charter trace routes are suddenly (as of yesterday) getting further in the process than they were previously, reaching a point in europe it can't pass as opposed to dying at the closest local routing center like it did previously.

specifically, if the announcement hasn't changed, what logic is there for the connection magically getting further along the path and out of the charter network? clearly that would be a sign that there is something the isp's are able to do on their end.

Napsterbater
Meh
MVM
join:2002-12-28
Milledgeville, GA
(Software) OPNsense
Ubiquiti UniFi UAP-AC-PRO

Napsterbater

MVM

said by reaper527:

this doesn't explain why the charter trace routes are suddenly (as of yesterday) getting further in the process than they were previously, reaching a point in europe it can't pass as opposed to dying at the closest local routing center like it did previously.

specifically, if the announcement hasn't changed, what logic is there for the connection magically getting further along the path and out of the charter network? clearly that would be a sign that there is something the isp's are able to do on their end.

Apparently as of about 3 days ago TeliaSonera (aka telia.net) has a route entry in its US tables for 192.0.0.0/3 which would include 210.189.208.0/23, since Charter pays them for transit that route is announced to Charter thus charter sends the traffic to them since there is no other smaller or better route that includes 210.189.208.0/23 in its own tables, but as you can see even TeliaSonera has no route to 210.189.208.0/23 so again the traffic fails to really go anywhere.

Address:   192.0.0.0             110 00000.00000000.00000000.00000000
Netmask:   224.0.0.0 = 3         111 00000.00000000.00000000.00000000
Wildcard:  31.255.255.255        000 11111.11111111.11111111.11111111
=>
Network:   192.0.0.0/3           110 00000.00000000.00000000.00000000 (Class C)
Broadcast: 223.255.255.255       110 11111.11111111.11111111.11111111
HostMin:   192.0.0.1             110 00000.00000000.00000000.00000001
HostMax:   223.255.255.254       110 11111.11111111.11111111.11111110
Hosts/Net: 536870910 
 

Notice the AS Path, there isn't one, its a route they made in their network.

Router: New York 
Command: show route protocol bgp 210.189.209.8 table inet.0
 
inet.0: 554615 destinations, 2012006 routes (554290 active, 828 holddown, 51673 hidden)
+ = Active Route, - = Last Active, * = Both
 
192.0.0.0/3         [BGP/170] 2d 23:54:23, localpref 100, from 213.248.80.240
                      AS path: I
                    > to 213.155.130.246 via ae4.0
                      to 213.155.131.136 via ae6.0
                      to 213.155.135.18 via ae10.0
                      to 80.91.254.9 via ae0.0
                    [BGP/170] 2d 23:54:23, localpref 100, from 213.248.80.241
                      AS path: I
                    > to 213.155.130.246 via ae4.0
                      to 213.155.131.136 via ae6.0
                      to 213.155.135.18 via ae10.0
                      to 80.91.254.9 via ae0.0
 
reaper527
join:2014-07-07
Woburn, MA

reaper527

Member

i see. that's quite unfortunate. didn't realize that telia had pushed a 192.0.0.0/3 entry.

that actually explains a lot in terms of why charter is getting to the telia servers now.

hopefully where ever the problem lies, it is resolved soon. it's been a very frustrating 3 weeks waiting for the game to get back to normal. (roughly 10 days of down time, followed by the routing issues).

some of the claims i've seen about what the problem is are absolutely nonsensical, including some people insisting that the issue was dns related.

Napsterbater
Meh
MVM
join:2002-12-28
Milledgeville, GA
(Software) OPNsense
Ubiquiti UniFi UAP-AC-PRO

Napsterbater

MVM

There may not be a "problem", as the game is targeted at Japan and Asia this may be the new normal, maybe they figured there is no point in announcing the IP block to ISP's not in Japan and Asia especially since it reduces the chance and scale of a DOS attack.
Mikeysama
join:2007-08-14
Lady Lake, FL

Mikeysama

Member

Well that's grim, but the evidence is pretty clear at this point. Time to use that hard drive space for something else.
reaper527
join:2014-07-07
Woburn, MA

reaper527

Member

i wouldn't clear that harddrive space so fast. as of right now, it's working again!

(or at least it is for me on my verizon connection, and other people are claiming it's working on their comcast connections).

try the website now, and try tracert'ing the gs016.pso2gs.net address. if that tracert works for you, you should be able to play tomorrow when the weekly server maintenance ends.

Napsterbater
Meh
MVM
join:2002-12-28
Milledgeville, GA
(Software) OPNsense
Ubiquiti UniFi UAP-AC-PRO

Napsterbater

MVM

Charter / TeliaSonera, still has no route.

Level3, still has no route.

Cogent, still has no route.

Oh and Reddit posters (specifically from here »www.reddit.com/r/PSO2/co ··· _no_its/), just because some ISP's can connect and some cant doesn't make this a theory, just proves what I said above, AS4694 is not announcing 210.189.208.0/23 to all ISP's (mostly non Japanese or Asian ISP's are being excluded). and most of the ones in the US that are working are getting transit from Japanese and/or Asian ISP's and it is just luck really. and as some others in Reddit has said the PSO2 team don't want or care to have non Japanese or Asian players so it could stop working at anytime.
tdumaine
Premium Member
join:2004-03-14
Seattle, WA

tdumaine

Premium Member

said by Napsterbater:

Charter / TeliaSonera, still has no route.

Level3, still has no route.

Cogent, still has no route.

Oh and Reddit posters (specifically from here »www.reddit.com/r/PSO2/co ··· _no_its/), just because some ISP's can connect and some cant doesn't make this a theory, just proves what I said above, AS4694 is not announcing 210.189.208.0/23 to all ISP's (mostly non Japanese or Asian ISP's are being excluded). and most of the ones in the US that are working are getting transit from Japanese and/or Asian ISP's and it is just luck really. and as some others in Reddit has said the PSO2 team don't want or care to have non Japanese or Asian players so it could stop working at anytime.

You are correct. DSLX (dsl extreme) network engineers gave this info also, see »Dslextreme blocking access to phantasy star online 2

Napsterbater
Meh
MVM
join:2002-12-28
Milledgeville, GA

Napsterbater

MVM

Awesome, props to DSLx I love ISP's that speak out on technical issues like this.

Nice to have backup as well from just the massive amount of idiotic info posted in reddit.

battleop
join:2005-09-28
00000

battleop to Napsterbater

Member

to Napsterbater
We do something similar for Chinese networks though they may use a different method. We eventually get fed up with the shit flowing from Chinese IP space so we just create ACLs to dump their garbage at the edge of our network.

They probably got fed up with Denial of Service attacks and just dropped all non domestic traffic.

kamm
join:2001-02-14
Brooklyn, NY

kamm to Mikeysama

Member

to Mikeysama
After leaving the network of my local (Manhattan) indie ISP:

7 106 ms 109 ms 108 ms lv-ten1-3-chi-ten1-6.bboi.net [64.127.128.130]
8 155 ms 150 ms 154 ms la-ten1-3-lv-ten1-3.bboi.net [66.186.192.21]
9 147 ms 153 ms 143 ms 66.186.192.62
0 * * * Request timed out.
1 80 ms 79 ms 79 ms lajbb002.kddnet.ad.jp [59.128.2.185]
2 203 ms 177 ms 197 ms otejbb206.int-gw.kddi.ne.jp [203.181.100.169]
3 191 ms 193 ms 190 ms cm-ote257.int-gw.kddi.ne.jp [118.155.197.52]
4 174 ms 174 ms 174 ms 125.29.25.94
5 166 ms 167 ms 167 ms 203.141.47.218
6 165 ms 164 ms 165 ms ae1.tnhcr02.idc.jp [158.205.134.10]
7 * * * Request timed out.
8 * * * Request timed out.
9 * * * Request timed out.
0 184 ms 184 ms 184 ms 158.205.188.253
1 164 ms 174 ms 202 ms lag3.l303.ta1.eg.idc.jp [158.205.188.250]
2 175 ms 172 ms 171 ms 158.205.104.60
3 171 ms 169 ms 170 ms 210.189.209.8
4 * * * Request timed out.
5 * * * Request timed out.
6 * * * Request timed out.
7 * * * Request timed out.
8 * * * Request timed out.
9 * * * Request timed out.
0 * * * Request timed out.
tdumaine
Premium Member
join:2004-03-14
Seattle, WA

tdumaine

Premium Member

Ya, it wont route from comcast either