mcnightmare -

That is a normal public IP - DNSstuff is simply inaccurate.

Randy Williams, CTO

Hi,

The person went to www.whatismyip.com and it returned with the IP address given in the traceroute.

Thanks for your help!

Hal

thanks...

everyting is working propely... for now

thanks Randy

Randy,

I received the following email from a user:

-----------
On November 15th 2003, IANA allocated 83/8 and 84/8 to RIPE. RIPE has started allocating prefixes from these blocks. 83.152.0.0 - 83.155.255.255 has been assignated to "Tiscali France"


As my IP is 83.152.134.96 i can not connect to :
-----------

I tried to traceroute to his IP:

-----------
traceroute to 83.152.134.96 (83.152.134.96), 30 hops max, 38 byte packets
1 207.44.152.1 (207.44.152.1) 0.409 ms 0.282 ms 0.168 ms
2 ivhou-207-218-245-15.ev1.net (207.218.245.15) 0.305 ms 0.422 ms *
3 64.245.101.9 (64.245.101.9) 1.172 ms 0.990 ms 1.112 ms
4 iah10-core2-so-0-0-0-0.atlas.algx.net (165.117.192.145) 1.125 ms 1.319 ms *
5 dfw10-core1-so-7-0-0-0.atlas.algx.net (165.117.200.53) 6.222 ms 6.370 ms 5.973 ms
6 dfw10-core2-so-0-1-0-0.atlas.algx.net (165.117.192.18) 6.104 ms 6.169 ms *
7 atl10-core1-so-0-2-0-0.atlas.algx.net (165.117.200.1) 24.152 ms 24.543 ms 24.164 ms
8 atl10-core2-so-0-1-0-0.atlas.algx.net (165.117.192.2) 24.637 ms 24.126 ms *
9 dca10-core1-so-7-0-0-0.atlas.algx.net (165.117.200.6) 36.212 ms 35.885 ms 36.026 ms
10 iad3-core3-pos5-0.atlas.algx.net (165.117.67.62) 36.626 ms 36.740 ms 36.528 ms
11 * * *
12 iad3-core10-pos7-0.atlas.algx.net (165.117.69.165) 36.717 ms 36.916 ms 36.579 ms
13 equinix-was.ip.tiscali.net (206.223.115.19) 35.752 ms 35.421 ms 35.518 ms
14 * so-3-0-0.par20.ip.tiscali.net (213.200.81.49) 110.715 ms 110.959 ms
15 tiscali-fr-2.ip.tiscali.net (213.200.76.122) 110.866 ms 110.753 ms 110.818 ms
16 so-0-0-0-0.bb1.par.net.tiscali.fr (212.129.8.26) 111.312 ms 111.309 ms 111.555 ms
17 ge1-1.gw1.par.net.tiscali.fr (213.36.82.73) 111.351 ms 111.342 ms vlan29.gw1.par.net.tiscali.fr (213.36.82.142) 111.197 ms
18 ge2-1-0.lns06.par.net.tiscali.fr (213.36.82.5) 111.458 ms 111.479 ms 111.352 ms
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * *
-----------

I know my servers are not blocking any of the IP's in the range and judging from the traceroute, it looks like the problem is on his countries end.

Can you confirm that so I can inform the user?

Thanks.

sekkey -

Actually I would guess that your server's firewall is blocking that recently released IP number.

The trace you posted shows that your server blocked the packet from 83.152.134.96. My trace from your distribution router makes it to the remote host - 1 hop beyond your trace.

ivhou-ni-120#trace 83.152.134.96 so 207.44.152.1
Type Control-c to abort
Tracing the route to IP node 83.152.134.96 from 1 to 30 hops

1 <1 ms <1 ms <1 ms ivhou-207-218-245-15.ev1.net [207.218.245.15]
2 <1 ms <1 ms <1 ms 64.245.101.9
3 1 ms 1 ms 1 ms iah10-core2-so-0-0-0-0.atlas.algx.net [165.117.192.145]
4 6 ms 5 ms 5 ms dfw10-core1-so-7-0-0-0.atlas.algx.net [165.117.200.53]
5 5 ms 5 ms 6 ms dfw10-core2-so-0-1-0-0.atlas.algx.net [165.117.192.18]
6 23 ms 24 ms 24 ms atl10-core1-so-0-2-0-0.atlas.algx.net [165.117.200.1]
7 24 ms 24 ms 24 ms atl10-core2-so-0-1-0-0.atlas.algx.net [165.117.192.2]
8 36 ms 35 ms 35 ms dca10-core1-so-7-0-0-0.atlas.algx.net [165.117.200.6]
9 36 ms 36 ms 36 ms iad3-core3-pos5-0.atlas.algx.net [165.117.67.62]
10 36 ms 36 ms 36 ms iad3-core2-pos6-0.atlas.algx.net [165.117.64.5]
11 36 ms 36 ms 36 ms iad3-core10-pos7-0.atlas.algx.net [165.117.69.165]
12 35 ms 35 ms 35 ms equinix-was.ip.tiscali.net [206.223.115.19]
13 110 ms 110 ms 110 ms so-3-0-0.par20.ip.tiscali.net [213.200.81.49]
14 110 ms 110 ms 110 ms tiscali-fr-2.ip.tiscali.net [213.200.76.122]
15 111 ms 110 ms 110 ms so-0-0-0-0.bb1.par.net.tiscali.fr [212.129.8.26]
16 111 ms 111 ms 111 ms ge1-1.gw1.par.net.tiscali.fr [213.36.82.73]
17 110 ms 111 ms 111 ms ge2-1-0.lns06.par.net.tiscali.fr [213.36.82.5]
18 152 ms 153 ms 150 ms dyn-83-152-134-96.ppp.tiscali.fr [83.152.134.96]

If dropping your firewall does not help, then provide me with an inbound trace from that host, and have the remote host ping other servers on your subnet like 207.44.152.4 and 207.44.152.44 and post those results as well.

Randy Williams, CTO

Thanks Randy.

I got it figured out.

Randy,

Thank you for your help in trying to confirm this...

So as I can go to the next step with the host or my provider, please help me make sure I understand this--->


"This suggests that the server is blocking the remote host(s) "

--->means that somehow the server with redacorn.org is using for my account is blocking me or the ISP I am using?


"or the remote host(s) are specifically blocking the server."
-
--> Or vice versa?


Specifically, what does that mean (possibky many things I guess, but....)


a) If redacorn.org is using your server, why would your server block me? (Probably I don't understand the meaning of blocking).

(b) Is this something I should tell my ISP?
They said THEY can receive the site redacorn.org
at their end, as well as mine.

Should I ask them to test something between
their computer and me?


© Is the best solution to tell anyone who has trouble to use a proxy server, or is this something redacorn.org can clear up at their end?

(d) Is this a problem with my ISP? They are a well known cable music (like Musak) company who recently (a year ago?) entered the fiber optic ISP business.

Thanks in advance for checking. Hopefully the data you gave me can be used with either my ISP or
<------------------


redacorn.org
(I would guess the server is blocking the hosts.) It does not appear to be a network related issue...




Thanks again!

arenson-



This would be my guess. The remote host 221.242.10.34 (in this case) can access other servers, just not the one in question. I would guess the server is some how blocking the remote user. This happens all of the time...


It is possible that a firewall on 221.242.10.34 is specifically blocking the server, although this happens less frequently...

a. possible firewall misconfiguration
b. if the server's firewall is not the problem, then you should again work with your ISP
c. the best solution is to eliminate the root of the problem which could be the server
d. this is still unclear

Randy Williams, CTO

Thanks, Randy.

I will post this to Emma at Redacorn.org

Meanwhile, i asked a friend in another Japanese city who is a Unix and Linux person, who can get the site (as I can at a different location), and he did his own test and found the following. I will post that here and
also post your stuff to him.

I wonder if his test gives you any more info--->



FROM KAZ TO PAUL
As for tokyoprogressive.org.uk, curiously however,
I can see the website via http://tokyoprogressive.org.uk/
though ping could not reach.

seems timed out.
when I traceroute to tokyoprogressive.org.uk;
...
5 61.120.146.105 (61.120.146.105) 0.994 ms 0.890 ms 0.992 ms
6 xe-1-0-0.r21.tokyjp01.jp.bb.verio.net (61.213.162.233) 1.056 ms
1.224 ms 1.041 ms
7 p16-1-1-1.r82.mlpsca01.us.bb.verio.net (129.250.4.129) 101.333 ms
115.155 ms 115.093 ms
8 xe-0-3-0.r21.mlpsca01.us.bb.verio.net (129.250.2.55) 101.596 ms
101.407 ms 101.434 ms
9 p64-0-0-0.r21.plalca01.us.bb.verio.net (129.250.5.48) 102.961 ms
102.794 ms 102.693 ms
10 xe-0-2-0.r20.plalca01.us.bb.verio.net (129.250.4.230) 103.172 ms
103.561 ms 102.730 ms
11 p16-0-1-1.r20.dllstx09.us.bb.verio.net (129.250.4.104) 140.833 ms
140.912 ms 140.844 ms
12 p16-5-0-0.r02.hstntx01.us.bb.verio.net (129.250.5.41) 146.320 ms
p16-6-0-0.r00.hstntx01.us.bb.verio.net (129.250.5.5) 145.761 ms
p16-5-0-0.r02.hstntx01.us.bb.verio.net (129.250.5.41) 159.768 ms
13 ge-1.ev1.hstntx01.us.bb.verio.net (129.250.10.70) 146.543 ms 160.253
ms ge-0.ev1.hstntx01.us.bb.verio.net (129.250.10.66) 147.655 ms
14 ivhou-207-218-245-117.ev1.net (207.218.245.117) 146.703 ms 147.173
ms 146.771 ms
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
...

and see the results of
whois 207.44.196.39:

--
OrgName: Everyones Internet, Inc.
OrgID: EVRY
Address: 2600 Southwest Freeway
Address: Suite 500
City: Houston
StateProv: TX
PostalCode: 77098
Country: US

NetRange: 207.44.128.0 - 207.44.255.255
CIDR: 207.44.128.0/17
NetName: EVRY-BLK-11
NetHandle: NET-207-44-128-0-1
Parent: NET-207-0-0-0-0
NetType: Direct Allocation
NameServer: NS1.EV1.NET
NameServer: NS2.EV1.NET
Comment:
RegDate:
Updated: 2002-05-08
--

redacorn.org seems a reseller of ev1.net.
and there seems routing error or some trouble in ev1.net.

I'm not sure why.

END OF HIS POST


Based on your evaluation of what he says I will email Emma and mention what you said.


Paul

arenson -

All you have to do is trace to 207.44.196.40 (the server next to tokyoprogressive.org.uk) to see that there is nothing wrong with our routers. Of course this statement "I can see the website" indicates that packets have continuity...

Randy Williams, CTO

I have 3 servers on the old DataCenter, and I can't see any of them with my broadband connection.

Source IP: 207.248.39.254

Destination IP: 66.98.224.70

Tracing route to linux.servidor4.net [66.98.224.70]

over a maximum of 30 hops:



1 10 ms 7 ms 7 ms 10.10.0.1

2 12 ms 11 ms 11 ms 10.1.2.1

3 10 ms 8 ms 8 ms 207.248.34.249

4 42 ms 42 ms 43 ms host-200-56-124-89.block.alestra.net.mx [200.56.124.89]

5 43 ms 45 ms 44 ms rdmty1.alestra.net.mx [148.244.145.97]

6 45 ms 44 ms 45 ms rcmty1.alestra.net.mx [148.244.145.161]

7 44 ms 42 ms 42 ms 12.118.184.81

8 46 ms 45 ms 45 ms gbr1-p70.attga.ip.att.net [12.123.21.2]

9 45 ms 44 ms 47 ms tbr1-p013502.attga.ip.att.net [12.122.12.13]

10 45 ms 46 ms 42 ms ggr1-p340.attga.ip.att.net [12.122.12.30]

11 61 ms 60 ms 60 ms p4-2.core01.atl01.atlas.cogentco.com [154.54.10.109]

12 70 ms 70 ms 71 ms p14-0.core01.mco01.atlas.cogentco.com [66.28.4.153]

13 73 ms 72 ms 91 ms p14-0.core01.tpa01.atlas.cogentco.com [66.28.4.142]

14 77 ms 74 ms 76 ms p5-0.core01.iah01.atlas.cogentco.com [66.28.4.45]

15 * * * Request timed out.

16 * * * Request timed out.

17 * * * Request timed out.

18 * * * Request timed out.

19 * * * Request timed out.

20 * * * Request timed out.

21 * * * Request timed out.

22 * * * Request timed out.

23 * * * Request timed out.

24 * * * Request timed out.

25 * * * Request timed out.

Destination IP: 64.246.58.88

Tracing route to linux.servidor2.net [64.246.58.88]

over a maximum of 30 hops:



1 11 ms 27 ms 6 ms 10.10.0.1

2 11 ms 16 ms 10 ms 10.1.2.1

3 9 ms 8 ms 9 ms 207.248.34.249

4 43 ms 43 ms 43 ms host-200-56-124-89.block.alestra.net.mx [200.56.124.89]

5 44 ms 43 ms 43 ms rdmty1.alestra.net.mx [148.244.145.65]

6 83 ms 45 ms 46 ms rcmty1.alestra.net.mx [148.244.145.161]

7 43 ms 45 ms 43 ms 12.118.184.61

8 46 ms 45 ms 45 ms gbr1-p70.attga.ip.att.net [12.123.21.2]

9 43 ms 43 ms 43 ms tbr2-p013502.attga.ip.att.net [12.122.12.33]

10 46 ms 44 ms 46 ms ggr1-p370.attga.ip.att.net [12.123.20.253]

11 60 ms 59 ms 63 ms p4-2.core01.atl01.atlas.cogentco.com [154.54.10.109]

12 69 ms 69 ms 70 ms p14-0.core01.mco01.atlas.cogentco.com [66.28.4.153]

13 71 ms 71 ms 71 ms p14-0.core01.tpa01.atlas.cogentco.com [66.28.4.142]

14 75 ms 76 ms 75 ms p5-0.core01.iah01.atlas.cogentco.com [66.28.4.45]

15 * * * Request timed out.

16 * * * Request timed out.

17 * * * Request timed out.

18 * * * Request timed out.

19 * * * Request timed out.

20 * * * Request timed out.

21 * * * Request timed out.

22 * * * Request timed out.

23 * * * Request timed out.

24 * * * Request timed out.

25 * * * Request timed out.

26 * * * Request timed out.

27 * * * Request timed out.

28 * * * Request timed out.

29 * * * Request timed out.

30 * * * Request timed out.

elenlace,

Your traceroute is dying at the same place I reported back on Tuesday. I've also had a trouble ticket opened since Wednesday at 1AM for this problem which EV1 staff closed on me this morning as resolved while I was trying to get the IP number they asked for. (I reopened the ticket a couple hours later after I got the information). Hopefully someone will at least acknowledge that there is a problem or at least get back with some information about what is going on.

Hal

hbouma -

elenlace's problem has been identified...

Your trace indicates we are not blocking either of the IPs - source or destination.



Can the remote host ping servers 66.98.208.98 and 66.98.208.100 ?

Randy Williams, CTO

Techiesurfer...

We are back up again without any issues; it came back at around 10:30am CST. Just for reference, what was the problem?

Thks for the help.

elenlace.

elenlace -

That IP appears to be hacked. It shows up more than once in our logs... Check your PM...

Randy Williams, CTO

One of my customers havent been able to access my site for over a month. At first we thought it was a temporary problem at his isp or something like that. But the issue havent been resolved. The user is able to access these forums and ev1servers.net but not my server.
The same problem seem to happen to other hosts using the same isp as my customer. For instance this ip: 83.108.140.201 get the same results.
I'll post the traces below.

Customer ip: 83.109.155.143
Server ip: 66.98.140.58

Traceroute from customer to server:

traceroute to 66.98.140.58 (66.98.140.58), 30 hops max, 38 byte packets
1 ti221110a080-l1.ti.telenor.net (83.109.128.0) 12.265 ms 10.941 ms 11.262 ms
2 ti251002c050-ge4-0.ti.telenor.net (146.172.206.45) 11.121 ms 11.500 ms 11.258 ms
3 ti200002c050-pos3-1.ti.telenor.net (146.172.250.250) 11.163 ms 10.636 ms 11.436 ms
4 ti100002c050-pos9-0.ti.telenor.net (146.172.248.5) 10.474 ms 12.359 ms 11.256 ms
5 ti100001c050-pos6-0.ti.telenor.net (146.172.248.1) 10.084 ms 10.855 ms 11.578 ms
6 ti100001b051-ge0-0.ti.telenor.net (146.172.248.94) 10.666 ms 10.658 ms 11.092 ms
7 nb01b12-ge0-0.nb.telenor.net (217.70.229.65) 11.676 ms 11.196 ms 11.099 ms
8 nb21b12-pos4-3.nb.telenor.net (217.70.227.22) 34.527 ms 33.535 ms 33.293 ms
9 195.66.226.185 (195.66.226.185) 32.497 ms 32.779 ms 33.124 ms
10 p6-0.core02.jfk01.atlas.cogentco.com (154.54.1.5) 101.944 ms 103.604 ms 103.863 ms
11 p15-0.core01.jfk01.atlas.cogentco.com (66.28.4.165) 102.404 ms 106.913 ms 102.142 ms
12 p12-0.core01.jfk02.atlas.cogentco.com (66.28.4.10) 102.787 ms 104.390 ms 104.838 ms
13 p4-0.core02.dca01.atlas.cogentco.com (66.28.4.81) 109.399 ms 108.631 ms 107.887 ms
14 p14-0.core01.atl01.atlas.cogentco.com (66.28.4.161) 120.757 ms 120.431 ms 120.277 ms
15 p14-0.core01.mco01.atlas.cogentco.com (66.28.4.153) 279.785 ms 165.975 ms 201.401 ms
16 p14-0.core01.tpa01.atlas.cogentco.com (66.28.4.142) 132.869 ms 132.293 ms 131.264 ms
17 p5-0.core01.iah01.atlas.cogentco.com (66.28.4.45) 149.746 ms 152.140 ms 150.928 ms
18 EveryonesInternet.demarc.cogentco.com (38.112.12.178) 151.090 ms 153.116 ms 152.631 ms
19 ivhou-207-218-245-110.ev1.net (207.218.245.110) 152.433 ms 151.462 ms 152.285 ms
20 * * *



Traceroute from server to customer:

1 66.98.140.1 (66.98.140.1) 0.517 ms 0.388 ms 0.330 ms
2 ivhou-207-218-245-7.ev1.net (207.218.245.7) 0.334 ms 0.936 ms *
3 ivhou-207-218-223-6.ev1.net (207.218.223.6) 0.436 ms 0.734 ms 0.370 ms
4 g1-ba21.b006555-1.iah01.atlas.cogentco.com (38.112.12.177) 1.865 ms 1.474 ms 1.401 ms
5 p15-0.core01.tpa01.atlas.cogentco.com (66.28.4.46) 20.880 ms 20.961 ms *
6 p5-0.core01.mco01.atlas.cogentco.com (66.28.4.141) 22.618 ms 22.828 ms 22.647 ms
7 p15-0.core01.atl01.atlas.cogentco.com (66.28.4.154) 47.951 ms 32.108 ms 31.968 ms
8 * p5-0.core02.dca01.atlas.cogentco.com (66.28.4.162) 43.721 ms 43.772 ms
9 p6-0.core01.jfk02.atlas.cogentco.com (66.28.4.82) 49.670 ms 50.605 ms 49.589 ms
10 nb10b11.nb.telenor.net (198.32.118.27) 49.801 ms 49.602 ms 49.649 ms
11 * * *
12 nb01b12-ge2-0.nb.telenor.net (217.70.227.17) 248.961 ms 317.095 ms 199.249 ms
13 ti100001b051-ge1-0.ti.telenor.net (217.70.229.66) 142.361 ms 150.085 ms 158.493 ms
14 * * *
15 * * *
16 * * *
17 * * *
18 ti221110a080.ti.telenor.net (146.172.161.173) 146.771 ms 144.221 ms 144.981 ms
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *

svenneman -

According to the trace we are not blocking either the source or the destination IP.

Unfortunately the inbound trace was probably done with UDP and your server does not allow UDP traces, but your server does accept ICMP). I would like to see the trace re-done with an ICMP trace (windows) and/or pings.

Can the remote host ping 66.98.140.56 and 66.98.140.59 ?

Randy Williams, CTO

The remote host was able to ping the other two addresses. He does not have access to a windows computer so pings and traceroutes are only available on a linux machine, and from what I can understand from your last message linux uses udp instead of icmp packets.

I am not sure my server does block udp pings and traceroutes because I'm able to ping/traceroute it from both my windows machines and linux machine.

svenneman -

Can the remote host ping the server ?

Randy Williams, CTO

no,

My customer will post below with some info that he got after talking to his isp.

Just got of the phone with my isp. They said the problem is partly theirs and partly yours. It looks like they have started using a new ip range, but 66.98.140.58 doesn't like this ip range it seams.

new ip range: 83.108.0.0/15

They are working on fixing this problem.

They also mentioned that some of their ruters aren't updated with the new ip ranges, but since the traceroute stops 1 server from 66.98.140.58 I don't think thats the problem. It may be a problem the other way though, when the packets are returned.

Geeze, using over a month on updating ruters...I should get a new isp

oh, and I can connect to the server using a puplic webbased proxy

svenneman -

It would appear your server is blocking that remote host...

Randy Williams, CTO

the only hosts I'm blocking with my apf fw is 219.95.185.32 and 128.134.0.0/16

I dont see where else I would be blocking the ip's.

svenneman -

APF blocks 'unroutable' (10.x.x.x for instance) IP numbers by default. Your list of unroutable numbers needs updating - there have been many changes...

Randy Williams, CTO

I'll be damned, oh well, I'll try to find a way to update the list in apf then

btw thanks for the help

fixed it by updating apf

Always post:
a) the exact source IP having trouble (client workstation?)

4.65.144.248

b) the exact destination IP (your server?)

69.57.134.85

c) an inbound traceroute from/to the source and destinations above



Tracing route to amusive.com [69.57.134.85]

over a maximum of 30 hops:



1 21 ms 18 ms 15 ms evrtwa1-ar3-4-65-144-001.evrtwa1.dsl-verizon.net [4.65.144.1]

2 80 ms 15 ms 15 ms 4.24.53.17

3 16 ms 26 ms 160 ms p7-0.evrtwa1-cr1.bbnplanet.net [4.24.125.117]

4 15 ms 16 ms 18 ms p3-0.evrtwa1-br1.bbnplanet.net [4.24.5.101]

5 74 ms 18 ms 18 ms so-5-1-1.mp1.Seattle1.Level3.net [4.68.127.73]

6 84 ms 96 ms 85 ms so-0-2-0.bbr1.Atlanta1.Level3.net [209.247.9.101]

7 173 ms 106 ms 84 ms so-7-2-0.gar1.Atlanta1.Level3.net [209.247.9.158]

8 85 ms 209 ms 114 ms 67.72.8.38

9 85 ms 84 ms 84 ms core-02-ge-0-2-0-0.atln.twtelecom.net [66.192.243.34]

10 95 ms 91 ms 92 ms 66.192.243.16

11 92 ms 92 ms 92 ms 168.215.172.47

12 125 ms 223 ms 128 ms 216-54-253-2.gen.twtelecom.net [216.54.253.2]

13 * * * Request timed out.

14 * * * Request timed out.

15 * * * Request timed out.

16 * * * Request timed out.

17 * *

d) outbound traceroute from your server

traceroute to 4.65.144.248 (4.65.144.248), 30 hops max, 38 byte packets
1 69.57.134.1 (69.57.134.1) 0.504 ms 0.340 ms 0.281 ms
2 ivhou-207-218-245-11.ev1.net (207.218.245.11) 0.426 ms 0.537 ms 0.282 ms
3 64.245.101.29 (64.245.101.29) 1.455 ms 1.594 ms 1.459 ms
4 iah10-core2-so-0-0-0-0.atlas.algx.net (165.117.192.145) 1.751 ms 1.882 ms 1.752 ms
5 dfw10-core1-so-7-0-0-0.atlas.algx.net (165.117.200.53) 7.031 ms 7.159 ms 6.600 ms
6 dfw10-core2-so-0-1-0-0.atlas.algx.net (165.117.192.18) 13.797 ms 6.725 ms 20.409 ms
7 dfw10-core10-pos7-0.atlas.algx.net (165.117.192.74) 6.744 ms 6.732 ms 7.043 ms
8 dfw5-core2-pos5-0.atlas.algx.net (165.117.69.129) 6.747 ms 6.592 ms 6.486 ms
9 dfw5-core3-pos6-0.atlas.algx.net (165.117.48.126) 7.446 ms 6.734 ms 6.746 ms
10 dfw5-core10-pos7-0.atlas.algx.net (165.117.48.30) 6.602 ms 6.446 ms 6.465 ms
11 206.111.5.45.ptr.us.xo.net (206.111.5.45) 6.462 ms 6.442 ms 7.168 ms
12 p5-0-0.RAR2.Dallas-TX.us.xo.net (65.106.4.185) 6.746 ms 8.421 ms 6.891 ms
13 p0-0-0d0.RAR1.Dallas-TX.us.xo.net (65.106.1.37) 7.159 ms 7.153 ms 7.309 ms
14 * * *

Both my servers on 67.15.20.xx seems to be down ?
anyone else ?

Yes. Are you from the west coast too?

And my last responding hop, from my home computer to my server, is identical to #12 posted (almost) directly above.

I'm in Utah.

amusive: How did you get a traceroute from your server? How did you reach your server to be able to accomplish that?

I am on west coast and cant see server on few subnets.
VZN DSL ISP, any one else having VZN issues or its related to EV! routing ??

Source IP : 202.87.42.200 (India)
Destination IP : 207.44.176.70 (Ev1)

traceroute to 207.44.176.70 (207.44.176.70), 30 hops max, 38 byte packets
1 202.87.42.193 (202.87.42.193) 0.498 ms 0.327 ms 0.398 ms
2 203.199.24.46 (203.199.24.46) 2.822 ms 1.685 ms 1.294 ms
3 202.54.1.152 (202.54.1.152) 2.157 ms 1.493 ms 1.557 ms
4 202.54.2.18 (202.54.2.18) 213.334 ms 207.305 ms 207.650 ms
5 10.ge-3-0-1.mpr1.lga4.us.above.net (64.125.12.121) 288.232 ms 282.820 ms 283.611 ms
6 so-6-0-0.cr1.lga2.us.above.net (64.125.29.237) 289.086 ms 289.651 ms 288.118 ms
7 so-0-0-0.cr1.lga1.us.above.net (64.125.28.245) 289.103 ms 289.175 ms 289.956 ms
8 so-1-0-0.cr1.iad1.us.above.net (64.125.28.61) 290.606 ms 290.302 ms 291.494 ms
9 so-1-0-0.cr1.dca2.us.above.net (64.125.28.125) 289.057 ms 291.801 ms 288.880 ms
10 pos2-0.mpr2.atl4.us.above.net (64.125.28.50) 299.839 ms 300.957 ms 302.859 ms
11 pos13-0.er1.atl4.us.above.net (64.125.30.237) 300.329 ms 300.058 ms 300.332 ms
12 so-3-3-0.mpr2.iah1.us.above.net (64.125.29.66) 315.994 ms 312.619 ms 313.051 ms
13 216.200.251.61.ev1.net (216.200.251.61) 309.370 ms 308.795 ms 307.490 ms
14 * * *
15 * * *

Source : 207.44.176.70 (Ev1)
Destination : 202.87.42.200

traceroute to 202.87.42.200 (202.87.42.200), 30 hops max, 38 byte packets
1 207.44.176.1 (207.44.176.1) 0.585 ms 0.216 ms 0.277 ms
2 ivhou-207-218-245-15.ev1.net (207.218.245.15) 0.808 ms 0.296 ms 1.044 ms
3 64.245.101.9 (64.245.101.9) 1.074 ms 1.068 ms 1.310 ms
4 iah10-core2-so-0-0-0-0.atlas.algx.net (165.117.192.145) 1.142 ms 1.481 ms 1.136 ms
5 dfw10-core1-so-7-0-0-0.atlas.algx.net (165.117.200.53) 6.870 ms 6.389 ms 6.488 ms
6 dfw10-core2-so-0-1-0-0.atlas.algx.net (165.117.192.18) 6.192 ms 6.237 ms 6.175 ms
7 dfw10-core10-pos7-0.atlas.algx.net (165.117.192.74) 6.172 ms 6.132 ms 6.390 ms
MPLS Label=17083 CoS=1 TTL=1 S=0
8 dfw5-core2-pos5-0.atlas.algx.net (165.117.69.129) 6.243 ms 6.145 ms 20.438 ms
MPLS Label=15731 CoS=1 TTL=1 S=0
9 dfw5-core3-pos6-0.atlas.algx.net (165.117.48.126) 6.231 ms 6.232 ms 6.097 ms
MPLS Label=15898 CoS=1 TTL=1 S=0
10 dfw5-core10-pos7-0.atlas.algx.net (165.117.48.30) 6.269 ms 6.199 ms 6.037 ms
11 206.111.5.45.ptr.us.xo.net (206.111.5.45) 5.944 ms 13.068 ms 131.361 ms
12 p5-0-0.RAR2.Dallas-TX.us.xo.net (65.106.4.185) 6.243 ms 6.490 ms 6.374 ms
13 p0-0-0d0.RAR1.Dallas-TX.us.xo.net (65.106.1.37) 6.631 ms 14.818 ms 6.441 ms
14 * * *
15 * * *

This problem is occuring for several other, but not all ISP in India.

Regards,
Ninad

I can connect now, but the ping times are really high - this has been an issue over the past week or two:



Target Name: texas12.escapedturkey.net
IP: 67.15.20.12
Date/Time: 6/8/2004 4:04:48 AM

1 16 ms 16 ms 16 ms [4.8.12.1]
2 15 ms 15 ms 15 ms [4.24.33.153]
3 15 ms 15 ms 15 ms p4-0.lsanca2-cr1.bbnplanet.net [4.25.111.13]
4 32 ms 16 ms 16 ms p3-0.lsanca2-br2.bbnplanet.net [4.25.111.2]
5 15 ms 16 ms 16 ms so-5-0-0-100.xlsanca17-level3.bbnplanet.net [64.159.4.33]
6 31 ms 15 ms 15 ms so-10-0.core2.LosAngeles1.Level3.net [4.68.113.174]
7 16 ms 16 ms 31 ms so-11-0.core1.LosAngeles1.Level3.net [4.68.113.169]
8 16 ms 16 ms 16 ms p16-1-1-3.r21.lsanca01.us.bb.verio.net [129.250.9.33]
9 15 ms 15 ms 31 ms p64-0-0-0.r20.lsanca01.us.bb.verio.net [129.250.2.112]
10 47 ms 47 ms 62 ms p16-1-1-3.r21.dllstx09.us.bb.verio.net [129.250.4.197]
11 63 ms -32764 ms 78 ms p16-5-0-0.r00.hstntx01.us.bb.verio.net [129.250.5.43]
12 -32764 ms 63 ms 63 ms ge-6.ev1.hstntx01.us.bb.verio.net [129.250.10.190]
13 78 ms 93 ms 93 ms gphou-66-98-241-124.ev1.net [66.98.241.124]
14 78 ms 94 ms 94 ms [67.15.20.12]

But notice to one of my other servers, it's fine:

Target Name: texas1.escapedturkey.net
IP: 67.15.18.53
Date/Time: 6/8/2004 4:05:15 AM

1 15 ms 15 ms 15 ms [4.8.12.1]
2 15 ms 15 ms 15 ms [4.24.33.153]
3 16 ms 16 ms 16 ms p4-1.lsanca2-cr1.bbnplanet.net [4.24.207.1]
4 16 ms 16 ms 16 ms p3-0.lsanca2-br2.bbnplanet.net [4.25.111.2]
5 15 ms 15 ms 15 ms so-5-0-0-100.xlsanca17-level3.bbnplanet.net [64.159.4.33]
6 15 ms 15 ms 15 ms so-10-0.core2.LosAngeles1.Level3.net [4.68.113.174]
7 16 ms 16 ms 32 ms so-11-0.core1.LosAngeles1.Level3.net [4.68.113.169]
8 16 ms 31 ms 15 ms p16-1-1-3.r21.lsanca01.us.bb.verio.net [129.250.9.33]
9 31 ms 31 ms 16 ms p64-0-0-0.r20.lsanca01.us.bb.verio.net [129.250.2.112]
10 63 ms 63 ms 63 ms p16-1-1-3.r21.dllstx09.us.bb.verio.net [129.250.4.197]
11 -32764 ms 63 ms 63 ms p16-6-0-0.r02.hstntx01.us.bb.verio.net [129.250.5.101]
12 62 ms -32764 ms 62 ms ge-6.ev1.hstntx01.us.bb.verio.net [129.250.10.190]
13 62 ms 62 ms 62 ms gphou-66-98-240-123.ev1.net [66.98.240.123]
14 63 ms 63 ms 63 ms [67.15.18.53]

Bad switch or router?

1 54 ms 18 ms 18 ms 10.1.61.1
2 18 ms 18 ms 18 ms at-5-0-0-1712.CORE-RTR1.RES.verizon-gni.net [130
.81.11.9]
3 16 ms 17 ms 18 ms so-0-1-0-0.BB-RTR1.RES.verizon-gni.net [130.81.9
.37]
4 17 ms 18 ms 17 ms so-6-0-0-0.PEER-RTR1.ASH.verizon-gni.net [130.81
.10.90]
5 18 ms 23 ms 23 ms 130.81.15.2
6 18 ms 68 ms 18 ms hrndva1wcx2-pos15-1.wcg.net [64.200.89.93]
7 30 ms 29 ms 28 ms drvlga1wcx2-pos4-0.wcg.net [64.200.232.125]
8 28 ms 28 ms 29 ms drvlga1wcx1-oc48.wcg.net [64.200.127.29]
9 48 ms 47 ms 47 ms dllstx1wcx3-pos6-0.wcg.net [64.200.240.21]
10 48 ms 47 ms 47 ms dllstx1wcx2-pos10-0-oc48.wcg.net [64.200.110.77]

11 58 ms * 52 ms hstntx1wce2-pos4-0.wcg.net [64.200.240.74]
12 328 ms 329 ms 329 ms hstntx1wce2-everyonesinternet-gige.wcg.net [65.7
7.93.54]
13 328 ms 328 ms * ivhou-207-218-245-124.ev1.net [207.218.245.124]

14 329 ms 328 ms 328 ms ns1.pascomwebhosting.com [207.44.136.2]

From server to me (very hard to do from the loss and high ping):
1 207.44.136.1 (207.44.136.1) 0.329 ms 0.246 ms 0.232 ms
2 ivhou-207-218-245-15.ev1.net (207.218.245.15) 0.334 ms 0.350 ms 0.333 ms
3 ivhou-207-218-223-8.ev1.net (207.218.223. 0.326 ms 0.505 ms 0.421 ms
4 g2-ba21.b006555-1.iah01.atlas.cogentco.com (38.112.12.185) 1.519 ms 46.331 ms 1.451 ms
5 p15-0.core01.tpa01.atlas.cogentco.com (66.28.4.46) 20.751 ms 20.768 ms 20.746 ms
6 p5-0.core01.mco01.atlas.cogentco.com (66.28.4.141) 22.442 ms 22.475 ms 22.474 ms
7 p15-0.core01.atl01.atlas.cogentco.com (66.28.4.154) 31.736 ms 31.907 ms 32.119 ms
8 p5-0.core02.dca01.atlas.cogentco.com (66.28.4.162) 43.551 ms 43.528 ms 43.716 ms
9 p15-0.core01.dca01.atlas.cogentco.com (66.28.4.21) 65.545 ms 44.613 ms 96.689 ms
10 p6-1.core01.iad01.atlas.cogentco.com (154.54.1.186) 44.507 ms 44.485 ms 44.441 ms
11 so-2-1-2-0.PEER-RTR1.ASH.verizon-gni.net (130.81.15.9) 310.963 ms *
12 so-7-0-0-0.BB-RTR1.RES.verizon-gni.net (130.81.10.89) 39.655 ms 39.875 ms 39.462 ms
13 so-2-0-0-0.CORE-RTR1.RES.verizon-gni.net (130.81.9.38) 39.943 ms 39.846 ms 40.117 ms
14 A3-0-0-1712.DSL-RTR2.RES.verizon-gni.net (130.81.11.10) 39.867 ms 40.122 ms 39.720 ms

Also i noticed that the problem comes and goes

eturkey -

It appears that each of those servers takes two different return path, and one path is slightly longer than the other (~15 - 30 ms). Both paths had 0% loss as measured with 300 pings earlier today...

This happens when multiple providers have equal routing as defined by BGP, and is not unusual.

Randy Williams, CTO

propcgamer -

I am sure that your problem was related to this:

http://forums.ev1servers.net/showthread.ph...&threadid=46016

Thank you very much for the data.

Randy Williams, CTO

ok thanks, that wasnt there when i looked before i posted:D

LEVEL 3 TRACE

Source: 64.159.0.97
Destination: 66.98.204.224

Show Level 3 (Stamford, CT) Traceroute to 66.98.204.224

1 ge-6-0-0.mp2.Stamford1.Level3.net (64.159.0.97) 0 msec 4 msec 0 msec
2 as-2-0.bbr1.Atlanta1.Level3.net (64.159.1.1) 20 msec 20 msec 20 msec
3 so-7-2-0.gar1.Atlanta1.Level3.net (209.247.9.158) 20 msec 20 msec 24 msec
4 67.72.8.38 20 msec 24 msec 20 msec
5 core-02-ge-0-2-0-0.atln.twtelecom.net (66.192.243.34) [AS4323 {TW-COMM}] 24 msec 20 msec 20 msec
6 66.192.243.16 [AS4323 {TW-COMM}] 48 msec 48 msec 48 msec
7 168.215.172.47 [AS4323 {TW-COMM}] 52 msec 48 msec 48 msec
8 216-54-253-2.gen.twtelecom.net (216.54.253.2) [AS4323 {TW-COMM}] 60 msec 52 msec 64 msec
9 ivhou-207-218-223-115.ev1.net (207.218.223.115) [AS13749 {EVERYONES-INTERNET}] 52 msec 48 msec 52 msec
10 * * *
11 * * *
12 * * *


Source: 66.98.204.224
Destination: 64.159.0.97

Tracing route to ge-6-0-0.mp2.Stamford1.Level3.net [64.159.0.97]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms 66.98.204.1
2 <1 ms <1 ms <1 ms ivhou-207-218-245-14.ev1.net [207.218.245.14]
3 1 ms 1 ms <1 ms hstntx1wce2-gige5-0.wcg.net [65.77.93.53]
4 5 ms 5 ms 5 ms dllstx1wcx2-pos5-0-pos5-0.wcg.net [64.200.240.73]
5 5 ms 5 ms 5 ms dllstx1wcx3-pos10-0.wcg.net [64.200.110.134]
6 6 ms 6 ms 6 ms dllstx9lcx1-pos9-0.wcg.net [64.200.232.210]
7 29 ms 29 ms 29 ms so-2-2-0.edge1.Dallas1.Level3.net [4.68.127.21]
8 29 ms 29 ms 29 ms so-1-2-0.bbr2.Dallas1.Level3.net [209.244.15.165]
9 90 ms 74 ms 49 ms ge-6-0-0.mp2.Stamford1.Level3.net [64.159.0.97]


**********

BERKELEY TRACE

Source: 128.32.206.221
Destination: 66.98.204.224

traceroute from www.net.berkeley.edu to 66.98.204.224
1 vlan206.inr-203-eva.berkeley.edu (128.32.206.1) 1.488 ms 1.016 ms 0.759 ms
2 vlan210.inr-202-doecev.Berkeley.EDU (128.32.255.9) 0.346 ms 0.329 ms 0.280 ms
3 oak-dc2--ucb-ge.cenic.net (137.164.23.29) 1.852 ms 1.690 ms 2.030 ms
4 dc-oak-dc1--oak-dc2-ge.cenic.net (137.164.22.36) 1.950 ms 2.024 ms 1.732 ms
5 dc-svl-dc1--oak-dc1-10ge.cenic.net (137.164.22.30) 90.548 ms 1.896 ms 9.936 ms
6 XOCom-PAIX.Calren2.net (198.32.251.6) 2.201 ms 1.864 ms 2.534 ms
7 206.111.12.110.ptr.us.xo.net (206.111.12.110) 2.010 ms 2.021 ms 1.999 ms
8 sjc3-core1-pos7-0.atlas.algx.net (165.117.67.241) 55.515 ms 54.949 ms 54.683 ms
9 165.117.68.125 (165.117.68.125) 54.861 ms 55.019 ms 54.684 ms
10 lax3-core1-pos6-0.atlas.algx.net (165.117.200.193) 55.082 ms 54.697 ms 54.626 ms
11 lax10-core1-so-7-0-0-0.atlas.algx.net (165.117.200.122) 12.628 ms 13.437 ms 12.250 ms
12 lax10-core2-so-0-1-0-0.atlas.algx.net (165.117.192.26) 12.733 ms 12.533 ms 12.437 ms
13 san11-core1-so-0-2-0-0.atlas.algx.net (165.117.200.66) 16.591 ms 16.021 ms 16.049 ms
14 san11-core2-so-0-1-0-0.atlas.algx.net (165.117.192.38) 16.195 ms 16.301 ms 15.913 ms
15 dfw10-core1-so-0-2-0-0.atlas.algx.net (165.117.200.45) 50.475 ms 50.288 ms 50.120 ms
16 iah10-core2-so-2-0-0-0.atlas.algx.net (165.117.200.54) 54.991 ms 54.863 ms 54.745 ms
17 iah10-edge1-pos7-0.atlas.algx.net (165.117.192.146) 67.465 ms 55.008 ms 54.741 ms
18 ev1.algx.net (64.245.101.30) 50.384 ms 51.389 ms 50.234 ms
19 ivhou-207-218-223-115.ev1.net (207.218.223.115) 50.246 ms 50.272 ms 50.081 ms
20 * * *
21 * * *
22 * * *


Source: 66.98.204.224
Destination: 128.32.206.221

Tracing route to fragment1.berkeley.edu [128.32.206.221]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms 66.98.204.1
2 <1 ms <1 ms <1 ms ivhou-207-218-245-14.ev1.net [207.218.245.14]
3 <1 ms <1 ms <1 ms ivhou-207-218-223-8.ev1.net [207.218.223.8]
4 <1 ms <1 ms <1 ms g2-ba21.b006555-1.iah01.atlas.cogentco.com [38.112.12.185]
5 31 ms 31 ms 31 ms p14-0.core01.san01.atlas.cogentco.com [66.28.4.6]
6 34 ms 34 ms 34 ms p4-0.core01.lax01.atlas.cogentco.com [66.28.4.77]
7 45 ms 45 ms 45 ms p14-0.core01.sjc01.atlas.cogentco.com [66.28.4.74]
8 46 ms 46 ms 46 ms p4-0.core01.sfo01.atlas.cogentco.com [66.28.4.93]
9 46 ms 46 ms 46 ms p15-0.core02.sfo01.atlas.cogentco.com [66.28.4.70]
10 47 ms 47 ms 47 ms CENIC.demarc.cogentco.com [38.112.6.226]
11 47 ms 47 ms 47 ms inet-ucb--lax-isp.cenic.net [137.164.24.142]
12 50 ms 50 ms 50 ms vlan194.inr-202-doecev.Berkeley.EDU [128.32.0.251]
13 51 ms 51 ms 50 ms vlan210.inr-203-eva.Berkeley.EDU [128.32.255.10]
14 50 ms 50 ms 50 ms fragment1

astrotek -

What is the problem? According to your trace nothing is blocked. The server would be the next hop in the inbound traces, but that server currently does not respond to UDP traces...

Randy Williams, CTO

One of my clients in Aussie country cannot reach his sites, is this an ev1 problem or his ISP? Thanks in advance for your time.


traceroute to 69.57.134.148 (69.57.134.148), 30 hops max, 40 byte packets
1 GigabitEthernet0-1.@#!@#!@#!@#!son5.Canberra.telstra.net (203.50.0.5) 0.538 ms 0.407 ms 0.419 ms
2 GigabitEthernet4-1.civ12.Canberra.telstra.net (203.50.8.1) 0.605 ms 0.591 ms 0.582 ms
3 GigabitEthernet3-1.civ-core2.Canberra.telstra.net (203.50.7.5) 0.702 ms 0.521 ms 0.611 ms
4 GigabitEthernet2-2.dkn-core1.Canberra.telstra.net (203.50.6.126) 0.707 ms 0.754 ms 0.717 ms
5 Pos4-0.ken-core4.Sydney.telstra.net (203.50.6.121) 4.24 ms 4.134 ms 4.125 ms
6 10GigabitEthernet3-0.pad-core4.Sydney.telstra.net (203.50.6.86) 4.499 ms 4.489 ms 4.449 ms
7 GigabitEthernet0-0.syd-core01.Sydney.net.reach.com (203.50.13.242) 4.628 ms 4.428 ms 4.446 ms
8 i-6-0.lnx01.net.reach.com (202.84.143.137) 191.496 ms 191.427 ms 191.466 ms
9 i-13-0.paix-core01.net.reach.com (202.84.143.249) 212.373 ms 212.389 ms 212.381 ms
10 134.159.63.250 (134.159.63.250) 179.649 ms 179.624 ms 179.572 ms
11 pos9-0.mpr2.pao1.us.above.net (64.125.29.182) 179.792 ms 179.992 ms 179.691 ms
12 so-6-1-0.mpr4.sjc2.us.above.net (64.125.29.126) 180.845 ms 180.809 ms 180.849 ms
13 so-2-2-0.cr1.dfw2.us.above.net (64.125.29.46) 257.471 ms 257.61 ms 257.583 ms
14 so-3-1-0.mpr1.iah1.us.above.net (64.125.30.229) 262.06 ms 262.013 ms 262.069 ms
15 216.200.251.53.ev1.net (216.200.251.53) 230.675 ms 230.91 ms 230.786 ms
16 ivhou-207-218-245-111.ev1.net (207.218.245.111) 250.702 ms 250.801 ms 250.671 ms
17 * * *
18 * * *
19 * * *
20 * * *
21 * *

Insyder -

You did not post the source address, but from the trace I can tell that nothing is blocked and the packets made it both ways - to and from EV1. The next hop would be your server...

Your server does not respond to UDP traces, so there is little else I can determine.

Have the remote host ping your server as well as several around yours to see if they actually have connectivity to your server or if your server is blocking them.

Randy Williams, CTO

Hi Randy,

Sorry I was not clear. UDP is open and the problem seems to be from (most) of the net. I can get to the server from my home dsl account. Here's the trace.

Tracing route to mail.ueshop.com [66.98.204.224]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms home [10.1.0.1]
2 17 ms 18 ms 18 ms wbar3.lax1-4-8-224-001.dsl-verizon.net [4.8.224.1]
3 20 ms 18 ms 15 ms 4.9.14.162
4 18 ms 18 ms 19 ms so-4-1-0.bbr2.LosAngeles1.Level3.net [4.68.113.173]
5 69 ms 68 ms 68 ms so-0-2-0.bbr1.Atlanta1.Level3.net [209.247.9.101]
6 72 ms 68 ms 68 ms so-7-2-0.gar1.Atlanta1.Level3.net [209.247.9.158]
7 69 ms 69 ms 68 ms 67.72.8.38
8 71 ms 72 ms 70 ms core-02-ge-0-2-0-0.atln.twtelecom.net [66.192.243.34]
9 77 ms 76 ms 76 ms 66.192.243.16
10 80 ms 80 ms 79 ms 168.215.172.47
11 263 ms 105 ms 106 ms 216-54-253-2.gen.twtelecom.net [216.54.253.2]
12 81 ms 79 ms 78 ms ivhou-207-218-223-115.ev1.net [207.218.223.115]
13 77 ms 219 ms 79 ms mail.ueshop.com [66.98.204.224]

I have checked and the Level 3 and Berkeley trace above still times out within the data center.

Thank You.

Tuan.

Hi Randy,

I found the issue, my firewall is having some difficulties, thanks for your attention.

Thank You.
Tuan.

astrotek -

Your latest post contains an ICMP trace. Your server is allowing ICMP, but UDP traces still do not work.

Pings work:
ivhou-jun-8# run ping 66.98.204.224
PING 66.98.204.224 (66.98.204.224): 56 data bytes
64 bytes from 66.98.204.224: icmp_seq=0 ttl=127 time=0.881 ms

UDP traces do not:
ivhou-jun-8# run traceroute 66.98.204.224 no-resolve
traceroute to 66.98.204.224 (66.98.204.224), 30 hops max, 40 byte packets
1 207.218.223.115 0.729 ms 0.538 ms 0.477 ms
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *

UDP traces to servers around yours - no problem:
admin@ivhou-jun-8# run traceroute 66.98.204.230 no-resolve
traceroute to 66.98.204.230 (66.98.204.230), 30 hops max, 40 byte packets
1 207.218.223.115 1.006 ms 0.516 ms 0.477 ms
2 66.98.204.230 0.648 ms 0.525 ms 0.528 ms



I can reach your server from around the world with ICMP:

east coast:
route-views.on>ping 66.98.204.224

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 66.98.204.224, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/40/40 ms
route-views.on>

west coast:
route-views.ab>ping 66.98.204.224

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 66.98.204.224, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 64/110/228 ms
route-views.ab>


Europe:
route-server.ip.tiscali.net>ping 66.98.204.224

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 66.98.204.224, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 148/148/152 ms
route-server.ip.tiscali.net>

Africa:
tpr-route-server>ping 66.98.204.224

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 66.98.204.224, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 296/299/304 ms

Australia:
route-views.optus.net.au>ping 66.98.204.224

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 66.98.204.224, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 192/193/196 ms
route-views.optus.net.au>

Asia:
mix_route-server>ping 66.98.204.224

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 66.98.204.224, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 244/247/248 ms

Your original Level 3 and Berkeley traces indicate that we are not blocking the source or destination. The next hop would be your server, but again you are blocking UDP traces, so it is unclear what happened. Have the Level 3 and Berkeley remote hosts use ICMP traces or pings for troubleshooting...

Randy Williams, CTO

Server IP: 69.57.134.38
Client IP: 65.2.195.78

Client to server:
Version: v1.2 Date: 14-Oct-2001 Copyright: © Gabor Szabo @ Multiple Traceroute Gateway
Other Traceroute Gateways


--------------------------------------------------------------------------------

1 10.1.9.2 (10.1.9.2) 0.606 ms 0.522 ms 0.491 ms
2 66.132.255.21 (66.132.255.21) 0.539 ms 0.511 ms 0.457 ms
3 miamfl6lce2-gige7-0-0.wcg.net (64.200.118.241) 1.049 ms 0.940 ms 0.947 ms
4 miamfl2wcx2-pos12-0.wcg.net (64.200.119.101) 1.160 ms 1.199 ms 1.102 ms
5 dllstx1wcx3-pos4-0-oc48.wcg.net (64.200.210.53) 30.253 ms 30.135 ms 30.542 ms
6 dllstx1wcx2-pos10-0-oc48.wcg.net (64.200.110.77) 30.220 ms 30.265 ms 30.204 ms
7 hstntx1wce2-pos4-0.wcg.net (64.200.240.74) 35.591 ms 35.156 ms 34.994 ms
8 hstntx1wce2-everyonesinternet-gige.wcg.net (65.77.93.54) 35.861 ms 36.185 ms 36.044 ms
9 ivhou-207-218-245-111.ev1.net (207.218.245.111) 36.041 ms 36.160 ms 36.105 ms
10 * * *
11
*


Server to Client:
root@primary [~]# traceroute 65.2.195.78
traceroute to 65.2.195.78 (65.2.195.78), 30 hops max, 38 byte packets
1 69.57.134.1 (69.57.134.1) 0.847 ms 0.419 ms 0.466 ms
2 ivhou-207-218-245-11.ev1.net (207.218.245.11) 1.019 ms 0.859 ms *
3 ivhou-207-218-223-6.ev1.net (207.218.223.6) 0.562 ms 0.664 ms 0.594 ms
4 g1-ba21.b006555-1.iah01.atlas.cogentco.com (38.112.12.177) 2.324 ms 1.851
5 * p15-0.core01.tpa01.atlas.cogentco.com (66.28.4.46) 21.521 ms 21.085 ms
6 p5-0.core01.mco01.atlas.cogentco.com (66.28.4.141) 23.013 ms 22.909 ms 22
7 p15-0.core01.atl01.atlas.cogentco.com (66.28.4.154) 32.169 ms * 32.230 ms
8 * * *
9 65.83.236.61 (65.83.236.61) 32.771 ms 32.488 ms 32.553 ms
10 AXR00AEP-1-0-0.bellsouth.net (65.83.236.48) 32.751 ms 32.538 ms 32.417 ms
11 AXR01ASM-0-3-3.bellsouth.net (65.83.236.53) 33.306 ms * 33.257 ms
12 axr00asm-0-2-0.bellsouth.net (65.83.236. 33.401 ms 33.371 ms 33.212 ms
13 axr01mia-0-3-1.bellsouth.net (65.83.236.15) 51.162 ms 51.073 ms 51.196 ms
14 * BER01BCT-4-0.bellsouth.net (65.83.237.103) 51.478 ms 51.037 ms
15 205.152.110.135 (205.152.110.135) 85.080 ms 85.230 ms 85.568 ms
16 66.156.254.6 (66.156.254.6) 85.109 ms 85.026 ms 84.910 ms
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *


Any help here?

Insyder -

Nothing is being blocked and the next hop would be your server...

Your server does not respond to UDP traces, so there is little else I can determine from this trace.

The outbound trace ends the same from anywhere in the world. For instance here is from Oregon:

route-views.oregon-ix.net>trace 65.2.195.78

Type escape sequence to abort.
Tracing the route to adsl-2-195-78.bct.bellsouth.net (65.2.195.78)

1 vlan60.uonet2-gw.uoregon.edu (128.223.60.3) [AS 3582] 0 msec 0 msec 0 msec
2 0.ge-0-0-0.uonet8-gw.uoregon.edu (128.223.2. [AS 3582] 0 msec 4 msec 0 msec
3 eugn-car1-gw.nero.net (207.98.64.65) [AS 3701] 0 msec 0 msec 4 msec
4 eugn-core1-gw.nero.net (207.98.64.168) [AS 3701] 0 msec 0 msec 4 msec
5 sl-gw4-tac-2-1.sprintlink.net (160.81.115.85) [AS 1239] 4 msec 8 msec 8 msec
6 sl-bb21-tac-3-0.sprintlink.net (144.232.17.9) [AS 1239] 4 msec 20 msec 4 msec
7 sl-bb22-tac-15-0.sprintlink.net (144.232.17.94) [AS 1239] 8 msec 8 msec 4 msec
8 sl-bb20-sea-0-0.sprintlink.net (144.232.9.150) [AS 1239] 8 msec 8 msec 8 msec
9 sl-bb21-sea-15-0.sprintlink.net (144.232.6.90) [AS 1239] 8 msec 8 msec 4 msec
10 POS1-3.BR1.SEA1.ALTER.NET (204.255.174.165) [AS 701] 4 msec 8 msec 8 msec
11 0.so-7-3-0.XL1.SEA1.ALTER.NET (152.63.105.18) [AS 701] 8 msec 4 msec 8 msec
12 0.so-7-0-0.TL1.SEA1.ALTER.NET (152.63.2.130) [AS 701] 8 msec 8 msec 4 msec
13 0.so-4-0-0.TL1.ATL1.ALTER.NET (152.63.1.101) [AS 701] 84 msec 80 msec 84 msec
14 0.so-2-2-0.XL1.MIA4.ALTER.NET (152.63.84.245) [AS 701] 96 msec 100 msec 96 msec
15 0.so-4-0-0.GW8.MIA4.ALTER.NET (152.63.84.53) [AS 701] 100 msec 96 msec 96 msec
16 bs-mia-gw3.customer.alter.net (65.208.86.134) [AS 701] 96 msec 92 msec 92 msec
17 axr01mia-0-0-0.bellsouth.net (65.83.236.21) [AS 6389] 92 msec 92 msec 92 msec
18 AXR00BCT-0-1-0.bellsouth.net (65.83.236.56) [AS 6389] 96 msec 100 msec 96 msec
19 BER00BCT-4-0.bellsouth.net (65.83.237.101) [AS 6389] 92 msec 92 msec 96 msec
20 205.152.110.136 [AS 6198] 92 msec 96 msec 92 msec
21 66.156.254.6 [AS 6198] 92 msec 96 msec 92 msec
22 * * *

Have the remote host ping your server as well as several around yours to see if they actually have connectivity to your server or if your server is blocking them.

Randy Williams, CTO

Well the client says he now has access. I'm not sure if it was his ISP (one of those crazy ones down under) or what. I wish I could have provided more info, but I was able to connect myself from multiple locations in the US. Thanks for looking into this. Have a great one.

1: 24.5.89.145
2: 207.218.192.46
3:
neptune:~ # traceroute 207.218.192.46
traceroute to 207.218.192.46 (207.218.192.46), 30 hops max, 40 byte packets
1 10.147.252.1 8.902 ms 11.542 ms 15.309 ms
2 12.244.96.129 18.788 ms 19.544 ms 8.665 ms
3 12.244.67.109 15.644 ms 18.525 ms 23.213 ms
4 12.244.67.97 27.339 ms 25.462 ms 31.011 ms
5 12.244.67.93 29.765 ms 33.683 ms 31.805 ms
6 12.127.33.21 12.693 ms 12.045 ms 20.922 ms
7 gbr5-p30.sffca.ip.att.net (12.123.13.158) 27.112 ms 31.256 ms 35.337 ms
8 tbr1-p013501.sffca.ip.att.net (12.122.11.73) 34.388 ms 38.152 ms 36.664 ms
9 ggr1-p360.sffca.ip.att.net (12.123.13.65) 39.848 ms 37.924 ms 41.513 ms
10 so-1-2-2.pr1.sjc2.us.above.net (64.125.12.113) 41.587 ms 48.480 ms 47.103 ms
11 so-4-3-0.mpr4.sjc2.us.above.net (64.125.30.85) 45.200 ms 43.429 ms 41.372 ms
12 so-3-2-0.cr1.dfw2.us.above.net (64.125.29.54) 58.602 ms 58.762 ms 59.331 ms
13 so-4-0-0.mpr1.iah1.us.above.net (64.125.31.37) 63.011 ms 68.856 ms 72.343 ms

(Hangs for a second or two)

14 216.200.251.61.ev1.net (216.200.251.61) 249.816 ms 255.116 ms 252.914 ms
15 * ivhou-207-218-223-66.ev1.net (207.218.223.66)(N!) 255.722 ms (N!) 253.847 ms

I get a bit shorter times when trying my server 207.44.134.91 But seems like something is up?

neptune:~ # traceroute 207.44.134.91
traceroute to 207.44.134.91 (207.44.134.91), 30 hops max, 40 byte packets
1 10.147.252.1 8.170 ms 11.815 ms 15.872 ms
2 12.244.96.129 19.815 ms 24.488 ms 8.603 ms
3 12.244.67.109 8.663 ms 14.312 ms 18.391 ms
4 12.244.67.97 22.878 ms 26.843 ms 24.966 ms
5 12.244.67.93 8.987 ms 9.198 ms 9.856 ms
6 12.127.33.17 18.837 ms 22.805 ms 26.337 ms
7 gbr5-p30.sffca.ip.att.net (12.123.13.158) 30.460 ms 28.580 ms 32.774 ms
8 tbr2-p013501.sffca.ip.att.net (12.122.11.89) 32.218 ms 35.411 ms 34.032 ms
9 ggr1-p3100.sffca.ip.att.net (12.122.11.230) 36.542 ms 13.608 ms 12.851 ms
10 so-1-2-2.pr1.sjc2.us.above.net (64.125.12.113) 20.615 ms 24.902 ms 28.651 ms
11 so-4-3-0.mpr4.sjc2.us.above.net (64.125.30.85) 32.279 ms 30.801 ms 34.966 ms
12 so-3-3-0.cr1.dfw2.us.above.net (64.125.29.58) 78.499 ms 82.386 ms 80.623 ms
13 so-3-1-0.mpr1.iah1.us.above.net (64.125.30.229) 88.988 ms 87.108 ms 65.734 ms
14 * 216.200.251.61.ev1.net (216.200.251.61) 239.418 ms 237.566 ms
15 * * ivhou-207-218-223-119.ev1.net (207.218.223.119) 228.664 ms
16 zeus.micxz.net (207.44.134.91) 234.587 ms * *

OUTBOUND is super fast:
[root@zeus root]# traceroute 24.5.89.145
traceroute to 24.5.89.145 (24.5.89.145), 30 hops max, 38 byte packets
1 207.44.134.1 (207.44.134.1) 0.377 ms 0.306 ms 0.268 ms
2 ivhou-207-218-245-13.ev1.net (207.218.245.13) 0.294 ms 0.356 ms 0.283 ms
3 ge-1-0-0.r00.hstntx01.us.bb.verio.net (129.250.10.145) 1.121 ms 1.099 ms 1.046 ms
4 129.250.2.50 (129.250.2.50) 6.444 ms p16-1-1-1.r21.dllstx09.us.bb.verio.net (129.250.5.42) 11.546 ms 129.250.2.50 (129.250.2.50) 6.436 ms
5 p16-2-0-0.r00.dllstx09.us.bb.verio.net (129.250.3.29) 8.917 ms 11.689 ms p16-0-0-0.r00.dllstx09.us.bb.verio.net (129.250.3.21) 6.304 ms
6 p4-1.att.dllstx09.us.bb.verio.net (129.250.9.122) 9.087 ms p4-0.att.dllstx09.us.bb.verio.net (129.250.9.110) 6.515 ms 6.421 ms
7 tbr1-p013802.dlstx.ip.att.net (12.122.12.73) 9.912 ms 7.743 ms 9.974 ms
8 tbr1-cl2.la2ca.ip.att.net (12.122.10.50) 45.600 ms 48.203 ms 45.534 ms
...........

I am unable to reach SIGECOM.NET from several servers at EV1 on 66.98.x.x and 67.15.x.x. Below are two traces to the DNS Server IP and the HTTP IP...

[REMOVED]

Trace complete.

Thanks in advance.

Vinnie Pasetta -

It might be faster to work with sigecom.net. The trace dies within alter.net, and they appear to be customers of alter.net:


route-views.oregon-ix.net>trace 63.64.9.11
Type escape sequence to abort.
Tracing the route to dns1.sigecom.com (63.64.9.11)

1 vlan60.uonet2-gw.uoregon.edu (128.223.60.3) [AS 3582] 204 msec 204 msec 0 ms
ec
2 0.ge-0-0-0.uonet8-gw.uoregon.edu (128.223.2. [AS 3582] 0 msec 0 msec 200 m
sec
3 eugn-car1-gw.nero.net (207.98.64.65) [AS 3701] 0 msec 200 msec 0 msec
4 eugn-core1-gw.nero.net (207.98.64.168) [AS 3701] 200 msec 200 msec 200 msec
5 sl-gw4-tac-2-1.sprintlink.net (160.81.115.85) [AS 1239] 104 msec 200 msec 20
0 msec
6 sl-bb20-tac-11-0.sprintlink.net (144.232.17.5) [AS 1239] 204 msec 200 msec 2
00 msec
7 sl-bb22-tac-14-0.sprintlink.net (144.232.17.90) [AS 1239] 200 msec 200 msec
20 msec
8 sl-bb20-sea-0-0.sprintlink.net (144.232.9.150) [AS 1239] 200 msec 200 msec 2
00 msec
9 sl-bb21-sea-15-0.sprintlink.net (144.232.6.90) [AS 1239] 204 msec 200 msec 1
72 msec
10 POS1-3.BR1.SEA1.ALTER.NET (204.255.174.165) [AS 701] 200 msec 20 msec 208 ms
ec
11 0.so-7-3-0.XL1.SEA1.ALTER.NET (152.63.105.18) [AS 701] 208 msec 204 msec 204
msec
12 0.so-7-0-0.TL1.SEA1.ALTER.NET (152.63.2.130) [AS 701] 204 msec 208 msec 204
msec
13 0.so-3-0-0.TL1.SLT4.ALTER.NET (152.63.2.150) [AS 701] 224 msec 200 msec 84 m
sec
14 0.so-7-0-0.XL1.STL3.ALTER.NET (152.63.89.238) [AS 701] 396 msec 200 msec 204 msec
15 185.ATM6-0.GW1.STL3.ALTER.NET (152.63.90.97) [AS 701] 244 msec 200 msec 200 msec
16 sigecom-gw.customer.alter.net (157.130.120.2) [AS 701] 200 msec 200 msec 220 msec
17 xtr-gw.sigecom.net (63.64.9.129) [AS 12026] 200 msec 208 msec 200 msec
18 * * *
19 * * *
20 * * *
21 * * *

Randy Williams, CTO