Bad Internet routing (old bogon list?)
Vu Pham
vu
Wed Nov 2 12:13:02 PST 2005
> -----Original Message-----
> From: linux-users-bounces at linux-sxs.org
> [mailto:linux-users-bounces at linux-sxs.org] On Behalf Of David Bandel
> Sent: Wednesday, November 02, 2005 11:41 AM
> To: Linux tips and tricks
> Subject: Bad Internet routing (old bogon list?)
>
> Folks,
>
> I've been plagued with a random, but recurring problem:
>
> An IP suddenly cannot browse about 1/3 of the Internet.
> Watching traffic via tcpdump reveals the following:
> 64.116.183.62.1147 -> 203.115.195.216.80 S .....
> 64.255.255.0.80 -> 64.116.183.62.1147 S ... ACK
> 64.116.183.62.1147 -> 64.116.183.80 R
>
> As you can see, something is intercepting the transmission
> (yes, the sequence numbers match, 64.255.255.0, which doesn't
> exist, is hijacking the connection).
>
> This has now cost me some customers. I need a way to track this down.
> I put 64.116.183.61 on my system and have a traceroute, but
> 64.255.255.0 isn't being returned to me, only 64.116.183.62.
>
> And this only happens sometimes to some IPs, but not always.
> Frustrating. just had a big customer get another connection,
> and after seeing this only happened with their connection to
> me (the other connection with the other provider worked fine)
> they cancelled my service.
>
> Anyone have any clues how to track this down?
>
David,
I had a similar case, but not sure if its like yours.
A customer called and reported that they could access only some web sites
and really slow. From my office I could ssh to their Linux gateway, and
could ping it ( and got reply ) but from that server I could not ping back
to my office. Tcpdump shows my server got their icmp request and did send
the reply, but that server did not get any reply.
After tryimg many other things, we called the ISP. They fixed it and their
explanation is as follows ( if I remember correctly ):
This customer moved to a new office three months before, and the ISP
de-activated the T1 line/route to the old office and activate the new one.
Another customer rents the old office and uses the same ISP so they activate
that line/route back, but they forgot to adjust something on the line/route
system.
Vu
More information about the Linux-users
mailing list