Utterly confused.... Routing issue? or something else?
Results 1 to 8 of 8

Thread: Utterly confused.... Routing issue? or something else?

  1. #1
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197

    Utterly confused.... Routing issue? or something else?

    I have a series of subnets, (private), whose oubound path to the web would be:-

    1. local machine
    2. Local router (default route to local firewall)
    3. Local firewall (default route to demil router)
    4. Demil router (default route to ISP)

    The issue was noticed when I tried to connect from a local machine through the local router to www.microsoft.com.... It failed.... as did updates/windowsupdates...etc.... The local machine can connect to any other web site.... The local machine gives the same nslookup as another machine on a different network using a different ISP, clearing the dnscache and retrying gets the same dns results. Connecting directly to the router, (through the console port), there are no routes other than:-

    0.0.0.0 0.0.0.0 xxx.xxx.xxx

    Furthermore, checking ACL's there are none.

    Tracert's from local machines get past the demil router except to www.microsoft.com etc. which stops at the demil saying "destination unreachable". Everything else goes past the demil. From my subnets that go out a different T1 they all get anywhere..... Just on these subnets through that router, Microsoft is unreachable. I've looked everywhere I know and I can't work out why M$ sites are blocked/dropped by a router that is outside any restrictive software I have in place... it can't ping M$ in any way...traceroutes fail too from the router too, at the router...... It's the demil that gives the "destination unreachable".

    Has someone "F"ed with my demil router or I am "F"ing stupid???????

    I'm confused and therefore a tad peeved......

    Any assistance is gratefully accepted.....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  2. #2
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hi Tiger,

    I suspect that something (I mean someone) has tried a cute stunt and M$ are blocking it? I had no problem with the link you gave, you do not through other routers? is is some sort of ISP/MAC ADDY that identifies that one as "not trusted"

    I am really guessing here, but the link worked for me.

    Good luck

    Johnno

  3. #3
    Priapistic Monk KorpDeath's Avatar
    Join Date
    Dec 2001
    Posts
    2,628
    As stated before you may be the victim of someone using the demil router for attacks on M$. Or that router has lost that particular route.

    Can you check the demil router for the route cache entries?
    Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
    - Samuel Johnson

  4. #4
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Thanks guys...... At least at this point it doens't appear that it's me being F'ing stupid.....

    I'll take another look when I get to work..... Can't be bothered to run through all the garbage I have to do to get to that router from home and I haven't finished coffee #1 yet either....

    I'll check for cached routes but that shouldn't be an issue...... I have ONLY the one route in the router 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx.

    I would appreciate a favor though before I get to work...... Can a couple of you post the last three router IP's you see on a tracert www.microsoft.com so I can confirm the final route into M$. What I want to do is ping the routers real close to M$ and see if I can. If I can get close to M$ but not to M$ itself it would tend to confirm that M$ is dropping my connections.... Which would be a bad thing since I have no logs or anything for that router since it sits outside the FW.....

    Thanks in advance...
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  5. #5
    Member
    Join Date
    Oct 2002
    Posts
    31
    14 32 ms 31 ms 31 ms pos5-0.ur1.sjc5.web.wcom.net [152.63.54.170]
    15 28 ms 28 ms 34 ms 63.66.208.13
    16 29 ms 31 ms 28 ms 63.66.208.35
    17 32 ms 31 ms 31 ms 206.112.112.47


    those are my last 4 hops to www.microsoft.com hope it helps


    /yourname

  6. #6
    Junior Member
    Join Date
    Oct 2003
    Posts
    8
    8 so5-0-0-2488M.ar2.NYC1.gblx.net (67.17.64.150) 1.906 ms 7.853 ms 9.880 ms
    9 208.50.13.102 (208.50.13.102) 1.972 ms 1.935 ms 1.761 ms
    10 P13-0.NYKCR2.New-york.opentransit.net (193.251.241.30) 1.990 ms 1.856 ms 1.883 ms
    11 P2-0.NYKBB5.New-york.opentransit.net (193.251.241.230) 1.894 ms 8.723 ms 2.018 ms
    12 80.15.249.110 (80.15.249.110) 2.191 ms 2.067 ms 2.098 ms

  7. #7
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hi Tiger,

    It jumps about the UK then leaves London and goes to 80.15.236.16 and I get a "No rDNS" message

    Cheers

  8. #8
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197

    Well........ What can I say......

    As an old friend in this business who taught me an awful lot once said:-

    "Sometimes this stuff is just voodoo"......

    So, I come in this morning and my snort box on that last subnet before "the world" has been whining all night about "destination unreachable, (Host Unreachable)"........ Ok, it's still not working thinks me......

    Term Serv onto a the local machine with the console connection to the router and do a quick ping of M$ to determine the resolved address, which resolves to the same place it was last night and the bloody thing responded.... So I pinged it again...... It responded again..... I sat back, stared somewhat blankly at the screen and tracerted it..... Perfect - all the way through..... Hmmm.... Tracert windowsupdate.microsoft.com.... Perfect..... Hmmmm..... Open IE.... goto www.microsoft.com.... There's the page..... wtf.... Voodoo, Ghosts, Poltergeists.... I dunno but it seems like the hour I wasted last night was just that - wasted.....

    Or maybe it's the evil Gates screwing with me..... He's probably laughing his ass off at me right now while he decides when he'll play the same prank again....

    Thanks to those who replied..... At least you made me feel sane - for a while......
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •