I thought the same until I did a traceroute... traceroute to files.pfsense.org (208.123.73.81), 64 hops max, 52 byte packets 1 dcna01.kc.voipster.org (192.40.140.1) 0.472 ms 5.143 ms 0.472 ms 2 204.27.61.17 (204.27.61.17) 0.488 ms 0.426 ms 0.356 ms 3 96.43.134.169 (96.43.134.169) 0.238 ms 0.273 ms 0.241 ms 4 10ge1-4.core1.mci2.he.net (184.105.19.133) 0.487 ms 0.294 ms 0.371 ms 5 10ge3-1.core1.mci3.he.net (184.105.213.38) 0.356 ms 10.794 ms 0.610 ms 6 10ge1-4.core1.chi1.he.net (184.105.222.117) 11.741 ms 28.609 ms 41.591 ms 7 184.105.255.30 (184.105.255.30) 12.728 ms 15.516 ms 12.731 ms 8 107.14.17.195 (107.14.17.195) 24.224 ms 107.14.17.193 (107.14.17.193) 28.177 ms 66.109.1.67 (66.109.1.67) 23.161 ms 9 ae-0-0.cr0.chi30.tbone.rr.com (66.109.6.21) 26.144 ms 27.774 ms 25.215 ms 10 ae15.120.pr0.dfw10.tbone.rr.com (66.109.9.41) 26.087 ms ae-2-0.cr0.dfw10.tbone.rr.com (66.109.6.22) 26.233 ms ae15.120.pr0.dfw10.tbone.rr.com (66.109.9.41) 26.401 ms 11 66.109.6.89 (66.109.6.89) 26.751 ms agg4.dllatxl301r.texas.rr.com (107.14.19.93) 24.349 ms 66.109.6.89 (66.109.6.89) 28.612 ms 12 agg1.ausutxla01r.texas.rr.com (24.175.41.47) 37.165 ms 34.775 ms 34.578 ms 13 tge8-6.ausutxla02h.texas.rr.com (24.175.43.119) 32.588 ms tge8-1.ausutxla02h.texas.rr.com (24.175.43.113) 31.116 ms tge9-6.ausutxla02h.texas.rr.com (24.175.42.235) 32.465 ms 14 RTR97-77-1-251.sw.twcbiz.com (97.77.1.251) 36.773 ms 33.846 ms 33.984 ms 15 66.219.34.173 (66.219.34.173) 29.573 ms 32.223 ms 29.473 ms 16 * * * 17 * * *
Which didn't mean anything until I tried from another SRC IP and when I did, I reached the final two hops: 15 fw2.pfmechanics.com.0-255.73.123.208.in-addr.arpa (208.123.73.4) 62.182 ms 64.389 ms 63.775 ms 16 files.atx.pfmechanics.com (208.123.73.81) 65.813 ms 61.700 ms 63.936 ms A guess but it looks like 208.123.73.4 doesn't like our block. Drew ----- Original Message ----- From: "Ryan Coleman" <ryan.cole...@cwis.biz> To: "pfSense Support and Discussion Mailing List" <list@lists.pfsense.org> Sent: Monday, September 29, 2014 9:57:19 AM Subject: Re: [pfSense] bogon networks Then I suspect that the issue is not in your network but a problem on the software side. On 9/29/2014 8:53 AM, Andrew Mitchell wrote: Yeah. Connects to both files.pfsense.org and updates.pfsense.org servers fine. Drew ----- Original Message ----- From: "Ryan Coleman" <ryan.cole...@cwis.biz> To: "pfSense Support and Discussion Mailing List" <list@lists.pfsense.org> Sent: Monday, September 29, 2014 9:46:13 AM Subject: Re: [pfSense] bogon networks Have you tried pinging the IP from another machine not being routed through your subnet? On 9/29/2014 6:37 AM, Andrew Mitchell wrote: <blockquote> Thanks for the info. I've been working working on this all night on and off. My questions to you guys is, does files.pfsense.org and/or updates.pfsense.org block bogon networks and if so, can I ask the update schedule? I ask because the bogon list on a pfSense box connected to our 192.40.140.0/23 block currently does contain our block and we can't connect from source 192.40.140.2 to download updates. Drew ----- Original Message ----- From: "Moshe Katz" <mo...@ymkatz.net> To: "pfSense support and discussion" <list@lists.pfsense.org> Sent: Sunday, September 28, 2014 12:04:25 PM Subject: Re: [pfSense] bogon networks The pfSense bogon list is at https://files.pfsense.org/lists/fullbogons-ipv4.txt and the current version there also doesn't have your block. Make sure that your pfSense has the newest list. (This should usually be done automatically, but you should be able to do it from the console/SSH by running /etc/rc.update_bogons). Moshe Sent from mobile device; sorry for top-posting. On Sep 28, 2014 10:26 AM, "Chris Bagnall" < pfse...@lists.minotaur.cc > wrote: <blockquote> On 28 Sep 2014, at 12:19, Andrew Mitchell < andrew.k.mitch...@att.net > wrote: > My apologies. 192.40.140.0/23 I'm not sure what pfSense uses as its Bogons source, but my reference has usually been: http://www.team-cymru.org/Services/Bogons/http.html Your IP block isn't in there, from what I can see... Kind regards, Chris -- This email is made from 100% recycled electrons _______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list _______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list _______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list </blockquote> _______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list _______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list </blockquote> _______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
_______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
