In message <20120208234141.gz5...@angus.ind.wpi.edu>, Chuck Anderson writes: > On Wed, Jan 11, 2012 at 12:14:29PM -0800, chk wrote: > > If there is a Roadrunner contact monitoring the list can you please > > contact me off list regarding a routing issue from ns1/2.adelphia.net > > Did you ever get any response? I'm having a similar issue: > > For the past couple months, we have been unable to query the > authoritative DNS servers for adelphia.net on IP addresses > 75.180.129.58 and 75.180.129.59 from our campus network IP block > 130.215.0.0/16, using either TCP or UDP: > > >dig +short +norec @75.180.129.58 adelphia.net. mx > ;; connection timed out; no servers could be reached > > >dig +short +norec @75.180.129.59 adelphia.net. mx > ;; connection timed out; no servers could be reached > > >dig +tcp +short +norec @75.180.129.58 adelphia.net. mx > ;; communications error to 75.180.129.58#53: end of file > > >dig +tcp +short +norec @75.180.129.59 adelphia.net. mx > ;; communications error to 75.180.129.59#53: end of file > > This is causing email failures to anyone with an @adelphia.net email > address. > > I can ping the DNS servers from 130.215.0.0/16: > > >ping -c3 75.180.129.58 > PING 75.180.129.58 (75.180.129.58) 56(84) bytes of data. > 64 bytes from 75.180.129.58: icmp_req=1 ttl=241 time=26.9 ms > 64 bytes from 75.180.129.58: icmp_req=2 ttl=241 time=26.7 ms > 64 bytes from 75.180.129.58: icmp_req=3 ttl=241 time=26.7 ms > > --- 75.180.129.58 ping statistics --- > 3 packets transmitted, 3 received, 0% packet loss, time 2001ms > rtt min/avg/max/mdev = 26.711/26.797/26.953/0.110 ms > > >ping -c3 75.180.129.59 > PING 75.180.129.59 (75.180.129.59) 56(84) bytes of data. > 64 bytes from 75.180.129.59: icmp_req=1 ttl=241 time=25.9 ms > 64 bytes from 75.180.129.59: icmp_req=2 ttl=241 time=26.1 ms > 64 bytes from 75.180.129.59: icmp_req=3 ttl=241 time=25.5 ms > > --- 75.180.129.59 ping statistics --- > 3 packets transmitted, 3 received, 0% packet loss, time 2002ms > rtt min/avg/max/mdev = 25.523/25.871/26.120/0.285 ms > > And I can make a TCP port 53 connection which gets immediately closed: > > >telnet 75.180.129.58 53 > Trying 75.180.129.58... > Connected to 75.180.129.58. > Escape character is '^]'. > Connection closed by foreign host. > > >telnet 75.180.129.59 53 > Trying 75.180.129.59... > Connected to 75.180.129.59. > Escape character is '^]'. > Connection closed by foreign host. > > It is acting as if there is an ACL or firewall rule that is blocking > 130.215.0.0/16 from accessing DNS port 53 on the DNS servers at > 75.180.129.58 and 75.180.129.59. > > I've already ruled out any firewalls on our end, as well as any > routing issues. I can see the UDP port 53 packets going out, but > there is no reply. I can see the 3-way TCP port 53 handshake packets > going out and coming in, but the other end closes the connection > immediately. > > If I use a non-130.215.0.0/16 source IP from my router, I get a normal > response via both UDP and TCP: > > % dig -b 207.210.142.142 +short +norec @75.180.129.58 adelphia.net. mx > 10 cdptpa-smtpin01.mail.rr.com. > 20 cdptpa-smtpin02.mail.rr.com. > > % dig -b 207.210.142.142 +short +tcp +norec @75.180.129.58 adelphia.net. mx > 10 cdptpa-smtpin01.mail.rr.com. > 20 cdptpa-smtpin02.mail.rr.com. > > I'd appreciate if someone could help me find a clueful contact at > TW/RoadRunner/Adelphia/Comcast/whoever they are now. I've tried all > the contacts in WHOIS for adelphia.net, the IP block, and ASN. I've > tried the NOC List on puck.nether.net--no matches. > > Thanks, > Chuck >
Sounds like a bad "bogus" acl. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org