Re: verizon trouble ticket NJ DQ04PWR9 -- is verizon blocking FLOKsociety.org by accident or on purpose?
The below information is taken from an internal router directly connected to 701 == CORE-R1#show ip bgp 200.10.150.169 BGP routing table entry for 200.10.150.0/24, version 46722748 Paths: (1 available, best #1, table default) Not advertised to any peer 701 12956 12956 12956 12956 12956 12956 12956 19169 27947 28027 x.x.x.x from x.x.x.x (y.y.y.y) Origin IGP, localpref 100, valid, external, best Tracing the route to 200.10.150.169 VRF info: (vrf in name/id, vrf out name/id) 1 .. 2 0.ge-11-1-0.XT4.TOR2.ALTER.NET (152.63.4.250) [AS 701] 0 msec 0 msec 0 msec 3 0.xe-9-1-0.XL2.IAD8.ALTER.NET (152.63.35.14) [AS 701] 20 msec 20 msec 20 msec 4 0.xe-9-2-0.GW9.IAD8.ALTER.NET (152.63.36.30) [AS 701] 20 msec 0.xe-9-0-0.GW9.IAD8.ALTER.NET (152.63.36.18) [AS 701] 20 msec 0.xe-11-0-0.GW9.IAD8.ALTER.NET (152.63.33.165) [AS 701] 20 msec 5 telefonica-gw.customer.alter.net (152.179.50.114) [AS 701] 20 msec 20 msec 20 msec 6 Te0-7-0-5-grtmiana4.red.telefonica-wholesale.net (94.142.126.182) [AS 12956] 60 msec Xe4-1-6-0-grtmiana2.red.telefonica-wholesale.net (94.142.123.145) [AS 12956] 64 msec 60 msec 7 176.52.249.245 60 msec 176.52.251.193 64 msec Xe8-3-0-0-gramiana4.red.telefonica-wholesale.net (94.142.126.185) [AS 12956] 60 msec 8 176.52.252.66 104 msec 104 msec 104 msec 9 * * * 10 * * * 11 * * * 12 host-186-5-116-193.telconet.net (186.5.116.193) [AS 27947] [MPLS: Label 5539 Exp 0] 104 msec 104 msec 104 msec 13 host-186-101-89-42.telconet.net (186.101.89.42) [AS 27947] 108 msec 104 msec 108 msec 14 * * * 15 * * * 16 * * * 17 * * * 18 * * * 19 * * * 20 * * * 21 * * * 22 * * * 23 * * * 24 * * * 25 * * * 26 * * * 27 * * * 28 * * * 29 * * * 30 * * * On Fri, Oct 4, 2013 at 12:09 PM, Gordon Cook c...@cookreport.com wrote: Dear NANOG The Ecuadoran government has via the FLOK society hired Michel Bauwens of the P2p foundation to lead a two year long efforts to revision the ecudoran economy along the lines of a commons oriented collaborative society. I am very interested in the program yet i have NEVER been able to connect to their web site. At the end of two hours of trouble shooting with apple i was advised to call verizon. I am a FiOS customer on a two year contact. The traceroute below confirmed that the fault is in verizons network. The verizon tech agreed otherwise i never would have gotten the trouble ticket my verizon trouble ticket is NJ DQ04PWR9. Can someone tell me what number to call to pursue resolution of this trouble ticket? as of 12:04 eastern time i still cannot connect 24 hours was the promise 14 of the 24 have elapsed traceroute to floksociety.org (200.10.150.169), 64 hops max, 72 byte packets 1 192.168.1.1 (192.168.1.1) 0.759 ms 0.309 ms 0.357 ms 2 l100.cmdnnj-vfttp-26.verizon-gni.net (98.110.50.1) 36.778 ms 17.508 ms 7.316 ms 3 * g0-3-4-5.cmdnnj-lcr-21.verizon-gni.net (130.81.184.119) 6.482 ms !N * 4 * * g0-3-4-5.cmdnnj-lcr-21.verizon-gni.net (130.81.184.119) 7.101 ms !N 5 * g0-3-4-5.cmdnnj-lcr-21.verizon-gni.net (130.81.184.119) 9.239 ms !N * 6 g0-3-4-5.cmdnnj-lcr-21.verizon-gni.net (130.81.184.119) 6.823 ms !N * 8.846 ms !N Traceroute has started… traceroute to 200.10.150.169 (200.10.150.169), 64 hops max, 72 byte packets 1 192.168.1.1 (192.168.1.1) 0.622 ms 0.305 ms 0.361 ms 2 l100.cmdnnj-vfttp-26.verizon-gni.net (98.110.50.1) 6.633 ms 4.892 ms 4.809 ms 3 * * * 4 g0-3-4-5.cmdnnj-lcr-21.verizon-gni.net (130.81.184.119) 10.441 ms !N * * 5 * * * 6 g0-3-4-5.cmdnnj-lcr-21.verizon-gni.net (130.81.184.119) 9.932 ms !N * * 7 * * * 8 * * * 9 * * * 10 * * * 11 g0-3-4-5.cmdnnj-lcr-21.verizon-gni.net (130.81.184.119) 9.765 ms !N * * 12 * * * 13 * * *= Lookup has started… Trying floksociety.org ;; -HEADER- opcode: QUERY, status: NOERROR, id: 13700 ;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;floksociety.org. INANY ;; ANSWER SECTION: floksociety.org. 600 INA 200.10.150.169 floksociety.org. 3600INMX 10 mail.floksociety.org. floksociety.org. 3600INNS ns57.domaincontrol.com. floksociety.org. 3600INNS ns58.domaincontrol.com. floksociety.org. 3600INSOAns57.domaincontrol.com. dns.jomax.net. 2013092400 28800 7200 604800 600 Received 174 bytes from 8.8.8.8#53 in 139 ms = The COOK Report on Internet Protocol, (PSTN) 609 882-2572 Back Issues: http://www.cookreport.com/index.php?option=com_docmantask=cat_viewgid=37Itemid=61 Cook's Collaborative Edge Blog http://www.cookreport.com/wp/ Subscription info:
google troubles?
I can see the Google IP space (64.71.240.0/20) from Verizon/AS701, but not from Rogers/AS812 in Toronto. I've done a few other test traceroutes through Rogers to verify that they didn't filter UDP/ICMP. At this point nothing would surprise me from Rogers. AS701 = TOR2-CORE-R1#traceroute www.google.com Translating www.google.com...domain server (8.8.8.8) [OK] Type escape sequence to abort. Tracing the route to www.google.com (74.125.26.99) VRF info: (vrf in name/id, vrf out name/id) 1 x.x.x.x [AS701] 4 msec 0 msec 0 msec 2 0.ge-11-0-0.XT4.TOR2.ALTER.NET (152.63.133.78) [AS 701] 4 msec 0 msec 4 msec 3 0.so-4-0-3.XT2.NYC4.ALTER.NET (152.63.0.73) [AS 701] 16 msec 16 msec 16 msec 4 TenGigE0-7-1-0.GW8.NYC4.ALTER.NET (152.63.21.125) [AS 701] 20 msec TenGigE0-5-1-0.GW8.NYC4.ALTER.NET (152.63.21.73) [AS 701] 16 msec TenGigE0-5-4-0.GW8.NYC4.ALTER.NET (152.63.18.206) [AS 701] 20 msec 5 72.14.238.232 [AS 15169] 16 msec 16 msec 20 msec 6 72.14.236.208 [AS 15169] [MPLS: Label 680976 Exp 4] 16 msec 16 msec 72.14.236.206 [AS 15169] [MPLS: Label 533197 Exp 4] 20 msec 7 209.85.249.11 [AS 15169] [MPLS: Label 16668 Exp 4] 24 msec 72.14.239.93 [AS 15169] [MPLS: Label 14644 Exp 4] 24 msec 209.85.249.11 [AS 15169] [MPLS: Label 13978 Exp 4] 24 msec 8 209.85.243.114 [AS 15169] [MPLS: Label 568789 Exp 4] 32 msec 209.85.241.222 [AS 15169] [MPLS: Label 632535 Exp 4] 32 msec 32 msec 9 216.239.48.159 [AS 15169] 36 msec 32 msec 216.239.48.59 [AS 15169] 32 msec 10 www.google.com (74.125.26.147) [AS 15169] 32 msec 32 msec 32 msec AS812 (Rogers Looking Glass https://supernoc.rogerstelecom.net/lg/) === *Query:* *tr 64.71.249.45* Type escape sequence to abort. Tracing the route to 64.71.249.45 1 64.71.255.62 0 msec 0 msec 0 msec 2 ge-4-3-0.gw02.ym.phub.net.cable.ROGERS.com (66.185.82.237) 4 msec 4 msec 4 msec 3 69.63.250.189 4 msec 4 msec 4 msec 4 69.63.250.174 4 msec 4 msec 4 msec 5 * * * 6 * * * 7 * * * 8 * * * 9 * * * 10 * * * 11 * * * 12 * * * 13 * * * 14 * * * 15 * * * 16 * * * 17 * * * 18 * * * 19 * * * 20 * * * 21 * * * 22 * * * 23 * * * 24 * * * 25 * * * 26 * * * 27 * * * 28 * * * 29 * * * 30 * * * Cheers, - MJ -Original Message- From: Grant Ridder [mailto:shortdudey...@gmail.com] Sent: July-10-13 10:57 AM To: John York Cc: nanog@nanog.org Subject: Re: google troubles? Does anyone have traceroutes showing where the issues are? -Grant On Wed, Jul 10, 2013 at 7:45 AM, John York jo...@griffintechnology.comwrote: We saw the same thing, but seems to be cleared up now. All our providers that routed to Google addresses in ATL had the issue. We have one provider that lands on Google addresses in DFW, and it was working. ...And now I see that it isn't completely resolved. Some Google apps are still inaccessible via the Atlanta routes. On Wed, Jul 10, 2013 at 9:28 AM, Blair Trosper blair.tros...@gmail.com wrote: Seeing lots of reports of people unable to get to many Google services. Seems to be affecting Comcast users disproportionately. It's fine for me, but a lot of my staff are basically out of luck...but according to the Google Apps Status page, everything is fine. It's anecdotal, but it would seem like there's an issue based on these reports. Oh, and this: http://www.cnn.com/2013/07/10/tech/web/google-down/index.html Anyone know what's up? Fiber cut? DC outages? -- blair -- John York Information Technology | Network Administrator Phone: 615-399-7000 x:333 Griffin Technology 2030 Lindell Avenue Nashville, TN 37203 USA This message and any attachments should be treated as confidential information of Griffin Technology, Inc.
Re: google troubles?
I just realized that it's not Google IP space (74.125.0.0/16), Rogers is hijacking the DNS and resolving www.google.com to space within 64.71.240.0/20 which is Rogers IP space! (note the name server set as 8.8.8.8) davinci#traceroute www.google.com Translating www.google.com...domain server (8.8.8.8) [OK] Type escape sequence to abort. Tracing the route to www.google.com (66.185.85.29) 1 x.x.x.x [AS 812] 4 msec 4 msec 4 msec 2 so-4-0-2.gw02.ym.phub.net.cable.rogers.com (66.185.82.129) [AS 812] 8 msec 8 msec 4 msec 3 69.63.252.222 [AS 812] 4 msec 0 msec 8 msec 4 69.63.250.162 [AS 812] 4 msec 4 msec 4 msec 5 * * * 6 * * * 7 * * * 8 * * * 9 * * * 10 * * * TOR2-CORE-R1#show ip bgp 66.185.85.29 BGP routing table entry for 66.185.80.0/20, version 13095115 Paths: (1 available, best #1, table default) Advertised to update-groups: 14 701 6461 812 205.205.23.121 from 205.205.23.121 (137.39.8.42) Origin IGP, localpref 100, valid, external, best TOR2-CORE-R1# Thanks, - Mike On Wed, Jul 10, 2013 at 11:28 AM, Mike Jackson m...@routed.ca wrote: I can see the Google IP space (64.71.240.0/20) from Verizon/AS701, but not from Rogers/AS812 in Toronto. I've done a few other test traceroutes through Rogers to verify that they didn't filter UDP/ICMP. At this point nothing would surprise me from Rogers. AS701 = TOR2-CORE-R1#traceroute www.google.com Translating www.google.com...domain server (8.8.8.8) [OK] Type escape sequence to abort. Tracing the route to www.google.com (74.125.26.99) VRF info: (vrf in name/id, vrf out name/id) 1 x.x.x.x [AS701] 4 msec 0 msec 0 msec 2 0.ge-11-0-0.XT4.TOR2.ALTER.NET (152.63.133.78) [AS 701] 4 msec 0 msec 4 msec 3 0.so-4-0-3.XT2.NYC4.ALTER.NET (152.63.0.73) [AS 701] 16 msec 16 msec 16 msec 4 TenGigE0-7-1-0.GW8.NYC4.ALTER.NET (152.63.21.125) [AS 701] 20 msec TenGigE0-5-1-0.GW8.NYC4.ALTER.NET (152.63.21.73) [AS 701] 16 msec TenGigE0-5-4-0.GW8.NYC4.ALTER.NET (152.63.18.206) [AS 701] 20 msec 5 72.14.238.232 [AS 15169] 16 msec 16 msec 20 msec 6 72.14.236.208 [AS 15169] [MPLS: Label 680976 Exp 4] 16 msec 16 msec 72.14.236.206 [AS 15169] [MPLS: Label 533197 Exp 4] 20 msec 7 209.85.249.11 [AS 15169] [MPLS: Label 16668 Exp 4] 24 msec 72.14.239.93 [AS 15169] [MPLS: Label 14644 Exp 4] 24 msec 209.85.249.11 [AS 15169] [MPLS: Label 13978 Exp 4] 24 msec 8 209.85.243.114 [AS 15169] [MPLS: Label 568789 Exp 4] 32 msec 209.85.241.222 [AS 15169] [MPLS: Label 632535 Exp 4] 32 msec 32 msec 9 216.239.48.159 [AS 15169] 36 msec 32 msec 216.239.48.59 [AS 15169] 32 msec 10 www.google.com (74.125.26.147) [AS 15169] 32 msec 32 msec 32 msec AS812 (Rogers Looking Glass https://supernoc.rogerstelecom.net/lg/) === *Query:* *tr 64.71.249.45* Type escape sequence to abort. Tracing the route to 64.71.249.45 1 64.71.255.62 0 msec 0 msec 0 msec 2 ge-4-3-0.gw02.ym.phub.net.cable.ROGERS.com (66.185.82.237) 4 msec 4 msec 4 msec 3 69.63.250.189 4 msec 4 msec 4 msec 4 69.63.250.174 4 msec 4 msec 4 msec 5 * * * 6 * * * 7 * * * 8 * * * 9 * * * 10 * * * 11 * * * 12 * * * 13 * * * 14 * * * 15 * * * 16 * * * 17 * * * 18 * * * 19 * * * 20 * * * 21 * * * 22 * * * 23 * * * 24 * * * 25 * * * 26 * * * 27 * * * 28 * * * 29 * * * 30 * * * Cheers, - MJ -Original Message- From: Grant Ridder [mailto:shortdudey...@gmail.com] Sent: July-10-13 10:57 AM To: John York Cc: nanog@nanog.org Subject: Re: google troubles? Does anyone have traceroutes showing where the issues are? -Grant On Wed, Jul 10, 2013 at 7:45 AM, John York jo...@griffintechnology.comwrote: We saw the same thing, but seems to be cleared up now. All our providers that routed to Google addresses in ATL had the issue. We have one provider that lands on Google addresses in DFW, and it was working. ...And now I see that it isn't completely resolved. Some Google apps are still inaccessible via the Atlanta routes. On Wed, Jul 10, 2013 at 9:28 AM, Blair Trosper blair.tros...@gmail.com wrote: Seeing lots of reports of people unable to get to many Google services. Seems to be affecting Comcast users disproportionately. It's fine for me, but a lot of my staff are basically out of luck...but according to the Google Apps Status page, everything is fine. It's anecdotal, but it would seem like there's an issue based on these reports. Oh, and this: http://www.cnn.com/2013/07/10/tech/web/google-down/index.html Anyone know what's up? Fiber cut? DC outages? -- blair -- John York Information Technology | Network Administrator Phone: 615-399-7000 x:333 Griffin Technology 2030 Lindell Avenue Nashville, TN 37203 USA
Re: google troubles?
Hey Chris, long time! From what I can tell, it's only Google Services (that I've found so far; other things appear to resolve correctly). I'm wondering if they're bouncing Google based traffic through some type of caching / accelerator? Or maybe it's an NSA/DPI box ;) I've tested Maps, Gmail, Translate as well as www.google.com, www.google.caand they're all hijacked replies Translating www.google.com...domain server (8.8.8.8) [OK] (www.google.com) Type escape sequence to abort. Tracing the route to www.google.com (66.185.84.44) (www.google.ca) Type escape sequence to abort. Tracing the route to www.google.ca (66.185.95.44) (gmail) Type escape sequence to abort. Tracing the route to www3.l.google.com (66.185.85.39) (maps) Type escape sequence to abort. Tracing the route to maps.l.google.com (64.71.249.114) (translate) Type escape sequence to abort. Tracing the route to www3.l.google.com (66.185.84.30) Cheers, - Mike On Wed, Jul 10, 2013 at 2:18 PM, Christopher Morrow morrowc.li...@gmail.com wrote: On Wed, Jul 10, 2013 at 12:20 PM, Mike Jackson m...@routed.ca wrote: I just realized that it's not Google IP space (74.125.0.0/16), Rogers is hijacking the DNS and resolving www.google.com to space within 64.71.240.0/20 which is Rogers IP space! (note the name server set as 8.8.8.8) so: 1) rogers is hijacking traffic to 8.8.8.8 2) the copy of 8.8.8.8 in rogers-land is replying with incorrect information for google properties (at least). err... any idea if it's lying about other things too? :) davinci#traceroute www.google.com Translating www.google.com...domain server (8.8.8.8) [OK] Type escape sequence to abort. Tracing the route to www.google.com (66.185.85.29) 1 x.x.x.x [AS 812] 4 msec 4 msec 4 msec 2 so-4-0-2.gw02.ym.phub.net.cable.rogers.com (66.185.82.129) [AS 812] 8 msec 8 msec 4 msec 3 69.63.252.222 [AS 812] 4 msec 0 msec 8 msec 4 69.63.250.162 [AS 812] 4 msec 4 msec 4 msec 5 * * * 6 * * * 7 * * * 8 * * * 9 * * * 10 * * * TOR2-CORE-R1#show ip bgp 66.185.85.29 BGP routing table entry for 66.185.80.0/20, version 13095115 Paths: (1 available, best #1, table default) Advertised to update-groups: 14 701 6461 812 205.205.23.121 from 205.205.23.121 (137.39.8.42) Origin IGP, localpref 100, valid, external, best TOR2-CORE-R1# Thanks, - Mike On Wed, Jul 10, 2013 at 11:28 AM, Mike Jackson m...@routed.ca wrote: I can see the Google IP space (64.71.240.0/20) from Verizon/AS701, but not from Rogers/AS812 in Toronto. I've done a few other test traceroutes through Rogers to verify that they didn't filter UDP/ICMP. At this point nothing would surprise me from Rogers. AS701 = TOR2-CORE-R1#traceroute www.google.com Translating www.google.com...domain server (8.8.8.8) [OK] Type escape sequence to abort. Tracing the route to www.google.com (74.125.26.99) VRF info: (vrf in name/id, vrf out name/id) 1 x.x.x.x [AS701] 4 msec 0 msec 0 msec 2 0.ge-11-0-0.XT4.TOR2.ALTER.NET (152.63.133.78) [AS 701] 4 msec 0 msec 4 msec 3 0.so-4-0-3.XT2.NYC4.ALTER.NET (152.63.0.73) [AS 701] 16 msec 16 msec 16 msec 4 TenGigE0-7-1-0.GW8.NYC4.ALTER.NET (152.63.21.125) [AS 701] 20 msec TenGigE0-5-1-0.GW8.NYC4.ALTER.NET (152.63.21.73) [AS 701] 16 msec TenGigE0-5-4-0.GW8.NYC4.ALTER.NET (152.63.18.206) [AS 701] 20 msec 5 72.14.238.232 [AS 15169] 16 msec 16 msec 20 msec 6 72.14.236.208 [AS 15169] [MPLS: Label 680976 Exp 4] 16 msec 16 msec 72.14.236.206 [AS 15169] [MPLS: Label 533197 Exp 4] 20 msec 7 209.85.249.11 [AS 15169] [MPLS: Label 16668 Exp 4] 24 msec 72.14.239.93 [AS 15169] [MPLS: Label 14644 Exp 4] 24 msec 209.85.249.11 [AS 15169] [MPLS: Label 13978 Exp 4] 24 msec 8 209.85.243.114 [AS 15169] [MPLS: Label 568789 Exp 4] 32 msec 209.85.241.222 [AS 15169] [MPLS: Label 632535 Exp 4] 32 msec 32 msec 9 216.239.48.159 [AS 15169] 36 msec 32 msec 216.239.48.59 [AS 15169] 32 msec 10 www.google.com (74.125.26.147) [AS 15169] 32 msec 32 msec 32 msec AS812 (Rogers Looking Glass https://supernoc.rogerstelecom.net/lg/) === *Query:* *tr 64.71.249.45* Type escape sequence to abort. Tracing the route to 64.71.249.45 1 64.71.255.62 0 msec 0 msec 0 msec 2 ge-4-3-0.gw02.ym.phub.net.cable.ROGERS.com (66.185.82.237) 4 msec 4 msec 4 msec 3 69.63.250.189 4 msec 4 msec 4 msec 4 69.63.250.174 4 msec 4 msec 4 msec 5 * * * 6 * * * 7 * * * 8 * * * 9 * * * 10 * * * 11 * * * 12 * * * 13 * * * 14 * * * 15 * * * 16 * * * 17 * * * 18 * * * 19 * * * 20 * * * 21 * * * 22 * * * 23 * * * 24 * * * 25 * * * 26 * * * 27 * * * 28 * * * 29 * * * 30
Re: google troubles?
That makes sense, I figured it was some type of a CDN caching environment. I've found that youtube.com is in the same boat: Translating www.youtube.com...domain server (8.8.8.8) [OK] Type escape sequence to abort. Tracing the route to youtube-ui.l.google.com (24.156.153.40) [synkro:ROOT](~): jwhois 24.156.153.40 | grep -i orgname OrgName:Rogers Cable Communications Inc. [synkro:ROOT](~): Thanks! - MJ On Wed, Jul 10, 2013 at 2:39 PM, Christopher Morrow morrowc.li...@gmail.com wrote: On Wed, Jul 10, 2013 at 2:18 PM, Christopher Morrow morrowc.li...@gmail.com wrote: On Wed, Jul 10, 2013 at 12:20 PM, Mike Jackson m...@routed.ca wrote: I just realized that it's not Google IP space (74.125.0.0/16), Rogers is hijacking the DNS and resolving www.google.com to space within 64.71.240.0/20 which is Rogers IP space! (note the name server set as 8.8.8.8) so: 1) rogers is hijacking traffic to 8.8.8.8 2) the copy of 8.8.8.8 in rogers-land is replying with incorrect information for google properties (at least). err... any idea if it's lying about other things too? :) oops, so a polite caller noted that google often ships people at a local 'google global cache' node if they have one... it seems like that might be what's going on here with 8.8.8.8 sending you to 64.71 and/or 66.185 addresses. so maybe rogers isn't doing something untoward after all! -chris (thanks for the headslap polite caller) davinci#traceroute www.google.com Translating www.google.com...domain server (8.8.8.8) [OK] Type escape sequence to abort. Tracing the route to www.google.com (66.185.85.29) 1 x.x.x.x [AS 812] 4 msec 4 msec 4 msec 2 so-4-0-2.gw02.ym.phub.net.cable.rogers.com (66.185.82.129) [AS 812] 8 msec 8 msec 4 msec 3 69.63.252.222 [AS 812] 4 msec 0 msec 8 msec 4 69.63.250.162 [AS 812] 4 msec 4 msec 4 msec 5 * * * 6 * * * 7 * * * 8 * * * 9 * * * 10 * * * TOR2-CORE-R1#show ip bgp 66.185.85.29 BGP routing table entry for 66.185.80.0/20, version 13095115 Paths: (1 available, best #1, table default) Advertised to update-groups: 14 701 6461 812 205.205.23.121 from 205.205.23.121 (137.39.8.42) Origin IGP, localpref 100, valid, external, best TOR2-CORE-R1# Thanks, - Mike On Wed, Jul 10, 2013 at 11:28 AM, Mike Jackson m...@routed.ca wrote: I can see the Google IP space (64.71.240.0/20) from Verizon/AS701, but not from Rogers/AS812 in Toronto. I've done a few other test traceroutes through Rogers to verify that they didn't filter UDP/ICMP. At this point nothing would surprise me from Rogers. AS701 = TOR2-CORE-R1#traceroute www.google.com Translating www.google.com...domain server (8.8.8.8) [OK] Type escape sequence to abort. Tracing the route to www.google.com (74.125.26.99) VRF info: (vrf in name/id, vrf out name/id) 1 x.x.x.x [AS701] 4 msec 0 msec 0 msec 2 0.ge-11-0-0.XT4.TOR2.ALTER.NET (152.63.133.78) [AS 701] 4 msec 0 msec 4 msec 3 0.so-4-0-3.XT2.NYC4.ALTER.NET (152.63.0.73) [AS 701] 16 msec 16 msec 16 msec 4 TenGigE0-7-1-0.GW8.NYC4.ALTER.NET (152.63.21.125) [AS 701] 20 msec TenGigE0-5-1-0.GW8.NYC4.ALTER.NET (152.63.21.73) [AS 701] 16 msec TenGigE0-5-4-0.GW8.NYC4.ALTER.NET (152.63.18.206) [AS 701] 20 msec 5 72.14.238.232 [AS 15169] 16 msec 16 msec 20 msec 6 72.14.236.208 [AS 15169] [MPLS: Label 680976 Exp 4] 16 msec 16 msec 72.14.236.206 [AS 15169] [MPLS: Label 533197 Exp 4] 20 msec 7 209.85.249.11 [AS 15169] [MPLS: Label 16668 Exp 4] 24 msec 72.14.239.93 [AS 15169] [MPLS: Label 14644 Exp 4] 24 msec 209.85.249.11 [AS 15169] [MPLS: Label 13978 Exp 4] 24 msec 8 209.85.243.114 [AS 15169] [MPLS: Label 568789 Exp 4] 32 msec 209.85.241.222 [AS 15169] [MPLS: Label 632535 Exp 4] 32 msec 32 msec 9 216.239.48.159 [AS 15169] 36 msec 32 msec 216.239.48.59 [AS 15169] 32 msec 10 www.google.com (74.125.26.147) [AS 15169] 32 msec 32 msec 32 msec AS812 (Rogers Looking Glass https://supernoc.rogerstelecom.net/lg/) === *Query:* *tr 64.71.249.45* Type escape sequence to abort. Tracing the route to 64.71.249.45 1 64.71.255.62 0 msec 0 msec 0 msec 2 ge-4-3-0.gw02.ym.phub.net.cable.ROGERS.com (66.185.82.237) 4 msec 4 msec 4 msec 3 69.63.250.189 4 msec 4 msec 4 msec 4 69.63.250.174 4 msec 4 msec 4 msec 5 * * * 6 * * * 7 * * * 8 * * * 9 * * * 10 * * * 11 * * * 12 * * * 13 * * * 14 * * * 15 * * * 16 * * * 17 * * * 18 * * * 19 * * * 20 * * * 21 * * * 22 * * * 23 * * * 24 * * * 25 * * * 26 * * * 27 * * * 28 * * * 29 * * * 30 * * * Cheers, - MJ -Original Message- From: Grant Ridder