Boy, this is so much fun! <ugh> Wasn't it SIMS Discussions [EMAIL PROTECTED] who once said...
>Date: Thu, 19 Sep 2002 15:28:41 -0600 >Subject: Re: Slightly OT: Network resources needed for dying mail >From: LuKreme <[EMAIL PROTECTED]> > >On Thursday, Sep 19, 2002, at 15:00 Canada/Mountain, NetHead wrote: >> I have been talking to my ISP. >> I do not have any access to their router; it's a "black box" to me. > >You don't need access to their router. You need access to a traceroute >command on YOUR machine. If you don't have OS X or a PC then check >version tracker for a traceroute util that will run in Mac OS. Run it >*on your server* trying to connect to their server. I actually have 2 utilities that do a traceroute: Interarchy (from Stairways Software) and DNS Expert Pro (from Men & Mice). Now, I'll swear that I've done multiple traces from my mail server to Legend's. But just to be sure (this has been draggin on for 2 months!) I went back and did another. I had not tried to do one with Interarchy before from this machine, so I used it first. It, strangely enough, "stalls" before even making the jump to MY router. (Just FYI, I can do a traceroute with Interarchy via the dial-up; I just can't do it over my network... odd, no?) But DNS Expert finds "mx.legend.co.uk" just fine. However a couple of the hops (3 & 4) do not indicate the ip of the hop. I know from copies of previous traces that hop #3 is/should be the "network side" of my isp's router. Hop #4 is apparently their server/router that I'm connected to over the T-1. Despite those "gaps", the trace makes it to Legend's router (per confirmation from Legend). When I run a trace with DNS Expert for the ip of Legend's mail exchanger, I get similar results, but the ip of Hop #4 now appears while hop #3 (the isp router "network side") is still missing. Subsequent traces eventually turn up all the ip's and most of the names of the various ip's. Is this significant? Also of note: while the first attempt to trace "mx.legend.co.uk" with Interarchy simply "stalled", subsequent attempts turned up this error, "Name lookup for 'mx.legend.co.uk' failed (OT DNS Endpoint was forced to close)". Interestingly, this phenomenon only occured when DNS Expert was open while trying to trace with Interarchy. Perhaps both programs were vying for the same resource. Traces to the ip simply stall no matter what. I'll be happy to publish the traceroute here if it would be helpful and no one objects. Just to allay my paranoia, that's not any sort of "security risk" is it? >If the connection >stalls out on YOUR end you know its your end. If the connection stalls >out on THEIR end, you know it's them. Thanks. You are the FIRST person to explain to me what a trace route result COULD reveal. >Also, do a port traceroute (instead of just traceing to 12.34.56.78 you >trace to 12.34.56.78 port 25) if you can. Some traceroutes will do >this, some wont. I couldn't find a way to do a port trace with either program. >> I have done multiple traceroutes and shared the results with both my >> isp >> and the European isp. The traces indicate that I am reaching the >> mailserver just fine. > >These are being run FROM YOUR MAIL SERVER? Or just from your ISP? All the traces have been performed from my location. I have performed them from several machines on my network. The mail server has been among the machines used for attempting traceroutes. >> Both isp's read the traceroutes as acceptable. >> As I said before, if I connect to my isp via a dial-up, I can connect >> to >> the mail server just fine; > >Right, that probably indicates that the problem is specific to your >mailserver's IP address (or its IP Block if it's noticeably different >from the dial-up). Yes, they are definitely two different blocks: Dial up starts at "64.221.***.***" My router is "67.105.***.***" >> the dial-up connection uses my isp's DNS servers, so the name must be >> resolving fine. > >Are these the same DNS servers your Mailserver is using? Yes, although I did find one slight variance. While both used the same ip, they had different "Additional Search domains:" in the TCP/IP control panel. I changed that, but surely it couldn't be that simple. It's the ip's that count, right? (Thus far, I certainly can't see that it has made any difference). >> It's not that I can't FIND the mail server; heck, SIMS even indicates >> that it has FOUND the server... it just can't TALK to the server! > >And SIMS is connecting to the correct IP address? Again, yes! >>> I think it's YOUR ISP. But only a traceroute will tell for sure. >> >> I guess we just disagree on this. > >Not really. I'm not saying it _is_ your ISP. There's no way to know >for sure, just usually in my experience it is the origination point >that is the problem. Especially since they can contact you. That >indicates it is less likely it's a block on their end. Again, reasonable enough. I don't know anymore, myself. >> I keep trying to come back and blame my >> isp, but their argument is pretty sound. I can e-mail anyone else in >> the >> world, so it can't be the router. > >Of course it can. Please expound on this, because I was pretty convinced that it was the router, based on the fact that the ONLY time this fails is when I get behind the router... but my isp basically made the case that if the router were "defective", then NO mail would get through. Being the "non-expert" in the conversation, I had to concede their point. If someone could provide a scenario that would make this possible, I'd love to throw it there way. >> I can e-mail Legend via my isp's network, so long as I don't connect >> from my router. I think that somehow, Legend has a "block" on my ip or >> my ip range, but they've lost track of where it is. > >Then legend couldn't connect to you either. You think? It appears to me to be possible, since the mail we receive from Legend (& our UK subsidiary) appears to be coming from an entirely different server than the one we are sending to. If it is only the "receiving" server that is somehow blocking "pecandeluxe.com", that would not necessarily affect the "sending" server if they are, as i suspect, different machines, right? Thanks for the input. This has been very enlightening. I'm especially interested in comments on my traceroute results. I find the differences between the two programs intriguing. Plugging away, ================================================ | Doug Starkey | | Network Administrator | | Pecan Deluxe Candy Company | | 2570 Lone Star Drive | | Dallas, TX 75212-6308 | | e-mail: [EMAIL PROTECTED] | | voice: 214-631-3669 Ext. 108 | | fax: 214-631-5833 | ================================================ ############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
