Fwd: Re: [Ticket#954980087406] SpamAssassin update mirror hosting at http://sa-update.secnap.net

Thu, 18 May 2017 11:58:51 -0700 

Woot!



-------- Forwarded Message --------
Subject: Re: [Ticket#954980087406] SpamAssassin update mirror hosting at http://sa-update.secnap.net 
Date:   Thu, 18 May 2017 13:40:42 -0400
From:   SECNAP Network Security <supp...@secnap.com>
Organization:   SECNAP Network Security
To:     da...@apache.org
CC:     kevin.mcgr...@mcgrail.com



Hello da...@apache.org,
The Ticket:[954980087406] is now considered *RESOLVED*.
If further support is required, please feel free to reply to this message or raise a new issue by emailing supp...@secnap.com. 
--
SECNAP Network Security
US: +1 561 999 5000
Toll Free: +1 844 NET SECU (638 7328)
https://www.secnap.com

05/18/2017 09:01 - SECNAP Network Security wrote:
Hello da...@apache.org,

Could you please attempt this again?  I think I may have found the issue.
--
SECNAP Network Security
US: +1 561 999 5000
Toll Free: +1 844 NET SECU (638 7328)
https://www.secnap.com

05/18/2017 04:43 - SECNAP Network Security wrote:
Hello Dave Jones <da...@apache.org>,
There is indeed a NAT rule in place to allow this traffic. It is allowing TCP(only) traffic from anywhere to port 80. I am unable to locate something that would be stopping your traffic.
As you mentioned previously, it seems that traffic from other sources is working as expected. In my testing, I am yet to find any other location that has issue connecting. Our company has machines deployed globally, and I've tested from many, many countries/continents. 
--
SECNAP Network Security
US: +1 561 999 5000
Toll Free: +1 844 NET SECU (638 7328)
https://www.secnap.com

05/17/2017 14:20 - Dave Jones wrote:
More information.  I ran this past one of our networking gurus at my day
job and he noticed something.  I am able to ping 204.89.241.1.

root@sa-vm1:# ping 204.89.241.1
PING 204.89.241.1 (204.89.241.1) 56(84) bytes of data.
64 bytes from 204.89.241.1: icmp_seq=1 ttl=246 time=105 ms
64 bytes from 204.89.241.1: icmp_seq=2 ttl=246 time=105 ms
64 bytes from 204.89.241.1: icmp_seq=3 ttl=246 time=105 ms
64 bytes from 204.89.241.1: icmp_seq=4 ttl=246 time=105 ms

Since the 204.89.241.0/24 network is yours, this means the traffic is
getting into your network and this is not a routing problem.

A working connection goes through 204.89.241.175 just before the final
destination of 204.89.241.6.  My guess is there is some filtering
happening on the 204.89.241.175 device.

The purpose of this sa-update.secnap.net server should be a world-wide
mirror for SpamAssassin updates.

Thanks,
Dave


On 05/17/2017 11:30 AM, Dave Jones wrote:
> Since the sa-update.secnap.net server seems to have a private IP, is
> this a port 80 forward inbound from the Internet?  Are there any ACLs
> that would limit the source connections?
>
> This is the traceroute from the other direction showing asymetric
> routing but I don't see any problems since both directions are getting
> to/from the Peak10 Florida site where the sa-update.secnap.net server is
> hosted.
>
>   1 garl.apache.org (163.172.22.164) 0.100 ms 0.091 ms 0.084 ms
>   2 163-172-22-1.rev.poneytelecom.eu (163.172.22.1) 0.315 ms 0.410 ms
> 0.455 ms
>   3 195.154.1.226 (195.154.1.226) 0.732 ms 195.154.1.228 (195.154.1.228)
> 0.709 ms 195.154.1.226 (195.154.1.226) 0.887 ms
>   4 * lag-110.ear3.Paris1.Level3.net (212.3.235.197) 1.321 ms 1.510 ms
>   5 NTT-level3-100G.Paris1.Level3.net (4.68.73.66) 1.713 ms 1.616 ms
> 1.762 ms
>   6 NTT-level3-100G.Paris1.Level3.net (4.68.73.66) 1.754 ms
> ae-2.r25.londen12.uk.bb.gin.ntt.net (129.250.6.13) 8.731 ms 8.075 ms
>   7 ae-2.r25.londen12.uk.bb.gin.ntt.net (129.250.6.13) 8.724 ms
> ae-1.r24.londen12.uk.bb.gin.ntt.net (129.250.2.26) 8.422 ms 8.389 ms
>   8 ae-5.r24.nycmny01.us.bb.gin.ntt.net (129.250.2.18) 86.796 ms 86.861
> ms ae-1.r24.londen12.uk.bb.gin.ntt.net (129.250.2.26) 8.486 ms
>   9 ae-5.r24.nycmny01.us.bb.gin.ntt.net (129.250.2.18) 86.834 ms
> ae-1.r25.nycmny01.us.bb.gin.ntt.net (129.250.3.207) 86.074 ms 86.353 ms
> 10 ae-9.r22.asbnva02.us.bb.gin.ntt.net (129.250.2.149) 86.263 ms
> ae-1.r25.nycmny01.us.bb.gin.ntt.net (129.250.3.207) 83.881 ms 79.049 ms
> 11 ae-9.r22.asbnva02.us.bb.gin.ntt.net (129.250.2.149) 92.510 ms 91.865
> ms 86.011 ms
> 12 ae-1.r20.miamfl02.us.bb.gin.ntt.net (129.250.2.87) 117.062 ms 112.294
> ms ae-0.r23.asbnva02.us.bb.gin.ntt.net (129.250.3.85) 86.724 ms
> 13 ae-1.r20.miamfl02.us.bb.gin.ntt.net (129.250.2.87) 113.779 ms 118.493
> ms ae-1.r05.miamfl02.us.bb.gin.ntt.net (129.250.2.185) 112.849 ms
> 14 ae-2.a01.miamfl02.us.bb.gin.ntt.net (129.250.3.167) 113.289 ms
> 113.269 ms ae-1.r05.miamfl02.us.bb.gin.ntt.net (129.250.2.185) 117.155 ms
> 15 ae-2.a01.miamfl02.us.bb.gin.ntt.net (129.250.3.167) 116.922 ms
> xe-0-0-24-0.a01.miamfl02.us.ce.gin.ntt.net (157.238.179.66) 117.944 ms
> ae-2.a01.miamfl02.us.bb.gin.ntt.net (129.250.3.167) 113.677 ms
> 16 xe-0-0-24-0.a01.miamfl02.us.ce.gin.ntt.net (157.238.179.66) 113.994
> ms te2-4.dist02.fll.peak10.net (96.46.240.62) 104.961 ms
> xe-0-0-24-0.a01.miamfl02.us.ce.gin.ntt.net (157.238.179.66) 118.743 ms
> 17 te2-5.dist01.fll.peak10.net (96.46.240.54) 113.752 ms 114.435 ms *
> 18 * * *
> 19 * * *
> 20 * * *
> 21 * * *
> 22 * * *
> 23 * * *
> 24 * * *
> 25 * * *
> 26 * * *
> 27 * * *
> 28 * * *
> 29 * * *
> 30 * * *
>
>
> Thank you,
> Dave
>
> On 05/16/2017 11:28 AM, SECNAP Network Security wrote:
>> Hello Dave Jones <da...@apache.org>,
>>
>> Here is the requested traceroute:
>> root@sa-update:~# traceroute sa-vm1.apache.org
>> traceroute to sa-vm1.apache.org (62.210.60.231), 30 hops max, 60 byte
>> packets
>>   1  10.70.0.1 (10.70.0.1)  0.447 ms  0.419 ms  0.415 ms
>>   2  204.89.241.1 (204.89.241.1)  1.313 ms  1.301 ms  1.287 ms
>>   3  te0-0-0-1.edge02.fll.peak10.net (96.46.240.61)  1.766 ms  1.852
>> ms   1.732 ms
>>   4  xe-0-0-24-0.a01.miamfl02.us.bb.gin.ntt.net (157.238.179.65)
>> 2.723 ms  2.708 ms  2.688 ms
>>   5  ae-5.r04.miamfl02.us.bb.gin.ntt.net (129.250.3.209)  2.728 ms
>> 2.710 ms  2.644 ms
>>   6  mai-b1-link.telia.net (213.248.81.62)  2.676 ms  2.577 ms  2.507 ms
>>   7  ash-bb4-link.telia.net (62.115.141.80)  27.015 ms
>> ash-bb3-link.telia.net (62.115.143.64)  28.288 ms
>> ash-bb3-link.telia.net (62.115.143.68)  27.767 ms
>>   8  prs-bb3-link.telia.net (80.91.252.37)  129.363 ms
>> prs-bb2-link.telia.net (80.91.251.103)  118.946 ms
>> prs-bb2-link.telia.net (62.115.124.163)  191.637 ms
>>   9  prs-b8-link.telia.net (62.115.118.79)  121.069 ms
>> prs-b8-link.telia.net (62.115.118.97)  119.000 ms
>> prs-b8-link.telia.net (62.115.118.55)  121.047 ms
>> 10  online-ic-315748-prs-b8.c.telia.net (62.115.63.94)  113.887 ms
>> 113.970 ms  113.470 ms
>> 11  195.154.1.229 (195.154.1.229)  113.694 ms  106.467 ms  113.484 ms
>> 12  * * *
>> 13  * * *
>> 14  * * *
>> 15  * * *
>> 16  * * *
>> 17  * * *
>> 18  * * *
>> 19  * * *
>> 20  * * *
>> 21  * * *
>> 22  * * *
>> 23  * * *
>> 24  * * *
>> 25  * * *
>> 26  * * *
>> 27  * * *
>> 28  * * *
>> 29  * * *
>> 30  * * *
>> root@sa-update:~#
>> --
>> SECNAP Network Security
>> US: +1 561 999 5000
>> Toll Free: +1 844 NET SECU (638 7328)
>> https://www.secnap.com
>>
>> 05/16/2017 07:48 - Dave Jones wrote:
>>
>>
>> On 05/16/2017 10:40 AM, Dave Jones wrote:
>>  > Resending after no response including new addresses.
>>  >
>>  > Dave
>>  >
>>  > On 05/15/2017 03:55 PM, Dave Jones wrote:
>>  >> Hello,
>>  >> The SA sysadmins have recently moved hosting of the mirror to
>>  >> sa-vm1.apache.org (62.210.60.231).  There appears to be some sort of
>>  >> networking issue connecting from sa-vm1.apache.org to
>>  >> sa-update.secnap.net.
>>  >>
>>  >> root@sa-vm1# curl -m 10 -s -S http://sa-update.secnap.net/
>>  >> curl: (28) Connection timed out after 10001 milliseconds
>>  >>
>>  >> We are able to access http://sa-update.secnap.net from several other
>>  >> Internet connections just fine so I am thinking this is a routing
>>  >> asymmetry issue.
>>  >>
>>  >> Can you please provide a traceroute from the sa-update-secnap.net
>>  >> (204.89.241.6) server back to sa-vm1.apache.org?  Here is a
>> traceroute
>>  >> from our side.  We would like to compare them and get this
>> information
>>  >> to another infrastructure team for resolution.  I don't think
>> there is
>>  >> going to be any other action required on your side.
>>  >>
>>  >> root@sa-vm1:/var/log# traceroute sa-update.secnap.net
>>  >> traceroute to sa-update.secnap.net (204.89.241.6), 30 hops max, 60
>>  >> byte packets
>>  >>   1 garl.apache.org (163.172.22.164) 0.100 ms 0.091 ms 0.084 ms
>> >> 2 163-172-22-1.rev.poneytelecom.eu (163.172.22.1) 0.315 ms 0.410 ms 
>>  >> 0.455 ms
>>  >>   3 195.154.1.226 (195.154.1.226) 0.732 ms 195.154.1.228
>>  >> (195.154.1.228) 0.709 ms 195.154.1.226 (195.154.1.226) 0.887 ms
>>  >>   4 * lag-110.ear3.Paris1.Level3.net (212.3.235.197) 1.321 ms
>> 1.510 ms
>>  >>   5 NTT-level3-100G.Paris1.Level3.net (4.68.73.66) 1.713 ms 1.616 ms
>>  >> 1.762 ms
>>  >>   6 NTT-level3-100G.Paris1.Level3.net (4.68.73.66) 1.754 ms
>>  >> ae-2.r25.londen12.uk.bb.gin.ntt.net (129.250.6.13) 8.731 ms 8.075 ms
>>  >>   7 ae-2.r25.londen12.uk.bb.gin.ntt.net (129.250.6.13) 8.724 ms
>>  >> ae-1.r24.londen12.uk.bb.gin.ntt.net (129.250.2.26) 8.422 ms 8.389 ms
>>  >>   8 ae-5.r24.nycmny01.us.bb.gin.ntt.net (129.250.2.18) 86.796 ms
>> >> 86.861 ms ae-1.r24.londen12.uk.bb.gin.ntt.net (129.250.2.26) 8.486 ms 
>>  >>   9 ae-5.r24.nycmny01.us.bb.gin.ntt.net (129.250.2.18) 86.834 ms
>>  >> ae-1.r25.nycmny01.us.bb.gin.ntt.net (129.250.3.207) 86.074 ms
>> 86.353 ms
>>  >> 10 ae-9.r22.asbnva02.us.bb.gin.ntt.net (129.250.2.149) 86.263 ms
>>  >> ae-1.r25.nycmny01.us.bb.gin.ntt.net (129.250.3.207) 83.881 ms
>> 79.049 ms
>>  >> 11 ae-9.r22.asbnva02.us.bb.gin.ntt.net (129.250.2.149) 92.510 ms
>>  >> 91.865 ms 86.011 ms
>>  >> 12 ae-1.r20.miamfl02.us.bb.gin.ntt.net (129.250.2.87) 117.062 ms
>>  >> 112.294 ms ae-0.r23.asbnva02.us.bb.gin.ntt.net (129.250.3.85)
>> 86.724 ms
>>  >> 13 ae-1.r20.miamfl02.us.bb.gin.ntt.net (129.250.2.87) 113.779 ms
>>  >> 118.493 ms ae-1.r05.miamfl02.us.bb.gin.ntt.net (129.250.2.185)
>> 112.849 ms
>>  >> 14 ae-2.a01.miamfl02.us.bb.gin.ntt.net (129.250.3.167) 113.289 ms
>>  >> 113.269 ms ae-1.r05.miamfl02.us.bb.gin.ntt.net (129.250.2.185)
>> 117.155 ms
>>  >> 15 ae-2.a01.miamfl02.us.bb.gin.ntt.net (129.250.3.167) 116.922 ms
>>  >> xe-0-0-24-0.a01.miamfl02.us.ce.gin.ntt.net (157.238.179.66)
>> 117.944 ms
>>  >> ae-2.a01.miamfl02.us.bb.gin.ntt.net (129.250.3.167) 113.677 ms
>>  >> 16 xe-0-0-24-0.a01.miamfl02.us.ce.gin.ntt.net (157.238.179.66)
>> 113.994
>>  >> ms te2-4.dist02.fll.peak10.net (96.46.240.62) 104.961 ms
>>  >> xe-0-0-24-0.a01.miamfl02.us.ce.gin.ntt.net (157.238.179.66)
>> 118.743 ms
>> >> 17 te2-5.dist01.fll.peak10.net (96.46.240.54) 113.752 ms 114.435 ms * 
>>  >> 18 * * *
>>  >> 19 * * *
>>  >> 20 * * *
>>  >> 21 * * *
>>  >> 22 * * *
>>  >> 23 * * *
>>  >> 24 * * *
>>  >> 25 * * *
>>  >> 26 * * *
>>  >> 27 * * *
>>  >> 28 * * *
>>  >> 29 * * *
>>  >> 30 * * *
>>  >>
>>  >>
>>  >> Thank you.
>>  >>

Reply via email to