[clue-tech] IP routing problems
Angelo Bertolli
angelo at freeshell.org
Fri Nov 18 22:37:06 MST 2005
Angelo Bertolli wrote:
> David L. Anselmi wrote:
>
>> Angelo Bertolli wrote:
>>
>>> I'm running my own box as a server at home, that I like to log into
>>> remotely. In particular, at one location I am unable to reach it.
>>> Is there any way for me to figure out what the problem is? Both
>>> sides of the connection are the same ISP. When I do a traceroute, I
>>> get:
>>
>>
>> [...]
>>
>>> 10 te-8-1-ur01.chillum.dc.bad.comcast.net (68.87.128.209) 16.318
>>> ms 18.804 ms 17.167 ms
>>> 11 te-9-2-ur01.rockville.md.bad.comcast.net (68.87.128.218) 21.317
>>> ms 17.867 ms 16.167 ms
>>> 12 * * *
>>> 13 pcp04370002pcs.nrockv01.md.comcast.net (69.140.216.27) 28.722 ms
>>
>>
>>
>> A traceroute through Qwest winds up following this path too.
>> Probably there's a filter dropping traceroute after #13. Doesn't
>> really tell you anything unless you know the hops between 13 and your
>> server.
>>
>> Various ports I tried aren't open so I'd say your problem is getting
>> to the server from anywhere, not just one location. What's
>> traceroute say from a place that works?
>
>
> I can get to it from anywhere else I've tried, and apparently
> everyone else so far I've asked can also. I usually try to ssh in,
> and I host some web pages. Here's a traceroute from a location that
> allows access:
>
> traceroute to descartes.homelinux.org (68.33.44.255), 64 hops max, 52
> byte packets
> 1 gw.freeshell.org (192.94.73.62) 0.700 ms 0.563 ms 0.547 ms
> 2 sl-gw28-fw-6-1-0-22-TS0.sprintlink.net (160.81.88.169) 4.705 ms
> 4.308 ms 4.117 ms
> 3 sl-bb21-fw-2-0.sprintlink.net (144.232.12.165) 4.851 ms 4.614 ms
> 6.311 ms
> 4 sprint-gw.dlstx.ip.att.net (192.205.32.69) 22.289 ms 9.341 ms
> 52.554 ms
> 5 12.122.82.230 (12.122.82.230) 39.700 ms 39.921 ms 44.446 ms
> 6 tbr1-cl6.sl9mo.ip.att.net (12.122.10.89) 42.032 ms 39.775 ms
> 39.723 ms
> 7 tbr1-cl4.wswdc.ip.att.net (12.122.10.29) 40.306 ms 39.687 ms
> 39.345 ms
> 8 gar5-p300.wswdc.ip.att.net (12.123.9.105) 40.613 ms 37.870 ms
> 49.915 ms
> 9 12.118.122.6 (12.118.122.6) 69.158 ms 45.897 ms 38.470 ms
> 10 68.87.16.158 (68.87.16.158) 41.508 ms 53.320 ms 38.515 ms
> 11 te-9-3-ur01.bowie.md.bad.comcast.net (68.87.128.181) 52.662 ms
> 38.790 ms 39.863 ms
> 12 te-9-3-ur01.lanham.md.bad.comcast.net (68.87.128.178) 44.721 ms
> 53.785 ms 39.577 ms
> 13 te-9-1-ur02.lanham.md.bad.comcast.net (68.87.129.62) 43.696 ms
> 39.824 ms 39.020 ms
> 14 te-9-3-ur01.hyattsville.md.bad.comcast.net (68.87.129.45) 46.963
> ms 50.110 ms 49.970 ms
> 15 * * *
> 16 pcp0011638909pcs.hyatsv01.md.comcast.net (68.33.44.255) 58.573
> ms 48.622 ms 47.887 ms
>
>
>>
>> Most likely you have a filter (firewall, NAT) blocking you from the
>> server--what port do you think is open and where should it be open from?
>
>
> at least 22 and 80. I know 25 is blocked by comcast. Portsentry is
> running a few others. Here is nmap from the same location above
> (after turning portsentry off):
>
> PORT STATE SERVICE
> 21/tcp open ftp
> 22/tcp open ssh
> 53/tcp open domain
> 80/tcp open http
> 111/tcp open rpcbind
> 113/tcp open auth
> 135/tcp filtered msrpc
> 136/tcp filtered profile
> 137/tcp filtered netbios-ns
> 138/tcp filtered netbios-dgm
> 139/tcp filtered netbios-ssn
> 445/tcp filtered microsoft-ds
> 707/tcp open unknown
> 993/tcp open imaps
> 1080/tcp filtered socks
> 8080/tcp filtered http-proxy
Oh and these are my iptable rules, although I don't think it's getting
that far:
-A INPUT -s 67.15.0.0/255.255.128.0 -j DROP
-A INPUT -s 67.15.128.0/255.255.192.0 -j DROP
-A INPUT -s 67.15.192.0/255.255.224.0 -j DROP
-A INPUT -s 67.15.224.0/255.255.240.0 -j DROP
-A INPUT -s 61.0.0.0/255.0.0.0 -j DROP
_______________________________________________
CLUE-tech mailing list
CLUE-tech at cluedenver.org
http://cluedenver.org/mailman/listinfo/clue-tech
More information about the clue-tech
mailing list