Here is an unusual situation seen from our network (AS 8237).
Our direct SwissIX peering with Genotec has been down for a few weeks now (can someone from Genotec contact me about this). Since then we have noticed the following effect:
If our traffic to Genotec is routed via AS 6775, then we are unable to establish an FTP connection to Genotec, although WWW works as usual.
# traceroute to gic-web-bsd-016.genotec.ch (82.195.224.116): 1-30 hops, 38 byte packets 1 ZHS08 (195.216.80.8) 0.268 ms 0.146 ms 0.115 ms 2 as6775.swissix.ch (194.242.34.40) 2.41 ms 1.57 ms 2.62 ms 3 ge0.2.border-01.iwb.ipv4.as16215.net (194.242.34.16) 2.95 ms (ttl=252!) 3.17 ms (ttl=252!) 2.48 ms (ttl=252!) 4 * * * 5 * * * 6 (interrupt)
# telnet 82.195.224.116 21 Trying 82.195.224.116... (Timeout)
# telnet 82.195.224.116 80 Trying 82.195.224.116... Connected to 82.195.224.116. Escape character is '^]'.
However if the traffic goes through another AS (e.g. AS 13030), then everything is fine.
# traceroute 82.195.224.116 traceroute to gic-web-bsd-016.genotec.ch (82.195.224.116): 1-30 hops, 38 byte packets 1 ZHS08 (195.216.80.8) 0.247 ms 0.128 ms 0.175 ms 2 swissix-zh.init7.net (194.242.34.7) 0.677 ms (ttl=62!) 4.0 ms (ttl=62!) 0.659 ms (ttl=62!) 3 r1bas.ce.init7.net (213.144.128.57) 1.43 ms 3.86 ms 1.41 ms 4 gw-genotec.init7.net (77.109.134.170) 2.17 ms 2.15 ms 2.47 ms 5 * * * 6 * * * 7 * * * 8 (interrupt)
# telnet 82.195.224.116 21 Trying 82.195.224.116... Connected to 82.195.224.116. Escape character is '^]'. 220- 220- .y/ 220- ::::::. ::::::. -oso+s/ `+ooo/` os+oso. `/oso+` `sMd+` `/ooo/` `/oso+` 220- `o-```/:`o.```/: `mm-.+My `dm/:+Ny mN:.:Nd` yN:.-md` /My. dm/:/Nh dm:.-:` 220- `/::::/- /::::/- .Nh .My .Nd+++o+` mm dm` dm hN. -Ms `Md+++oo `Nh 220- `/::::/- /::::/- odysyMy odyosy- dm dm` /dhsyd+ `ddo` +dyosy: +dysys` 220- `o. /:`o. /: `:--+Mo `...` .. .. `...` `.. `...` `...` 220- `::::::. ::::::. -osss: 220- 220- Genotec Internet Consulting AG 220- Hegenheimermattweg 119a, CH-4104 Allschwil BL 220- email: support@genotec.ch --- http: www.genotec.ch 220- 220- 220 FTP server ready
Is AS 6775 really filtering port 21 at the backbone level? That would clearly be quite unusual.
Can anyone else see this effect?
For the time being, I am disabling our peering to AS 6775, but it would be nice for whoever it concerns to look into this.
Kind regards Anthony
Anthony Uk / dataway GmbH wrote:
Here is an unusual situation seen from our network (AS 8237).
Our direct SwissIX peering with Genotec has been down for a few weeks now (can someone from Genotec contact me about this). Since then we have noticed the following effect:
If our traffic to Genotec is routed via AS 6775, then we are unable to establish an FTP connection to Genotec, although WWW works as usual.
# traceroute to gic-web-bsd-016.genotec.ch (82.195.224.116): 1-30 hops, 38 byte packets 1 ZHS08 (195.216.80.8) 0.268 ms 0.146 ms 0.115 ms 2 as6775.swissix.ch (194.242.34.40) 2.41 ms 1.57 ms 2.62 ms 3 ge0.2.border-01.iwb.ipv4.as16215.net (194.242.34.16) 2.95 ms (ttl=252!) 3.17 ms (ttl=252!) 2.48 ms (ttl=252!) 4 * * * 5 * * *
What is the route *back*, if any...
Without those details never ever even try to point fingers at anybody.
Greets, Jeroen
Jeroen Massar jeroen@unfix.org schrieb am 02 Sep 2008:
Anthony Uk / dataway GmbH wrote:
Here is an unusual situation seen from our network (AS 8237).
Our direct SwissIX peering with Genotec has been down for a few weeks now (can someone from Genotec contact me about this). Since then we have noticed the following effect:
If our traffic to Genotec is routed via AS 6775, then we are unable to establish an FTP connection to Genotec, although WWW works as usual.
# traceroute to gic-web-bsd-016.genotec.ch (82.195.224.116): 1-30 hops, 38 byte packets 1 ZHS08 (195.216.80.8) 0.268 ms 0.146 ms 0.115 ms 2 as6775.swissix.ch (194.242.34.40) 2.41 ms 1.57 ms 2.62 ms 3 ge0.2.border-01.iwb.ipv4.as16215.net (194.242.34.16) 2.95 ms (ttl=252!) 3.17 ms (ttl=252!) 2.48 ms (ttl=252!) 4 * * * 5 * * *
What is the route *back*, if any...
Without those details never ever even try to point fingers at anybody.
True enough.
In both cases, the return route goes through AS 13030, at least if the looking glass is to be believed.
Tracing the route to galaxia.dataway.ch (195.216.80.32)
1 gi0-1.core01.iwb1.ip4.as16215.net (82.195.245.238) 0 msec 4 msec 0 msec 2 swissix-zh.init7.net (194.242.34.7) 0 msec 12 msec 4 msec 3 r10zur1.ce.init7.net (213.144.128.6) [AS 13030] 4 msec 0 msec 8 msec 4 194.242.34.23 4 msec 0 msec 4 msec 5 galaxia.dataway.ch (195.216.80.32) [AS 8237] 0 msec 0 msec 4 msec
anthony