We
have a /23 (199.5.156/23) and seem to be having a problem with our ISP (Network
Access Solutions - NAS) .
We
do not do our own route advertising - they do it for us and route the block to
our connection.
The
problem is that the second part of the block (199.5.157.0 - 199.5.157.255)
seems to be mis-routed within the ISP's network. I think its
a netmask problem.
The
symptoms are that packets get through from some destinations and not from
others. Also, packets sometimes fail based on port numbers (ie: if I come from
x.y.z.w to 199.5.157.x on port 80, it works but not from x.y.z.w to 199.5.157.x
on port 25) Furthermore, the port and source addresses that have problems
changes over time (ie: x.y.z.w to port 25 will work tommorrow). We dont block these ports nor do they.
NAS
seems to be light on technical talent and can't seem to solve this problem.
Interesting
note, if you check 199.5.157.1 bgp from any of the looking glass websites you
get multiple occurrences of NAS (and other AS numbers): ie: (from AADS)
BGP
routing table entry for 199.5.156.0/23, version 6041537
Paths:
(6 available, best #1)
Advertised to peer-groups:
AS4544-INTERNAL AS4544-CLIENT
AS4544-HOT-ROUTE AS4544-DATA-CENTER
AS4544-CORE-CUSTOMER-FULL
16631 16631 16631 13953 13953 13953 13953
13953 13953
206.220.243.177 from 206.220.243.177
(66.28.1.8)
Origin IGP, metric 100, localpref 80,
valid, external, best
Community: 4544:300
16631 16631 16631 13953 13953 13953 13953
13953 13953, (received-only)
206.220.243.177 from 206.220.243.177
(66.28.1.8)
Origin IGP, metric 30802, localpref 100,
valid, external
16631 16631 16631 13953 13953 13953 13953
13953 13953, (received & used)
206.204.251.196 (metric 113851) from
206.204.251.196 (206.204.251.196)
Origin IGP, metric 100, localpref 80,
valid, internal
Community: 4544:300 4544:5005
16631 16631 16631 13953 13953 13953 13953
13953 13953, (received & used)
206.204.251.206 (metric 43484) from 206.204.251.206
(206.204.251.206)
Origin IGP, metric 100, localpref 80,
valid, internal
Community: 4544:300 4544:5001
6461 16631 16631 16631 13953 13953 13953
13953 13953 13953
206.220.243.71 from 206.220.243.71
(207.126.96.35)
Origin IGP, metric 110, localpref 80,
valid, external
Community: 4544:300
6461 16631 16631 16631 13953 13953 13953
13953 13953 13953, (received-only)
206.220.243.71 from 206.220.243.71
(207.126.96.35)
Origin IGP, metric 1295, localpref 100,
valid, external
Notice
the multiple occurrences of 16631 and 13953. I know there are valid reasons to
add multiple occurrences, but can anyone tell if this is broken? These
duplicate numbers are new - they were'nt there before (when things worked).
The
intermittant failure problem reminds me of a time when someone's IGRP had a bad
netmask somwhere. I'm wondering if they may have a /24 netmask internally
somewhere and not a /23 like they should.
Any
help would be appreciated. NAS doesn't seem to have a clue.