In message <20120208234141.GZ5968@angus.ind.WPI.EDU>, Chuck Anderson writes:
On Wed, Jan 11, 2012 at 12:14:29PM -0800, chk wrote:
If there is a Roadrunner contact monitoring the list can you please contact me off list regarding a routing issue from ns1/2.adelphia.net
Did you ever get any response? I'm having a similar issue:
For the past couple months, we have been unable to query the authoritative DNS servers for adelphia.net on IP addresses 75.180.129.58 and 75.180.129.59 from our campus network IP block 130.215.0.0/16, using either TCP or UDP:
dig +short +norec @75.180.129.58 adelphia.net. mx ;; connection timed out; no servers could be reached
dig +short +norec @75.180.129.59 adelphia.net. mx ;; connection timed out; no servers could be reached
dig +tcp +short +norec @75.180.129.58 adelphia.net. mx ;; communications error to 75.180.129.58#53: end of file
dig +tcp +short +norec @75.180.129.59 adelphia.net. mx ;; communications error to 75.180.129.59#53: end of file
This is causing email failures to anyone with an @adelphia.net email address.
I can ping the DNS servers from 130.215.0.0/16:
ping -c3 75.180.129.58 PING 75.180.129.58 (75.180.129.58) 56(84) bytes of data. 64 bytes from 75.180.129.58: icmp_req=1 ttl=241 time=26.9 ms 64 bytes from 75.180.129.58: icmp_req=2 ttl=241 time=26.7 ms 64 bytes from 75.180.129.58: icmp_req=3 ttl=241 time=26.7 ms
--- 75.180.129.58 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2001ms rtt min/avg/max/mdev = 26.711/26.797/26.953/0.110 ms
ping -c3 75.180.129.59 PING 75.180.129.59 (75.180.129.59) 56(84) bytes of data. 64 bytes from 75.180.129.59: icmp_req=1 ttl=241 time=25.9 ms 64 bytes from 75.180.129.59: icmp_req=2 ttl=241 time=26.1 ms 64 bytes from 75.180.129.59: icmp_req=3 ttl=241 time=25.5 ms
--- 75.180.129.59 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2002ms rtt min/avg/max/mdev = 25.523/25.871/26.120/0.285 ms
And I can make a TCP port 53 connection which gets immediately closed:
telnet 75.180.129.58 53 Trying 75.180.129.58... Connected to 75.180.129.58. Escape character is '^]'. Connection closed by foreign host.
telnet 75.180.129.59 53 Trying 75.180.129.59... Connected to 75.180.129.59. Escape character is '^]'. Connection closed by foreign host.
It is acting as if there is an ACL or firewall rule that is blocking 130.215.0.0/16 from accessing DNS port 53 on the DNS servers at 75.180.129.58 and 75.180.129.59.
I've already ruled out any firewalls on our end, as well as any routing issues. I can see the UDP port 53 packets going out, but there is no reply. I can see the 3-way TCP port 53 handshake packets going out and coming in, but the other end closes the connection immediately.
If I use a non-130.215.0.0/16 source IP from my router, I get a normal response via both UDP and TCP:
% dig -b 207.210.142.142 +short +norec @75.180.129.58 adelphia.net. mx 10 cdptpa-smtpin01.mail.rr.com. 20 cdptpa-smtpin02.mail.rr.com.
% dig -b 207.210.142.142 +short +tcp +norec @75.180.129.58 adelphia.net. mx 10 cdptpa-smtpin01.mail.rr.com. 20 cdptpa-smtpin02.mail.rr.com.
I'd appreciate if someone could help me find a clueful contact at TW/RoadRunner/Adelphia/Comcast/whoever they are now. I've tried all the contacts in WHOIS for adelphia.net, the IP block, and ASN. I've tried the NOC List on puck.nether.net--no matches.
Thanks, Chuck
Sounds like a bad "bogus" acl. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org