On Mon, 12 Mar 2018 17:44:47 -0000, Sam Kretchmer said:
I am part of a small ISP based in Chicago. We have several clients complaining of an inability to hit a couple specific government websites, specifically http://tierii.iema.state.il.us/TIER2MANAGER/Account/Login.aspx and https://www.deadiversion.usdoj.gov/. It does seem to be related to the IP's they use, specifically parts of 213.159.132/22
First thing that comes to mind: Fire up wireshark and see if anything pops out. Second thing: PMTU black hole or similar - the 3 packet handshake completes, and TLS fires up, and then comes to a screeching halt when something large causes a MTU-sized packet to happen. Double-check the pages, make sure they aren't doing something squirrelly like fetching CSS from some *other* site that's down or PMTU black holed. Oh, and 519 lashes with a wet noodle for the IL state division of IT for having a Login.aspx on an http: site. ;)