On Mon, Jan 10, 2011 at 11:51 AM, Reinier Battenberg <[email protected]> wrote: > > Hi, > > From my SEACOM connection i cant ping either. Here are 2 traceroutes > > Now here is the fun part: there is a machine in both traceroutes that is > exactly the same. But on TEAMS, traffic passes that machine, and on SEACOM it > blocks it. That does not smell like a DNS issue to me
Yea, that's obviously not DNS. Could your IP address have been blacklisted somehow? Below is from a machine on Infocom: PING 209.88.90.14 (209.88.90.14) 56(84) bytes of data. 64 bytes from 209.88.90.14: icmp_seq=1 ttl=45 time=1455 ms 64 bytes from 209.88.90.14: icmp_seq=2 ttl=45 time=1026 ms traceroute to 209.88.90.14 (209.88.90.14), 30 hops max, 60 byte packets 1 192.168.5.1 (192.168.5.1) 1.345 ms 1.802 ms 2.226 ms 2 192.168.9.1 (192.168.9.1) 74.764 ms 94.861 ms 109.856 ms 3 41.222.0.1 (41.222.0.1) 129.390 ms 144.462 ms 164.333 ms 4 bb-rtr-cont.imul.com (41.222.0.10) 179.782 ms 200.166 ms 214.766 ms 5 * * * 6 sr-12.10G.london.kdn.co.ke (41.191.225.214) 299.395 ms 269.876 ms 307.350 ms 7 * * * 8 ge5-3-0-1000M.ar2.LON3.gblx.net (208.50.13.193) 312.356 ms 317.748 ms 318.027 ms 9 208.178.62.198 (208.178.62.198) 318.364 ms 318.595 ms 318.819 ms 10 207-226-47-222.static.pccwglobal.net (207.226.47.222) 458.971 ms 458.650 ms 459.183 ms 11 * * * 12 62.56.129.105.satcom-systems.net (62.56.129.105) 870.325 ms 865.555 ms 860.406 ms 13 194.133.122.161 (194.133.122.161) 879.141 ms 884.215 ms 893.841 ms 14 cr1hre.telone.co.zw (194.133.122.45) 893.292 ms 888.309 ms 888.317 ms 15 * gta-cust-end.comone.co.zw (209.88.88.82) 1399.209 ms 1054.091 ms 16 * * * 17 * * * 18 * * * 19 * * * 20 * * * 21 * * * 22 * * * 23 * * * 24 * * * 25 * * * 26 * * * 27 * * * 28 * * * 29 * * * 30 * * * > > 207-226-47-222.static.pccwglobal.net (207.226.47.222) > > (btw, Zimbabwe is in Africa, right? So why is traffic to zim going via londen > & paris?) > > Over TEAMS (where the ping works) > > r...@devispconf:~# traceroute 209.88.90.14 > > traceroute to 209.88.90.14 (209.88.90.14), 30 hops max, 40 byte packets > > 1 physic1.mountbatten.net (41.191.79.226) 0.051 ms 0.009 ms 0.008 ms > > 2 rh-teams-rtr.roketelkom.co.ug (41.191.76.1) 0.825 ms 0.824 ms 0.810 ms > > 3 41.202.230.33 (41.202.230.33) 1.756 ms 1.992 ms 2.224 ms > > 4 41.202.226.45 (41.202.226.45) 1.210 ms 1.214 ms 1.200 ms > > 5 41.202.226.1 (41.202.226.1) 1.190 ms 1.181 ms 1.170 ms > > 6 po6-2.passe2.Paris.opentransit.net (193.251.251.197) 172.275 ms 172.059 ms > 172.049 ms > > 7 te11-3.passe1.Paris.opentransit.net (193.251.128.73) 172.037 ms 172.779 ms > 172.772 ms > > 8 tengige0-7-0-2.pastr1.Paris.opentransit.net (193.251.240.149) 173.722 ms > 173.718 ms 173.704 ms > > 9 te1-3.parse1.Paris.opentransit.net (193.251.128.162) 172.693 ms 172.693 ms > 172.578 ms > > 10 peerpccw.GW.opentransit.net (193.251.252.14) 172.998 ms 173.015 ms 173.002 > ms > > 11 207-226-47-222.static.pccwglobal.net (207.226.47.222) 251.903 ms 252.780 > ms 253.256 ms > > 12 * * 207-226-47-241.static.pccwglobal.net (207.226.47.241) 263.044 ms > > 13 62.56.129.105.satcom-systems.net (62.56.129.105) 788.482 ms 788.469 ms > 788.442 ms > > 14 194.133.122.161 (194.133.122.161) 788.689 ms 787.420 ms 787.897 ms > > 15 cr1hre.telone.co.zw (194.133.122.45) 786.653 ms 787.371 ms 786.606 ms > > 16 gta-cust-end.comone.co.zw (209.88.88.82) 887.533 ms 864.531 ms * > > 17 * * * > > 18 * * * > > 19 * * * > > 20 * * * > > 21 * * * > > 22 * * * > > 23 * * * > > 24 * * * > > 25 * * * > > 26 * * * > > 27 * * * > > 28 * * * > > 29 * * * > > 30 * * * > > rein...@mountlab6:/var/www$ traceroute 209.88.90.14 > > traceroute to 209.88.90.14 (209.88.90.14), 30 hops max, 60 byte packets > > 1 ipcop.mountbatten.net (192.168.38.1) 0.232 ms 0.176 ms 0.226 ms > > 2 41.220.13.21 (41.220.13.21) 1.800 ms 3.218 ms 3.162 ms > > 3 41.220.12.129 (41.220.12.129) 16.685 ms 16.692 ms 16.640 ms > > 4 192.168.12.1 (192.168.12.1) 40.007 ms 43.628 ms 43.576 ms > > 5 192.168.145.1 (192.168.145.1) 43.527 ms 43.469 ms 43.419 ms > > 6 41.220.12.41 (41.220.12.41) 43.377 ms 41.875 ms 41.812 ms > > 7 41.220.12.49 (41.220.12.49) 41.781 ms 26.165 ms 26.116 ms > > 8 if-ctu-edge-ci.data.co.ug (41.220.12.33) 26.073 ms 78.825 ms 78.773 ms > > 9 41.221.81.117 (41.221.81.117) 78.729 ms 78.703 ms 81.710 ms > > 10 static-41-222-1-5.metronet.imul.com (41.222.1.5) 81.781 ms 81.744 ms > 81.695 ms > > 11 * * * > > 12 sr-12.10G.london.kdn.co.ke (41.191.225.214) 304.210 ms 304.220 ms 252.114 > ms > > 13 * * * > > 14 ge5-3-0-1000M.ar2.LON3.gblx.net (208.50.13.193) 326.909 ms 369.585 ms > 369.543 ms > > 15 208.178.62.198 (208.178.62.198) 708.593 ms 708.518 ms 708.476 ms > > 16 207-226-47-222.static.pccwglobal.net (207.226.47.222) 708.227 ms 708.255 > ms 708.201 ms > > 17 * * * > > 18 * * * > > 19 * * * > > 20 * * * > > 21 * * * > > 22 * * * > > 23 * * * > > 24 * * * > > 25 * * * > > 26 * * * > > 27 * * * > > 28 * * * > > 29 * * * > > 30 * * * > > -- > > rgds, > > Reinier Battenberg > > Director > > Mountbatten Ltd. > > +256 758 801 749 > > www.mountbatten.net > > On Monday 10 January 2011 11:37:38 McTim wrote: > > > <top post apology> > > > > > > Hi David, > > > > > > Your DNS analysis is spot on. > > > > > > I still can't ping the host tho: > > > > > > 209.88.90.8 > > > > > > C:\Documents and Settings\Administrator>ping 209.88.90.8 > > > > > > Pinging 209.88.90.8 with 32 bytes of data: > > > > > > Request timed out. > > > Request timed out. > > > Request timed out. > > > Request timed out. > > > > > > Ping statistics for 209.88.90.8: > > > Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), > > > > > > So that host is offline. I can ping .14 now: > > > > > > C:\Documents and Settings\Administrator>ping 209.88.90.14 > > > > > > Pinging 209.88.90.14 with 32 bytes of data: > > > > > > Reply from 209.88.90.14: bytes=32 time=1043ms TTL=46 > > > Reply from 209.88.90.14: bytes=32 time=920ms TTL=46 > > > Reply from 209.88.90.14: bytes=32 time=1169ms TTL=46 > > > Reply from 209.88.90.14: bytes=32 time=1113ms TTL=46 > > > > > > Ping statistics for 209.88.90.14: > > > Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), > > > Approximate round trip times in milli-seconds: > > > Minimum = 920ms, Maximum = 1169ms, Average = 1061ms > > > > > > > This just looks like a DNS issue to me. > > > > There are four DNS servers for the domain www.gta.gov.zw: > > > > ns1.gta.gov.zw > > > > ns1.telone.co.zw > > > > ns2.telone.co.zw > > > > ns.gta.gov.zw > > > > ns1.gta.gov.zw and ns1.telone.co.zw have a record for www.gta.gov.zw > > > > which has a CNAME pointing to web.gta.gov.zw. > > > > ns2.telone.co.zw and ns.gta.gov.zw have a record for www.gta.gov.zw which > > > > has a CNAME pointing to mailpri2.gta.gov.zw. > > > > Doing a DNS lookup of web.gta.gov.zw fails, so when you try to do a DNS > > > > lookup on www.gta.gov.zw when the DNS info > > > > has propagated from ns1.gta.gov.zw or ns1.telone.co.zw it will not be > > > > able to get past the lookup for web.gta.gov.zw. > > > > Interestingly enough, ns1.gta.gov.zw and ns1.telone.co.zw do both have an > > > > A record for web.gta.gov.zw of 209.88.90.8 whereas ns2.telone.co.zw > > > > and ns.gta.gov.zw don't have any record for web.gta.gov.zw. > > > > If I add "209.88.90.8 www.gta.gov.zw" to my /etc/hosts file (just to > > > > make sure my http headers request the correct virtual server) and try to > > > > open www.gta.gov.zw in a browser I get a nasty SQL error message > > > > (although now it's timing out). > > > > ns1.gta.gov.zw, ns2.telone.co.zw, ns.gta.gov.zw all agree > > > > that mailpri2.gta.gov.zw is 209.88.90.14 however ns1.telone.co.zw doesn't > > > > have a record for it. If I add "209.88.90.14 www.gta.gov.zw" to my > > > > /etc/hosts file the correct web site (compared to the google cache) does > > > > indeed open fine. So if you really need to access that site, just add > > > > that to your hosts file until the people handling the DNS records there > > > > clean up their mess. My guess is that a machine went down, and the site > > > > was hastily transfered to another machine (their mail server) but the > > > > DNS changes weren't done thoroughly and the records were left in a very > > > > inconsistent state. > > > > David > > > > > > > > > > > > > > > > On Mon, Jan 10, 2011 at 9:43 AM, Reinier Battenberg > > > > > > > > <[email protected]> wrote: > > > >> Hi, > > > >> > > > >> This is all for sake of curiousity, and for the greater local hosting > > > >> (on an african level) good. > > > >> > > > >> By all means, go play golf :-) > > > >> > > > >> -- > > > >> > > > >> rgds, > > > >> > > > >> Reinier Battenberg > > > >> > > > >> Director > > > >> > > > >> Mountbatten Ltd. > > > >> > > > >> +256 758 801 749 > > > >> > > > >> www.mountbatten.net > > > >> > > > >> On Monday 10 January 2011 09:06:39 McTim wrote: > > > >> > Reiner, > > > >> > > > > >> > > > > >> > > > > >> > is this idle curiosity or business critical? If the latter, i can > > > >> > > > > >> > spend some time on it, but if the former, then I'd rather not today! > > > >> > > > > >> > > > > >> > > > > >> > On Mon, Jan 10, 2011 at 8:32 AM, Reinier Battenberg > > > >> > > > > >> > <[email protected]> wrote: > > > >> > > the .14 also works over TEAMS. The problem is with the whole subnet, > > > >> > > on > > > >> > > > > > >> > > SEACOM i can not even resolve names (like mctim, are you on the same > > > >> > > > > > >> > > upstream?) > > > >> > > > > >> > the upstream of my provider is TATA. > > > >> > > > > >> > > > > >> > > > > >> > because 209.88.90.14 is the DNS server for this domain, too. > > > >> > > > > >> > > > > >> > > > > >> > > > > >> > > > > >> > there is no reverse DNS for this subnet. That is one issue: > > > >> > > > > >> > > > > >> > > > > >> > C:\Documents and Settings\Administrator>dig @ns.gta.gov.zw. > > > >> > > > > >> > 90.88.209.in-addr.ar pa > > > >> > > > > >> > > > > >> > > > > >> > ; <<>> DiG 9.3.2 <<>> @ns.gta.gov.zw. 90.88.209.in-addr.arpa > > > >> > > > > >> > ; (1 server found) > > > >> > > > > >> > ;; global options: printcmd > > > >> > > > > >> > ;; Got answer: > > > >> > > > > >> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 742 > > > >> > > > > >> > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: > > > >> > 0 > > > >> > > > > >> > > > > >> > > > > >> > ;; QUESTION SECTION: > > > >> > > > > >> > ;90.88.209.in-addr.arpa. IN A > > > >> > > > > >> > > > > >> > > > > >> > ;; AUTHORITY SECTION: > > > >> > > > > >> > 90.88.209.in-addr.arpa. 86400 IN SOA gta.gov.zw. > > > >> > > > > >> > webmaster.gta.gov.zw . 2006101301 28800 14400 3600000 86400 > > > >> > > > > >> > > > > >> > > > > >> > ;; Query time: 1078 msec > > > >> > > > > >> > ;; SERVER: 209.88.90.3#53(209.88.90.3) > > > >> > > > > >> > ;; WHEN: Mon Jan 10 08:51:00 2011 > > > >> > > > > >> > ;; MSG SIZE rcvd: 96 > > > >> > > > > >> > > r...@devispconf:~# ping 209.88.90.14 > > > >> > > > > > >> > > > > > >> > > > > > >> > > PING 209.88.90.14 (209.88.90.14) 56(84) bytes of data. > > > >> > > > > > >> > > > > > >> > > > > > >> > > 64 bytes from MailScanner warning: numerical links are often > > > >> > > malicious: 209.88.90.14: icmp_seq=1 ttl=45 time=789 ms > > > >> > > > > > >> > > > > > >> > > > > > >> > > 64 bytes from MailScanner warning: numerical links are often > > > >> > > malicious: 209.88.90.14: icmp_seq=2 ttl=45 time=788 ms > > > >> > > > > > >> > > > > > >> > > > > > >> > > --- 209.88.90.14 ping statistics --- > > > >> > > > > >> > I get SFA when I ping that IP: > > > >> > > > > >> > > > > >> > > > > >> > C:\Documents and Settings\Administrator>ping 209.88.90.14 > > > >> > > > > >> > > > > >> > > > > >> > Pinging 209.88.90.14 with 32 bytes of data: > > > >> > > > > >> > > > > >> > > > > >> > Request timed out. > > > >> > > > > >> > Request timed out. > > > >> > > > > >> > Request timed out. > > > >> > > > > >> > Request timed out. > > > >> > > > > >> > > > > >> > > > > >> > Ping statistics for MailScanner warning: numerical links are often > > > >> > malicious: 209.88.90.14: > > > >> > > > > >> > Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), > > > >> > > > > >> > but as you can see, I can not resolve the IP from the hostname: > > > >> > >ping gta.gov.zw > > > >> > > > > >> > Ping request could not find host gta.gov.zw. Please check the name and > > > >> > try > > > >> > > > > >> > again > > > >> > > > > >> > > > > >> > > > > >> > so it is a DNS issue, as well, perhaps as a connectivity issue. > > > >> > > > > >> > > > > >> > > > > >> > I cannot, unlike Hari, use 8.8.8.8 to get an answer from dig: > > > >> > > > > >> > > > > >> > > > > >> > C:\Documents and Settings\Administrator>dig @MailScanner warning: > > > >> > numerical links are often malicious: 8.8.8.8 gta.gov.zw > > > >> > > > > >> > > > > >> > > > > >> > ; <<>> DiG 9.3.2 <<>> @MailScanner warning: numerical links are often > > > >> > malicious: 8.8.8.8 gta.gov.zw > > > >> > > > > >> > ; (1 server found) > > > >> > > > > >> > ;; global options: printcmd > > > >> > > > > >> > ;; Got answer: > > > >> > > > > >> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 635 > > > >> > > > > >> > ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 > > > >> > > > > >> > > > > >> > > > > >> > ;; QUESTION SECTION: > > > >> > > > > >> > ;gta.gov.zw. IN A > > > >> > > > > >> > > > > >> > > > > >> > ;; AUTHORITY SECTION: > > > >> > > > > >> > gta.gov.zw. 1800 IN SOA ns.gta.gov.zw. > > > >> > > > > >> > webmaster.gta.gov .zw. 2010072000 28800 14400 360000 86400 > > > >> > > > > >> > > > > >> > > > > >> > ;; Query time: 1046 msec > > > >> > > > > >> > ;; SERVER: 8.8.8.8#53(8.8.8.8) > > > >> > > > > >> > ;; WHEN: Mon Jan 10 08:44:10 2011 > > > >> > > > > >> > ;; MSG SIZE rcvd: 77 > > > >> > > > > >> > > > > >> > > > > >> > > > > >> > > > > >> > Nor can I get an answer from the ns that has the SOA: > > > >> > > > > >> > > > > >> > > > > >> > C:\Documents and Settings\Administrator>dig @ns.gta.gov.zw. gta.gov.zw > > > >> > > > > >> > > > > >> > > > > >> > ; <<>> DiG 9.3.2 <<>> @ns.gta.gov.zw. gta.gov.zw > > > >> > > > > >> > ; (1 server found) > > > >> > > > > >> > ;; global options: printcmd > > > >> > > > > >> > ;; Got answer: > > > >> > > > > >> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 346 > > > >> > > > > >> > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: > > > >> > 0 > > > >> > > > > >> > > > > >> > > > > >> > ;; QUESTION SECTION: > > > >> > > > > >> > ;gta.gov.zw. IN A > > > >> > > > > >> > > > > >> > > > > >> > ;; AUTHORITY SECTION: > > > >> > > > > >> > gta.gov.zw. 86400 IN SOA ns.gta.gov.zw. > > > >> > > > > >> > webmaster.gta.gov .zw. 2010110900 28800 14400 360000 86400 > > > >> > > > > >> > > > > >> > > > > >> > ;; Query time: 906 msec > > > >> > > > > >> > ;; SERVER: 209.88.90.3#53(209.88.90.3) > > > >> > > > > >> > ;; WHEN: Mon Jan 10 08:44:43 2011 > > > >> > > > > >> > ;; MSG SIZE rcvd: 77 > > > >> > > > > >> > > 3 packets transmitted, 2 received, 33% packet loss, time 2004ms > > > >> > > > > > >> > > > > > >> > > > > > >> > > rtt min/avg/max/mdev = 788.927/789.188/789.450/0.926 ms > > > >> > > > > > >> > > > > > >> > > > > > >> > > r...@devispconf:~# telnet 209.88.90.14 80 > > > >> > > > > > >> > > > > > >> > > > > > >> > > Trying 209.88.90.14... > > > >> > > > > > >> > > > > > >> > > > > > >> > > Connected to 209.88.90.14. > > > >> > > > > >> > So you CAN connect (for some value of that word) to that address? > > > >> > > > > >> > > Escape character is '^]'. > > > >> > > > > > >> > > > > > >> > > > > > >> > > ^] > > > >> > > > > > >> > > > > > >> > > > > > >> > > telnet> > > > >> > > > > > >> > > > > > >> > > > > > >> > > So, with my ISP and SEACOM > > > >> > > > > >> > It looks like SEACOM isn't at all involved in the L3 issues on this > > > >> > one. > > > >> > > > > >> > > > > >> > > > > >> > > > > >> > > > > >> > not being helpful, who di I contact? > > > >> > > > > >> > > > > >> > > > > >> > [email protected], that is in the dig result. > > > >> > > > > >> > > > > >> > > > > >> > and from robtex: > > > >> > > > > >> > > > > >> > > > > >> > contact information for gta.gov.zw > > > >> > > > > >> > [email protected] (responsible for gta.gov.zw) > > > >> > > > > >> > [email protected] (responsible for gip.net) > > > >> > > > > >> > [email protected] (responsible for telone.co.zw) > > > >> > > > > >> > [email protected] (responsible for co.zw) > > > >> > > > > >> > > > > >> > > > > >> > > > > >> > > > > >> > telone is their upstream AFAICS. > > > >> > > > >> -- > > > >> This message has been scanned for viruses and > > > >> dangerous content by MailScanner, and is > > > >> believed to be clean. > > > >> _______________________________________________ > > > >> The Uganda Linux User Group: http://linux.or.ug > > > >> > > > >> Send messages to this mailing list by addressing e-mails to: > > > >> [email protected] > > > >> Mailing list archives: http://www.mail-archive.com/[email protected]/ > > > >> Mailing list settings: http://kym.net/mailman/listinfo/lug > > > >> To unsubscribe: http://kym.net/mailman/options/lug > > > >> > > > >> The Uganda LUG mailing list is generously hosted by INFOCOM: > > > >> http://www.infocom.co.ug/ > > > >> > > > >> The above comments and data are owned by whoever posted them (including > > > >> attachments if any). The mailing list host is not responsible for them > > > >> in any way. > > > > > > > > -- > > > > This message has been scanned for viruses and > > > > dangerous content by MailScanner, and is > > > > believed to be clean. > > > > _______________________________________________ > > > > The Uganda Linux User Group: http://linux.or.ug > > > > > > > > Send messages to this mailing list by addressing e-mails to: > > > > [email protected] Mailing list archives: > > > > http://www.mail-archive.com/[email protected]/ Mailing list settings: > > > > http://kym.net/mailman/listinfo/lug > > > > To unsubscribe: http://kym.net/mailman/options/lug > > > > > > > > The Uganda LUG mailing list is generously hosted by INFOCOM: > > > > http://www.infocom.co.ug/ > > > > > > > > The above comments and data are owned by whoever posted them (including > > > > attachments if any). The mailing list host is not responsible for them in > > > > any way. > > > > > > _______________________________________________ > > > The Uganda Linux User Group: http://linux.or.ug > > > > > > Send messages to this mailing list by addressing e-mails to: > > > [email protected] Mailing list archives: > > > http://www.mail-archive.com/[email protected]/ Mailing list settings: > > > http://kym.net/mailman/listinfo/lug > > > To unsubscribe: http://kym.net/mailman/options/lug > > > > > > The Uganda LUG mailing list is generously hosted by INFOCOM: > > > http://www.infocom.co.ug/ > > > > > > The above comments and data are owned by whoever posted them (including > > > attachments if any). The mailing list host is not responsible for them in > > > any way. > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > _______________________________________________ > The Uganda Linux User Group: http://linux.or.ug > > Send messages to this mailing list by addressing e-mails to: [email protected] > Mailing list archives: http://www.mail-archive.com/[email protected]/ > Mailing list settings: http://kym.net/mailman/listinfo/lug > To unsubscribe: http://kym.net/mailman/options/lug > > The Uganda LUG mailing list is generously hosted by INFOCOM: > http://www.infocom.co.ug/ > > The above comments and data are owned by whoever posted them (including > attachments if any). The mailing list host is not responsible for them in any > way. _______________________________________________ The Uganda Linux User Group: http://linux.or.ug Send messages to this mailing list by addressing e-mails to: [email protected] Mailing list archives: http://www.mail-archive.com/[email protected]/ Mailing list settings: http://kym.net/mailman/listinfo/lug To unsubscribe: http://kym.net/mailman/options/lug The Uganda LUG mailing list is generously hosted by INFOCOM: http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The mailing list host is not responsible for them in any way. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
