It was working for me a few hours ago, and now dead at hop 3 on FIOS again.
If they have 2 prefixes being advertised from AS51040 http://bgp.he.net/AS51040#_prefixes Why can I traceroute to 1 but not the other? [root@tor-proxy network-scripts]# mtr --report -c 5 194.14.56.1 HOST: tor-proxy.home Loss% Snt Last Avg Best Wrst StDev 1. pfsense.home 0.0% 5 0.5 1.0 0.4 2.7 1.0 2. L100.NWRKNJ-VFTTP-134.verizo 0.0% 5 1.3 6.0 1.3 20.6 8.3 3. G0-5-3-4.NWRKNJ-LCR-22.veriz 0.0% 5 3.2 4.6 3.2 6.7 1.4 4. ae0-0.NWRK-BB-RTR2.verizon-g 0.0% 5 5.9 8.4 4.9 20.7 6.8 5. ??? 100.0 5 0.0 0.0 0.0 0.0 0.0 6. 0.ae2.BR3.NYC4.ALTER.NET 0.0% 5 6.8 6.7 6.6 6.9 0.1 7. 204.255.169.234 0.0% 5 5.4 5.7 5.2 7.1 0.8 8. ae-2.r23.nycmny01.us.bb.gin. 0.0% 5 6.2 7.1 5.9 11.0 2.2 9. ae-6.r21.frnkge03.de.bb.gin. 60.0% 5 94.5 92.6 90.7 94.5 2.7 10. ae-1.r02.frnkge03.de.bb.gin. 0.0% 5 95.2 94.3 93.1 95.6 1.1 11. 213.198.77.214 0.0% 5 92.7 93.4 92.7 94.1 0.5 12. et030-4.RT.TC1.STO.SE.retn.n 0.0% 5 109.2 109.4 109.0 110.9 0.8 13. GW-ObeNetwork.retn.net 0.0% 5 116.0 190.0 111.1 341.8 100.4 14. moria-cr-3.piratpartiet.se 20.0% 5 110.1 111.6 109.9 116.1 2.9 [root@tor-proxy network-scripts]# mtr --report -c 5 194.71.107.27 HOST: tor-proxy.home Loss% Snt Last Avg Best Wrst StDev 1. pfsense.home 0.0% 5 0.6 0.4 0.3 0.6 0.1 2. L100.NWRKNJ-VFTTP-134.verizo 0.0% 5 1.4 7.1 1.4 29.1 12.3 3. ??? 100.0 5 0.0 0.0 0.0 0.0 0.0 The site works 100 % fine over vpn or proxy. So I don't think this is related to any DDOS attack. On Thu, Nov 27, 2014 at 2:06 PM, Phil Bedard <[email protected]> wrote: > In the post you quoted it says: > > "In my last post I pointed out the do not announce to peers > community AS5580 was sending to Cogent, Level3 and who knows who else. So > any ASN that is not a customer of Cogent or Level3 wont learn the 5580 path > from them." > > Verizon, ATT, and the rest of those networks are Tier-1 networks meaning > if 5580 was tagging the route with do-not-advertise to their transit > providers (Level3 & Cogent) the other Tier-1s wouldn't have another route > to it. Looking at routing updates there were a lot of them yesterday for > that prefix, for whatever reason. The lack of reachability was completely > due to Atrato, had nothing to do with the ISPs in the US. > > It was reachable for me yesterday on our network, but we peer directly > with Atrato. > > It's possible they did it to stop a DDoS, some other kind of attack, or > any number of reasons. > > Phil > > > > > > > On 11/27/14, 2:47 PM, "Javier J" <[email protected]> wrote: > > >Looks like its working now (on FIOS anyway) > > > >Curious to know why the major networks stopped seeing it yesterday as > >well. > > > >On Thu, Nov 27, 2014 at 12:45 AM, Courtney Smith > ><[email protected]> > >wrote: > > > >> > >> > No problem here in Los Angeles either, but seeing a lone route through > >> Atrato only. > >> > > >> > flags destination gateway lpref med aspath origin > >> > *> 194.71.107.0/24 <> 100 0 3491 5580 39138 22351 > >>2.207 > >> 51040 i > >> > * 194.71.107.0/24 <> 100 0 174 5580 39138 22351 > >> 2.207 51040 i > >> > > >> > > >> > On 11/27/2014 午前 11:24, Tony Wicks wrote: > >> >> > >> >> No problem here in New Zealand > >> >> > >> >> tonyw@vrhost1-w> show route 194.71.107.0/24 > >> >> > >> >> icore1-w.inet.0: 519451 destinations, 525214 routes (519437 active, > >>14 > >> >> holddown, 0 hidden) > >> >> + = Active Route, - = Last Active, * = Both > >> >> > >> >> 194.71.107.0/24 *[BGP/170] 10:25:44, MED 0, localpref 90 > >> >> AS path: 4826 5580 39138 22351 131279 51040 I, > >> >> validation-state: unverified > >> >> > to 175.45.102.9 via ae1.526 > >> >> > >> > >> Hopefully the body cones thru this time. The issue isn't city or > >>country > >> based. In my last post I pointed out the do not announce to peers > >> community AS5580 was sending to Cogent, Level3 and who knows who else. > >> So > >> any ASN that is not a customer of Cogent or Level3 wont learn the 5580 > >>path > >> from them. > >> > >> When I checked a few hours ago, Comcast, Centurylink, AT&T, TATA, and > >> possibly Sprint were not seeing the /24 based on their public looking > >> glasses or route servers. Have not had time to run bgplay to see if > >> routeviews data shows how they previously saw the /24 in past 30 days. > >> Finding the ASN(s) they used to see from would shed light on why they > >> stopped seeing. Checking bgplay and contacting AS51040 to reach out to > >> their upstreams is my suggestion. > >
