why only some ips work?

why only some ips work?
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Networking Firewalls    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
why only some ips work? tony 07-01-2005
Posted by on July 1, 2005, 7:46 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
I have linux box red hat 8.0 in 209.151.137.73, it acts a router.
it works for 209.151.137.74-78, the funny things, there is not any
problem to access 78, but 74 is not accessable.

the following is the trace report. I called the company for
janefinch-core.ica.net , he said that is good for his router.
so how can I verify if my linux box is ok?


Tracing route to comp1.blizegaming.com [209.151.137.74]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms 192.168.2.1
2 16 ms 17 ms 16 ms 64.230.197.232
3 15 ms 15 ms 15 ms 64.230.229.113
4 15 ms 14 ms 15 ms
core3-toronto63-Gigabite4-0.in.bellnexxia.net [2
06.108.107.169]
5 15 ms 15 ms 15 ms 64.230.242.102
6 15 ms 15 ms 14 ms dis1-toronto63-pos3-0.in.bellnexxia.net
[206.108
..98.126]
7 222 ms 287 ms 279 ms 64.230.219.174
8 18 ms 17 ms 25 ms stagewest-core.ica.net [209.151.129.98]
9 19 ms 19 ms 20 ms 209.151.129.234
10 20 ms 19 ms 22 ms janefinch-core.ica.net
[209.151.129.250]
11 * * * Request timed out.
12 * * * Request timed out.




Tracing route to 209.151.137.78 over a maximum of 30 hops

1 <1 ms <1 ms <1 ms 192.168.2.1
2 17 ms 17 ms 18 ms 64.230.197.232
3 15 ms 15 ms 15 ms 64.230.229.113
4 16 ms 15 ms 14 ms
core4-toronto63-Gigabite4-0.in.bellnexxia.net [2
06.108.107.177]
5 15 ms 14 ms 15 ms 64.230.242.98
6 15 ms 15 ms 14 ms dis1-toronto63-pos2-0.in.bellnexxia.net
[206.108
..98.6]
7 17 ms 17 ms 17 ms 64.230.219.174
8 18 ms 18 ms 18 ms stagewest-core.ica.net [209.151.129.98]
9 19 ms 18 ms 19 ms 209.151.129.234
10 21 ms 20 ms 19 ms janefinch-core.ica.net
[209.151.129.250]
11 22 ms 23 ms 50 ms 209.151.137.204
12 21 ms 29 ms 30 ms 209.151.137.78
13 22 ms 22 ms 22 ms 209.151.137.78



Posted by Joachim Schipper on July 2, 2005, 8:53 am
If you were  Registered and logged in, you could reply and use other advanced thread options
tony@teck-tron.net wrote:
> I have linux box red hat 8.0 in 209.151.137.73, it acts a router.
> it works for 209.151.137.74-78, the funny things, there is not any
> problem to access 78, but 74 is not accessable.
>
> the following is the trace report. I called the company for
> janefinch-core.ica.net , he said that is good for his router.
> so how can I verify if my linux box is ok?
>
>
> Tracing route to comp1.blizegaming.com [209.151.137.74]
> over a maximum of 30 hops:
>
> 1 <1 ms <1 ms <1 ms 192.168.2.1
> 2 16 ms 17 ms 16 ms 64.230.197.232
> 3 15 ms 15 ms 15 ms 64.230.229.113
> 4 15 ms 14 ms 15 ms
> core3-toronto63-Gigabite4-0.in.bellnexxia.net [2
> 06.108.107.169]
> 5 15 ms 15 ms 15 ms 64.230.242.102
> 6 15 ms 15 ms 14 ms dis1-toronto63-pos3-0.in.bellnexxia.net
> [206.108
> .98.126]
> 7 222 ms 287 ms 279 ms 64.230.219.174
> 8 18 ms 17 ms 25 ms stagewest-core.ica.net [209.151.129.98]
> 9 19 ms 19 ms 20 ms 209.151.129.234
> 10 20 ms 19 ms 22 ms janefinch-core.ica.net
> [209.151.129.250]
> 11 * * * Request timed out.
> 12 * * * Request timed out.

> Tracing route to 209.151.137.78 over a maximum of 30 hops
>
> 1 <1 ms <1 ms <1 ms 192.168.2.1
> 2 17 ms 17 ms 18 ms 64.230.197.232
> 3 15 ms 15 ms 15 ms 64.230.229.113
> 4 16 ms 15 ms 14 ms
> core4-toronto63-Gigabite4-0.in.bellnexxia.net [2
> 06.108.107.177]
> 5 15 ms 14 ms 15 ms 64.230.242.98
> 6 15 ms 15 ms 14 ms dis1-toronto63-pos2-0.in.bellnexxia.net
> [206.108
> .98.6]
> 7 17 ms 17 ms 17 ms 64.230.219.174
> 8 18 ms 18 ms 18 ms stagewest-core.ica.net [209.151.129.98]
> 9 19 ms 18 ms 19 ms 209.151.129.234
> 10 21 ms 20 ms 19 ms janefinch-core.ica.net
> [209.151.129.250]
> 11 22 ms 23 ms 50 ms 209.151.137.204
> 12 21 ms 29 ms 30 ms 209.151.137.78
> 13 22 ms 22 ms 22 ms 209.151.137.78

Those look a little dodgy to me. The first thing worth noting is that
the traceroute to 209.151.137.78 does not, in fact, go by
209.151.137.73, unless something funky is happening.

The double .78 at the end of your second traceroute looks a little
dodgy, too - I'm certain it means *something*, but I don't know what.

I'd like to take a look at the routing tables for 209.151.129.250 and
..204. And possibly .78.

Do you allow tracerouting? If not, that might explain the 'timed out'
messages in your first traceroute.

Running tcpdump on .73 and .78 may be interesting; it will at least
allow you to see if anything happens on the wire.

                Joachim


Posted by Moe Trin on July 2, 2005, 2:06 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
In the Usenet newsgroup comp.security.firewalls, in article
tony@teck-tron.net wrote:

>I have linux box red hat 8.0 in 209.151.137.73

Why such an obsolete distribution? RH8.0 was end-of-lifed at Red Hat on
31 December 2003, and support at fedoralegacy.org ended in September 2004.

>it acts a router. it works for 209.151.137.74-78, the funny things, there
>is not any problem to access 78, but 74 is not accessable.

Look at the forwarding rules on .73, and the firewall rules on .74

>the following is the trace report. I called the company for
>janefinch-core.ica.net , he said that is good for his router.
> so how can I verify if my linux box is ok?

Is the Linux box offering services to the Internet? Try connecting to
that service. If not offering services, why is it connected?

>Tracing route to comp1.blizegaming.com [209.151.137.74]
>over a maximum of 30 hops:

That looks like the b0rken microsoft TRACERT program, which only uses
ICMP echos. The original 'traceroute' uses UDP packets to ports in the
33434 and above range. Different protocols - different results. None of
them relate to what you might see with TCP.

> 10 20 ms 19 ms 22 ms janefinch-core.ica.net [209.151.129.250]
> 11 * * * Request timed out.
> 12 * * * Request timed out.

The host beyond janefinch-core.ica.net is blocking ICMP Type 3, or not
forwarding properly.

>Tracing route to 209.151.137.78 over a maximum of 30 hops

> 10 21 ms 20 ms 19 ms janefinch-core.ica.net [209.151.129.250]
> 11 22 ms 23 ms 50 ms 209.151.137.204
> 12 21 ms 29 ms 30 ms 209.151.137.78
> 13 22 ms 22 ms 22 ms 209.151.137.78

If that's not a typo, there is something screwy with the networking setup
on 209.151.137.78 - possibly a strange firewall rule. If that is RH8.0,
there was a "user friendly" P.O.S called 'lokkit' that was used to work
with the firewall. Or, you could just use '/sbin/iptables -L' to see what
rules are in place.

Old guy


Similar ThreadsPosted
Yes, Sygate WILL work without IE November 29, 2004, 6:29 am
Getting Morpheus to work with XP May 31, 2005, 1:51 pm
FBI spying- See them at work!!! September 19, 2006, 7:00 am
How dose a firewall work? January 2, 2005, 3:43 pm
Would these firewall rules work for me? March 31, 2005, 12:55 am
How does Firewall/VPN appliance work? May 4, 2005, 1:58 pm
Cannot get Cerverus ftp server to work March 25, 2006, 4:26 am
ZoneAlarms Pro and eBay do NOT work together??? May 7, 2006, 6:21 pm
Usenet allowed from work? June 21, 2007, 1:49 pm
Re: Usenet allowed from work? July 22, 2007, 3:50 pm

The site map in XML format XML site map

Contact Us | Privacy Policy