Cannot ping FQDN
-
I'm trying to ping wfbssvc51.icrc.trendmicro.com (it's an FQDN of one of the hosted antivirus components of trend micro that is needed) and the request is timing out. I tried a tracert and the result is seen in the screenshot that is attached. What could possibly be causing this?
https://dl.dropboxusercontent.com/u/108808017/tracert.png
I tried pinging the same address from home (same ISP in the office) and it goes through just fine.
-
Bug your ISP and/or Trendmicro… really has nothing to do with pfSense.
-
Bug your ISP and/or Trendmicro… really has nothing to do with pfSense.
To expand on this. The other end is blocking the pings from you. Responding to ping is voluntary albeit standard. If they don't want to, there is nothing you can do to force them.
-
You do understand that is a CDN name your resolving http://en.wikipedia.org/wiki/Akamai_Technologies
;; QUESTION SECTION:
;wfbssvc51.icrc.trendmicro.com. IN A;; ANSWER SECTION:
wfbssvc51.icrc.trendmicro.com. 11 IN CNAME icrc2048.trendmicro.com.edgekey.net.
icrc2048.trendmicro.com.edgekey.net. 15555 IN CNAME e6033.g.akamaiedge.net.
e6033.g.akamaiedge.net. 16 IN A 23.60.130.101It has a VERY sort TTL, and will change all the time
;; ANSWER SECTION:
e6033.g.akamaiedge.net. 10 IN A 23.194.127.247So that is clearly not a good choice for testing if ping works?? Also pinging is not a very good test of actual pulling some sort of update or dat file off their servers. As mentioned not everyone answers ping..
-
Yes, I got that but why is it ping'able from many other different places even for the same resolvable IP?
-
Well has mentioned already - your location might block.. Can you ping anything from that location. I can ping that IP for example
C:>ping wfbssvc51.icrc.trendmicro.com
Pinging e6033.g.akamaiedge.net [23.210.66.101] with 32 bytes of data:
Reply from 23.210.66.101: bytes=32 time=254ms TTL=57
Reply from 23.210.66.101: bytes=32 time=243ms TTL=57
Reply from 23.210.66.101: bytes=32 time=280ms TTL=57Doesn't mean you can, or as IP changes you might have connectivity issues to that IP, etc.
-
Well has mentioned already - your location might block.. Can you ping anything from that location. I can ping that IP for example
C:>ping wfbssvc51.icrc.trendmicro.com
Pinging e6033.g.akamaiedge.net [23.210.66.101] with 32 bytes of data:
Reply from 23.210.66.101: bytes=32 time=254ms TTL=57
Reply from 23.210.66.101: bytes=32 time=243ms TTL=57
Reply from 23.210.66.101: bytes=32 time=280ms TTL=57Doesn't mean you can, or as IP changes you might have connectivity issues to that IP, etc.
Yes, I can ping other IP's not just this one.
-
what does it matter - it changes every few seconds.. Its a CDN.. There are thousands of servers with hundreds of IPs
-
what does it matter - it changes every few seconds.. Its a CDN.. There are thousands of servers with hundreds of IPs
When I say other IP's, I meant like google.com's IP.
For the wfbssvc51.icrc.trendmicro.com FQDN, I ALWAYS get the same IP every single time so it does matter.
-
Christ… last time - this has absolutely NOTHING to do with pfSense. Move your pointless "efforts" elsewhere.
-
In the screenshot of the traceroute(from the link in your first post), you can see clearly the traffic going beyond pfSense, so as pointed by other members it is NOT a pfSense issue
-
" I ALWAYS get the same IP every single time so it does matter."
Well you have a problem there.. This fqdn you have points to a CNAME of
;; ANSWER SECTION:
wfbssvc51.icrc.trendmicro.com. 377 IN CNAME icrc2048.trendmicro.com.edgekey.net.
icrc2048.trendmicro.com.edgekey.net. 5396 IN CNAME e6033.g.akamaiedge.net.
e6033.g.akamaiedge.net. 8 IN A 23.7.146.101So you end up at e6033.g.akamaiedge.net
This TTL is SHORT!!! 20 seconds when you query the authoritative ns for that domain.
; <<>> DiG 9.9.3-rpz2+rl.13214.22-P2-Ubuntu-1:9.9.3.dfsg.P2-4ubuntu1.1 <<>> @n1g.akamaiedge.net e6033.g.akamaiedge.net
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13792
;; flags: qr aa rd ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;e6033.g.akamaiedge.net. IN A;; ANSWER SECTION:
e6033.g.akamaiedge.net. 20 IN A 23.79.210.101;; Query time: 34 msec
;; SERVER: 23.3.8.23#53(23.3.8.23)
;; WHEN: Sun Apr 06 13:10:57 CDT 2014
;; MSG SIZE rcvd: 67you should not be getting the same IP all the time - they rotate them.
Look
;; ANSWER SECTION:
wfbssvc51.icrc.trendmicro.com. 109 IN CNAME icrc2048.trendmicro.com.edgekey.net.
icrc2048.trendmicro.com.edgekey.net. 5128 IN CNAME e6033.g.akamaiedge.net.
e6033.g.akamaiedge.net. 1 IN A 23.194.127.247;; Query time: 5 msec
;; SERVER: 192.168.1.253#53(192.168.1.253)
;; WHEN: Sun Apr 06 13:12:56 CDT 2014
;; MSG SIZE rcvd: 148ubuntu:~$ dig wfbssvc51.icrc.trendmicro.com
; <<>> DiG 9.9.3-rpz2+rl.13214.22-P2-Ubuntu-1:9.9.3.dfsg.P2-4ubuntu1.1 <<>> wfbssvc51.icrc.trendmicro.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52663
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;wfbssvc51.icrc.trendmicro.com. IN A;; ANSWER SECTION:
wfbssvc51.icrc.trendmicro.com. 1528 IN CNAME icrc2048.trendmicro.com.edgekey.net.
icrc2048.trendmicro.com.edgekey.net. 1722 IN CNAME e6033.g.akamaiedge.net.
e6033.g.akamaiedge.net. 8 IN A 23.60.130.101;; Query time: 22 msec
;; SERVER: 192.168.1.253#53(192.168.1.253)
;; WHEN: Sun Apr 06 13:12:59 CDT 2014
;; MSG SIZE rcvd: 156And I am with doktor here – your trace clearly shows you getting past pfsense - so what does pfsense have to do with the issue?
You sure someone didn't create a host entry or host over ride in your pfsense dns locking this to 1 IP.. That would not be a good idea if they are serving up this stuff from a CDN.. You have no idea what servers are loaded, offline, etc. etc.. They create such a short TTL for a specific reason.. You getting the same IP every time you query that points to something wrong in your name resolution.
-
@ptt:
In the screenshot of the traceroute(from the link in your first post), you can see clearly the traffic going beyond pfSense, so as pointed by other members it is NOT a pfSense issue
Yes, I completely understand that. It's just that johnpoz answered back to this thread so I replied back, got it?