Blocked WEB site, DNS look up=ok, ping=fail, tracert=fail



  • Hi -

    I'm trying to reach the University of New Mexico (UNM.EDU) WEB sites and failing.  Both my windows systems and linux systems can not access the sites, however, I can access unm.edu from my android phone (through verizon) and via TOR from home.  I think the issue is somewhere in my pfsense setup.  I see the same blocked behavior with DNS servers 8.8.8.8 and 4.2.2.2.  I'm running release 2.2.6 on a Netgate 2440 box.

    Running through the diagnostics menu, DNS resolves to 129.24.168.32 (seems to be correct).  Ping has 100% packet loss.  Tracert looks like this:

    1  * * *
    te-0-3-1-1-sur01.paradise.nm.albuq.comcast.net (68.85.224.105)  7.666 ms  8.978 ms  7.932 ms
    be-6-ar02.albuquerque.nm.albuq.comcast.net (68.86.182.121)  8.663 ms  9.605 ms  8.113 ms
    be-100-ar01.albuquerque.nm.albuq.comcast.net (68.86.182.37)  12.680 ms
        be-200-ar01.albuquerque.nm.albuq.comcast.net (68.86.182.21)  8.727 ms  9.269 ms
    be-33654-cr01.1601milehigh.co.ibone.comcast.net (68.86.95.237)  404.892 ms  446.298 ms  16.234 ms
    be-11719-cr02.denver.co.ibone.comcast.net (68.86.86.77)  21.841 ms  16.743 ms  19.035 ms
    ae14.edge3.Denver1.Level3.net (4.68.127.129)  15.815 ms  18.211 ms  17.988 ms
    8  * ae-21-52.car1.Denver1.Level3.net (4.69.147.99)  17.103 ms
        ae-11-51.car1.Denver1.Level3.net (4.69.147.67)  17.471 ms
    CENIC.car1.Denver1.Level3.net (4.30.24.58)  48.744 ms  48.784 ms  50.649 ms
    10  * * *
    11  * * *
    12  * * *
    13  * * *
    (apologize, I didn't see how to add a scrolling region)

    I do not see messages in the firewall logs about 4.30.24.58 (above, etc) being blocked.  I don't see alerts about these sites in pfblocker.  Both the "Allow DNS server list to be overridden by DHCP" and "Do not use the DNS Forwarder or Resolver as a DNS server" under System->General are unchecked.

    This seems to be a very specific error with this destination as I have not noticed any other 'missing' sites (npr, cnn, netflix, … regular stuff all works).  The only unusual setup that I can think of is that, following the thread in these forums, I did setup pfblocker to block W10 telemetry.  I don't think this is root cause, ... but just to mention it.

    Any suggestions where to look next?

    Thanks!



  • Correct : unm.edu (129.24.168.32) doesn't reply to pings …. and its up to them to do so, or not.
    Traceroute : that not the final end-point (unm.edu (129.24.168.32)) who decides to do so - but everything else 'some where' between you and them.

    Btw : the site http://www.unm.edu (129.24.168.32) connects well ans hows up for me (using pfSEnse, etc).



  • The traceroute I run continues onto the target host via 129.24.212.35 (just after 4.30.24.58), which is a UNM host - possibly a firewall. My guess is that the University's sysadmins are blocking traffic from your block of Comcast addresses, but that's just a theory. Maybe they've had attacks from that part of the internet?



  • @muswellhillbilly:

    The traceroute I run continues onto the target host via 129.24.212.35 (just after 4.30.24.58), which is a UNM host - possibly a firewall. My guess is that the University's sysadmins are blocking traffic from your block of Comcast addresses, but that's just a theory. Maybe they've had attacks from that part of the internet?

    Yeah the first hop that doesn't reply is the first hop of UNM's network. They probably are either blackholing something there for some reason, or have screwed up routing.

    Nothing OP can do regardless short of contacting UNM, the issue's definitely not on your network.



  • Mine currently works

    1    <1 ms    <1 ms    <1 ms  pfsense.localdomain [192.168.1.1]
      2    2 ms    2 ms    3 ms  xxx
      3    14 ms    13 ms    14 ms  xe-10-0-0.bar2.Minneapolis2.Level3.net [4.59.66.5]
      4    38 ms    38 ms    39 ms  ae-21-52.car1.Denver1.Level3.net [4.69.147.99]
      5  103 ms  105 ms  127 ms  ae-21-52.car1.Denver1.Level3.net [4.69.147.99]
      6    66 ms    70 ms    73 ms  CENIC.car1.Denver1.Level3.net [4.30.24.58]
      7    74 ms    73 ms    73 ms  198.83.83.5
      8    67 ms    67 ms    67 ms  208.77.78.190
      9    69 ms    69 ms    68 ms  bldg116-0020.unm.edu [129.24.192.30]
    10    *        *        *    Request timed out.
    11    68 ms    68 ms    69 ms  unm.edu [129.24.168.32]


Log in to reply