[122245] in North American Network Operators' Group
RE: black listing of web traffic
daemon@ATHENA.MIT.EDU (Dylan Ebner)
Wed Feb 10 10:36:35 2010
From: Dylan Ebner <dylan.ebner@crlmed.com>
To: Andrey Gordon <andrey.gordon@gmail.com>, Nanog <nanog@nanog.org>
Date: Wed, 10 Feb 2010 15:35:47 +0000
In-Reply-To: <90ccfc91002091135s64daaab1n141c92bff5095d64@mail.gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
You mentioned this was a student network. Could it be your students are run=
ning bit torrent clients and your ISP doesn't like that so they are rate li=
miting you? This might explain why apple loads and facebook doesn't. I do n=
ot know much about facebooks architecture, but I would guess they would use=
a CDN or have their own so the facebook traffic would stay entirely in you=
r ISP's network(less need to rate limit) and apples traffic may need to go =
through a peer.=20
Or, could it be your students are running bit torrent and exhausting the st=
ate tables on your firewall.=20
Dylan Ebner, Network Engineer
Consulting Radiologists, Ltd.
-----Original Message-----
From: Andrey Gordon [mailto:andrey.gordon@gmail.com]=20
Sent: Tuesday, February 09, 2010 1:35 PM
To: Nanog
Subject: black listing of web traffic
Hi list
I have a problem that I can't seem to find a solution to yet. My student
network is being NATted out and anyone who's on that network had troubles
accessing random websites.
For example, going to www.apple.com or www.facebook.com would work great,
but store.apple.com would either not load or take forever to open up.
I've had that problem last week and thought I tracked it down to the NAT ip
being black listed with one of the span black lists. Even though that IP is
not used for mail out, that somehow seemed to affect it. Changing it to a
different one seemed to solve the problem and I got that original address o=
f
the list in the mean time. Changed it back and everything was well, until
today.
Same symptoms, but now I don't see us listed anywhere.
The best description of the symptoms seems to be that that IP is rate
limited or something.
Anyone seen that? Are there any blacklists for web access?
PS. I checked everything under my control and i don't see a bottle neck
anywhere or anything like and IPS working up or something....
-----
Andrey Gordon [andrey.gordon@gmail.com]
