[138459] in North American Network Operators' Group
Re: A BGP issue?
daemon@ATHENA.MIT.EDU (Greg Ihnen)
Tue Mar 8 08:52:39 2011
From: Greg Ihnen <os10rules@gmail.com>
In-Reply-To: <3EB9AA75-7CBE-4571-871A-CA4DC9A0A978@ianai.net>
Date: Tue, 8 Mar 2011 09:22:16 -0430
To: Patrick W. Gilmore <patrick@ianai.net>
Cc: North American Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Mar 7, 2011, at 10:19 PM, Patrick W. Gilmore wrote:
> On Mar 7, 2011, at 14:27, Greg Ihnen <os10rules@gmail.com> wrote:
>=20
>> I run a small network on a mission base in the Amazon jungle which is =
fed by a satellite internet connection. We had an outage from Feb 25th =
to the 28th where we had no connectivity with email, http/s, ftp, Skype =
would indicate it's connected but even chatting failed, basically =
everything stopped working except for ICMP. I could ping everywhere just =
fine. I started doing traceroutes and they all were very odd, all not =
reaching their destination and some hopping all over creation before =
dying. But if I did traceroute with ICMP it worked fine. Does this =
indicate our upstream (Bantel.net) had a BGP issue? Bantel blamed =
Hughesnet which is the service they resell. I'm wondering what kind of =
problem would let ping work fine but not any of the other protocols. It =
also seems odd that I could traceroute via UDP part way to a destination =
but then it would fail if the problem was my own provider. Thanks.
>>=20
>> If this is the wrong forum for this post I'm sorry and please just =
hit delete. If this is the wrong forum but you'd be kind enough to share =
your expertise please reply off-list. Thanks!
>=20
> Honestly, I would rate this as one of the most on-topic posts in a =
while.
>=20
> BGP only handles reachability, not higher level protocols. (Of =
course, you can h4x0r anything to do jus about anything, but we are =
talking the general case here.)
>=20
> If you can ping, BGP is working. If you can ping and cannot use TCP, =
then something other than BGP is at fault.=20
>=20
> I've seen strange things like someone enabling TCP compression (common =
on very small or very expensive links) one side but not the other, which =
then allowed ICMP and UDP but not TCP. It is a great way to annoy =
someone. "See, I can ping, it must be your side!"
>=20
> Have you tried TCP traceroute? Or telnetting to port 80?
>=20
> --=20
> TTFN,
> patrick
Patrick,
Thank you very much! Thank you to everyone else who replied.
I did try TCP traceroute and it failed too. I didn't have a =
machine to telnet to on port 80 but I did try an ssh tunnel on port 9999 =
and it failed too.
=46rom what everyone is saying it sounds like it was the =
satellite internet provider's compression scheme that was having trouble =
or some kind of an MTU issue.
What I don't understand is why when using traceroute UDP/TCP/GRE =
I could get replies from some routers but not all routers to the =
destination, and why some routes were bizarre. If it was a failure of =
the sat internet provider's compression scheme or an MTU issue wouldn't =
traceroute UDP/TCP/GRE fail completely? What could have happened to my =
packets that would make them go only part way or go the wrong way?
According to our satellite internet service provider Bantel the =
outage was system wide.
Thank again!
Greg=
