[38788] in North American Network Operators' Group
Re: What is up with 170.36.0.0/16
daemon@ATHENA.MIT.EDU (Josh Richards)
Thu Jun 14 11:59:39 2001
Date: Thu, 14 Jun 2001 08:22:35 -0700
From: Josh Richards <jrichard@cubicle.net>
To: nanog@merit.edu
Message-ID: <20010614082235.A3479@cubicle.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <001301c0f4e6$ae6c9160$b088b5cd@Eric>; from erik@nombas.com on Thu, Jun 14, 2001 at 11:28:36AM -0400
Errors-To: owner-nanog-outgoing@merit.edu
* Erik Antelman <erik@nombas.com> [20010614 07:47]:
>
> Is someone renumbering around this area?
> My motivation is to understand the mechanisms and techniques \
> by which a non-privelaged user (ie someone without login access to a BGP fed
> router) would diagnose (characterize, locate, identify, etc..) failure to
> reach a large corporations mail servers (1/2 of the MX servers for
> fleet.com)
Here's some of that stuff I'd do:
Grab a list of their MX servers and use the standard tools to check them out:
* Public looking glasses (which will allow even someone without access
to their own BGP router to check out a reasonable sample of global
routing tables). If you're lucky you may even may able to find a
looking glass in the immediate upstream AS from the site you are
having trouble reaching.
* whois (I highly recommend installing/using the GeekTools proxy to make
querying the various whois servers that may be relevant to your query).
* traceroute/ping (network connectivity)
* nslookup/dig (find out all of the MX servers involved)
* log files on relay hosts you control or otherwise have access to
> RADB has nothing on this, a New York QWEST looking glass says:
> Query: bgp
> IP address: 170.36.73.11
> Location: New York
> Timeout: 20 seconds
>
> % Network not in table
>
> What's up?
Just what it says. They don't appear to be announcing their block. :-)
(same results here from several boxes I checked, BTW)
Note though that only two of their MX boxes are in that block:
fleet.com preference = 30, mail exchanger = bkb-bh.bkb.com
fleet.com preference = 40, mail exchanger = testmail.fleet.com
fleet.com preference = 10, mail exchanger = sweeper.bkb.com
fleet.com preference = 20, mail exchanger = walmail.bkb.com
fleet.com preference = 10, mail exchanger = mail2.fleet.com
fleet.com preference = 20, mail exchanger = bosmail.bkb.com
fleet.com preference = 20, mail exchanger = fleet-cp.fleet.com
fleet.com nameserver = dnsauth3.sys.gtei.net
fleet.com nameserver = dnsauth1.sys.gtei.net
fleet.com nameserver = dnsauth2.sys.gtei.net
bkb-bh.bkb.com internet address = 204.167.53.66
testmail.fleet.com internet address = 170.36.73.48
sweeper.bkb.com internet address = 155.182.19.38
walmail.bkb.com internet address = 32.97.32.201
mail2.fleet.com internet address = 170.36.73.11
bosmail.bkb.com internet address = 204.167.53.91
fleet-cp.fleet.com internet address = 199.95.175.66
dnsauth3.sys.gtei.net internet address = 4.2.49.4
dnsauth1.sys.gtei.net internet address = 4.2.49.2
dnsauth2.sys.gtei.net internet address = 4.2.49.3
Have you tried contacting the technical contact listed in the WHOIS record?
Or perhaps GTEI (Genuity) who appears to be their service provider?
-jr
----
Josh Richards <jrichard@{ geekresearch.com, cubicle.net }> [JTR38/JR539-ARIN]
Geek Research, LLC - San Luis Obispo, CA - <URL:http://www.geekresearch.com/>
KG6CYK - IP/Unix/telecom/knowledge/coffee/security/crypto/business/geek
