cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Do Some Gateways Block Certain Sites?

billnotben
Community Veteran
Posts: 7,691
Thanks: 2,170
Fixes: 2
Registered: ‎23-09-2010

Do Some Gateways Block Certain Sites?

‎27-04-2012 5:43 PM

Do some gateways block certain sites?
I can't help noticing that sometimes it appears that a site is down but when you check, say on a place like "website down" it often says it isn't.
For instance today I've been unable to access the filefactory website. No problem with the internet in general. So I disconnect the internet connection and re-connect (to pcl-ag06 apparently) and now filefactory pops up as fast as any other page.
So the question is are all gateways equal?
Message 1 of 84
(17,192 Views)
0 Thanks
83 REPLIES 83
ejs
Aspiring Hero
Posts: 5,442
Thanks: 631
Fixes: 25
Registered: ‎10-06-2010

Re: Do Some Gateways Block Certain Sites?

‎27-04-2012 5:47 PM

That kind of thing is only due to some misconfiguration that only affects some gateways but not others.
Message 2 of 84
(1,604 Views)
0 Thanks
RPMozley
Pro
Posts: 1,339
Thanks: 83
Fixes: 13
Registered: ‎04-11-2011

Re: Do Some Gateways Block Certain Sites?

‎28-04-2012 1:11 AM

Well I'm currently connected to gateway ptn-ag01 and I can't access filefactory.com it simply keeps timing out. DNS lookups and trace routes seem to return correct results.
That's RPM to you!!
Message 3 of 84
(1,604 Views)
0 Thanks
Anotherone
Champion
Posts: 19,107
Thanks: 457
Fixes: 21
Registered: ‎31-08-2007

Re: Do Some Gateways Block Certain Sites?

‎28-04-2012 1:57 AM

pcl-ag02 here. Got to www.filefactory.com with no problems, tried it several times now.
It won't be a case of some gateways blocking certain websites, but I still suspect some sort of DNS issue with some gateways.
Message 4 of 84
(1,604 Views)
0 Thanks
RPMozley
Pro
Posts: 1,339
Thanks: 83
Fixes: 13
Registered: ‎04-11-2011

Re: Do Some Gateways Block Certain Sites?

‎28-04-2012 2:10 AM

DNS? I'm not sure that's the problem as I'm using OpenDNS for all my lookups. Maybe more likely a routing issue with this gateway I'm currently on.
That's RPM to you!!
Message 5 of 84
(1,604 Views)
0 Thanks
ejs
Aspiring Hero
Posts: 5,442
Thanks: 631
Fixes: 25
Registered: ‎10-06-2010

Re: Do Some Gateways Block Certain Sites?

‎28-04-2012 8:12 AM

Probably something to do with messed up IWF filtering. I can access the site.
Regular traceroute:
traceroute filefactory.com
traceroute to filefactory.com (85.17.172.100), 30 hops max, 60 byte packets
 1  192.168.0.1 (192.168.0.1)  4.027 ms  5.315 ms  5.783 ms
 2  lo0-central1.pcl-ag01.plus.net (195.166.128.232)  30.492 ms  31.797 ms  33.454 ms
 3  gi1-8-112.pcl-gw02.plus.net (84.92.6.2)  108.756 ms  111.283 ms  111.755 ms
 4  tun0.pcl-gw01.plus.net (212.159.2.105)  112.778 ms  113.348 ms  113.831 ms
 5  flowers2.servers.plus.net.uk (212.159.2.98)  41.100 ms  42.444 ms  44.364 ms
 6  xe-11-1-0.edge3.London2.Level3.net (212.187.201.209)  47.135 ms  44.367 ms  45.498 ms
 7  ae-0-11.edge4.London2.Level3.net (4.69.200.126)  46.516 ms  20.900 ms  22.186 ms
 8  ae-3-3.ebr1.London1.Level3.net (4.69.141.189)  24.717 ms  26.064 ms  28.763 ms
 9  vlan103.ebr2.London1.Level3.net (4.69.143.94)  31.224 ms vlan101.ebr2.London1.Level3.net (4.69.143.86)  32.420 ms  34.169 ms
10  ae-47-47.ebr2.Amsterdam1.Level3.net (4.69.143.77)  46.159 ms  48.242 ms ae-46-46.ebr2.Amsterdam1.Level3.net (4.69.143.73)  28.536 ms
11  ae-57-222.csw2.Amsterdam1.Level3.net (4.69.153.206)  36.883 ms ae-56-221.csw2.Amsterdam1.Level3.net (4.69.153.202)  31.209 ms ae-59-224.csw2.Amsterdam1.Level3.net (4.69.153.214)  33.686 ms
12  4.69.162.158 (4.69.162.158)  31.264 ms 4.69.162.146 (4.69.162.146)  30.731 ms  30.009 ms
13  FIBERRING-B.edge5.Amsterdam1.Level3.net (212.72.41.142)  34.158 ms  35.052 ms  27.881 ms
14  po100.hv1.evo.leaseweb.net (85.17.100.222)  33.509 ms  36.741 ms  37.242 ms
15  85.17.172.100 (85.17.172.100)  37.669 ms  38.093 ms  39.476 ms

Suspiciously short traceroute using TCP to port 80 (HTTP):
traceroute -T -p 80 www.filefactory.com
traceroute to www.filefactory.com (85.17.172.100), 30 hops max, 60 byte packets
 1  192.168.0.1 (192.168.0.1)  2.355 ms  4.228 ms  6.017 ms
 2  lo0-central1.pcl-ag01.plus.net (195.166.128.232)  23.530 ms  24.631 ms  28.085 ms
 3  gi1-8-112.pcl-gw02.plus.net (84.92.6.2)  30.647 ms  31.084 ms  31.644 ms
 4  tun0.pcl-gw01.plus.net (212.159.2.105)  33.942 ms  35.752 ms  37.074 ms
 5  85.17.172.100 (85.17.172.100)  38.971 ms  41.510 ms  43.925 ms
Message 6 of 84
(1,604 Views)
0 Thanks
jelv
Seasoned Hero
Posts: 26,785
Thanks: 971
Fixes: 10
Registered: ‎10-04-2007

Re: Do Some Gateways Block Certain Sites?

‎28-04-2012 6:15 PM

I believe it's more usually a MTU configuration issue that causes this type of problem. In the past I've had sites where I could only access them via a particular gateway if I lowered my MTU.
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£14.40/month)
Mobile: iD mobile (£4/month)
Message 7 of 84
(1,604 Views)
0 Thanks
Anotherone
Champion
Posts: 19,107
Thanks: 457
Fixes: 21
Registered: ‎31-08-2007

Re: Do Some Gateways Block Certain Sites?

‎28-04-2012 6:26 PM

So we've got a choice of DNS, IWF or MTU  Grin
I must admit my suggestion about DNS was a bit of a wild one, only because of DNS issues I do see from time to time with PN. Must get round to putting Open DNS into the system which leads me onto another point.
RPM don't Open DNS not look up certain sites (eg. the type of site on IWF's lists)? I don't know, only something that was implied on another thread.
Message 8 of 84
(1,604 Views)
0 Thanks
billnotben
Community Veteran
Posts: 7,691
Thanks: 2,170
Fixes: 2
Registered: ‎23-09-2010

Re: Do Some Gateways Block Certain Sites?

‎28-04-2012 8:31 PM

I'll have to start noting what gateway I'm on. Previous to that dodgy one I was having trouble downloading the updates for Malwarebytes. It would take so long in loading each tiny update that the program kept coming up as not responding. Even though leaving it for a couple of minutes it would get there in the end. Even deleted the program database to see if a complete download would make any difference.
After a internet reconnect the problem disappeared. Maybe a coincidence? But then the FF problem surfaced.
I'm using Plusnets usual DNS.  I have used Open DNS back in the days of dial-up but I wouldn't use it now as I think it's too messed about with especially now considering the American stance on all things internet.
Message 9 of 84
(1,604 Views)
0 Thanks
RPMozley
Pro
Posts: 1,339
Thanks: 83
Fixes: 13
Registered: ‎04-11-2011

Re: Do Some Gateways Block Certain Sites?

‎28-04-2012 9:03 PM

Quote from: Anotherone
RPM, don't Open DNS not look up certain sites (eg. the type of site on IWF's lists)? I don't know, only something that was implied on another thread.

Open DNS certainly has a filtering system but if anything is blocked it will show a page that says that domain is not allowed. I've not seen any blocking that simply times out.
As a DNS solution OpenDNS is less likely to be 'messed around' by the US gov. compared to traditional ISP DNS services. But that's just my opinion.
That's RPM to you!!
Message 10 of 84
(1,604 Views)
0 Thanks
jelv
Seasoned Hero
Posts: 26,785
Thanks: 971
Fixes: 10
Registered: ‎10-04-2007

Re: Do Some Gateways Block Certain Sites?

‎28-04-2012 10:14 PM

If you don't trust OpenDNS (I don't) you could try Google's (8.8.8.8, 8.8.4.4) or those provided by Level 3 (4.2.2.1, 4.2.2.2, 4.2.2.3, 4.2.2.4, 4.2.2.5, 4.2.2.6)
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£14.40/month)
Mobile: iD mobile (£4/month)
Message 11 of 84
(1,604 Views)
0 Thanks
Anonymous
Not applicable

Re: Do Some Gateways Block Certain Sites?

‎28-04-2012 11:08 PM

I regularly benchmark a range of DNSes to ensure my network is getting the fastest and most reliable address lookups.
My current second choice (after OpenDNS) is Norton DNS.  It is faster and more reliable than Google DNS, and way faster than Plusnet DNS.
https://dns.norton.com/dnsweb/dnsForHome.do
http://en.wikipedia.org/wiki/Norton_DNS

The "Level 3" DNS addresses (listed by Jelv) are very fast, but frequently one or more of those listed seem to randomly get temporarily overloaded, so if you are unlucky enough to have specified one in your DNS settings that has gone slow, then you might experience variable results.  Fortunately this does not effect my network, as my home built local DNS server will send multiple simultaneous upstream lookup requests (to a list of different DNS servers) and only use the fastest valid reply to update it's cache - so if the odd "Level 3" DNS is temporarily unresponsive, then my server will use the fastest result from one of the others and ignore the slower responses.
Message 12 of 84
(1,604 Views)
0 Thanks
jelv
Seasoned Hero
Posts: 26,785
Thanks: 971
Fixes: 10
Registered: ‎10-04-2007

Re: Do Some Gateways Block Certain Sites?

‎28-04-2012 11:27 PM

You have to check which of the Level 3 ones to use by doing a tracert to find where they are.
C:\Users\John>tracert 4.2.2.1
Tracing route to vnsc-pri.sys.gtei.net [4.2.2.1]
over a maximum of 30 hops:
  1     1 ms     1 ms     1 ms  dg834 [192.168.0.1]
  2    15 ms    15 ms    14 ms  lo0-central3.pcl-ag03.plus.net [195.166.128.240]
  3   173 ms    14 ms    14 ms  gi1-7-331.pcl-gw01.plus.net [84.92.6.80]
  4    13 ms    14 ms    13 ms  ae3.pcl-cr01.plus.net [195.166.129.40]
  5    15 ms    26 ms    13 ms  xe-11-1-0.edge3.London2.Level3.net [212.187.201.209]
  6    24 ms    14 ms    14 ms  ae-0-11.edge4.London2.Level3.net [4.69.200.126]
  7    21 ms    14 ms    14 ms  ae-3-3.ebr1.London1.Level3.net [4.69.141.189]
  8    14 ms    18 ms    24 ms  ae-58-113.csw1.London1.Level3.net [4.69.153.122]
  9   194 ms    14 ms   212 ms  ae-12-51.car2.London1.Level3.net [4.69.139.67]
 10    15 ms    14 ms    14 ms  vnsc-pri.sys.gtei.net [4.2.2.1]
Trace complete.
C:\Users\John>tracert 4.2.2.2
Tracing route to vnsc-bak.sys.gtei.net [4.2.2.2]
over a maximum of 30 hops:
  1     1 ms     1 ms     1 ms  dg834 [192.168.0.1]
  2   140 ms    14 ms    14 ms  lo0-central3.pcl-ag03.plus.net [195.166.128.240]
  3    15 ms    14 ms    14 ms  gi1-7-331.pcl-gw01.plus.net [84.92.6.80]
  4    14 ms    12 ms    13 ms  ae3.pcl-cr01.plus.net [195.166.129.40]
  5    14 ms    14 ms    13 ms  xe-11-1-0.edge3.London2.Level3.net [212.187.201.209]
  6    14 ms    14 ms    14 ms  ae-0-11.edge4.London2.Level3.net [4.69.200.126]
  7    15 ms    14 ms    14 ms  ae-3-3.ebr1.London1.Level3.net [4.69.141.189]
  8    14 ms    15 ms    14 ms  vlan102.ebr2.London1.Level3.net [4.69.143.90]
  9    35 ms    24 ms    23 ms  ae-23-23.ebr2.Frankfurt1.Level3.net [4.69.148.194]
 10    26 ms    24 ms    23 ms  ae-82-82.csw3.Frankfurt1.Level3.net [4.69.140.26]
 11    25 ms    24 ms    24 ms  ae-31-80.car1.Frankfurt1.Level3.net [4.69.154.131]
 12    24 ms    25 ms    24 ms  vnsc-bak.sys.gtei.net [4.2.2.2]
Trace complete.
C:\Users\John>tracert 4.2.2.3
Tracing route to vnsc-lc.sys.gtei.net [4.2.2.3]
over a maximum of 30 hops:
  1     1 ms     1 ms     1 ms  dg834 [192.168.0.1]
  2    15 ms    14 ms    14 ms  lo0-central3.pcl-ag03.plus.net [195.166.128.240]
  3    14 ms    13 ms    13 ms  gi1-7-331.pcl-gw01.plus.net [84.92.6.80]
  4    15 ms    69 ms    14 ms  ae3.pcl-cr01.plus.net [195.166.129.40]
  5    14 ms    16 ms    14 ms  xe-11-1-0.edge3.London2.Level3.net [212.187.201.209]
  6    14 ms    14 ms    14 ms  ae-0-11.edge4.London2.Level3.net [4.69.200.126]
  7    14 ms    14 ms    14 ms  ae-3-3.ebr1.London1.Level3.net [4.69.141.189]
  8    14 ms    14 ms    21 ms  ae-57-112.csw1.London1.Level3.net [4.69.153.118]
  9    16 ms    15 ms    14 ms  ae-12-51.car2.London1.Level3.net [4.69.139.67]
 10    15 ms    15 ms    16 ms  vnsc-lc.sys.gtei.net [4.2.2.3]
Trace complete.
C:\Users\John>tracert 4.2.2.4
Tracing route to 4.2.2.4 over a maximum of 30 hops
  1     3 ms     2 ms     2 ms  dg834 [192.168.0.1]
  2    15 ms    15 ms    26 ms  lo0-central3.pcl-ag03.plus.net [195.166.128.240]
  3    15 ms    14 ms    14 ms  gi1-7-331.pcl-gw01.plus.net [84.92.6.80]
  4    14 ms    14 ms    13 ms  ae3.pcl-cr01.plus.net [195.166.129.40]
  5    14 ms    14 ms    14 ms  xe-11-1-0.edge3.London2.Level3.net [212.187.201.209]
  6    14 ms    14 ms    14 ms  ae-0-11.edge4.London2.Level3.net [4.69.200.126]
  7    15 ms    14 ms    14 ms  ae-3-3.ebr1.London1.Level3.net [4.69.141.189]
  8    14 ms    14 ms    14 ms  vlan104.ebr2.London1.Level3.net [4.69.143.98]
  9    25 ms    24 ms    23 ms  ae-22-22.ebr2.Frankfurt1.Level3.net [4.69.148.190]
 10    30 ms    23 ms    24 ms  ae-72-72.csw2.Frankfurt1.Level3.net [4.69.140.22]
 11     *       24 ms     *     ae-21-70.car1.Frankfurt1.Level3.net [4.69.154.67]
 12    24 ms    24 ms    24 ms  4.2.2.4
Trace complete.
C:\Users\John>tracert 4.2.2.5
Tracing route to 4.2.2.5 over a maximum of 30 hops
  1     2 ms     2 ms     2 ms  dg834 [192.168.0.1]
  2    26 ms    50 ms    14 ms  lo0-central3.pcl-ag03.plus.net [195.166.128.240]
  3    15 ms    14 ms    15 ms  gi1-7-331.pcl-gw01.plus.net [84.92.6.80]
  4    14 ms    14 ms    14 ms  ae3.pcl-cr01.plus.net [195.166.129.40]
  5    14 ms    13 ms    14 ms  xe-11-1-0.edge3.London2.Level3.net [212.187.201.209]
  6    14 ms    14 ms    14 ms  ae-0-11.edge4.London2.Level3.net [4.69.200.126]
  7    14 ms    14 ms    14 ms  ae-3-3.ebr1.London1.Level3.net [4.69.141.189]
  8    14 ms    14 ms    20 ms  ae-57-112.csw1.London1.Level3.net [4.69.153.118]
  9    14 ms    14 ms    14 ms  ae-12-51.car2.London1.Level3.net [4.69.139.67]
 10    14 ms    14 ms    14 ms  4.2.2.5
Trace complete.
C:\Users\John>tracert 4.2.2.6
Tracing route to 4.2.2.6 over a maximum of 30 hops
  1     3 ms     2 ms     2 ms  dg834 [192.168.0.1]
  2    34 ms    23 ms    20 ms  lo0-central3.pcl-ag03.plus.net [195.166.128.240]
  3    14 ms    14 ms    13 ms  gi1-7-331.pcl-gw01.plus.net [84.92.6.80]
  4    14 ms    13 ms    14 ms  ae3.pcl-cr01.plus.net [195.166.129.40]
  5    14 ms    13 ms    14 ms  xe-11-1-0.edge3.London2.Level3.net [212.187.201.209]
  6    14 ms    13 ms    14 ms  ae-0-11.edge4.London2.Level3.net [4.69.200.126]
  7    14 ms    13 ms    14 ms  ae-3-3.ebr1.London1.Level3.net [4.69.141.189]
  8    27 ms    14 ms    15 ms  vlan104.ebr2.London1.Level3.net [4.69.143.98]
  9    32 ms    24 ms    23 ms  ae-21-21.ebr2.Frankfurt1.Level3.net [4.69.148.186]
 10    24 ms    23 ms    23 ms  ae-92-92.csw4.Frankfurt1.Level3.net [4.69.140.30]
 11     *       25 ms     *     ae-41-90.car1.Frankfurt1.Level3.net [4.69.154.195]
 12    24 ms    24 ms    24 ms  4.2.2.6
Trace complete.

Based on that I suggest 1,3 and 5 are the ones to use. Does that tie up with your benchmark results?
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£14.40/month)
Mobile: iD mobile (£4/month)
Message 13 of 84
(1,605 Views)
0 Thanks
Anonymous
Not applicable

Re: Do Some Gateways Block Certain Sites?

‎28-04-2012 11:38 PM

Yes I just ran my full benchmark, and those you listed are currently the fastest.
 Final benchmark results, sorted by nameserver performance:
 (average cached name retrieval speed, fastest to slowest)
    4.  2.  2.  1 |  Min  |  Avg  |  Max  |Std.Dev|Reliab%|
  ----------------+-------+-------+-------+-------+-------+
  - Cached Name   | 0.029 | 0.034 | 0.038 | 0.001 | 100.0 |
  - Uncached Name | 0.031 | 0.108 | 0.396 | 0.099 | 100.0 |
  - DotCom Lookup | 0.042 | 0.072 | 0.138 | 0.029 | 100.0 |
  ---<-------->---+-------+-------+-------+-------+-------+
                  vnsc-pri.sys.gtei.net
                 Level 3 Communications

    4.  2.  2.  3 |  Min  |  Avg  |  Max  |Std.Dev|Reliab%|
  ----------------+-------+-------+-------+-------+-------+
  - Cached Name   | 0.029 | 0.035 | 0.040 | 0.002 | 100.0 |
  - Uncached Name | 0.036 | 0.106 | 0.360 | 0.095 | 100.0 |
  - DotCom Lookup | 0.043 | 0.066 | 0.138 | 0.025 | 100.0 |
  ---<-------->---+-------+-------+-------+-------+-------+
                  vnsc-lc.sys.gtei.net
                 Level 3 Communications

    4.  2.  2.  5 |  Min  |  Avg  |  Max  |Std.Dev|Reliab%|
  ----------------+-------+-------+-------+-------+-------+
  - Cached Name   | 0.023 | 0.035 | 0.042 | 0.003 | 100.0 |
  - Uncached Name | 0.035 | 0.110 | 0.416 | 0.098 | 100.0 |
  - DotCom Lookup | 0.037 | 0.067 | 0.178 | 0.027 | 100.0 |
  ---<-------->---+-------+-------+-------+-------+-------+
          ··· no official Internet DNS name ···
                 Level 3 Communications

    4.  2.  2.  4 |  Min  |  Avg  |  Max  |Std.Dev|Reliab%|
  ----------------+-------+-------+-------+-------+-------+
  - Cached Name   | 0.039 | 0.044 | 0.050 | 0.002 | 100.0 |
  - Uncached Name | 0.042 | 0.120 | 0.376 | 0.094 | 100.0 |
  - DotCom Lookup | 0.045 | 0.065 | 0.141 | 0.020 | 100.0 |
  ---<-------->---+-------+-------+-------+-------+-------+
          ··· no official Internet DNS name ···
                 Level 3 Communications

    4.  2.  2.  6 |  Min  |  Avg  |  Max  |Std.Dev|Reliab%|
  ----------------+-------+-------+-------+-------+-------+
  - Cached Name   | 0.041 | 0.044 | 0.048 | 0.001 | 100.0 |
  - Uncached Name | 0.040 | 0.120 | 0.364 | 0.094 | 100.0 |
  - DotCom Lookup | 0.045 | 0.070 | 0.161 | 0.029 | 100.0 |
  ---<-------->---+-------+-------+-------+-------+-------+
          ··· no official Internet DNS name ···
                 Level 3 Communications

    4.  2.  2.  2 |  Min  |  Avg  |  Max  |Std.Dev|Reliab%|
  ----------------+-------+-------+-------+-------+-------+
  - Cached Name   | 0.041 | 0.046 | 0.052 | 0.003 | 100.0 |
  - Uncached Name | 0.034 | 0.175 | 1.245 | 0.200 | 100.0 |
  - DotCom Lookup | 0.039 | 0.124 | 0.409 | 0.095 | 100.0 |
  ---<-------->---+-------+-------+-------+-------+-------+
                  vnsc-bak.sys.gtei.net
                 Level 3 Communications
Message 14 of 84
(1,605 Views)
0 Thanks
RPMozley
Pro
Posts: 1,339
Thanks: 83
Fixes: 13
Registered: ‎04-11-2011

Re: Do Some Gateways Block Certain Sites?

‎29-04-2012 3:04 AM

Ah, kind of going off topic with all the DNS discussion. I don't think anyone has proved that DNS was the original issue. I'm not saying I don't find the DNS talk interesting, because it is interesting to me but maybe best to leave it at that (for the sake of the thread).
That's RPM to you!!
Message 15 of 84
(1,605 Views)
0 Thanks