What is up with 170.36.0.0/16
Josh Richards
jrichard at cubicle.net
Thu Jun 14 15:22:35 UTC 2001
* Erik Antelman <erik at nombas.com> [20010614 07:47]:
>
> Is someone renumbering around this area?
> My motivation is to understand the mechanisms and techniques \
> by which a non-privelaged user (ie someone without login access to a BGP fed
> router) would diagnose (characterize, locate, identify, etc..) failure to
> reach a large corporations mail servers (1/2 of the MX servers for
> fleet.com)
Here's some of that stuff I'd do:
Grab a list of their MX servers and use the standard tools to check them out:
* Public looking glasses (which will allow even someone without access
to their own BGP router to check out a reasonable sample of global
routing tables). If you're lucky you may even may able to find a
looking glass in the immediate upstream AS from the site you are
having trouble reaching.
* whois (I highly recommend installing/using the GeekTools proxy to make
querying the various whois servers that may be relevant to your query).
* traceroute/ping (network connectivity)
* nslookup/dig (find out all of the MX servers involved)
* log files on relay hosts you control or otherwise have access to
> RADB has nothing on this, a New York QWEST looking glass says:
> Query: bgp
> IP address: 170.36.73.11
> Location: New York
> Timeout: 20 seconds
>
> % Network not in table
>
> What's up?
Just what it says. They don't appear to be announcing their block. :-)
(same results here from several boxes I checked, BTW)
Note though that only two of their MX boxes are in that block:
fleet.com preference = 30, mail exchanger = bkb-bh.bkb.com
fleet.com preference = 40, mail exchanger = testmail.fleet.com
fleet.com preference = 10, mail exchanger = sweeper.bkb.com
fleet.com preference = 20, mail exchanger = walmail.bkb.com
fleet.com preference = 10, mail exchanger = mail2.fleet.com
fleet.com preference = 20, mail exchanger = bosmail.bkb.com
fleet.com preference = 20, mail exchanger = fleet-cp.fleet.com
fleet.com nameserver = dnsauth3.sys.gtei.net
fleet.com nameserver = dnsauth1.sys.gtei.net
fleet.com nameserver = dnsauth2.sys.gtei.net
bkb-bh.bkb.com internet address = 204.167.53.66
testmail.fleet.com internet address = 170.36.73.48
sweeper.bkb.com internet address = 155.182.19.38
walmail.bkb.com internet address = 32.97.32.201
mail2.fleet.com internet address = 170.36.73.11
bosmail.bkb.com internet address = 204.167.53.91
fleet-cp.fleet.com internet address = 199.95.175.66
dnsauth3.sys.gtei.net internet address = 4.2.49.4
dnsauth1.sys.gtei.net internet address = 4.2.49.2
dnsauth2.sys.gtei.net internet address = 4.2.49.3
Have you tried contacting the technical contact listed in the WHOIS record?
Or perhaps GTEI (Genuity) who appears to be their service provider?
-jr
----
Josh Richards <jrichard@{ geekresearch.com, cubicle.net }> [JTR38/JR539-ARIN]
Geek Research, LLC - San Luis Obispo, CA - <URL:http://www.geekresearch.com/>
KG6CYK - IP/Unix/telecom/knowledge/coffee/security/crypto/business/geek
More information about the NANOG
mailing list