Looking for GBLX contact + check your ACL for 66.249.96.0/20 please :)

Swen Wulf swulf at phonoscope.com
Mon Feb 16 23:09:41 UTC 2009


Hello,

We have been assigned 66.249.96.0/20 in April of 2008. Little did we  
know that this network was used by a spammer in 2004 (Lightwave  
Transit) and with this is deeply
embedded in a lot of ACL's that seem to be unmaintained.

If a GLBX engineer could take a look, it seems traffic originating  
from 66.249.96.0/20 can't reach some website when passing thru GBLX.  
Other prefixes we announce from our AS (22442) such as 66.60.224.0/20  
don't have this problem.

Customer with source of 66.249.106.112/27 can't get to the website of www.ups.com 
  (72.246.89.243 (akamai)).

core1#traceroute 72.246.89.243 source 66.249.106.113

Type escape sequence to abort.
Tracing the route to a72-246-89-243.deploy.akamaitechnologies.com  
(72.246.89.243)

   1 ge-1-11.r03.hstntx01.us.bb.gin.ntt.net (128.241.5.1) 0 msec 0  
msec 0 msec
   2 xe-0-1-0.r20.hstntx01.us.bb.gin.ntt.net (129.250.2.228) [AS 2914]  
0 msec 0 msec 0 msec
   3 p64-1-3-0.r20.dllstx09.us.bb.gin.ntt.net (129.250.3.129) [AS  
2914] 8 msec 8 msec 8 msec
   4 po-2.r03.dllstx09.us.bb.gin.ntt.net (129.250.4.38) [AS 2914] 4  
msec 4 msec 8 msec
   5 xe-0.globalcrossing.dllstx09.us.bb.gin.ntt.net (129.250.8.190)  
[AS 2914] 4 msec 8 msec 4 msec
   6 te7-1-10G.ar2.DAL2.gblx.net (67.16.129.117) [AS 3549] 8 msec 12  
msec 4 msec
   7  *  *  *
   8  *  *

And from a different source IP from the same router

core1#traceroute 72.246.89.243 source 66.60.233.1

Type escape sequence to abort.
Tracing the route to a72-246-89-243.deploy.akamaitechnologies.com  
(72.246.89.243)

   1 ge-1-11.r03.hstntx01.us.bb.gin.ntt.net (128.241.5.1) 4 msec 0  
msec 0 msec
   2 xe-0-1-0.r20.hstntx01.us.bb.gin.ntt.net (129.250.2.228) [AS 2914]  
0 msec 4 msec 0 msec
   3 p64-1-3-0.r20.dllstx09.us.bb.gin.ntt.net (129.250.3.129) [AS  
2914] 8 msec 8 msec 8 msec
   4 po-2.r03.dllstx09.us.bb.gin.ntt.net (129.250.4.38) [AS 2914] 4  
msec 8 msec *
   5 xe-0.globalcrossing.dllstx09.us.bb.gin.ntt.net (129.250.8.190)  
[AS 2914] 4 msec 8 msec 8 msec
   6 te7-1-10G.ar2.DAL2.gblx.net (67.16.129.117) [AS 3549] 4 msec 8  
msec 8 msec
   7 PCCW-Global-Chicago-Dallas.te3-2.ar2.DAL2.gblx.net  
(64.211.211.186) [AS 3549] 200 msec 24 msec 212 msec
   8  *  *  *
   9

I tried an email to their puck noc email address, but without being a  
customer I can't open a ticket.

Thanks,
Swen Wulf
Network Security Manager
Email: swulf at phonoscope.com
Phone: 832-615-7743 (direct)
Fax: 832-213-0110
---
* Network Operations Center (NOC): 713-272-4600 (24x7x365)
---
          Phonoscope - moving at the speed of light




More information about the NANOG mailing list