black listing of web traffic
dylan.ebner at crlmed.com
Wed Feb 10 09:35:47 CST 2010
You mentioned this was a student network. Could it be your students are running bit torrent clients and your ISP doesn't like that so they are rate limiting you? This might explain why apple loads and facebook doesn't. I do not know much about facebooks architecture, but I would guess they would use a CDN or have their own so the facebook traffic would stay entirely in your ISP's network(less need to rate limit) and apples traffic may need to go through a peer.
Or, could it be your students are running bit torrent and exhausting the state tables on your firewall.
Dylan Ebner, Network Engineer
Consulting Radiologists, Ltd.
From: Andrey Gordon [mailto:andrey.gordon at gmail.com]
Sent: Tuesday, February 09, 2010 1:35 PM
Subject: black listing of web traffic
I have a problem that I can't seem to find a solution to yet. My student
network is being NATted out and anyone who's on that network had troubles
accessing random websites.
For example, going to www.apple.com or www.facebook.com would work great,
but store.apple.com would either not load or take forever to open up.
I've had that problem last week and thought I tracked it down to the NAT ip
being black listed with one of the span black lists. Even though that IP is
not used for mail out, that somehow seemed to affect it. Changing it to a
different one seemed to solve the problem and I got that original address of
the list in the mean time. Changed it back and everything was well, until
Same symptoms, but now I don't see us listed anywhere.
The best description of the symptoms seems to be that that IP is rate
limited or something.
Anyone seen that? Are there any blacklists for web access?
PS. I checked everything under my control and i don't see a bottle neck
anywhere or anything like and IPS working up or something....
Andrey Gordon [andrey.gordon at gmail.com]
More information about the NANOG