GTT blocking IPv4 address 128.31.0.39

• Previous message (by thread): GTT blocking IPv4 address 128.31.0.39
• Next message (by thread): Welcome to 2023! Register NOW for NANOG 87 and Hackathon + Deadline for N87 Presentation Submissions is Monday.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Confirmed it with a router at AS8100, static routing 128.31.0.39 towards GTT
results in a blackhole and 128.31.0.1 works just fine, which means either
the IP address is null routed on GTT's network at the request of MIT (got to
give them the benefit of the doubt) or they are knowingly blocking Tor.

Ryan Hamel

-----Original Message-----
From: NANOG <nanog-bounces+ryan=rkhtech.org at nanog.org> On Behalf Of Neel
Chauhan
Sent: Tuesday, January 3, 2023 7:49 PM
To: nanog at nanog.org
Subject: GTT blocking IPv4 address 128.31.0.39

Hi,

I am a customer of ReliableSite in their New Jersey location, and RS uses
GTT as a transit ISP, along with Tata and Comcast.

GTT appears to be blocking the IPv4 address 128.31.0.39, and RS' BGP uses
GTT for 128.31.0.39.

neel at t1:~ % traceroute 128.31.0.39
traceroute to 128.31.0.39 (128.31.0.39), 64 hops max, 40 byte packets
  1  45.150.XXX.1 (45.150.XXX.1)  4.828 ms  4.557 ms  5.916 ms
  2  * * *
^C
neel at t1:~ %

Hop #2 which is generally the transit provider, GTT (which handles this
route).

Note: 45.150.XXX.1 is because it's a subnet I brought in, this is the only
ReliableSite hop.

The 128.31.0.0/24 doesn't appear to be blocked as a whole, only that
128.31.0.39. See below:

neel at t1:~ % traceroute 128.31.0.1
traceroute to 128.31.0.1 (128.31.0.1), 64 hops max, 40 byte packets
  1  45.150.XXX.1 (45.150.XXX.1)  0.241 ms  0.220 ms  9.362 ms
  2  ae9-300.cr2-nyc4.ip4.gtt.net (209.120.147.121)  1.605 ms  0.853 ms
1.173 ms
  3  ae3.cr1-nyc2.ip4.gtt.net (89.149.129.194)  5.488 ms  6.471 ms  1.451 ms
  4  be3088.ccr31.jfk04.atlas.cogentco.com (154.54.11.57)  1.604 ms
1.726 ms *
  5  be3363.ccr42.jfk02.atlas.cogentco.com (154.54.3.125)  1.802 ms
1.771 ms  1.708 ms
  6  be3472.ccr32.bos01.atlas.cogentco.com (154.54.46.33)  7.082 ms
7.268 ms  7.249 ms
  7  38.104.186.186 (38.104.186.186)  7.017 ms  7.247 ms  6.987 ms
  8  dmz-rtr-1-external-rtr-3.mit.edu (18.0.161.13)  7.010 ms  7.001 ms
6.996 ms
  9  dmz-rtr-2-dmz-rtr-1-2.mit.edu (18.0.162.6)  7.033 ms  7.294 ms
     dmz-rtr-2-dmz-rtr-1-1.mit.edu (18.0.161.6)  7.073 ms
10  guest.default.csail.mit.edu (128.31.0.1)  9.011 ms  7.484 ms  7.551 ms
neel at t1:~ %

As you can see here, GTT handles other 128.31.0.39 IPs fine as seen in hop
#2.

ReliableSite says they don't block the IP address, but I don't have any
contact at GTT or MIT.

My home ISP, Lumen/CenturyLink/Level 3 does not block 128.31.0.39.

128.31.0.39 is a Tor directory authority IP, which is usually a phonebook of
Tor relays. There are 9 in the world and the other 8 are unblocked from
ReliableSite.

Yes, I know Tor is all this 'bad stuff' but the reality is that 99% of Tor
users use it like a VPN, speaking as a Tor exit operator and code
contributor myself. Exit abuse complaints were super common 5-8 years ago
but are now super rare.

If someone works at GTT, can 128.31.0.39 be unblocked?

Best,

-Neel

---

https://www.neelc.org

• Previous message (by thread): GTT blocking IPv4 address 128.31.0.39
• Next message (by thread): Welcome to 2023! Register NOW for NANOG 87 and Hackathon + Deadline for N87 Presentation Submissions is Monday.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]