[BBLISA] Amazon EC2 Oddly Rejecting Very Specific IP Addresses
Dean Anderson
dean at av8.com
Tue Apr 13 16:19:54 EDT 2010
The NAT _could_ statefully translate the ICMP packet addresses and
return the responses, but most NATs it seems also block ICMP. That's why
ICMP is failing at the first hop. But the solution is as Theo
describes. The customer needs a public IP that doesn't block ICMP.
--Dean
On Tue, 13 Apr 2010, Theo Van Dinter wrote:
> On Tue, Apr 13, 2010 at 1:03 PM, Richard 'Doc' Kinne <rkinne at aavso.org> wrote:
> > When my customer tries to do a traceroute from his place to my server he
> > doesn't even get out of his router:
> >
> > tracert 75.101.149.255
> > Tracing route to [75.101.149.255] over a maximum of 30 hops:
> > 1 1 ms <1 ms <1 ms www.routerlogin.com [10.1.1.1]
> > 2 * * * Request timed out.
> [...]
> > There is a part of me that thinks there may be something wrong somehow with
> > my customer's address. When I do a "whois" on the customer's address it
> > comes back as being owned by IANA, which doesn't seem right at all. Also
> > when I try a traceroute to his address *I* don't get past my router in two
> > totally separate locations (work, that has one ISP, and home, which has a
> > very different ISP).
>
> 10.0.0.0/8 is non-routable (http://www.faqs.org/rfcs/rfc1918.html),
> they'd have to go out through NAT. You'd want to get their public
> IP(s) if you want to do any lookups or poke from the outside.
>
> _______________________________________________
> bblisa mailing list
> bblisa at bblisa.org
> http://www.bblisa.org/mailman/listinfo/bblisa
>
>
--
Av8 Internet Prepared to pay a premium for better service?
www.av8.net faster, more reliable, better service
617 256 5494
More information about the bblisa
mailing list