Custom query (902 matches)

Filters
 
or
 
  
 
Columns

Show under each result:


Results (55 - 57 of 902)

Ticket Resolution Summary Owner Reporter
#988 not broken IPv6 connectivity Clemens Schrimpe wesley.george@…
Description
I'm gathering from my trace routes that we're using some sort of tunnel
for IPv6. While I understand that sometimes tunnels are unavoidable (shame
on you L3!), is there any way that a secondary or replacement tunnel can
be terminated a little closer to our actual geographic/IPv4 path (e.g.
Miami), rather than in LA in order to avoid some of the tunnel-induced
stretch? Those of us trying to reach things over IPv6 on the East coast of
the US (or worse, Europe) could do without the extra transcontinental hop.
Hurricane has tunnel termination endpoints in many locations that would be
advantageous, and support BGP. https://tunnelbroker.net/

dhcp-b376:~ e158182$ traceroute6 2610:178:8::1
traceroute6 to 2610:178:8::1 (2610:178:8::1) from
2001:67c:370:176:1802:fd28:21ad:f998, 64 hops max, 12 byte packets
 1  2001:67c:370:176::2  15.195 ms  8.408 ms  5.088 ms
 2  2001:13b0:1:4::1  2.290 ms  2.021 ms  7.230 ms
 3  xe-0-0-5.lax22.ip6.gtt.net  153.070 ms  171.330 ms  149.873 ms
 4  xe-0-0-5.lax22.ip6.gtt.net  148.472 ms  147.259 ms  147.942 ms
 5  et-7-3-0.was10.ip6.gtt.net  181.282 ms  182.144 ms  186.616 ms
 6  as16668.ge-0-0-37-198.ar1.iad1.us.as4436.gtt.net  183.936 ms  190.716
ms  180.388 ms
 7  2610:178:ffff:7::4  179.363 ms  179.903 ms  180.802 ms
 8  2610:178:fff:fffc::2  190.304 ms  192.130 ms  201.137 ms

dhcp-b376:~ e158182$ traceroute6 ripe.net
traceroute6 to ripe.net (2001:67c:2e8:22::c100:68b) from
2001:67c:370:176:1802:fd28:21ad:f998, 64 hops max, 12 byte packets
 1  2001:67c:370:176::2  1.203 ms  1.357 ms  1.331 ms
 2  2001:13b0:1:4::1  2.128 ms  1.850 ms  1.987 ms
 3  xe-0-0-5.lax22.ip6.gtt.net  148.327 ms  190.806 ms  148.772 ms
 4  xe-0-0-5.lax22.ip6.gtt.net  147.872 ms  145.540 ms  146.473 ms
 5  et-9-1-0.ams20.ip6.gtt.net  310.816 ms  247.944 ms  247.662 ms
 6  surfnet-gw.ip6.gtt.net  263.186 ms  259.874 ms  276.546 ms
 7  gw.ipv6.amsix.nikrtr.ripe.net  261.234 ms  260.290 ms  278.850 ms
 8  gw.ipv6.amsix.nikrtr.ripe.net  267.455 ms !P  270.676 ms !P  345.798
ms !P


dhcp-b376:~ e158182$ traceroute6 www.facebook.com
traceroute6 to star-mini.c10r.facebook.com
(2a03:2880:1010:3f20:face:b00c::25de) from
2001:67c:370:176:1802:fd28:21ad:f998, 64 hops max, 12 byte packets
 1  2001:67c:370:176::2  3.706 ms  1.582 ms  1.662 ms
 2  2001:13b0:1:4::1  3.134 ms  1.837 ms  2.439 ms
 3  2001:450:2001:1000::670:1708:1142  144.942 ms  144.868 ms  145.338 ms
 4  2001:1900:4:3::79  147.691 ms  145.984 ms  146.841 ms
 5  vl-70.edge6.losangeles1.level3.net  149.108 ms
    vl-80.edge6.losangeles1.level3.net  145.773 ms
    vl-70.edge6.losangeles1.level3.net  146.851 ms
 6  vl-4060.edge6.losangeles1.level3.net  270.016 ms  237.919 ms  221.735
ms
 7  vl-4082.edge2.dallas1.level3.net  169.151 ms  168.206 ms
    vl-4083.edge2.dallas1.level3.net  168.563 ms
 8  facebook-in.edge2.dallas1.level3.net  169.764 ms  167.867 ms  167.593
ms
 9  be3.bb01.dfw1.tfbnw.net  189.040 ms
    be3.bb02.dfw1.tfbnw.net  189.759 ms
    be3.bb01.dfw1.tfbnw.net  202.147 ms
10  be19.bb02.ord1.tfbnw.net  189.504 ms
    be21.bb01.ord1.tfbnw.net  188.735 ms  189.485 ms
11  be7.bb02.atn1.tfbnw.net  197.267 ms
    ae7.bb03.atn1.tfbnw.net  189.977 ms
    be7.bb02.atn1.tfbnw.net  197.125 ms
12  ae2.dr06.atn1.tfbnw.net  197.923 ms
    ae1.dr05.atn1.tfbnw.net  188.921 ms
    ae2.dr06.atn1.tfbnw.net  188.747 ms
13  po21.fa01.atn2.tfbnw.net  189.066 ms
    po12.fa02.atn1.tfbnw.net  189.904 ms
    po509.csw01b.ash4.tfbnw.net  188.497 ms


Thanks,

Wes George


Anything below this line has been added by my company¹s mail server, I
have no control over it.
-----------


________________________________

This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout.
#1163 pending NAT64 issues panda@… wesgeorge@…
Description
Tested my setup with the NAT64 SSID today for a bit, found a few things that aren’t working. I don’t think that this is specifically a problem with the NAT64 implementation on the IETF network, but rather an interesting failure case I wanted to share that is mostly related to my specific setup.

Without VPN, just on standard NAT64:
Outlook Mac 2011 refuses to connect to exchange server owa.neustar.biz, even after closing and re-opening the app. This is normally reachable externally without a VPN over v4. Unclear if this is somehow a problem with Outlook 2011, I’m thinking maybe it doesn’t support IPv6 <-> Exchange in this version.
Trillian won't connect to AIM, Google Hangouts, FB, or Jabber (jabber.org <http://jabber.org/>) - this might be Trillian, as Hangouts and FB messenger works in the web client inside of Gmail.

With corporate VPN:
VPN connects and establishes a connection to a v4-only tunnel endpoint no problem, authenticates, etc. so far so good.
However, intranet sites are unreachable (“DNS probe finished, no internet” in Chrome), and Outlook still doesn’t work. I also can’t ssh to my jump host via either name or IP.

Relevant info - my company’s VPN is technically misconfigured, in that it allows split tunneling - IPv6 traffic bypasses the VPN when you are connected to a dual-stack network. My guess is that there are two issues here - one is that the provided DNS servers do not have entries for our internal stuff, and it seems like maybe DNS queries aren’t being redirected to the DNS servers that should have been provided by the VPN. The other is that somehow even the stuff that should have a route via IPv4 (i.e. internal 10.x hosts connecting directly via IP to bypass DNS) doesn’t seem to be redirecting over the VPN tunnel as expected. Appears that the VPN client isn’t installing the default IPv4 route when it connects over NAT64, maybe because of the 169.254 address present on the interface it’s using. Some output and other details that might help below.

Software used and versions:
MacOS 10.11.6 (El Cap)
VPN: Junos Pulse Secure       	5.1.5.61437, SSL/VPN
Outlook Mac 14.7.7
Chrome 62.0.3202.89
Trillian 6.0 (4)

This is the output for when VPN is active on the dual-stack network and IPv4 default is present:
wgeorge-mac:~ wgeorge$ netstat -nr
Routing tables

Internet:
Destination        Gateway            Flags        Refs      Use   Netif Expire
default            10.96.12.121       UGSc           24        0   utun0
default            31.133.128.1       UGScI          18        0     en0
10.96.12.121       10.96.12.121       UHr            26       40   utun0
10.96.12.121/32    link#11            UCS             1        0   utun0
31.133.128/20      link#5             UCS             4        0     en0
31.133.128.1       link#5             UHCS            1        0     en0
31.133.128.1/32    link#5             UCS             2        0     en0
31.133.128.1       0:0:5e:0:1:80      UHLWIir        21        0     en0   1109
31.133.129.38/32   link#5             UCS             1        0     en0
31.133.130.22      78:4f:43:96:d8:f4  UHLWIi          1        1     en0   1176
31.133.136.133     ac:bc:32:b0:99:7b  UHLWIi          1        1     en0   1114
127                127.0.0.1          UCS             1        0     lo0
127.0.0.1          127.0.0.1          UH              7  2363656     lo0
156.154.9.10       31.133.128.1       UGHCS           2        0     en0
156.154.9.10       31.133.128.1       UGHWIi          3      992     en0
169.254            link#5             UCS             1        0     en0
224.0.0            link#5             UmCS            2        0     en0
224.0.0.251        1:0:5e:0:0:fb      UHmLWI          1        0     en0
255.255.255.255/32 link#5             UCS             1        0     en0


Rest of the output is when VPN is active on the NAT64 SSID, note missing IPv4 default route:

wgeorge-mac:~ wgeorge$ netstat -nr
Routing tables

Internet:
Destination        Gateway            Flags        Refs      Use   Netif Expire
10.96.12.121       10.96.12.121       UH              1        0   utun0
127                127.0.0.1          UCS             1        0     lo0
127.0.0.1          127.0.0.1          UH              7  2363141     lo0
169.254            link#5             UCS             2        0     en0
169.254.142.41/32  link#5             UCS             1        0     en0
224.0.0            link#5             UmCS            2        0     en0
224.0.0.251        1:0:5e:0:0:fb      UHmLWI          1        0     en0
255.255.255.255/32 link#5             UCS             1        0     en0

Internet6:
Destination                             Gateway                         Flags         Netif Expire
default                                 fe80::1998:1%en0                UGc             en0
::1                                     ::1                             UHL             lo0
2001:67c:370:1998::/64                  link#5                          UC              en0
2001:67c:370:1998:6203:8ff:fea5:f3f0    60:3:8:a5:f3:f0                 UHL             lo0
2001:67c:370:1998:6409:1a83:671b:8cd2   60:3:8:a5:f3:f0                 UHL             lo0
2001:67c:370:1998:7598:e871:b5c2:737d   link#5                          UHLWIi          en0
fe80::%lo0/64                           fe80::1%lo0                     UcI             lo0
fe80::1%lo0                             link#1                          UHLI            lo0
fe80::%en0/64                           link#5                          UCI             en0
fe80::1998:1%en0                        0:0:5e:0:2:c6                   UHLWIir         en0
fe80::6203:8ff:fea5:f3f0%en0            60:3:8:a5:f3:f0                 UHLI            lo0
fe80::%awdl0/64                         link#9                          UCI           awdl0
fe80::dccc:bcff:fed6:1189%awdl0         de:cc:bc:d6:11:89               UHLI            lo0
ff01::%lo0/32                           ::1                             UmCI            lo0
ff01::%en0/32                           link#5                          UmCI            en0
ff01::%awdl0/32                         link#9                          UmCI          awdl0
ff02::%lo0/32                           ::1                             UmCI            lo0
ff02::%en0/32                           link#5                          UmCI            en0
ff02::%awdl0/32                         link#9                          UmCI          awdl0
wgeorge-mac:~ wgeorge$


ssh: Could not resolve hostname stnetcprveng01.va.neustar.com: nodename nor servname provided, or not known
wgeorge-mac:~ wgeorge$ dig stnetcpvreng01.va.neustar.com

; <<>> DiG 9.8.3-P1 <<>> stnetcpvreng01.va.neustar.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52947
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;stnetcpvreng01.va.neustar.com.	IN	A

;; AUTHORITY SECTION:
neustar.com.		600	IN	SOA	pdns1.ultradns.net. sec_grp.neustar.com. 1311360617 21600 3600 604800 600

;; Query time: 30 msec
;; SERVER: 2001:67c:370:229::7#53(2001:67c:370:229::7)
;; WHEN: Sun Nov 12 20:22:51 2017
;; MSG SIZE  rcvd: 109

wgeorge-mac:~ wgeorge$ ssh 10.31.88.14
ssh: connect to host 10.31.88.14 port 0: Can't assign requested address


wgeorge-mac:~ wgeorge$ ifconfig -a
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
	options=3<RXCSUM,TXCSUM>
	inet6 ::1 prefixlen 128
	inet 127.0.0.1 netmask 0xff000000
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
	nd6 options=1<PERFORMNUD>
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	ether 60:03:08:a5:f3:f0
	inet6 fe80::6203:8ff:fea5:f3f0%en0 prefixlen 64 scopeid 0x5
	inet6 2001:67c:370:1998:6203:8ff:fea5:f3f0 prefixlen 64 autoconf
	inet6 2001:67c:370:1998:99f1:35f3:b595:f562 prefixlen 64 autoconf temporary
	inet 169.254.142.41 netmask 0xffff0000 broadcast 169.254.255.255
	nd6 options=1<PERFORMNUD>
	media: autoselect
	status: active
en1: flags=963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX> mtu 1500
	options=60<TSO4,TSO6>
	ether 72:00:01:8e:da:e0
	media: autoselect <full-duplex>
	status: inactive
en2: flags=963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX> mtu 1500
	options=60<TSO4,TSO6>
	ether 72:00:01:8e:da:e1
	media: autoselect <full-duplex>
	status: inactive
p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
	ether 02:03:08:a5:f3:f0
	media: autoselect
	status: inactive
awdl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1484
	ether de:cc:bc:d6:11:89
	inet6 fe80::dccc:bcff:fed6:1189%awdl0 prefixlen 64 scopeid 0x9
	nd6 options=1<PERFORMNUD>
	media: autoselect
	status: active
bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	options=63<RXCSUM,TXCSUM,TSO4,TSO6>
	ether 02:e1:10:00:5a:00
	Configuration:
		id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
		maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
		root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
		ipfilter disabled flags 0x2
	member: en1 flags=3<LEARNING,DISCOVER>
	        ifmaxaddr 0 port 6 priority 0 path cost 0
	member: en2 flags=3<LEARNING,DISCOVER>
	        ifmaxaddr 0 port 7 priority 0 path cost 0
	nd6 options=1<PERFORMNUD>
	media: <unknown type>
	status: inactive
utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1400
	inet 10.96.12.55 --> 10.96.12.55 netmask 0xffffffff

Hope this is helpful

Wes George

signature.asc

#1063 pending Request for VM llynch@… wej@…
Description

OS: Ubuntu Mem: 8G Disk size: 10G cpu count: 2 Location: green rack

No swap - it is not really needed and either cuts into normal disk or makes machine size larger for no good reason.

This is really a machine for Con (which I can share for my piddly needs). He is still sorting out credentials so I am requesting the machine on his behalf.

Con indicated the hostname could be dashboard or dash. But maybe that is not something you need at this time.

Note: See TracQuery for help on using queries.