[BBLISA] Amazon EC2 Oddly Rejecting Very Specific IP Addresses
Dean Anderson
dean at av8.com
Tue Apr 13 16:13:35 EDT 2010
There is no reason to think that 75.101.149.255 is a broadcast address.
x.y.z.255 is the broadcast for a x.y.z/24, but we don't know this is a
/24. Any IP address could be a /32. I have web servers that use all 256
IP addresss in the last octet. (You put them on loopback interfaces as
/32)
lo:255 Link encap:Local Loopback
inet addr:130.105.21.255 Mask:255.255.255.255
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:17281535 errors:0 dropped:0 overruns:239 frame:0
TX packets:8963801 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2491380274 (2375.9 Mb) TX bytes:256009920 (244.
But no one besides Amazon would be filtering Amazon's broadcast
addresses anyway.
--Dean
On Tue, 13 Apr 2010, R Gary Cutbill wrote:
> Just a guess....
> I've seen routers configured to block forwarding to broadcast addresses.
> Perhaps
> the router is (mis-)interpreting the amazon address as a broadcast
> address because
> it ends in 255?
>
> I'd start by checking the logs on the router.
>
> -R. Gary
>
> Richard 'Doc' Kinne wrote:
> > Folks:
> >
> > I'd like to see if anyone has heard of circumstances like this before.
> >
> > I have a server on the Amazon EC2 cloud running a website service.
> > This is largely working well.
> >
> > However I have one customer that cannot get to it from a specific
> > address. The IP address of my server is 75.101.149.255. When you do a
> > "whois" on this it comes up as:
> >
> > OrgName: Amazon.com, Inc.
> > OrgID: AMAZO-4
> > Address: Amazon Web Services, Elastic Compute Cloud, EC2
> > Address: 1200 12th Avenue South
> > City: Seattle
> > StateProv: WA
> > PostalCode: 98144
> > Country: US
> >
> > which makes perfect sense.
> >
> > We originally thought that Amazon might be blocking access to the
> > service to specific IP or IP ranges, but based on traceroutes that
> > didn't seem to make sense.
> >
> > When my customer tries to do a traceroute from his place to my server
> > he doesn't even get out of his router:
> >
> > tracert 75.101.149.255
> > Tracing route to [75.101.149.255] over a maximum of 30 hops:
> > 1 1 ms <1 ms <1 ms www.routerlogin.com
> > <http://www.routerlogin.com> [10.1.1.1]
> > 2 * * * Request timed out.
> >
> > I've never seen anything like that before. I can understand things
> > timing out when you get to the Amazon area, but timing out before you
> > even get into the Net proper? That doesn't make sense to me.
> > Everything else seems to work properly from his location from what
> > he's telling me.
> >
> > There is a part of me that thinks there may be something wrong somehow
> > with my customer's address. When I do a "whois" on the customer's
> > address it comes back as being owned by IANA, which doesn't seem right
> > at all. Also when I try a traceroute to his address *I* don't get past
> > my router in two totally separate locations (work, that has one ISP,
> > and home, which has a very different ISP).
> >
> > I've never quite seen anything act like this before and I'm not quite
> > sure how to puzzle it out.
> >
> > Does anyone have any thoughts?
> > --
> > Doc Kinne, [KQR]
> > (From the Gmail Web Interface)
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > bblisa mailing list
> > bblisa at bblisa.org
> > http://www.bblisa.org/mailman/listinfo/bblisa
>
> _______________________________________________
> bblisa mailing list
> bblisa at bblisa.org
> http://www.bblisa.org/mailman/listinfo/bblisa
>
>
--
Av8 Internet Prepared to pay a premium for better service?
www.av8.net faster, more reliable, better service
617 256 5494
More information about the bblisa
mailing list