networking - What is the device in the middle?
2014-04
I did a traceroute on an IP address and got these results. I am only showing hop 9, 10 and 11, where it crosses over from my provider to their provider:
9 13 ms 13 ms 16 ms host213-121-193-95.ukcore.bt.net [213.121.193.95]
10 24 ms 13 ms 12 ms 194.74.65.22
11 18 ms 23 ms 18 ms brhm-bb-1c-ae5-0.network.virginmedia.net [212.250.15.209]
What is the device in between?
whois 194.74.65.22
inetnum: 194.74.65.0 - 194.74.65.255
netname: BT-UKIP-IPV4-INFRASTRUCTURE
descr: Private Circuit Customer Networks
country: GB
admin-c: BS1474-RIPE
tech-c: BS1474-RIPE
status: ASSIGNED PA
remarks: Please send abuse notification to [email protected]
remarks: New netname
remarks: INFRA-AW
mnt-by: BTNET-MNT
mnt-lower: BTNET-MNT
mnt-routes: BTNET-MNT
source: RIPE # Filtered
% Information related to '194.72.0.0/14AS2856'
route: 194.72.0.0/14
descr: BTnet
origin: AS2856
mnt-by: BTNET-MNT
source: RIPE # Filtered
% This query was served by the RIPE Database Query Service version 1.67.4 (WHOIS2)
I'm having trouble connecting to a particular website. I can view it through a proxy, but not from home. So I ran a traceroute:
Tracing route to fvringette.com [76.74.225.90]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms <snip>
2 * * * Request timed out.
3 9 ms 7 ms 27 ms rd2bb-ge2-0-0-22.vc.shawcable.net [64.59.146.226]
4 8 ms 7 ms 7 ms rc2bb-tge0-9-2-0.vc.shawcable.net [66.163.69.41]
5 10 ms 9 ms 9 ms rc2wh-tge0-0-1-0.vc.shawcable.net [66.163.69.65]
6 27 ms 23 ms 22 ms ge-gi0-2.pix.van.peer1.net [206.223.127.1]
7 18 ms 18 ms 20 ms 10ge.xe-0-2-0.van-spenc-dis-1.peer1.net [216.187.89.206]
8 9 ms 11 ms 10 ms 64.69.91.245
9 * * * Request timed out.
10 * * * Request timed out.
...
Looks like this "64.69.91.245" is somehow blocking me. Can I tell my computer to avoid/bypass that IP when trying to connect?
For one, I can load the site fine. See the route:
0 04:35:23pm ~ $ mtr -4 --report fvringette.com
HOST: Defcon.local Loss% Snt Last Avg Best Wrst StDev
1. woodcrest.local 0.0% 10 0.6 0.5 0.4 0.8 0.1
2. bas1-oakville30_lo0_SYMP.net 0.0% 10 14.0 16.1 13.1 31.2 5.4
3. core1-hamilton14_10-0-3_150. 0.0% 10 13.3 12.8 11.6 15.7 1.1
4. newcore1-chicago23_so2-0-0.n 0.0% 10 23.6 31.4 23.6 66.3 16.0
5. bx5-chicagodt_xe-0-0-3_0.net 0.0% 10 24.7 24.6 23.2 28.5 1.6
6. ge-3-2-4.chi10.ip4.tinet.net 0.0% 10 26.7 26.9 26.3 28.0 0.5
7. xe-2-0-0.sea11.ip4.tinet.net 0.0% 10 107.0 106.8 106.0 107.5 0.4
8. peer1-gw.ip4.tinet.net 0.0% 10 83.9 83.9 83.6 84.6 0.3
9. ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
10. ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
11. 64.69.91.245 0.0% 10 88.6 87.9 87.1 88.6 0.6
12. van-hc21e-cs1.wappyzappy.net 10.0% 10 88.7 88.0 87.4 88.7 0.5
It would appear that (somehow) the two nodes, 9 & 10 in my route, are either blocking ICMP packets or have some other form of network voodoo implemented. It could be that when you were accessing the site through the proxy, you were accessing some cached version when the website was really down, who knows. The fact that there is 100% packet loss in nodes 9 & 10 is odd, but since I can (obviously) reach the site, it doesn't appear that 64.69.91.245
(Peer1 Internet Bandwidth & Server Co-Location Facilities, 2155-500 West Hastings St., Vancouver) is doing anything to block any traffic (in all likelihood, they are just ignoring ICMP packets).
To more directly answer your question, it's pretty much impossible to define your own route to a site. Since (I would assume) all packets would pass through that address at one point or another to get to the actual host (as it's the external IP of the datacentre the servers are hosted in), there would be no route around it. Once your packet gets outside of your router, it's up to Shaw what route your packet takes; you have no control whatsoever. Hope that helps a bit!
I think you can do this by forcing a particular IP routing using the route add command at the command prompt, but it will take a better man than I am to explain exactly how. You might do a search on 'add a static IP route' or 'force IP routing' to get some idea. I don't know if you can block a specific node, but I wouldn't be surprised if you can. Forcing a specific route that avoids the node would be the alternative.
Are you going to a site that is somehow geographically restricted? There are sites that will only accept traffic from certain regions and if your IP address is not within their allowed list, the packets may be eaten. The reason I'm asking is that you said you can access through a proxy.