China Telecom filtering nameservers

Daniel_Medina · October 22, 2003, 6:57pm

Our main nameservers are being filtered from networks managed by

CHINANET, Data Communications Division,
China Telecom

All traffic from our nameservers (ICMP, DNS queries, etc) is being
dropped. As a result, many websites and mail servers with DNS hosted on
networks which connect via China Telecom are inaccessible to users from
our network. Only the IP addresses of our main nameservers are
filtered.

I have contacted China Telecom at

hostmaster@ns.chinanet.cn.net
noc@cn.net

about this problem, but have received no response.

Does anyone know of any good contacts at China Telecom, or know if
there's some explanation for this?

John_Kristoff3 · October 22, 2003, 7:30pm

Our main nameservers are being filtered from networks managed by

CHINANET, Data Communications Division,
China Telecom

All traffic from our nameservers (ICMP, DNS queries, etc) is being
dropped. As a result, many websites and mail servers with DNS hosted on

This has been seen elsewhere too and contacting someone at chinanet
has been difficult. Your DNS may be filtered if it supports recursive
lookups from chinanet. Forgetting for a moment the potential problems
with doing that, its been suggested that chinanet is filtering DNS as a
means to prevent their users from pointing at your DNS to get to sites
that they may deem inappropriate (censorship).

Does anyone know of any good contacts at China Telecom, or know if
there's some explanation for this?

This is a problem. If you have someone on staff that can speak
Chinese, that might be useful. I haven't heard of email to the public
addresses resulting in any meaningful response. I can't point to a
specific contact at the moment, but I have been peripherally involved in
this problem and if something definitively useful comes out of it I can
follow up with you in private email.

John

Tom_UnitedLayer · October 23, 2003, 1:53am

I actually found two helpful individuals via posting to this list.
They both spoke english, and helped me out in finding out what was going
on.

China telecom has some US POPs, so they do have people in the US even.

Owen_DeLong · October 23, 2003, 6:28am

Care to share what was going on? Was it really censorship or something more
mundane and less offensive?

Owen

John_Kristoff3 · October 23, 2003, 7:01am

I'm not sure what exactly you took offense too, but if I offended
someone, particularly our international neighbors I apologize. In
my experience there has been a language barrier problem, which has
hindered even the initial dialog via email or telephone. My intention
was to convey that the issue is a known problem, what I thought might
be going on and that I didn't yet have a good solution.

John

Andy · October 23, 2003, 10:16am

If I'm not mistaken, I think I even saw an office the other day on Herndon
Parkway...

Best Regards,
Andy Walden

Eric_Kuhnke1 · October 23, 2003, 11:28am

Gut instinct says that One Wilshire is their primary US PoP/peering/transit point:

http://www.onewilshire.com/our_building/connectivity.htm

ren · October 23, 2003, 1:10pm

actually no. Joe can probably tell you more but they are peering at both Equinix-Los Angeles & PAIX-Palo Alto in California in addition to the carrier hotel on One Wilshire. -ren

Tom_UnitedLayer · October 24, 2003, 9:02am

It was actually about 100Mbps of DOS...
Joe took care of it

Owen_DeLong · October 27, 2003, 2:21am

Yes... I just wanted to know which one this was.

Owen