Afternoon,
Thought I would start a new thread. After researching, traceroutes, etc, I think I found my problem.
9 out of the 10 sites that subscribers on my new block is being hosted by softlayer.
Anyone on the list have contacts with softlayer. Right now I have an email to abuse. The support line will not help me out.
John
Still looking for anyone from softlayer.com
It has been a challenge. Anything hosted by softlayer.com is being blocked.
Here is a small list so far
windowbook.tpondemand.com
ahainstructornetwork.americanheart.org
clover.com
Cebroker.com
Softlayer.com
indeed.com & Enforce Staffing
It is growing every day.
John
> <br> |
> - |
> <br> |
> <br> |
> <br> |
> <br> |
> <br> |
> <br> |
> <br> |
> <br> |
> <br> |
> <br> |
> <br> |
> <br> |
> <br> |
> <br> |
SoftLayer was aquirred by IBM, maybe reaching out to their NOC or support would be fruitful. IBM’s DNS team is indeed mentioned in SoftLayers WHOIS info.
Have you attempted email the addresses listed in the WHOIS for their ASN?
network:Tech-Contact;I:[sysadmins@softlayer.com](mailto:sysadmins@softlayer.com)
network:Abuse-Contact;I:[abuse@softlayer.com](mailto:abuse@softlayer.com)
network:Updated-By:[ipadmin@softlayer.com](mailto:ipadmin@softlayer.com)
Registrant Contact
Registrant Name
Domain Administrator
Registrant Organization
Softlayer Technologies, Inc.
Registrant Street
4849 Alpha Road
Registrant City
Dallas
Registrant State/Province
TX
Registrant Postal Code
75244
Registrant Country
USUnited States
Registrant Phone
+1.2144420600
Registrant Email
bjohnson@softlayer.com
Administrative Contact
Admin Name
Grace Micewicz
Admin Organization
International Business Machines Corporation
Admin Street
New Orchard Road
Admin City
Armonk
Admin State/Province
NY
Admin Postal Code
10504
Admin Country
USUnited States
Admin Phone
+1.9147654227
Admin Fax
+1.9147654370
Admin Email
dnsadm@us.ibm.com
Regards.
Andrew Paolucci
I’ve been trying to reach them regarding an abuse issue, and have similarly had no actual luck in reaching their abuse/noc contacts.
Another idea…
Have you tried reaching out to some of the blocked sites? They likely have better contact information than is available publicly, especially a larger one like indeed.
This is the best approach. Have run into this problem a few times and had zero success getting the filters removed without having SL customers log tickets with support. Verbiage needs to be “this prefix is blocked, please escalate to your backbone team”.
Perhaps it won’t work because their customer support will ask you for bi-directional traceroute and refused to forward to backbone team.
Then they’ll say it’s not their fault and you can see the packet is dropped outside our network.
Here’s a sample traceroute from SoftLayer Washington, San Jose and Seattle in case someone needs it:
aveline@iad02-sl01:~$ mtr 138.43.128.1 --report-wide
Start: Fri Mar 22 17:20:42 2019
HOST: iad02-sl01 Loss% Snt Last Avg Best Wrst StDev
1.|-- [REDACTED] 0.0% 10 1.4 1.5 0.8 3.7 1.0
2.|-- ae13.dar02.wdc01.networklayer.com 0.0% 10 0.5 3.3 0.4 28.6 8.8
3.|-- ae9.bbr01.eq01.wdc02.networklayer.com 0.0% 10 0.8 0.8 0.7 1.0 0.0
4.|-- eqix-dc5.intellifiber.com 0.0% 10 0.8 1.2 0.8 2.2 0.3
5.|-- ae13-0.cr02.asbn01-va.us.windstream.net 0.0% 10 0.9 0.9 0.9 1.0 0.0
6.|-- ae11-0.cr01.atln02-ga.us.windstream.net 0.0% 10 15.6 16.1 15.6 17.4 0.5
7.|-- ae0-0.pe06.atln02-ga.us.windstream.net 0.0% 10 17.4 16.1 15.9 17.4 0.3
8.|-- h43.88.198.64.static.ip.windstream.net 0.0% 10 24.7 24.8 24.6 24.9 0.0
9.|-- east.tndodge-21.static.tncsvl.blomand.net 0.0% 10 22.6 22.8 22.5 23.8 0.0
10.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
aveline@sjc03-sl01:~$ mtr 138.43.128.1 --report-wide
Start: Fri Mar 22 16:21:04 2019
HOST: sjc03-sl01 Loss% Snt Last Avg Best Wrst StDev
1.|-- [REDACTED] 0.0% 10 2.4 2.0 0.3 14.3 4.3
2.|-- ae0.dar02.sjc01.networklayer.com 0.0% 10 1.0 0.5 0.3 1.3 0.0
3.|-- ae9.bbr01.eq01.sjc02.networklayer.com 0.0% 10 0.8 0.8 0.7 0.9 0.0
4.|-- eqix-sv1.windstream.com 0.0% 10 0.9 0.9 0.8 1.1 0.0
5.|-- ae6-0.cr02.lsaj01-ca.us.windstream.net 0.0% 10 11.6 11.5 11.5 11.6 0.0
6.|-- ae-11-0.cr01.dlls01-tx.us.windstream.net 0.0% 10 42.6 42.7 42.5 43.4 0.0
7.|-- ae7-0.cr02.atln02-ga.us.windstream.net 0.0% 10 64.0 65.6 63.9 74.2 3.4
8.|-- ae1-0.pe06.atln02-ga.us.windstream.net 0.0% 10 62.3 62.7 62.2 66.9 1.5
9.|-- h43.88.198.64.static.ip.windstream.net 0.0% 10 71.9 72.0 71.9 72.2 0.0
10.|-- east.tndodge-21.static.tncsvl.blomand.net 0.0% 10 69.9 68.8 68.6 69.9 0.3
11.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
aveline@sea04-sl01:~$ mtr 138.43.128.1 --report-wide
Start: Fri Mar 22 08:19:09 2019
HOST: sea04-sl01 Loss% Snt Last Avg Best Wrst StDev
1.|-- [REDACTED] 0.0% 10 0.7 1.2 0.7 1.8 0.0
2.|-- ae12.dar02.sr01.sea01.networklayer.com 0.0% 10 0.6 0.7 0.5 1.3 0.0
3.|-- ae9.bbr01.wb01.sea02.networklayer.com 0.0% 10 1.2 1.0 0.7 1.5 0.0
4.|-- six.seattle-wa.us.windstream.net 0.0% 10 1.5 1.0 0.7 1.7 0.0
5.|-- ae12-0.cr01.chcg01-il.us.windstream.net 0.0% 10 41.1 41.2 41.0 41.6 0.0
6.|-- ae17-0.cr02.chcg01-il.us.windstream.net 0.0% 10 41.1 41.4 41.1 42.0 0.0
7.|-- ae10-0.cr01.atln02-ga.us.windstream.net 0.0% 10 63.8 64.4 63.5 71.1 2.3
8.|-- ae0-0.pe06.atln02-ga.us.windstream.net 0.0% 10 63.7 63.7 63.5 64.0 0.0
9.|-- h43.88.198.64.static.ip.windstream.net 0.0% 10 71.6 71.8 71.5 72.8 0.0
10.|-- east.tndodge-21.static.tncsvl.blomand.net 0.0% 10 71.8 70.8 70.2 71.8 0.3
11.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
Regards,
Siyuan Miao
Traceroute from here if it helps
Tracing route to 138-43-128-1.reserved.highland.net [138.43.128.1]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms [REDACTED]
2 <1 ms <1 ms <1 ms [REDACTED]
3 1 ms 1 ms <1 ms [REDACTED]
4 1 ms <1 ms <1 ms [REDACTED]
5 6 ms 6 ms 6 ms v313.core1.mci3.he.net [216.218.213.141]
6 16 ms 16 ms 16 ms 100ge10-2.core1.dal1.he.net [184.105.81.206]
7 26 ms 26 ms 26 ms xo-as15-as2828.10gigabitethernet6-7.core1.dal1.he.net [184.105.255.78]
8 40 ms 39 ms 40 ms 207.88.14.198.ptr.us.xo.net [207.88.14.198]
9 40 ms 39 ms 40 ms 207.88.12.178.ptr.us.xo.net [207.88.12.178]
10 39 ms 39 ms 39 ms 216.156.16.239.ptr.us.xo.net [216.156.16.239]
11 48 ms 48 ms 48 ms ip65-46-198-198.z198-46-65.customer.algx.net [65.46.198.198]
12 41 ms 41 ms 41 ms occm-6.dhcp.grp1-rng1.tncsvl.blomand.net.57.131.192.in-addr.arpa [192.131.57.6]
13 * * * Request timed out.
Thanks
Travis
Well,
It has been a challenge. I am not sure who helped or fixed the problem, but now anything hosted on softlayer.com is responding.
I am not sure if there was anyone lurking on the list that helped out, but if you are, Thank You.
I have a batch of new stuff not working, but they may be one off’s. I am trying to find a pattern.
John
I think AT&T is involved now. If you still need something I can ask around.