[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Verizon AS701 blocking Tor consensus server tor26 (86.59.21.38)

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Verizon AS701 blocking Tor consensus server tor26 (86.59.21.38)
From: Neel Chauhan <neel@xxxxxxxxx>
Date: Thu, 24 May 2018 16:09:25 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 24 May 2018 16:10:10 -0400
In-reply-to: <7f054b7e9199a1b1835af16cae914ae4@neelc.org>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <7f054b7e9199a1b1835af16cae914ae4@neelc.org>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Roundcube Webmail/1.3.5

Hi tor-relays mailing list,

Good news! Verizon unblocked tor26 (86.59.21.38).

I posted something similar on NANOG (with modifications for networkpeople) here:https://mailman.nanog.org/pipermail/nanog/2018-May/095386.html

Someone nice at Verizon must have read NANOG (VZ NOC people probably doread NANOG) and unblocked tor26. Here is a (successful) traceroute:


neel@flex:~ % traceroute  86.59.21.38
traceroute to 86.59.21.38 (86.59.21.38), 64 hops max, 40 byte packets
 1  unknown (192.168.1.1)  0.886 ms  0.567 ms  0.460 ms

2 lo0-100.NYCMNY-VFTTP-401.verizon-gni.net (173.68.77.1) 2.437 ms2.129 ms 1.127 ms3 B3401.NYCMNY-LCR-21.verizon-gni.net (100.41.137.94) 3.957 ms 5.827ms

    B3401.NYCMNY-LCR-22.verizon-gni.net (100.41.137.96)  5.022 ms
 4  * * *
 5  0.et-11-1-5.BR3.NYC4.ALTER.NET (140.222.2.131)  3.527 ms
    0.et-5-0-2.BR3.NYC4.ALTER.NET (140.222.239.37)  4.578 ms
    0.et-11-1-5.BR3.NYC4.ALTER.NET (140.222.2.131)  18.629 ms
 6  204.255.168.118 (204.255.168.118)  4.764 ms  8.144 ms  7.132 ms
 7  sl-crs3-lon-0-6-3-0.sprintlink.net (144.232.9.165)  70.718 ms
    sl-crs1-lon-0-6-2-0.sprintlink.net (144.232.13.44)  79.200 ms
    144.232.13.112 (144.232.13.112)  78.583 ms
 8  144.232.13.108 (144.232.13.108)  83.652 ms
    213.206.129.100 (213.206.129.100)  86.477 ms  83.988 ms
 9  217.149.32.65 (217.149.32.65)  100.367 ms  95.808 ms
    sl-crs4-ams-0-7-0-3.sprintlink.net (213.206.129.139)  85.614 ms
10  217.149.47.46 (217.149.47.46)  84.036 ms  84.193 ms  83.651 ms

11 ams5-core-1.bundle-ether1.tele2.net (130.244.82.54) 79.584 ms79.037 ms 78.659 ms12 ams-core-2.bundle-ether9.tele2.net (130.244.82.57) 91.635 ms94.684 ms 93.261 ms13 wen3-core-2.bundle-ether15.tele2.net (130.244.71.47) 105.583 ms105.421 ms 105.308 ms14 tele2at-bundle2-vie3.net.uta.at (212.152.189.65) 112.490 ms105.685 ms 111.003 ms

15  86.59.118.145 (86.59.118.145)  130.001 ms  138.869 ms  106.799 ms
16  tor.noreply.org (86.59.21.38)  106.681 ms  105.468 ms  105.891 ms
neel@flex:~ %

(it's on a different laptop, my 'xb2' refuses to charge now, still sameconnection however).


Now no consensus relays are blocked on FiOS!

Although **most** Verizon NOC people probably don't read tor-relays(unlike NANOG's mailing lists), but to the person who read my NANOG postand unblocked tor26 (86.59.21.38), thank you so much!


Thank You,

Neel Chauhan

===

https://www.neelc.org/

On 2018-05-15 20:12, Neel Chauhan wrote:

Hi tor-relays mailing list,

I have noticed that the Tor consensus server tor26
(https://metrics.torproject.org/rs.html#details/847B1F850344D7876491A54892F904934E4EB85D)
is blocked on Verizon's UUNET (AS701) backbone, and therefore,
Verizon's retail services like FiOS and Wireless. I can confirm this
on FiOS, but I don't use Verizon Wireless (my smartphone uses Sprint)
so I can't test it there.

A traceroute to tor26's IP address 86.59.21.38 from a Brooklyn
apartment shows this is filtered on Verizon's backbone:

neel@xb2:~ % traceroute 86.59.21.38
traceroute to 86.59.21.38 (86.59.21.38), 64 hops max, 40 byte packets
 1  unknown (192.168.1.1)  1.128 ms  0.780 ms  0.613 ms
 2  lo0-100.NYCMNY-VFTTP-401.verizon-gni.net (173.68.77.1)  1.001 ms
3.632 ms  0.900 ms
 3  B3401.NYCMNY-LCR-22.verizon-gni.net (100.41.137.96)  2.291 ms

B3401.NYCMNY-LCR-21.verizon-gni.net (100.41.137.94) 3.172 ms4.046 ms

 4  * * *
 5  * * *
 6  * * *
 7  * * *
 8  * * *
 9  * * *
^C
neel@xb2:~ %

In a normal traceroute, you will see ALTER.NET at hop 5. Also, the
subnet 86.59.21.0/24 is not filtered on UUNET. A traceroute to
86.59.21.1 works:

neel@xb2:~ % traceroute 86.59.21.1
traceroute to 86.59.21.1 (86.59.21.1), 64 hops max, 40 byte packets
 1  unknown (192.168.1.1)  0.863 ms  0.757 ms  0.579 ms
 2  lo0-100.NYCMNY-VFTTP-401.verizon-gni.net (173.68.77.1)  1.010 ms
1.545 ms  1.034 ms
 3  B3401.NYCMNY-LCR-22.verizon-gni.net (100.41.137.96)  3.616 ms

B3401.NYCMNY-LCR-21.verizon-gni.net (100.41.137.94) 5.696 ms10.062 ms

 4  * * *

5 0.et-5-1-5.BR3.NYC4.ALTER.NET (140.222.2.127) 3.492 ms 3.506 ms2.996 ms

 6  204.255.168.118 (204.255.168.118)  8.462 ms  7.479 ms  7.252 ms
 7  144.232.4.84 (144.232.4.84)  5.041 ms  4.688 ms
    sl-crs3-lon-0-6-3-0.sprintlink.net (144.232.9.165)  71.865 ms
 8  sl-crs2-lon-0-0-3-0.sprintlink.net (213.206.128.181)  72.214 ms
73.579 ms  72.339 ms
 9  213.206.129.142 (213.206.129.142)  81.390 ms

sl-crs4-ams-0-7-0-3.sprintlink.net (213.206.129.139) 85.854 ms93.238 ms

10  217.149.47.46 (217.149.47.46)  79.004 ms  85.669 ms  79.392 ms
11  ams5-core-1.bundle-ether1.tele2.net (130.244.82.54)  86.507 ms
78.374 ms  77.740 ms
12  ams-core-2.bundle-ether9.tele2.net (130.244.82.57)  79.642 ms
77.926 ms  81.515 ms
13  wen3-core-2.bundle-ether15.tele2.net (130.244.71.47)  105.400 ms
105.089 ms  109.751 ms
14  tele2at-bundle2-vie3.net.uta.at (212.152.189.65)  122.716 ms
110.820 ms  114.354 ms
15  86.59.21.1 (86.59.21.1)  106.389 ms *  105.379 ms
neel@xb2:~ %

I got in contact with Peter Palfrader and he says he couldn't help,
and also with Verizon FiOS support and they said the filtering 'isn't
on Verizon's network' (read: isn't on Verizon's internal FiOS network
but still on Verizon's AS701 which I have to go to to get anywhere on
the Internet here).

I know that this IP could have been blackholed, and you may think that
if Verizon is blocking it, then isn't Level 3 or Cogent? Well, Cogent
doesn't block tor26:

traceroute to 86.59.21.38 (86.59.21.38), 30 hops max, 60 byte packets
 1  gi0-1-1-19.5.agr21.jfk02.atlas.cogentco.com (66.28.3.113)  0.727
ms  0.727 ms
 2  be2605.ccr41.jfk02.atlas.cogentco.com (154.54.1.153)  2.177 ms
be2606.ccr42.jfk02.atlas.cogentco.com (154.54.2.29)  0.734 ms
 3  be2490.ccr42.lon13.atlas.cogentco.com (154.54.42.86)  68.557 ms
be2317.ccr41.lon13.atlas.cogentco.com (154.54.30.186)  70.829 ms
 4  be12488.ccr42.ams03.atlas.cogentco.com (130.117.51.42)  74.570 ms
be12194.ccr41.ams03.atlas.cogentco.com (154.54.56.94)  76.767 ms

5 be2434.agr21.ams03.atlas.cogentco.com (130.117.2.241) 74.515 ms74.612 ms

 6  149.6.129.250 (149.6.129.250)  80.758 ms  74.625 ms

7 ams5-core-1.bundle-ether1.tele2.net (130.244.82.54) 75.421 ms75.425 ms8 ams-core-2.bundle-ether9.tele2.net (130.244.82.57) 74.516 ms74.558 ms9 wen3-core-2.bundle-ether15.tele2.net (130.244.71.47) 97.605 ms95.470 ms10 tele2at-bundle2-vie3.net.uta.at (212.152.189.65) 100.314 ms97.947 ms

11  86.59.118.145 (86.59.118.145)  96.918 ms  98.620 ms
12  tor.noreply.org (86.59.21.38)  97.853 ms  98.110 ms

(Source: http://www.cogentco.com/en/network/looking-glass)

It could be possible that other Tier 1 networks formerly blocked
tor26, and also unblocked, but Verizon was sloppy not to do so.

It's also possible that Verizon could be doing it because the FCC
repealed Net Neturality, and wants to discourage use of Tor to mine
FiOS/VZW customers' browsing habits. But despite a NN repeal I can
still access Tor on FiOS, and also run a relay (I do both) because
other consensus relays are still unblocked.

But if Verizon didn't unblock tor26, could it actually mean that
Verizon wants to discourage Tor (and VPN/proxy) use to try to mine
information of their customers (and sell ads/information) and direct
users to VZ-owned AOL and Yahoo? Well, I hope they were just sloppy
and don't mean to wage war on Tor.

While I'm not saying you should avoid using anything Verizon at all
costs (I certainly wouldn't want to go to the local cable company), I
just want to point out a blocked consensus server.

Thank You,

Neel Chauhan

===

https://www.neelc.org/
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- [tor-relays] Verizon AS701 blocking Tor consensus server tor26 (86.59.21.38)
  - From: Neel Chauhan

Prev by Author: Re: [tor-relays] Running A Bridge Alongside My Relay
Next by Author: [tor-relays] Verizon AS701 blocking Tor consensus server tor26 (86.59.21.38)
Previous by thread: Re: [tor-relays] Verizon AS701 blocking Tor consensus server tor26 (86.59.21.38)
Next by thread: Re: [tor-relays] Verizon AS701 blocking Tor consensus server tor26 (86.59.21.38)
Index(es):
- Author
- Thread