Re: A BGP issue?

[Greg Ihnen <os10rules () gmail com>]

On Mar 7, 2011, at 10:19 PM, Patrick W. Gilmore wrote:

> On Mar 7, 2011, at 14:27, Greg Ihnen <os10rules () gmail com> wrote:
>
> > I run a small network on a mission base in the Amazon jungle which is fed by a satellite internet connection. We had 
> > an outage from Feb 25th to the 28th where we had no connectivity with email, http/s, ftp, Skype would indicate it's 
> > connected but even chatting failed, basically everything stopped working except for ICMP. I could ping everywhere 
> > just fine. I started doing traceroutes and they all were very odd, all not reaching their destination and some 
> > hopping all over creation before dying. But if I did traceroute with ICMP it worked fine. Does this indicate our 
> > upstream (Bantel.net) had a BGP issue? Bantel blamed Hughesnet which is the service they resell. I'm wondering what 
> > kind of problem would let ping work fine but not any of the other protocols. It also seems odd that I could 
> > traceroute via UDP part way to a destination but then it would fail if the problem was my own provider. Thanks.
> >
> > If this is the wrong forum for this post I'm sorry and please just hit delete. If this is the wrong forum but you'd 
> > be kind enough to share your expertise please reply off-list. Thanks!
>
> Honestly, I would rate this as one of the most on-topic posts in a while.
>
> BGP only handles reachability, not higher level protocols.  (Of course, you can h4x0r anything to do jus about 
> anything, but we are talking the general case here.)
>
> If you can ping, BGP is working.  If you can ping and cannot use TCP, then something other than BGP is at fault. 
>
> I've seen strange things like someone enabling TCP compression (common on very small or very expensive links) one 
> side but not the other, which then allowed ICMP and UDP but not TCP.  It is a great way to annoy someone.  "See, I 
> can ping, it must be your side!"
>
> Have you tried TCP traceroute?  Or telnetting to port 80?
>
> -- 
> TTFN,
> patrick

Patrick,

        Thank you very much! Thank you to everyone else who replied.

        I did try TCP traceroute and it failed too. I didn't have a machine to telnet to on port 80 but I did try an 
ssh tunnel on port 9999 and it failed too.

        From what everyone is saying it sounds like it was the satellite internet provider's compression scheme that 
was having trouble or some kind of an MTU issue.

        What I don't understand is why when using traceroute UDP/TCP/GRE I could get replies from some routers but not 
all routers to the destination, and why some routes were bizarre. If it was a failure of the sat internet provider's 
compression scheme or an MTU issue wouldn't traceroute UDP/TCP/GRE fail completely? What could have happened to my 
packets that would make them go only part way or go the wrong way?

        According to our satellite internet service provider Bantel the outage was system wide.

Thank again!
Greg