Re: XO blocking individual IP's

[Ryan Rawdon <ryan () u13 net>]

On Nov 7, 2011, at 10:06 PM, clayton () haydel org wrote:

> > "transit provider".  Is XO the end-access provider for either you or the
> > destination site?  Or are both of those on some other connection, and XO
> > is a bystander along the way?
>
> We're a direct customer.  The IP's that I've seen them block have been
> both on our network and on remote networks, so I suspect their filtering
> would affect any traffic that happened to pass over XO.

While troubleshooting another issue last week, someone in the NOC at one of our ISPs mentioned that they had 
encountered something similar recently.

"This 
looks suspiciously like another XO issue we ran across in the last few 
months where they used a network security device that blocked 'suspicious' 
traffic on particular ports (although it was tcp based from what I could 
remember)."

In our case the symptoms looked like GBLX was eating traffic which hashed to a certain theoretical link (certain 
src-dst-srcport-dstport combinations) in a LAG or similar, but it was happening right near the XO-GBLX edge in the 
forward path so it's possible it was a security device at XO's edge.