Networks not reachable from FIOS as if there's no route
zeng
Enthusiast - Level 3

Networks not reachable from FIOS as if there's no route

Can Verizon network team take a look at this?

root# for i in 8.8.8.8 121.51.175.17 121.51.22.64 182.254.52.163 182.254.60.11; do mtr -ur $i; done
HOST: Loss% Snt Last Avg Best Wrst StDev
1.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
2.|-- 100.41.26.128 0.0% 10 10.9 11.7 8.7 14.3 1.7
3.|-- 140.222.10.38 0.0% 10 16.2 15.8 14.0 18.4 1.3
4.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
5.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
6.|-- 140.222.227.25 0.0% 10 16.9 16.4 14.8 22.4 2.4
7.|-- 72.14.208.130 0.0% 10 15.6 15.4 12.6 16.8 1.4
8.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
HOST: Loss% Snt Last Avg Best Wrst StDev
1.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
2.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
3.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
4.|-- 100.41.26.128 90.0% 10 9.2 9.2 9.2 9.2 0.0
HOST: Loss% Snt Last Avg Best Wrst StDev
1.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
2.|-- 100.41.26.126 90.0% 10 11.4 11.4 11.4 11.4 0.0
HOST: Loss% Snt Last Avg Best Wrst StDev
1.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
2.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
3.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
4.|-- 100.41.26.126 90.0% 10 12.0 12.0 12.0 12.0 0.0
HOST: Loss% Snt Last Avg Best Wrst StDev
1.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
2.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
3.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
4.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
5.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
6.|-- 100.41.26.128 80.0% 10 14.7 12.0 9.3 14.7 3.8

0 Likes
Reply
21 Replies
zeng
Enthusiast - Level 3

I think what happened was that over the phone, FIOS support opened that ticket to their 'network' team.

And I followed the link managerepair to see if cancellation was necessary. Turns out this is a different portal than their FIOS support. I made clear to them that this is internal VZ issue and there'd be no charge to me. So ticket is left open.

I used Twitter but no one responded to me.

So far I check VZ/Sprint/ATT/HE.NET. Previous two do not have the routes while the last two do. Lots and lots of routes appear to be missing besides

121.51.174.0/23
121.51.22.0/23
182.254.52.0/23
182.254.60.0/23

Yeah those subnets hold advertisement video for Tencent I find out by using tcpdump to monitor DNS/TCP traffic.

smith6612
Community Leader
Community Leader

For some reason, connectivity issues between Verizon and IPs in China tend to be a recurring theme. Makes me wonder if it's intentional or, if BGP really is to blame. Verizon's backbone can't be that shaky without someone in a NOC or on the other end noticing, right? For example, QQ/Tencent would see a high amount of their advertising not being served all of a sudden to Verizon customers, even if other services were still working, and that would trigger a notice to investigate serving failure. Could easily be with China Telecom and China Unicom though...

Just some food for thought. It's a recurring theme on these forums.

zeng
Enthusiast - Level 3

NANOG comes to mind to be a better place to for this issue next.

smith6612
Community Leader
Community Leader

In case it's helpful, Verizon has a Looking Glass server you can use. This can help rule out something in their backbone, versus something that might be closer to your home, such as on the "Verizon Online" side or your router: https://enterprise.verizon.com/why-verizon/looking-glass/

FWIW, ICMP Traceroute is broke on FiOS the last I checked. So ensure you're using UDP Traceroute and your network is allowing UDP traffic to pass.

zeng
Enthusiast - Level 3

Being a looking glass yet the bgp part is completely broken for me with empty result. Anyone had any success?

0 Likes
Reply
zeng
Enthusiast - Level 3

Yeah the -u flag in mtr says it's UDP

gs0b
Community Leader
Community Leader

Welcome to the forums.  You're talking to other users here.  Your message will not be seen by Verizon's network team.  If you want to reach them, you need to contact Verizon's support team through chat or phone.

That said, I don't see a problem in your traces.  Some nodes outside of the Verizon network are not responding to pings during a trace.  That's not unusual for some network nodes. 

I am a bit confused by your traces, as I don't see your gateway router as the first hop.  Could your system have a configuration issue?

For comparison, here's a trace I did from a WSL Ubuntu system to Google's DNS (personal info REDACTED):


$ mtr -ur 8.8.8.8
Start: 2021-07-02T09:36:33-0400
HOST: <REDACTED> Loss% Snt Last Avg Best Wrst StDev
1.|-- <REDACTED> 0.0% 10 0.2 0.5 0.2 0.9 0.3
2.|-- Fios_Quantum_Gateway.fios 0.0% 10 1.2 1.3 0.7 1.7 0.3
3.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
4.|-- b3358.phlapa-lcr-22.veriz 0.0% 10 9.1 7.1 3.5 9.4 1.7
5.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
6.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
7.|-- 0.et-9-1-2.gw15.nyc1.alte 0.0% 10 9.4 8.3 7.2 9.4 0.9
8.|-- 72.14.208.130 0.0% 10 6.7 7.1 6.1 8.6 1.1
9.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0

zeng
Enthusiast - Level 3

Are you on FIOS as well and could you post your traceroute to IPs listed above other than 8.8.8.8?

Cang_Household
Community Leader
Community Leader

Hello. This is largely a customer to customer forum.

From your mtr output, the traceroute and ping seem normal. Some of routers on Verizon network and peer networks are not pingable, hence the * * * and 100% failed.

Are you trying to access a specific IP address and it is not routable? Or, a domain name does not resolute into an IP address? DNS servers on Verizon network may take some time to populate DNS entries.

zeng
Enthusiast - Level 3

Yeah it's this IOS game that I'm playing. It reaches out to those IPs to fetch advertise video. Somehow it fails on FIOS but works perfectly from other cloud VPS and my ATT LTE network.

gs0b
Community Leader
Community Leader

Yes, I'm on fios.  It would be kind of pointless to participate in a fios forum and post traceroutes if I wasn't.  🙂

Have you "pinged" all the IPs you are concerned about?  If you can ping them, that means you can reach them.  The traceroutes that have some blanks in the middle are simply nodes that don't reply to pings.  No big deal.

I tried pinging a few of the IPs on your list, but they don't respond.  If you get similar results, then you probably have an issue to ask Verizon support about.

zeng
Enthusiast - Level 3

Those IPs do not respond to ping from FIOS home network, but they do when I test from Oracle cloud VM. And the traceroute also points to potential blackhole/filtering right beyond hops 100.41.26.126/100.41.26.128. 

The blanks are not a concern. It's just that when traceroute to 8.8.8.8 completes successfully it does indicate that it's unlikely that all the hops beyond 100.41.26.126/100.41.26.128 would not generate ICMP in response to TTL expiration, and when it does happen blackhole/filtering would be my guess at the moment.

Cang_Household
Community Leader
Community Leader

I just pinged and tracerouted those two IPs. They appear to be perfectly fine for me.

imageMTR

zeng
Enthusiast - Level 3

121.51.175.17 121.51.22.64 182.254.52.163 182.254.60.11 are the ones in question.

Cang_Household
Community Leader
Community Leader

I received the following:

PING 121.51.22.64 (121.51.22.64) 56(84) bytes of data.
From 100.41.13.126 icmp_seq=156 Destination Net Unreachable
From 100.41.13.126 icmp_seq=244 Destination Net Unreachable
From 100.41.13.126 icmp_seq=311 Destination Net Unreachable

Destination Net Unreachable instead of Destination Host Unreachable means Verizon layer 3 does not know how to route to the subnet. I will do further testing to see whether the peering layer 3s do not know how to route either. I did find the IPs belong to Tencent. Are you trying to access certain resources on WeiXin or QQ?

gs0b
Community Leader
Community Leader

Reasonable hypothesis.  But since nobody here works for Verizon or can talk to their network team, we can't do anything about it.  If you want to ask them about it, you need to contact their support team.  They may escalate to the network team, once they understand the issue.  The best way to reach them for issues like this is to use their social media support team.  To get to them, tweet @VerizonSupport or pop over to https://www.dslreports.com/forum/vzdirect create and account and post.  Both methods should result in a link to a private chat where they will collect the details.

You can also try the standard support chat.  But whatever you do, don't waste your time with phone support.

zeng
Enthusiast - Level 3

Since you mention phone support I won't expect anything useful from scheduled vz phone callback then. Also I'd add that chat support is not up to task for this kind of problem either. All they can do appears to be reading from their monitoring system giving them good/bad and when it's "good" customers just get told to "factory resetting your router" or "reboot your router".  PS: I'm new FIOS customer for 2mos just switched from Spectrum

Thanks a bunch with the tip I'll try twitter first.

gs0b
Community Leader
Community Leader

To be honest, I suspect you'll have a hard time getting any of their support channels to understand your request.  Their support staff are setup to handle the vast majority of users, which are people who don't know an IP address from a router.  But we know what will happen if you don't even try their support - nothing.  And, you may get a support tech who is able to understand and escalate the issue.

zeng
Enthusiast - Level 3

I guess third time's the charm.  After two chats and one scheduled call back, the last one I communicate with over the phone actually log a ticket for me. Hours spent on this and it's so hard to get proper support. 

A repair ticket <XXXXXXX> has been created for your service trouble and will be resolved on 07/03 by 5pm. Repair charges may apply.

If you need to reschedule your appointment or if your service is now working properly, just let us know by clicking verizon.com/managerepair.

gs0b
Community Leader
Community Leader

Did they open an internal case that escalates the issue, or did the schedule a tech visit.  If they scheduled a tech visit, cang_household has given you excellent advise.  A field tech isn't going to do anything with this issue.  If someone comes to your home, they will do nothing but shrug their shoulders and you may be charged for the visit.

Like I said, phone support doesn't understand issues like this.  Use the twitter or VZDirect link I posted earlier, they are much better with stuff like this.