Closed Bug 1072010 Opened 10 years ago Closed 10 years ago

Unable to connect to fs from yvr

Categories

(Infrastructure & Operations Graveyard :: NetOps: Office Other, task)

Product:
Infrastructure & Operations Graveyard
Component:
NetOps: Office Other
Platform:
x86_64
Linux
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
VERIFIED FIXED

People

(Reporter: rillian, Assigned: dcurado)

References

Details

I was trying to reach our internal fileserver today from the YVR office, and was unable to. Browser just spins for a while and times out.

DNS returns an internal ip for 'fs':

$ host fs
fs.corp.yvr1.mozilla.com is an alias for fs.mv.mozilla.com.
fs.mv.mozilla.com has address 10.250.0.34

But I cannot ping that ip, or connect to it over http. mtr suggests the routing is incorrect:

 1. fw1.corp.yvr1.mozilla.net         0.0%     3    0.5   0.5   0.4   0.5   0.0
 2. 64.213.70.193                     0.0%     3    1.0   1.0   1.0   1.1   0.0
 3. ???

i.e. it's routing traffic to a private IP out some global crossing router.
Assignee: network-operations → dcurado
Hi,
The IP address that 'fs' is resolving to (10.250.0.34) no longer exists in our network.
That was an IP address used in the Mountain View office at Castro Street.
Looks like whoever was responsible for that server did not remove the old
DNS record. =-(  

For completeness: when the firewall (also your local router) tries to forward 
your traffic, it doesn't have a route for 10.250.x.x, so the firewall sends the
packet out its default route, which is your local Internet connection.
It looks wrong, but it's actually correct.

Sorry, I don't have a clue about the internal file server. 
I'm thing EUS would know?  
It'll be another 4 hours until people on the West Coast are around.
But I will double back at that time and see if I can find out the new name
of this resource.  Will update this bug once I get the story.

Thanks -- Dave
Status: NEW → ASSIGNED
Thanks for responding. Hopefully we can update the dns record, then. Or delete it if the server no longer exists.

Re default routes, I would have expected we'd have null routes for all private subnets we're not using, rather than relying on an upstream carrier to do the right thing?
I just asked #servicedesk about the file server -- hoping to find someone who knows
something.

Yeah, you raise a good point -- I suppose we could add a null route for 10/8 so that
we crater the packets right away... will give it some thought.
Thanks for suggesting it!

Will update this bug when I figure out the last word on that file server.
OK, the word I've got back is that the old fs server is "all kinds of dead"

I will remove the dns record, and will also bring up the idea of adding a null
route for 10/8 on our edge routers in the next staff meeting.

Thanks,
Dave
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Thanks!
Status: RESOLVED → VERIFIED
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in before you can comment on or make changes to this bug.