I need some help with troubleshooting the following issue:
Last Thursday I received a phonecall from my client, who complained that for 4 days they cannot receive emails (timeouts in Outlook), neither can access the accounts via webmail on all of their computers in the office. I quickly checked that I was able to access the webmail using their domain name, so the issue was not with the server itself. I logged in to their main server via TS and ran a few tests:
1. Tried to open the webmail page in IE - timed out.
2. Ran ping 204.14.107.1 - host unreachable
3. Ran tracert - died on rtr1.mysphere.biz, one hop before the mail server, see below.
Tracing route to mail.cni-hosting.com [204.14.107.1]
over a maximum of 30 hops:
1 <10 ms <10 ms <10 ms 10.10.10.1
2 17 ms 20 ms 20 ms er1.chi1.speakeasy.net [64.81.140.1]
3 26 ms 13 ms 15 ms 220.ge-0-1-0.cr2.chi1.speakeasy.net [69.17.83.15
3]
4 16 ms 20 ms 84 ms chx-edge-01.inet.qwest.net [63.150.27.97]
5 12 ms 16 ms 13 ms cer-core-01.inet.qwest.net [205.171.139.161]
6 12 ms 15 ms 14 ms cer-brdr-01.inet.qwest.net [205.171.139.58]
7 17 ms 20 ms 20 ms qwest-gw.cgcil.ip.att.net [192.205.32.97]
8 68 ms 70 ms 70 ms tbr2 033901.cgcil.ip.att.net [12.123.4.250]
9 69 ms 66 ms 69 ms tbr2-cl18.dtrmi.ip.att.net [12.122.10.133]
10 66 ms 65 ms 65 ms tbr1-cl1958.attga.ip.att.net [12.122.10.198]
11 65 ms 65 ms 65 ms tbr2-cl1474.ormfl.ip.att.net [12.122.12.122]
12 66 ms 64 ms 66 ms gar1-p360.miufl.ip.att.net [12.123.33.37]
13 64 ms 65 ms 65 ms 12.118.175.82
14 118 ms 108 ms 71 ms border5.pc1.bbnet1.mia003.pnap.net [69.25.0.13]
15 66 ms 70 ms 65 ms webhosting-9.border5.mia003.pnap.net [216.52.162
.66]
16 65 ms 66 ms 64 ms rtr1.m****here.biz [204.10.104.77]
17 * * * Request timed out.
18 * * * Request timed out.
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 * * * Request timed out.
26 * * * Request timed out.
27 * * * Request timed out.
28 * * * Request timed out.
29 * * * Request timed out.
30 * * * Request timed out.
Trace complete.
4. Opened the website at their main domain - no problem there.
5. Logged into their main Netopia router and did not find any reason why that one particular ip would be blocked, no firewall rules, nothing extraordinary in logs.
I chatted with one of Jodo tech support guys about possibility of mail server blocking originating ip, he declined such, but recommended issuing trouble ticket. The trouble ticket returned with confirmation about Jodohost not blocking access to the mail server based on originating ip address.
I suggested client to call their ISP to get their insight. ISP rep put a blame on Jodo. Problem persisted for about 5-7 days then disappeared. Yesterday, just as a follow-up I connected to client's server and was able to access Jodo mail server via http, ping and tracert gave positive results.
Today I received the call - problem resumed. I ran some tests with same results as described above. On top of that I ran a check whether mailserver's ip or client's originating ip are on any RBL - negative there.
My client can receive his business emails from home, so that is not a disaster, but quite major inconvenience. I would hate to loose the client due to the problem beyond my control. Does anybod have any suggestions?
Personally, I see one of three possibilities:
1. The rtr1 router kills any traffic (http, icmp) from my client ip to the mail server - the frewall kind of action.
2. Something is not right in routing tables - in rtr1 or router on the way back from mailserver, so the traffic returning from mailserver dies somewhere along the way back. I have not enough knowlede about routers, but I know that routers have their own protocol for sharing/updating routing tables. That would explain why all the traffic is lost in transit, regardless of port or protocol.
3. One of the routers on the way back blocks the traffic - again firewall type of action.
Has anyone had a similar experience? If so, how the issue was resolved. I appreciate any help.
Robert
Last Thursday I received a phonecall from my client, who complained that for 4 days they cannot receive emails (timeouts in Outlook), neither can access the accounts via webmail on all of their computers in the office. I quickly checked that I was able to access the webmail using their domain name, so the issue was not with the server itself. I logged in to their main server via TS and ran a few tests:
1. Tried to open the webmail page in IE - timed out.
2. Ran ping 204.14.107.1 - host unreachable
3. Ran tracert - died on rtr1.mysphere.biz, one hop before the mail server, see below.
Tracing route to mail.cni-hosting.com [204.14.107.1]
over a maximum of 30 hops:
1 <10 ms <10 ms <10 ms 10.10.10.1
2 17 ms 20 ms 20 ms er1.chi1.speakeasy.net [64.81.140.1]
3 26 ms 13 ms 15 ms 220.ge-0-1-0.cr2.chi1.speakeasy.net [69.17.83.15
3]
4 16 ms 20 ms 84 ms chx-edge-01.inet.qwest.net [63.150.27.97]
5 12 ms 16 ms 13 ms cer-core-01.inet.qwest.net [205.171.139.161]
6 12 ms 15 ms 14 ms cer-brdr-01.inet.qwest.net [205.171.139.58]
7 17 ms 20 ms 20 ms qwest-gw.cgcil.ip.att.net [192.205.32.97]
8 68 ms 70 ms 70 ms tbr2 033901.cgcil.ip.att.net [12.123.4.250]
9 69 ms 66 ms 69 ms tbr2-cl18.dtrmi.ip.att.net [12.122.10.133]
10 66 ms 65 ms 65 ms tbr1-cl1958.attga.ip.att.net [12.122.10.198]
11 65 ms 65 ms 65 ms tbr2-cl1474.ormfl.ip.att.net [12.122.12.122]
12 66 ms 64 ms 66 ms gar1-p360.miufl.ip.att.net [12.123.33.37]
13 64 ms 65 ms 65 ms 12.118.175.82
14 118 ms 108 ms 71 ms border5.pc1.bbnet1.mia003.pnap.net [69.25.0.13]
15 66 ms 70 ms 65 ms webhosting-9.border5.mia003.pnap.net [216.52.162
.66]
16 65 ms 66 ms 64 ms rtr1.m****here.biz [204.10.104.77]
17 * * * Request timed out.
18 * * * Request timed out.
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 * * * Request timed out.
26 * * * Request timed out.
27 * * * Request timed out.
28 * * * Request timed out.
29 * * * Request timed out.
30 * * * Request timed out.
Trace complete.
4. Opened the website at their main domain - no problem there.
5. Logged into their main Netopia router and did not find any reason why that one particular ip would be blocked, no firewall rules, nothing extraordinary in logs.
I chatted with one of Jodo tech support guys about possibility of mail server blocking originating ip, he declined such, but recommended issuing trouble ticket. The trouble ticket returned with confirmation about Jodohost not blocking access to the mail server based on originating ip address.
I suggested client to call their ISP to get their insight. ISP rep put a blame on Jodo. Problem persisted for about 5-7 days then disappeared. Yesterday, just as a follow-up I connected to client's server and was able to access Jodo mail server via http, ping and tracert gave positive results.
Today I received the call - problem resumed. I ran some tests with same results as described above. On top of that I ran a check whether mailserver's ip or client's originating ip are on any RBL - negative there.
My client can receive his business emails from home, so that is not a disaster, but quite major inconvenience. I would hate to loose the client due to the problem beyond my control. Does anybod have any suggestions?
Personally, I see one of three possibilities:
1. The rtr1 router kills any traffic (http, icmp) from my client ip to the mail server - the frewall kind of action.
2. Something is not right in routing tables - in rtr1 or router on the way back from mailserver, so the traffic returning from mailserver dies somewhere along the way back. I have not enough knowlede about routers, but I know that routers have their own protocol for sharing/updating routing tables. That would explain why all the traffic is lost in transit, regardless of port or protocol.
3. One of the routers on the way back blocks the traffic - again firewall type of action.
Has anyone had a similar experience? If so, how the issue was resolved. I appreciate any help.
Robert
