Community Forums

ok,  bottom line is you're trying to get ATT mail thru a spectrum connection?

I think you need to contact them since their site has a DNS lookup issue or incorrect entry.

I assume you cleared your DNS cache and tried a non TWC/ DNS like 8.8.8.8

websitesmail.att.com

This is an externally hosted mail acount that 'should' be accessable from anywhere.

Notice that all the tests were done via IP, not DNS names.

Oh, and by the way:

[root@Nethserver ~]# dig @8.8.8.8 +short webhosting.att.com
sushi.carrierzone.com.
66.175.49.6
[root@Nethserver ~]# dig @8.8.8.8 +short websitesmail.att.com
websitesmailc45.carrierzone.com.
216.55.149.49
[root@Nethserver ~]#
[root@Nethserver ~]# dig @209.18.47.62 +short webhosting.att.com
sushi.carrierzone.com.
66.175.49.6
[root@Nethserver ~]# dig @209.18.47.62 +short websitesmail.att.com
websitesmailc45.carrierzone.com.
216.55.149.49
[root@Nethserver ~]#

Cheers.

As far as I know, the DNS is where the routing table  is created... Domain Names or IP addresses.

If there's no dns, nothing gets anywhere. Your tracert's are showing domain names, not straight IP's, if one is bad, "whois" it and contact them to update routing info:

NetRange:       216.55.144.0 - 216.55.159.255
CIDR:           216.55.144.0/20
NetName:        MEGA-8
NetHandle:      NET-216-55-144-0-1
Parent:         NET216 (NET-216-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       AS30447
Organization:   InternetNamesForBusiness.com (INFB)
RegDate:        1999-05-27
Updated:        2012-02-24
Ref:            https://whois.arin.net/rest/net/NET-216-55-144-0-1


OrgName:        InternetNamesForBusiness.com
OrgId:          INFB
Address:        110 East Broward Blvd
Address:        Suite 1650
City:           Fort Lauderdale
StateProv:      FL
PostalCode:     33301
Country:        US
RegDate:        
Updated:        2017-01-28
Ref:            https://whois.arin.net/rest/org/INFB


OrgAbuseHandle: ZI51-ARIN
OrgAbuseName:   InternetNamesForBusiness
OrgAbusePhone:  +1-800-322-9438 
OrgAbuseEmail:  admin@internetnamesforbusiness.com
OrgAbuseRef:    https://whois.arin.net/rest/poc/ZI51-ARIN

---

@MsRaye wrote:

As far as I know, the DNS is where the routing table  is created... Domain Names or IP addresses.

If there's no dns, nothing gets anywhere. Your tracert's are showing domain names, not straight IP's, if one is bad, "whois" it and contact them to update routing info:

---

All internet routing is via IPs.  The only time DNS is involved, in normal routing, is to convert the destination host name to an IP before the packet is sent out to the router used as the gateway.  All routing from that point onward is only via IP, because that's all that the packet contains (well, it does contain a little more data ) and definitely not any host name information.

If you look at the traceroute, it does show the IP of the router involved.  It's the traceroute program that's trying to be helpful, by using a DNS reverse look-up, to convert that back to it's DNS name to make the output more readable.

Cheers.

1. based on your telnet results the end points are either unreachable due to routing or other network issues or the response is not returning to your host. The data does not indicate which direction has the problems.
2. The destinations could be blocked by a network protection device  along the way if some bad behavior was detected and the network device blocked those addresses. Think denial of service, high rate tcp/udp traffic, etc. These blocks may be of temporary duration, minutes to hours.
3. traceroute is a very limited tool. see notes below for more.
4. suggestion: use the vpn method and check later on status.

mtr, winmtr, traceroute, tracert

• mtr on linux (opensuse)
• sends icmp ping requests to target ip with incrementing ttl values starting at 1
• intermediate nodes decrement ttl and if zero do not forward ping icmp request but respond with “ttl exceeded” message.
• target ip responds with ping reply when presented with ping request.
• traceroute on linux (opensuse)
• sends 3 udp packets to target ip with incrementing ttl values starting at 1
• intermediate nodes decrement ttl and if zero do not forward udp packet but respond with “ttl exceeded” message.
• target ip responds with icmp, type 3, code 3, destination unreachable, port unreachable. (host response if  process port is not active)
• more points on traceroute
• traceroute only does ping, if using icmp, on the target ip address. all intermediate addresses are responding with a status message - TTL exceeded, usually a low priority message and usually handled by software as opposed to the hardware that is forwarding packets, the primary function of router.
• traceroute is only reveals 1/2 the round trip, the outbound ip addresses. to get a sense of inbound path, do a traceroute from an online server, location dependent.
• to get a better sense of any single ip address, do a ping to that address with a 100 count. On linux systems, there are ping parameters that can issue pings as soon as a previous ping response is received, not flooding the target but not waiting either.
• general packet loss interpretation.
• if packet loss does not continue or rise on subsequent hops the hop/router in question is doing its job of forwarding packets.
• return path of packets is not revealed by traceroute or ping plotter. packets from hop in question may be using different return path than target ip.
• routers along path except for target ip normally will respond with "ttl exceeded" messages, as required by tools traceroute and  ping plotter, but the lack of a response does not indicate a problem if target ip does not have packet loss.

@redrock

Yeah, I fully understand the problems with telnet and, particularly traceroute, with trying to debug a routing issue and also how both programs work internally, hence my comment (a) at the start of the thread.  Yes, I'm going with (4) until I can get this resolved, but that causes a couple of other issues.

With regard to my comment (b).  If there are any Spectrum folks monitoring this, I would like to throw out some kudos  to the people I spoke to earlier today.  Firstly, the first line tech, who after I diverted him away from his script, "The first thing I need to do is reboot your modem", with a "no way in h*ll", understood that he was out of his depth and transferred my to a network technician who, even after validating at his end that the web site was unreachable, waited on the phone while I e-mailed my results to him, to ensure that we were both seeing the exact same routing issue, before escalating it further.  I'll be the first to admit that I was truly surprised that I was able to get, so easily, to a qualified network person who fully understood the issue.

Cheers.

@EddieA,

I am interested in what you and network tech discovered, with details as to why/what caused the end site to be unreachable.

Thanks for the other feedback also.

As a very-long-time subscriber to a former AT&T regional company for my email service, I've recently been subjected to many shuffles and redirects. Incoming emails go through reroutes between AT&T dba SBCGlobal, Yahoo.com, and Verizon hiding up in the ceiling somewhere. 

In my case they moved my existing SBCGlobal mail records prior to Dec 20 to a Yahoo account name, but the new incoming messages still go to SBCGlobal.  They refuse to move my older messages back to the SBCGlobal account. 

Anyhow, based on that you may find it beneficial to use site names for AT&T rather than IP addresses, so the DNS can "correctly" route your session traffic to the IP address of your latest mail server as found in the IXP gateway's DNS records. 

Why is everyone focusing on DNS.  It's a routing issue.

@redrock

The network tech was goint to escalate to the responsible parties for: 

bu-ether45.chctilwc00w-bcr00.tbone.rr.com (107.14.19.36)

To investigate the rules, although that didn't appear to be the "stall point", but for the odd time it did work correctly, that hop reacted the opposite way around, so appeared to be suspect:

[root@Nethserver ~]# traceroute  216.55.149.49
traceroute to 216.55.149.49 (216.55.149.49), 30 hops max, 60 byte packets
 1  142.254.237.37 (142.254.237.37)  8.694 ms  8.166 ms  8.634 ms
-- snip --
 6  bu-ether45.chctilwc00w-bcr00.tbone.rr.com (107.14.19.36)  18.510 ms  18.394 ms  13.135 ms
 7  xe-9-3-0.edge4.Frankfurt1.level3.net (4.68.111.101)  12.329 ms  13.778 ms  13.289 ms
 

[root@Nethserver ~]# traceroute  66.175.49.6
traceroute to 66.175.49.6 (66.175.49.6), 30 hops max, 60 byte packets
 1  142.254.237.37 (142.254.237.37)  6.772 ms  8.468 ms  8.458 ms
-- snip --
 6  bu-ether45.chctilwc00w-bcr00.tbone.rr.com (107.14.19.36)  13.899 ms bu-ether11.tustca4200w-bcr00.tbone.rr.com (66.109.6.5)  15.990 ms  18.769 ms\

So far I haven't heard anything back from them.

However, starting Tuesday, I started to see the .mil sites I mentioned earlier re-appear as a hard issue, which is a real pain, as I need to access those to work.  Again, it's not all .mil either.  And the point in the path where these diverge from the traceroutes pasted here is after this hop:

lsancarc0yw-bcr00.tbone.rr.com

So I'm at a total loss as to why these seem to be interconnected.

Since then I have tried twice to reach out to the same team as I was originally routed to, but all I get now is the stone-wall treatment from first-level support.  So, I guess I retract my views on the service now.

Cheers.