[tech] [wheel] Outage report, was Re: IMPORTANT: Upcoming UWA planned firewall upgrades (Sun 18/11 & 9/12)

Nick Bannon nick at ucc.gu.uwa.edu.au
Tue Nov 20 12:44:17 AWST 2018 

On Tue, Nov 20, 2018 at 03:59:28AM +0000, Matt Tavani wrote:
> Hi Nick, 
> Nothing reported on IPv6 so far but I believe you guys are the only ones using it. 

Wow!

What is a good core:
  * UWA Crawley campus IPv6 address; and
  * UWA Crawley campus IPv4 address
that I should be able to ping from outside UWA?

DNS servers are usually a good default choice, but I think there's been
some overenthusiastic and not-publically-documented firewalling of those done.

> If you can provide the details below I can get a ticket raised to investigate if there is an issue. Just fill in as much as you can based on what you???re seeing/not seeing. 

Thank you. Can you add our usual contact address as an "external
contact" in the service ticket?

Could you also personally test Cloudflare 1.1.1.1 DNS and raise a similar
issue for that? I imagine firewall rules in general have been held off
until the recent upgrades; however I believe it's been against IETF
recommendations to block that since November 2011.
https://blog.cloudflare.com/announcing-1111/
https://en.wikipedia.org/wiki/Bogon_filtering

> - Affected application/system: Provide name of affected application/system

ICMP, NTP, HTTPS.

> - Brief description of the issue: Provide a brief description of the issue

All testable off-campus IPv6 connectivity broken.

+ hostname
motsugo
+ fping6 -Aen ipv6.google.com ipv6-test.com
syd15s03-in-x0e.1e100.net (2404:6800:4006:804::200e) is unreachable
agaric.t0x.net (2001:41d0:8:e8ad::1) is unreachable

*** The time is: Tue Nov 20 11:00:21 AWST 2018
+ hostname
motsugo
+ fping6 -Aen murasoi ipv6.google.com ipv6-test.com www.facebook.com
murasoi.ucc.gu.uwa.edu.au (2405:3c00:5200:100::1) is alive (0.27 ms)
syd15s04-in-x0e.1e100.net (2404:6800:4006:805::200e) is unreachable
agaric.t0x.net (2001:41d0:8:e8ad::1) is unreachable
edge-star-mini6-shv-01-syd2.facebook.com (2a03:2880:f119:8083:face:b00c:0:25de) is unreachable

> - Time of when tested: Provide time in HH:MM AM/PM format when this was tested

Since: Tuesday 2018-11-20 00:00 AM , UTC+0800
Ongoing at: Tuesday 2018-11-20 12:30 PM , UTC+0800

> - From (Source of the connection): Provide hostname and/or IP address of connection origin

motsugo.ucc.gu.uwa.edu.au. 3600 IN      AAAA    2405:3c00:5200:100::7
(also known as motsugo.ucc.gu.uwa.edu.au. 3600 IN      A       130.95.13.7)

> - To (Destination of the connection): Provide hostname or IP address of the connection destination

syd15s04-in-x0e.1e100.net (2404:6800:4006:805::200e)
agaric.t0x.net (2001:41d0:8:e8ad::1)
edge-star-mini6-shv-01-syd2.facebook.com (2a03:2880:f119:8083:face:b00c:0:25de)

> - Ports or Services: Provide ports for the connection

All testable connectivity down.
ICMP service. (ICMP echo request/reply, does not have a TCP/UDP port number)
Expected firewalling: zero: all IPv6 to or from the UCC firewall host, any IP protocol.

( Also, NTP port 123 to host murasoi.ucc.gu.uwa.edu.au , for example )

> - Reporter: Name and phone of the person reporting the incident

UCC Wheel Group, 08 6488 3901.
(you can also contact me personally as a backup, but please direct
 primary technical followups to our standard email, as usual)

Thank you,
Nick.
wheel at ucc.gu.uwa.edu.au

-- 
   Nick Bannon   | "I made this letter longer than usual because
nick-sig at rcpt.to | I lack the time to make it shorter." - Pascal

More information about the tech mailing list