[Haifux] Router question

Kohn Emil Dan emild at cs.technion.ac.il
Mon Oct 18 03:38:37 MSD 2010


Hi,

I am also connected to Bezeq Beinleumi (actually 'upgraded' to it after 
Actcom's demise). I have tried your gpg command, and I found IMO some 
interesting results.

Doing an nslookup on subkeys.pgp.net reveals that this host has a number 
of IP addresses:

$ nslookup
Note:  nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead.  Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.
>
> subkeys.pgp.net
Server:         10.71.0.138
Address:        10.71.0.138#53

Non-authoritative answer:
Name:   subkeys.pgp.net
Address: 114.31.78.196
Name:   subkeys.pgp.net
Address: 208.72.157.55
Name:   subkeys.pgp.net
Address: 195.113.19.83
Name:   subkeys.pgp.net
Address: 213.239.206.174
Name:   subkeys.pgp.net
Address: 213.239.212.133
Name:   subkeys.pgp.net
Address: 64.71.173.107


I tried your gpg command using the host name subkeys.pgp.net and then 
with each IP address instead of the host name.

Using the host name subkeys.pgp.net causes the command to hang (I guess 
because the command tries only the first IP address).
The command succeeds if using the IP addresses 208.72.157.55 and 
195.113.19.83 while it fails for the rest of the addresses. For the last 
IP address (i.e. 64.71.173.107) causes the command to fail with "No route 
to host", while with the rest of the "problematic" addresses it just hangs


 							Regards,
 								Emil
On Sat, 16 Oct 2010, Ohad Lutzky wrote:

> Hello everyone,
> I have a Linksys DSL-2760u router/DSL modem, using a Wow (Bezeq) connection
> to the Bezeq International ISP. It seems that various outgoing ports are
> blocked - HTTP, HTTPS, bittorrent and SSH work well enough, but - for
> example - I can't download Android apps from the Market. Easier to test, I
> can't download PGP public keys. For example:
> 
> gpg -v -v --keyserver subkeys.pgp.net --recv F120156012B83718
> gpg: requesting key 12B83718 from hkp server subkeys.pgp.net
> 
> This hangs indefinitely. So does this:
> telnet subkeys.pgp.net 11371
> Trying 195.113.19.83...
> 
> The same occurs for other keyservers, git-protocol, and various other
> "unconventional" high-port usage. I've gone over the router settings,
> disabled its firewall (but not NAT, which I need), added my machine to the
> DMZ (this actually seems to help, sometimes, for git - and even then, only
> once), tried port triggering... I can't get a consistent result.
> 
> I should note that this issue only exists for *outgoing* ports. I have no
> problem mapping *incoming* ports (such as my openssh server or bittorrent
> web interface).
> 
> --
> Man is the only animal that laughs and weeps, for he is the only animal that
> is struck with the difference between what things are and what they ought to
> be.
>  - William Hazlitt
> 
> Ohad Lutzky
> 
>


More information about the Haifux mailing list