[Haifux] Router question

Ohad Lutzky ohad at lutzky.net
Mon Oct 18 16:23:46 MSD 2010


What do you guys think about this issue? I want to say that it's pressing,
but:

1. This is the only remaining problematic protocol for me. SSH works
perfectly, and git works just as well over HTTP nowadays, if I'm not
mistaken.
2. It seems unnecessary, in my opinion, for this protocol to exist - it
should just be done over HTTP.

However, network neutrality is always important, and Bezeq International's
claims of "we don't block any ports" become problematic (albeit technically
true). Is there anything that can be done about this?

On Mon, Oct 18, 2010 at 1:38 AM, Kohn Emil Dan <emild at cs.technion.ac.il>wrote:

> Hi,
>
> I am also connected to Bezeq Beinleumi (actually 'upgraded' to it after
> Actcom's demise). I have tried your gpg command, and I found IMO some
> interesting results.
>
> Doing an nslookup on subkeys.pgp.net reveals that this host has a number
> of IP addresses:
>
> $ nslookup
> Note:  nslookup is deprecated and may be removed from future releases.
> Consider using the `dig' or `host' programs instead.  Run nslookup with
> the `-sil[ent]' option to prevent this message from appearing.
>
>>
>> subkeys.pgp.net
>>
> Server:         10.71.0.138
> Address:        10.71.0.138#53
>
> Non-authoritative answer:
> Name:   subkeys.pgp.net
> Address: 114.31.78.196
> Name:   subkeys.pgp.net
> Address: 208.72.157.55
> Name:   subkeys.pgp.net
> Address: 195.113.19.83
> Name:   subkeys.pgp.net
> Address: 213.239.206.174
> Name:   subkeys.pgp.net
> Address: 213.239.212.133
> Name:   subkeys.pgp.net
> Address: 64.71.173.107
>
>
> I tried your gpg command using the host name subkeys.pgp.net and then with
> each IP address instead of the host name.
>
> Using the host name subkeys.pgp.net causes the command to hang (I guess
> because the command tries only the first IP address).
> The command succeeds if using the IP addresses 208.72.157.55 and
> 195.113.19.83 while it fails for the rest of the addresses. For the last IP
> address (i.e. 64.71.173.107) causes the command to fail with "No route to
> host", while with the rest of the "problematic" addresses it just hangs
>
>
>                                                        Regards,
>                                                                Emil
>
> On Sat, 16 Oct 2010, Ohad Lutzky wrote:
>
>  Hello everyone,
>> I have a Linksys DSL-2760u router/DSL modem, using a Wow (Bezeq)
>> connection
>> to the Bezeq International ISP. It seems that various outgoing ports are
>> blocked - HTTP, HTTPS, bittorrent and SSH work well enough, but - for
>> example - I can't download Android apps from the Market. Easier to test, I
>> can't download PGP public keys. For example:
>>
>> gpg -v -v --keyserver subkeys.pgp.net --recv F120156012B83718
>> gpg: requesting key 12B83718 from hkp server subkeys.pgp.net
>>
>> This hangs indefinitely. So does this:
>> telnet subkeys.pgp.net 11371
>> Trying 195.113.19.83...
>>
>> The same occurs for other keyservers, git-protocol, and various other
>> "unconventional" high-port usage. I've gone over the router settings,
>> disabled its firewall (but not NAT, which I need), added my machine to the
>> DMZ (this actually seems to help, sometimes, for git - and even then, only
>> once), tried port triggering... I can't get a consistent result.
>>
>> I should note that this issue only exists for *outgoing* ports. I have no
>> problem mapping *incoming* ports (such as my openssh server or bittorrent
>> web interface).
>>
>> --
>> Man is the only animal that laughs and weeps, for he is the only animal
>> that
>> is struck with the difference between what things are and what they ought
>> to
>> be.
>>  - William Hazlitt
>>
>> Ohad Lutzky
>>
>>


-- 
Man is the only animal that laughs and weeps, for he is the only animal that
is struck with the difference between what things are and what they ought to
be.
 - William Hazlitt

Ohad Lutzky
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://haifux.org/pipermail/haifux/attachments/20101018/6e7b039d/attachment.html 


More information about the Haifux mailing list