inctpc-list@list.cityoftacoma.org

Members of Intergovernmental Network Consortium of Tacoma-Pierce County

View all threads

ACL Changes Last Friday

WK
Wiebe, Ken
Mon, Jun 1, 2015 11:54 PM

All,

Last Friday (May 29) City of Tacoma was advised by City of Seattle that Seattle lost access to Tacoma public servers (131.191.254.0/24) from Seattle (156.74.250.0/23).  Troubleshooting at the time eventually showed the problem was due to Tacoma picking up the route to 156.74.0.0 from INCTPC, with Seattle still routing to Tacoma via the Internet.  The temporary fix for us was a static route to put the Tacoma-to-Seattle traffic back on the Internet (I assume that's where it was going prior to the change that happened Friday morning).

So, I might be missing something here, but last week when I read the emails about the ACL change, my read of the situation was that something broke a couple of weeks ago involving a couple of King County networks, and in order to fix the situation, last week it was decided that an ACL would be removed.  So my thought process was, "I don't know of anyone in the city accessing these networks, and if access to them is currently broken for at least some networks, and a fix has been identified, then the fix should be pursued."

I guess this is kind of the usual story when it comes to State/INCTPC route advertisements and ACL's:  Fix one thing, break a different thing.

Anyway, I thought you might be interested in this.  Any thoughts?  I really don't like the idea of maintaining static routes.  I also have no idea whether something else might be broken and I just don't know about it yet.

Please let me know if you have any questions or if I may have missed or misinterpreted something.  Thanks in advance for your comments.

Ken Wiebe
City of Tacoma
Network Transport Group Lead
(253) 502-2226

All, Last Friday (May 29) City of Tacoma was advised by City of Seattle that Seattle lost access to Tacoma public servers (131.191.254.0/24) from Seattle (156.74.250.0/23). Troubleshooting at the time eventually showed the problem was due to Tacoma picking up the route to 156.74.0.0 from INCTPC, with Seattle still routing to Tacoma via the Internet. The temporary fix for us was a static route to put the Tacoma-to-Seattle traffic back on the Internet (I assume that's where it was going prior to the change that happened Friday morning). So, I might be missing something here, but last week when I read the emails about the ACL change, my read of the situation was that something broke a couple of weeks ago involving a couple of King County networks, and in order to fix the situation, last week it was decided that an ACL would be removed. So my thought process was, "I don't know of anyone in the city accessing these networks, and if access to them is currently broken for at least some networks, and a fix has been identified, then the fix should be pursued." I guess this is kind of the usual story when it comes to State/INCTPC route advertisements and ACL's: Fix one thing, break a different thing. Anyway, I thought you might be interested in this. Any thoughts? I really don't like the idea of maintaining static routes. I also have no idea whether something else might be broken and I just don't know about it yet. Please let me know if you have any questions or if I may have missed or misinterpreted something. Thanks in advance for your comments. Ken Wiebe City of Tacoma Network Transport Group Lead (253) 502-2226