[Rack] Fwd: Noisebridge Closed Ports

Jonathan Lassoff jof at thejof.com
Tue Sep 7 00:19:02 PDT 2010


On Tue, Sep 7, 2010 at 12:06 AM, Andy Isaacson <adi at hexapodia.org> wrote:
> On Mon, Sep 06, 2010 at 11:42:25PM -0700, Help (rudy) wrote:
>> >         On 9/2/10 6:19 PM, Iskundar Haddad wrote:
>> >>         Could you guys open up the following ports for noisebridge at
>> your convenience:
>> >>         UDP 1200    (used for friends service)
>> >>         UDP 27000 to 27015 inclusive
>> >>         TCP 27020 to 27039 inclusive
>> >>         TCP 27040 and 27041 only for CyberCafe Owners
>> >>
>> >>         super very much appreciated,
>> >>         -Isky
>>
>> Iskundar,
>>
>> [1] Looking at our firewall, we are blocking NO ports.
>> [2] we are doing natting...
>>     outbound for all your internal IPs maps to: 208.69.40.71
>>     I set the inbound for those ports you listed to map like this:
>>       208.69.40.71 port# --> 192.168.188.130 port#
>>
>> Whoever manages your 192.168.188.130 box at noisebridge can do whatever
>> they want with those inbound packets.
>>
>> As always, please test and make sure I did this properly.  :)
>>
>> Rudy
>>
>>
>>
>> PS, I cc'd Andy as I know him but I don't think I have met you, Iskundar.
>
> Thanks Rudy.
>
> Isky, could you hop on rack at lists.noisebridge.net and discuss what
> you're trying to do?  Me and Jof and Rubin break^H^H^H^H^Hfix most of
> the networking stuff at NB, and I'd prefer we not bug our (completely
> donated!) ISP contacts with random questions.
>
> Most likely what you're running into is something on our Soekris or
> related...

Yes, as far as I can tell, no ports should be outright blocked right now.

Also, the currently configured default ISP is Sonic.net, not Monkeybrains.

The only place I can imagine UDP traffic getting dropped would be from
the queueing rules on the routers/NAT boxes. They prioritize certain
classes of outbound traffic (SSH/TCP port 22, TCP ACKs, Jabber/XMPP,
and AOL IM/OSCAR), and all other traffic is carried as "best effort",
meaning it will be sent if there is room in the outbound queue.
Come to think of it, the queue could probably use a little bit of
tweaking since Dr. J enabled Annex M on the Sonic.net link (giving us
some slightly faster upstream). I'll take a look at that now.

Isky, does it seem like something is breaking or being blocked? What
are you observing?

Cheers,
jof


More information about the Rack mailing list