Question HTTP & HTTPS (DNS Server) issue with New /22 Address block

[ZNA]

Hey there,

Kindly help if anybody aware of possible issue.
We have purchase new /22 Address block. created Reverse lookup entries and Advertised with uplink provider, by that new IP's are pingeable and can traceable across internet. but we are not able to browse any website (Http & Https) using new IP subnet

 

[bill001g]

By "using" you mean the web server is hosted on these ip addresses and other people on the internet can not get access?

I would try using the IP addresses rather than the name. It could be a dns issue where your dns entries are not being forwarded to other dns servers properly.

There also could be a firewall in the path that allow ping but does not allow 80 or 443. This would likely be a firewall you control. I would hope if you are hosting servers you have a firewall.

 

[Hello man]

So my networking is a little rusty, but from my understanding you have purchased new external IP addresses. Are these being used for individual systems and the users of those systems don't have access to the internet? Or used for some kind of external client/web access to YOUR servers?

 

[ZNA]

By "using" you mean the web server is hosted on these ip addresses and other people on the internet can not get access?

I would try using the IP addresses rather than the name. It could be a dns issue where your dns entries are not being forwarded to other dns servers properly.

There also could be a firewall in the path that allow ping but does not allow 80 or 443. This would likely be a firewall you control. I would hope if you are hosting servers you have a firewall.

Thank you for the response, this is to clear affected issue. we added new /22 subnet to our network. as a testing we assigned one of the public ip from the range to a laptop, Although we are able to ping each and every website, including google DNS, able to telnet SSH etc. But when it comes to browsing we are not able to access any website. in the background i can see series of warning logs in PRTG, indicating 443 and 80 is unreachable.

 

[bill001g]

There must be a firewall blocking it. Because multiple other protocols work you have good network connectivity. Unfortunately it can be anyplace including the end station opening the web page or the server. It could also be in your main firewall. There is a chance it is in the ISP but it it not likely they block web traffic. I guess if you have checked everything else you call them.

 

[ZNA]

There must be a firewall blocking it. Because multiple other protocols work you have good network connectivity. Unfortunately it can be anyplace including the end station opening the web page or the server. It could also be in your main firewall. There is a chance it is in the ISP but it it not likely they block web traffic. I guess if you have checked everything else you call them.

Appreciate your response,

We turned off all possible firewall and filtering temporarily, open a case with upstream provider, hope to see positive response. i shall update my finding

 

[ZNA]

Hey Guys,

I have able to resolved reported thread in coordination with upstream provider. issue was our provider were announcing /22 subnet were we advertising 4 sets of /24 subnet