<div dir="ltr"><div>The Verizon Wireless network seems to be the same.</div><div><a href="https://imgur.com/a/fw6X9ZY">https://imgur.com/a/fw6X9ZY</a><br></div><br><div class="gmail_quote"><div dir="ltr">On Wed, May 16, 2018 at 8:17 AM Matthew Glennon <matthew@glennon.online> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>My relay exhibits the same results on AS701, MCI Communications Services, Inc. d/b/a Verizon Business</div><div><a href="https://metrics.torproject.org/rs.html#details/924B24AFA7F075D059E8EEB284CC400B33D3D036" target="_blank">https://metrics.torproject.org/rs.html#details/924B24AFA7F075D059E8EEB284CC400B33D3D036</a><br></div><div><br></div><div><div>matthew@freedom:~$ traceroute 86.59.21.38</div></div></div><div dir="ltr"><div><div>traceroute to 86.59.21.38 (86.59.21.38), 30 hops max, 60 byte packets</div></div></div><div dir="ltr"><div><div> 1 <a href="http://lo0-100.RCMDVA-VFTTP-307.verizon-gni.net" target="_blank">lo0-100.RCMDVA-VFTTP-307.verizon-gni.net</a> (96.253.78.1) 4.340 ms 4.297 ms 4.273 ms</div><div> 2 <a href="http://B3307.RCMDVA-LCR-22.verizon-gni.net" target="_blank">B3307.RCMDVA-LCR-22.verizon-gni.net</a> (130.81.24.74) 3.854 ms 4.156 ms 8.609 ms</div><div> 3 * * *</div></div></div><div dir="ltr"><div><div> 4 * * *</div><div> 5 * * *</div><div> 6 * * *</div><div> 7 * * *</div><div> 8 * * *</div><div> 9 * * *</div></div></div><div dir="ltr"><div><div>10 * * *</div><div>11 * * *</div><div>12 * * *</div><div>13 * * *</div><div>14 * * *</div><div>15 * * *</div><div>16 * * *</div><div>17 * * *</div><div>18 * * *</div><div>19 * * *</div><div>20 * * *</div><div>21 * * *</div><div>22 * * *</div><div>23 * * *</div><div>24 * * *</div><div>25 * * *</div><div>26 * * *</div><div>27 * * *</div><div>28 * * *</div><div>29 * * *</div><div>30 * * *</div></div><div><br></div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr">On Tue, May 15, 2018 at 9:18 PM Shawn Webb <<a href="mailto:shawn.webb@hardenedbsd.org" target="_blank">shawn.webb@hardenedbsd.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On Tue, May 15, 2018 at 08:12:50PM -0400, Neel Chauhan wrote:<br>
> Hi tor-relays mailing list,<br>
> <br>
> I have noticed that the Tor consensus server tor26 (<a href="https://metrics.torproject.org/rs.html#details/847B1F850344D7876491A54892F904934E4EB85D" rel="noreferrer" target="_blank">https://metrics.torproject.org/rs.html#details/847B1F850344D7876491A54892F904934E4EB85D</a>)<br>
> is blocked on Verizon's UUNET (AS701) backbone, and therefore, Verizon's<br>
> retail services like FiOS and Wireless. I can confirm this on FiOS, but I<br>
> don't use Verizon Wireless (my smartphone uses Sprint) so I can't test it<br>
> there.<br>
> <br>
> A traceroute to tor26's IP address 86.59.21.38 from a Brooklyn apartment<br>
> shows this is filtered on Verizon's backbone:<br>
> <br>
> neel@xb2:~ % traceroute 86.59.21.38<br>
> traceroute to 86.59.21.38 (86.59.21.38), 64 hops max, 40 byte packets<br>
> 1 unknown (192.168.1.1) 1.128 ms 0.780 ms 0.613 ms<br>
> 2 <a href="http://lo0-100.NYCMNY-VFTTP-401.verizon-gni.net" rel="noreferrer" target="_blank">lo0-100.NYCMNY-VFTTP-401.verizon-gni.net</a> (173.68.77.1) 1.001 ms 3.632<br>
> ms 0.900 ms<br>
> 3 <a href="http://B3401.NYCMNY-LCR-22.verizon-gni.net" rel="noreferrer" target="_blank">B3401.NYCMNY-LCR-22.verizon-gni.net</a> (100.41.137.96) 2.291 ms<br>
> <a href="http://B3401.NYCMNY-LCR-21.verizon-gni.net" rel="noreferrer" target="_blank">B3401.NYCMNY-LCR-21.verizon-gni.net</a> (100.41.137.94) 3.172 ms 4.046 ms<br>
> 4 * * *<br>
> 5 * * *<br>
> 6 * * *<br>
> 7 * * *<br>
> 8 * * *<br>
> 9 * * *<br>
> ^C<br>
> neel@xb2:~ %<br>
> <br>
> In a normal traceroute, you will see <a href="http://ALTER.NET" rel="noreferrer" target="_blank">ALTER.NET</a> at hop 5. Also, the subnet<br>
> <a href="http://86.59.21.0/24" rel="noreferrer" target="_blank">86.59.21.0/24</a> is not filtered on UUNET. A traceroute to 86.59.21.1 works:<br>
> <br>
> neel@xb2:~ % traceroute 86.59.21.1<br>
> traceroute to 86.59.21.1 (86.59.21.1), 64 hops max, 40 byte packets<br>
> 1 unknown (192.168.1.1) 0.863 ms 0.757 ms 0.579 ms<br>
> 2 <a href="http://lo0-100.NYCMNY-VFTTP-401.verizon-gni.net" rel="noreferrer" target="_blank">lo0-100.NYCMNY-VFTTP-401.verizon-gni.net</a> (173.68.77.1) 1.010 ms 1.545<br>
> ms 1.034 ms<br>
> 3 <a href="http://B3401.NYCMNY-LCR-22.verizon-gni.net" rel="noreferrer" target="_blank">B3401.NYCMNY-LCR-22.verizon-gni.net</a> (100.41.137.96) 3.616 ms<br>
> <a href="http://B3401.NYCMNY-LCR-21.verizon-gni.net" rel="noreferrer" target="_blank">B3401.NYCMNY-LCR-21.verizon-gni.net</a> (100.41.137.94) 5.696 ms 10.062 ms<br>
> 4 * * *<br>
> 5 <a href="http://0.et-5-1-5.BR3.NYC4.ALTER.NET" rel="noreferrer" target="_blank">0.et-5-1-5.BR3.NYC4.ALTER.NET</a> (140.222.2.127) 3.492 ms 3.506 ms 2.996<br>
> ms<br>
> 6 204.255.168.118 (204.255.168.118) 8.462 ms 7.479 ms 7.252 ms<br>
> 7 144.232.4.84 (144.232.4.84) 5.041 ms 4.688 ms<br>
> <a href="http://sl-crs3-lon-0-6-3-0.sprintlink.net" rel="noreferrer" target="_blank">sl-crs3-lon-0-6-3-0.sprintlink.net</a> (144.232.9.165) 71.865 ms<br>
> 8 <a href="http://sl-crs2-lon-0-0-3-0.sprintlink.net" rel="noreferrer" target="_blank">sl-crs2-lon-0-0-3-0.sprintlink.net</a> (213.206.128.181) 72.214 ms 73.579<br>
> ms 72.339 ms<br>
> 9 213.206.129.142 (213.206.129.142) 81.390 ms<br>
> <a href="http://sl-crs4-ams-0-7-0-3.sprintlink.net" rel="noreferrer" target="_blank">sl-crs4-ams-0-7-0-3.sprintlink.net</a> (213.206.129.139) 85.854 ms 93.238<br>
> ms<br>
> 10 217.149.47.46 (217.149.47.46) 79.004 ms 85.669 ms 79.392 ms<br>
> 11 <a href="http://ams5-core-1.bundle-ether1.tele2.net" rel="noreferrer" target="_blank">ams5-core-1.bundle-ether1.tele2.net</a> (130.244.82.54) 86.507 ms 78.374<br>
> ms 77.740 ms<br>
> 12 <a href="http://ams-core-2.bundle-ether9.tele2.net" rel="noreferrer" target="_blank">ams-core-2.bundle-ether9.tele2.net</a> (130.244.82.57) 79.642 ms 77.926 ms<br>
> 81.515 ms<br>
> 13 <a href="http://wen3-core-2.bundle-ether15.tele2.net" rel="noreferrer" target="_blank">wen3-core-2.bundle-ether15.tele2.net</a> (130.244.71.47) 105.400 ms<br>
> 105.089 ms 109.751 ms<br>
> 14 <a href="http://tele2at-bundle2-vie3.net.uta.at" rel="noreferrer" target="_blank">tele2at-bundle2-vie3.net.uta.at</a> (212.152.189.65) 122.716 ms 110.820 ms<br>
> 114.354 ms<br>
> 15 86.59.21.1 (86.59.21.1) 106.389 ms * 105.379 ms<br>
> neel@xb2:~ %<br>
> <br>
> I got in contact with Peter Palfrader and he says he couldn't help, and also<br>
> with Verizon FiOS support and they said the filtering 'isn't on Verizon's<br>
> network' (read: isn't on Verizon's internal FiOS network but still on<br>
> Verizon's AS701 which I have to go to to get anywhere on the Internet here).<br>
> <br>
> I know that this IP could have been blackholed, and you may think that if<br>
> Verizon is blocking it, then isn't Level 3 or Cogent? Well, Cogent doesn't<br>
> block tor26:<br>
> <br>
> traceroute to 86.59.21.38 (86.59.21.38), 30 hops max, 60 byte packets<br>
> 1 <a href="http://gi0-1-1-19.5.agr21.jfk02.atlas.cogentco.com" rel="noreferrer" target="_blank">gi0-1-1-19.5.agr21.jfk02.atlas.cogentco.com</a> (66.28.3.113) 0.727 ms<br>
> 0.727 ms<br>
> 2 <a href="http://be2605.ccr41.jfk02.atlas.cogentco.com" rel="noreferrer" target="_blank">be2605.ccr41.jfk02.atlas.cogentco.com</a> (154.54.1.153) 2.177 ms<br>
> <a href="http://be2606.ccr42.jfk02.atlas.cogentco.com" rel="noreferrer" target="_blank">be2606.ccr42.jfk02.atlas.cogentco.com</a> (154.54.2.29) 0.734 ms<br>
> 3 <a href="http://be2490.ccr42.lon13.atlas.cogentco.com" rel="noreferrer" target="_blank">be2490.ccr42.lon13.atlas.cogentco.com</a> (154.54.42.86) 68.557 ms<br>
> <a href="http://be2317.ccr41.lon13.atlas.cogentco.com" rel="noreferrer" target="_blank">be2317.ccr41.lon13.atlas.cogentco.com</a> (154.54.30.186) 70.829 ms<br>
> 4 <a href="http://be12488.ccr42.ams03.atlas.cogentco.com" rel="noreferrer" target="_blank">be12488.ccr42.ams03.atlas.cogentco.com</a> (130.117.51.42) 74.570 ms<br>
> <a href="http://be12194.ccr41.ams03.atlas.cogentco.com" rel="noreferrer" target="_blank">be12194.ccr41.ams03.atlas.cogentco.com</a> (154.54.56.94) 76.767 ms<br>
> 5 <a href="http://be2434.agr21.ams03.atlas.cogentco.com" rel="noreferrer" target="_blank">be2434.agr21.ams03.atlas.cogentco.com</a> (130.117.2.241) 74.515 ms 74.612<br>
> ms<br>
> 6 149.6.129.250 (149.6.129.250) 80.758 ms 74.625 ms<br>
> 7 <a href="http://ams5-core-1.bundle-ether1.tele2.net" rel="noreferrer" target="_blank">ams5-core-1.bundle-ether1.tele2.net</a> (130.244.82.54) 75.421 ms 75.425<br>
> ms<br>
> 8 <a href="http://ams-core-2.bundle-ether9.tele2.net" rel="noreferrer" target="_blank">ams-core-2.bundle-ether9.tele2.net</a> (130.244.82.57) 74.516 ms 74.558 ms<br>
> 9 <a href="http://wen3-core-2.bundle-ether15.tele2.net" rel="noreferrer" target="_blank">wen3-core-2.bundle-ether15.tele2.net</a> (130.244.71.47) 97.605 ms 95.470<br>
> ms<br>
> 10 <a href="http://tele2at-bundle2-vie3.net.uta.at" rel="noreferrer" target="_blank">tele2at-bundle2-vie3.net.uta.at</a> (212.152.189.65) 100.314 ms 97.947 ms<br>
> 11 86.59.118.145 (86.59.118.145) 96.918 ms 98.620 ms<br>
> 12 <a href="http://tor.noreply.org" rel="noreferrer" target="_blank">tor.noreply.org</a> (86.59.21.38) 97.853 ms 98.110 ms<br>
> <br>
> (Source: <a href="http://www.cogentco.com/en/network/looking-glass" rel="noreferrer" target="_blank">http://www.cogentco.com/en/network/looking-glass</a>)<br>
> <br>
> It could be possible that other Tier 1 networks formerly blocked tor26, and<br>
> also unblocked, but Verizon was sloppy not to do so.<br>
> <br>
> It's also possible that Verizon could be doing it because the FCC repealed<br>
> Net Neturality, and wants to discourage use of Tor to mine FiOS/VZW<br>
> customers' browsing habits. But despite a NN repeal I can still access Tor<br>
> on FiOS, and also run a relay (I do both) because other consensus relays are<br>
> still unblocked.<br>
> <br>
> But if Verizon didn't unblock tor26, could it actually mean that Verizon<br>
> wants to discourage Tor (and VPN/proxy) use to try to mine information of<br>
> their customers (and sell ads/information) and direct users to VZ-owned AOL<br>
> and Yahoo? Well, I hope they were just sloppy and don't mean to wage war on<br>
> Tor.<br>
> <br>
> While I'm not saying you should avoid using anything Verizon at all costs (I<br>
> certainly wouldn't want to go to the local cable company), I just want to<br>
> point out a blocked consensus server.<br>
<br>
I'm seeing the same thing from the greater Baltimore, MD area:<br>
<br>
traceroute to 86.59.21.38 (86.59.21.38), 64 hops max, 40 byte packets<br>
1 172.16.3.1 (172.16.3.1) 0.172 ms 0.162 ms 0.115 ms<br>
2 <a href="http://lo0-100.BLTMMD-VFTTP-323.verizon-gni.net" rel="noreferrer" target="_blank">lo0-100.BLTMMD-VFTTP-323.verizon-gni.net</a> (100.16.216.1) 23.228 ms 7.782 ms 2.901 ms<br>
3 <a href="http://B3323.BLTMMD-LCR-22.verizon-gni.net" rel="noreferrer" target="_blank">B3323.BLTMMD-LCR-22.verizon-gni.net</a> (100.41.222.240) 2.982 ms<br>
<a href="http://B3323.BLTMMD-LCR-21.verizon-gni.net" rel="noreferrer" target="_blank">B3323.BLTMMD-LCR-21.verizon-gni.net</a> (100.41.222.238) 1.702 ms<br>
<a href="http://B3323.BLTMMD-LCR-22.verizon-gni.net" rel="noreferrer" target="_blank">B3323.BLTMMD-LCR-22.verizon-gni.net</a> (100.41.222.240) 7.756 ms<br>
4 * * *<br>
<br>
100.41.222.240 is AS19262.<br>
<br>
Thanks,<br>
<br>
-- <br>
Shawn Webb<br>
Cofounder and Security Engineer<br>
HardenedBSD<br>
<br>
Tor-ified Signal: <a href="tel:(443)%20546-8752" value="+14435468752" target="_blank">+1 443-546-8752</a><br>
Tor+XMPP+OTR: lattera@is.a.hacker.sx<br>
GPG Key ID: 0x6A84658F52456EEE<br>
GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE<br>
_______________________________________________<br>
tor-relays mailing list<br>
<a href="mailto:tor-relays@lists.torproject.org" target="_blank">tor-relays@lists.torproject.org</a><br>
<a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays" rel="noreferrer" target="_blank">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a><br>
</blockquote></div>-- <br><div dir="ltr" class="m_-1946383125946861487m_8563702850192749786gmail_signature" data-smartmail="gmail_signature"><div dir="ltr">Matthew Glennon<div>matthew@glennon.online</div><div>PGP Signing Available Upon Request<br><a href="https://keybase.io/crazysane" target="_blank">https://keybase.io/crazysane</a><br></div></div></div></blockquote></div></div>-- <br><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr">Matthew Glennon<div>matthew@glennon.online</div><div>PGP Signing Available Upon Request<br><a href="https://keybase.io/crazysane">https://keybase.io/crazysane</a><br></div></div></div>