W3.org site not accessible; Whitelist Zscaler Ip address range from Suman Rawat on 2020-12-10 (site-comments@w3.org from December 2020)

From: Suman Rawat <srawat@zscaler.com>
Date: Thu, 10 Dec 2020 14:38:04 +0530
To: site-comments@w3.org, sysreq@w3.org
Cc: JacobV@datacom.co.nz, jacob.vaughan@mpi.govt.nz
Message-ID: <CAEtQBY5ZT_Y-rjCrQuAn4201A+wZsvjmQ9VsM3sp8C_mrHzCmw@mail.gmail.com>

Hello Team,

Hope you are doing well.

I am writing this email in hopes of reaching someone in your
security/networking department.

One of our customers *Ministry for Primary Industries New Zealand *
raised concern that they were not able to reach the following URLs via our
company's service.
*https://www.w3.org/ <https://www.w3.org/>*

[image: image.png]


Taking tcpdump we see Zscaler Auckland node is sending TCP SYN however site
is not responding. We see no SYN+ACK from destination.
It seems you have not whitelisted the range from our Auckland Node.

22:48:41.949990 0c:c4:7a:fa:10:a5 > 00:00:5e:00:01:0f, ethertype IPv4
(0x0800), length 74: *124.248.141.76.33661 > 128.30.52.100.80: Flags [S],*
seq 2737271665, win 65535, options [mss 1460,nop,wscale 5,sackOK,TS val
188199143 ecr 0], length 0
22:48:44.592392 0c:c4:7a:fa:10:a5 > 00:00:5e:00:01:0f, ethertype IPv4
(0x0800), length 74: *124.248.141.76.33661 > 128.30.52.100.80: Flags [S],*
seq 2737271665, win 65535, options [mss 1460,nop,wscale 5,sackOK,TS val
188199443 ecr 0], length 0
22:48:47.420014 0c:c4:7a:fa:10:a5 > 00:00:5e:00:01:0f, ethertype IPv4
(0x0800), length 74:* 124.248.141.76.33661 > 128.30.52.100.80: Flags [S],*
seq 2737271665, win 65535, options [mss 1460,nop,wscale 5,sackOK,TS val
188199763 ecr 0], length 0
22:48:50.256015 0c:c4:7a:fa:10:a5 > 00:00:5e:00:01:0f, ethertype IPv4
(0x0800), length 62:* 124.248.141.76.56447 > 128.30.52.100.80: Flags [S*],
seq 1205153653, win 65535, options [mss 1460,sackOK,eol], length 0
22:48:52.915216 0c:c4:7a:fa:10:a5 > 00:00:5e:00:01:0f, ethertype IPv4
(0x0800), length 62:* 124.248.141.76.56447 > 128.30.52.100.80: Flags [S]*,
seq 1205153653, win 65535, options [mss 1460,sackOK,eol], length 0
^C

As a company zscaler provide a hosted web filtering/security solution. As
part of the debugging process, we noticed that the outbound IP address of
our nodes is being blocked from your CDN.
Would it be possible to open a dialogue to have this ban or throttle policy
lifted? If there is something we need to address I would be more than happy
to look at it.
Note: It is possible that you are seeing a large volume of traffic from
our IP address. This is not uncommon as we may have up to 50k+ users behind
a single node.

Zscaler Case ID:  02654708
Location: *Auckland*
Range:
*Auckland* *124.248.141.0/24 <http://124.248.141.0/24>*
Regards,
Suman Rawat
Zscaler Product Support Engineer

Attachments

image/png attachment: image.png
application/octet-stream attachment: w3.pcap

Received on Thursday, 10 December 2020 14:03:01 UTC