06 Jul

Missing IRINN route objects & outage!

A friend of mine buzzed me yesterday about his missing route objects. Later multiple other ISPs told the same story which triggered me to put this as a question on INNOG Mailing list. Many folks replied of missing route objects there and it seems to be limited to IRINN members only. I also asked the same question on APNIC mailing list and it was again confirmed about the issue.
Before I proceed further, here’s what it is all about.

What are route objects?

Route objects are basically entries created at an Internet Routing Registry (IRR). The key idea here is that an ISPs writes in a public register on what they want to do before they actually do. This gives a way for ISPs to transparently share their intentions in the global routing.

Example of a route object

anurag@devops01 ~> whois -h whois.radb.net 2402:b580::/32
route6:     2402:b580::/32
descr:      Anurag Bhatia R&D Pool
origin:     AS58901
mnt-by:     MAINT-AS58901
changed:    me@anuragbhatia.com 20200205
source:     ALTDB
anurag@devops01 ~>

E.g here I want to originate 2402:b580::/32 with my origin ASN 58901 and IRR which is giving this data is ALTDB. One can read more about route objects in my talk given at INNOG last year here. Another good detailed reading can be seen on FCIX here. Various operators build automated BGP routing filters based on the IRR data. So e.g anyone who is peering with me @ AS5891 can do:

anurag@devops01 ~> whois -h whois.radb.net !6as58901
A83
2402:b580:1::/48 2402:b580:3::/48 2402:b580:2::/48 2402:b580:4::/48 2402:b580::/32
C
anurag@devops01 ~>

This gives currently registered route objects and hence can be allowed on BGP filter.

What is IRINN?

IRINN or Indian Registry for Indian Names and Numbers is National Internet Registry (NIR) which functions closely with Regional Internet Registry (RIR) – APNIC in this region. While RIR is responsible for allocating IP addresses and AS numbers in the region, NIR is responsible for doing that within given National area. Broadly NIRs exists to facilitate and make it easy for local operators to interact directly with a local organisation in the local language, currency, timezone etc. Some other countries which have NIRs include China (CNNIC), Japan (JPNIC), Taiwan (TWNIC) etc. Indian NIR i.e IRINN is operated by NIXI (National Internet Exchange of India) and works closely with Ministry of Electronics & IT, Govt. of India. Indian ISPs, datacentres, web hosting companies, universities, banks and just anyone who needs IP address or ASN can get that from IRINN or APNIC.

Route object management at IRINN

For IRINN members, unfortunately, there’s no local IRR and basically all IRR entries go to the RIR (APNIC) run IRR. So instead of IRINN members managing those route objects directly with APNIC, they request those changes with IRINN and IRINN team does that manually in APNIC’s database. I covered this in detail in a previous blog post here.

Mass outage on 3rd and 4th July 2020

On 3rd July 2020 suddenly a large number of registered IRR route objects went missing from APNIC’s database where the maintainer was IRINN. There are no reported cases of any non-IRINN members with this issue. As far as I personally know – Tata Communications AS4755 is known to be filtering their Indian customers based on IRR data and regenerate filters every 6 hours. In the case of Airtel AS9498, I don’t think they automatically generate filters. Let’s see what was visible in the routing table.

A starting point can be RIPE RIS RRC03 because that is directly fed with full routing table from Tata Communications AS6453 which is technically direct upstream of Tata Communications AS4755 in India. Raw MRT dumps for RRC03 are here. It has around 12 routing table dumps (at time of me writing this blog post) for July 2020. Extracting only AS6453 data from it, that gives following total route announcements of AS6453.

An AS_PATH filter of ^6453 4755_ and counting total routes across 12 dumps in July gives me this.

Dump at 20200703.0800 has 17683 while dump after 8hrs of that at 20200703.1600 shows 17194. That’s a drop of 489 prefixes. That is likely not giving a complete picture since it’s 8hrs of time. Though Airtel, Tata or Jio do not feed Oregon route views collector. I am still curious about looking at Oregon Route-views dumps for _6453 4755_ as well as _9498_ and _9583_ dumps to check for any noticeable drop in the routes in the table. There are 34 visible dumps for July there (at a gap of 2hrs) between 2nd July – 4th July and that can give a more refined picture. Assuming if Tata Communications actually pulled off routes, those would be visible via various other networks who dump full table at Oregon route views.

Also, there is data available for withdrawal and announcements at every 15mins via Oregon route views. So I put code to read 300+ dumps for announcement and withdrawal data and plotted that.

So in the following graph, we find a drop of 600+ prefixes between 12:00 and 14:00 UTC on 3rd July 2020.

DateTotal prefixes behind AS4755
7/3/2020 08:0017392
7/3/2020 10:0017310
7/3/2020 12:0017451
7/3/2020 14:0016805
7/3/2020 16:0016895
7/3/2020 18:0017451
7/3/2020 20:0017448

Looking at the diff of dump between 7/3/2020 12:00 and 7/3/2020 14:00 we can see 669 prefixes belonging to different ASNs which went offline and were not visible behind Tata Communications AS4755 at least for 4 hours.

Out of these 669 prefixes, I see 566 belong to MAINT-IN-IRINN maintainer and spread across 161 unique network ASNs. I have posted a list of prefixes, AS number and AS names below.

PrefixOrigin ASNOrigin AS Name
103.103.28.0/24136704ABNPL-AS-IN Apex Broadband Network Pvt. Ltd., IN
103.127.104.0/23136704ABNPL-AS-IN Apex Broadband Network Pvt. Ltd., IN
103.127.104.0/24136704ABNPL-AS-IN Apex Broadband Network Pvt. Ltd., IN
103.127.105.0/24136704ABNPL-AS-IN Apex Broadband Network Pvt. Ltd., IN
103.147.132.0/23136704ABNPL-AS-IN Apex Broadband Network Pvt. Ltd., IN
103.147.132.0/24136704ABNPL-AS-IN Apex Broadband Network Pvt. Ltd., IN
103.147.133.0/24136704ABNPL-AS-IN Apex Broadband Network Pvt. Ltd., IN
103.134.114.0/2458965ABSPL-AS-IN ANJANI BROADBAND SOLUTIONS PVT.LTD., IN
103.134.115.0/2458965ABSPL-AS-IN ANJANI BROADBAND SOLUTIONS PVT.LTD., IN
103.102.100.0/24136719ADNJBP-AS Anushree Digital Network Pvt Ltd, IN
103.102.101.0/24136719ADNJBP-AS Anushree Digital Network Pvt Ltd, IN
103.102.102.0/24136719ADNJBP-AS Anushree Digital Network Pvt Ltd, IN
103.102.103.0/24136719ADNJBP-AS Anushree Digital Network Pvt Ltd, IN
103.114.0.0/24133001AIRNETNETWORKS-AS-IN Airnet Cable And Datacom Pvt Ltd, IN
103.114.1.0/24133001AIRNETNETWORKS-AS-IN Airnet Cable And Datacom Pvt Ltd, IN
103.114.2.0/24133001AIRNETNETWORKS-AS-IN Airnet Cable And Datacom Pvt Ltd, IN
103.114.3.0/24133001AIRNETNETWORKS-AS-IN Airnet Cable And Datacom Pvt Ltd, IN
103.145.228.0/24133001AIRNETNETWORKS-AS-IN Airnet Cable And Datacom Pvt Ltd, IN
103.145.229.0/24133001AIRNETNETWORKS-AS-IN Airnet Cable And Datacom Pvt Ltd, IN
103.134.97.0/24138235AIRNETZ-AS-IN Airnetz Broadband Services Private Limited, IN
103.134.98.0/24138235AIRNETZ-AS-IN Airnetz Broadband Services Private Limited, IN
103.134.99.0/24138235AIRNETZ-AS-IN Airnetz Broadband Services Private Limited, IN
103.72.140.0/24136302AIRTECHN-AS Airtech Internet Solutions Pvt. Ltd., IN
103.72.141.0/24136302AIRTECHN-AS Airtech Internet Solutions Pvt. Ltd., IN
103.72.142.0/24136302AIRTECHN-AS Airtech Internet Solutions Pvt. Ltd., IN
103.141.246.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.18.168.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.18.171.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.24.85.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.24.86.0/2323860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.240.96.0/2223860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.242.188.0/2223860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.242.188.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.242.189.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.242.190.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.242.191.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.242.196.0/2223860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.249.36.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.249.37.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.249.38.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.249.39.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.249.4.0/2223860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.50.81.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.51.148.0/2223860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.66.11.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.66.8.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.66.9.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.77.136.0/2223860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.77.44.0/2223860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.78.16.0/2223860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.78.16.0/2323860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.78.18.0/2323860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.87.140.0/2223860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.87.140.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.87.143.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.88.216.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.88.217.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.88.218.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.88.219.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.94.136.0/2223860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.94.138.0/2323860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
116.206.200.0/2223860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
116.206.200.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
116.206.201.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
116.206.202.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
116.206.220.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
116.206.221.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
116.206.222.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
116.206.223.0/2423860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
150.129.100.0/2223860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
150.129.100.0/2323860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
150.129.64.0/2223860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
150.242.148.0/2223860ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd., IN
103.229.5.0/24133238ALLTIMEIT-AS Alltimeit Solutions Pvt Ltd, IN
103.140.252.0/24138759AMEEX-AS Ameex Technologies Pvt. Ltd., IN
103.142.63.0/24139520ANG12345-AS-IN Ang India Limited, IN
103.141.166.0/23134924APH17-AS-IN Aph Networks Private Limited, IN
103.140.23.0/24134290ARROW46-AS Arrow Touch Wireless Internet Private Limited, IN
103.88.132.0/22134942ASBN-AS Ashok Secure Broadband Network Pvt Ltd, IN
103.143.168.0/24139490ASPTNPL-AS-IN Aspt Networks Pvt Ltd, IN
103.148.206.0/24139490ASPTNPL-AS-IN Aspt Networks Pvt Ltd, IN
103.220.224.0/24139490ASPTNPL-AS-IN Aspt Networks Pvt Ltd, IN
103.142.164.0/24139523ATTIPL-AS-IN All Time Tele Infra Pvt Ltd, IN
103.142.165.0/24139523ATTIPL-AS-IN All Time Tele Infra Pvt Ltd, IN
103.132.246.0/24134392AUSREGISTRY-AS-ANYCAST11 AusRegistry Anycast system, TR
103.132.247.0/24134392AUSREGISTRY-AS-ANYCAST11 AusRegistry Anycast system, TR
103.80.157.0/24136352AUTONET-AS-IN Autonetic Software Technologies Pvt Ltd, IN
103.80.158.0/24136352AUTONET-AS-IN Autonetic Software Technologies Pvt Ltd, IN
103.80.159.0/24136352AUTONET-AS-IN Autonetic Software Technologies Pvt Ltd, IN
103.224.108.0/23136252BANKOFBARODA-AS-AP THE BANK OF BARODA LIMITED, IN
103.224.109.0/24136252BANKOFBARODA-AS-AP THE BANK OF BARODA LIMITED, IN
103.197.220.0/24134258BHAWANI-AS-IN Bhwani Cable and Broadband Services, IN
103.197.221.0/24134258BHAWANI-AS-IN Bhwani Cable and Broadband Services, IN
103.197.222.0/24134258BHAWANI-AS-IN Bhwani Cable and Broadband Services, IN
103.197.223.0/24134258BHAWANI-AS-IN Bhwani Cable and Broadband Services, IN
157.119.168.0/24134258BHAWANI-AS-IN Bhwani Cable and Broadband Services, IN
157.119.169.0/24134258BHAWANI-AS-IN Bhwani Cable and Broadband Services, IN
157.119.171.0/24134258BHAWANI-AS-IN Bhwani Cable and Broadband Services, IN
103.109.134.0/23137108BKID-AS Bank Of India, IN
103.80.130.0/2459197BRBNMPL-AS Bharatiya Reserve Bank Note Mudran Pvt. Ltd., IN
103.118.180.0/24137623BSTPL-AS-IN Bloodstone Technologies Pvt. Ltd., IN
103.59.88.0/24139538CABLENETWORKBROADBANDSYSTEM-AS-IN Uniquetrade Broadband System Pvt. Ltd., IN
103.96.92.0/23136685CAMS-AS Computer Age Management Services Pvt. Ltd., IN
103.96.93.0/24136685CAMS-AS Computer Age Management Services Pvt. Ltd., IN
103.96.95.0/24136685CAMS-AS Computer Age Management Services Pvt. Ltd., IN
103.110.222.0/24137176CCIL-AS The Clearing Corporation Of India Limited, IN
103.113.150.0/24137176CCIL-AS The Clearing Corporation Of India Limited, IN
103.113.151.0/24137176CCIL-AS The Clearing Corporation Of India Limited, IN
175.111.181.0/24136637CIFYIT-AS-IN Cify IT Services Pvt Ltd, IN
103.81.152.0/24139541CITYINFO-AS City Infosol Pvt Ltd, IN
103.81.153.0/24139541CITYINFO-AS City Infosol Pvt Ltd, IN
103.81.154.0/24139541CITYINFO-AS City Infosol Pvt Ltd, IN
103.81.155.0/24139541CITYINFO-AS City Infosol Pvt Ltd, IN
103.19.148.0/2238625CJONLINE CJONLINE ISP India, IN
103.132.204.0/24135849CLICKNET-AS-IN Clicknet Communication Pvt. Ltd., IN
103.132.207.0/24135849CLICKNET-AS-IN Clicknet Communication Pvt. Ltd., IN
103.143.84.0/24139488CONJOINIXTS-AS-IN Conjoinix Total Solutions Private Limited, IN
103.146.110.0/24139549CRISPENT-AS Crisp Enterprises, IN
103.146.111.0/24139549CRISPENT-AS Crisp Enterprises, IN
103.105.101.0/2418229CTRLS-AS-IN CtrlS Datacenters Ltd., IN
103.105.179.0/2418229CTRLS-AS-IN CtrlS Datacenters Ltd., IN
103.206.104.0/2418229CTRLS-AS-IN CtrlS Datacenters Ltd., IN
103.206.107.0/2418229CTRLS-AS-IN CtrlS Datacenters Ltd., IN
103.24.124.0/2218229CTRLS-AS-IN CtrlS Datacenters Ltd., IN
103.24.124.0/2418229CTRLS-AS-IN CtrlS Datacenters Ltd., IN
103.24.125.0/2418229CTRLS-AS-IN CtrlS Datacenters Ltd., IN
103.24.126.0/2418229CTRLS-AS-IN CtrlS Datacenters Ltd., IN
103.24.127.0/2418229CTRLS-AS-IN CtrlS Datacenters Ltd., IN
103.241.182.0/2418229CTRLS-AS-IN CtrlS Datacenters Ltd., IN
103.241.183.0/2418229CTRLS-AS-IN CtrlS Datacenters Ltd., IN
103.255.144.0/2418229CTRLS-AS-IN CtrlS Datacenters Ltd., IN
103.255.145.0/2418229CTRLS-AS-IN CtrlS Datacenters Ltd., IN
103.255.146.0/2418229CTRLS-AS-IN CtrlS Datacenters Ltd., IN
103.255.147.0/2418229CTRLS-AS-IN CtrlS Datacenters Ltd., IN
103.41.96.0/2418229CTRLS-AS-IN CtrlS Datacenters Ltd., IN
103.41.97.0/2418229CTRLS-AS-IN CtrlS Datacenters Ltd., IN
103.41.98.0/2418229CTRLS-AS-IN CtrlS Datacenters Ltd., IN
103.41.99.0/2418229CTRLS-AS-IN CtrlS Datacenters Ltd., IN
103.44.0.0/2418229CTRLS-AS-IN CtrlS Datacenters Ltd., IN
103.44.1.0/2418229CTRLS-AS-IN CtrlS Datacenters Ltd., IN
103.44.2.0/2418229CTRLS-AS-IN CtrlS Datacenters Ltd., IN
103.112.12.0/24137124CTRONIX-AS-IN Jai Mata Di Telectronix Private Limited, IN
103.112.13.0/24137124CTRONIX-AS-IN Jai Mata Di Telectronix Private Limited, IN
103.112.14.0/24137124CTRONIX-AS-IN Jai Mata Di Telectronix Private Limited, IN
103.112.15.0/24137124CTRONIX-AS-IN Jai Mata Di Telectronix Private Limited, IN
123.253.12.0/24133977CYBER_CLOUD_SHIELD-AS CYBER CLOUD SHIELD BROADBAND SERVICES PRIVATE LIMITED, IN
123.253.13.0/24133977CYBER_CLOUD_SHIELD-AS CYBER CLOUD SHIELD BROADBAND SERVICES PRIVATE LIMITED, IN
123.253.14.0/24133977CYBER_CLOUD_SHIELD-AS CYBER CLOUD SHIELD BROADBAND SERVICES PRIVATE LIMITED, IN
123.253.15.0/24133977CYBER_CLOUD_SHIELD-AS CYBER CLOUD SHIELD BROADBAND SERVICES PRIVATE LIMITED, IN
103.143.173.0/24135728DATAISP-AS Datagram Network India Pvt. Ltd., IN
103.100.216.0/24136664DDTPL-AS D D Telecom Pvt. Ltd, IN
103.129.0.0/2323872DELDSLCORE-AS-AP delDSL Internet Pvt. Ltd., IN
103.129.0.0/2423872DELDSLCORE-AS-AP delDSL Internet Pvt. Ltd., IN
103.129.1.0/2423872DELDSLCORE-AS-AP delDSL Internet Pvt. Ltd., IN
103.142.18.0/2423872DELDSLCORE-AS-AP delDSL Internet Pvt. Ltd., IN
103.242.224.0/2223872DELDSLCORE-AS-AP delDSL Internet Pvt. Ltd., IN
103.224.111.0/24132994DENABANK-AS DENA BANK, IN
103.204.188.0/24135718DISHAWAVESINFONET-AS DISHAWAVES INFONET PVT. LTD, IN
103.204.190.0/24135718DISHAWAVESINFONET-AS DISHAWAVES INFONET PVT. LTD, IN
103.204.191.0/24135718DISHAWAVESINFONET-AS DISHAWAVES INFONET PVT. LTD, IN
103.146.170.0/2417754EXCELL-AS Excellmedia, IN
103.146.171.0/2417754EXCELL-AS Excellmedia, IN
103.110.48.0/24133982EXCITEL-AS-IN Excitel Broadband Private Limited, IN
103.92.40.0/24133982EXCITEL-AS-IN Excitel Broadband Private Limited, IN
103.92.41.0/24133982EXCITEL-AS-IN Excitel Broadband Private Limited, IN
103.92.42.0/24133982EXCITEL-AS-IN Excitel Broadband Private Limited, IN
103.92.43.0/24133982EXCITEL-AS-IN Excitel Broadband Private Limited, IN
144.48.72.0/24133982EXCITEL-AS-IN Excitel Broadband Private Limited, IN
144.48.73.0/24133982EXCITEL-AS-IN Excitel Broadband Private Limited, IN
144.48.74.0/24133982EXCITEL-AS-IN Excitel Broadband Private Limited, IN
144.48.75.0/24133982EXCITEL-AS-IN Excitel Broadband Private Limited, IN
103.138.4.0/24133692FASTNET-AS-IN Fastnet Communication Pvt. Ltd., IN
103.138.5.0/24133692FASTNET-AS-IN Fastnet Communication Pvt. Ltd., IN
103.47.216.0/24133692FASTNET-AS-IN Fastnet Communication Pvt. Ltd., IN
103.47.217.0/24133692FASTNET-AS-IN Fastnet Communication Pvt. Ltd., IN
103.47.218.0/24133692FASTNET-AS-IN Fastnet Communication Pvt. Ltd., IN
103.47.219.0/24133692FASTNET-AS-IN Fastnet Communication Pvt. Ltd., IN
103.117.124.0/24137619FBSPL-AS-IN Fastnet Broadband Services, IN
103.83.199.0/2417330FIREEYE-AS, US
103.204.132.0/2224554FIVE-NET-AS-IN Fivenetwork Solution India Pvt Ltd Internet, IN
103.219.16.0/22135260FOURTY2COMM-AS 42 Communications Pvt. Ltd., IN
103.16.69.0/24132559GATIK-AS-IN Gatik Business Solutions, IN
103.132.196.0/24138317GAURAVCO-AS Gaurav Communication Pvt. Ltd., IN
103.132.197.0/24138317GAURAVCO-AS Gaurav Communication Pvt. Ltd., IN
103.132.198.0/24138317GAURAVCO-AS Gaurav Communication Pvt. Ltd., IN
103.132.199.0/24138317GAURAVCO-AS Gaurav Communication Pvt. Ltd., IN
103.152.184.0/24134033HIREACH-BROADBAND-AS HIREACH BROADBAND PRIVATE LTD, IN
103.152.185.0/24134033HIREACH-BROADBAND-AS HIREACH BROADBAND PRIVATE LTD, IN
103.107.252.0/24137102HTPL-AS-IN Hustel Telecom Pvt. Ltd., IN
103.107.253.0/24137102HTPL-AS-IN Hustel Telecom Pvt. Ltd., IN
103.107.254.0/24137102HTPL-AS-IN Hustel Telecom Pvt. Ltd., IN
103.107.255.0/24137102HTPL-AS-IN Hustel Telecom Pvt. Ltd., IN
103.219.0.0/24135189ICONIN-AS I connect broadband support and services, IN
103.219.1.0/24135189ICONIN-AS I connect broadband support and services, IN
103.219.2.0/24135189ICONIN-AS I connect broadband support and services, IN
103.219.3.0/24135189ICONIN-AS I connect broadband support and services, IN
45.249.252.0/24135189ICONIN-AS I connect broadband support and services, IN
45.249.253.0/24135189ICONIN-AS I connect broadband support and services, IN
45.249.254.0/24135189ICONIN-AS I connect broadband support and services, IN
45.249.255.0/24135189ICONIN-AS I connect broadband support and services, IN
103.142.166.0/2459195IEX-AS Indian Energy Exchange Ltd, IN
103.105.97.0/24134858IFORENETWORKS-AS-IN iForce Networks, IN
103.148.8.0/23134858IFORENETWORKS-AS-IN iForce Networks, IN
103.147.94.0/24139534IGIPL-AS Indotel Global Internet Private Limited, IN
103.144.234.0/24139497IILNPL-AS-IN I-infolink Networks Private Limited, IN
103.27.10.0/24132780IITDEL-AS-IN Indian Institute of Technology Delhi, IN
103.27.11.0/24132780IITDEL-AS-IN Indian Institute of Technology Delhi, IN
103.27.8.0/22132780IITDEL-AS-IN Indian Institute of Technology Delhi, IN
103.27.8.0/24132780IITDEL-AS-IN Indian Institute of Technology Delhi, IN
103.27.9.0/24132780IITDEL-AS-IN Indian Institute of Technology Delhi, IN
103.138.234.0/23133242INFIBEAM-AS Infibeam Avenues Limited, IN
103.204.189.0/2445117INPL-IN-AP Ishan_s Network, IN
103.127.20.0/2458678INTECHONLINE-IN Intech Online Private Limited, IN
103.127.21.0/2458678INTECHONLINE-IN Intech Online Private Limited, IN
103.127.22.0/2458678INTECHONLINE-IN Intech Online Private Limited, IN
103.127.23.0/2458678INTECHONLINE-IN Intech Online Private Limited, IN
103.219.164.0/2458678INTECHONLINE-IN Intech Online Private Limited, IN
103.219.165.0/2458678INTECHONLINE-IN Intech Online Private Limited, IN
103.219.166.0/2458678INTECHONLINE-IN Intech Online Private Limited, IN
103.219.167.0/2458678INTECHONLINE-IN Intech Online Private Limited, IN
103.140.190.0/24138761INYCB-AS-IN Inycb Network Private Limited, IN
103.140.191.0/24138761INYCB-AS-IN Inycb Network Private Limited, IN
103.117.200.0/2355566IUCAA-IN Inter University Centre for Astronomy and Astrophysics, IN
103.120.58.0/24137639JASNET-AS Jasnet Networks Private Limited, IN
103.120.59.0/24137639JASNET-AS Jasnet Networks Private Limited, IN
103.145.54.0/24139514JBJBSPL-AS-IN Jb Jain Broadband Solutions Private Limited, IN
103.145.55.0/24139514JBJBSPL-AS-IN Jb Jain Broadband Solutions Private Limited, IN
103.121.150.0/24135226JEECOM-AS Jeecommunications, IN
103.121.151.0/24135226JEECOM-AS Jeecommunications, IN
103.148.167.0/24133280JSW47-AS Jsw Steel Ltd, IN
103.199.162.0/2458969KCCL-AS Kerala Communicators Cable Limited, IN
103.101.89.0/24136723KNPLMZN-AS Kartik Network Pvt Ltd, IN
103.101.90.0/24136723KNPLMZN-AS Kartik Network Pvt Ltd, IN
103.101.91.0/24136723KNPLMZN-AS Kartik Network Pvt Ltd, IN
103.147.112.0/24139565KORDBSPL-AS Kord Broadband Services Pvt Ltd, IN
103.147.113.0/24139565KORDBSPL-AS Kord Broadband Services Pvt Ltd, IN
103.140.17.0/24138754KVBPL-AS-IN Kerala Vision Broad Band Private Limited, IN
103.102.72.0/24136672L7CPL-AS Galactica Infotel Private Limited, IN
103.102.73.0/24136672L7CPL-AS Galactica Infotel Private Limited, IN
103.102.74.0/24136672L7CPL-AS Galactica Infotel Private Limited, IN
103.102.75.0/24136672L7CPL-AS Galactica Infotel Private Limited, IN
103.132.28.0/24138311LIMERICK-AS-IN Limerick Technologies Pvt Ltd, IN
103.132.29.0/24138311LIMERICK-AS-IN Limerick Technologies Pvt Ltd, IN
103.98.20.0/24136645LINKUP-AS-IN Linkup Networks Pvt Ltd, IN
103.98.21.0/24136645LINKUP-AS-IN Linkup Networks Pvt Ltd, IN
103.98.22.0/24136645LINKUP-AS-IN Linkup Networks Pvt Ltd, IN
103.98.23.0/24136645LINKUP-AS-IN Linkup Networks Pvt Ltd, IN
103.99.12.0/24136377LINKWAVE-AS Linkwave Technologies Pvt. Ltd, IN
103.99.13.0/24136377LINKWAVE-AS Linkwave Technologies Pvt. Ltd, IN
103.99.14.0/24136377LINKWAVE-AS Linkwave Technologies Pvt. Ltd, IN
103.99.15.0/24136377LINKWAVE-AS Linkwave Technologies Pvt. Ltd, IN
103.133.228.0/24138520LNSPL-AS-AP Lalu Network Solutions Private Limited, IN
103.133.229.0/24138520LNSPL-AS-AP Lalu Network Solutions Private Limited, IN
103.133.230.0/24138520LNSPL-AS-AP Lalu Network Solutions Private Limited, IN
103.133.231.0/24138520LNSPL-AS-AP Lalu Network Solutions Private Limited, IN
103.133.64.0/24138520LNSPL-AS-AP Lalu Network Solutions Private Limited, IN
103.133.65.0/24138520LNSPL-AS-AP Lalu Network Solutions Private Limited, IN
103.133.66.0/24138520LNSPL-AS-AP Lalu Network Solutions Private Limited, IN
103.79.248.0/22133648MAGNUSTELELINKS-AS-IN MNR Broadband Services Pvt. Ltd., IN
103.78.149.0/24134042MAHAMEDIACOMLLP-AS-IN MAHA Mediacom LLP, IN
103.78.150.0/24134042MAHAMEDIACOMLLP-AS-IN MAHA Mediacom LLP, IN
103.139.220.0/24138741MAULIMSO-AS Mauli Shiv Cable Internet Services Private Limited, IN
103.139.221.0/24138741MAULIMSO-AS Mauli Shiv Cable Internet Services Private Limited, IN
103.120.234.0/24132515MAXIMO-AS-IN Maximo Infotech, IN
103.120.235.0/24132515MAXIMO-AS-IN Maximo Infotech, IN
103.49.245.0/24133722MCARBON-AS mCarbon Tech Innovation Private Limited, IN
103.147.176.0/2455352MCPL-IN Microscan Computers Private Limited, IN
103.147.177.0/2455352MCPL-IN Microscan Computers Private Limited, IN
103.116.19.0/24135253MFT-AS Mft Internet Private Limited, IN
103.94.84.0/24136374MICR-AS Microtalk Communications Pvt Ltd, IN
103.94.85.0/24136374MICR-AS Microtalk Communications Pvt Ltd, IN
103.124.168.0/24138259MIFI-AS-IN Manish Infocom Private Limited, IN
103.124.169.0/24138259MIFI-AS-IN Manish Infocom Private Limited, IN
103.124.170.0/24138259MIFI-AS-IN Manish Infocom Private Limited, IN
103.124.171.0/24138259MIFI-AS-IN Manish Infocom Private Limited, IN
103.107.178.0/24135877MIRACLE1-AS Miracle Telecommunication Services Pvt Ltd, IN
103.107.179.0/24135877MIRACLE1-AS Miracle Telecommunication Services Pvt Ltd, IN
103.134.250.0/24137650MITSPLH-AS-IN Micronet It Services Private Limited, IN
103.134.251.0/24137650MITSPLH-AS-IN Micronet It Services Private Limited, IN
103.208.54.0/24135834MULTIFI-AS Multicraft Digital Technologies Private Limited, IN
103.91.122.0/24135834MULTIFI-AS Multicraft Digital Technologies Private Limited, IN
103.91.244.0/24135834MULTIFI-AS Multicraft Digital Technologies Private Limited, IN
103.91.245.0/24135834MULTIFI-AS Multicraft Digital Technologies Private Limited, IN
103.110.168.0/24137132MYHSB-AS High Speed Broadband, IN
103.110.169.0/24137132MYHSB-AS High Speed Broadband, IN
103.110.170.0/24137132MYHSB-AS High Speed Broadband, IN
103.110.171.0/24137132MYHSB-AS High Speed Broadband, IN
103.135.168.0/24137132MYHSB-AS High Speed Broadband, IN
103.135.169.0/24137132MYHSB-AS High Speed Broadband, IN
103.135.170.0/24137132MYHSB-AS High Speed Broadband, IN
103.235.104.0/2217439NETMAGIC-AP Netmagic Datacenter Mumbai, IN
103.35.164.0/2317439NETMAGIC-AP Netmagic Datacenter Mumbai, IN
103.115.124.0/24135223NETWAY-AS Netway Internet Pvt Ltd, IN
103.115.125.0/24135223NETWAY-AS Netway Internet Pvt Ltd, IN
103.129.232.0/24137627NEXTELIN-AS-IN Nextel Communications India Pvt Ltd, IN
103.129.233.0/24137627NEXTELIN-AS-IN Nextel Communications India Pvt Ltd, IN
103.129.234.0/24137627NEXTELIN-AS-IN Nextel Communications India Pvt Ltd, IN
103.129.235.0/24137627NEXTELIN-AS-IN Nextel Communications India Pvt Ltd, IN
103.214.64.0/2258640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
103.214.64.0/2358640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
103.214.66.0/2358640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
103.218.252.0/2458640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
103.218.253.0/2458640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
103.218.254.0/2458640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
103.218.255.0/2458640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
103.220.220.0/2258640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
103.220.220.0/2358640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
103.220.222.0/2358640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
103.231.116.0/2258640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
103.231.116.0/2358640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
103.231.118.0/2358640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
103.248.244.0/2258640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
103.35.52.0/2258640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
103.60.112.0/2258640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
103.60.112.0/2358640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
103.60.114.0/2358640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
144.48.76.0/2358640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
144.48.78.0/2458640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
163.47.152.0/2258640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
223.29.220.0/2258640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
43.252.24.0/2258640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
45.120.56.0/2258640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
45.120.56.0/2358640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
45.120.58.0/2358640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
45.127.40.0/2258640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
45.252.180.0/2258640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
45.252.180.0/2358640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
45.252.182.0/2358640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
59.153.36.0/2258640NEXTRA-IN NEXTRA TELESERVICES PVT. LTD., IN
103.107.88.0/22132470NEXTRAT-AS-AP Nextra Telesolutions Private Limited, IN
103.107.88.0/23132470NEXTRAT-AS-AP Nextra Telesolutions Private Limited, IN
103.107.88.0/24132470NEXTRAT-AS-AP Nextra Telesolutions Private Limited, IN
103.107.89.0/24132470NEXTRAT-AS-AP Nextra Telesolutions Private Limited, IN
103.107.90.0/24132470NEXTRAT-AS-AP Nextra Telesolutions Private Limited, IN
103.107.91.0/24132470NEXTRAT-AS-AP Nextra Telesolutions Private Limited, IN
103.133.124.0/24138278NIKITABR-AS-IN Nikita Broadband Pvt. Ltd., IN
103.48.180.0/22132774NISSBROADBAND-AS-IN Niss Internet services private limited, IN
103.66.10.0/24134034NITYAINT-AS-IN Nitya Internet Private Limited, IN
103.145.89.0/2455824NKN-CORE-NW NKN Core Network, IN
103.113.252.0/24134343OMSAI-AS Om Sai Entertainment, IN
103.113.253.0/24134343OMSAI-AS Om Sai Entertainment, IN
103.113.254.0/24134343OMSAI-AS Om Sai Entertainment, IN
103.113.255.0/24134343OMSAI-AS Om Sai Entertainment, IN
103.83.136.0/22135839OPTICAL-AS Optical Broadband Communication Pvt. Ltd, IN
103.83.136.0/23135839OPTICAL-AS Optical Broadband Communication Pvt. Ltd, IN
103.83.136.0/24135839OPTICAL-AS Optical Broadband Communication Pvt. Ltd, IN
103.83.138.0/23135839OPTICAL-AS Optical Broadband Communication Pvt. Ltd, IN
103.83.138.0/24135839OPTICAL-AS Optical Broadband Communication Pvt. Ltd, IN
103.83.139.0/24135839OPTICAL-AS Optical Broadband Communication Pvt. Ltd, IN
103.121.116.0/24134302OXYNET-AS Oxynet Telecommunications Private Limited, IN
103.121.117.0/24134302OXYNET-AS Oxynet Telecommunications Private Limited, IN
103.121.118.0/24134302OXYNET-AS Oxynet Telecommunications Private Limited, IN
103.121.119.0/24134302OXYNET-AS Oxynet Telecommunications Private Limited, IN
103.103.132.0/24136721PALVYARA-AS Pal Digital Networking Pvt. Ltd., IN
103.103.133.0/24136721PALVYARA-AS Pal Digital Networking Pvt. Ltd., IN
103.116.32.0/24135791PHONEPE-AS Phonepe Private Limited, IN
103.116.34.0/24135791PHONEPE-AS Phonepe Private Limited, IN
103.139.60.0/23135772POWERNETCOMM-AS Powernet Communications Pvt.ltd., IN
103.139.60.0/24135772POWERNETCOMM-AS Powernet Communications Pvt.ltd., IN
103.139.61.0/24135772POWERNETCOMM-AS Powernet Communications Pvt.ltd., IN
103.196.220.0/22135772POWERNETCOMM-AS Powernet Communications Pvt.ltd., IN
103.196.220.0/23135772POWERNETCOMM-AS Powernet Communications Pvt.ltd., IN
103.196.220.0/24135772POWERNETCOMM-AS Powernet Communications Pvt.ltd., IN
103.196.221.0/24135772POWERNETCOMM-AS Powernet Communications Pvt.ltd., IN
103.196.222.0/23135772POWERNETCOMM-AS Powernet Communications Pvt.ltd., IN
103.196.222.0/24135772POWERNETCOMM-AS Powernet Communications Pvt.ltd., IN
103.196.223.0/24135772POWERNETCOMM-AS Powernet Communications Pvt.ltd., IN
14.192.52.0/22135772POWERNETCOMM-AS Powernet Communications Pvt.ltd., IN
14.192.52.0/23135772POWERNETCOMM-AS Powernet Communications Pvt.ltd., IN
14.192.52.0/24135772POWERNETCOMM-AS Powernet Communications Pvt.ltd., IN
14.192.53.0/24135772POWERNETCOMM-AS Powernet Communications Pvt.ltd., IN
14.192.54.0/23135772POWERNETCOMM-AS Powernet Communications Pvt.ltd., IN
14.192.54.0/24135772POWERNETCOMM-AS Powernet Communications Pvt.ltd., IN
14.192.55.0/24135772POWERNETCOMM-AS Powernet Communications Pvt.ltd., IN
103.91.88.0/2417426PRIMENET-AS-AP Primesoftex Ltd, IN
103.91.91.0/2417426PRIMENET-AS-AP Primesoftex Ltd, IN
103.121.153.0/24136284PTPL-AS-IN Paradise Telecom Pvt Ltd, IN
103.121.154.0/24136284PTPL-AS-IN Paradise Telecom Pvt Ltd, IN
103.121.155.0/24136284PTPL-AS-IN Paradise Telecom Pvt Ltd, IN
103.211.176.0/2458659QCPL-IN Quest Consultancy Pvt Ltd, IN
103.211.177.0/2458659QCPL-IN Quest Consultancy Pvt Ltd, IN
103.211.178.0/2458659QCPL-IN Quest Consultancy Pvt Ltd, IN
103.211.179.0/2458659QCPL-IN Quest Consultancy Pvt Ltd, IN
103.228.44.0/2458659QCPL-IN Quest Consultancy Pvt Ltd, IN
103.228.45.0/2458659QCPL-IN Quest Consultancy Pvt Ltd, IN
103.228.46.0/2458659QCPL-IN Quest Consultancy Pvt Ltd, IN
103.228.47.0/2458659QCPL-IN Quest Consultancy Pvt Ltd, IN
139.5.100.0/2458659QCPL-IN Quest Consultancy Pvt Ltd, IN
139.5.101.0/2458659QCPL-IN Quest Consultancy Pvt Ltd, IN
139.5.102.0/2458659QCPL-IN Quest Consultancy Pvt Ltd, IN
139.5.103.0/2458659QCPL-IN Quest Consultancy Pvt Ltd, IN
103.133.120.0/24138277RADINET-AS-IN Radinet Info Solutions Private Limited, IN
103.133.121.0/24138277RADINET-AS-IN Radinet Info Solutions Private Limited, IN
103.133.122.0/24138277RADINET-AS-IN Radinet Info Solutions Private Limited, IN
103.133.123.0/24138277RADINET-AS-IN Radinet Info Solutions Private Limited, IN
103.105.152.0/24135692RAGLOBAL-AS-IN Global Ra Net Services Pvt. Ltd., IN
103.105.153.0/24135692RAGLOBAL-AS-IN Global Ra Net Services Pvt. Ltd., IN
103.105.154.0/24135692RAGLOBAL-AS-IN Global Ra Net Services Pvt. Ltd., IN
103.105.155.0/24135692RAGLOBAL-AS-IN Global Ra Net Services Pvt. Ltd., IN
103.205.152.0/22134854RBEI-AS-IN Robert Bosch engineering and business solutions private limited, IN
103.235.164.0/23135031RNPL-AS-AP RI Networks Pvt. Ltd., IN
103.235.166.0/23135031RNPL-AS-AP RI Networks Pvt. Ltd., IN
103.235.166.0/24135031RNPL-AS-AP RI Networks Pvt. Ltd., IN
103.235.167.0/24135031RNPL-AS-AP RI Networks Pvt. Ltd., IN
103.73.152.0/23135031RNPL-AS-AP RI Networks Pvt. Ltd., IN
103.73.154.0/23135031RNPL-AS-AP RI Networks Pvt. Ltd., IN
103.82.148.0/23135031RNPL-AS-AP RI Networks Pvt. Ltd., IN
103.82.148.0/24135031RNPL-AS-AP RI Networks Pvt. Ltd., IN
103.82.149.0/24135031RNPL-AS-AP RI Networks Pvt. Ltd., IN
103.82.150.0/23135031RNPL-AS-AP RI Networks Pvt. Ltd., IN
103.82.220.0/23135031RNPL-AS-AP RI Networks Pvt. Ltd., IN
103.82.222.0/23135031RNPL-AS-AP RI Networks Pvt. Ltd., IN
103.82.222.0/24135031RNPL-AS-AP RI Networks Pvt. Ltd., IN
103.82.223.0/24135031RNPL-AS-AP RI Networks Pvt. Ltd., IN
103.97.136.0/23135031RNPL-AS-AP RI Networks Pvt. Ltd., IN
103.97.136.0/24135031RNPL-AS-AP RI Networks Pvt. Ltd., IN
103.97.137.0/24135031RNPL-AS-AP RI Networks Pvt. Ltd., IN
103.97.138.0/23135031RNPL-AS-AP RI Networks Pvt. Ltd., IN
103.97.138.0/24135031RNPL-AS-AP RI Networks Pvt. Ltd., IN
103.97.139.0/24135031RNPL-AS-AP RI Networks Pvt. Ltd., IN
103.137.172.0/24138749ROBUSTED-AS-IN Robustedge Software And Digital Networks Pvt. Ltd., IN
103.141.227.0/24138749ROBUSTED-AS-IN Robustedge Software And Digital Networks Pvt. Ltd., IN
103.118.168.0/24137622ROYALCON-AS-IN Royal Connect Solutions Pvt Ltd, IN
103.118.169.0/24137622ROYALCON-AS-IN Royal Connect Solutions Pvt Ltd, IN
103.118.170.0/24137622ROYALCON-AS-IN Royal Connect Solutions Pvt Ltd, IN
103.118.171.0/24137622ROYALCON-AS-IN Royal Connect Solutions Pvt Ltd, IN
150.129.145.0/2455353RPNET-AS-AP RAJESH PATEL NET SERVICES PVT. LTD., IN
103.101.109.0/24136636RSBI-AS Sharplink Wireless Solution Pvt Ltd, IN
103.85.118.0/24137138SAINTERN-AS S A Internet Solution Pvt Ltd, IN
103.85.119.0/24137138SAINTERN-AS S A Internet Solution Pvt Ltd, IN
103.148.249.0/24134027SAMSUNG-AS SAMSUNG DATA SYSTEMS INDIA PRIVATE LIMITED, IN
103.145.16.0/244195SHAW, US
103.108.148.0/24133662SHREENET-AS SHREENET, IN
103.108.149.0/24133662SHREENET-AS SHREENET, IN
103.108.150.0/24133662SHREENET-AS SHREENET, IN
103.108.151.0/24133662SHREENET-AS SHREENET, IN
119.226.35.0/249583SIFY-AS-IN Sify Limited, IN
103.110.148.0/24137113SIMPLEX-AS-IN Simplex Broadband Private Limited, IN
103.110.149.0/24137113SIMPLEX-AS-IN Simplex Broadband Private Limited, IN
103.110.150.0/24137113SIMPLEX-AS-IN Simplex Broadband Private Limited, IN
103.110.151.0/24137113SIMPLEX-AS-IN Simplex Broadband Private Limited, IN
157.119.170.0/2445194SIPL-AS Syscon Infoway Pvt. Ltd., IN
103.122.132.0/24136670SKYLINE0-AS Skyline Broadband Pvt. Ltd., IN
103.122.133.0/24136670SKYLINE0-AS Skyline Broadband Pvt. Ltd., IN
103.122.134.0/24136670SKYLINE0-AS Skyline Broadband Pvt. Ltd., IN
103.122.135.0/24136670SKYLINE0-AS Skyline Broadband Pvt. Ltd., IN
103.234.137.0/24133317SNTPL-AS srinagar Net tech P ltd, IN
137.59.0.0/24133317SNTPL-AS srinagar Net tech P ltd, IN
137.59.1.0/24133317SNTPL-AS srinagar Net tech P ltd, IN
137.59.2.0/24133317SNTPL-AS srinagar Net tech P ltd, IN
137.59.3.0/24133317SNTPL-AS srinagar Net tech P ltd, IN
103.138.0.0/24138752SOBPL-AS Starone Broadband Private Limited, IN
103.138.1.0/24138752SOBPL-AS Starone Broadband Private Limited, IN
111.125.244.0/24132137SOIPL-IN Shree Omkar Infocom Pvt Ltd, IN
183.87.192.0/24132137SOIPL-IN Shree Omkar Infocom Pvt Ltd, IN
183.87.240.0/24132137SOIPL-IN Shree Omkar Infocom Pvt Ltd, IN
183.87.241.0/24132137SOIPL-IN Shree Omkar Infocom Pvt Ltd, IN
183.87.242.0/24132137SOIPL-IN Shree Omkar Infocom Pvt Ltd, IN
183.87.243.0/24132137SOIPL-IN Shree Omkar Infocom Pvt Ltd, IN
183.87.244.0/24132137SOIPL-IN Shree Omkar Infocom Pvt Ltd, IN
183.87.245.0/24132137SOIPL-IN Shree Omkar Infocom Pvt Ltd, IN
183.87.246.0/24132137SOIPL-IN Shree Omkar Infocom Pvt Ltd, IN
183.87.247.0/24132137SOIPL-IN Shree Omkar Infocom Pvt Ltd, IN
103.132.206.0/24134916SOLITON14-AS Soliton NetLink Pvt. Ltd., IN
103.140.106.0/24135239SONALI-AS-IN Sonali Internet Services Pvt Ltd, IN
103.140.107.0/24135239SONALI-AS-IN Sonali Internet Services Pvt Ltd, IN
103.75.224.0/24135239SONALI-AS-IN Sonali Internet Services Pvt Ltd, IN
103.75.225.0/24135239SONALI-AS-IN Sonali Internet Services Pvt Ltd, IN
103.75.226.0/24135239SONALI-AS-IN Sonali Internet Services Pvt Ltd, IN
103.75.227.0/24135239SONALI-AS-IN Sonali Internet Services Pvt Ltd, IN
103.122.168.0/24138293SPACETRA-AS-IN Spacetrade Internet Pvt Ltd, IN
103.122.169.0/24138293SPACETRA-AS-IN Spacetrade Internet Pvt Ltd, IN
103.132.240.0/24136327SPDBROAD-AS-IN Spd Broadband Pvt Ltd, IN
103.132.241.0/24136327SPDBROAD-AS-IN Spd Broadband Pvt Ltd, IN
103.119.76.0/24133279SPEED4NET-AS SPEED4NET, IN
103.119.78.0/24133279SPEED4NET-AS SPEED4NET, IN
103.119.79.0/24133279SPEED4NET-AS SPEED4NET, IN
123.253.236.0/24135810SRK2016-AS Srk Network, IN
123.253.237.0/24135810SRK2016-AS Srk Network, IN
123.253.238.0/24135810SRK2016-AS Srk Network, IN
123.253.239.0/24135810SRK2016-AS Srk Network, IN
103.146.154.0/24136365SSBMAHAD-AS Shri Samarth Broadband, IN
103.119.192.0/24134866SSCN-AS Sscn Pvt Ltd, IN
103.119.193.0/24134866SSCN-AS Sscn Pvt Ltd, IN
103.119.194.0/24134866SSCN-AS Sscn Pvt Ltd, IN
103.119.195.0/24134866SSCN-AS Sscn Pvt Ltd, IN
103.140.244.0/24138762SSLCPL-AS Sadaa Smartlinks Communication Private Limited, IN
103.141.92.0/23132757SSWL-AS-IN Sristi Sanchar Webnet Ltd., IN
103.141.92.0/24132757SSWL-AS-IN Sristi Sanchar Webnet Ltd., IN
103.151.198.0/24140125STBROADB-AS-IN St Broadband Cable Servise Pvt Ltd, IN
103.151.199.0/24140125STBROADB-AS-IN St Broadband Cable Servise Pvt Ltd, IN
103.117.64.0/23137610STREAMAX-AS-IN Streamax Broadband Services Pvt. Ltd., IN
103.117.66.0/23137610STREAMAX-AS-IN Streamax Broadband Services Pvt. Ltd., IN
103.138.44.0/24138720SUDHANAT-AS-IN Sudhana Telecommunications Private Limited, IN
103.121.72.0/24134886SUPERSON-AS Super Sonic Broadband Pvt Ltd, IN
103.121.73.0/24134886SUPERSON-AS Super Sonic Broadband Pvt Ltd, IN
103.121.74.0/24134886SUPERSON-AS Super Sonic Broadband Pvt Ltd, IN
103.121.75.0/24134886SUPERSON-AS Super Sonic Broadband Pvt Ltd, IN
103.117.236.0/24137677SURROUND-AS Surround Networks Pvt Ltd, IN
103.117.237.0/24137677SURROUND-AS Surround Networks Pvt Ltd, IN
103.117.238.0/24137677SURROUND-AS Surround Networks Pvt Ltd, IN
103.117.239.0/24137677SURROUND-AS Surround Networks Pvt Ltd, IN
103.104.181.0/249830SWIFTONLINE-AS-AP SWIFT ONLINE BORDER AS, IN
103.104.182.0/249830SWIFTONLINE-AS-AP SWIFT ONLINE BORDER AS, IN
103.216.173.0/249830SWIFTONLINE-AS-AP SWIFT ONLINE BORDER AS, IN
103.216.174.0/249830SWIFTONLINE-AS-AP SWIFT ONLINE BORDER AS, IN
103.109.176.0/245SYMBOLICS, US
103.109.177.0/245SYMBOLICS, US
103.109.178.0/245SYMBOLICS, US
103.109.179.0/245SYMBOLICS, US
103.118.112.0/245SYMBOLICS, US
103.118.113.0/245SYMBOLICS, US
103.118.114.0/245SYMBOLICS, US
103.118.115.0/245SYMBOLICS, US
103.144.51.0/245SYMBOLICS, US
103.74.227.0/24135697TACHYON-AS-IN Tachyon Communications Pvt Ltd, IN
103.97.210.0/24135697TACHYON-AS-IN Tachyon Communications Pvt Ltd, IN
103.97.211.0/24135697TACHYON-AS-IN Tachyon Communications Pvt Ltd, IN
103.117.181.0/244755TATACOMM-AS TATA Communications formerly VSNL is Leading ISP, IN
103.208.70.0/24134674TATASKYBROADBAND-AS-AP TATA SKY BROADBAND PRIVATE LIMITED, IN
103.142.77.0/24139480TBSPL09-AS Tradebulls Securities Private Limited, IN
103.101.24.0/22136632TELEVAJR-AS-IN Vajra Telecom Pvt Ltd, IN
103.101.24.0/24136632TELEVAJR-AS-IN Vajra Telecom Pvt Ltd, IN
103.101.25.0/24136632TELEVAJR-AS-IN Vajra Telecom Pvt Ltd, IN
103.101.26.0/24136632TELEVAJR-AS-IN Vajra Telecom Pvt Ltd, IN
103.101.27.0/24136632TELEVAJR-AS-IN Vajra Telecom Pvt Ltd, IN
103.136.136.0/24136336TICFIBER-AS Thamizhaga Internet Communications Private Limited, IN
103.136.137.0/24136336TICFIBER-AS Thamizhaga Internet Communications Private Limited, IN
103.88.76.0/24136336TICFIBER-AS Thamizhaga Internet Communications Private Limited, IN
103.88.77.0/24136336TICFIBER-AS Thamizhaga Internet Communications Private Limited, IN
103.98.62.0/24136336TICFIBER-AS Thamizhaga Internet Communications Private Limited, IN
103.98.63.0/24136336TICFIBER-AS Thamizhaga Internet Communications Private Limited, IN
103.132.0.0/24138276TYPHOONC-AS Typhoon Communication Pvt. Ltd., IN
103.132.1.0/24138276TYPHOONC-AS Typhoon Communication Pvt. Ltd., IN
103.132.2.0/24138276TYPHOONC-AS Typhoon Communication Pvt. Ltd., IN
103.132.3.0/24138276TYPHOONC-AS Typhoon Communication Pvt. Ltd., IN
103.123.44.0/24138290UIO4646-AS Unigro Infranet Online Pvt. Ltd., IN
103.123.45.0/24138290UIO4646-AS Unigro Infranet Online Pvt. Ltd., IN
103.123.46.0/24138290UIO4646-AS Unigro Infranet Online Pvt. Ltd., IN
103.123.47.0/24138290UIO4646-AS Unigro Infranet Online Pvt. Ltd., IN
103.110.172.0/24137180UNI6711-AS Unified Voice Communication Private Ltd, IN
103.110.173.0/24137180UNI6711-AS Unified Voice Communication Private Ltd, IN
103.110.174.0/24137180UNI6711-AS Unified Voice Communication Private Ltd, IN
103.126.62.0/24138287UZAINA11-AS Uzaina Business India Pvt Ltd, IN
103.143.36.0/24139486VETAL-AS-IN Vetal Hotel And Resort Pvt Ltd, IN
103.139.246.0/24135781VIBHUTI-AS-IN Vibhuti Networks Private Limited, IN
103.139.247.0/24135781VIBHUTI-AS-IN Vibhuti Networks Private Limited, IN
103.122.60.0/24133678VIZAGBROADBAND-AS-IN Vizag Broadband Communications Pvt Ltd, IN
103.122.61.0/24133678VIZAGBROADBAND-AS-IN Vizag Broadband Communications Pvt Ltd, IN
103.122.62.0/24133678VIZAGBROADBAND-AS-IN Vizag Broadband Communications Pvt Ltd, IN
103.146.228.0/24139509VNONET-AS-IN Vno Networks Pvt Ltd, IN
103.146.229.0/24139509VNONET-AS-IN Vno Networks Pvt Ltd, IN
103.126.204.0/24138239VOISPL-AS-IN Vaishnavi Online Internet Services Pvt. Ltd., IN
103.126.205.0/24138239VOISPL-AS-IN Vaishnavi Online Internet Services Pvt. Ltd., IN
103.56.30.0/24138239VOISPL-AS-IN Vaishnavi Online Internet Services Pvt. Ltd., IN
103.65.202.0/24138239VOISPL-AS-IN Vaishnavi Online Internet Services Pvt. Ltd., IN
103.65.203.0/24138239VOISPL-AS-IN Vaishnavi Online Internet Services Pvt. Ltd., IN
103.65.23.0/24138239VOISPL-AS-IN Vaishnavi Online Internet Services Pvt. Ltd., IN
103.149.122.0/23140110VSSCTVPM-AS-IN Vikram Sarabhai Space Centre, IN
103.149.174.0/24140157WAVENS-AS-IN Wave Network Solutions, IN
103.149.175.0/24140157WAVENS-AS-IN Wave Network Solutions, IN
103.255.188.0/24132005XCELLHOST-IN 209, Laxmi Plaza, IN
103.255.190.0/23132005XCELLHOST-IN 209, Laxmi Plaza, IN
103.146.235.0/24139554YBRAINI-AS-IN Young Brain India, IN
103.123.72.0/24138221YNETT-AS-IN Ynet Telecom Solutions, IN
103.123.73.0/24138221YNETT-AS-IN Ynet Telecom Solutions, IN

The issue in total took a much longer time as APNIC/IRINN restored the route object database and ISPs across the world re-generated their filters. Likely it took Tata Communications time between 14:00 to 18:00 UTC / 7:30 pm to 11:30 pm IST on 3rd July 2020 to disable IRR based filters.

Besides many ISPs it also impacted a few banks:
AS136252 – BANK OF BARODA
AS137108 – Bank Of India
AS59197 – Bharatiya Reserve Bank Note Mudran Pvt. Ltd
AS132994 – DENA BANK


I end this post with the hope that your ASN is not listed above.

30 May

Automated SSL certificate management for private containers

Lately, I have been playing with many tools and as one gets into deploying those tools, SSL comes as a pain point. A large number of web-based tools I use are internal and on a private network. VPN (with OSPF running over FRR) takes care of connectivity but still, it’s good to have SSL on these machines. Non-HTTPs websites are getting more & more ugly with browsers and even things like password managers do not fill the passwords anymore on their own for non-HTTPS websites.

Possible ways to get SSL certificate for these private web applications:

  1. Expose TCP port 80/443 for few seconds to get SSL cert issued from Letsencrypt. Works but too risky & is practical only with IPv6 as each container cannot have it’s own IPv4. Moreover, the IPv6 AAAA record keeps the container exposed all the time. Can be done behind a firewall but not clean.
  2. Use DNS based validation via Certbot’s DNS plugins. Quite powerful once implemented and depending on implementation, does not add any major thread vector. This does need an authoritative DNS setup which supports API access or some workarounds.

DNS Setup to make it work…

Presently my domain “anuragbhatia.com” uses Google’s authoritative DNS. The reason why Google is simply because authoritative DNS hosting comes free with domain and hence I don’t see a reason to pay $3-$6 a year or any other authoritative DNS host. I can run own authoritative DNS but just avoid that since in past website has faced multiple DoS and DDoS attacks on web server & there’s always a risk of attacker attacking a bunch of DNS servers unless I do it at scale (5 servers with each on 10Gbps uplink and some DDoS filtering etc). That clearly is not worth it. 🙂

Now Google Cloud DNS does has API but Google domain’s DNS doesn’t have API access and hence changes cannot be made via any automation tool. So workaround on this, I used Certbot-DNS-Standalone. It’s smart enough to spin up an authoritative DNS server to listen for DNS queries on port 53 specific to a hostname TXT for ACME DNS validation.

So while looking at #2 I also found challenges with Nginx reverse proxy configurations. I tried finding possible Ansible roles but had one or other issue with each one I tried. Official Nginx role for Ansible is pretty extensive but misses Certbot. Plus to be true it’s way more extensive and somewhat not so fun in use with so many variables. This one is easy to use, fewer variables but supports only either no-SSL or Certbot SSL with HTTP challenge only. One cannot define a custom certificate on this one.

So after a few hours of trying various options, I ended up in putting a setup. It uses a bunch of tools (most of them I was using anyway for other things).

  1. Ansible to generate and push SSL certificate from a server with access to authoritative DNS traffic for that zone.
  2. Gitlab (or any Git hosting as such) to keep the Ansible playbooks
  3. Ansible AWX to execute, schedule, alert etc for the certificate generation as well as deployment.

Here’s how it all works

Say I want to have a Nextcloud instance hosted privately (on private IPs) with SSL

Step1: Get it going (can be via Docker or just any form of install)

Image pull from Dockerhub:

anurag@docker:~$ docker pull nextcloud
Using default tag: latest
latest: Pulling from library/nextcloud
Digest: sha256:b1bf8942e85c76aa86362a9ec7eef7ac12ac3c0f3106dd6a0ee89871186dff73
Status: Image is up to date for nextcloud:latest
docker.io/library/nextcloud:latest
anurag@docker:~$

Next, spin up Docker container:

anurag@docker:~$ docker run -d -p 8080:80 nextcloud
f28de86b03290dd656566bf2b2a6441f18f717be42cfc6f96f52afed3945263e
anurag@docker:~$

This makes it live. In this specific case it’s running on 172.17.0.7 port 80.

Step 2: Make changes in DNS

Let’s say I want to use “nextcloud.anuragbhatia.com” as hostname, so for DNS validation, I would need: _acme-challenge.nextcloud.anuragbhatia.com to reply with the required TXT record.

Here it’s pointing to nextcloud.anuragbhatia.com.ssl.anuragbhatia.com. where “ssl.anuragbhatia.com” is special sub-zone delegated to my server. This gives me a way to only host this specific script and not the parent zone DNS with myself. ssl.anuragbhatia.com has an NS record to server7.anuragbhatia.com and server7.anuragbhatia.com has an A record which takes the query to the container. All this is set up once and all once needs per new hostname/application is a CNAME record as shown in the screenshot above.

Step 3: Generate SSL cert via Ansible playbook called via Ansible AWX

I wrote this playbook where I would pass arguments during run time via Ansible AWX (open source version of the Ansible Tower). The variables in the playbook are:

  • ssl_domain – Private domain/hostname for which SSL cert is needed
  • certbot_email – Email needed for certbot for things like renewal. Though because my setup is automated, there’s not much point of mails.
  • deploy_host – This is the host where we want to deploy the SSL certificate. Can be any server or device running SSH and Ansible should have SSH based access to this device. In my case it’s a server running NGINX reverse proxy
  • deploy_host_user – That’s used for rsync for pushing certificate & keys. I have a special user for Ansible for most of my nodes.

I provide these during run on the fly via survey. So screen appears as:

And with that, I launch the playbook. It generates and deploys the SSL certificate on the required host. On transport, it uses rsync + routed IPs over VPN to add an extra layer of security.

An alternate to this system can be prompts in Ansible so that one can keep on using it with command line without need of having AWX though it will have issue with step 5!

Step 4: Generate the required reverse proxy configuration

Just like for last one, I have put this playbook which needs some information via a variable and based on that it generates the reverse proxy configuration.

Variables used:

  • Domain
  • Backend IP – IP address of the machine hosting the application
  • Backend port – Port for which we want NGINX to do the reverse proxy
  • SSL – “yes” or “no” depending on whether SSL is needed to be deployed

Just like step3: I have Ansible AWX configured to ask for these variables during run time.

And there it goes live!

Step 5: Setup automatic SSL certificate renewals

Since Letsencrypt certificates expire in 90 days, it’s important to have automated renewals. For this again I use Ansible AWX instead of cron jobs. Cron jobs usually are painful when they fail and at times are too picky with environment variables.

So I setup a schedule within the same task with pre-defined variables.

Next, I can put pre-defined run time variable values by clicking prompt.

Once saved, this will run this playbook every week. More logical might be 30 days though. And it also gives me option to notify via email, Slack or any similar channel if this playbook fails during running.

Interested in using these playbooks?
Here’s the Github link: https://github.com/anuragbhatia/Ansible-NGINX-Certbot

Misc notes

I might be tweaking following in this setup to avoid having key/cert pair leave the server running script to NGINX proxy server. Ideally private key should stay on the proxy server and never leave it. Need to see if I can make Certbot DNS standalone plugin to work with that. Another option can be to have the entire setup with an option to use a self-signed certificate which Ansible pushes across all machines for trust. Extra work, but saves one from exposing hostnames of all private containers in SSL transparency reports.

Don’t want to run Ansible, self-hosted containers and more but still want to host these fun projects? Check out my brother’s blog post on How to deploy side projects as web services for free.