🐾 Putting the bark behind your bytes! 🐾

NETOPS FAQ

Posted by Skylar.W Posted on September 7, 2024

FAQ for External Network Operators

Under this header, you’ll find the FAQs that pertain to those who are not a member of either Marbled Fennec Networks or FurrIX but may still be connecting to the network and making use of resources; or have noticed devices and endpoints from our networks connecting to their networks.

I was able to connect to your web server and now I am not?
There is a fair chance that someone within your /24 or /60 was aggressively crawling the website with back to back request and to cut back on traffic, we blocked the involved subnets at the upstream router. We look at where the subnets come from, how often pages are requested, what URLs are being hit and the user agent when making decisions to block or not block an annoying subnet.

I know you guys once had an email server, but now I cannot see it…
There is a fair chance that someone within your /24 or /60 was found to be trying to use us as a relay, trying to SASL login with ‘password’ or jumping ahead in the protocol and it showed up in the logs. We do not tolerate any abuse of the mail server at all and hand out subnet bans at the upstream router in an effort to stop these connections and keep the log clean. If you are being prevented from delivering legitimate mail to our server, reach out to the support desk for help.

If our volunteer techs do unblock your subnet and you end up blocked a second time, you will not be unbalocked from accessing the email server. Clean up your network if its unshared or try to work with your host if it is shared.

I was able to reach and query your name servers, but now I get no response!

This is most likely due to our network engineers noticing a very large number of request coming from the /24 or /60 that your IP address is a part of or a large number of request for a certain domain spread across several IPs within the /24 or /60 your IP address is a part of. To combat this type of abuse and keep it from bogging down the name server, we put in drop rules for iptables that keep the traffic from reaching the name server service. If you feel you might have been blocked by accident, reach out to our support desk for assistance. Most of the time, subnet bans expire after 48 hours.

There are devices hitting my network, possible abuse and I can’t find a host name for them; but they come from your network!

These most likely came from our leased /48. You can perform PTR lookups against ‘multi.dns.marbledfennec.net’ to find the host name of the IP that is bothering you and then use that information to email ‘abuse at marbledfennec dot net’ to report the traffic and our volunteers will deal with the offending project member as soon as possible. We take these kinds of reports very seriously and appreciate external network operators bringing bad actors to light.

Some of your PTR records differ when using a different name server than when using your name servers…

We directly manage the reverse zones on our name servers. In the case of our ‘2604:4300:f03::/48’ network, our zone files will be updated before the data center updates their zones. In the case of our ‘2602:f992:f3::/48’ network, the LIR is not able to control or provide control of the reverse zones, so we manage a reverse zone for this network on our name servers.

When connecting members to the networks that our project operates, it is required that the subnet and interface has PTR records assigned for the identification of traffic to and from our networks. Using the PTR records, one can see which project member or end user is responsible for the traffic and in the case of network abuse, they can be reported to us.

How do I read your PTR records?!

When we connect new project members or end users to the network, we collect a little bit of basic information about them and how their service may be used. Some of this information makes it into our PTR records to make easier on both our volunteers and external network operators to identify the origin of the traffic. For a quick tip on how to read our records, you can use the command “nslookup -q=ptr 2602:f992:f3::2 multi.dns.marbledfennec.net’ and you will get information back on how these records are structured.

I am a web host and I have been seeing traffic from your networks, I am worried these are bots…

You can rest assured that the traffic you see is most likely not bot traffic. While our network does use data center ranges and a data center ASN, our traffic is generate by humans playing around in their labs or on the go with their devices. Marbled Fennec Networks, and FurrIX, do not allow bots to be hosted on our network ranges. If you suspect that such is happening, please perform a PTR lookup against our name servers and report the offending member to our support desk or abuse email as soon as possible. We only allow human created and routing based traffic on our networks.

(C) 2023-2024, Marbled Fennec Networks (FurrIX) and our various members.
-------------------------------------------------------------------------
Marbled Fennec Networks is the operator of FurrIX (https://www.furrix.zone)
FurrIX, a Furry virtual Internet Exchange
-------------------------------------------------------------------------
The service(s) provided by Marbled Fennec Networks, are to be understood as use at your own risk. The project makes no warranty or other expression of our network being fit for any use case. All service(s) are provided as best effort, as is and without cost to approved end users and our project members.
If you feel as if our service(s) fall short of your expectations or are otherwise causing you issues, your remedy is to stop use of our service(s) and close your account with us.
-------------------------------------------------------------------------
DNS services have been moved into our project since July 29th, 2024!
-------------------------------------------------------------------------
Thank you to all of our volunteer techs and project members; you guys make this worth doing! Every single one of y'all has been a huge help over the years.
-------------------------------------------------------------------------
Network abuse complaints or concerns? Email us at 'abuse at marbledfennec dot net' If making an abuse report, please allow us five days to process your email! In your email, please include the IPs (both v4 and v6) involved to make it quicker for us to know which member needs to be spoken with. Thank you.
-------------------------------------------------------------------------
Network Data Moved as of Aug 4th, 2024 IN: 1.78TB --|-- OUT: 2.87TB --|-- RATIO: 0.62 --|-- SRC: NMS | Data stats include internal usage such as automated backups, control data and other data along side transit used by project members and end users; as such, details may be skewed a little!
-------------------------------------------------------------------------
Project Lifetime --> MFN/FurrIX has been in some sort of operational status since its unofficial start around July 2009. The current and live version officially started around May of 2021 and continues to be operational through 2024. There have been some very close calls over the past year or two, but we are fighting to hang in there!

Design by ThemesDNA.com

NETOPS FAQ

FAQ for External Network Operators

Recent Posts

Recent Comments

Archives

Categories