Nugetgallery: api.nuget.org IP is blacklisted in Russia :(
Hi.
Today i encountered an issue, similar to #3445
But now one of api.nuget.org IPs is blacklisted by Russian government.
I mean IP 93.184.221.200
I can't give a link to blacklist record (the site use AJAX), but this IP can be checked manually here: http://blocklist.rkn.gov.ru/
It is actually blocked :(.
I think that there is no any hope that this IP will be unbanned.
May be you can just avoid using this IP?
Sagrer
All 52 comments
Could you please follow the "Capture MTR" steps here: https://docs.microsoft.com/en-us/nuget/policies/nuget-faq#nugetorg-not-accessible
and send us the results so we better understand what got blocked.
agr
on 17 Apr 2018
I can confirm (from Russia too, 8.8.8.8 user).
WinMTR output:
|------------------------------------------------------------------------------------------|
| WinMTR statistics |
| Host - % | Sent | Recv | Best | Avrg | Wrst | Last |
|------------------------------------------------|------|------|------|------|------|------|
| 192.168.1.1 - 0 | 150 | 150 | 0 | 0 | 1 | 0 |
| 217.14.207.27 - 0 | 150 | 150 | 0 | 0 | 5 | 0 |
| izhevsk21.mark-itt.net - 0 | 150 | 150 | 1 | 2 | 124 | 1 |
| izhevsk207.mark-itt.net - 0 | 150 | 150 | 1 | 6 | 170 | 1 |
| 198.51.100.101 - 0 | 150 | 150 | 36 | 37 | 49 | 37 |
| No response from host - 100 | 30 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 30 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 30 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 30 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 30 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 30 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 30 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 30 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 30 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 30 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 30 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 30 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 30 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 30 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 30 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 30 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 30 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 30 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 30 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 30 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 30 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 30 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 30 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 30 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 30 | 0 | 0 | 0 | 0 | 0 |
|________________________________________________|______|______|______|______|______|______|
WinMTR v0.92 GPL V2 by Appnor MSP - Fully Managed Hosting & Cloud Provider
PS output:
C:\Users\x> Invoke-WebRequest 'http://72.21.81.200/v3/index.json' -Headers @{Host='api.nuget.org'}
Invoke-WebRequest : Unable to connect to the remote server
At line:1 char:1
+ Invoke-WebRequest 'http://72.21.81.200/v3/index.json' -Headers @{Host ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebExc
eption
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand
Roscomnadzor (Russian state Internet censorship agency) went completely crazy in an attempt to block Telegram and blocked a range of /15 and /12 subnets. So, this is an example of collateral damage.
PastorGL
on 17 Apr 2018
Thanks, we are investigating the issue with our CDN provider.
agr
on 17 Apr 2018
Confirm
MTR output:
|------------------------------------------------------------------------------------------|
| WinMTR statistics |
| Host - % | Sent | Recv | Best | Avrg | Wrst | Last |
|------------------------------------------------|------|------|------|------|------|------|
| router.asus.com - 0 | 116 | 116 | 0 | 0 | 0 | 0 |
| 10.187.0.1 - 0 | 116 | 116 | 1 | 2 | 83 | 1 |
| 213.85.208.250 - 0 | 116 | 116 | 1 | 4 | 162 | 3 |
| 95.167.38.37 - 0 | 116 | 116 | 3 | 4 | 26 | 3 |
| 213.59.212.235 - 0 | 116 | 116 | 2 | 2 | 12 | 2 |
| rostelecom.demarc.cogentco.com - 0 | 116 | 116 | 44 | 45 | 65 | 45 |
|hu0-1-0-4.rcr22.fra06.atlas.cogentco.com - 0 | 116 | 116 | 42 | 42 | 43 | 42 |
| telecomitalia.fra06.atlas.cogentco.com - 0 | 116 | 116 | 45 | 45 | 51 | 45 |
| racc.franco33.fra.seabone.net - 0 | 116 | 116 | 44 | 46 | 94 | 47 |
| 195.22.211.203 - 0 | 116 | 116 | 45 | 46 | 97 | 48 |
| 152.195.101.129 - 0 | 116 | 116 | 42 | 46 | 91 | 43 |
| 93.184.221.200 - 0 | 116 | 116 | 45 | 45 | 46 | 45 |
|________________________________________________|______|______|______|______|______|______|
WinMTR v0.92 GPL V2 by Appnor MSP - Fully Managed Hosting & Cloud Provider
Sergey-Terekhin
on 17 Apr 2018
Link on RKN record with blocked IP 93.184.221.200: https://reestr.rublacklist.net/rec/342748/
xakep139
on 17 Apr 2018
there's special nuget endpoint for China. can you please implement same for Russia ?
chipitsine
on 17 Apr 2018
Put this in hosts file as a workaround
72.21.81.200 api.nuget.org
These should also work:
192.16.48.200
117.18.232.200
egorpavlikhin
on 17 Apr 2018
Can you post full list of domains hosted by 93.184.221.200 ? Because not only nuget broken, but other microsoft services like ajax.aspnetcdn.com
SagePtr
on 17 Apr 2018
Hi!
In my case all IPs returns 404 - Not Found.
avgoncharov
on 17 Apr 2018
In my case all IPs returns 404 - Not Found.
@egorpavlikhin's workaround works fine for me. Thanks a lot, BTW!
Try this URL https://api.nuget.org/v3/index.json it must return XML file.
EugeneKosmin
on 17 Apr 2018
404 in all IPs and nuget feeds url (v2 and v3)
MaxRyabov
on 17 Apr 2018
Put it in drivers\etc\hosts file. If you visit the IPs from browser they will all return 404. 404 means it's working.
egorpavlikhin
on 17 Apr 2018
93.184.221.200 is unbanned
proff
on 17 Apr 2018
still not working
DimaBelov
on 17 Apr 2018
Please don't do anything. Russian government blocks Russia from accessing millions of IP addresses (yes, millions, it is blocking /12 and /14 networks including lots of completely unrelated sites) trying to catch Telegram Messenger, and this is dubious even by Russian laws. You should not be wasting a second of your time trying to fix what they are intentionally breaking.
Instead, russian users can use VPN to access repositories or host their application on foreign servers that have no problems with connectivity.
codedokode
on 17 Apr 2018
@DimaBelov your provider not is not updated blacklist yet
proff
on 17 Apr 2018
- Ensure that your NuGet package source use URL https://api.nuget.org/v3/index.json (don`t use https://www.nuget.org/api/v2/ )
- Insert into drivers\etc\host file new entry "72.21.81.200 api.nuget.org" (this ip is currently not blocked)
- Profit!
Wereuser
on 17 Apr 2018
Confirm
api.nuget.org blocked
dvdobrovolskiy
on 17 Apr 2018
It is still somewhat blocked. While the subject IP address was already officially removed from the registry it can take awhile for all providers to update their blocking rules. Even a single provider can not update all its routers at the same time (as it happens to me).
Vertigo093i
on 17 Apr 2018
I believe so. Even that my provider is state scale monster - Rostelekom
api.nuget.org resolves to 152.199.20.1, I can even ping it. But Http/s traffic blocked
dvdobrovolskiy
on 17 Apr 2018
@dvdobrovolskiy, that's different from the subject IP. Your's one should have not been blocked by RKN. As I remember that one resembles to the IP address for China?
And for me all the problems have been gone within the past hour.
Vertigo093i
on 17 Apr 2018
Not in the list, yes. But totally blocked. Saddest story. Country-wise. Not wise at all though.
dvdobrovolskiy
on 17 Apr 2018
Azure had some connectivity issues couple of hours ago: https://azure.microsoft.com/en-us/status/history/ but they are mitigated now. @dvdobrovolskiy, you might have been impacted by it.
Clear DNS cache maybe (run ipconfig /flushdns in command line)?
Right now api.nuget.org should resolve to 93.184.221.201.
May I get some fresh info on availability of api.nuget.org? And MTR logs if https://api.nuget.org/v3/index.json is not available.
Thanks.
agr
on 17 Apr 2018
Confirm resolves to 93.184.221.201 and no block
tracert api.nuget.org
Tracing route to cs9.wpc.v0cdn.net [93.184.221.201]
over a maximum of 30 hops:
1 1 ms <1 ms 1 ms 192.168.1.1
2 1 ms 1 ms 1 ms 31.163.64.1
3 1 ms 1 ms 1 ms 87.226.151.158
4 3 ms 3 ms 3 ms 87.226.146.132
5 63 ms 63 ms 62 ms ae41.stkm-cr1.intl.ip.rostelecom.ru [217.107.67.25]
6 87 ms 83 ms 86 ms 5.104.69.12
7 85 ms 85 ms 81 ms 93.184.221.201
Trace complete.
dvdobrovolskiy
on 18 Apr 2018
Restored!
PavelKhrapkin
on 18 Apr 2018
I suppose, we can consider the issue resolved.
agr
on 18 Apr 2018
tracert is ok, browser opens index.json quickly, but in VS not working
Shiko1st
on 21 Apr 2018
@agr, new ip is banned today
https://reestr.rublacklist.net/rec/347170/
@Shiko1st, you should again add entry to hosts file:
72.21.81.200 api.nuget.org
proff
on 21 Apr 2018
Confirm.
ajax.aspnetcdn.com is also affected since has the same IP.
Vertigo093i
on 21 Apr 2018
Yes, this one helps.
Shiko1st
on 21 Apr 2018
@agr i think you shouldn't close issue while telegram works fine in Russia (instead of many other sites/services)
proff
on 21 Apr 2018
Year, ajax.aspnetcdn.com blocked.
dvdobrovolskiy
on 21 Apr 2018
vad3x
on 23 Apr 2018
Thank you! You help us confront with fascist government! The Workaround works great, but Whether this will work for a long time?
roxan200
on 23 Apr 2018
does not work again...
petriashev
on 23 Apr 2018
Please send MTR logs from locations where it does not work.
agr
on 23 Apr 2018
|------------------------------------------------------------------------------------------|
| WinMTR statistics |
| Host - % | Sent | Recv | Best | Avrg | Wrst | Last |
|------------------------------------------------|------|------|------|------|------|------|
| RT-N56U - 0 | 134 | 134 | 1 | 5 | 22 | 13 |
| 78.107.125.197 - 0 | 134 | 134 | 2 | 7 | 28 | 3 |
| plehan9-bng1-local.msk.corbina.net - 0 | 134 | 134 | 2 | 8 | 29 | 2 |
| No response from host - 100 | 27 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 27 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 27 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 27 | 0 | 0 | 0 | 0 | 0 |
...
|________________________________________________|______|______|______|______|______|______|
WinMTR v0.92 GPL V2 by Appnor MSP - Fully Managed Hosting & Cloud Provider
it works, thanks
petriashev
on 24 Apr 2018
It is temporary I believe. MS`s IPs send to ban on regular basis
dvdobrovolskiy
on 24 Apr 2018
dist.niget.org (152.199.20.1) is also blocked in Russia.
https://reestr.rublacklist.net/rec/350082/
demonix
on 25 Apr 2018
Add fresh VPN ban (Rostelekom through DPI). Donno what to change. Title or the state
dvdobrovolskiy
on 25 Apr 2018
Donno what to change. Title or the state
Country =(
SagePtr
on 25 Apr 2018
api.nuget.org should now resolve to an unblocked IP address. Work is underway to move blog.nuget.org, dist.nuget.org, as well as some other lesser known endpoints. We will update this thread as we continue to make progress.
loic-sharma
on 26 Apr 2018
blog.nuget.org and dist.nuget.org should now resolve to an unblocked IP address. Could you confirm @demonix this? Thanks!
loic-sharma
on 26 Apr 2018
Unblocked.
dvdobrovolskiy
on 26 Apr 2018
Temporary works
You can complain to the Interior Ministry for violation of Articles 13.18 of the administrative code and 286 of the criminal code (Roscomnadzor must block only telegram)
sample: https://docs.google.com/document/d/1NAO-Sdch-LFKa3GzFyitTk-tkQ34g5LhE6EL1QonLGI/edit
Ministry of Internal Affairs site: https://屑胁写.褉褎/request_main
proff
on 26 Apr 2018
Document looks like cops should care / they don`t
dvdobrovolskiy
on 26 Apr 2018
Great! Thanks @dvdobrovolskiy 馃槂
This issue should now be resolved. If anyone has any connectivity issues, feel free to reply on this thread and we will reopen it.
loic-sharma
on 26 Apr 2018
Solved till new ip blocked. I suggest you ignore next claim about blocked ip and suggest proper proxy/vpn with obfuscation etc
dvdobrovolskiy
on 26 Apr 2018
Today (04 May) this IP ([191.236.146.247]) of nugget.org was blocked.
efimomax
on 4 May 2018
just ignore this as our government regulator ignores common sense
dvdobrovolskiy
on 4 May 2018
Hi @efimomax, could you add some details of your scenario and from what geo region you try to access? Please collect an MTR log from the region that does not work.
cristinamanum
on 7 May 2018
Related issues
j3parker
路
4Comments
coleman-c
路
5Comments
yishaigalatzer
路
4Comments
dannyvv
路
4Comments
xied75
路
5Comments
Most helpful comment
Put this in hosts file as a workaround
72.21.81.200 api.nuget.org
These should also work:
192.16.48.200
117.18.232.200