kiwisdr.com down? [fixed: disable "advanced security" on Comcast/Xfinity website]
I just received a kiwisdr a couple of days ago and would like to refer to the documentation. But am unable to connect to kiwisdr.com except for forum.kiwisdr.com. Is the main site down?
Comments
No, it's up. Where are you? Someone in Europe had this problem a few days ago and it cleared up after a few hours. ISP routing problem.
I'm in Bloomington, Indiana USA and still can't reach the site.
https://www.isitdownrightnow.com/kiwisdr.com.html
This has been going on for several days. I was able to reach the site by just now downloading and using a Tor Browser.
Could you print the output of (command prompt)
"ping kiwisdr.com" (I'm looking for if it returns the IP address, and in what format)
And then
"ping 50.116.2.70" (to see if it can actually route packets to the address)
--
The common issues are DNS where the name does get linked to the right address or more recently the address returned for "somesite.com" coming up as IPv6 where these is no route using that version from your location. Both are errors but it would help to narrow it down.
Stu
I don't know what DNS server the OP or isitdownrightnow.com are using, but the fifty or so I just checked all resolve to 50.116.2.70.
However, the reverse DNS for that IP address is li420-70.members.linode.com. An A lookup on that name returned IPv4 and IPv6 addresses:
2600:3c01::f03c:91ff:fed4:ac4
50.116.2.70
Still, I don't really see an issue here. We need more from the OP. The info Stu requested is a good place to start...
Nick
C:\WINDOWS\system32>ping kiwisdr.com
Pinging kiwisdr.com [50.116.2.70] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 50.116.2.70:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
------------------------
Pinging 50.116.2.70 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 50.116.2.70:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
I am strongly suspecting that Comcast is blocking the site for some reason
I will explore further.
OK that is strange. You could try "tracert kiwisdr.com"
I tend to remove the first few lines if ever I share tracert results, we just want to see if it gets outside your network and ISP. - those are normally from about line 3 or 4 onward.
Comcast Xfi does indeed blacklist Kiwi ports in the default security mode. That has to be turned off since they added it as part of their web configuration of home routers, as far as I can tell. That's what I had to do to restore connection anyway.
OK so it's not a DNS issue. The output from tracert 50.116.2.70 will be useful.
I've talked to Comcast technical support which so far has been of no help. I was supposed to get a call from their more advanced support. So far no call.
Tracing route to kiwisdr.com [50.116.2.70]
over a maximum of 30 hops:
1 1 ms 1 ms 1 ms 10.0.0.1
2 * * * Request timed out.
3 * * * Request timed out.
4 * * * Request timed out.
5 * * * Request timed out.
6 * * * Request timed out.
So that shows just your router which could mean:
My gut feeling is that your WAN might be IPv6 only and that no tunnel/route is handling the v4 address for kiwisdr.com, but that is just a guess and I'll be interested to hear what support says.
if you have a Linux box try the same but "traceroute kiwisdr.com" (you may not have traceroute installed.)
Given this seems to be in your router, and Comcast is involved, I would try this:
http://forum.kiwisdr.com/discussion/comment/9770/#Comment_9770
After much digging I found two IP addresses are being blocked, one is for kiwisdr.com. I don't know what the other one is, but I suspect it is the github site for software updates. I am chatting with tech support now.
Everything seems to be working.
I did remember the Comcast thing as mentioned by N6GN and John but had assumed that was just for serving local Kiwi's to the internet on ports around 8073 not for just visiting the kiwisdr.com domain or update pages.
Curious, I wonder why they are so specific.
Foxd,
did support share what they did, was it turning off advanced security? Maybe that covers any service not on the approved Comcast reading list like Facebook, Twitter, Reddit (oops no).
If you know what was done to fix this please let us know. It's valuable to add this to the list of known problems/solutions.
Well, within an hour the site was blocked again. I called and have been deserted on chat. (The chat window has been open all night.)
Disable the advanced security as in the 9770 link above.
---
(with credit to Brendan_W)
1. Go to Xfinity's website, login, select the "XFi" (WiFi) menu.
2. Select the tab marked "More."
3. Select the "My Services" tab.
4. "Advanced Security" should be the only service listed, click to disable.
5. Exit.
---
I doubt many major ISP's are going to keep a whitelist per user so turn that sh.. feature off.
And then I went back to read more of that thread.
Brendan_W again
"while this "Advanced Security" was in effect, I couldn't log into KiwiSDR.com either. My browser (FF) acted like it was a DNS error, and couldn't find it. A strange linkage on this end."
(Sorry Glen I should have just listened to your first post about that.)
That did it, this time for sure!
Slightly off topic here but related nonetheless. Verizon FIOS recently changed their routers to not report TTL data on ICMP traffic (at least that is what I think). This causes tracert in windows to return data like this:
Note the lack of hops and the impossibly low reply time of 1ms.
If you use linux or a tool which performs UDP route tracing you can get the "real" data. Here's the result from the ssh terminal of the kiwi:
Cheers,
Nick