troubleshooting Question

Can't resolve certain web sites (global)

Avatar of HemisFear
HemisFearFlag for United States of America asked on
DNSHTTP ProtocolNetworking
14 Comments2 Solutions1123 ViewsLast Modified:
I'm having an issue where my office cannot hit certain web sites.  I've spent countless hours with my ISP trying to resovle this issue but more and more sites are creeping up.

This issue has been ongoing since 10/05/2010 and is only getting worse.  

Below are the list of web sites that I cannot hit.

1. www.paypal.com
2. www.dol.gov
3. www.noaa.gov

-We have a windows 2008 network that has our domain controllers/DNS Servers configured to forward all external DNS requests to my ISP's DNS servers.
-All users clients run Windows XP or Windows 7 that DNS1 & DNS2 point to internal DNS servers
-I have contacted my ISP to troubleshoot these issues wtih no resolution.  
-I have verified that I do not have any access control lists preventing my users hitting these web sites on my firewall and router
-My ISP has added a reverse DNS entry for my IP block
-My ISP has entered a SWIP (I have no idea what this is) for my account.

None of these recommendations has provided a solution.
Is it possible that my IP block has been placed on blacklists?  How would I verify this information?

-Here are example traceroutes that were performed:

WMA-R1#traceroute www.dol.gov 
Translating "www.dol.gov"...domain server (65.106.1.196) [OK]

Type escape sequence to abort.
Tracing the route to e1617.b.akamaiedge.net (184.51.182.185)

  1 ip65-47-181-113.z181-47-65.customer.algx.net (65.47.181.113) 4 msec 4 msec 4 msec
  2 ge11-1-4d0.mcr1.chicago-il.us.xo.net (207.88.172.5) 4 msec 4 msec 8 msec
  3 vb1700.rar3.chicago-il.us.xo.net (216.156.0.161) 4 msec 4 msec 4 msec
  4 ae0d1.cir1.chicago2-il.us.xo.net (207.88.13.5) 4 msec 4 msec 4 msec
  5 216.156.72.78.ptr.us.xo.net (216.156.72.78) 4 msec 12 msec 4 msec
  6  *  *  *
  7  *  *  *

WMA-R1#traceroute nhc.noaa.gov
Translating "nhc.noaa.gov"...domain server (65.106.1.196) [OK]

Type escape sequence to abort.
Tracing the route to nhc.noaa.gov (140.90.176.165)

  1 ip65-47-181-113.z181-47-65.customer.algx.net (65.47.181.113) 4 msec 4 msec 4 msec
  2 ge11-1-4d0.mcr2.chicago-il.us.xo.net (207.88.172.13) 32 msec 4 msec 4 msec
  3 ae1d0.mcr1.chicago-il.us.xo.net (216.156.1.81) 4 msec 4 msec 4 msec
  4 vb1700.rar3.chicago-il.us.xo.net (216.156.0.161) 8 msec 4 msec 4 msec
  5 ae0d1.cir1.chicago2-il.us.xo.net (207.88.13.5) 4 msec 4 msec 4 msec
  6 206.111.2.86.ptr.us.xo.net (206.111.2.86) 4 msec 4 msec 4 msec
  7 dca-edge-21.inet.qwest.net (67.14.6.66) 24 msec 24 msec 24 msec
  8 65.123.192.198 24 msec 24 msec 24 msec
  9 140.90.111.46 28 msec 28 msec 20 msec
10 140.90.76.74 24 msec 24 msec 24 msec
11 140.90.60.6 28 msec 24 msec 24 msec
12 140.90.60.1 28 msec 24 msec 24 msec
13  *  *  *
 14  *  *

ASKER CERTIFIED SOLUTION
jar3817

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 2 Answers and 14 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 14 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros