By using AWS re:Post, you agree to the Terms of Use
/Why TCP connections drops in Frankfurt eu-central-1 even though same connections work without a problem in Stockholm (eu-north-1)/

Why TCP connections drops in Frankfurt eu-central-1 even though same connections work without a problem in Stockholm (eu-north-1)

0

Steps to reproduce: Create EC2 instance in eu-central-1 region with following configuration - t3.small, ami-042172eb88687b43e (Windows Server 2016 Base), Public IP, igw to handle traffic. Login to the instance through RDP. Install telnet (it can be done through PowerShell with following command Install-WindowsFeature -name Telnet-Client). Open command line and try use telnet to connect 10-20 times to remote host with following command telnet 212.90.186.150 80. At least one attempt will fail with error "Connection failed". Repeat all steps above in eu-north-1 region and will see 0 errors.

Is there a problem with routing in eu-central-1 region?

You can also trace (tracert 212.90.186.150) to find out through which IPs/Networks the connection goes. From the 212.90.186.150 country (Ukraine) side the route is the same for both regions but when you trace from eu-central-1 it also goes through few internal IPs: 100.95.20.135, 100.100.22.2, 100.95.21.129, 100.100.4.58 and one "Frankfurt IPv4 Peering LAN". It could be a problem with this route. Could you help to solve the issue?

1 Answers
0

Hi,

I was able to reproduce the issue you described

  1. I spin up t2.micro Linux EC2 in eu-central-1
  2. Tested connectivity to 212.90.186.150 via IGW
  3. Noticed inconsistent connectivity, couple of telnet on port 443 worked then the subsequent attempt failed
  4. I did a TCP based traceroute on port 443

Suggest opening ticket with Support so have this investigated further from AWS side.

You may want to check with Ucomline LLC that owns the 93.178.204.254 as well.

First 2 attempts worked, 3rd did not:

$  telnet 212.90.186.150 443
Trying 212.90.186.150...
Connected to 212.90.186.150.
Escape character is '^]'.
^CConnection closed by foreign host.

$  telnet 212.90.186.150 443
Trying 212.90.186.150...
Connected to 212.90.186.150.
Escape character is '^]'.
^CConnection closed by foreign host.

$  telnet 212.90.186.150 443
Trying 212.90.186.150...
^C

Traceroute on TCP port 443:

$  traceroute -T -p 443 212.90.186.150
traceroute to 212.90.186.150 (212.90.186.150), 30 hops max, 60 byte packets
 1  * * *
 2  240.0.96.14 (240.0.96.14)  0.498 ms 243.253.18.114 (243.253.18.114)  0.511 ms  0.472 ms
 3  240.0.96.25 (240.0.96.25)  0.490 ms 243.254.6.1 (243.254.6.1)  0.482 ms 240.0.96.20 (240.0.96.20)  0.534 ms
 4  240.0.96.26 (240.0.96.26)  0.526 ms 240.0.96.19 (240.0.96.19)  0.513 ms 240.0.96.17 (240.0.96.17)  0.559 ms
 5  100.95.5.8 (100.95.5.8)  0.956 ms 242.1.101.113 (242.1.101.113)  0.810 ms  0.818 ms
 6  100.100.4.56 (100.100.4.56)  2.238 ms 100.100.4.54 (100.100.4.54)  1.834 ms 100.95.21.12 (100.95.21.12)  0.918 ms
 7  100.100.4.48 (100.100.4.48)  1.759 ms 100.100.4.54 (100.100.4.54)  1.762 ms 100.100.4.62 (100.100.4.62)  1.745 ms
 8  * 100.95.21.129 (100.95.21.129)  1.814 ms  1.831 ms
 9  100.100.4.58 (100.100.4.58)  1.666 ms *  1.450 ms
10  * * *
11  * * ukrcom-gw.kiev.ucomline.net (93.178.204.254)  34.284 ms
12  * * *
13  * * *
14  * * *
15  * * *
16  * * mail.uakey.com.ua (212.90.186.150)  35.715 ms
$  
Tushar_J
answered 5 days ago
  • May I open the AWS Support Ticket on Basic plan (aka without the "Support Plan")?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions