Unblock 188.214.8.0/21 for Beta Cluster (Hyperoptic UK)
Closed, ResolvedPublicBUG REPORT
Actions

Assigned To

Authored By

	Krinkle
	May 30 2025, 8:07 PM

Description

Looks like my ISP is blocked again.

188.214.8.0/21

https://whois-dev.toolforge.org/w/188.214.8.0/lookup

This was previously opened up in [1], but I guess it doesn't cover all relevant ranges.

https://gerrit.wikimedia.org/r/plugins/gitiles/cloud/instance-puppet/+/6a4b16ab437d03e49985749fdfeb0a4c8d5d54c8%5E%21/deployment-prep/_.yaml

Hyperoptic is ASN 56478
https://mxtoolbox.com/SuperTool.aspx?action=asn%3a56478&run=toolpage

56478 	Hyperoptic Ltd 	188.172.144.0/20
56478 	Hyperoptic Ltd 	188.210.208.0/21
56478 	Hyperoptic Ltd 	188.210.212.0/22
56478 	Hyperoptic Ltd 	188.214.8.0/21

Related Objects
Search...

		Status	Subtype	Assigned	Task
					Restricted Task
		Resolved	BUG REPORT	• bd808	T395709 Unblock 188.214.8.0/21 for Beta Cluster (Hyperoptic UK)

Event Timeline

Krinkle created this task.May 30 2025, 8:07 PM

Restricted Application removed a project: Patch-For-Review. · View Herald TranscriptMay 30 2025, 8:07 PM

Krinkle removed a project: Epic.May 30 2025, 8:08 PM

• bd808 changed the task status from Open to In Progress.May 30 2025, 9:09 PM

• bd808 claimed this task.

• bd808 triaged this task as Medium priority.

Restricted Application added a project: User-bd808. · View Herald TranscriptMay 30 2025, 9:09 PM

bd808@deployment-cache-upload08:~$ sudo -i puppet agent -tv
...
Notice: /Stage[main]/Profile::Cache::Varnish::Frontend/File[/etc/varnish/blocked-nets.inc.vcl]/content:
--- /etc/varnish/blocked-nets.inc.vcl   2025-05-20 18:10:15.305845798 +0000
+++ /tmp/puppet-file20250530-1085910-1qio816    2025-05-30 21:19:13.684720895 +0000
@@ -144,15 +144,25 @@
        "186.0.0.0/8";
        "187.0.0.0/8";
        "188.0.0.0/9";
-       "188.192.0.0/10";
        "188.128.0.0/11";
-       "188.176.0.0/12";
-       "188.168.0.0/13";
        "188.160.0.0/14";
        "188.164.0.0/15";
-       "188.167.0.0/16";
        "188.166.128.0/17";
        "188.166.0.0/18";
+       "188.167.0.0/16";
+       "188.168.0.0/13";
+       "188.176.0.0/12";
+       "188.192.0.0/12";
+       "188.208.0.0/14";
+       "188.212.0.0/15";
+       "188.214.0.0/21";
+       "188.214.16.0/20";
+       "188.214.32.0/19";
+       "188.214.64.0/18";
+       "188.214.128.0/17";
+       "188.215.0.0/16";
+       "188.216.0.0/13";
+       "188.224.0.0/11";
        "189.0.0.0/8";
        "190.0.0.0/9";
        "190.128.0.0/10";

Notice: /Stage[main]/Profile::Cache::Varnish::Frontend/File[/etc/varnish/blocked-nets.inc.vcl]/content: content changed '{sha256}8d495233ed1dc18aa36e95885421917901bc88df2d7ff3aa4febc0e172a3f774' to '{sha256}342f4b901f62a193c9a6b9e655e54efb75730894d26d6a2f8aa18ddeed66523f'
Notice: Applied catalog in 13.03 seconds
bd808@deployment-cache-upload08:~$ sudo service varnish-frontend restart

Mentioned in SAL (#wikimedia-releng) [2025-05-30T21:20:54Z] <bd808> Poked hole in blocked_nets for 188.214.8.0/21 (T395709)

I did a follow up change to the hiera data to sort all of the blocked_nets networks using sort -V. That diff is at https://gerrit.wikimedia.org/r/plugins/gitiles/cloud/instance-puppet/+/31c595d619fb22f6b6b52c13d23dcaa6ac63478b%5E%21/#F0

• bd808 changed the subtype of this task from "Task" to "Bug Report".May 30 2025, 9:36 PM

• bd808 renamed this task from Unblock IPs for Beta Cluster: Hyperoptic UK to Unblock 188.214.8.0/21 for Beta Cluster.Jun 30 2025, 9:46 PM

Krinkle renamed this task from Unblock 188.214.8.0/21 for Beta Cluster to Unblock 188.214.8.0/21 for Beta Cluster (Hyperoptic UK).Jul 31 2025, 3:39 PM

Unblock 188.214.8.0/21 for Beta Cluster (Hyperoptic UK)Closed, ResolvedPublicBUG REPORTActions

Description

Related ObjectsSearch...

Event Timeline

Unblock 188.214.8.0/21 for Beta Cluster (Hyperoptic UK)
Closed, ResolvedPublicBUG REPORT
Actions

Related Objects
Search...