Strange NTL / Telewest IP problems

Something strange is going on with ntl / telewest internet access. I noticed a few days ago that gmail.com wasn’t working on the network at home. On three of the computers it timed out, but on another it came up fine. Ipconfig /flushdns didn’t help, and running a tracert from the non-responding computers resulted in a different IP from that found via the router’s internal software. What’s even more strange is that if I’m redirected to google.com if I use gmail’s IP address that I’ve confirmed is correct. That’s very odd – I couldn’t explain that one.

A few days ago I upgraded the router software, so I figured there must be some strange bug or leftover DNS entry1. Then somebody else asked me whether gmail was down, as he couldn’t access it from his house either. It can’t be a local problem with my network if he’s having it too. He’s on NTL dial-up. Telewest and NTL merged recently, so it’s possible they’re now sharing servers. I can only think that there’s some weirdness going on with them.

This morning Dad phoned to say that various other websites, including HSBC, are only working on the one computer – all the others say that the server isn’t responding. I’m trying to fix it, but can’t find a way currently. I’m worried that some cache is going to time out and they’ll be left unable to connect at all.

I can’t see how only one computer on the network could be working, unless it has a particularly long-life DNS cache or something. Even so, IP addresses should be independent of the cache…I don’t know what’s going on. I can’t find anything about this on the normal forums, and neither NTL nor Telewest are reporting problems via their status pages.

Anybody have any ideas?

Update: Fixed it. It wasn’t NTL / Telewest at all – we have a centrally controlled firewall, and I updated the rules a few days ago. A rather dodgy UI design caused me to select “disabled” for the “Custom Privacy Level – https connections” option. I thought I was disabling an https security feature when I was in fact disabling all https connections. Although in hindsight this was consistent with the other items in the list, it’s an odd choice of option title and I think your brain has to work a certain way to pick up on it. I discovered the solution completely by accident when looking at the firewall logs and trying to figure out why I couldn’t connect remotely to one of the machines. The question now is why one computer didn’t accept the command! It must have been coincidence that somebody else couldn’t connect to gmail at the same time, I guess.

  1. wouldn’t quite explain it, I know, but it was all I could think of []