Does LetsEncrypt block IP or hole subnets?

Does LetsEncrypt block IP or whole subnets?

To my knowledge we have no such blocks in place. We favour rate limiting over outright blocking.

Do you have the same trouble reaching production, or only the staging server?

Are the different servers all in the same subnet? Can you share the output from each of these commands:

    curl http://ipv4.whatismyip.akamai.com/ ; echo
    curl http://ipv6.whatismyip.akamai.com/ ; echo
    dig +short whoami.ipv4.akahelp.net TXT
    dig +short whoami.ipv6.akahelp.net TXT
    dig +short whoami.ds.akahelp.net TXT
    dig +short whoami.ds.akahelp.net TXT
    dig +short whoami.ds.akahelp.net TXT
    mtr -c 20 -w -r acme-staging.api.letsencrypt.org

(You might need to install mtr for the last one).

1 Like