I have detected (in at least two sites) that when the login lockdown protection is active, WordPress.com services that needs access to the site (some of them provided by Jetpack) are blocked.
It's weird, but they get blocked as if they tried to login using the username 'username'
Below you can see some IP examples, so you can check that they're legitimate IP addresses:
This issue it's a bit weird because WordPress.com services uses XML-RPC protocol, but somehow the login lockdown protection catch the requests and blocks them.
PS. The Pingback Protection is disabled.