PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

odd lack of some internet connectivity

From: monkey at monkeycoder.org (Richer Dinelle)
Date: Mon, 3 Nov 2008 20:29:13 -0500
You could easily test it by pinging a pingable target (of course) with  
the "Don't Fragment" option set and a packet size of 1300 bytes. After  
that you just increment till the ping drops packets. It's gonna give  
you the best MTU for the link you're using ... (ping for windows and  
linux can be set that way)

Rick
On 08-11-03, at 16:56, Robin Wood wrote:


2008/11/3 Richer Dinelle <monkey at monkeycoder.org>:

As you may know, if the website you're trying to reach is blocking
icmp at large then the pmtu won't work and won't be able to adjust  
its
mtu. For example, an ADSL connection is using 1492 as its mtu but I
had problems in the past with some websites (windows update or  
hotmail
for example ...) and would timeout. By lowering the mtu at say 1456  
or
1484 it solved the problem. I hope it helps.


Sounds reasonable as windows update and hotmail are two things that
are playing up, but why would this suddenly happen, and why would I
still see the problem from my linux laptop?

To test it I would need to drop the MTU on one of the windows boxes.
To exagerate it I could drop it to 1300 which would then be the lowest
on the network so would show if it was the problem or not. Correct?

Robin





Rick

On 08-11-03, at 10:29, Robin Wood wrote:


Thanks for the suggestions. I agree that it probably isn't DNS as I
tried dig'ing the sites that failed and they all got responses, I
could also ping some of them but not the hotmail one but I think  
that
is because MS block pings for everyone.

The MTU I could go with if it was a large network but it is about 10
PC's sat behind a switch then firewall then SOHO modem and nothing
(I've been told) has changed.

I looked at taking smoothwall out of the picture but the modem was
plugged in though usb rather than ethernet and as I was doing it  
as a
favour I didn't fancy pulling plugs and spending all day there on my
own time. I've suggested the guy who comes in to upgrade smoothwall
does this if it is still bust after he has done the upgrade.

The peering info is interesting but as I can get at areas of a
site/ftp and not others I'm going to discount it. I would expect to
have complete blackholes rather than partial ones.

All good suggestions and ones I'll keep in mind for the next weird
outage.

Robin

2008/11/3 David Grubers <david.grubers at gmail.com>:

I can't really offer any advise, but I have the same issue with
gmail.com in my dorm room. google.com will load happily,  as well  
as
several other sites, but gmail will take a good couple minutes. I
know
it isn't DNS, as my browser successfully looks up the IP and then  
the
connection gets slow while it connects. I'm not sure if google
analytics automatically is loaded by gmail, but if not, I notice  
that
it often loads at this time too (perhaps my ISP is doing some
monitoring with analytics?).

2008/11/3 Bugbear <gbugbear at gmail.com>:

I am not familar with Smoothwall but does that have any sort of  
IPS,
application shaping, web filter, or app inspection in it? In my
experience
when I have had issues like this it almost always one of these
types of
products.

I would put a system on the outside of Smoothwall and see if the
issue can
be reproduced - just to rule it out quickly. You can always throw
wireshark
inline too but taking the firewall appliance out of the equation
would be
where I star.

Doesnt sound like a DNS issue since it saounds like some of the
pages are
loading partially and the FTP behavior you described.

Could very well be the ISP and worth a call post taking the  
Firewall
appliance out of the loop.

Tim




On Mon, Nov 3, 2008 at 8:15 AM, Robin Wood <dninja at gmail.com>  
wrote:


Hi
See if anyone can help me with this weird problem ...

I've just been to see a friend at his company as he was  
complaining
about not being able to access certain websites or certain  
parts of
sites that used to work fine. My first thought was browser or  
local
firewall problem so I took my laptop along to eliminate the
possibility of that being the fault.

After some playing we found a couple of sites (hotmail and part
of the
Ryan Air booking system) that just timed out when we tried to
access
them, this was through my laptop and through their machines. I've
just
tried the same sites 10 mins later at home and they are working
fine
so it isn't that the sites aren't down. I also tried hitting the
site
through netcat and again, it just timed out.

It isn't a http vs https issue as I successfully visited a number
of
sites of both types.

It isn't even just web traffic, the ftp connection they use to
publish
their website allowed us to login and get a directory listing of
the
root directory and change into a subdirectory but getting a
directory
listing of that directory timed out. The same connection works  
fine
from my friends home network so it isn't a permissions issue.

I'm at a loss of what to suggest, they are using smoothwall
express v2
between their switch and modem but that hasn't been updated for
months
so is unlikely to be the cause, just in case it was playing up we
tried rebooting it and the problem still persisted.

The problem has been happening for over a month now but nothing  
has
been changed in a lot longer than that so it shouldn't be a  
config
issue.

I've suggested talking to their ISP (BT) to see if they can  
suggest
anything. Has anyone here got any suggestions of what to try, I'm
completely stumped!

Robin
_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com



_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com


_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com


_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com


_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com


_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
Previous By Date Next
Previous By Thread Next

Current thread: