Weird networking problem
lsorense-1wCw9BSqJbv44Nm34jS7GywD8/FfD2ys at public.gmane.org
Sun Jul 11 13:28:37 UTC 2004
On Sun, Jul 11, 2004 at 02:32:44AM -0400, Marcus Brubaker wrote:
> Alright, I have a strange problem that I've been up against for the past
> two or three days and am running out of ideas so I figured I'd post here
> and see if anyone could help. About 3 days ago my DSL connection seemed
> to stop working. Further analysis showed that the connection was still
> there but certain sites/servers were inaccessible. For instance I was
> able to load cnn.com but was unable to load google.com. Similarly for
> many other sites, including an inability to get to my own ISPs website.
> It wasn't simply restricted to http access either as ssh, pings and
> traceroutes showed similar behaviour. Neither was there a browser issue
> (tried Mozilla, wget, IE, etc).
> Thinking it might be an issue with my firewall I replaced the firewall
> with a spare. This failed to make any difference. Thinking perhaps it
> was a modem issue I also swapped modems again to no avail. Finally I
> called the ISP and, at their urging, I directly connected a Windows XP
> laptop to the modem to make their tech support people feel more at
> ease. As expected, this made no difference They ran line tests and
> checked network status. I was informed that Bell had no issues, they
> had no issues and, in fact, by everything they could tell, I had a
> picture perfect, low-noise DSL line which was connecting and
> authenticating wonderfully.
> And the strangest part of the whole thing is how erratic it is in what
> hosts it can connect to and what hosts it can't. For instance, there
> are two hosts on the U of T CS network that I have access to. They are
> separated by very little (practically next to each other) and share the
> same route out of the U of T networks. Against all intuition and odds,
> one of them is perfectly accessible while the other isn't. However,
> from my machine at home on Rogers both machines are readily accessible
> Now, about the only two things that I can think to be a problem is that
> either a) something very unusual is going on with my ISPs routers or b)
> the IP address has somehow been blacklisted somewhere. Now, I can't
> imagine why b) would be the case and, even if the server was blocked as
> a spam relay (which, AFAIK it isn't, and yes I've checked), those
> usually block at the mailer level, not the IP level, right? While I was
> able to try a different IP address with my ISP (which worked great) it
> doesn't rule out option a) since the address was on a completely
> different subnet.
> My own feeling is that it is option a) but at the moment I have no way
> to show that. I spent two hours on the phone today convincing the
> bloody tech support person that it was *not* a software configuration
> issue and he refused to believe that anything could be wrong with their
> system that he was unaware of. Unfortunately, I don't know of any way
> to test or determine where the problem is since traceroute has been
> inconclusive at best and I'm not a networking expert.
> So I guess my question is this: what could I try/test in order to either
> rule out or support option a) or b)? Should I just call back the ISP
> and insist that a ticket be filed with their real networking people? If
> that is the case, does anyone have any theory on what might cause such
> unusual behaviour so that I can make a better case? Any other advice?
> Thanks to everyone (especially for reading this far!) for any help or
> even positive thoughts. I'm about ready to put my head through the wall
> on this one.
Well you seem to have tried all the obvious solutions.
What kind of firewall are you using?
What MTU do you run on your DSL link?
If the firewall is Linux, does it happen to have ECN (explicit
congestion notification) on? Having that on will cause weird problems
since there are many broken routers on the Internet that do the wrong
thing when they encounter ECN packets.
I wonder if some large chunk of the Internet is having routing issues
that happens to cause problems, except that doesn't explain the machines
at UoT. Since the windows machine didn't work, that doesn't explain the
ECN idea either.
The symptoms certainly are confusing in your case.
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy