-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Bad cable or a bad NIC are the first to come to mind. Unless you are doing something funky with traffic shaping. Buggy NIC driver, duplex problems (eg. mixing hubs and switches of varying capabilities, also some drivers are flakey, mostly under Windows, but it happens to us too). If the cable runs under a door make sure it is not mangled. Check for staples and that there are no tight bends in the cable.
The TCP/IP guide is awesome (yes Dave, a review _is_ coming... eventually) Fortunately it is also on line, you are likely interested in the following page. This whole section is actually pretty good to know. Actually, IMO, the whole book is pretty handy. http://www.tcpipguide.com/free/t_TCPWindowManagementIssues.htm Martin Glazer wrote: > Normally I would agree with everyone regarding Shaw and their DNS, but In > this > case it is not a DNS issue - I did check that after all the suggestions, the > domains are resolving to the same IP. > > I captured the request with tcpdump on the firewall, just using telnet and > GET > HTTP/1.1 (William thanks for pointing out the correct syntax - I still get > different responses using just this syntax). > > Between the dumps (see below), the only difference I see is in the TCP window > size. On the 'bad' pc, the window size appears as a constant 92 and on > the 'good' pc is around 5840. > > I didn't make any changes to any parameters on the 'bad' pc, the only thing I > can think of is the different kernel on each machine. > > Any network experts out there that can shed some more light on this? What > sets > the TCP window size? How could I change it? or am I barking up the wrong tree > here? > > Martin > > > TCPDUMP with 172.16.1.4 as not working and 172.16.1.20 as working > > Non Working > 00:24:39.697544 IP 172.16.1.4.42768 > 216.17.211.37.http: S > 1823424781:1823424781(0) win 5840 <mss 1460,sackOK,timestamp 54409718 > 0,nop,wscale 6> > 00:24:39.786926 IP 216.17.211.37.http > 172.16.1.4.42768: S > 3583296001:3583296001(0) ack 1823424782 win 5792 <mss 1460,sackOK,timestamp > 200609792 54409718,nop,wscale 0> > 00:24:39.787159 IP 172.16.1.4.42768 > 216.17.211.37.http: . ack 1 win 92 > <nop,nop,timestamp 54409808 200609792> > 00:24:46.399388 IP 172.16.1.4.42768 > 216.17.211.37.http: P 1:15(14) ack 1 > win > 92 <nop,nop,timestamp 54416421 200609792> > 00:24:46.498051 IP 216.17.211.37.http > 172.16.1.4.42768: . ack 15 win 5792 > <nop,nop,timestamp 200610464 54416421> > 00:24:48.776343 IP 172.16.1.4.42768 > 216.17.211.37.http: P 15:17(2) ack 1 > win > 92 <nop,nop,timestamp 54418798 200610464> > 00:24:48.900887 IP 216.17.211.37.http > 172.16.1.4.42768: R > 3583296002:3583296002(0) win 0 > > Working > 00:25:05.255277 IP 172.16.1.20.35551 > 216.17.211.37.http: S > 548855971:548855971(0) win 5840 <mss 1460,sackOK,timestamp 384881907 > 0,nop,wscale 0> > 00:25:05.343467 IP 216.17.211.37.http > 172.16.1.20.35551: S > 3602424666:3602424666(0) ack 548855972 win 5792 <mss 1460,sackOK,timestamp > 200612348 384881907,nop,wscale 0> > 00:25:05.343660 IP 172.16.1.20.35551 > 216.17.211.37.http: . ack 1 win 5840 > <nop,nop,timestamp 384881916 200612348> > 00:25:12.291607 IP 172.16.1.20.35551 > 216.17.211.37.http: P 1:15(14) ack 1 > win 5840 <nop,nop,timestamp 384882611 200612348> > 00:25:12.376901 IP 216.17.211.37.http > 172.16.1.20.35551: . ack 15 win 5792 > <nop,nop,timestamp 200613052 384882611> > 00:25:12.379452 IP 216.17.211.37.http > 172.16.1.20.35551: P 1:255(254) ack > 15 > win 5792 <nop,nop,timestamp 200613052 384882611> > 00:25:12.379691 IP 172.16.1.20.35551 > 216.17.211.37.http: . ack 255 win 6432 > <nop,nop,timestamp 384882620 200613052> > 00:25:12.379823 IP 216.17.211.37.http > 172.16.1.20.35551: F 255:255(0) ack > 15 > win 5792 <nop,nop,timestamp 200613052 384882611> > 00:25:12.380156 IP 172.16.1.20.35551 > 216.17.211.37.http: F 15:15(0) ack 256 > win 6432 <nop,nop,timestamp 384882620 200613052> > 00:25:12.478286 IP 216.17.211.37.http > 172.16.1.20.35551: . ack 16 win 5792 > <nop,nop,timestamp 200613062 384882620> > > > > On Thursday 28 September 2006 22:27, Shawn wrote: >> I've run into this issue repeatedly in the past week. The problem (in >> my cases at least) appear to be Shaw's DNS servers. For whatever >> reason, they are not responding for some names, and not forwarding >> requests to other servers. >> >> For me the solution has be change the DNS servers in use. For my >> internal network, I've switched to point to my private instance of BIND >> (used solely to resolve internal names), and things work well enough. >> For boxes outside my network, I've switched them to use the OpenDNS >> servers (www.opendns.com). In both cases, everything went back to normal. >> >> In ALL cases, it has been a Shaw DNS server. I discovered this while >> trying to fix the issue for some friends of mine. They were behind a >> DLink box, and using DHCP from that box. I determined what DNS servers >> the DLink was using, and tried to access them directly from the >> workstation. I could ping them, but when using them as the workstations >> DNS servers they failed as well. I next ran nslookup and tried to >> resolve the host in question. The response - from Shaw's server >> (identified by name) was that the name could not be resolved. Ergo, >> trying a different server fixed the problem. I knew it was not due to a >> change in the domain name, as we control that and hadn't done any >> changes in more than a year. >> >> A little wordy for a response I know, but hopefully this helps out.... >> >> Shawn >> >> Martin Glazer wrote: >>> I'm completely baffled by this.... >>> >>> >From my workstation (Gentoo/KDE), I cannot access some websites >>> >>> (www.contribs.org being the main one I need). The request goes out but >>> then I don't receive anything in response and eventually the browser >>> times out. >>> >>> I have tried with Konqueror, FireFox and even telnetted to port 80 - >>> >>> [EMAIL PROTECTED] ~ $ telnet contribs.org 80 >>> Trying 216.17.211.37... >>> Connected to contribs.org. >>> Escape character is '^]'. >>> GET HTTP/1.1 >>> >>> <<hit enter a few times>> >>> >>> Connection closed by foreign host. >>> [EMAIL PROTECTED] ~ $ >>> >>> >>> I've tried under a different used ID, under root and even changed machine >>> IP. The machine is sitting on my internal network behind a Linux >>> firewall. There is no firewall/iptables running on this workstation. >>> >>> Other machines on my internal network (Linux and Windows) have no problem >>> accessing these sites, so it is not the firewall >>> . >>> I can access most other sites on the internet without a problem from this >>> machine. >>> >>> I used to be able to access these sites before. >>> >>> Any suggestions? >>> >>> Baffled > > _______________________________________________ > clug-talk mailing list > [email protected] > http://clug.ca/mailman/listinfo/clug-talk_clug.ca > Mailing List Guidelines (http://clug.ca/ml_guidelines.php) > **Please remove these lines when replying -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFHMS1wRXgH3rKGfMRAgYzAKCGaQbbAM+KlXdW2oMr253SHsD8ywCggBpS RoHuv7BuRmMZmKVfQIjd1Y4= =3FC2 -----END PGP SIGNATURE----- _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
