Petter Reinholdtsen skrev:
[Ole-Anders Andreassen]
What kind of things should I test to document, or find the problems?
So far I have just used MTR to document slow respons, wget
--no-proxy to document that www hangs and ends time out, ifconfig to
show NiC settings, and route...
Comparing tcptraceroute and traceroute might be useful. A tcpdump of
a hanging session might be useful too.
What you describe sound slighly similar to the problem we experienced
at a gathering, where some transparent firewall (Firewall 1, if I do
not remember incorrectly), were unable to parse HTTP headers with unix
line endings and simply refused to handle such HTTP connections.
Happy hacking,
tjener:~# tcptraceroute www.vg.no
Selected device eth0, address 10.0.2.2, port 52967 for outgoing packets
Tracing the path to www.vg.no (195.88.54.16) on TCP port 80 (www), 30 hops max
1 10.0.2.1 9.061 ms 0.461 ms 0.512 ms
2 10.63.152.1 1.235 ms 1.036 ms 0.978 ms
3 10.202.63.1 3.894 ms 10.220 ms 3.858 ms
4 10.200.193.17 3.790 ms 3.795 ms 4.070 ms
5 85.221.22.129 4.657 ms 23.638 ms 17.696 ms
6 www.vg.no (195.88.54.16) [open] 19.536 ms 11.242 ms 10.339 ms
tjener:~# traceroute www.vg.no
traceroute to www.vg.no (195.88.54.16), 30 hops max, 40 byte packets
1 gateway.intern (10.0.2.1) 0.520 ms 0.808 ms 1.486 ms
2 10.63.152.1 (10.63.152.1) 5.345 ms 5.431 ms 5.521 ms
3 10.202.63.1 (10.202.63.1) 12.244 ms 12.591 ms 12.795 ms
4 10.200.193.17 (10.200.193.17) 13.129 ms 13.338 ms 14.487 ms
5 85.221.22.129 (85.221.22.129) 13.610 ms 13.971 ms 14.207 ms
6 85.221.22.1 (85.221.22.1) 13.799 ms 18.911 ms 19.102 ms
7 195.204.200.102 (195.204.200.102) 19.249 ms 15.599 ms 10.038 ms
8 195.204.200.101 (195.204.200.101) 10.188 ms 10.290 ms 10.362 ms
9 195.204.183.16 (195.204.183.16) 21.753 ms * 22.218 ms
10 c10G-xe-4-3-0.br1.xa19.no.catchbone.net (193.75.9.21) 21.998 ms * 22.076
ms
11 * te7-1-0.cr1.xa19.no.catchbone.net (193.75.1.73) 22.289 ms 22.600 ms
12 te7-1-0.cr1.fn3.no.catchbone.net (193.75.3.150) 22.705 ms 22.799 ms
22.868 ms
13 193.75.3.254 (193.75.3.254) 33.824 ms 30.865 ms 18.254 ms
14 xe-1-3-0.cr3.hmg9.no.linpro.net (193.156.90.81) 18.547 ms 18.629 ms
20.115 ms
15 vlan62.sw0.hmg9.no.linpro.net (87.238.32.19) 21.481 ms * 21.754 ms
16 www.vg.no (195.88.54.16) 21.271 ms 21.833 ms 21.916 ms
tjener:~#
The firewall log at the town hall shows a lot of messages about "TCP packet out of
state"
Wireshark tells me that the second stage [SYN-ACK] of 3-way-handshake never
happens.
The realy strange thing is that this only affects PC's with Linux
OleA
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive: http://lists.debian.org/[email protected]
