LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 05-18-2005, 08:26 AM   #1
Booster
Member
 
Registered: Sep 2003
Location: Ontario, Canada
Distribution: Gentoo, Suse
Posts: 59

Rep: Reputation: 15
iptables - cannot load certain websites


For the past few days I've been having trouble with my router - it's running 2.4.20/iptables, and what's happening is that certain websites will not load from any machine on the LAN.

If I try to go to http://www.mls.ca it finds the site, changes the name to "http://www.mls.ca/map.aspx" and hangs - almost.

If I do a "view source" on the page, I'll see that some of it has loaded, and if I check a minute later, there will likely be a bit more loaded, but even after many minutes it never gets past about 8k, and never will load.

Most sites work fine, I'd say it's <10% of sites that exhibit this issue. A couple others are:
http://www.autotrader.ca
http://www.jobbank.gc.ca

I connect through a T1, and I've even set up a new gateway machine running very simple routing rules:
Code:
iptables -A FORWARD -i eth1 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT

iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT

iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
This second machine with simple rules exhibits the same problem.

I've played around with MTU a bit - no effect.

Any thoughts would be GREATLY appreciated - I have many users here, and they have been patient, but I'm quite eager to resolve this.

Thanks

[edit] I should add that the original router has been running for a very long time with many users without trouble. It was shut down about a week ago (just to move it), and the problem became apparent some days later (not sure, but the problem likely existed since last bootup)[/edit]

Last edited by Booster; 05-18-2005 at 09:31 AM.
 
Old 05-18-2005, 09:50 AM   #2
Darin
Senior Member
 
Registered: Jan 2003
Location: Portland, OR USA
Distribution: Slackware, SLAX, Gentoo, RH/Fedora
Posts: 1,024

Rep: Reputation: 45
Re: iptables - cannot load certain websites

Quote:
Originally posted by Booster
This second machine with simple rules exhibits the same problem.
That leads me to belive that it's something upstream from you that is causing this problem, have you checked into that?
 
Old 05-18-2005, 11:42 AM   #3
Booster
Member
 
Registered: Sep 2003
Location: Ontario, Canada
Distribution: Gentoo, Suse
Posts: 59

Original Poster
Rep: Reputation: 15
I believe you're right - I disconnected the entire network and just connected on PC to the outside, and it does the same thing....

I talked to my ISP... something tells me that this is going to be a lengthy battle.

Cheers
 
Old 01-31-2006, 10:52 PM   #4
Booster
Member
 
Registered: Sep 2003
Location: Ontario, Canada
Distribution: Gentoo, Suse
Posts: 59

Original Poster
Rep: Reputation: 15
BTW: I did resolve this, but never really, to my satisfaction, figured it out. Anyway, here's what the "problem" was:
(hold on to your hat)
A fiber cable (multimode pair) had been zip-tied too tight. It was a fiber cable on my T1 line, and as soon as I bypassed it, shazzam, it worked. Go back, and it does it again.... I tried it a dozen times to be sure.
Once the dizzy spells stopped, I hooked it up through that fiber line again, and ran some tests....results:
- Same as before, some http traffic okay, some not. Consistantly the same sites.
- Tried lowering my MTU - it *improved*. Meaning some of the previous sites were okay, some not.
- Raised MTU back up, went back to same as before.
- Seemed as though some packets were too big to fit through the pinched cable.
- Dizzy spells started again. lol
- Dropped it, and tried to forget it. (That never worked... I still would like to understand)

Point of interest: I've had some cabling "pros" test the hell out of that cable, numerous times, and always got "it's fine" or better. (Those guys seem to not want me to see their meter. heh)

Anyway, just wanted some closure on the topic - I hate unanswered topics, and I left this one for a while.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
pls help: debian router => some websites won't load (though pinging works) mikey79 Linux - Networking 3 07-15-2006 11:23 AM
why dont [some] websites load? (slack) nadroj Linux - Newbie 3 06-03-2005 01:52 AM
Iptables - Couldn't load target `ACCPET':/lib/iptables/libipt_ACCPET.so: z00t Linux - Security 3 01-26-2004 02:24 AM
iptables modules load? shanenin Linux - General 0 01-06-2004 01:15 PM
Iptables blocking certain websites?? Ikik Linux - Security 3 09-29-2003 02:39 AM


All times are GMT -5. The time now is 05:23 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration