Unable to browse Internet

bnaveen · 09-03-2008, 03:43 AM

Hello,

Am new to linux n was using Fedora 9.

Recently whenever I start the machine, it is not recognizing any wired network. when I use the Network configuration, I see that the device eth0 is not active. Even after activating that I am unable to browse internet using any browser (firefox or konqueror).

After activating the eth0, I used ifconfig to see that a valid IP address is set, and found that a valid IP address is indeed set.

When I try traceroute yahoo.com, it shows that the request has gone thru some 19 routers n then I get *'s... (i don't know the normal behavior, as I never tried this before)

When I try netstat -s, I see that in the TCP section all my packets have encoutered some error's....

someone help me in this regard...

blackhole54 · 09-03-2008, 05:50 AM

Hmmm. If traceroute shows 19 successful hops then it would seem that quite a bit is working right. Unless it is just wandering lost around the LAN or something.

Could you post the the output of traceroute and netstat -s please? (It would be good to wrap the output in "code tags." See my signature for more info.)

bnaveen · 09-03-2008, 03:16 PM

Find the content in the below post -->

bnaveen · 09-03-2008, 03:19 PM

The following is what I got....

Code:

Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.1.0     0.0.0.0         255.255.255.0   U         0 0          0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth0
0.0.0.0         192.168.1.1     0.0.0.0         UG        0 0          0 eth0

Kernel Interface table
Iface       MTU Met    RX-OK RX-ERR RX-DRP RX-OVR    TX-OK TX-ERR TX-DRP TX-OVRFlg
eth0       1500   0       17      0      0      0       35      0      0      0BMRU
lo        16436   0     5684      0      0      0     5684      0      0      0LRU

Code:

netstat -s
Ip:
    5709 total packets received
    2 with invalid addresses
    0 forwarded
    0 incoming packets discarded
    5698 incoming packets delivered
    5710 requests sent out
    80 dropped because of missing route
Icmp:
    0 ICMP messages received
    0 input ICMP message failed.
    ICMP input histogram:
    0 ICMP messages sent
    0 ICMP messages failed
    ICMP output histogram:
Tcp:
    2835 active connections openings
    0 passive connection openings
    2835 failed connection attempts    0 connection resets received
    0 connections established
    5670 segments received
    5670 segments send out
    0 segments retransmited
    0 bad segments received.
    2835 resets sent
Udp:
    28 packets received
    0 packets to unknown port received.
    0 packet receive errors
    38 packets sent
UdpLite:
TcpExt:
    0 packets header predicted
    0 TCP data loss events
IpExt:
    InMcastPkts: 9
    OutMcastPkts: 11

Code:

TRACEROUTE TO YAHOO ---> (sorry the 3rd & 4th lines are missing > mymistake)

traceroute to yahoo.com (206.190.60.37), 30 hops max, 40 byte packets
 1   (192.168.1.1)  1.381 ms  1.820 ms  2.258 ms
 2  ABTS-KK-Dynamic-001.64.167.122.airtelbroadband.in (122.167.64.1)  34.722 ms* *
 5  122.175.255.29 (122.175.255.29)  45.209 ms  46.529 ms  47.232 ms
 6  125.21.167.74 (125.21.167.74)  54.912 ms  37.509 ms  38.847 ms
 7  p4-1-0-1.r03.lsanca03.us.bb.gin.ntt.net (204.1.253.65)  296.364 ms  298.224ms  298.622 ms
 8  xe-3-3-0.r20.lsanca03.us.bb.gin.ntt.net (129.250.2.141)  303.877 ms  305.278 ms  306.206 ms
 9  as-0.r21.snjsca04.us.bb.gin.ntt.net (129.250.4.96)  307.045 ms  308.498 ms315.248 ms
10  ae-0.r20.plalca01.us.bb.gin.ntt.net (129.250.4.118)  309.619 ms  311.459 ms 312.218 ms
11  208.50.13.97 (208.50.13.97)  317.593 ms  318.261 ms  320.163 ms
12  te1-2-10G.ar2.SJC2.gblx.net (67.17.109.106)  298.736 ms  297.270 ms ge4-1-10G.ar2.SJC2.gblx.net (67.17.105.6)  301.146 ms
13  yahoo-1.ar2.SJC2.gblx.net (64.208.110.162)  269.949 ms  270.513 ms  272.781ms
14  as0.pat1.dnx.yahoo.com (216.115.101.148)  299.002 ms  300.556 ms  303.306 ms
15  so-1-0-0.pat1.che.yahoo.com (216.115.96.35)  327.954 ms  328.666 ms  329.560 ms
16  so-1-0-0.pat1.dcp.yahoo.com (216.115.101.152)  324.515 ms  324.893 ms  322.275 ms
17  ae1-p170.msr2.re1.yahoo.com (216.115.108.29)  385.860 ms  386.294 ms ae1-p160.msr1.re1.yahoo.com (216.115.108.25)  325.615 ms
18  ge-9-3.bas-a2.re4.yahoo.com (216.39.49.7)  309.808 ms te-8-3.bas-a2.re4.yahoo.com (216.39.49.5)  309.681 ms ge-8-3.bas-a1.re4.yahoo.com (216.39.49.1)  308.160 ms
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *

blackhole54 · 09-04-2008, 02:55 AM

Maybe somebody with more experience will chime in here ... (Consider that an invitation

)

But my take is that you are getting to the Internet fine with UDP packets. Specifically a) you have no problem with DNS resolution (it translates yahoo.com into 206.190.60.37 w/o problems) and b) The UDP packets used by traceroute seems to go out fine. (I thought it should be ICMP packets coming back, but that, I presume, is my ignorance, not an issue with your system.) For the record, I just did a tracepath (similar to traceroute) to yahoo.com, and, like you, I ceased getting responses at some point once I was within the yahoo.com domain. So I don't see that you have an problem there.

So the question is, what is happening to the TCP packets. You've actually introduced me to the the -s option for netstat (thanks!), but my understanding of the output is that your computer sent a reset packet on every TCP connection attempt. So the question is why.

First, lets makes sure this isn't a firewall issue. You seem to be behind some sort of router or NAT device (192.168.1.1), so there shouldn't be much risk in turning off your firewall (on the Fedora 9 system -- if you have one) for a brief test. (Sorry. While I imagine there is a way to do that in a GUI, I am not sure what it is. But you should be able to easily find out.) If that doesn't fix the problem and if you know how, check what the settings are on whatever 192.168.1.1 is and make sure it isn't blocking. (Never mind -- see my last sentence in this post. And if you need to post back for more help, let us know what that device is.) If this doesn't solve things, as root give the following command and then use your browser to try to go to some website.

Code:

tcpdump -nni eth0 -c 10

This will show the first 10 packets sent/received through eth0. (I am assuming you don't have extraneous traffic that we need to filter out.) Below is the result I got when I went to www.linuxtoday.com. I've highlited the "3 packet handshake" which gets TCP connections started; after that is the exchange of actual data. (The fourth packet is just a repeat of the third with the "PUSH" flag set. My system was getting impatient for a reply.) The first two packets (prior to the handshake) is the DNS request to find the IP address of www.linuxtoday.com. And I've obfuscated some IP addresses with the letter "x." The "not tcp port 22" in the command was to filter out local SSH traffic.

Code:

root@box:~# tcpdump -nni eth0 -c 10 not tcp port 22
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
01:16:43.106892 IP 192.168.xx.xx.32920 > xx.xx.xx.xx.53:  16088+ A? www.linuxtoday.com. (36)
01:16:43.290246 IP xx.xx.xx.xx.53 > 192.168.xx.xx.32920:  16088 1/0/0 A 63.236.73.20 (52)
01:16:43.290331 IP 192.168.xx.xx.56602 > 63.236.73.20.80: S 3585483026:3585483026(0) win 5840 <mss 1460,sackOK,timestamp 1874882 0,nop,wscale 2>
01:16:43.470286 IP 63.236.73.20.80 > 192.168.xx.xx.56602: S 3462935632:3462935632(0) ack 3585483027 win 5792 <mss 1460,sackOK,timestamp 684055805 1874882,nop,wscale 7>
01:16:43.470306 IP 192.168.xx.xx.56602 > 63.236.73.20.80: . ack 1 win 1460 <nop,nop,timestamp 1874927 684055805>
01:16:43.470366 IP 192.168.xx.xx.56602 > 63.236.73.20.80: P 1:278(277) ack 1 win 1460 <nop,nop,timestamp 1874927 684055805>
01:16:43.710277 IP 63.236.73.20.80 > 192.168.xx.xx.56602: . ack 278 win 54 <nop,nop,timestamp 684055830 1874927>
01:16:44.400541 IP 63.236.73.20.80 > 192.168.xx.xx.56602: . 1:1449(1448) ack 278 win 54 <nop,nop,timestamp 684055880 1874927>
01:16:44.400566 IP 192.168.xx.xx.56602 > 63.236.73.20.80: . ack 1449 win 2184 <nop,nop,timestamp 1875160 684055880>
01:16:44.549119 IP 63.236.73.20.80 > 192.168.xx.xx.56602: . 1449:2897(1448) ack 278 win 54 <nop,nop,timestamp 684055880 1874927>
10 packets captured
21 packets received by filter
0 packets dropped by kernel

Hmmm. Upon reviewing my post, I don't see how 192.168.1.1 could be causing your Fedora 9 host to send reset packets. But it still might be useful for us to know what it is.

Mr. C. · 09-04-2008, 03:13 AM

iptables -L output please.

bnaveen · 09-04-2008, 08:30 AM

192.168.1.1 is the router through which I access internet. I don't think that is blocking internet, as I was able to browse internet if I use windows to browse (which by the way I hate doing, n so is this migration to linux..) )

Regarding other queries I will find out and post them soon...

i_nomad · 09-04-2008, 09:03 AM

This is just an idea..
Find out from your ISP if they have a recommendation on the MTU size to use. The problem could be caused due to excessive packet fragmentation across the network causing the TCP to reset connection.??
Also check the MTU size on the router..