LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 11-21-2001, 04:39 PM   #1
aethereal
Member
 
Registered: Dec 2000
Location: Seattle
Distribution: Red Hat 8.0
Posts: 41

Rep: Reputation: 15
Thumbs up Solved! [Hmmm, certain websites inaccessible from Linux. (Why?)]


OK, I thought I had encountered my fair share of bizarre Linux mysteries. But this one really has me mystified.

Can anybody explain to me why several websites are inaccessible from my machine when I am running Linux, but if I reboot and use Win98, I have no problems viewing those websites.

It's literally as if, for whatever reason, certain domains simply cannot be reached from my Linux machine. Why???

[My browser is simply "unable to resolve" or transfer data from these particular websites.]

I have a very standard Red Hat 6.2 configuration (almost everything is default). I have both Netscape and Mozilla (0.9.5) installed, and both demonstrate this nutty (selective domain accessibility) behavior, so I really don't think it's my browser.

Does anybody have any ideas on this?

Thanks,
Ben

Last edited by aethereal; 11-23-2001 at 10:08 AM.
 
Old 11-21-2001, 08:26 PM   #2
DavidPhillips
LQ Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,163

Rep: Reputation: 58
You can get the nameservers from windows by running ipconfig /all from a command prompt or use winipcfg.

When you have the nameserver(s) put them in /etc/resolve.conf so it looks like this


[david@Alpha david]$ cat /etc/resolv.conf
search my.dns.suffix.com
nameserver 11.22.33.44
nameserver 11.22.33.45
[david@Alpha david]$


if you are using dhcp and it works it will put the nameservers in there.


One other thing it might be is .....


Are you using some form of pppoe like adsl?
And / or using an ICS server


if so you may try setting the MTU to a lower value like this...
you need to be root..

ifconfig eth0 mtu 1452

you can try other settings maybe 1492 or less.

set it on the interface connected to the internet if you have more than one.

also you can get the tweeking info for your connection at www.dslreports.com/tweeks


mozilla should work with this page, if java2 is not loaded you will be prompted to install. You will need to be root, su - to root then

run mozilla&

then go to the website and get the linux plugin installed, then go to the tweek page and press the start button, it will download a file and then you hit results button, enter your info at the top and it will tell you what you need to do.

from tweek info page
------------------------------------------------------------------------------------
There is no sysctl application for changing values, but you can change the values very easy with a editor like vi. Simply edit the files listed below, which magically change the values in the kernel.

Tuning the default and maximum window size:

/proc/sys/net/core/rmem_default - default receive window
/proc/sys/net/core/rmem_max - maximum receive window
/proc/sys/net/core/wmem_default - default send window
/proc/sys/net/core/wmem_max - maximum send window

In /proc/sys/net/ipv4/ you will find some other possibilities to tune TCP:

tcp_timestamps
tcp_windowscaling
tcp_sack
...
You will find a short description in /Documentation/networking/ip-sysctl.txt


Last edited by DavidPhillips; 11-21-2001 at 08:54 PM.
 
Old 11-22-2001, 01:22 AM   #3
aethereal
Member
 
Registered: Dec 2000
Location: Seattle
Distribution: Red Hat 8.0
Posts: 41

Original Poster
Rep: Reputation: 15
Still broken...

David, thank you very much for your ideas.

1. In Windows, when I do ipconfig /all I get (among other things):
DNS Servers:
209.20.130.34
209.20.130.35

2. When I cat etc/resolv.conf, I get the following:
[benny@localhost ppp]$ cat /etc/resolv.conf
nameserver 209.20.130.34
nameserver 209.20.130.35

3. I am using (the simplest possible) ppp via dial-up modem (the world's most common external modem, in fact). No ISDN, no ADSL, etc. Nothing fancy at all.

4. When I cat /etc/ppp/options, I get:
[benny@localhost ppp]$ cat options
lock
mtu 576
mru 512

(My mtu had previously (about a year ago) been set to the "ideal" lower value of 576 in the interests of achieving reasonable modem speed, and that did work very, very well.)
------------------------------

I don't believe I've had this problem until just the past few days. The ONLY thing I have conceivably done (only my end) since then that could have affected any of this, as far as I know, is install Mozilla (0.9.5).

But, key points here:
1. I am currently having domain name resolution issues on Netscape as well (which I never had previously). So, this is not strictly a Mozilla issue.
2. How, hypothetically, could Mozilla have affected domain name resolution on my machine?

Still looking for answers....

Thanks,
Ben
 
Old 11-22-2001, 04:01 AM   #4
aethereal
Member
 
Registered: Dec 2000
Location: Seattle
Distribution: Red Hat 8.0
Posts: 41

Original Poster
Rep: Reputation: 15
Further clues...

I notice that I cannot even successfully ping these same domains that give me problems (let alone view their websites). But other domains I can ping just fine.

Also I notice that nameservers does not seem to be the issue here. I seem to get numeric IP's for even problematic domains just fine.

Here are examples of success/failure in pinging. Does this yield any insights to anybody?

------------------------------

Script started on Thu Nov 22 01:40:51 2001
]0;Benny@localhost.localdomain: /home/Benny [Benny@localhost Benny]$ ping google.com

PING google.com (216.239.37.100) from 207.202.172.25 : 56(84) bytes of data.

64 bytes from www.google.com (216.239.37.100): icmp_seq=0 ttl=50 time=216.159 msec

64 bytes from www.google.com (216.239.37.100): icmp_seq=1 ttl=50 time=209.992 msec

64 bytes from www.google.com (216.239.37.100): icmp_seq=2 ttl=50 time=219.989 msec

64 bytes from www.google.com (216.239.37.100): icmp_seq=3 ttl=50 time=229.451 msec

64 bytes from www.google.com (216.239.37.100): icmp_seq=4 ttl=50 time=219.991 msec



--- google.com ping statistics ---

5 packets transmitted, 5 packets received, 0% packet loss

round-trip min/avg/max/mdev = 209.992/219.116/229.451/6.343 ms


]0;Benny@localhost.localdomain: /home/Benny [Benny@localhost Benny]$ ping aethereal.net

PING aethereal.net (208.185.127.162) from 207.202.172.25 : 56(84) bytes of data.



--- aethereal.net ping statistics ---

11 packets transmitted, 0 packets received, 100% packet loss


]0;Benny@localhost.localdomain: /home/Benny [Benny@localhost Benny]$ ping yahoo.com

PING yahoo.com (216.115.108.245) from 207.202.172.25 : 56(84) bytes of data.

64 bytes from img5.yahoo.com (216.115.108.245): icmp_seq=0 ttl=240 time=336.551 msec

64 bytes from img5.yahoo.com (216.115.108.245): icmp_seq=1 ttl=240 time=159.983 msec

64 bytes from img5.yahoo.com (216.115.108.245): icmp_seq=2 ttl=240 time=159.985 msec



--- yahoo.com ping statistics ---

3 packets transmitted, 3 packets received, 0% packet loss

round-trip min/avg/max/mdev = 159.983/218.839/336.551/83.236 ms

]0;Benny@localhost.localdomain: /home/Benny [Benny@localhost Benny]$ exit


Script done on Thu Nov 22 01:42:42 2001
-------------------------------------------

Note: I used my own domain (not on my machine) to demonstrate failure in this case, but I could have used any of several others. I have verified that several others fails in precisely the same way.

Any ideas, anybody?

Thanks,
Ben
 
Old 11-22-2001, 04:05 AM   #5
DavidPhillips
LQ Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,163

Rep: Reputation: 58
are these secure pages or java related stuff?

when you find an address that won't load try this in a terminal window or console...

wget http://addressthatwontload.com


see if that downloads the file.


then try to open the file in the browser.
 
Old 11-22-2001, 04:07 AM   #6
DavidPhillips
LQ Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,163

Rep: Reputation: 58
Also, what account are you using?

see if it works with another user account.
 
Old 11-22-2001, 04:42 AM   #7
DavidPhillips
LQ Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,163

Rep: Reputation: 58
[david@Alpha david]$ ping aethereal.net
PING aethereal.net (208.185.127.162) from 24.18.29.213 : 56(84) bytes of data.

--- aethereal.net ping statistics ---
14 packets transmitted, 0 packets received, 100% packet loss
[david@Alpha david]$

this site is droping pings


I would not worry about that, it is pretty common for people to block pings.

[david@Alpha david]$ ping www.msn.com
PING www.msn.com (207.68.171.253) from 24.18.29.213 : 56(84) bytes of data.

--- www.msn.com ping statistics ---
6 packets transmitted, 0 packets received, 100% packet loss

This is not related to your problem
 
Old 11-22-2001, 04:46 AM   #8
aethereal
Member
 
Registered: Dec 2000
Location: Seattle
Distribution: Red Hat 8.0
Posts: 41

Original Poster
Rep: Reputation: 15
Thanks very much, David, for your continuing follow-up.

What I know:
1. This is not in any way Java or security related. (e.g., My home page, www.aethereal.net, is about as simple as one can get. Similarly, other pages that I cannot reach do not seem special in any way that I can discern.)

2. Unfortunately, I do not have "wget" on my machine.

3. This behavior exists for all user accounts on my machine, including root.

4. The *key* point, it seems to me, is the fact that I can ping *some*, but not all, known/good IP addresses. (It would seem as though we can set aside all web-related questions, due to this point alone.)

So, I believe *that* is the big question: Why can I ping *some*, but not all, known/good IP addresses from my machine?

Any ideas welcome.

Thanks again for your help,
Ben
 
Old 11-22-2001, 04:48 AM   #9
DavidPhillips
LQ Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,163

Rep: Reputation: 58
I just noticed that the aethereal.net is you


are your blocking pings in your firewall settings?

are you on this machine or behind it?
 
Old 11-22-2001, 04:50 AM   #10
DavidPhillips
LQ Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,163

Rep: Reputation: 58
give a few more examples of the ones you cannot ping and I will try them, but I think they are blocking pings.



#
# ICMP rules
#

$IPTABLES -A icmp_packets -p ICMP -s 0/0 --icmp-type 0 -j ACCEPT
$IPTABLES -A icmp_packets -p ICMP -s 0/0 --icmp-type 3 -j ACCEPT
$IPTABLES -A icmp_packets -p ICMP -s 0/0 --icmp-type 5 -j ACCEPT
$IPTABLES -A icmp_packets -p ICMP -s 0/0 --icmp-type 11 -j ACCEPT


Last edited by DavidPhillips; 11-22-2001 at 04:51 AM.
 
Old 11-23-2001, 08:55 AM   #11
aethereal
Member
 
Registered: Dec 2000
Location: Seattle
Distribution: Red Hat 8.0
Posts: 41

Original Poster
Rep: Reputation: 15
Gotta figure this out...

David, I e-mailed you directly to follow-up on this issue, but I'm not sure if you got my message. So, I'll continue on here...

Here are some domains that I am neither able to receive web pages from nor receive ping responses from. (You are right that some domains will simply refuse to reply to pings, but I do find it coincidental that these very domains whose webpages I cannot receive ~all~ happen to refuse to reply to my pings as well. <shrug>)

Anyway, here are some samples of problematic domains for me:
aethereal.net
freeservers.com
trickylive.com
attenza.com
linuxnewbie.org

Any ideas, anybody?

I really need to figure this problem out. I can hardly accept only being able to view *some* of the Internet.

Thanks again,
Ben
 
Old 11-23-2001, 10:05 AM   #12
aethereal
Member
 
Registered: Dec 2000
Location: Seattle
Distribution: Red Hat 8.0
Posts: 41

Original Poster
Rep: Reputation: 15
THANK GOD, I FINALLY FIGURED IT OUT! : )

Thank God, I just figured out the cause of this problem.

A (fairly long) while ago, upon the recommendation of an article at linuxnewbie.org, I had adjusted downward the size of my mtu and mru as a means of increasing modem speed.

These were my updated settings:
$ cat /etc/ppp/options
lock
mtu 576
mru 512

On a hunch, just now, I simply tried increasing the size of both the mtu and mru, as follows:
$ cat /etc/ppp/options
lock
mtu 1000
mru 1000

Following that simple change:
Voila! Now, all of the sites that were inaccessible to me are now suddenly accessible to me.

So, it appears as though certain webservers (for example) will refuse to transmit data if the requested packet size is unacceptably low (e.g., beneath some pre-set threshold).

I could apparently receive data from some webservers, but not others, due to their differing minimum packet threshold settings.

That is just my guess, in light of what I have just discovered, but I think that may be (roughly) what is going on here.

Thanks to all, especially David, for offering your help with this tough issue.

I am soooo happy now!!!
Ben : )
 
Old 11-24-2001, 04:43 PM   #13
DavidPhillips
LQ Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,163

Rep: Reputation: 58


Cool, Glad you got it going.
 
Old 11-24-2001, 05:09 PM   #14
DavidPhillips
LQ Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,163

Rep: Reputation: 58
To tune the mtu you can tell ping not to fragment by using the -f option. it will tell you when the packet is too big.


ping www.netscape.com -f -l 1000


you would start with a packet size of 1000 and keep raising it until it works.

on the low end I guess you could speed test to see if it helps, I would not go lower than 576.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Useful websites to master Linux but not the UI. cigarstub Linux - General 5 09-19-2005 10:56 PM
Linux on this cpu....hmmm.......yeah right!!!! caleb star Linux - Hardware 16 11-09-2003 10:04 AM
MA-311 on eth0 inaccessible via Linux, "Network Unreachable" error, no localhost ping LGMike Linux - Networking 14 09-21-2003 11:11 PM
Linux/C++ Freelance Websites. liguorir Linux - Software 1 07-08-2003 01:55 PM
Useful linux related websites antken Linux - General 9 10-22-2002 03:32 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 03:59 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration