No TCP connection to host if the DNS resolved IP same as gateway IP
Hi,
I have following setup: Internet <=ETH=> DSL Router <=ETH=> Linux (CentOS) m/c Requirement: When there is no physical connection between Internet and DSL Router, the DSL router should redirect any access to external site to an error page with message "No Physical Connection". Issue: When DSL Router is connected to internet, I can successfully browser internet from the Linux m/c. The DSL router (LAN IP 192.168.1.254) has DHCP server running and I use dhclient on the Linux m/c to get IP. Successful dhclient sets following on Linux m/c: IP: 192.168.1.64 Gateway: 192.168.1.254 Nameserver (as in /etc/resolv.conf): 192.168.1.254 With these setting I can successfully browse say "www.google.com" When I disconnect the connection between Internet and DSL Router, and browse to www.google.com, I get standard "Address not found" page of Firefox. I used wireshark to trace the packets and I observed following: 1: DNS request to router for www.google.com 2: DNS response from router with IP as 192.168.1.254 No further packets. To isolate, I tried the same test on same setup with one change. I replaced Linux m/c with a Windows m/c and following was the observation in wireshark: 1: DNS request to router for google.com 2: DNS response from router with IP as 192.168.1.254 3: TCP handshake between Windows m/c and router 4: HTTP request to router with host as "www.google.com" 5: HTTP 302 response from router with location containing URL of custom error page 6: Browser displayed error page with message "No Physical connection". Question: One thing to note here is that DSL Router resolved www.google.com to its correct address when there was Internet connection and the Linux m/c established further connection and was able to access google. However, when there is no internet connection, DSL Router resolved www.google.com to 192.168.1.254. At this point the IP of www.google.com is same as that of Default Gateway, which in turn is same as that of nameserver. Does Linux treat this situation in a special way and doesn't attempt to connect to resolved IP? Is there a way this can be overridden through some config file changes?? The fact that it works fine with Windows, I don't think there is any issue with the DSL Router. Thanks in Advance! PS. This is my first post and sorry for the long post |
Quote:
Quote:
Quote:
|
Thanks!
The issue is not at FF end because I even tried "wget http://www.google.com" and the result was same. The 302 is HTTP response from router and it is returned when client attempts to connect to www.google.com when the WAN connection is down. The issue I am seeing is that my linux client is not attempting to connect to router i.e. no TCP connection after receiving valid DNS response from router. Looks like Linux is treating it as a security issue i.e. when host IP, gateway IP and DNS server IP is same, and not attempting to connect to resolve host IP. I couldn't find any security related message in the logs. Any pointers? Any tests you would like me to try that can help debug the issue? |
If possible could you post/attach the Wireshark session payload wrt point 5: "HTTP 302 response from router with location containing URL of custom error page"?
|
2 Attachment(s)
It is not possible to upload pcap files. I exported the trace as XML file and renamed it as txt.
I have attached two files: trace_linux.xml.txt : Linux trace showing DNS req and resp trace_win.xml.txt: Windows trace showing trace from DNS req to HTTP 302 resp from router. |
"XML Parsing Error: unclosed token". Sorry, can't parse that. Regardless of it I doubt the "i.e. when host IP, gateway IP and DNS server IP is same, and not attempting to connect to resolve host IP." statement holds true.
|
How about a printscreen with the responding packet expanded on the screen?
|
All times are GMT -5. The time now is 05:54 AM. |