[clug] Wierd problem connecting to www.mozilla.org andwww.microsoft.com

Donovan J. Edye donovan at edyeweb.com
Wed Dec 15 21:23:31 GMT 2004 

Kim & Dale,

Here is some more info on how things are set up here:


HomeTheatre (192.168.40.100, GW 192.168.40.3, Problem XP Box)
|
|
Music (192.168.40.3, GW 192.168.40.1, Fedora Core 3)

eth0      Link encap:Ethernet  HWaddr 00:40:63:D8:57:29
          inet addr:192.168.40.3  Bcast:192.168.40.255  Mask:255.255.255.0
          inet6 addr: fe80::240:63ff:fed8:5729/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1492  Metric:1
          RX packets:3855485 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2642654 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:3627641391 (3.3 GiB)  TX bytes:562622272 (536.5 MiB)
          Interrupt:12
|
|
Router (192.168.40.1, GW Internet D-Link DSL-504 version 7.1.0.30 Annex-A
(Apr  9 2003) R2.21.002.06.b7au R2.21.002.06.b7au)

So:

- I have no VPN or PPTP in play here
- There is no PPPoE as far as I can tell

What do you suggest I try here?

TIA

--D


-----Original Message-----
From: Kim Holburn [mailto:kim.holburn at anu.edu.au] 
Sent: Wednesday, 15 December 2004 22:31
To: donovan at edyeweb.com
Cc: Linux List
Subject: Re: [clug] Wierd problem connecting to www.mozilla.org
andwww.microsoft.com

Sorry, that was text from a colleague, I try not to use windows and it  
may be more appropriate to pptp.  The full MS thingy (technical term)  
is here:
http://support.microsoft.com/?kbid=826159


On 2004 Dec 15, , at 7:29 PM, Kim Holburn wrote:

> Ahh:
>
> If you have a Windows XP box using ppp or pptp VPN and it can  
> mysteriously not
> see some web sites (mostly overseas) but mostly networking is fine then
> the following should fix it.  Currently I find that out-of-the-box XP
> machines using our VPN server can see http://www.apple.com.au/ fine but
> http://www.apple.com/ doesn't work.  Save the following text-only to a
> `.reg' file like `VPNTunnelMTU.reg'.
>
> ---------- Cut Here ----------
> Windows Registry Editor Version 5.00
>
> [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisWan\Parameter 
> s]
>
> [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisWan\Parameter 
> s\Protocols]
>
> [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisWan\Parameter 
> s\Protocols\0]
> "PPPProtocolType"=dword:00000021
> "TunnelMTU"=dword:000003e8
> "ProtocolType"=dword:00000800
>
> ---------- Cut Here ----------
>
> Double clicking the file (with administrative privileges) should offer
> to install the registry settings.  Bravely agree to this and then
> reboot.  Works for me and it's alot least brain numbing than following
> the Microsoft instructions below.  The WinXP default VPN MTU value is
> 1400 and the 0x3e8=800 value I've used above seems to work.
>
> On 2004 Dec 15, , at 6:47 PM, Dale Shaw wrote:
>
>> Without having a really good look at the packet trace, I'd be inclined
>> to think it probably has something to do with Path MTU Discovery/ICMP
>> blocking/PPP over Ethernet.
>>
>> Do you access the Internet over a PPPoE session? Maybe you could give
>> us an overview of your connection arrangements. Look at lowering the
>> MTU on the 'hometheatre' box or using TCP Maximum Segment Size (MSS)
>> clamping.
>>
>> There are also some weird ICMP redirect shenanigans going on. Is the
>> default gateway on 'hometheatre' set correctly? I can't see what the
>> redirections are, just that there are a few.
>>
>> Anyway, the 3-way TCP handshake with www.microsoft.com is working, it
>> just barfs when it tries to HTTP GET the front page. My money's on
>> PPPoE/MTU and something in the path between you and the server dumping
>> ICMP "Fragment Needed but DF bit set" packets.
>>
>> cheers,
>> Dale
>>
>>
>> On Wed, 15 Dec 2004 08:45:44 +1100, Donovan J. Edye  
>> <donovan at edyeweb.com> wrote:
>>> B,
>>>
>>> Here is a dump of the conversation with www.microsoft.com. A few SMB  
>>> packets
>>> that should not have been included. However it appears that the  
>>> problems
>>> start around frame 10. Any pointers appreciated:
>>
>> [...]
>> -- 
>> linux mailing list
>> linux at lists.samba.org
>> https://lists.samba.org/mailman/listinfo/linux
>>
> -- 
> Kim Holburn
> IT Manager, Canberra Research Laboratory
> National Information and Communication Technology Australia
> Ph: +61 2 61258620 M: +61 417820641
> Email: kim.holburn at anu.edu.au  - PGP Public Key on request
> Cacert Root Cert: http://www.cacert.org/index.php?id=16 ->  
> http://www.cacert.org/cacert.crt
> Aust. Spam Act: To stop receiving mail from me: reply and let me know.
>
> Use ISO 8601 dates [YYYY-MM-DD]  
> http://www.saqqara.demon.co.uk/datefmt.htm
> Democracy imposed from without is the severest form of tyranny.
>                           -- Lloyd Biggle, Jr. Analog, Apr 1961
>
> -- 
> linux mailing list
> linux at lists.samba.org
> https://lists.samba.org/mailman/listinfo/linux
>
-- 
Kim Holburn
IT Manager, Canberra Research Laboratory
National Information and Communication Technology Australia
Ph: +61 2 61258620 M: +61 417820641
Email: kim.holburn at anu.edu.au  - PGP Public Key on request
Cacert Root Cert: http://www.cacert.org/index.php?id=16 ->  
http://www.cacert.org/cacert.crt
Aust. Spam Act: To stop receiving mail from me: reply and let me know.

Use ISO 8601 dates [YYYY-MM-DD]  
http://www.saqqara.demon.co.uk/datefmt.htm
Democracy imposed from without is the severest form of tyranny.
                           -- Lloyd Biggle, Jr. Analog, Apr 1961

More information about the linux mailing list