Results 1 to 10 of 11
A couple of months ago I started having trouble getting to various sites including Amazon.com. It hasn't been too big a deal since I have access at work. It seems ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 07-19-2006 #1Just Joined!
- Join Date
- Dec 2004
- Location
- Broomfield, CO
- Posts
- 16
Linksys Adapter and Comcast
A couple of months ago I started having trouble getting to various sites including Amazon.com. It hasn't been too big a deal since I have access at work. It seems there are more and more sites becoming unavailable though.
Configuration: Clone box with Mandrake 9.1 and three linksys adapters; eth0 connects to a linksys router, eth1 connects to an apple extreme wireless router and eth2 connects to the comcast cable modem.
So I brought down the cable modem and connected my Windows box directly to the modem. The Windows box has a MB based network chipset and it worked ok. I was able to get to Amazon and other sites. But I also noted that I had a completely different IP address.
Last night I brought down the firewall and replaced eth2's adapter with one from my wife's computer, both Linksys. It was on a different network (a 71 address) as well and it couldn't see the gateway or resolve any hostnames.
I brought it down again and pulled a card from my OpenBSD box, again a linksys and put it in the firewall and brought it back up. This time it had network access but it was on the same network as the first linksys card (67 network) and didn't have access to Amazon again.
My next step is to pick up a non-linksys card and give it a try but I was curious if anyone else is experiencing a similar problem. I tried a search, both here and on Google but didn't find anything.
Thanks.
Carl
- 07-20-2006 #2Linux Enthusiast
- Join Date
- Jun 2006
- Location
- Maryland, USA
- Posts
- 506
Is more than one of these adapters connected to an ISP? If yes, and yes intentionally, I can't help you.Clone box with Mandrake 9.1 and three linksys adapters; eth0 connects to a linksys router, eth1 connects to an apple extreme wireless router and eth2 connects to the comcast cable modem.
But in any case it would be interesting to see your routing table. Can you capture and post the output of this?
$ netstat -nr
Also, which of the interfaces is statically or dynamically (DHCP) configured? It would be interesting to see the contents of these files (they are all small):
/etc/sysconfig/network
/etc/sysconfig/network-scripts/ifcfg-eth0, ifcfg-eth1, ifcfg-eth2
/etc/resolv.conf
Finally, if you connect the Windows box to the cable modem (Comcast?) again, you might want to open a DOS window and run "ipconfig /all" and write down the last few lines, especially all the DNS servers. Then back on Linux, see if they are the same as the nameservers in /etc/resolv.conf and see if you can ping them.
You've got a lot going on there with three adapters in one box. I would suspect the configuration, routing and DNS issues before I would suspect the hardware or an ISP.
- 07-21-2006 #3Just Joined!
- Join Date
- Dec 2004
- Location
- Broomfield, CO
- Posts
- 16
Nope. Just the one as indicated. The other two are internal networks.
Originally Posted by KenJackson
I'll capture it tonight and assuming I can get through to here (I wasn't successful last night), I'll post it.But in any case it would be interesting to see your routing table. Can you capture and post the output of this?
$ netstat -nr
eth0 and 1 are static, eth2 is DHCP from comcast.Also, which of the interfaces is statically or dynamically (DHCP) configured? It would be interesting to see the contents of these files (they are all small):
/etc/sysconfig/network
/etc/sysconfig/network-scripts/ifcfg-eth0, ifcfg-eth1, ifcfg-eth2
/etc/resolv.conf
The DNS servers are the same on both the Windows box and the Linux box.Finally, if you connect the Windows box to the cable modem (Comcast?) again, you might want to open a DOS window and run "ipconfig /all" and write down the last few lines, especially all the DNS servers. Then back on Linux, see if they are the same as the nameservers in /etc/resolv.conf and see if you can ping them.
I did look at the routing table and it looked ok. DNS is able to resolve the sites but traceroute never gets to them. As I said in the first message, it's been working for a couple of years. This is coinciding with a message Comcast sent out a couple of months ago advising people that the DHCP information will be changing and that we should make sure we are using DHCP.You've got a lot going on there with three adapters in one box. I would suspect the configuration, routing and DNS issues before I would suspect the hardware or an ISP.
Last year I rebuilt my old linux box (now the OpenBSD one) into a new one with mirrored drives, etc. Here's the image from the plan. The difference is that the ethernet adapters aren't the same. eth0 is 192.168.2.1, eth1 is 192.168.10.1 and eth2 is the comcast address (now different than the one in the diagram). There are two extra machines on the box now too. An OpenBSD one on the Linksys router and an XP laptop on the wireless network.
If I can get here, I'll post additional info tonight.
Thanks.
Carl
- 07-21-2006 #4Just Joined!
- Join Date
- Dec 2004
- Location
- Broomfield, CO
- Posts
- 16
Ok, info:
Here is the traceroute to amazon.com and other places I'm not able to get to.Code:[root@c-67-176-57-155 root]# netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 67.176.56.0 0.0.0.0 255.255.248.0 U 0 0 0 eth2 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 67.176.56.1 0.0.0.0 UG 0 0 0 eth2 [root@c-67-176-57-155 sysconfig]# cat network NETWORKING=yes GATEWAY="" GATEWAYDEV=eth2 HOSTNAME=x1-6-00-04-5a-75-92-af FORWARD_IPV4=true [root@c-67-176-57-155 network-scripts]# more ifcfg-eth0 DEVICE=eth0 BOOTPROTO=static IPADDR=192.168.2.1 NETMASK=255.255.255.0 NETWORK=192.168.2.0 BROADCAST=192.168.2.255 ONBOOT=yes MII_NOT_SUPPORTED=yes [root@c-67-176-57-155 network-scripts]# more ifcfg-eth1 DEVICE=eth1 BOOTPROTO=static IPADDR=192.168.10.1 NETMASK=255.255.255.0 NETWORK=192.168.10.0 BROADCAST=192.168.10.255 ONBOOT=yes MII_NOT_SUPPORTED=yes [root@c-67-176-57-155 network-scripts]# more ifcfg-eth2 DEVICE=eth2 BOOTPROTO=dhcp NETMASK=255.255.255.0 ONBOOT=yes MII_NOT_SUPPORTED=yes NEEDHOSTNAME=yes [root@c-67-176-57-155 etc]# cat resolv.conf search hsd1.co.comcast.net. nameserver 68.87.69.146 nameserver 68.87.85.98
Amazon.com
Alternate addressCode:[root@c-67-176-57-155 etc]# nslookup amazon.com Server: 68.87.69.146 Address: 68.87.69.146#53 Non-authoritative answer: Name: amazon.com Address: 72.21.206.5 Name: amazon.com Address: 207.171.166.102 [root@c-67-176-57-155 etc]# traceroute amazon.com traceroute: Warning: amazon.com has multiple addresses; using 207.171.166.102 traceroute to amazon.com (207.171.166.102), 30 hops max, 38 byte packets 1 * * * 2 68.86.105.169 (68.86.105.169) 7.086 ms 12.738 ms 16.214 ms 3 10g-9-1-ur02.arvada.co.denver.comcast.net (68.86.103.126) 7.167 ms 9.912 ms * 4 10g-8-2-ar01.aurora.co.denver.comcast.net (68.86.103.41) 8.897 ms 7.784 ms * 5 68.86.103.170 (68.86.103.170) 10.283 ms 10.097 ms 10.296 ms 6 12.116.159.5 (12.116.159.5) 19.276 ms 9.866 ms 11.158 ms 7 tbr1013801.dvmco.ip.att.net (12.123.207.138) 51.612 ms 35.957 ms 42.414 ms 8 tbr2-cl31.sffca.ip.att.net (12.122.12.133) 33.974 ms 36.281 ms 33.153 ms 9 ggr3-ge110.sffca.ip.att.net (12.122.82.169) 33.989 ms ggr3-ge90.sffca.ip.att.net (12.122.82.149) 47.174 ms 33.175 ms 10 so1-3-0-2488M.ar1.SJC2.gblx.net (208.51.134.109) 34.688 ms 33.665 ms 33.661 ms 11 pos7-0-0.10G.ar2.dca3.gblx.net (67.17.106.181) 80.686 ms 81.170 ms 88.894 ms 12 146.82.32.82 (146.82.32.82) 81.840 ms 82.540 ms 82.627 ms 13 * * * 30 * * *
ekchain.comCode:[root@c-67-176-57-155 etc]# traceroute 72.21.206.5 traceroute to 72.21.206.5 (72.21.206.5), 30 hops max, 38 byte packets 1 * * * 2 68.86.105.169 (68.86.105.169) 9.325 ms 16.099 ms 9.567 ms 3 10g-9-1-ur02.arvada.co.denver.comcast.net (68.86.103.126) 7.306 ms 12.052 ms * 4 10g-8-2-ar01.aurora.co.denver.comcast.net (68.86.103.41) 14.749 ms 9.427 ms 8.568 ms 5 68.86.103.182 (68.86.103.182) 9.216 ms 8.426 ms 9.481 ms 6 12.124.157.53 (12.124.157.53) 13.267 ms 8.589 ms 9.436 ms 7 br2-a3120s4.dvmco.ip.att.net (12.127.4.158) 33.555 ms 32.873 ms 33.402 ms 8 tbr1-p013501.dvmco.ip.att.net (12.122.1.30) 36.426 ms 34.818 ms 33.825 ms 9 tbr2-cl31.sffca.ip.att.net (12.122.12.133) 40.248 ms 36.217 ms 37.657 ms 10 ggr3-ge110.sffca.ip.att.net (12.122.82.169) 33.520 ms 33.155 ms 33.496 ms 11 so1-3-0-2488M.ar1.SJC2.gblx.net (208.51.134.109) 34.232 ms 47.544 ms 37.849 ms 12 pos7-0-0.10G.ar2.dca3.gblx.net (67.17.106.181) 82.652 ms 82.326 ms 81.877 ms 13 146.82.32.82 (146.82.32.82) 82.536 ms 82.609 ms 85.394 ms 14 * * * 30 * * *
cosportbikeclub.orgCode:[root@c-67-176-57-155 etc]# traceroute ekchain.com traceroute to ekchain.com (72.22.69.90), 30 hops max, 38 byte packets 1 * * * 2 68.86.105.169 (68.86.105.169) 9.824 ms 8.616 ms * 3 * * 10g-9-1-ur02.arvada.co.denver.comcast.net (68.86.103.126) 7.396 ms 4 * 10g-8-2-ar01.aurora.co.denver.comcast.net (68.86.103.41) 12.073 ms 11.314 ms 5 68.86.103.170 (68.86.103.170) 8.919 ms 14.681 ms 15.712 ms 6 12.116.159.5 (12.116.159.5) 9.166 ms 14.584 ms 8.091 ms 7 tbr1013801.dvmco.ip.att.net (12.123.207.138) 38.274 ms 39.505 ms 37.804 ms 8 tbr2-cl31.sffca.ip.att.net (12.122.12.133) 43.926 ms 37.957 ms 33.868 ms 9 ggr3-ge110.sffca.ip.att.net (12.122.82.169) 35.031 ms ggr3-ge90.sffca.ip.att.net (12.122.82.149) 32.993 ms ggr3-ge110.sffca.ip.att.net (12.122.82.169) 32.319 ms 10 so1-3-0-2488M.ar1.SJC2.gblx.net (208.51.134.109) 35.447 ms 35.882 ms 35.636 ms 11 so0-3-0-622M.ar1.LAX3.gblx.net (67.17.64.49) 48.822 ms 43.942 ms 43.448 ms 12 IPowerWeb.ge-0-1-0.ar1.LAX3.gblx.net (67.17.159.170) 43.245 ms 42.624 ms 43.058 ms 13 * * * 30 * * *
Equivalent Windows dumps in the next message.Code:[root@c-67-176-57-155 etc]# nslookup cosportbikeclub.org Server: 68.87.69.146 Address: 68.87.69.146#53 Non-authoritative answer: Name: cosportbikeclub.org Address: 72.54.99.248 [root@c-67-176-57-155 etc]# traceroute cosportbikeclub.org traceroute to cosportbikeclub.org (72.54.99.248), 30 hops max, 38 byte packets 1 * * * 2 68.86.105.169 (68.86.105.169) 9.250 ms 11.597 ms 9.533 ms 3 * 10g-9-1-ur02.arvada.co.denver.comcast.net (68.86.103.126) 17.158 ms * 4 * 10g-8-2-ar01.aurora.co.denver.comcast.net (68.86.103.41) 13.035 ms * 5 68.86.103.182 (68.86.103.182) 10.128 ms 10.484 ms 9.880 ms 6 12.116.159.5 (12.116.159.5) 9.770 ms 9.662 ms 9.943 ms 7 tbr1013801.dvmco.ip.att.net (12.123.207.138) 14.872 ms 9.442 ms 9.726 ms 8 gar2-p360.dvmco.ip.att.net (12.123.207.161) 14.169 ms 20.887 ms 10.718 ms 9 12.124.158.146 (12.124.158.146) 26.030 ms 20.042 ms 12.172 ms 10 * * * 30 * * *
Carl
- 07-22-2006 #5Just Joined!
- Join Date
- Dec 2004
- Location
- Broomfield, CO
- Posts
- 16
And from the Windows side:
Amazon.comCode:E:\Documents and Settings\Carl Schelin>netstat -rn Route Table =========================================================================== Interface List 0x1 ........................... MS TCP Loopback interface 0x2 ...00 e0 18 b1 dd f2 ...... Intel(R) PRO/100 VE Network Connection - Packet Scheduler Miniport =========================================================================== =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 71.229.200.1 71.229.200.92 20 71.229.200.0 255.255.254.0 71.229.200.92 71.229.200.92 20 71.229.200.92 255.255.255.255 127.0.0.1 127.0.0.1 20 71.255.255.255 255.255.255.255 71.229.200.92 71.229.200.92 20 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 224.0.0.0 240.0.0.0 71.229.200.92 71.229.200.92 20 255.255.255.255 255.255.255.255 71.229.200.92 71.229.200.92 1 Default Gateway: 71.229.200.1 =========================================================================== Persistent Routes: None E:\Documents and Settings\Carl Schelin>ipconfig /all Windows IP Configuration Host Name . . . . . . . . . . . . : blackbeard Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : hsd1.co.comcast.net. Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : hsd1.co.comcast.net. Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connection Physical Address. . . . . . . . . : 00-E0-18-B1-DD-F2 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 71.229.200.92 Subnet Mask . . . . . . . . . . . : 255.255.254.0 Default Gateway . . . . . . . . . : 71.229.200.1 DHCP Server . . . . . . . . . . . : 68.87.66.13 DNS Servers . . . . . . . . . . . : 68.87.69.146 68.87.85.98 Lease Obtained. . . . . . . . . . : Friday, July 21, 2006 6:34:15 PM Lease Expires . . . . . . . . . . : Friday, July 21, 2006 7:34:12 PM
Alternate address:Code:E:\Documents and Settings\Carl Schelin>tracert amazon.com Tracing route to amazon.com [207.171.166.102] over a maximum of 30 hops: 1 * * * Request timed out. 2 * 7 ms * 68.86.105.169 3 * 9 ms 16 ms 10g-9-1-ur02.arvada.co.denver.comcast.net [68.86.103.126] 4 * * 9 ms 10g-8-2-ar01.aurora.co.denver.comcast.net [68.86.103.41] 5 9 ms 16 ms 14 ms 68.86.103.182 6 12 ms 14 ms 9 ms 12.124.157.53 7 34 ms 33 ms 38 ms gbr2-a30s2.dvmco.ip.att.net [12.127.4.154] 8 34 ms 33 ms 35 ms tbr1-p013601.dvmco.ip.att.net [12.122.1.34] 9 36 ms 36 ms 43 ms tbr2-cl31.sffca.ip.att.net [12.122.12.133] 10 44 ms 36 ms 38 ms ggr3-ge110.sffca.ip.att.net [12.122.82.169] 11 35 ms 35 ms 35 ms so1-3-0-2488M.ar1.SJC2.gblx.net [208.51.134.109] 12 81 ms 83 ms 81 ms pos7-0-0.10G.ar2.dca3.gblx.net [67.17.106.181] 13 146.82.32.82 reports: Destination net unreachable. Trace complete.
Which is interesting because I can certainly get to Amazon.com.Code:E:\Documents and Settings\Carl Schelin>tracert 72.21.206.5 Tracing route to 206-5.amazon.com [72.21.206.5] over a maximum of 30 hops: 1 * * * Request timed out. 2 9 ms 12 ms * 68.86.105.169 3 * 10 ms 9 ms 10g-9-1-ur02.arvada.co.denver.comcast.net [68.86.103.126] 4 8 ms * 9 ms 10g-8-2-ar01.aurora.co.denver.comcast.net [68.86.103.41] 5 22 ms 9 ms 9 ms 68.86.103.182 6 12 ms 13 ms 10 ms 12.116.159.5 7 36 ms 36 ms 36 ms tbr1013801.dvmco.ip.att.net [12.123.207.138] 8 49 ms 43 ms 45 ms tbr2-cl31.sffca.ip.att.net [12.122.12.133] 9 38 ms 37 ms 33 ms ggr3-ge110.sffca.ip.att.net [12.122.82.169] 10 35 ms 40 ms 35 ms so1-3-0-2488M.ar1.SJC2.gblx.net [208.51.134.109] 11 80 ms 81 ms 83 ms pos7-0-0.10G.ar2.dca3.gblx.net [67.17.106.181] 12 * * * Request timed out. 13 * * * Request timed out. 14 * * * Request timed out. 15 * * 146.82.32.82 reports: Destination net unreachable. Trace complete.
ekchains.com
cosportbikeclub.orgCode:E:\Documents and Settings\Carl Schelin>tracert ekchain.com Tracing route to ekchain.com [72.22.69.90] over a maximum of 30 hops: 1 * * * Request timed out. 2 11 ms * 9 ms 68.86.105.169 3 * 8 ms * 10g-9-1-ur02.arvada.co.denver.comcast.net [68.86.103.126] 4 * 9 ms 12 ms 10g-8-2-ar01.aurora.co.denver.comcast.net [68.86.103.41] 5 23 ms 9 ms 9 ms 68.86.103.182 6 12 ms 9 ms 9 ms 12.116.159.5 7 40 ms 37 ms 37 ms tbr1013801.dvmco.ip.att.net [12.123.207.138] 8 35 ms 39 ms 34 ms tbr2-cl31.sffca.ip.att.net [12.122.12.133] 9 35 ms 37 ms 33 ms ggr3-ge90.sffca.ip.att.net [12.122.82.149] 10 37 ms 43 ms 35 ms so1-3-0-2488M.ar1.SJC2.gblx.net [208.51.134.109] 11 46 ms 43 ms 45 ms so0-3-0-622M.ar1.LAX3.gblx.net [67.17.64.49] 12 46 ms 52 ms 45 ms IPowerWeb.ge-0-1-0.ar1.LAX3.gblx.net [67.17.159.170] 13 43 ms 43 ms 42 ms host405.ipowerweb.com [72.22.69.90] Trace complete.
CarlCode:E:\Documents and Settings\Carl Schelin>tracert cosportbikeclub.org Tracing route to cosportbikeclub.org [72.54.99.248] over a maximum of 30 hops: 1 * * * Request timed out. 2 18 ms 22 ms 11 ms 68.86.105.169 3 9 ms * 8 ms 10g-9-1-ur02.arvada.co.denver.comcast.net [68.86.103.126] 4 14 ms 17 ms * 10g-8-2-ar01.aurora.co.denver.comcast.net [68.86.103.41] 5 9 ms 8 ms 8 ms 68.86.103.182 6 13 ms 11 ms 9 ms 12.116.159.5 7 12 ms 15 ms 9 ms tbr2013801.dvmco.ip.att.net [12.123.207.142] 8 11 ms 12 ms 12 ms gar2-p370.dvmco.ip.att.net [12.123.207.165] 9 15 ms 11 ms 12 ms 12.124.158.146 10 * * * Request timed out. 11 * * * Request timed out. 12 20 ms 27 ms 15 ms 172.20.153.142 13 * * * Request timed out. 14 * * * Request timed out. 15 * * * Request timed out. 16 * * * Request timed out. 17 * * * Request timed out. 18 * * * Request timed out. 19 * * * Request timed out. 20 * * * Request timed out. 21 * * * Request timed out. 22 * * * Request timed out. 23 * * * Request timed out. 24 * * * Request timed out. 25 * * * Request timed out. 26 * * * Request timed out. 27 * * * Request timed out. 28 * * * Request timed out. 29 * * * Request timed out. 30 * * * Request timed out. Trace complete.
- 07-22-2006 #6Just Joined!
- Join Date
- Dec 2004
- Location
- Broomfield, CO
- Posts
- 16
Oh, another site that's local for us, Windows:
And from the linux box:Code:E:\Documents and Settings\Carl Schelin>nslookup rtd-denver.com Server: cns.beaverton.or.bverton.comcast.net Address: 68.87.69.146 Non-authoritative answer: Name: rtd-denver.com Address: 72.1.97.143 E:\Documents and Settings\Carl Schelin>tracert rtd-denver.com Tracing route to rtd-denver.com [72.1.97.143] over a maximum of 30 hops: 1 * * * Request timed out. 2 8 ms 9 ms * 68.86.105.169 3 * * * Request timed out. 4 9 ms * 9 ms 10g-8-2-ar01.aurora.co.denver.comcast.net [68.86.103.41] 5 10 ms 9 ms 10 ms 68.86.103.182 6 10 ms 9 ms 11 ms 12.124.157.53 7 10 ms 11 ms 9 ms 12.124.157.6 8 14 ms 12 ms 13 ms 208-42-224-169.static.data393.net [208.42.224.169] 9 10 ms 14 ms 14 ms rtr-dc-dist-d.v17.hosting.data393.net [208.42.224.19] 10 10 ms 11 ms 9 ms 72-1-97-143.static.data393.net [72.1.97.143] Trace complete.
Granted, just because I can't get an icmp echo back, doesn't mean diddly but I thought I'd post them as well.Code:[root@c-67-176-57-155 root]# traceroute rtd-denver.com traceroute to rtd-denver.com (72.1.97.143), 30 hops max, 38 byte packets 1 * * * 2 68.86.105.169 (68.86.105.169) 8.989 ms 7.384 ms * 3 10g-9-1-ur02.arvada.co.denver.comcast.net (68.86.103.126) 8.020 ms 9.955 ms * 4 10g-8-2-ar01.aurora.co.denver.comcast.net (68.86.103.41) 9.820 ms 7.993 ms * 5 68.86.103.174 (68.86.103.174) 15.020 ms 9.175 ms 12.005 ms 6 12.116.159.5 (12.116.159.5) 9.992 ms 10.113 ms 9.525 ms 7 tbr2013801.dvmco.ip.att.net (12.123.207.142) 12.028 ms 9.781 ms 12.370 ms 8 gbr1-p80.dvmco.ip.att.net (12.122.1.37) 15.978 ms 11.018 ms 9.543 ms 9 br1-a3120s3.dvmco.ip.att.net (12.127.4.157) 9.351 ms 8.553 ms 21.622 ms 10 12.124.157.6 (12.124.157.6) 10.774 ms 9.856 ms 9.485 ms 11 208-42-224-173.static.data393.net (208.42.224.173) 9.449 ms 10.607 ms 10.944 ms 12 rtr-dc-dist-c.v24.hosting.data393.net (208.42.224.26) 9.320 ms 14.060 ms 10.713 ms 13 * * * 30 * * *
Thanks again for taking a peek.
Carl
- 07-22-2006 #7Linux Enthusiast
- Join Date
- Jun 2006
- Location
- Maryland, USA
- Posts
- 506
Well, you're right. I don't see any configuration problem. However, some observations.
You have different default gateways between Windows (71.229.200.1) and Linux (67.176.56.1), in totally different networks. That seems odd, though they are both Comcast.
Your own router doesn't return an ICMP timeout packet, so you always get asterisks for both Linux and Windows on the first hop. I wonder if it's not doing anything else.
Although I can easily browse to all those sites from Linux, I had similar results with traceroute. Wikipedia says there is a difference between Linux traceroute (uses UDP datagrams) and Windows tracert (uses ICMP echo). Linux traceroute has a "-I" switch (capital eye) to allow using echo, though I didn't notice any difference.
This reminds me of a story. After I recently got my web site setup, I noticed the webhost's help database site seemed to go down. But then I noticed I could access it from work via Verizon, but couldn't access it from home via Comcast. So I complained. Eventually they confessed that they were having severe DOS attacks and they had solved it by isolating the evil doers with their firewall. But unfortunately, they put up a wide enough IP fence to box out me and a few other customers too.
If you were blocked in a similar way, you wouldn't get through at all, but I wonder if some paths are blocked and others aren't somehow. You are in different address ranges with Linux and Windows, so that would have an effect.
You might try inspecting the statistics before and after accessing a slow site:
netstat -st
or
netstat -st | grep timeout
or
netstat -st | grep -i retransmit
Maybe you could also rename your /var/lib/dhclient-eth2.leases file and restart the network so you get a different IP address. In fact, you could repeat until you get the same gateway as you have with Windows, to see if that makes a difference.
- 07-22-2006 #8Just Joined!
- Join Date
- Dec 2004
- Location
- Broomfield, CO
- Posts
- 16
Yea, that's my point. I'm not sure if it's a "linksys card, go this way, intel go that way" sort of thing. Notice too that most of the networks start with 72. If it wasn't for the first Amazon traceroute, I'd say it was a problem with an IOS access list somewhere (not that it couldn't still be). I just checked IMDB, another site we can't get to. Originally Posted by KenJackson
Again, 72 and 207 networks just like Amazon.com (in fact, it appears that IMDB and Amazon are right next to each other. Both are 72.21.206 and 207.171.166 networks. Could be neighbors or imdb is owned by amazon.)Code:[root@c-67-176-57-155 dhcp]# nslookup imdb.com Server: 68.87.69.146 Address: 68.87.69.146#53 Non-authoritative answer: Name: imdb.com Address: 72.21.206.75 Name: imdb.com Address: 207.171.166.140
Actually it's going to be comcast's router in both cases. In both tests, I was running the commands from the next interface up from the cable box.Your own router doesn't return an ICMP timeout packet, so you always get asterisks for both Linux and Windows on the first hop. I wonder if it's not doing anything else.
Yep, that's what I was suspecting which was why I posted the question. It's not that all of a sudden Amazon went away (or IMDB, etc) but that access would get slower and slower. Timed out once in a while, then more often and now I can't get there at all.Although I can easily browse to all those sites from Linux, I had similar results with traceroute. Wikipedia says there is a difference between Linux traceroute (uses UDP datagrams) and Windows tracert (uses ICMP echo). Linux traceroute has a "-I" switch (capital eye) to allow using echo, though I didn't notice any difference.
This reminds me of a story. After I recently got my web site setup, I noticed the webhost's help database site seemed to go down. But then I noticed I could access it from work via Verizon, but couldn't access it from home via Comcast. So I complained. Eventually they confessed that they were having severe DOS attacks and they had solved it by isolating the evil doers with their firewall. But unfortunately, they put up a wide enough IP fence to box out me and a few other customers too.
If you were blocked in a similar way, you wouldn't get through at all, but I wonder if some paths are blocked and others aren't somehow. You are in different address ranges with Linux and Windows, so that would have an effect.
They are different chipsets too which was why I wanted to get a different card. I have a D-Link I picked up last night and will give that a try as well as putting one of the linksys cards into a Windows box and try it just for a full test.
Renaming the file, powering down the cable box, turning off eth2, powering up the cable box, turning on eth2, no effect. Same lease info.You might try inspecting the statistics before and after accessing a slow site:
netstat -st
or
netstat -st | grep timeout
or
netstat -st | grep -i retransmit
Maybe you could also rename your /var/lib/dhclient-eth2.leases file and restart the network so you get a different IP address. In fact, you could repeat until you get the same gateway as you have with Windows, to see if that makes a difference.
Here's the current lease file. The first entry is the one that's been working until recently. The second one was a different linksys card (pulled from wife's machine). I had no connectivity with this card. The third one is the third linksys card (pulled from the old router, now an OpenBSD box). There are three entries for the third card right now. By the way, the directory on mandrake at least is /var/lib/dhcp/dhclient-eth2.leases
Thanks for the further info.Code:[root@c-67-176-57-155 dhcp]# cat dhclient-eth2.leases lease { interface "eth2"; fixed-address 67.190.17.230; option subnet-mask 255.255.254.0; option time-offset -21600; option routers 67.190.16.1; option dhcp-lease-time 223519; option dhcp-message-type 5; option domain-name-servers 68.87.69.146,68.87.85.98; option dhcp-server-identifier 68.87.66.13; option broadcast-address 255.255.255.255; option domain-name "hsd1.co.comcast.net."; renew 4 2006/7/20 00:54:01; rebind 5 2006/7/21 05:43:03; expire 5 2006/7/21 13:28:43; } lease { interface "eth2"; fixed-address 71.196.235.237; option subnet-mask 255.255.254.0; option time-offset -21600; option dhcp-lease-time 345600; option routers 71.196.234.1; option dhcp-message-type 5; option dhcp-server-identifier 68.87.66.13; option domain-name-servers 68.87.69.146,68.87.85.98; option broadcast-address 255.255.255.255; option domain-name "hsd1.co.comcast.net."; renew 4 2006/7/20 17:52:39; rebind 6 2006/7/22 12:12:57; expire 0 2006/7/23 00:12:57; } lease { interface "eth2"; fixed-address 67.176.57.155; option subnet-mask 255.255.248.0; option time-offset -21600; option routers 67.176.56.1; option dhcp-lease-time 3600; option dhcp-message-type 5; option domain-name-servers 68.87.69.146,68.87.85.98; option dhcp-server-identifier 68.87.66.13; option broadcast-address 255.255.255.255; option domain-name "hsd1.co.comcast.net."; renew 3 2006/7/19 01:55:12; rebind 3 2006/7/19 02:23:45; expire 3 2006/7/19 02:31:15; }
Carl
- 07-22-2006 #9Just Joined!
- Join Date
- Dec 2004
- Location
- Broomfield, CO
- Posts
- 16
Ok, this is getting odd. I put the original linksys card in my wife's Windows 98 system. After getting it plugged back in to the network and bringing it up, I get this:
I can get to amazon.com, ekchain.com, cosportbikeclub.org, imdb.com and rtd-denver.comCode:C:\WINDOWS\Desktop>ipconfig /all Windows 98 IP Configuration Host Name . . . . . . . . . : RITA.hsd1.co.comcast.net. DNS Servers . . . . . . . . : 68.87.69.146 68.87.85.98 Node Type . . . . . . . . . : Hybrid NetBIOS Scope ID. . . . . . : IP Routing Enabled. . . . . : No WINS Proxy Enabled. . . . . : No NetBIOS Resolution Uses DNS : No 0 Ethernet adapter : Description . . . . . . . . : PPP Adapter. Physical Address. . . . . . : 44-45-53-54-00-00 DHCP Enabled. . . . . . . . : Yes IP Address. . . . . . . . . : 0.0.0.0 Subnet Mask . . . . . . . . : 0.0.0.0 Default Gateway . . . . . . : DHCP Server . . . . . . . . : 255.255.255.255 Primary WINS Server . . . . : Secondary WINS Server . . . : Lease Obtained. . . . . . . : Lease Expires . . . . . . . : 1 Ethernet adapter : Description . . . . . . . . : Linksys LNE100TX(v5) Fast Ethernet Adapter NDIS5 Driver Physical Address. . . . . . : 00-04-5A-75-92-AF DHCP Enabled. . . . . . . . : Yes IP Address. . . . . . . . . : 67.190.17.230 Subnet Mask . . . . . . . . : 255.255.254.0 Default Gateway . . . . . . : 67.190.16.1 DHCP Server . . . . . . . . : 68.87.66.13 Primary WINS Server . . . . : 192.168.2.1 Secondary WINS Server . . . : Lease Obtained. . . . . . . : 07 20 06 11:04:12 PM Lease Expires . . . . . . . : 07 23 06 6:24:30 PM
It must be a problem with my linux box but darned if I can figure out what. Back to puzzling things out. I'll post if I figure it out. Feel free to post suggestions though.
Thanks again.
Carl
- 07-29-2006 #10Just Joined!
- Join Date
- Dec 2004
- Location
- Broomfield, CO
- Posts
- 16
Fixed!
Hi. I wanted to pass along the fix. I know the comcast folks are also watching this thread.
I originally thought it was a firewall problem so I eliminated several entries in my iptables (I'm using shorewall to manage it) so I was down to my normal status and it still wasn't working.
I was doing some reading about routing (unrelated subject) when I had a thought. I was finding more and more 72 Class A networks were unavailable so I thought I'd check things out some more. I checked the shorewall status and examined the settings. I found the following in the /etc/shorewall/rfc1918 file:
I monitored /var/log/messages while I tried to access a 72 Class A network site and saw the site was being dropped and logged. Looks like the 72 network is reserved. So I did some googling and found this:Code:0.0.0.0/7 logdrop # Reserved 2.0.0.0/8 logdrop # Reserved 5.0.0.0/8 logdrop # Reserved 7.0.0.0/8 logdrop # Reserved 10.0.0.0/8 logdrop # Reserved 23.0.0.0/8 logdrop # Reserved 27.0.0.0/8 logdrop # Reserved 31.0.0.0/8 logdrop # Reserved 36.0.0.0/7 logdrop # Reserved 39.0.0.0/8 logdrop # Reserved 41.0.0.0/8 logdrop # Reserved 42.0.0.0/8 logdrop # Reserved 58.0.0.0/7 logdrop # Reserved 60.0.0.0/8 logdrop # Reserved 70.0.0.0/7 logdrop # Reserved 72.0.0.0/5 logdrop # Reserved 83.0.0.0/8 logdrop # Reserved 84.0.0.0/6 logdrop # Reserved 88.0.0.0/5 logdrop # Reserved 96.0.0.0/3 logdrop # Reserved 127.0.0.0/8 logdrop # Loopback 197.0.0.0/8 logdrop # Reserved 222.0.0.0/7 logdrop # Reserved 240.0.0.0/4 logdrop # Reserved
over Here.Code:072/8 Aug 04 ARIN (whois.arin.net)
I picked up the python script referenced in the rfc1918 file and ran the new address file through it. I copied the old rfc1918 file, replaced the reserved space with the new output and restarted the firewall.
Success. I have access to all the 72 networks and a few others I didn't know I didn't have access to.
Old rfc1918 reserved entries:
New entries:Code:0.0.0.0/7 logdrop # Reserved 2.0.0.0/8 logdrop # Reserved 5.0.0.0/8 logdrop # Reserved 7.0.0.0/8 logdrop # Reserved 10.0.0.0/8 logdrop # Reserved 23.0.0.0/8 logdrop # Reserved 27.0.0.0/8 logdrop # Reserved 31.0.0.0/8 logdrop # Reserved 36.0.0.0/7 logdrop # Reserved 39.0.0.0/8 logdrop # Reserved 41.0.0.0/8 logdrop # Reserved 42.0.0.0/8 logdrop # Reserved 58.0.0.0/7 logdrop # Reserved 60.0.0.0/8 logdrop # Reserved 70.0.0.0/7 logdrop # Reserved 72.0.0.0/5 logdrop # Reserved 83.0.0.0/8 logdrop # Reserved 84.0.0.0/6 logdrop # Reserved 88.0.0.0/5 logdrop # Reserved 96.0.0.0/3 logdrop # Reserved 127.0.0.0/8 logdrop # Loopback 197.0.0.0/8 logdrop # Reserved 222.0.0.0/7 logdrop # Reserved 240.0.0.0/4 logdrop # Reserved
Thanks for taking a look. It's always something simpleCode:0.0.0.0/7 logdrop # Reserved 2.0.0.0/8 logdrop # Reserved 5.0.0.0/8 logdrop # Reserved 7.0.0.0/8 logdrop # Reserved 10.0.0.0/8 logdrop # Reserved 23.0.0.0/8 logdrop # Reserved 27.0.0.0/8 logdrop # Reserved 31.0.0.0/8 logdrop # Reserved 36.0.0.0/7 logdrop # Reserved 39.0.0.0/8 logdrop # Reserved 42.0.0.0/8 logdrop # Reserved 77.0.0.0/8 logdrop # Reserved 78.0.0.0/7 logdrop # Reserved 92.0.0.0/6 logdrop # Reserved 96.0.0.0/4 logdrop # Reserved 112.0.0.0/5 logdrop # Reserved 120.0.0.0/8 logdrop # Reserved 127.0.0.0/8 logdrop # Reserved 173.0.0.0/8 logdrop # Reserved 174.0.0.0/7 logdrop # Reserved 176.0.0.0/5 logdrop # Reserved 184.0.0.0/6 logdrop # Reserved 197.0.0.0/8 logdrop # Reserved 223.0.0.0/8 logdrop # Reserved 240.0.0.0/4 logdrop # Reserved
Carl
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
