[plug] Misconfiguration on server tcp/routing [SOLVED]
Lucas van Staden
lvs at dedmeet.com
Thu Feb 25 07:49:39 WST 2010
Hi.
I had an eureka moment this morning.
I just recalled that at some point in the past, I had installed moblock
on the box, and it was fogotten.
Disabling that solves the issue.
-Lucas
Tim White wrote:
> Check for static routes on both your box and the router.
>
> (type in route -n on your box, on the router, it'll usually be a
> config page)
>
> And just to show you that your DNS is working... The reason it goes to
> a different hostname is due to how DNS works with load balancing. We
> get a CNAME which then points to multiple ip address which alternate
> round robin style. Try for yourself running (dig www.google.com a few
> times)
>
> $ ping www.google.com
> PING www.l.google.com (66.102.11.99) 56(84) bytes of data.
> 64 bytes from syd01s01-in-f99.1e100.net (66.102.11.99): icmp_seq=1
> ttl=56 time=73.1 ms
> 64 bytes from syd01s01-in-f99.1e100.net (66.102.11.99): icmp_seq=2
> ttl=56 time=72.8 ms
> 64 bytes from syd01s01-in-f99.1e100.net (66.102.11.99): icmp_seq=3
> ttl=56 time=73.2 ms
> 64 bytes from syd01s01-in-f99.1e100.net (66.102.11.99): icmp_seq=4
> ttl=56 time=72.7 ms
> ^C
> --- www.l.google.com ping statistics ---
> 4 packets transmitted, 4 received, 0% packet loss, time 3004ms
> rtt min/avg/max/mdev = 72.759/73.017/73.271/0.290 ms
>
> Tim
>
>
> On 24/02/10 22:16, Lucas van Staden wrote:
>> Hi,
>>
>> Been a few days since I could spend time to look at this again, and
>> unfortunately, the issue is not solved.
>> I think, to begin with, I had two issues, one of which was DNS, which
>> is solved.
>>
>> The resolv.conf is now pointing directly to iinet's dns servers:
>> web at webserver:~$ cat /etc/resolv.conf
>> nameserver 203.0.178.191
>> nameserver 203.215.29.191
>>
>> For some reason it looks like any request to google (and a couple of
>> other ip's/domains) seem to route back to my own box.
>> I am sure this must be a configuration issue on the router, but I
>> could be wrong.
>> I have not had the time to replace this router. (it is in fact a
>> replacement of a belkin on which the wireless stopped working)
>>
>> web at webserver:~$ ping www.google.com
>> PING www.l.google.com (66.102.11.104) 56(84) bytes of data. <--- DNS
>> does resolve
>> From 192.168.0.6 icmp_seq=1 Destination Port Unreachable
>> From 192.168.0.6 icmp_seq=2 Destination Port Unreachable
>> From 192.168.0.6 icmp_seq=3 Destination Port Unreachable
>>
>> web at webserver:~$ ping 66.102.11.104 <-- can't ping ip even directly
>> PING 66.102.11.104 (66.102.11.104) 56(84) bytes of data.
>> From 192.168.0.6 icmp_seq=1 Destination Port Unreachable
>> From 192.168.0.6 icmp_seq=2 Destination Port Unreachable
>> From 192.168.0.6 icmp_seq=3 Destination Port Unreachable
>>
>> And a server in the UK:
>>
>> web at webserver:~$ ping www.lizearle.com
>> PING lizearle.com (217.72.240.223) 56(84) bytes of data.
>> 64 bytes from 217.72.240.223: icmp_seq=1 ttl=114 time=414 ms
>> 64 bytes from 217.72.240.223: icmp_seq=2 ttl=114 time=414 ms
>> 64 bytes from 217.72.240.223: icmp_seq=3 ttl=114 time=403 ms
>> ^C
>> --- lizearle.com ping statistics ---
>> 4 packets transmitted, 3 received, 25% packet loss, time 3022ms
>> rtt min/avg/max/mdev = 403.980/411.103/414.926/5.041 ms
>>
>> which works fine.
>>
>> As mentioned, I can browse them via links, from the same box, and
>> there is no proxy involved.
>>
>>
>> Any ideas what I should be looking for?
>>
>> -Lucas
>>
>>
>> Tim White wrote:
>>> I've had no problems with Billion in the last few years.
>>>
>>> Recently had similar issues with DNS on a router, think it was a
>>> netgear but can't remember. Apparently it's to do with IPv6 causing
>>> issues, and seeing as most Windoze clients don't have IPv6 on by
>>> default, the fault wasn't apparent except under Linux. My solution,
>>> run dnsmasq and/or set to always use ISP or another providers DNS
>>> servers. (I used googles new public dns servers so it works from any
>>> location, as this was on my laptop and some ISP's limit connection
>>> to their DNS servers to their customers. Plus 8.8.8.8 and 8.8.4.4
>>> are easy to remember, even if they aren't located in Australia).
>>>
>>> Tim
>>>
>>> On 20/02/10 13:20, Lucas van Staden wrote:
>>>> Hi Peter, thank you for the reply.
>>>>
>>>> I have also started to realise this could be DNS.
>>>> Further investigation also shows mails are defered (using exim)
>>>>
>>>> R: dnslookup_relay_to_domains for lucas at vanstaden.com.au
>>>> calling dnslookup_relay_to_domains router
>>>> dnslookup_relay_to_domains router called for lucas at vanstaden.com.au
>>>> domain = vanstaden.com.au
>>>> DNS lookup of vanstaden.com.au (MX) gave TRY_AGAIN
>>>> vanstaden.com.au in dns_again_means_nonexist? no (option unset)
>>>> returning DNS_AGAIN
>>>> dnslookup_relay_to_domains router: defer for lucas at vanstaden.com.au
>>>> message: host lookup did not complete
>>>> lucas at vanstaden.com.au cannot be resolved at this time: host lookup
>>>> did not complete
>>>> search_tidyup called
>>>>
>>>>
>>>> The router is the main dns server for the internal network, all
>>>> machines are xp desktops, except for this server)
>>>> Manual configuration. No network manager stuff installed.
>>>>
>>>> web at webserver:~$ cat /etc/resolv.conf
>>>> nameserver 192.168.0.1
>>>>
>>>> There are no other dns servers on this network. (should not be
>>>> anyways)
>>>>
>>>> dns on the router:
>>>>
>>>> # cat /etc/resolv.conf
>>>> nameserver 203.0.178.191
>>>> nameserver 203.215.29.191
>>>>
>>>> Pings etc from the router itself is fine.
>>>>
>>>> Taking the nameserver from the router to the server, fixes the issue.
>>>>
>>>> So, the issue is with the routers dns server? (d-link g604t)
>>>>
>>>> Already planning on dumping this router, as it is constantly hanging.
>>>>
>>>> Any sugegstions on a mid-range decent router, which can at least
>>>> handle a bit of intense network trafic?
>>>> This is now the second d-link in 6 months I have had issues with.
>>>> Looks like d-link will go off my list of brands to buy.
>>>>
>>>> -Lucas
>>>>
>>>>
>>>>
>>>> Peter wrote:
>>>>> Lucas van Staden wrote:
>>>>>> Hello.
>>>>>>
>>>>>> I have found an odd problem on my webserver box (use purely to
>>>>>> just host my own two personal websites)
>>>>>>
>>>>>> I cannot seem to ping certain addresses, but browsing them from
>>>>>> links, works fine.
>>>>>> Some work fine.
>>>>>> For the life of me I cannot find what is wrong.
>>>>>> Other machines on this network works fine.
>>>>>> I am sure it is something obvious, but I just can't see it.
>>>>>>
>>>>>> web at webserver:~$ ping www.google.com
>>>>>> PING www.l.google.com (66.102.11.104) 56(84) bytes of data.
>>>>>> From 192.168.0.6 icmp_seq=1 Destination Port Unreachable
>>>>>>
>>>>>> (takes about 1-2 minutes for that response, and for each thereafter)
>>>>>>
>>>>>> Network setup:
>>>>>>
>>>>>> auto eth1
>>>>>> iface eth1 inet static
>>>>>> address 192.168.0.6
>>>>>> netmask 255.255.255.0
>>>>>> gateway 192.168.0.1
>>>>>> network 192.168.0.0
>>>>>> broadcast 192.168.0.255
>>>>>>
>>>>>> web at webserver:~$ sudo route -n
>>>>>> [sudo] password for web:
>>>>>> Kernel IP routing table
>>>>>> Destination Gateway Genmask Flags Metric
>>>>>> Ref Use Iface
>>>>>> 192.168.0.0 0.0.0.0 255.255.255.0 U 0
>>>>>> 0 0 eth1
>>>>>> 0.0.0.0 192.168.0.1 0.0.0.0 UG 100
>>>>>> 0 0 eth1
>>>>>>
>>>>>> web at webserver:~$ sudo ifconfig
>>>>>> eth1 Link encap:Ethernet HWaddr 00:13:8f:a3:cd:e1
>>>>>> inet addr:192.168.0.6 Bcast:192.168.0.255 Mask:255.255.255.0
>>>>>> inet6 addr: fe80::213:8fff:fea3:cde1/64 Scope:Link
>>>>>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
>>>>>> RX packets:13720 errors:0 dropped:0 overruns:0 frame:0
>>>>>> TX packets:18280 errors:0 dropped:0 overruns:0 carrier:0
>>>>>> collisions:0 txqueuelen:1000
>>>>>> RX bytes:4039608 (4.0 MB) TX bytes:16416771 (16.4 MB)
>>>>>> Interrupt:20 Base address:0xd800
>>>>>>
>>>>>> lo Link encap:Local Loopback inet addr:127.0.0.1
>>>>>> Mask:255.0.0.0
>>>>>> inet6 addr: ::1/128 Scope:Host
>>>>>> UP LOOPBACK RUNNING MTU:16436 Metric:1
>>>>>> RX packets:434 errors:0 dropped:0 overruns:0 frame:0
>>>>>> TX packets:434 errors:0 dropped:0 overruns:0 carrier:0
>>>>>> collisions:0 txqueuelen:0
>>>>>> RX bytes:65165 (65.1 KB) TX bytes:65165 (65.1 KB)
>>>>>>
>>>>>> web at webserver:~$ traceroute www.google.com
>>>>>> traceroute to www.google.com (66.102.11.104), 30 hops max, 40
>>>>>> byte packets
>>>>>> 1 (192.168.0.6) 0.090 ms 0.038 ms 0.034 ms
>>>>>>
>>>>>> Does not go any further
>>>>>>
>>>>>> I new d-link modem/router has been put in use, and I am unsure if
>>>>>> this issue existed before then.
>>>>>>
>>>>>> Routing on the router:
>>>>>>
>>>>>> # route -n
>>>>>> Kernel IP routing table
>>>>>> Destination Gateway Genmask Flags Metric
>>>>>> Ref Use Iface
>>>>>> 203.59.14.16 203.59.48.28 255.255.255.255 UGH 0
>>>>>> 0 0 ppp0
>>>>>> 203.59.14.16 0.0.0.0 255.255.255.255 UH 0
>>>>>> 0 0 ppp0
>>>>>> 203.59.48.28 127.0.0.1 255.255.255.255 UGH 0
>>>>>> 0 0 lo
>>>>>> 192.168.0.0 192.168.0.1 255.255.255.0 UG 0
>>>>>> 0 0 br0
>>>>>> 192.168.0.0 0.0.0.0 255.255.255.0 U 0
>>>>>> 0 0 br0
>>>>>> 239.0.0.0 0.0.0.0 255.0.0.0 U 1
>>>>>> 0 0 br0
>>>>>> 0.0.0.0 203.59.14.16 0.0.0.0 UG 0
>>>>>> 0 0 ppp0
>>>>>>
>>>>>>
>>>>>> What could be wrong?
>>>>>>
>>>>> Hi Lucas,
>>>>>
>>>>> Looks like a DNS issue to me. Is the server running DNS (bind)?
>>>>> Do you have another DNS server on your network or is your
>>>>> modem/router configured to supply DNS info?
>>>>>
>>>>> What are the DNS settings you are using on the server (Network
>>>>> Manager?).... Auto or manual DNS?
>>>>>
>>>>> What does /etc/resolv.conf look like?
>>>>>
>>>>> -Peter.
>>>>
>>>>
>>>
>>
>>
>
--
Regards
Lucas van Staden
http://www.proxiblue.com.au/ (Consumer Electronics Retail Shop)
http://www.vanstaden.com.au/ (Linux)
More information about the plug
mailing list