Petter Reinholdtsen skrev:
[Ole-Anders Andreassen]What kind of things should I test to document, or find the problems? So far I have just used MTR to document slow respons, wget --no-proxy to document that www hangs and ends time out, ifconfig to show NiC settings, and route...Comparing tcptraceroute and traceroute might be useful. A tcpdump of a hanging session might be useful too. What you describe sound slighly similar to the problem we experienced at a gathering, where some transparent firewall (Firewall 1, if I do not remember incorrectly), were unable to parse HTTP headers with unix line endings and simply refused to handle such HTTP connections. Happy hacking,
tjener:~# tcptraceroute www.vg.no Selected device eth0, address 10.0.2.2, port 52967 for outgoing packets Tracing the path to www.vg.no (195.88.54.16) on TCP port 80 (www), 30 hops max 1 10.0.2.1 9.061 ms 0.461 ms 0.512 ms 2 10.63.152.1 1.235 ms 1.036 ms 0.978 ms 3 10.202.63.1 3.894 ms 10.220 ms 3.858 ms 4 10.200.193.17 3.790 ms 3.795 ms 4.070 ms 5 85.221.22.129 4.657 ms 23.638 ms 17.696 ms 6 www.vg.no (195.88.54.16) [open] 19.536 ms 11.242 ms 10.339 ms tjener:~# traceroute www.vg.no traceroute to www.vg.no (195.88.54.16), 30 hops max, 40 byte packets 1 gateway.intern (10.0.2.1) 0.520 ms 0.808 ms 1.486 ms 2 10.63.152.1 (10.63.152.1) 5.345 ms 5.431 ms 5.521 ms 3 10.202.63.1 (10.202.63.1) 12.244 ms 12.591 ms 12.795 ms 4 10.200.193.17 (10.200.193.17) 13.129 ms 13.338 ms 14.487 ms 5 85.221.22.129 (85.221.22.129) 13.610 ms 13.971 ms 14.207 ms 6 85.221.22.1 (85.221.22.1) 13.799 ms 18.911 ms 19.102 ms 7 195.204.200.102 (195.204.200.102) 19.249 ms 15.599 ms 10.038 ms 8 195.204.200.101 (195.204.200.101) 10.188 ms 10.290 ms 10.362 ms 9 195.204.183.16 (195.204.183.16) 21.753 ms * 22.218 ms 10 c10G-xe-4-3-0.br1.xa19.no.catchbone.net (193.75.9.21) 21.998 ms * 22.076 ms 11 * te7-1-0.cr1.xa19.no.catchbone.net (193.75.1.73) 22.289 ms 22.600 ms 12 te7-1-0.cr1.fn3.no.catchbone.net (193.75.3.150) 22.705 ms 22.799 ms 22.868 ms 13 193.75.3.254 (193.75.3.254) 33.824 ms 30.865 ms 18.254 ms 14 xe-1-3-0.cr3.hmg9.no.linpro.net (193.156.90.81) 18.547 ms 18.629 ms 20.115 ms 15 vlan62.sw0.hmg9.no.linpro.net (87.238.32.19) 21.481 ms * 21.754 ms 16 www.vg.no (195.88.54.16) 21.271 ms 21.833 ms 21.916 ms tjener:~# The firewall log at the town hall shows a lot of messages about "TCP packet out of state" Wireshark tells me that the second stage [SYN-ACK] of 3-way-handshake never happens. The realy strange thing is that this only affects PC's with Linux OleA