* hanasaki (hanasaki@hanaden.com) [020305 12:49]: > Here is the situation. It looks like something in the route is blocking > IP traffice based on the Linux IP stack. The below is repeatable with > Different external IP's assigned from RR to diff NIC w/ diff MAC's > > Win2000 -> RoadRunnderCableModem -> www.wdc.com (OK) > Win2000 -> RoadRunnderCableModem -> www.nvidia.com (OK) > > Win2000 -> Woody with Squid -> RoadRunnderCableModem > -> www.wdc.com (blocked) > Woody FW -> telnet www.wdc.com 80 -> RoadRunnderCableModem > -> www.wdc.com (blocked) > Win2000 -> Woody with Squid -> RoadRunnderCableModem > -> www.nvidia.com (blocked) > Woody FW -> telnet www.nvidia.com 80 -> RoadRunnderCableModem > -> www.nvidia.com (blocked) What version kernel is this? Might be an ECN thing. How do pings seem to be working? If it's a 2.4.x kernel, check if ECN is enabled like this: cat /proc/sys/net/ipv4/tcp_ecn or sysctl net.ipv4.tcp_ecn If you get a 1, it's enabled. Your upstream router could be buggy, dropping all packets with the ECN bit set. To disable it, use one of these: echo "0" > /proc/sys/net/ipv4/tcp_ecn or sysctl -w net.ipv4.tcp_ecn=0 If that works, you might want to make the change permanent by adding a line like this to /etc/sysctl.conf: net.ipv4.tcp_ecn=0 good times, Vineet -- Currently seeking opportunities in the SF Bay Area Please see http://www.doorstop.net/resume/
Attachment:
pgpVMUdCjxZcI.pgp
Description: PGP signature