RE: Router / Protocol Problem

From: Jeff Jirsa (no email)
Date: Thu Sep 07 2006 - 12:22:33 EDT

  • Next message: Glen Kent: "Multiple BGP Routes in FIB"

    On Sep 6, 2006, at 9:04 AM, Mike Walter wrote:

    > Recently with no changes to my network, I have been having problems
    > connecting to certain websites and mail servers. I am always able
    > to ping the sites and trace route without error. If I telnet to
    > port 80 or port 25 it does not connect. If I login to my router
    > and telnet sourcing my each of Internet Providers ports, I am able
    > to get to the sites. I have talked with all the providers and none

    Check a packet dump and see if your affected boxes are sending SWE (SYN
    with ECN enabled) instead of plain SYN packets. Some firewalls (at least
    default m0n0wall and older PIX) reject and dump ECN syn packets while
    allowing pure syns through. If your affected peer has you running
    through some weird filter that's dropping SWE packets, this would cause
    symptoms exactly as you're seeing - ping is fine, traceroute is fine,
    but TCP sessions never complete the handshake (as the receiving side
    never got the first SYN).

    - J

     


  • Next message: Glen Kent: "Multiple BGP Routes in FIB"





    Hosted Email Solutions

    Invaluement Anti-Spam DNSBLs



    Powered By FreeBSD   Powered By FreeBSD