| View previous topic :: View next topic |
| Author |
Message |
Ant
Tux's lil' helper
Joined: 31 Oct 2002
Posts: 129
Location: Australia
|
 Posted: Sun Feb 05, 2006 8:03 pm Post subject: on going browser problem - tcpdump inside [SOLVED] |
 |
|
Hi all,
For about 2 years now, my gentoo box has failed to load certain websites with any browser I've tried. I've been putting up with it by rebooting into Windows when I need these websites, but it's now the only reason I have left for windows and I would rather get it fixed.
These problem websites load fine with Windows Firefox and in IE, however under gentoo they won't load in both the source and bin versions of firefox nor Epiphany. Also, many similar websites may load very slowly (about 30minutes for a pages that usually just timeout)
The kind of websites that I usually have problems with are some forums, pages served by databases (eg online shopping sites) and most of my internet banking sites.
As an example; I have no access to www.seek.com.au and fourms.worldofwarcraft.com won't load or just the main banner will take 30 minutes+.
Now, this problem is specific to me as other gentoo'ers have already checked and I know these sites work fine for them, so something with my setup is screwy. It feels like something that the web browser is using and not the web browser itself.
Thats where I need some help. What is my browser using to access the web they may be causing these kind of problems??
I've tried reinstalling firefox, deleting my .mozilla directory, recompiling all of gentoo and all the speedup tweaks out there. So far nothing has worked. Lately, I've tried different DNS servers, but this is not the issue and name resolution is fine.
Is it possible that some kind of database or java script is screwed up??
Anyway, hoping someone can suggest possible solutions that I can investigate.
HELP!!! Please!!!
Ant.
Last edited by Ant on Fri Feb 10, 2006 7:46 am; edited 2 times in total |
|
| Back to top |
|
 |
rawbeefman
Guru
Joined: 25 Mar 2005
Posts: 375
|
| Posted: Sun Feb 05, 2006 8:12 pm Post subject: |
|
|
| Maybe its a security thing? Have you looked at your preferences? |
|
| Back to top |
|
|
Ant
Tux's lil' helper
Joined: 31 Oct 2002
Posts: 129
Location: Australia
|
| Posted: Sun Feb 05, 2006 8:38 pm Post subject: |
|
|
| rawbeefman wrote: | | Maybe its a security thing? Have you looked at your preferences? |
Did you mean preferences for for anything specific? I've reset firefox to defaults (a couple of times) with no luck. Is this what you meant? |
|
| Back to top |
|
|
rawbeefman
Guru
Joined: 25 Mar 2005
Posts: 375
|
| Posted: Sun Feb 05, 2006 9:13 pm Post subject: |
|
|
You could try a couple of things. edit>preferences, or your about:config trick. I have fixed a lot of problems using those features.
- Ehren |
|
| Back to top |
|
|
Ant
Tux's lil' helper
Joined: 31 Oct 2002
Posts: 129
Location: Australia
|
| Posted: Sun Feb 05, 2006 9:29 pm Post subject: |
|
|
Ahh, yeah, tried all of that. Pipelinning, etc has had no effect. Thanks for the suggestion though.
Even lynx (text browser) has troubles with these websites, so I don't think it is a browser specific issue but rather an issue with something that all browsers use.
Currently I'm investigating if there is a common library or something, other than that I'm fishing for hints. Is it possible I've just screwed up a network setting somewhere? |
|
| Back to top |
|
|
rawbeefman
Guru
Joined: 25 Mar 2005
Posts: 375
|
| Posted: Tue Feb 07, 2006 2:48 am Post subject: |
|
|
| Did you disable ipv6? Sounds like its looking for something thats not there. Maybe try to catch packets with Ethereal; find what request your computer is sending out and where it is going, but more importantly, what is coming back. |
|
| Back to top |
|
|
Ant
Tux's lil' helper
Joined: 31 Oct 2002
Posts: 129
Location: Australia
|
| Posted: Wed Feb 08, 2006 10:35 pm Post subject: |
|
|
| rawbeefman wrote: | | Did you disable ipv6? Sounds like its looking for something thats not there. Maybe try to catch packets with Ethereal; find what request your computer is sending out and where it is going, but more importantly, what is coming back. |
Yep. Removing IPv6 was one of the first things I did. My system is completely IPv6 free including USE flags, the kernel etc.
I'll have a look at Ethereal and see what I can find out.
If that doesn't help me, I guess I'll reformat my spare windows partition and install a new gentoo onto it from scratch. After 4 years, I guess it's about time.  |
|
| Back to top |
|
|
curtis119
Bodhisattva
Joined: 10 Mar 2003
Posts: 2160
Location: Toledo, Ohio,USA, North America, Earth, SOL System, Milky Way, The Universe, The Cosmos, and Beyond.
|
| Posted: Thu Feb 09, 2006 12:13 am Post subject: |
|
|
Check your /etc/hosts file and see if there is anything odd in it. Post it here so we can see if you do find anything.
_________________
Gentoo: it's like wiping your ass with silk. |
|
| Back to top |
|
|
Ant
Tux's lil' helper
Joined: 31 Oct 2002
Posts: 129
Location: Australia
|
| Posted: Thu Feb 09, 2006 6:34 pm Post subject: |
|
|
| curtis119 wrote: | | Check your /etc/hosts file and see if there is anything odd in it. Post it here so we can see if you do find anything. |
Here is my hosts files. Looks okay to me.
| Code: |
# /etc/hosts: This file describes a number of hostname-to-address
# mappings for the TCP/IP subsystem. It is mostly
# used at boot time, when no name servers are running.
# On small systems, this file can be used instead of a
# "named" name server. Just add the names, addresses
# and any aliases to this file...
# $Header: /home/cvsroot/gentoo-src/rc-scripts/etc/hosts,v 1.8 2003/08/04 20:12:25 azarah Exp $
#
127.0.0.1 localhost dingo
# IPV6 versions of localhost and co
#::1 ip6-localhost ip6-loopback
#fe00::0 ip6-localnet
#ff00::0 ip6-mcastprefix
#ff02::1 ip6-allnodes
#ff02::2 ip6-allrouters
#ff02::3 ip6-allhosts
|
|
|
| Back to top |
|
|
Teetante
Guru
Joined: 02 Mar 2004
Posts: 515
Location: Oldenburg/Germany
|
| Posted: Thu Feb 09, 2006 6:39 pm Post subject: |
|
|
You could try to do it "manually" with a telnet session to see whether it is the slow server response or a browser issue.
_________________
ICQ #81510866 - http://the-gay-bar.com - MSN tante@emptiness.de
Occam's Razor:
-"Entia non sunt multiplicanda praeter necessitatem."- |
|
| Back to top |
|
|
Ant
Tux's lil' helper
Joined: 31 Oct 2002
Posts: 129
Location: Australia
|
| Posted: Thu Feb 09, 2006 9:03 pm Post subject: |
|
|
| Teetante wrote: | | You could try to do it "manually" with a telnet session to see whether it is the slow server response or a browser issue. |
I can telnet into these web servers on port 80 with no problems. Not to sure on the 'manual' part though. (Last time I manually connected to a port was many years ago. Ahh.. the old smtp email spoof.. so much fun at uni.  ) |
|
| Back to top |
|
|
Ant
Tux's lil' helper
Joined: 31 Oct 2002
Posts: 129
Location: Australia
|
| Posted: Thu Feb 09, 2006 10:28 pm Post subject: |
|
|
| Ant wrote: | | rawbeefman wrote: | | Maybe try to catch packets with Ethereal; find what request your computer is sending out and where it is going, but more importantly, what is coming back. |
I'll have a look at Ethereal and see what I can find out.
|
Well, I gave ethereal a go. Nice app there. Thanks for the heads up. Now, is anyone an expert at reading tcpdump data?? I've think I've found the problem and have attached the appropriate snippet below.
| Code: |
No. Time Protocol Info
1 0.000000 DNS Standard query A forums.worldofwarcraft.com
2 0.204059 DNS Standard query response A 12.129.217.203
3 0.205133 TCP 34062 > http [SYN] Seq=0 Ack=0 Win=5840 Len=0 MSS=1460 TSV=77357319 TSER=0 WS=7
4 0.214845 TCP http > 34062 [SYN, ACK] Seq=0 Ack=1 Win=64240 Len=0 MSS=1460 WS=0 TSV=2421630922 TSER=77357319
5 0.214949 TCP 34062 > http [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=77357329 TSER=2421630922
6 0.215122 HTTP GET / HTTP/1.1
7 0.226198 TCP http > 34062 [ACK] Seq=1 Ack=430 Win=63811 Len=0 TSV=2421630923 TSER=77357329
8 0.553298 TCP [TCP segment of a reassembled PDU]
9 0.553376 TCP 34062 > http [ACK] Seq=430 Ack=155 Win=5888 Len=0 TSV=77357667 TSER=2421630955
10 0.553652 TCP [TCP segment of a reassembled PDU]
11 0.553680 TCP 34062 > http [ACK] Seq=430 Ack=1449 Win=8448 Len=0 TSV=77357667 TSER=2421630955
12 0.554622 TCP [TCP segment of a reassembled PDU]
13 0.554694 TCP 34062 > http [ACK] Seq=430 Ack=2897 Win=11392 Len=0 TSV=77357668 TSER=2421630955
14 0.797829 TCP 34063 > http [SYN] Seq=0 Ack=0 Win=5840 Len=0 MSS=1460 TSV=77357911 TSER=0 WS=7
15 0.804885 TCP http > 34063 [SYN, ACK] Seq=0 Ack=1 Win=64240 Len=0 MSS=1460 WS=0 TSV=2421400056 TSER=77357911
16 0.804963 TCP 34063 > http [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=77357919 TSER=2421400056
17 0.825780 TCP [TCP segment of a reassembled PDU]
18 0.825939 HTTP GET /cgi-bin/m?ci=seek&cg=0&du=30&si=http%3A//www.seek.com.au/&rp=http%3A//forums.gentoo.org/viewtopic-p-3099173.html&ov=
Linux%3A2.6.8.1%3Ai386&jv=1.4.2_10&tl=&sr=1400x1050&lg=en-US&je=y&ck=y&tz=0&ct=&hp=&cd=24&li= HTTP/1.1
19 0.832273 TCP http > 34063 [ACK] Seq=1 Ack=507 Win=63734 Len=0 TSV=2421400059 TSER=77357939
20 0.836821 TCP http > 34063 [ACK] Seq=1 Ack=533 Win=64214 Len=0 TSV=2421400059 TSER=77357940
21 1.484935 TCP [TCP segment of a reassembled PDU]
22 1.485071 TCP 34063 > http [ACK] Seq=533 Ack=637 Win=7168 Len=0 TSV=77358599 TSER=2421400124
23 1.485085 HTTP HTTP/1.1 200 OK (GIF89a)
24 1.485135 TCP 34063 > http [ACK] Seq=533 Ack=642 Win=7168 Len=0 TSV=77358599 TSER=2421400124
25 5.530189 TCP [TCP segment of a reassembled PDU]
26 5.530314 TCP 34062 > http [ACK] Seq=430 Ack=2986 Win=11392 Len=0 TSV=77362645 TSER=2421630955
27 6.512023 TCP 34063 > http [FIN, ACK] Seq=533 Ack=642 Win=7168 Len=0 TSV=77363627 TSER=2421400124
28 6.520285 TCP http > 34063 [ACK] Seq=642 Ack=534 Win=64240 Len=0 TSV=2421400627 TSER=77363627
29 6.520492 TCP http > 34063 [FIN, ACK] Seq=642 Ack=534 Win=64240 Len=0 TSV=2421400627 TSER=77363627
30 6.520531 TCP 34063 > http [ACK] Seq=534 Ack=643 Win=7168 Len=0 TSV=77363635 TSER=2421400627
31 8.765752 TCP 34037 > http [FIN, ACK] Seq=0 Ack=0 Win=57 Len=0 TSV=77365881 TSER=2421523822
|
TCP retransmission here and then pulsing 5sec packets during which everything stops in the browser.
| Code: |
32 8.978605 TCP [TCP Retransmission] 34037 > http [FIN, ACK] Seq=0 Ack=0 Win=57 Len=0 TSV=77366094 TSER=2421523822
33 8.988455 TCP http > 34037 [RST] Seq=0 Ack=2792523657 Win=0 Len=0
34 10.665351 TCP [TCP segment of a reassembled PDU]
35 10.665425 TCP 34062 > http [ACK] Seq=430 Ack=3075 Win=11392 Len=0 TSV=77367781 TSER=2421630955
36 15.797554 TCP [TCP segment of a reassembled PDU]
37 15.797633 TCP 34062 > http [ACK] Seq=430 Ack=3164 Win=11392 Len=0 TSV=77372914 TSER=2421630955
38 20.938089 TCP [TCP segment of a reassembled PDU]
39 20.938152 TCP 34062 > http [ACK] Seq=430 Ack=3253 Win=11392 Len=0 TSV=77378055 TSER=2421630955
40 25.969483 TCP [TCP segment of a reassembled PDU]
41 25.969587 TCP 34062 > http [ACK] Seq=430 Ack=3342 Win=11392 Len=0 TSV=77383087 TSER=2421630955
42 31.113154 TCP [TCP segment of a reassembled PDU]
43 31.113240 TCP 34062 > http [ACK] Seq=430 Ack=3431 Win=11392 Len=0 TSV=77388232 TSER=2421630955
44 36.248875 TCP [TCP segment of a reassembled PDU]
45 36.248959 TCP 34062 > http [ACK] Seq=430 Ack=3520 Win=11392 Len=0 TSV=77393368 TSER=2421630955
46 41.392972 TCP [TCP segment of a reassembled PDU]
47 41.393053 TCP 34062 > http [ACK] Seq=430 Ack=3609 Win=11392 Len=0 TSV=77398513 TSER=2421630955
48 46.529062 TCP [TCP segment of a reassembled PDU]
49 46.529135 TCP 34062 > http [ACK] Seq=430 Ack=3698 Win=11392 Len=0 TSV=77403650 TSER=2421630955
50 51.568200 TCP [TCP segment of a reassembled PDU]
51 51.568272 TCP 34062 > http [ACK] Seq=430 Ack=3787 Win=11392 Len=0 TSV=77408690 TSER=2421630955
|
Then 40secs later rapid download of the main banner.
| Code: |
52 51.584102 TCP 34064 > http [SYN] Seq=0 Ack=0 Win=5840 Len=0 MSS=1460 TSV=77408705 TSER=0 WS=7
53 51.589821 TCP http > 34064 [SYN, ACK] Seq=0 Ack=1 Win=64240 Len=0 MSS=1460 WS=0 TSV=2421636060 TSER=77408705
54 51.589903 TCP 34064 > http [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=77408711 TSER=2421636060
55 51.590262 HTTP GET /images/account-creation/wowlogo2.gif HTTP/1.1
56 51.605558 TCP http > 34064 [ACK] Seq=1 Ack=431 Win=63810 Len=0 TSV=2421636061 TSER=77408712
57 51.709445 TCP [TCP segment of a reassembled PDU]
58 51.709508 TCP 34064 > http [ACK] Seq=431 Ack=1449 Win=8832 Len=0 TSV=77408831 TSER=2421636072
59 51.709884 TCP [TCP segment of a reassembled PDU]
60 51.709916 TCP 34064 > http [ACK] Seq=431 Ack=2897 Win=11648 Len=0 TSV=77408831 TSER=2421636072
|
...snipped.. similar packets 0.01 sec apart when the image is downloaded.
Then another series of 5sec delayed packets during which everything stops in the browser.
| Code: |
128 52.172322 HTTP HTTP/1.1 200 OK (GIF89a)
129 52.172391 TCP 34064 > http [ACK] Seq=431 Ack=59203 Win=64128 Len=0 TSV=77409294 TSER=2421636094
130 56.702336 TCP [TCP segment of a reassembled PDU]
131 56.702411 TCP 34062 > http [ACK] Seq=430 Ack=3876 Win=11392 Len=0 TSV=77413825 TSER=2421630955
132 61.712377 TCP http > 34064 [FIN, ACK] Seq=59203 Ack=431 Win=64240 Len=0 TSV=2421637072 TSER=77409294
133 61.751585 TCP 34064 > http [ACK] Seq=431 Ack=59204 Win=64128 Len=0 TSV=77418875 TSER=2421637072
134 61.840421 TCP [TCP segment of a reassembled PDU]
135 61.840498 TCP 34062 > http [ACK] Seq=430 Ack=3965 Win=11392 Len=0 TSV=77418963 TSER=2421630955
136 62.261767 TCP 34064 > http [FIN, ACK] Seq=431 Ack=59204 Win=64128 Len=0 TSV=77419385 TSER=2421637072
137 62.268611 TCP http > 34064 [ACK] Seq=59204 Ack=432 Win=64240 Len=0 TSV=2421637128 TSER=77419385
138 66.981782 TCP [TCP segment of a reassembled PDU]
139 66.981861 TCP 34062 > http [ACK] Seq=430 Ack=4054 Win=11392 Len=0 TSV=77424106 TSER=2421630955
140 70.929217 TCP http > 33992 [RST, ACK] Seq=0 Ack=0 Win=64240 Len=0
|
etc
Does anyone fluent in http packets have any suggestions on why I am seeing this behaviour only on specific problem websites? Or what could be causing it?
Thanks for your help and ideas on this. Feel like I've finally made some progress. |
|
| Back to top |
|
|
adq
n00b
Joined: 02 Apr 2005
Posts: 6
|
| Posted: Fri Feb 10, 2006 1:05 am Post subject: |
|
|
Sounds like an MTU problem. Would the description "some sites don't work at all, some work a bit, and there seems to be no pattern to it" be correct?
try (as root): ifconfig <youroutgoinginternetinterface> mtu 1300
1300 is likely way too low, but should work with virtually anything. If this fixes it, you can find the maximum MTU for your ISP by pinging an external host using something like:
e.g. ping -s <packetsize> -c 1 <host>
If you set your mtu back to 1500, and try varying <packetsize> between 1300-1500 you should be able to find the limit at which packets are not returned. Make sure to use a "friendly" host to ping against - some people might object to large ping packets (they're normally 56 bytes). |
|
| Back to top |
|
|
Ant
Tux's lil' helper
Joined: 31 Oct 2002
Posts: 129
Location: Australia
|
| Posted: Fri Feb 10, 2006 7:45 am Post subject: |
|
|
| adq wrote: | Sounds like an MTU problem. Would the description "some sites don't work at all, some work a bit, and there seems to be no pattern to it" be correct?
try (as root): ifconfig <youroutgoinginternetinterface> mtu 1300
1300 is likely way too low, but should work with virtually anything. If this fixes it, you can find the maximum MTU for your ISP by pinging an external host using something like:
e.g. ping -s <packetsize> -c 1 <host>
If you set your mtu back to 1500, and try varying <packetsize> between 1300-1500 you should be able to find the limit at which packets are not returned. Make sure to use a "friendly" host to ping against - some people might object to large ping packets (they're normally 56 bytes). |
Thankyou. Thankyou. Thankyou. Thankyou. Thankyou. Thankyou.
It works. I'm kind of stunned. Finally, internet banking while using gnucash.
Now, to educate myself about mtu and cable modems and all that.
Again. Thankyou so much.
Regards,
Ant. |
|
| Back to top |
|
|
|
Desktop Environments
