Stumper

Wed Jan 22 01:06:07 UTC 2003

MTU on user-end shouldn't really be an issue here.. B/c if so, then (I 
am only assuming this) how could they access other sites like yahoo.com, 
etc? I am sure your web site is no different than other common ones.

Linksys routers have various issues. The best bet is to go after the 
firmware and make sure its up-to-date. -- but yet they have no problems 
accessing other sites?? hmm.

This is probably not the cause of the issue but just in case --- You may 
wanna check to make sure that your server does not have ECN enabled. 
I've experienced some firewalls/internet sharing devices misbehaving 
whenever trying to connect to an ECN-enabled server. Again, this is 
probably not it, but just one of the things to try out, if you run out 
of other clues...

-hc

Mark J. Scheller wrote:

>I have run into a problem that has me completely stumped, so I'm tossing it
>out to NANOG for some help.
>
>Before I lay out the specifics, I'm not trying to point fingers at any
>particular ISP or vendor here, but this problem only exhibits itself in very
>specific configurations.  Unfortunately, the configuration is common enough as
>to get unwanted attention from the higher-ups.
>
>Here's the particulars:
>
>Users that have Verizon DSL and a Linksys cable/DSL router have difficulties
>accessing sites on my network -- whether they are trying with http, https,
>smtp, pop3, ssh, ftp, etc., etc.  Oh, but pings seem to be fine.  Low latency,
>no loss.  This is true even for access to a server brought up in the DMZ, to
>keep the firewalls out of the equation.
>
>Doing some packet sniffing on the ethernet side of my router, I could see
>specific http requests never showed up (and the user saw the broken image
>icon).  This was for an mrtg graph page with +/- 30 images.  I saw the request
>for almost all the image files, save for one and the user reported the broken
>image icon for the one.  So this looks and smells like a packet loss
>issue..... but who/where/how?
>
>Taking the Linksys out of the pictures (connecting their PC directly to the
>Verizon DSL modem) makes the problem go away.
>
>These same users report no trouble whatsoever accessing many other common
>sites across the internet.
>
>Here's another interesting data point:  when one user runs Morpheus (on
>any machine in his home network) he then has absolutely no problems accessing
>servers/services on my network.
>
>Other users with Linksys routers and, say cable modem, do not have this
>problem!
>
>So I'm looking for some pointers.  What could I have done to my edge router (a
>Cisco 3640 if that helps any) that would make it drop packets from Verizon DSL
>customers with Linksys routers so long as they aren't running Morpheus?
>
>Mark J. Scheller (scheller at u1.net)
>
>
>  
>