2
I got a really strange problem and I don't know what to do anymore. All my problems started a couple of weeks ago.
A basic schematic of my network is available in the fallowing image:
Basic Configuration:
M1 services:
M2 services:
- USBWebserver on port 8080
Router Port Forwards (Extern[E:] to Intern)
- E:81 to M1:80
- E:4321 to M1:4321
- E:8080 to Router:8080
- E:8081 to M2:8080
- E:22 to M1:22 (ssh)
- E:10000 to M1:10000 (https webmin)
- E:3389 to M2:3389 (rdc)
The problem:
On port 4321 I have a quite heavy incoming traffic. My problem started when I realized that my HTTPD services on the M1 was accessible only from some ISP's.
My Internet Service Provider is providing me with a static IP address (188.26.X.XXX), based on a PPPOE connection and is called RDS. Other ISP's in this discution are ROMTELECOM,ORANGE, UPC and INTERSAT.
After a few tests the problem was as fallows:
E:81,E:4321,E:8080,E:10000 was not loading from RDS(my own network), ROMTELECOM, INTERSAT. E:81,E:4321,E:8080,E:10000 was loading from ROMTELECOM (different geographical region), UPC and mobile networks like ORANGE.
E:8081,E:3389 and E:22 was accesible from anywhere.
All services available in LAN.
Troubleshooting Steps
- Disabling any kind of firewall on the router and M1.
- Result: Same problem.
- Changing the LAN ip's and MAC addresses for Router(wan) and M1
- Result: Same problem.
- Changing the Router Asus WL-520GU running DD-WRT with a WRT54GL running default firmware and then Tomato.
- Result: Same problem.
- Removing the M1 from the network and installing 2 virtual machines, VM1 and VM2 on M2. VM1 has the same configuration as M1. VM2 was for testing purposes and was running WINDOWS XP with RoR for Windows and USBWebserver.
- Result: VM1 same scenario as M1(ssh OK. RoR and apache not OK). VM2 inaccessible.
- Removing the router from the network and connecting directly to the M2. Forwarding ports to VM1 and VM2.
- Result: Same problem.
- Freaking out.
- Result: Same problem.
- Calling ISP support and sending an email. A telephone conversation was made and the problem explained. No known issues from them. No traffic alteration from my ISP.
- Result: Same problem.
- Repeating steps from above in random order...
Other tests that I made
Using WFetch I realized that my request from the affected networks was recived by my server but the response was frizzing after a few bytes. Using my E:81 with _h5ai as a service for my screenshot's and other file sharing purposes, I removed all files and made a index.html with 1 character. Testing again the E:81 from affected networks, the service was accessible and the content of index.html was received. Adding characters to the file I discovered that a index.html with ~1499 characters was successively received. Adding one more character the effect will become unresponsive as described. No time out's from the browser, just waiting from a response. Unfortunately, this buffer was not the same on WEBrick. A bigger response from my server (~3k characters) was needed to reproduce the problem. The E:8081 was accessible all the time from all networks.
Also, I realized that if I request a non existing page :81/xyz or :4321/xyz, I receive the 404 error.From both HTTP servers, apache2 and WEBrick. This is have to do with that maximum amount of data allowed as response.
Reproducing the problem
My current configuration contains the VM1. M1 and VM2 was removed. Try to access 188.26.X.XXX:4321 and 188.26.X.XXX:81 by browser and if is not working, by WFetch.
Thank you and I hope that I made my problem clear.
1Did you try changing your router's MTU? Your mention of 1499 characters would suggest some MTU issue. I have seen this issue in reverse (ie when your router stops you accessing some sites), but perhaps it also applies in this scenario. – sgmoore – 2012-07-09T13:10:10.740
I only have tried 1492 and Auto. I will try to use a bigger value disregarding whatever my ISP has told me. Thanks. – andySF – 2012-07-09T20:16:29.503
I really have to learn more about MTU. I was thinking that a bigger value means more access through the network. I tried to set a bigger value but the limit was 576-1492. Then I tried the inferior limit, 576, and now all works. Now I need to understand what is happening. Thank you for directing me in the right direction. If you could answer and detail a little about MTU so future readers could have a proper answer, I will accept your answer. – andySF – 2012-07-10T12:20:55.597
Glad it sorted the problem. As per my answer and since you mention your site experiences heavy traffic, it is probably best not to leave the router's MTU at 576, both rather try to find the largest value that works reliably. – sgmoore – 2012-07-10T14:00:14.067