Can't connect to certain hosts on port 80

2

I'm totally stumped by this so any suggestions would be great! My dev machine running OSX Mavericks, which works fine otherwise, can't connect to major sites like google, youtube and some CDNs (like stackexchange's CDN). The error I get from a

wget http://maps.google.com/

is

Connecting to maps.google.com|2607:f8b0:400a:804::100e|:80... connected.
HTTP request sent, awaiting response... No data received.

If I telnet to port 80 of stackexchange cdn and try a helo I get

telnet 141.101.114.59 80
Trying 141.101.114.59...
Connected to 141.101.114.59.
Escape character is '^]'.
helo
Connection closed by foreign host.

Another example:

telnet cdn.sstatic.net 80
Trying 2400:cb00:2048:1::be5d:f53a...
Connected to sstatic.net.cdn.cloudflare.net.
Escape character is '^]'.
GET /index.html
Connection closed by foreign host.

The same commands work perfectly if I try them from my other machines but I did notice the second example on a unix server returns a regular IP. This problem is consistent even when I change networks and seems specific to the port because I can connect to port 443 just fine on the same hosts. I also tried everything as a new user in case there were some user specific settings but no luck.

So is there some system specific setting in osx that would prevent some, but not all, port 80 traffic? Or should I just wipe the machine and start fresh?

Thanks so much!

danielwashbrook

Posted 2014-03-21T21:16:16.027

Reputation: 21

1HELO is SMTP, not HTTP. – Spiff – 2014-03-22T01:06:58.353

Answers

0

If you are try to use telnet to send raw messages to a web server, you need to use actual raw HTTP, another reference , not the telnet or smtp commands since the webserver likely only speaks HTTP.

e.g., something like:

GET /index.htm HTTP/1.1 
host: www.example.com

Do you have any firewalls, proxies, etc in your path which may be refusing the traffic? Also, have you checked that your DNS is working? Other things to try is accessing the website directly by IP instead of host name.

To troubleshoot your problem, you need to likely capture some traffic to see if it is being refused or if it's just timing out. You may be able to do this using some of the developer tools in your browser (e.g., Chrome's developer tools network panel) if their is a "network" monitor option. Otherwise, you can use a program like WireShark. This will give you more information on what is happening at the network level.

Eric G

Posted 2014-03-21T21:16:16.027

Reputation: 1 010

The DNS issue might be close. Here's an excerpt using the proper HTTP commands, but i'm noticing the url is turned into IPV6 now, could that be the problem?

telnet cdn.sstatic.net 80
Trying 2400:cb00:2048:1::be5d:f53a...
Connected to sstatic.net.cdn.cloudflare.net.
Escape character is '^]'.
GET /index.html
Connection closed by foreign host. – danielwashbrook – 2014-03-22T04:51:53.330

Just tried disabling ipv6 with networksetup –setv6off Wi-Fi and tried telnet directly to the ip with the same results. – danielwashbrook – 2014-03-22T05:03:13.303

I would recommend capturing traffic with WireShark, it will tell you more information. – Eric G – 2014-03-22T14:59:29.837

I've got WireShark installed and did some capturing. A normal request has plenty of TCP traffic and a couple HTTP. The above mentioned requests that fail get no TCP traffic. – danielwashbrook – 2014-03-26T21:27:20.813

I did notice that the IPV6 seems more like a possibility. By messing around with enabling/disabling ipv6 I had one server start working again. The big difference I could see is the order of the response to resolve the host returned the ipv4 ahead of ipv6 and then it worked! I've been trying to figure out how to perhaps disable ipv6 completely, at least from my dns requests. Could this be a possibility? – danielwashbrook – 2014-03-26T21:29:15.897

Here's a traceroute6 output that works on my servers but just doesn't return anything on my dev machine: traceroute6 to 2400:cb00:2048:1::a29f:f829 (2400:cb00:2048:1::a29f:f829) from 2001:470:813b::20a0:0:302, 30 hops max, 12 byte packets 1 * * 2 * * 3 * * 4 * * 5 * * 6 * * – danielwashbrook – 2014-03-26T21:58:27.373

Asked: 2014-03-21T21:16:16.027

Viewed: 602 times

Active: 2014-03-22T04:56:41.733