[NTLUG:Discuss] Weird Connection problem

lee lee at brave.com
Thu May 16 18:23:28 CDT 2002 

it seems that enabling the explicit congestion notification part causes 
problems with some firewalls and your http requests go unanswered.  i 
really don't see or know where this congestion notification feature 
really buys me better connectivity or anything, so i leave it disabled 
in my kernel.  but if it is enabled in the kernel, you can shut it off 
temporarily by issuing the command i mentioned below.  a semi-permanent 
solution would be to disable the feature by putting the command in your 
boot start-up scripts.  otherwise, if you're building a kernel already, 
simply refrain from enabling that feature in the kernel.  :)

-- lee

Stephen Davidson wrote:
> Hi Lee.
> 
> I am posting the to the User Group as well, so that this will be 
> available to anyone else who runs into this.
> 
> Your last suggestion fixed this issue.  I have it enabled for the new 
> kernel I am presently building, so for obvious reasons, I will be 
> looking at
> what this does a little more closely before a actually build that new 
> kernel.  I vaguely remember the docs saying something about broken 
> firewalls
> can break this?  Is this correct?
> 
> With the number of hassles this was causing me, I am not sure what the 
> permanent solution should be, and I would like more info.
> 
> Thanks,
> Steve
> 
> lee wrote:
> well, i had a problem once where i built a kernel and enabled something 
> in the networking section called "TCP Explicit Congestion Notification
> support" and having this enabled prevented me from connecting to certain 
> websites due to firewall issues.  it's explained a little bit on the help
> screen for that option.
> 
>  > try this:
>  >
>  > $ cat /proc/sys/net/ipv4/tcp_ecn
>  >
>  > if it returns a "1" then issue (as root)
>  >
>  > $ echo 0 > /proc/sys/net/ipv4/tcp_ecn
>  >
>  > and see if that doesn't solve your connection issue.
>  >
>  > -- lee
>  >
>  > Stephen Davidson wrote:
>  >
>  >> Hi Lee.
>  >>
>  >> Stock install with SuSE 7.3.  Its a patched version of 2.4.10.  Not
>  >> sure what the patches are, however.
>  >> Would upgrading to 2.4.18 clean this up for me?
>  >>
>  >> -Steve
>  >>
>  >> lee wrote:
>  >>
>  >>>
>  >>> have you built and installed a kernel lately or are you using the
>  >>> stock install kernel that came with your distro?
>  >>>
>  >>> -- lee
>  >>>
>  >>> Stephen Davidson wrote:
>  >>>
>  >>>> Hi Kevin.
>  >>>>
>  >>>> This is something that has been driving me up the wall.
>  >>>> Nothing is dieing on the traceroutes.  I can even PING
>  >>>> the websites/domains in question. I just can't connect
>  >>>> via http.  Or for that matter, telnet to port 80.
>  >>>>
>  >>>> -Steve
>  >>>>
>  >>>> Ward Networks wrote:
>  >>>>
>  >>>>  > Swbell is have D-slam problems for over a month now on Rback3 and
>  >>>>  > rback13 which are core routers in the DFW area Stephen - use
>  >>>>  > www.traceroute.org to check back to yourself and see which router
>  >>>> your
>  >>>>  > trace dies at on your different ISP connects.
>  >>>>  >
>  >>>>  > Kevin
>  >>>>  >
>  >>>>  >
>  >>>>  > -----Original Message-----
>  >>>>  > From: discuss-admin at ntlug.org [mailto:discuss-admin at ntlug.org] On
>  >>>> Behalf
>  >>>>  > Of Alton R. Pouncey, II
>  >>>>  > Sent: Monday, May 13, 2002 10:58 PM
>  >>>>  > To: discuss at ntlug.org
>  >>>>  > Subject: Re: [NTLUG:Discuss] Weird Connection problem
>  >>>>  >
>  >>>>  > Can you traceroute to these sites?  Can you successfully telnet
>  >>>> to port
>  >>>>  > 80 on these sites?  If you can telnet to port 80 and do a GET
>  >>>> then http
>  >>>>  > connections should work.
>  >>>>  >
>  >>>>  > Alton
>  >>>>  >
>  >>>>  > On Mon, 2002-05-13 at 17:46, Stephen Davidson wrote:
>  >>>>  >
>  >>>>  >>Greetings.
>  >>>>  >>
>  >>>>  >>I am having a weird problem where about 1/3 of the sites I try to
>  >>>>  >>
>  >>>>  > visit (http) fail to connect.  I am using a couple of ISPs, so the
>  >>>>  > problem is not
>  >>>>  >
>  >>>>  >>that one can't connect.  The really weird thing is that I can ping
>  >>>>  >>
>  >>>>  > them.  Any suggestions on where to look?
>  >>>>  >
>  >>>>  >>Sites affected include;
>  >>>>  >>http://www.epicrealm.com
>  >>>>  >>http://www.zdnet.com
>  >>>>  >>http://www.ananova.com
>  >>>>  >>
>  >>>>  >>Netscape 6.2.2
>  >>>>  >>Lynx Version 2.8.4rel.1 (17 Jul 2001)
>  >>>>  >>Suse 7.3
>  >>>>  >>
>  >>>>  >>ISPs
>  >>>>  >>Qwest
>  >>>>  >>Earthlink
>  >>>>  >>ISPWest
>  >>>>  >>
>  >>>>  >>
>  >>>>  >>
>  >>>>
>  >>>>
>  >>>>
>  >>>> _______________________________________________
>  >>>> http://www.ntlug.org/mailman/listinfo/discuss
>  >>>>
>  >>>
>  >>>
>  >>>
>  >>
>  >>
>  >
>  >
>  >
> 
> 
>

More information about the Discuss mailing list