Hi,
I have a problem with the 2.4.14 kernel custom compiled on a RedHat 7.2. I
thought I was very careful in selecting the necessary modules at first.
Everything works great except that when I want to browse some sites
I get a "connection timed out". Most of the sites work ok but some
specific ones like http://www.nvidia.com, http://www.sun.com, http://www.ingdirect.com
never works and gives the same error. When I boot up with other
kernel or win2000 everything works fine though:( Maybe this is
a consequence of some other bigger problem which I couldn't figure
out so far. It looks like only those sites filter out my http request.
What modules could I have forgotten to include?
Another question is I don't have ipt_MIRROR, ipt_unclean, ipt_iplimit
in netfilter modules anymore. What config settings should I set on
to have these back?
Thanks a lot,
Alp
My guess is that this is becuase you have IPv6 turned on, and these sites
resolve to an IPv6 address, as well as an IPv4 address. Linux will not, under
these circumstances, fall back on the IPv4 address. Turn of IPv6, or connect
to the 6bone.
Daniel
On Wed, 12 Dec 2001 18:29:17 -0500 (EST)
Alp ATICI <[email protected]> wrote:
> Hi,
> I have a problem with the 2.4.14 kernel custom compiled on a RedHat 7.2. I
> thought I was very careful in selecting the necessary modules at first.
> Everything works great except that when I want to browse some sites
> I get a "connection timed out". Most of the sites work ok but some
> specific ones like http://www.nvidia.com, http://www.sun.com, http://www.ingdirect.com
> never works and gives the same error. When I boot up with other
> kernel or win2000 everything works fine though:( Maybe this is
> a consequence of some other bigger problem which I couldn't figure
> out so far. It looks like only those sites filter out my http request.
> What modules could I have forgotten to include?
>
> Another question is I don't have ipt_MIRROR, ipt_unclean, ipt_iplimit
> in netfilter modules anymore. What config settings should I set on
> to have these back?
> Thanks a lot,
> Alp
---
Recursion n.:
See Recursion.
-- Random Shack Data Processing Dictionary
This is a FAQ -
echo "0" > /proc/sys/net/ipv4/tcp_ecn
cu
jjs
Alp ATICI wrote:
> Hi,
> I have a problem with the 2.4.14 kernel custom compiled on a RedHat 7.2. I
> thought I was very careful in selecting the necessary modules at first.
> Everything works great except that when I want to browse some sites
> I get a "connection timed out". Most of the sites work ok but some
> specific ones like http://www.nvidia.com, http://www.sun.com, http://www.ingdirect.com
> never works and gives the same error. When I boot up with other
> kernel or win2000 everything works fine though:( Maybe this is
> a consequence of some other bigger problem which I couldn't figure
> out so far. It looks like only those sites filter out my http request.
> What modules could I have forgotten to include?
>
> Another question is I don't have ipt_MIRROR, ipt_unclean, ipt_iplimit
> in netfilter modules anymore. What config settings should I set on
> to have these back?
> Thanks a lot,
> Alp
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
On Wed, Dec 12, 2001 at 06:38:43PM -0500, Daniel Gryniewicz wrote:
> My guess is that this is becuase you have IPv6 turned on, and these sites
> resolve to an IPv6 address, as well as an IPv4 address. Linux will not,
> under these circumstances, fall back on the IPv4 address. Turn of IPv6,
> or connect to the 6bone.
Good theory, apart from a major flaw - http://www.nvidia.com nor http://www.sun.com
resolve to any IPv6 records (AAAA nor A6).
A better explaination would probably be ECN, and indeed, I am unable to
reach http://www.sun.com from a local ECN-enabled host.
> On Wed, 12 Dec 2001 18:29:17 -0500 (EST)
> Alp ATICI <[email protected]> wrote:
>
> > I get a "connection timed out". Most of the sites work ok but some
> > specific ones like http://www.nvidia.com, http://www.sun.com, http://www.ingdirect.com
> > never works and gives the same error.
--
Russell King ([email protected]) The developer of ARM Linux
http://www.arm.linux.org.uk/personal/aboutme.html
> echo "0" > /proc/sys/net/ipv4/tcp_ecn
You forgot
mail webmaster postmaster dns contact @ site
On December 12, 2001 17:35, Alan Cox wrote:
> > echo "0" > /proc/sys/net/ipv4/tcp_ecn
>
> You forgot
>
> mail webmaster postmaster dns contact @ site
Try not to be too harsh or confrontational, remember that the problem could
be in -any- hardware between you and the website the poor sod is maintaining.
This is mildly offtopic, but does anyone have any useful stats of:
A) The number of ECN-capable hosts/routers
B) The number of ECN-hostile hosts/routers
If more of the internet fit in to the 'A' catagory than the 'B' catagory, I'd
be very tempted to enable ECN and crusade against the remaining deviants, but
right now it seems like merely an annoyance with no real gains.
-Ryan
From: Ryan Cumming <[email protected]>
Date: Wed, 12 Dec 2001 17:44:18 -0800
If more of the internet fit in to the 'A' catagory than the 'B'
catagory, I'd be very tempted to enable ECN and crusade against the
remaining deviants, but right now it seems like merely an annoyance
with no real gains.
Amusingly the only web site I regularly visit for which I have to
explicitly turn ECN off is http://www.sun.com :-)
[email protected] said:
> > echo "0" > /proc/sys/net/ipv4/tcp_ecn
> You forgot
> mail webmaster postmaster dns contact @ site
Indeed. Which is one of the reasons why it is better to refer people to
the FAQ than to attempt to answer the question.
http://www.tux.org/lkml/#s14-2
--
dwmw2
On 20011213 David S. Miller wrote:
> From: Ryan Cumming <[email protected]>
> Date: Wed, 12 Dec 2001 17:44:18 -0800
>
> If more of the internet fit in to the 'A' catagory than the 'B'
> catagory, I'd be very tempted to enable ECN and crusade against the
> remaining deviants, but right now it seems like merely an annoyance
> with no real gains.
>
>Amusingly the only web site I regularly visit for which I have to
>explicitly turn ECN off is http://www.sun.com :-)
>
My ISP uses Solaris boxes for mail service and so on. I had to unsubscribe
of LKML from that address due to ENC. The damned solaris box trashed
ECN enabled packets so vger could not reach it. Now I am subscribed
from an IRIX box and it works.
The admin of the Solaris boxes told me he was talking with Sun... that
was months ago.
Anybody knows if Sun firewall soft is already ECN aware ?
Thanks.
--
J.A. Magallon # Let the source be with you...
mailto:[email protected]
Mandrake Linux release 8.2 (Cooker) for i586
Linux werewolf 2.4.17-pre8-beo #2 SMP Tue Dec 11 00:00:10 CET 2001 i686