Internet Issue
a...@unsu.com
Ok, here is a real mystery. My setup is this: Modem from my ISP (in
bridge mode). That connects to my Linksys Router, which connects to
my Linksys Switch, and then there is my niternet network.
Over the last 2 weeks I've started losing my internet connection for
hours at a time, including within my own internal network. Comcast
has come out multiple times and cannot find anything. However, get
this: If I unplug my Linux server from the network, I get internet
back almost immediately. Once I plug it back in things are good for a
while, then it happens again and if I unplug the server I get internet
back again........
Go figure??? Any suggestions on where to look?
That is almost as screwed up as I re-booted the server and got some
type of superblock error and a lost filesystem. In fact, it took
almost 10 minutes to boot and only 1 drive appeared instead of 2.
Tried to boot from the CD, would not see the CD drive. Swapped that
out and everything is perfect now, boots perfectly.
Go figure??? how can a CD drive cause that? And what about my
internet mystery?
Anyone have any ideas?
Thanks!!!
Robert Heller
I would guess some sort of intermitten hardware fault, possibly with
your motherboard. It is possible that you had a bad DVD-ROM drive that
screwed the IDE bus -- I had than happen on a Dell laptop -- the system
would boot, and then promptly start having strange disk DMA errors.
When I pulled out the DVD-Rom out (it was a front bay swapable (with
Floppy and/or second battery), everything was just fine. It appeared
that the DVD-Rom was screwing with the IDE DMA interface somehow.
>
> Thanks!!!
>
--
Robert Heller -- 978-544-6933
Deepwoods Software -- Download the Model Railroad System
http://www.deepsoft.com/ -- Binaries for Linux and MS-Windows
hel...@deepsoft.com -- http://www.deepsoft.com/ModelRailroadSystem/
Bill Marcum
>
>
>
> Ok, here is a real mystery. My setup is this: Modem from my ISP (in
> bridge mode). That connects to my Linksys Router, which connects to
> my Linksys Switch, and then there is my niternet network.
>
> Over the last 2 weeks I've started losing my internet connection for
> hours at a time, including within my own internal network. Comcast
> has come out multiple times and cannot find anything. However, get
> this: If I unplug my Linux server from the network, I get internet
> back almost immediately. Once I plug it back in things are good for a
> while, then it happens again and if I unplug the server I get internet
> back again........
>
network has the same IP or MAC address?
Baron
I've had routers go bad and kill the network. In fact I replaced an
ADSL router on Friday because of it killing the network card in the
only machine connected to it. I didn't realise it was the router until
I plugged the laptop in and couldn't get an address. All the lights on
both the machines and router were green, which should have indicated
everything was working.
Reseting the router by cycling the power made no difference as did doing
a hard reset with the button. There was just no way to access the
setup pages. A new router was an immediate cure.
--
Best Regards:
Baron.
The Natural Philosopher
fairly high level of technical ignorance in the poster..
If a machine on the network that shouldn't be involved in a connection
out screws it, the implication is its doing something like splattering
DHCP over everything and screwing up DHCP machines, or similar.
I lose internet in summer when I shut a cupboard door. Figure that one
out ;-)
a...@unsu.com
wrote:
>
> - Show quoted text -
Again, for the one who may not understand. I have an internal
network. Each device has its own IP. They are all connected to a
switch, which is connected to a router, which is connected to the
ISP's modem.
If the router went bad, it should not affect the internal network as
that never hits the router. The only time the router is hit is when
there is outgoing or incoming traffer from the internet. And, the
fact that everything on the internal network stops responding says it
is something on the inside........
And the fact that I pull that machine from the network and everything
works again says it is that machine causing the issue. Just not sure
what would cause that kind of network failure.
If the MB was bad, wouldn't the server crash, or have tons of errors
durnig operation? And even if it was, why kill the entire network??
Thanks!
Baron
Network Cards go bad as well ! They can and do, but in theory shouldn't
stop a network. Now you say you have a single machine that when
disconnected allows the network to resume, then the problem must lay
with that machine. In that case replace or fit a new network card and
re-test !
--
Best Regards:
Baron.
a...@unsu.com
>
> - Show quoted text -
Hahaha......built into the MB. Well, disable that and get a seperate
one I guess........
But it is kind of weird how it take screwing up my entire
network.......
The Natural Philosopher
DHCP not issued by the router?
> The only time the router is hit is when
> there is outgoing or incoming traffer from the internet.
Or when a IP network broadcast is sent. Or when a DHCP lease is requested..
> And, the
> fact that everything on the internal network stops responding says it
> is something on the inside........
>
> And the fact that I pull that machine from the network and everything
> works again says it is that machine causing the issue. Just not sure
> what would cause that kind of network failure.
>
Well by your own logic, that cant be happening cos its never 'hit' by
another machine connecting to the internet.
> If the MB was bad, wouldn't the server crash, or have tons of errors
> durnig operation? And even if it was, why kill the entire network??
>
Possibly because its e.g.the same IP address as the router? Or its
broadcasting a default route by RIP? Or its running a DNS service that
is named by the router as primary, that is borked..or its running a
competing DHCP service that is talking rubbish.,...or..or..
> Thanks!
>
>
>
>
The Natural Philosopher
Until you have pinned the problem down by inspecting all the IP
addresses, routes and netmasks and done some ping tests you can't even
begin to blame the hardware.
Maxwell Lol
> If the router went bad, it should not affect the internal network asa
> that never hits the router. The only time the router is hit is when
> there is outgoing or incoming traffer from the internet. And, the
> fact that everything on the internal network stops responding says it
> is something on the inside........
When you say "stop responding" - what exactly happens?
Can you ping IP addresses (using the number)?
Does traceroute show anything?
Is DNS failing?
Sometimes a router will "learn" the DNS server, and make mistakes. I
have a VPN over the router, and once that gets established, that
machine with the VPN uses a different route, name server, etc.
Baron
You probably won't need to disable the on board card. I would try first
without because I have had Windows machines refuse to see any added
network card after the on board one is disabled.
> But it is kind of weird how it take screwing up my entire
> network.......
Weirdness happens !
--
Best Regards:
Baron.
a...@unsu.com
Thanks for everyones help. Let me give you some more info on my
network.
It is a basic configuration:
The router is: 145.172.1.1
Windows Box: 145.172.1.100
Linux Box: 145.172.1.200
Backup Box: 145.172.1.300
Printer: 145.172.1.400
Everything goes into a switch. It is the switch that is connected to
the router.
Pretty simple. I do not know where to look. I just came home and had
no internet. I could not even ping anything on my own internal
network. Unhooked the Linux box, and got internet back....
Any suggestions on where to look? I'm lost here and it is SO
frustrating........
Thanks!
Lew Pitcher
wrote:
> On Apr 26, 7:06 am, Maxwell Lol <nos...@com.invalid> wrote:
>> a...@unsu.com writes:
>> > If the router went bad, it should not affect the internal network asa
>> > that never hits the router. The only time the router is hit is when
>> > there is outgoing or incoming traffer from the internet. And, the
>> > fact that everything on the internal network stops responding says it
>> > is something on the inside........
>>
>> When you say "stop responding" - what exactly happens?
>>
>> Can you ping IP addresses (using the number)?
>> Does traceroute show anything?
>> Is DNS failing?
>>
>> Sometimes a router will "learn" the DNS server, and make mistakes. I
>> have a VPN over the router, and once that gets established, that
>> machine with the VPN uses a different route, name server, etc.
>
> Thanks for everyones help. Let me give you some more info on my
> network.
>
> It is a basic configuration:
>
> The router is: 145.172.1.1
> Windows Box: 145.172.1.100
> Linux Box: 145.172.1.200
> Backup Box: 145.172.1.300
No, it isn't.
> Printer: 145.172.1.400
No, it isn't
Each of the four numbers in the "dotted quad" IP address is restricted to a
range of 0 to 255. No IP address can contain a number outside that range.
> Everything goes into a switch. It is the switch that is connected to
> the router.
>
> Pretty simple. I do not know where to look. I just came home and had
> no internet. I could not even ping anything on my own internal
> network. Unhooked the Linux box, and got internet back....
>
> Any suggestions on where to look? I'm lost here and it is SO
> frustrating........
Start off by telling us what you /really/ have. If you maintain that you use
impossible IP addresses, then I would suggest that the mechanism that
assigns or displays your IP addresses is faulty, and should be looked at
first.
If you concede that the IP addresses you gave us were fake, then ensure that
all your IP addresses fall into the same subnet, and that there are no
duplicates.
How did you assign the IP addresses to each of your devices? Are these
static IP addresses, or are they issued by DHCP? If DHCP, which box runs
the DHCP server (I'd suspect the router, but please confirm). Is there
anything special about the DHCP server (I.e., does it presume that all
clients are Microsoft Windows? Note that MSWindows "bends" the rules around
acquiring DHCP addresses, which can have repercussions elsewhere in your
network).
Do you run SAMBA on your Linux box? How is the SMB "server" beaconing set
up? Is SAMBA your PDC, or is the Windows box? PDC beaconing can flood
unprepared networks.
What diagnostics can you get from your router box? Does it provide logs?
Do you have an "intellegent" switch? If so, what do it's logs say?
Does the router or switch make ad-hoc changes to the LAN network speeds?
--
Lew Pitcher
Master Codewright & JOAT-in-training | Registered Linux User #112576
http://pitcher.digitalfreehold.ca/ | GPG public key available by request
---------- Slackware - Because I know what I'm doing. ------
a...@unsu.com
>
> - Show quoted text -
FOUND IT!!!! But do not know how to solve it.
I did a DMESG and found this error: ip_conntrack: table full
This seems to have started happening about the same time I added a
bunch of entries to my IPTABLES. So, why is it happening? And how
can I solve it, not mask it to prolong it??
Thanks!
John Hasler
145.172 belongs to SURFnet bv. Use one of the networks reserved for local
use:
10.x.x.x
172.16.x.x
or
192.168.x
--
John Hasler
jo...@dhh.gt.org
Dancing Horse Hill
Elmwood, WI USA
John Hasler
> This seems to have started happening about the same time I added a bunch
> of entries to my IPTABLES.
What entries? On the router, or somewhere else?
Lew Pitcher
wrote:
> On Apr 26, 11:59 am, a...@unsu.com wrote:
Your router runs IPTABLES? How do you know this? And how did you "do a
DMESG" on it?
If you mean that your Linux system runs IPTABLES, then why? Are you are
using IPTABLES to protect your Linux system only? Why don't you use a
router with a builtin firewall? How do you protect the other systems on
your network?
a...@unsu.com
> ---------- Slackware - Because I know what I'm doing. ------- Hide quoted text -
>
> - Show quoted text -
No, the IP numbers are on my internal network. The router connects to
the ISP's modem.....and the modem just acts as a pass through.
Bottom line is that my IP tables is not in the router. But it is on
the Linux box, I just used thatever IP tables commands:
iptables -I INPUT -s XXX.XXX.XXX.XXX/8 -j DROP
So, the problem seems to be with the additional I recently
made......what should I do?
The Natural Philosopher
> On Apr 26, 7:06 am, Maxwell Lol <nos...@com.invalid> wrote:
>> a...@unsu.com writes:
>>> If the router went bad, it should not affect the internal network asa
>>> that never hits the router. The only time the router is hit is when
>>> there is outgoing or incoming traffer from the internet. And, the
>>> fact that everything on the internal network stops responding says it
>>> is something on the inside........
>> When you say "stop responding" - what exactly happens?
>>
>> Can you ping IP addresses (using the number)?
>> Does traceroute show anything?
>> Is DNS failing?
>>
>> Sometimes a router will "learn" the DNS server, and make mistakes. I
>> have a VPN over the router, and once that gets established, that
>> machine with the VPN uses a different route, name server, etc.
>
> Thanks for everyones help. Let me give you some more info on my
> network.
>
> It is a basic configuration:
>
> The router is: 145.172.1.1
> Windows Box: 145.172.1.100
> Linux Box: 145.172.1.200
Ok..If Netherlands surfnet is your ISP., as these addresses belong to them..
> Backup Box: 145.172.1.300
> Printer: 145.172.1.400
> #
Are those two a joke?
They are not IP addresses..
> Everything goes into a switch. It is the switch that is connected to
> the router.
>
> Pretty simple. I do not know where to look. I just came home and had
> no internet. I could not even ping anything on my own internal
> network. Unhooked the Linux box, and got internet back....
>
> Any suggestions on where to look? I'm lost here and it is SO
> frustrating........
>
Start by giving the devices proper IP addresses.
Continue by establishing they can all ping each other
> Thanks!
>
>
The Natural Philosopher
No, 1 to 254.
.0 refers to the network, and .255 is a broadcast address! Assuming /24
netmask.
a...@unsu.com
wrote:
>
> - Show quoted text -- Hide quoted text -
>
> - Show quoted text -
For the internal network:
Router: 192.168.1.1
Linux box: 192.168.1.170
Backup Box: 192.168.1.180
Windows: 192.168.1.100
Printer: 192.168.1.120
Anyhow, this is related to the IP tables. It looks like I can
increase some value, but I'm afraid this is only a patch. Is there a
real fix?
a...@unsu.com
>
> - Show quoted text -
Ok, this looks like the patch:
net.ipv4.netfilter.ip_conntrack_max=16384
Now, what is the real fix? Do not use IP Tables?
The Natural Philosopher
I've only had to do it once., when the router didn't have a proper
firewall, and I wanted to open up some Linux ports for very controlled
access..what router IS it?
You aren't routing stuff THROUGH the linux are you? what are the default
routes on the kit..
Printer should not have one, windows linux and backup should be 192.168.1.1
try ipconfig on windows in a DOS shell, and route on the linux to print
em out
Lew Pitcher
(t...@invalid.invalid) wrote:
> Lew Pitcher wrote:
[snip]
>> Each of the four numbers in the "dotted quad" IP address is restricted to
>> a range of 0 to 255. No IP address can contain a number outside that
>> range.
>>
>
> No, 1 to 254.
> .0 refers to the network, and .255 is a broadcast address! Assuming /24
> netmask.
So, according to you, I cannot have an IP address of 10.0.255.0 ?
Or even an IP address of 10.0.0.255 even if I have a subnetmask of
255.255.254.0?
Methinks that you need to review your knowledge of IP fundamentals.
The Natural Philosopher
> On April 26, 2009 14:35, in comp.os.linux.misc, The Natural Philosopher
> (t...@invalid.invalid) wrote:
>
>> Lew Pitcher wrote:
> [snip]
>>> Each of the four numbers in the "dotted quad" IP address is restricted to
>>> a range of 0 to 255. No IP address can contain a number outside that
>>> range.
>>>
>> No, 1 to 254.
>> .0 refers to the network, and .255 is a broadcast address! Assuming /24
>> netmask.
>
> So, according to you, I cannot have an IP address of 10.0.255.0 ?
> Or even an IP address of 10.0.0.255 even if I have a subnetmask of
> 255.255.254.0?
>
> Methinks that you need to review your knowledge of IP fundamentals.
>
Methinks you need to review what I wrote:
"Assuming /24 netmask".
Whatever your netmask, if all the bits (not*) in it are set to one, its
a broadcast and BY DEFINITION all machines with the same netmask will
respond in some way.
*depending on whether you view your mask as the right most or left most
bits..
This makes the smallest subnet that is usable for two machines, 4 'real'
IP addresses.
Lew Pitcher
(t...@invalid.invalid) wrote:
> Lew Pitcher wrote:
>> On April 26, 2009 14:35, in comp.os.linux.misc, The Natural Philosopher
>> (t...@invalid.invalid) wrote:
>>
>>> Lew Pitcher wrote:
>> [snip]
>>>> Each of the four numbers in the "dotted quad" IP address is restricted
>>>> to a range of 0 to 255. No IP address can contain a number outside that
>>>> range.
>>>>
>>> No, 1 to 254.
>>> .0 refers to the network, and .255 is a broadcast address! Assuming /24
>>> netmask.
>>
>> So, according to you, I cannot have an IP address of 10.0.255.0 ?
>> Or even an IP address of 10.0.0.255 even if I have a subnetmask of
>> 255.255.254.0?
>>
>> Methinks that you need to review your knowledge of IP fundamentals.
>>
>
> Methinks you need to review what I wrote:
>
> "Assuming /24 netmask".
And, methinks that you need to reread what I originally wrote.
"Each of the four numbers in the "dotted quad" IP address is restricted
to a range of 0 to 255. No IP address can contain a number outside that
range."
I /did not/ say anything about netmask, nor about host vs network vs
broadcast IP addresses. I pointed out that .300 and .400 were impossible
values.
a...@unsu.com
>
> - Show quoted text -
Ok, well, I'm not a Unix guru, so maybe I am not understanding some
things. I was getting hit millions of times from basically the same
IP range, so I added them to my IPTABLES to prevent that. That is
when the issue started. My router is a Linksys 8 Port, and my switch
is a Linksys 16 port switch. Here is my ipconfig output. So, if I
am doing something wrong, what should I do? I want to prevent these
IP ranges from making a connection to my server.....and IPTABLES is
the only way I am aware of.......
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::25be:a870:e444:47d5%10
IPv4 Address. . . . . . . . . . . : 192.168.1.100
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
(I removed a couple of entries for my VPN into work, which has nothing
to do with this).
Thanks!
The Natural Philosopher
Who/what was getting hit? Unmless you are using the linux as a server
and have opened up port forwarding on the router, the only people who
can ' hit ' you are inside your own network..
The linksys does firewalling and error logging: start by getting that
set up properly.
If you want to use fixed IP addresses, make sure DHCP is OFF on the
router. Or at least set it up so it uses a range of addresses below the
ones you are using for the rest of the kit.
That is
> when the issue started. My router is a Linksys 8 Port, and my switch
> is a Linksys 16 port switch. Here is my ipconfig output. So, if I
> am doing something wrong, what should I do? I want to prevent these
> IP ranges from making a connection to my server.....and IPTABLES is
> the only way I am aware of.......
>
>
> Ethernet adapter Local Area Connection:
>
> Connection-specific DNS Suffix . :
> Link-local IPv6 Address . . . . . : fe80::25be:a870:e444:47d5%10
> IPv4 Address. . . . . . . . . . . : 192.168.1.100
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> Default Gateway . . . . . . . . . : 192.168.1.1
>
> (I removed a couple of entries for my VPN into work, which has nothing
> to do with this).
>
> Thanks!
Well thats OK. What do the other machines show?
a...@unsu.com
>
> - Show quoted text -- Hide quoted text -
>
> - Show quoted text -
Yes, my router has somne ports forwarded and the uniox box is a
server. I run my own mail server and web server. (probably should
have said this before).
D.Campagna
>
> Hahaha......built into the MB. Well, disable that and get a seperate
> one I guess........
>
> But it is kind of weird how it take screwing up my entire
> network.......
Network cards can do it (possibly only with super-economic routers...).
I had a very similar problem, and after hours of tests I solved with a 5
euro new network card.
There should be no problem in adding the new NIC and just plug in the
cable, but I think it is better to disable the onboard one, once with a
Slackware 12 and a PC with a couple of NIC's <no name><no brand> I had a
conflict, and the two were not able to wotk together...(another couple
of hours to investigate and another 5 euro... :-) )
HTH
D. Campagna