[vox-tech] Webserver Woes: Lost Packets

Chanoch (Ken) Bloom kbloom at gmail.com
Mon Oct 18 06:11:47 PDT 2010 

On Mon, 2010-10-18 at 00:34 -0400, Peter Salzman wrote:
> On Mon, Oct 18, 2010 at 12:18 AM, Chanoch (Ken) Bloom <kbloom at gmail.com> wrote:
> > On Mon, 2010-10-18 at 00:07 -0400, Peter Salzman wrote:
> >> On Sun, Oct 17, 2010 at 11:25 PM, Chanoch (Ken) Bloom <kbloom at gmail.com> wrote:
> >> > On Sun, 2010-10-17 at 22:18 -0400, Peter Salzman wrote:
> >> >> > Your apache configuration has nothing to do with a problem at this
> >> >> > level.
> >> >
> >> >> If it's not an Apache or firewall problem, then you should be able to
> >> >> connect to dirac.org.   Can you reach it?
> >> >
> >> > No, I can't.
> >> >
> >> > Here's some potentially relevant info:
> >> >
> >> > [bloom at cat-in-the-hat ~]$ dig dirac.org
> >> >
> >> > ; <<>> DiG 9.7.1-P2 <<>> dirac.org
> >> > ;; global options: +cmd
> >> > ;; Got answer:
> >> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17811
> >> > ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
> >> >
> >> > ;; QUESTION SECTION:
> >> > ;dirac.org.                     IN      A
> >> >
> >> > ;; ANSWER SECTION:
> >> > dirac.org.              3590    IN      A       24.189.162.69
> >> >
> >> > ;; Query time: 17 msec
> >> > ;; SERVER: 192.168.1.1#53(192.168.1.1)
> >> > ;; WHEN: Sun Oct 17 22:23:24 2010
> >> > ;; MSG SIZE  rcvd: 43
> >> >
> >> > [bloom at cat-in-the-hat ~]$ traceroute dirac.org
> >> > traceroute to dirac.org (24.189.162.69), 30 hops max, 60 byte packets
> >> >  1  DD-WRT (192.168.1.1)  0.969 ms  1.961 ms  2.354 ms
> >> >  2  24-148-9-1.arm-bsr1.chi-arm.il.cable.rcn.com (24.148.9.1)  12.839 ms  13.204 ms  13.440 ms
> >> >  3  mart-h1.chi-mart.il.cable.rcn.net (207.229.191.130)  14.296 ms  14.540 ms  14.768 ms
> >> >  4  tge3-1.border2.eqnx.il.rcn.net (207.172.19.159)  217.065 ms  217.437 ms  217.673 ms
> >> >  5  r1-ge9-0-0.in.chcgildt.cv.net (206.223.119.13)  19.001 ms  19.378 ms  19.611 ms
> >> >  6  64.15.1.6 (64.15.1.6)  44.633 ms  39.785 ms  40.078 ms
> >> >  7  64.15.5.137 (64.15.5.137)  45.814 ms  44.587 ms  41.395 ms
> >> >  8  ool-4353dd8e.dyn.optonline.net (67.83.221.142)  40.295 ms  45.014 ms  45.359 ms
> >> >  9  ubr101-ge1-0-0.cmts.nyk4ny.cv.net (67.83.221.171)  42.448 ms  42.691 ms  42.922 ms
> >> > 10  * * *
> >> > 11  * * *
> >>
> >>
> >> Well, it looks OK, I guess.  However, if I see the request coming in
> >> with tcpdump, yet Apache doesn't log the request, doesn't that point
> >> to some kind Apache misconfiguration?
> >
> > The traceroute stops somewhere before it ever reaches your dirac.org.
> > (or it *does* reach your machine, but the responses are getting eaten
> > somewhere in the middle.)
> >
> > So you need to get on the phone with your ISP.
> >
> > --Ken
> 
> 
> Not to belabor the point, but we know the packets are received by
> dirac.org because I see them with tcpdump.

Then something's dropping the packets that satan is sending as a
response, and it looks from the traceroute like it's the machine just
before ubr101-ge1-0-0.cmts.nyk4ny.cv.net. ("before" from your
perspective)

More information about the vox-tech mailing list