[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CVS 1.11 is now available
From: |
Greg A. Woods |
Subject: |
Re: CVS 1.11 is now available |
Date: |
Fri, 22 Sep 2000 02:19:33 -0400 (EDT) |
[ On Thursday, September 21, 2000 at 13:54:23 (-0700), Jason Williams wrote: ]
> Subject: Re: CVS 1.11 is now available
>
> > I'm having no end of trouble trying to "cvs update" in my working
> > directory checked out from the anonymous repository...
> >
> > This is as far as it's gone since 20:52 EST yesterday:
> >
> > 20:52 [28] $ cvs -q update
> > ? stamp-h2.in
> > ? contrib/change-metrics.awk
> > ? doc/add-proposal.txt
> > ? lib/getdate.tab.c
> > ? lib/getdate.h-JM+PE
> > ? lib/getdate.y-JM+PE
> > ? lib/getdate.y-OLD
> > ? lib/getdate.y-patch-eggert
> > ? lib/getdate.y-eggert
> >
> > I someone running Path-MTU-discovery behind a friggin firewall again?
>
> I am looking into this, but can't seem to get the same results from an
> anonymous remote connection to the repository? Is there something else I
> should be looking for? Or is anyone else seeing this?
You might want to run tcpdump at various strategic points on your
network and see if there's any traffic from my machine
(proven.weird.com), or related to it (eg. ICMP NeedsFrag replies from my
upstream router, walnut.planix.com). You might also try turning off
Path-MTU-discovery on the server too (you definitely have it turned on
-- I see the DF bit set in all packets received from there).
I'm watching a tcpdump on my local router right now from a fresh attempt
and it's happily spewing packets back and forth -- but it hasn't got to
the point where it tries to send a file yet....
At this point I'm almost 99.999% sure that there's a box somewhere
between and there which is filtering out the ICMP NeedsFrag replies my
upstream router is sending, and I'm about 90% sure that box is your
firewall.
Ah yes, here we are -- traffic suddenly stops flowing, probably right at
the point where your system's no doubt about to send me a big data
packet:
01:53:45.324426 208.184.89.19.2401 > 204.92.254.15.49468: P [tcp sum ok]
2176:2974(798) ack 2414998 win 31856 <nop,nop,timestamp 1278121888 9196085>
(DF) (ttl 50, id 51857)
01:53:45.328168 204.92.254.15.49468 > 208.184.89.19.2401: . [tcp sum ok] ack
728 win 17520 <nop,nop,timestamp 9196086 1278121882> (DF) (ttl 64, id 33682)
What's really interesting though is that your system seems to have a
non-standard 1400-byte MTU too. From my upstream router (i.e. beyond
any tunnel at my end) I can't get any more than 1372-byte pings to you.
The normal maximum for an Ethernet-connected host is 1472 (i.e. 1472
bytes data, 8-bytes ICMP header, and 20 bytes IP header for a total MTU
of 1500 bytes). Whatever it is that's shrinking your MTU isn't sending
NeedsFrag replies back either....
$ /sbin/ping -v -D -s 1372 208.184.89.19
PING apache.openave.net (208.184.89.19): 1372 data bytes
1380 bytes from 208.184.89.19: icmp_seq=0 ttl=115 time=99.183 ms
1380 bytes from 208.184.89.19: icmp_seq=1 ttl=115 time=99.906 ms
^?
----apache.openave.net PING Statistics----
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 99.183/99.544/99.906/0.511 ms
$ /sbin/ping -v -D -s 1373 208.184.89.19
PING apache.openave.net (208.184.89.19): 1373 data bytes
^?
----apache.openave.net PING Statistics----
6 packets transmitted, 0 packets received, 100.0% packet loss
$ /sbin/ping -v -s 1373 208.184.89.19
PING apache.openave.net (208.184.89.19): 1373 data bytes
^?
----apache.openave.net PING Statistics----
4 packets transmitted, 0 packets received, 100.0% packet loss
I have no major problems pinging your last visible router with 1472-byte
payloads though (from my upstream with DF and from my server without):
$ /sbin/ping -v -D -s 1472 208.184.102.100
PING sjc2-gige-main2.colo9.sjc2.above.net (208.184.102.100): 1472 data bytes
1480 bytes from 208.184.102.100: icmp_seq=1 ttl=246 time=483.789 ms
1480 bytes from 208.184.102.100: icmp_seq=2 ttl=246 time=476.127 ms
1480 bytes from 208.184.102.100: icmp_seq=3 ttl=246 time=476.679 ms
1480 bytes from 208.184.102.100: icmp_seq=4 ttl=246 time=477.262 ms
^?1480 bytes from 208.184.102.100: icmp_seq=5 ttl=246 time=477.791 ms
----sjc2-gige-main2.colo9.sjc2.above.net PING Statistics----
6 packets transmitted, 5 packets received, 16.7% packet loss
round-trip min/avg/max/stddev = 476.127/478.330/483.789/3.115 ms
Just for reference here's my traceroute to you (note that my immediate
upstream router does not appear since it plays tricks to route my
traffic on to wizard, though you may see either it or a double hop from
walnut on the way back):
# traceroute 208.184.89.19
traceroute to 208.184.89.19 (208.184.89.19), 30 hops max, 40 byte packets
1 isit.weird.com (204.92.254.6) 3.065 ms 2.889 ms 2.818 ms
2 wizard.planix.com (204.29.161.51) 36.043 ms 33.320 ms 29.248 ms
3 core1.mls.corelan.net (205.189.245.1) 206.414 ms 88.235 ms 488.392 ms
4 142.148.114.5 (142.148.114.5) 540.952 ms 413.675 ms 622.621 ms
5 core1.370.infoshare.net (205.189.240.2) 394.138 ms 342.251 ms 309.568 ms
6 207.35.184.189 (207.35.184.189) 171.320 ms 54.087 ms 59.861 ms
7 core1-toronto63-pos11-2.in.bellnexxia.net (206.108.98.9) 59.420 ms
231.383 ms 367.761 ms
8 bx1-chicago23-pos3-0.in.bellnexxia.net (206.108.98.42) 112.103 ms 67.005
ms 63.203 ms
9 abovenet-gw.bx1-chicago23-pos6-3.in.bellnexxia.net (206.108.108.230)
82.110 ms 80.208 ms 77.371 ms
10 sjc-ord-oc12.sjc2.above.net (207.126.96.118) 137.311 ms 132.423 ms
130.741 ms
11 main1.colo9-core1-oc12.sjc2.above.net (208.184.102.42) 130.145 ms 130.476
ms 134.370 ms
12 apache.openave.net (208.184.89.19) 139.696 ms 132.917 ms 147.644 ms
BTW, your DNS is rather screwed up in several places.
# host -A mail.openave.com
!!! mail.openave.com address 216.200.155.69 maps to ns2.openestate.net
# host -C openave.com
openave.com NS core.openave.com
Nameserver core.openave.com not running
openave.com SOA record not found at core.openave.com, try again
openave.com NS galvatron.openestate.net
ns1.openave.net jminard.openestate.net (2000091101 3600 600 864000 28800)
!!! openave.com SOA primary ns1.openave.net is not advertised via NS
# host -a core.openave.com
core.openave.com A 208.184.89.22
# host -A core.openave.com
!!! core.openave.com address 208.184.89.22 maps to www.openave.net
--
Greg A. Woods
+1 416 218-0098 VE3TCP <address@hidden> <robohack!woods>
Planix, Inc. <address@hidden>; Secrets of the Weird <address@hidden>
[Info-cvs] Re: CVS 1.11 is now available, Greg A. Woods, 2000/09/21