can't access several sites since using dd-wrt

Post new topic   Reply to topic    DD-WRT Forum Index -> X86 based Hardware
Author Message
Pascal.P
DD-WRT Novice


Joined: 03 Nov 2008
Posts: 3

PostPosted: Mon Nov 03, 2008 11:02    Post subject: can't access several sites since using dd-wrt Reply with quote
Hi,

Last weekend, I installed an Alix-based router with DD-WRT v24 sp1 in our company. It replaces an old full-size Linux server used as a router.

I got it up and running in no time, but there is a problem... I can't access several sites via http, and overall access time is slow. DNS is okay, I can nslookup every address in question.

for example, microsoft.com:

When I try to open it in Firefox, it stays at 'waiting for microsoft.com'. It shows no error message, tough.




Code:
C:\Users\ppe>nslookup microsoft.com
Server:  calypso.fteu.lan
Address:  192.168.100.5

Nicht-autorisierende Antwort:
Name:    microsoft.com
Addresses:  207.46.232.182
          207.46.197.32


Code:
C:\Users\ppe>tracert microsoft.com

Routenverfolgung zu microsoft.com [207.46.232.182] über maximal 30 Abschnitte:

  1    <1 ms    <1 ms    <1 ms  192.168.100.3
  2    46 ms    46 ms    47 ms  host-77-244-96-2.intrapark.net [77.244.96.2]
  3    47 ms    46 ms    46 ms  067-097-244-077.ip-addr.inexio.net [77.244.97.67
]
  4    55 ms    49 ms    48 ms  78.141.176.1
  5    48 ms    47 ms    48 ms  ge-3-1-1.fra20.ip.tiscali.net [213.200.64.57]
  6   140 ms   141 ms   141 ms  xe-2-0-0.was12.ip.tiscali.net [89.149.185.9]
  7   141 ms   141 ms   141 ms  213.200.66.134
  8   140 ms   140 ms   141 ms  207.46.41.61
  9   142 ms   143 ms   142 ms  ge-7-1-0-0.blu-64c-1b.ntwk.msn.net [207.46.33.10
]
 10   212 ms   211 ms   211 ms  ge-7-1-0-0.wst-64cb-1b.ntwk.msn.net [207.46.34.1
77]
 11   212 ms   212 ms   211 ms  ge-6-1-0-0.tuk-64cb-1b.ntwk.msn.net [207.46.35.3
3]
 12   211 ms   211 ms   212 ms  ten1-2.tuk-76c-1a.ntwk.msn.net [207.46.44.50]
 13   211 ms   211 ms   211 ms  po15.tuk-65ns-mcs-1a.ntwk.msn.net [207.46.35.138
]
 14     *        *        *     Zeitüberschreitung der Anforderung.
 15     *        *        *     Zeitüberschreitung der Anforderung.
 16     *


as you can see, the traceroute fails.
Pinging also fails.


May there be a problem with dd-wrt? I don't think that there is a problem with my ISP exactly the same time I change routers.

I already tried disabling the SPI firewall, no success. Other access restrictions are not in place.

Thanks,
Pascal
Sponsor
Sash
DD-WRT Guru


Joined: 20 Sep 2006
Posts: 17619
Location: Hesse/Germany

PostPosted: Mon Nov 03, 2008 18:00    Post subject: Reply with quote
try other dns servers
_________________
Forum Guidelines...How to get help
&
Forum Rules
&
RTFM/STFW
&
Throw some buzzwords into the WIKI search Exclamation
_________________
I'm NOT rude, just offer pure facts!
_________________
Atheros (TP-Link & Clones, etc ) debrick service in EU
_________________
Guide on HowTo be Safe, Secure and Protect Your Online Anonymity!
campigenus
DD-WRT Guru


Joined: 01 Apr 2007
Posts: 520

PostPosted: Mon Nov 03, 2008 19:37    Post subject: Reply with quote
If you have a PPPOE connection it could be a MTU size issue.
_________________
"You think you´re real smart. But you´re not smart; you´re dumb. Very dumb. But you´ve met your match in me. "
Colonel Flagg
Pascal.P
DD-WRT Novice


Joined: 03 Nov 2008
Posts: 3

PostPosted: Tue Nov 04, 2008 10:26    Post subject: Reply with quote
I tried different DNS servers. Both as forwarder in our company server, and directly on the clients. But this isn't the issue, as nslookup clearly works.

Yes, it's a PPPOE connection. I didn't touch the MTU settings; it's still default 1492. Shall I try setting it to 'automatic'?
bjoeg
DD-WRT User


Joined: 26 May 2008
Posts: 416

PostPosted: Tue Nov 04, 2008 10:59    Post subject: Re: can't access several sites since using dd-wrt Reply with quote
Pascal.P wrote:
as you can see, the traceroute fails.
Pinging also fails.


That traceroute and ping fails, does not mean something is wrong.

In you posted traceroute, you can easily see replies from routers on the internet. After hop 14 it may just mean the routers have ICMP reply disabled.

Did you remember to do the 30/30/30 reset after installation of DD-WRT?
marko
DD-WRT User


Joined: 05 Aug 2006
Posts: 66

PostPosted: Tue Nov 04, 2008 11:19    Post subject: Reply with quote
Is there a reset button? Rolling Eyes
Pascal.P
DD-WRT Novice


Joined: 03 Nov 2008
Posts: 3

PostPosted: Tue Nov 04, 2008 11:22    Post subject: Reply with quote
As I said, it's an Alix X86 board. Resetting doesn't help.

And it's not only that the traceroute fails; the sites itself aren't accessible in the browser.
bjoeg
DD-WRT User


Joined: 26 May 2008
Posts: 416

PostPosted: Tue Nov 04, 2008 12:19    Post subject: Reply with quote
Let me repeat that again. Traceroute does not fail, your traceroute simply shows routers at hop 14 and beyond not replying to ICMP.

Your router CAN access internet, since you get ICMP replies from MSN.net. It is simply http (so far) that does not work.

And that is why I am hinting if you reset the config after installing dd-wrt. You can also do this by commandline.
http://www.dd-wrt.com/wiki/index.php/Hard_reset_or_30/30/30
Galne
DD-WRT Novice


Joined: 18 Feb 2008
Posts: 12
Location: Sweden

PostPosted: Tue Nov 04, 2008 14:40    Post subject: Reply with quote
It seams like you have a ver long answer time from your ISP in the traceroute. A normal tima should be about 2-3 ms not 46 ms, every answer should then increase 0-3 ms per routerjump.

I think you should check de communication betwen yor dd-wrt router and your ISPs equipment.

_________________
__________________________________
Using dd-wrt on WRT54GL and x86

Henrik resident in Sweden
http://www.galne.se
olmari
DD-WRT Guru


Joined: 24 Oct 2006
Posts: 1447
Location: Finland

PostPosted: Tue Nov 04, 2008 22:18    Post subject: Reply with quote
I know I have seen similar problem exactly relating to wrong MTU value.

Normally with PPPoE 1492 is the correct value but with some ISPs this varies... If you don't know correct value then you can tey testing it with trial & error, set it to say 1500 first, test can you get into site now, then increase it to 1600 and try again, so on until you have found the highest value you can still reach the site you can't currently...

While it might not be MTU value I do know this is exactly what I have seen before.

Galne wrote:
It seams like you have a ver long answer time from your ISP in the traceroute. A normal tima should be about 2-3 ms not 46 ms, every answer should then increase 0-3 ms per routerjump.

I think you should check de communication betwen yor dd-wrt router and your ISPs equipment.


Now these times depends totally on nodes in between... Nothing says next hop will take 3ms more...
bjoeg
DD-WRT User


Joined: 26 May 2008
Posts: 416

PostPosted: Wed Nov 05, 2008 7:55    Post subject: Reply with quote
olmari wrote:
I know I have seen similar problem exactly relating to wrong MTU value.

Normally with PPPoE 1492 is the correct value but with some ISPs this varies... If you don't know correct value then you can tey testing it with trial & error, set it to say 1500 first, test can you get into site now, then increase it to 1600 and try again, so on until you have found the highest value you can still reach the site you can't currently...


You mean lowering it?

Default for Ethernet is 1500 and it may be higher when using jumboframes (Gigabit and 10Gigabit), but if his ISP requires higher than 1500 every customer at that ISP would have difficulties.

Smaller MTU simply means more non-fragmented packets.
olmari
DD-WRT Guru


Joined: 24 Oct 2006
Posts: 1447
Location: Finland

PostPosted: Wed Nov 05, 2008 8:00    Post subject: Reply with quote
bjoeg wrote:
You mean lowering it?

Default for Ethernet is 1500


Indeed, my bad. I did meant to lower it, I did throw the example value at random, ofcourse it needs to be lower than the 1500 or 1492 PPPoE default, like say 1300 and try from that...

bjoeg wrote:
Smaller MTU simply means more non-fragmented packets.


Whatever it is technically, practically this is still just the case I have seen many times before, some operators just need to have some odd MTU value instead of "default maximum" which is that 1492 for PPPoE...
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> X86 based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum