RE: Problem accessing some https sites

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2007-01-31 at 09:00 -0600, Styma, Robert E (Robert) wrote:
>  > > > The usual suspects are javascript, flash, activeX.  I'd 
> > start by checking
> > > > javascript settings.  Oh yes, and some such sites need 
> > popups available.
> > > >
> One more thing to try.  cd to /tmp and do a wget on the URL
> to the site that hangs.  See if it hangs in wget.  This could
> eliminate some possibilites.
> 
> This is similar to a problem I have been chasing for some time.
> On a friends FC6 machine, they cannot access a particular site which
> is not https (normal http).  It just hangs and times out.
> I can get to the site fine from my FC6 machine.  I ran ethereal (wire
> shark)
> on each machine and then did a wget of the URL.  On the failing machine,
> 14 of about 22 blocks of data came across and then the site just stops
> sending data.  The Windows machine on the same router can get through
> fine
> but the FC4 machine on the same router has the same problem at the FC6
> machine.
> 
> My next plan is to drag a different make of router over there and
> configure
> it to have the same mac address as the original and swap it in.  If that
> does
> not tell me anything, then I am running out of ideas.
> 

Your problem sounds definitely like a tcp-window problem.  Particularly
the receiving of some packets and then just not getting any more....
Somewhere in the path between your FC6 machine and the remote site there
is an "ill-behaved" router.  It may not be the one at your location, but
rather one somewhere else in the path to the remote site....

As someone else pointed out in this thread, you want to adjust one
kernel parameter by adding a line to /etc/sysctl.conf:

net.ipv4.tcp_window_scaling = 0

Then after saving the file run,

sysctl -p

Then try to navigate freshly to the site and see if things
improve.... :-)  Apparently we turned on a more aggressive form of the
algorithm a few kernel releases ago and it is pointing out some
"failings" of some routers in the world who are not following spec....

Theoretically, you might get poorer performance with some sites that
would allow a larger tcp-window, but I don't think you'll probably
notice other than on some large file transfers....

I travel a lot and find myself having to do this in certain "hotels"....

--Rob



[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux