From owner-freebsd-questions@FreeBSD.ORG Tue Nov 21 02:27:26 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C35C716A412 for ; Tue, 21 Nov 2006 02:27:26 +0000 (UTC) (envelope-from pauls@utdallas.edu) Received: from mail.stovebolt.com (mail.stovebolt.com [66.221.101.249]) by mx1.FreeBSD.org (Postfix) with ESMTP id C361343D5A for ; Tue, 21 Nov 2006 02:27:04 +0000 (GMT) (envelope-from pauls@utdallas.edu) Received: from [192.168.2.102] (adsl-66-140-63-124.dsl.rcsntx.swbell.net [66.140.63.124]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.stovebolt.com (Postfix) with ESMTP id 846B3114307 for ; Mon, 20 Nov 2006 20:23:38 -0600 (CST) Date: Mon, 20 Nov 2006 20:26:59 -0600 From: Paul Schmehl To: UNIX - Questions Message-ID: X-Mailer: Mulberry/4.0.7b1 (Mac OS X) MIME-Version: 1.0 Content-Type: multipart/signed; micalg=sha1; protocol="application/pkcs7-signature"; boundary="==========139C45953D53D4F7084E==========" X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Totally stumped - very long post X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Nov 2006 02:27:26 -0000 --==========139C45953D53D4F7084E========== Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline I have a problem the likes of which I've never seen before, and I'm=20 totally stumped. For some reason, I cannot load this webpage -=20 http://www.stovebolt.com/ - from my Mac at home. I'm not having trouble=20 with any other page except this one (that I know of.) Even weirder, I=20 can't ssh to this server either. The server is a Dell 1950 running an=20 Intel processor, FreeBSD 6.1 RELEASE and a GENERIC kernel. - FreeBSD=20 www.stovebolt.com 6.1-RELEASE-p10 FreeBSD 6.1-RELEASE-p10 #2: Mon Oct 16=20 15:38:02 CDT 2006 root@www.stovebolt.com:/usr/obj/usr/src/sys/GENERIC=20 i386 I can load this page just fine - https://webmail.stovebolt.com/ - and I=20 can ssh to that server with no problem. The IPs are *one* address away -=20 66.221.101.248 in the former case and 66.221.101.249 in the latter case.=20 What's more, if I ssh to the latter, I can ssh *from that server* to the=20 former with no problem at all. Yet, from work, I'm having no problems loading the webpage or sshing to=20 the former server. I can start an X session from my work computer back to = this Mac and load the page fine and ssh to the server fine at the *exact*=20 same time that I can't load the page here. (I'm doing it right now.) I've done tons of traceroutes from numerous servers listed at=20 geektools.com. I've sshed to other servers and then telneted to port 80=20 and loaded the page manually with no problem. I've tried loading the page = in two different browsers at home (Safari and Firefox) and I've tried=20 loading it using the IP thinking it might be some sort of weird DNS=20 problem. All attempts to load the page fail. Here's a traceroute from the server to my workstation at work: traceroute utd59514.utdallas.edu traceroute to utd59514.utdallas.edu (129.110.3.28), 64 hops max, 40 byte=20 packets 1 vl25-core1.cdc01.propgation.net (66.221.96.1) 1.019 ms 45.813 ms=20 2.510 ms 2 dls-bb1-link.telia.net (213.248.76.17) 31.179 ms 30.894 ms 31.027 = ms 3 ge-6-14.car4.Dallas1.Level3.net (4.68.111.233) 2.800 ms 2.186 ms=20 1.743 ms 4 ae-12-53.car2.Dallas1.Level3.net (4.68.122.78) 2.066 ms ae-22-52.car2.Dallas1.Level3.net (4.68.122.46) 2.139 ms ae-22-56.car2.Dallas1.Level3.net (4.68.122.174) 2.308 ms 5 te-4-4.wch010.dllstx2.Level3.net (4.68.110.10) 2.945 ms te-7-4.wch010.dllstx2.Level3.net (4.68.110.14) 2.689 ms te-4-4.wch010.dllstx2.Level3.net (4.68.110.10) 2.215 ms 6 dllstx2wcx2-univ-of-texas-5-0-0.wcg.net (64.200.204.38) 2.948 ms=20 3.040 ms 2.644 ms 7 utd-ntg-gw1.northtexasgigapop.org (206.223.141.74) 2.879 ms 2.763 ms = 2.870 ms 8 deputy2-ge-2-0-0.utdallas.edu (129.110.5.71) 3.058 ms 3.040 ms=20 2.933 ms And here's a traceroute from getnet to the server: FROM getnet.net TO 66.221.101.248. traceroute to 66.221.101.248 (66.221.101.248), 30 hops max, 40 byte = packets 1 phnx-core-7513.getnet.net (216.19.223.1) 0.589 ms 0.448 ms 0.595=20 ms 2 phnx-core-7513.getnet.net (216.19.201.247) 0.662 ms 0.483 ms=20 0.595 ms 3 phnx-core2-7513.getnet.net (216.19.201.248) 74.589 ms 73.800 ms=20 73.578 ms 4 s1-0.ca01.phx01.atlas.cogentco.com (38.112.7.25) 1.353 ms 1.316 ms=20 1.485 ms 5 s2-0.core02.lax01.atlas.cogentco.com (154.54.2.5) 12.704 ms 12.419=20 ms 13.535 ms 6 p12-0.core01.lax01.atlas.cogentco.com (66.28.4.241) 13.777 ms=20 13.538 ms 12.872 ms 7 t9-3.mpd01.lax01.atlas.cogentco.com (154.54.1.34) 13.677 ms 13.171=20 ms 13.496 ms 8 t3-2.mpd01.lax05.atlas.cogentco.com (154.54.6.190) 12.807 ms 12.628 = ms 13.909 ms 9 g0-0-0.core01.lax05.atlas.cogentco.com (154.54.6.185) 15.261 ms=20 15.100 ms 15.394 ms 10 bpr4-ge-6-1-0.losangelesequinix.savvis.net (208.174.196.105) 16.789=20 ms 19.255 ms 21.610 ms 11 dcr2-so-4-2-0.losangeles.savvis.net (208.174.196.70) 22.094 ms=20 27.473 ms 20.118 ms 12 dcr1-so-2-0-0.dallas.savvis.net (204.70.192.85) 43.248 ms=20 dcr1-as0-0.LosAngeles.savvis.net (204.70.192.117) 18.751 ms 18.014 ms 13 dcr2-so-3-3-0.dallas.savvis.net (204.70.192.246) 41.089 ms 40.079=20 ms bcr1-so-0-0-0.Dallas.savvis.net (204.70.193.9) 39.066 ms 14 208.172.130.130 (208.172.130.130) 39.433 ms=20 bcr1-so-1-0-0.Dallas.savvis.net (204.70.193.17) 39.721 ms 40.575 ms 15 gi1-1-core1.cdc01.propgation.net (64.182.192.5) 65.455 ms 64.214 ms = 53.565 ms 16 www.stovebolt.com (66.221.101.248) 41.602 ms=20 5-192-182-64.cust.propagation.net (64.182.192.5) 60.961 ms 61.391 ms Now here's a traceroute from the server to my Mac at home (actually to the = IP of the dsl router: traceroute 66.140.63.124 traceroute to 66.140.63.124 (66.140.63.124), 64 hops max, 40 byte packets 1 * * * traceroute: sendto: Host is down 2 traceroute: wrote 66.140.63.124 40 chars, ret=3D-1 *traceroute: sendto: Host is down traceroute: wrote 66.140.63.124 40 chars, ret=3D-1 (Trust me, the host isn't down. I'm doing this on it right now.) Here's a traceroute from socket.com to my Mac: traceroute to adsl-66-140-63-124.dsl.rcsntx.swbell.net (66.140.63.124), 30 = hops max, 40 byte packets 1 fw1.como.socket.net (216.106.88.148) 0.647 ms 0.809 ms 0.503 ms 2 rtr1.como.socket.net (216.106.2.1) 1.113 ms 1.141 ms 1.072 ms 3 hdlc.kcmo-como.socket.net (216.106.23.70) 5.751 ms 4.144 ms 3.561 = ms 4 atm1-gw2.kcmo.socket.net (216.106.6.94) 4.433 ms 4.783 ms 4.377 ms 5 67.17.194.229 (67.17.194.229) 4.393 ms 4.715 ms 4.427 ms 6 * And here's one from mit to my Mac: 1 W92-RTR-1-W92SRV21.MIT.EDU (18.7.21.1) 0.521 ms 0.342 ms 0.470 ms 2 EXTERNAL-RTR-2-BACKBONE.MIT.EDU (18.168.0.27) 123.856 ms 1.084 ms=20 14.171 ms 3 EXTERNAL-RTR-1-BACKBONE.MIT.EDU (18.168.0.18) 2.092 ms 1.869 ms=20 1.633 ms 4 ge-6-23.car2.Boston1.Level3.net (4.79.2.1) 2.089 ms 1.069 ms 1.491=20 ms 5 * * ae-5-5.ebr1.NewYork1.Level3.net (4.69.132.250) 8.040 ms 6 ae-3.ebr1.Washington1.Level3.net (4.69.132.89) 21.894 ms * * 7 ae-14-51.car4.Washington1.Level3.net (4.68.121.17) 11.715 ms=20 ae-14-53.car4.Washington1.Level3.net (4.68.121.81) 55.824 ms=20 ae-14-55.car4.Washington1.Level3.net (4.68.121.145) 11.797 ms 8 asn3356-level3.eqabva.sbcglobal.net (4.68.111.186) 33.169 ms 11.193=20 ms 11.448 ms 9 bb1-p2-1.rcsntx.sbcglobal.net (151.164.42.179) 198.474 ms 90.350 ms=20 260.199 ms 10 dist1.10g1-2.rcsntx.sbcglobal.net (151.164.243.182) 56.167 ms 58.665 = ms 58.920 ms 11 bras1-ga9-0.rcsntx.sbcglobal.net (151.164.162.87) 60.344 ms 59.367=20 ms 58.268 ms 12 * * * 13 * * * Top on this server looks fine: last pid: 80367; load averages: 0.15,=20 0.12, 0.11 up=20 35+04:14:31 19:28:31 78 processes: 1 running, 77 sleeping CPU states: 0.0% user, 0.0% nice, 0.8% system, 0.4% interrupt, 98.9%=20 idle Mem: 89M Active, 1445M Inact, 216M Wired, 87M Cache, 112M Buf, 165M Free Swap: 1120K Total, 1120K Free There's plenty of child processes running: root 53132 0.0 0.4 15304=20 9264 ?? Ss Sun06PM 0:02.40 /usr/local/sbin/httpd -DSSL www 53133 0.0 0.5 15668 9648 ?? S Sun06PM 0:04.15=20 /usr/local/sbin/httpd -DSSL www 53134 0.0 0.5 15536 9548 ?? S Sun06PM 0:04.03=20 /usr/local/sbin/httpd -DSSL www 53135 0.0 0.5 15660 9644 ?? S Sun06PM 0:04.08=20 /usr/local/sbin/httpd -DSSL www 53136 0.0 0.5 15636 9604 ?? S Sun06PM 0:04.00=20 /usr/local/sbin/httpd -DSSL www 53137 0.0 0.5 15572 9572 ?? S Sun06PM 0:04.01=20 /usr/local/sbin/httpd -DSSL www 53138 0.0 0.5 15540 9540 ?? S Sun06PM 0:04.02=20 /usr/local/sbin/httpd -DSSL www 53139 0.0 0.5 15628 9612 ?? S Sun06PM 0:03.99=20 /usr/local/sbin/httpd -DSSL www 53140 0.0 0.5 15560 9568 ?? S Sun06PM 0:04.11=20 /usr/local/sbin/httpd -DSSL www 53141 0.0 0.5 15548 9548 ?? S Sun06PM 0:03.96=20 /usr/local/sbin/httpd -DSSL www 53142 0.0 0.5 15536 9552 ?? S Sun06PM 0:04.03=20 /usr/local/sbin/httpd -DSSL www 53143 0.0 0.5 15536 9552 ?? S Sun06PM 0:04.02=20 /usr/local/sbin/httpd -DSSL www 53144 0.0 0.5 15628 9600 ?? S Sun06PM 0:04.01=20 /usr/local/sbin/httpd -DSSL www 53145 0.0 0.5 15552 9596 ?? S Sun06PM 0:03.97=20 /usr/local/sbin/httpd -DSSL www 53146 0.0 0.5 15648 9644 ?? S Sun06PM 0:04.10=20 /usr/local/sbin/httpd -DSSL www 53147 0.0 0.5 15692 9664 ?? S Sun06PM 0:04.03=20 /usr/local/sbin/httpd -DSSL www 53157 0.0 0.5 15528 9536 ?? I Sun06PM 0:04.06=20 /usr/local/sbin/httpd -DSSL www 53162 0.0 0.5 15588 9608 ?? S Sun06PM 0:04.13=20 /usr/local/sbin/httpd -DSSL www 53163 0.0 0.5 15640 9600 ?? S Sun06PM 0:04.03=20 /usr/local/sbin/httpd -DSSL www 53164 0.0 0.5 15624 9608 ?? S Sun06PM 0:03.96=20 /usr/local/sbin/httpd -DSSL www 53166 0.0 0.5 15640 9616 ?? S Sun06PM 0:04.20=20 /usr/local/sbin/httpd -DSSL www 53173 0.0 0.5 15548 9560 ?? S Sun06PM 0:04.12=20 /usr/local/sbin/httpd -DSSL www 53175 0.0 0.5 15560 9564 ?? S Sun06PM 0:04.08=20 /usr/local/sbin/httpd -DSSL www 53176 0.0 0.5 15552 9556 ?? S Sun06PM 0:04.25=20 /usr/local/sbin/httpd -DSSL www 53181 0.0 0.5 15552 9592 ?? S Sun06PM 0:04.13=20 /usr/local/sbin/httpd -DSSL www 53183 0.0 0.5 15552 9596 ?? S Sun06PM 0:04.18=20 /usr/local/sbin/httpd -DSSL www 53184 0.0 0.5 15560 9560 ?? S Sun06PM 0:03.95=20 /usr/local/sbin/httpd -DSSL www 53191 0.0 0.5 15524 9540 ?? S Sun06PM 0:04.12=20 /usr/local/sbin/httpd -DSSL www 53195 0.0 0.5 15604 9592 ?? S Sun06PM 0:04.04=20 /usr/local/sbin/httpd -DSSL www 53196 0.0 0.5 15576 9616 ?? S Sun06PM 0:04.06=20 /usr/local/sbin/httpd -DSSL www 53207 0.0 0.5 15568 9604 ?? S Sun06PM 0:04.00=20 /usr/local/sbin/httpd -DSSL www 53208 0.0 0.5 15676 9652 ?? S Sun06PM 0:04.17=20 /usr/local/sbin/httpd -DSSL www 53209 0.0 0.5 15636 9612 ?? S Sun06PM 0:04.24=20 /usr/local/sbin/httpd -DSSL www 53219 0.0 0.5 15628 9624 ?? S Sun06PM 0:03.94=20 /usr/local/sbin/httpd -DSSL www 53221 0.0 0.5 15624 9620 ?? S Sun06PM 0:03.90=20 /usr/local/sbin/httpd -DSSL www 53222 0.0 0.5 15672 9640 ?? S Sun06PM 0:04.07=20 /usr/local/sbin/httpd -DSSL www 53252 0.0 0.5 15640 9616 ?? S Sun06PM 0:04.19=20 /usr/local/sbin/httpd -DSSL www 53253 0.0 0.5 15656 9668 ?? S Sun06PM 0:04.00=20 /usr/local/sbin/httpd -DSSL www 53254 0.0 0.5 15568 9600 ?? S Sun06PM 0:04.04=20 /usr/local/sbin/httpd -DSSL www 53261 0.0 0.5 15648 9620 ?? S Sun06PM 0:04.28=20 /usr/local/sbin/httpd -DSSL www 53270 0.0 0.5 15576 9588 ?? S Sun06PM 0:03.91=20 /usr/local/sbin/httpd -DSSL www 76140 0.0 0.5 15524 9524 ?? S 4:47PM 0:00.68=20 /usr/local/sbin/httpd -DSSL www 79449 0.0 0.5 15548 9540 ?? S 6:50PM 0:00.18=20 /usr/local/sbin/httpd -DSSL www 79453 0.0 0.5 15540 9532 ?? S 6:50PM 0:00.19=20 /usr/local/sbin/httpd -DSSL I've only had one complaint from a user who can't seem to access the site, = but I've also noticed that the site stats show a slight decrease from=20 previous weeks (which could easily be upcoming-holiday related.) So I=20 don't know if this is a problem on the server or something weird on this=20 Mac or something strange on the internet. If anyone has any brilliant insights as to what could cause this, please=20 let me know. Paul Schmehl (pauls@utdallas.edu) Senior Information Security Analyst The University of Texas at Dallas http://www.utdallas.edu/ir/security/ --==========139C45953D53D4F7084E==========--