From owner-freebsd-questions@FreeBSD.ORG Tue Nov 21 05:52:54 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 2922016A47C for ; Tue, 21 Nov 2006 05:52:54 +0000 (UTC) (envelope-from pauls@utdallas.edu) Received: from mail.stovebolt.com (mail.stovebolt.com [66.221.101.249]) by mx1.FreeBSD.org (Postfix) with ESMTP id 886E743D58 for ; Tue, 21 Nov 2006 05:52:25 +0000 (GMT) (envelope-from pauls@utdallas.edu) Received: from [192.168.2.102] (adsl-66-140-63-124.dsl.rcsntx.swbell.net [66.140.63.124]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.stovebolt.com (Postfix) with ESMTP id 617A4114307 for ; Mon, 20 Nov 2006 23:49:01 -0600 (CST) Date: Mon, 20 Nov 2006 23:52:21 -0600 From: Paul Schmehl To: UNIX - Questions Message-ID: <2A97A175E0A3D7A039D1AA98@paul-schmehls-powerbook59.local> In-Reply-To: References: X-Mailer: Mulberry/4.0.7b1 (Mac OS X) MIME-Version: 1.0 Content-Type: multipart/signed; micalg=sha1; protocol="application/pkcs7-signature"; boundary="==========9C7F9800B63009A259F0==========" X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Re: Totally stumped - very long post X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Nov 2006 05:52:54 -0000 --==========9C7F9800B63009A259F0========== Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline --On November 20, 2006 7:49:23 PM -0700 Dan Busarow = wrote: > > Well you don't need to worry about it being a problem with your Mac. > The traceroute isn't even making one hop. What's your routing table on > the server look like? Any ipfw/ipf rules? > I checked on the Windows box, and the pages behave the same way there, so=20 it's definitely not the Mac. No firewall running on the server, so it's not that. Here's the routing table: netstat -rW Routing tables Internet: Destination Gateway Flags=20 Refs Use Mtu Netif Expire default vl25-core1.cdc01.propgation.net UGS=20 0 98905056 1500 bce0 66 link#1 UC=20 0 0 1500 bce0 cpe-66-25-12-203.houston.res.rr.com link#1 UHLW=20 1 2 1500 bce0 66.221.96/19 link#1 UC=20 0 0 1500 bce0 vl25-core1.cdc01.propgation.net 00:09:44:d4:c8:0a UHLW=20 2 0 1500 bce0 1200 www 00:13:72:fb:2a:ad UHLW=20 1 56 1500 lo0 mail 00:c0:9f:0a:ef:a7 UHLW=20 1 686 1500 bce0 771 66.221.101.250/32 link#1 UC=20 0 0 1500 bce0 www.fieldoftrees.com 00:13:72:fb:2a:ad UHLW=20 1 4 1500 lo0 crawl-66-249-66-35.googlebot.com link#1 UHLW=20 1 22 1500 bce0 localhost localhost UH=20 0 0 16384 lo0 Internet6: Destination Gateway Flags Refs=20 Use Mtu Netif Expire localhost.stovebolt.com localhost.stovebolt.com UH 0=20 0 16384 lo0 fe80::%bce0 link#1 UC 0=20 0 1500 bce0 fe80::213:72ff:fefb:2aad%bce0 00:13:72:fb:2a:ad UHL 0=20 0 1500 lo0 fe80::%lo0 fe80::1%lo0 U 0=20 0 16384 lo0 fe80::1%lo0 fe80::1%lo0 UHL 0=20 0 16384 lo0 ff01:1:: link#1 UC 0=20 0 1500 bce0 ff01:3:: localhost.stovebolt.com UC 0=20 0 16384 lo0 ff02::%bce0 link#1 UC 0=20 0 1500 bce0 ff02::%lo0 localhost.stovebolt.com UC 0=20 0 16384 lo0 Here's two traceroutes from the server: traceroute www.yahoo.com traceroute to www.yahoo-ht2.akadns.net (209.191.93.52), 64 hops max, 40=20 byte packets 1 vl25-core1.cdc01.propgation.net (66.221.96.1) 0.772 ms 17.661 ms=20 1.337 ms 2 dls-bb1-link.telia.net (213.248.76.17) 24.609 ms 24.603 ms 24.432 = ms 3 ge-6-14.car4.Dallas1.Level3.net (4.68.111.233) 1.495 ms * 1.400 ms 4 ae-11-55.car1.Dallas1.Level3.net (4.68.122.141) 1.896 ms ae-21-56.car1.Dallas1.Level3.net (4.68.122.173) 1.996 ms ae-21-52.car1.Dallas1.Level3.net (4.68.122.45) 1.950 ms 5 4.79.180.2 (4.79.180.2) 1.822 ms 2.321 ms 1.864 ms 6 ge-0-1-0-p130.msr2.mud.yahoo.com (216.115.104.85) 3.220 ms ge-1-1-0-p120.msr1.mud.yahoo.com (216.115.104.89) 3.258 ms ge-0-1-0-p130.msr2.mud.yahoo.com (216.115.104.85) 5.279 ms 7 te-8-1.bas-c1.mud.yahoo.com (68.142.193.5) 3.674 ms te-9-1.bas-c1.mud.yahoo.com (68.142.193.9) 3.312 ms te-8-1.bas-c1.mud.yahoo.com (68.142.193.5) 3.314 ms 8 * *^C [root@www ~]# traceroute 66.140.63.124 traceroute to 66.140.63.124 (66.140.63.124), 64 hops max, 40 byte packets traceroute: sendto: Host is down 1 traceroute: wrote 66.140.63.124 40 chars, ret=3D-1 *traceroute: sendto: Host is down traceroute: wrote 66.140.63.124 40 chars, ret=3D-1 Here's something odd. If I change the first octet to anything other than=20 66, the traceroutes run normally. But if I leave the first octet at 66=20 and change any of the other octets, they all return host is down. I=20 double checked, and the defaultrouter is 66.221.96.1 in /etc/rc.conf. Paul Schmehl (pauls@utdallas.edu) Senior Information Security Analyst The University of Texas at Dallas http://www.utdallas.edu/ir/security/ --==========9C7F9800B63009A259F0==========--