I have a strange problem when I try and access my home LAN web server from home. Once in every three or four connections the web server hangs for several minutes before the data is delivered. This happens when I access the pages as http://zbmc.eu/xxx/yyy. I was going to say that the data is eventually delivered but one I just tried returned a "The connection has timed out" message.
If I access the same pages as http://localhost/xxx/yyy then it all works perfectly, no hangs.
Now the 'fly in the ointment' as it were is that my ADSL connection uses two ADSL providers on two telephone lines, the sharing is provided by my Draytek Vigor 2820n router. I *suspect* that its the sharing in the router that causes the problem, but it doesn't happen for other URLs, just for http://zbmc.eu/ URLs.
Any suggestions for how to diagnose what's going on?
If all that changes is the name in the URI then it sounds like a DNS issue to me.
Not sure how your ADSL is set up; is your traffic balanced over the two lines so some requests are going over one and some over the other? If this is the case, does the external IP of your web server point to only one of your ADSL interfaces, if so which one?
If it were ADSL-A for example, does the problem only happen when making a request and it gets balanced out of a certain ADSL interface like ADSL-B for example? Or only when it goes out of ADSL-A?
Seeing as you have a web server at home, do both lines have static IPs? If so, are they from the same provider? If so, are they in the same subnet?
Somewhere in here I expect is the problem, either a simple routing or NAT issue possibly.
On Fri, Jul 01, 2011 at 10:08:37PM +0100, James Bensley wrote:
If all that changes is the name in the URI then it sounds like a DNS issue to me.
Not sure how your ADSL is set up; is your traffic balanced over the two lines so some requests are going over one and some over the other? If this is the case, does the external IP of your web server point to only one of your ADSL interfaces, if so which one?
The router balances traffic over the two ADSL lines.
If it were ADSL-A for example, does the problem only happen when making a request and it gets balanced out of a certain ADSL interface like ADSL-B for example? Or only when it goes out of ADSL-A?
It's essentially random which of the two ADSL lines get used.
Seeing as you have a web server at home, do both lines have static IPs? If so, are they from the same provider? If so, are they in the same subnet?
Yes, they're both static, from different providers though. The incoming requests to zbmc.eu will always come on on just one of them.
Somewhere in here I expect is the problem, either a simple routing or NAT issue possibly.
Quite, but how do I diagnose it?
On 01/07/11 23:01, Chris G wrote:
Quite, but how do I diagnose it?
Do you run DNS on your Lan or just forward DNS requests through your router(s). If you have local DNS then I suggest you set that up to point zbmc.eu to the local address of your web server rather than the internet facing one.
The reason this is happening is that quite possibly the gateway for whichever connection zbmc.eu resolves to cannot route to itself. So if your request happens to go out on that gateway (assuming it is truly random and I am still not sure how you have that set up) then it is unable to form the circular route to connect back to your webserver through port forwarding or DMZ or however you have that set up.
When your request goes out via the other ADSL connection it will work just like it does for anyone else looking at those pages (they load reliably for me)
On Sat, Jul 02, 2011 at 10:23:44AM +0100, Wayne Stallwood wrote:
On 01/07/11 23:01, Chris G wrote:
Quite, but how do I diagnose it?
Do you run DNS on your Lan or just forward DNS requests through your router(s). If you have local DNS then I suggest you set that up to point zbmc.eu to the local address of your web server rather than the internet facing one.
Yes, I have local DNS (another computer on the home LAN running dnsmasq). However there is a reason for setting it up so that zbmc.eu requests go 'out and back' as it were, it means I can do much more realistic checks that I have set things up right so that the outside world can see zbmc.eu.
Most of the time I access the local servers with short 'LAN' names, e.g. zbmc.eu is chris on the local LAN so http://chris/ works fine.
The reason this is happening is that quite possibly the gateway for whichever connection zbmc.eu resolves to cannot route to itself. So if your request happens to go out on that gateway (assuming it is truly random and I am still not sure how you have that set up) then it is unable to form the circular route to connect back to your webserver through port forwarding or DMZ or however you have that set up.
It is fairly random, the router supposedly chooses whichever route is less loaded and as they're both pretty similar speeds and there's more than one of us here using them then, although there's a fair chance one will get chosen first fairly frequently the other will get used by the next request.
When your request goes out via the other ADSL connection it will work just like it does for anyone else looking at those pages (they load reliably for me)
I guess that's a possible reason, I can check easily enough by forcing all requests for zbmc.eu (84.45.228.40) to go out via the other ADSL connection, the router can do this quite easily. I have, for instance, already forced all HTTPS requests to go on one ADSL connection only as otherwise many secure servers complain because they check for an unchanged IP.
You can almost bet your bottom dollar that in a situation like this the router is the problem. Lots of devices can't handles you making a request to the outside interface of the device and NAT'ing back inside. I find it more common in firewalls to be honest though (maybe your router is a firewall also?).
There isn't a lot you can do about if it that's true, in stead just change the IP address of your internal DNS record to point to the internal IP address of your web server. It seems silly to me to have it internally giving the external IP address. You will loose connectivity to your internal web server if your router crapped out because you would be trying to tap up your default gateway for a route the the web server right next to you.
On Fri, 1 Jul 2011 23:01:35 +0100, Chris G wrote:
Quite, but
how do I diagnose it?
You might find you can see the point you can't get past by using mtr (http://www.bitwizard.nl/mtr/ [1]) to watch the points along the route that are working - basically, its a traceroute that dynamically updates to show you where latencies may exist along your route.
In my experience, some devices have issues when accessing a public-side IP which they NAT internally from an internal machine which is itself being NAT'd onto its external side, I have found having an internal IP for the server you are accessing in your private-side DNS servers (or if you can't do that, as a last resort, in your hosts file) is sometimes the only way to resolve the issue where NAT implementations are broken in this way.
HTH,
Jim
Links: ------ [1] http://www.bitwizard.nl/mtr/
On 1 July 2011 23:01, Chris G cl@isbd.net wrote:
Quite, but how do I diagnose it?
I'd start by looking at the web server logs for a "problematic" session, I'm sure there'll be some clues there. For example, you should be able to see if a session is being split across multiple IP addresses (ie if you're switching between ADSL lines).
-
Chris G -
James Bensley -
Jim Rippon -
Mark Rogers -
Wayne Stallwood