Hi,
I'm at the end of my wit's and need pointers to debug a net connection through proxy.
Setup: Every thing is standard. Two network cards, one for DSL ethernet router and one for local network. See [1] for routing table's output.
Squid is running and ipchains (still using ipchains with 2.4 kernel) is doing masquerading. For debugging purpose I have opened up all the ports and have forwarded all basic protocols. See [2] for ipchains -L -n.
Problem: All sites are accessible at port 80 other than following sites: rbi.org.in samachar.com sify.com nsdl.co.in (traceroute case : But site works with wget and browser)
What all been tried: 1. Removed squid. 2. Removed ipchains, massaged ipchain's rules with couple of options. 3. Done direct dialing using modem from two differnent machines. 4. Used two different ISP to connect. 6. All most all permutation and combination of squid, IPCHAINS and service provider.
5. Checked traceroutes : This part is something I'm not able to understand. Assuming default ttl 30 of a tcp connection, I tried tracerouting nsdl.co.in (which works) and sify.com (which does not work) but traceroute does not reach the destination IPs even with the ttl = 255 (max hops) .
In case of nsdl.co.in traceroute does not reach its IP but gets the index.html with wget, while with sify.com wget timeouts or never returns and at times I get connection refused messages.
Question: 1. Can some router might be misbehaving in the path? If yes how to discover it, as traceroute -n also does not print IP after certain limit. If ttl of 255 is causing a problem then why does nsdl.co.in works and why not other sites?
2. Same setup works in Bombay with Tatatele cable connection.
2. What next thing to check or do?
Please any pointers, what am I missing?
-Krishna
[1] routing -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 202.162.224.0 172.16.200.1 255.255.255.0 UG 0 0 0 eth1 210.210.19.0 172.16.200.1 255.255.255.0 UG 0 0 0 eth1 172.16.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 0.0.0.0 172.16.200.1 0.0.0.0 UG 0 0 0 eth1
(192.168.1* is local network)
[2] ipchains -L Chain input (policy ACCEPT): Chain forward (policy ACCEPT): target prot opt source destination ports MASQ tcp ------ 192.168.1.0/24 0.0.0.0/0 * -> * MASQ udp ------ 192.168.1.0/24 0.0.0.0/0 * -> * MASQ icmp ------ 192.168.1.0/24 0.0.0.0/0 * -> * Chain output (policy ACCEPT):