Bizarre network problem

On holiday last week, my wife wanted to connect to the network in an
internet cafe. She has a thinkpad R40e running Linux. The cafe has both
10/100 + 802.11 networks. Everything on the LAN worked fine, but there
was no way to get out. IP address, gateway and DNS servers supplied by
DHCP. So, I took my T30 along and tried with that, no luck either. Any
attempt to route beyond the gateway was met with no reply. I checked
the wireless router and it had no WEP, no MAC address restrictions,
no security. The manager gave me his PC and said I could do anything I
wanted. I took his IP address, and MAC address, unplugged his network
cable and transposed them onto my machine. Nothing. I took fairly long
ethereal dumps of mine and his machine accessing the network, and the
only difference I could see was packets with DF set on them for PMTU
discovery. echo 1 > /proc/sys/net/ipv4/ip_no_pmtu_disc disabled that
but no change. ECN was off, but that's only for TCP and I didn't even
get replies to UDP DNS requests made to various servers. In the end
I gave up and used dialup. But anyone got any idea?

Both laptops run FC2 and I tried both 2.6 and 2.4 kernels.

Paul

<(E-Mail Removed)> wrote in message
news:(E-Mail Removed)

> Any attempt to route beyond the gateway was met with no
> reply. I checked the wireless router and it had no WEP, no MAC
> address restrictions, no security.
[...]
> But anyone got any idea?

Netmask?

--
use hotmail for email replies

In article <(E-Mail Removed)>, ynotssor wrote:
><(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)
>
>> Any attempt to route beyond the gateway was met with no
>> reply. I checked the wireless router and it had no WEP, no MAC
>> address restrictions, no security.
> [...]
>> But anyone got any idea?
>
> Netmask?

No. It's something far more subtle than that. I notice that the TTL
on my packets is set at 64, whereas the windows boxes have 128 for
example.

Paul

(E-Mail Removed) wrote:
> In article <(E-Mail Removed)>, ynotssor wrote:
>
>><(E-Mail Removed)> wrote in message
>>news:(E-Mail Removed)
>>
>>
>>>Any attempt to route beyond the gateway was met with no
>>>reply. I checked the wireless router and it had no WEP, no MAC
>>>address restrictions, no security.
>>
>>[...]
>>
>>>But anyone got any idea?
>>
>>Netmask?
>
>
> No. It's something far more subtle than that. I notice that the TTL
> on my packets is set at 64, whereas the windows boxes have 128 for
> example.

I don't have any better ideas without more info, but I'd bet it's not
the TTL. I can't imagine that the packets bounce around inside the cafe
64 times or more before making it on to the Internet.

TTL means time to live. It's the maximum number of routers the packet
can pass through before the last one decides the packet is in a routing
loop.

You said you weren't able to go beyond the gateway. Can you ping the
router? How many replies do you get if you try to traceroute your
favorite web site?

In article <ff3Lc.39331$(E-Mail Removed) om>, Allen Kistler wrote:
> (E-Mail Removed) wrote:
>> In article <(E-Mail Removed)>, ynotssor wrote:
>>
>>><(E-Mail Removed)> wrote in message
>>>news:(E-Mail Removed)
>>>
>>>
>>>>Any attempt to route beyond the gateway was met with no
>>>>reply. I checked the wireless router and it had no WEP, no MAC
>>>>address restrictions, no security.
>>>
>>>[...]
>>>
>>>>But anyone got any idea?
>>>
>>>Netmask?
>>
>>
>> No. It's something far more subtle than that. I notice that the TTL
>> on my packets is set at 64, whereas the windows boxes have 128 for
>> example.
>
> I don't have any better ideas without more info, but I'd bet it's not
> the TTL. I can't imagine that the packets bounce around inside the cafe
> 64 times or more before making it on to the Internet.

Me neither. But theoretically some firewall/router could bizarrely drop
outgoing packets based on TTL...

> You said you weren't able to go beyond the gateway. Can you ping the
> router? How many replies do you get if you try to traceroute your
> favorite web site?

I can ping the router, can't traceroute beyond the router.

I also checked the DNS logs of my home machine and no DNS lookups ever
reached it (i.e. it wasn't the reply that was blocked) and I tried
multiple DNS servers that I knew the IP address of, other than the
ones given out over DHCP. I also tried various other connections by
IP address. Zero, zilch, nada. I've never come across anything like
this.

Paul