Hi All,
I'm having some problems with a system. I've got a few data-points
and I'm hoping someone can steer me in the right direction on this.
For the record, I've got cruzio's dsl circuit providing dhcp address
and access. This connects to a redhat 8.0 firewall system running nat
and iptables using the MonMotha firewall script. Everything was OK
for many months. Last Tuesday I activated the squid proxy server and
squidGuard. Everything appears to work OK _except_ access to one
specific domain "mycustomer.com", which is this customer's home site
for web and email.
As a test, we reconfigured a single PC for dhcp access and plugged in
the dsl network cable. Access to mycustomer's web site worked fine
(cache?) as did a tracert. This appears to indicate that the problem
is on my side of the dsl circuit.
Earlier today, I checked and chased down the only apparent relevant
configuration change as having been an addition made to squidGuard
through webmin. This happened around noon yesterday, and as I'm
off-site, the consensus is that things were working afterwards. I
confirmed that the changes did not reference mycustomer.com or the
associated IP address.
Just now, I opened up the firewall and tried a traceroute...
[root@ftfw2 init.d]# /usr/sbin/traceroute mycustomer.com
traceroute to mycustomer.com (xx.xxx.xx.xxx), 30 hops max, 38 byte
packets
1 dsl3-63-249-87-gateway.cruzio.com (63.249.87.1) 12.408 ms 13.883
ms 18.655 ms
2 7200hurricane.cruzio.com (63.249.95.1) 14.002 ms 11.907 ms
18.689 ms
3 gige-g0-0-18.gsr12008.fmt.he.net (64.71.128.37) 15.519 ms 16.819
ms 19.922 ms
4 * * * [repeats]
....the firewall status...
[root@ftfw2 init.d]# /sbin/iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
...so...
Windows completed this tracert?
I'm at a loss here. I thought perhaps a 24 hour expiration on DNS
(thinking I threw the switch on the proxy around 5:00 Tuesday
afternoon. Maybe the problem started 5:00 Wednesday afternoon but
only discovered Thursday morning?) but DNS appears to be OK now.
One final point is that I also can't reach mycustomer.com from another
of my systems in Fremont...
[root@fremont local]# traceroute -f 11 mycustomer.com
traceroute to mycustomer.com (xx.xxx.xx.xxx), 30 hops max, 38 byte
packets
11 gige-g4-0.gsr12008.fmt.he.net (64.71.128.182) 13.120 ms 13.191
ms 12.842 ms
12 * * * [repeats]
.... but it works fine from my SBC/PacBell DSL system.
Any ideas?
TIA, and thanks for listening,
--
Emile van Sebille
(E-Mail Removed)
Similar Threads
Linear Mode
