Re: CAn Ping but not telnet /

From: Daniel Sheedy (dansheedy@gmx.net)
Date: Wed Jul 21 2004 - 02:40:32 GMT-3

• Next message: W Walla: "Re: CAn Ping but not telnet /"
• Previous message: Peasah, Richard Kwame: "My Turn"
• Maybe in reply to: W Walla: "CAn Ping but not telnet /"
• Next in thread: W Walla: "Re: CAn Ping but not telnet /"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Walla,

here is the ping format:

ping 192.168.3.1 -l 1500 -f

: substitute the 192 address for something on the other lan.
The -l is the packet load. Here it is 1500.
The -f means 'i dont want you to fragment my packets'.

So, it will try and send a packet from where you are, to the ip address in
the ping command.

If it is successfull, you will get a response. If not, it will say
something like 'packet needs to be fragmented but DF bit is set'. Or it may
give you a 'network unreachable' message if they have turned off/blocked
ICMP messages.

Your message may be a little different, as I cant remember the English
message. Im working from a german OS at the moment. (fscking german...)

Now, just keep decreasing the packet size until it gets through ok.
Yesterday I had to keep getting smaller till it was 1378 for a DSL network.
1378 goes through ok, but 1379 just disappears.

Once you know what the smallest MTU from end to end is... then you can work
on fixing it. Either getting your ISP to fix it, or you setting it on the
routers.

Also, router configs may help us out here. Maybe there is actually a config
error.

OK... have a go with that

Dan Sheedy

----- Original Message -----
From: "W Walla" <wallafly@hotmail.com>
To: <dansheedy@gmx.net>; <ccielab@groupstudy.com>
Sent: Wednesday, July 21, 2004 7:26 AM
Subject: Re: CAn Ping but not telnet /

>
> Hi, Thanks!
> Interesting idea.
>
> I checked the configs on the routers just now and there is NO mention of
MTU
> anywhere.. Would you suggest that I set it, if so, to 1500? The link
from
> A to B routers is 256k, so maybe if I set the MTU it will send a larger
> packet?
>
> When I am trying to telnet to a Server in LAN C, from LAN A (desktop) it
> just times out...no refusal message. I can telnet From A to B though
desktop
> to a server.. And from LAn B to LAN C server to server... But again,
not
> A to C... SO strange to me!
>
> There is no PAT or anything like that, it is a Private Frame network and
no
> addressing shotage problems.
> Does this give you a better idea?
>
> I can not get to the routers until the morning and my TAC acct has
> expired... Getting a new smartnet soon.
>
> I will look up how to do the don't defrag bit and try that also in the
> morning.
> Thanks Dan!
>
> >From: "Daniel Sheedy" <dansheedy@gmx.net>
> >To: "W Walla" <wallafly@hotmail.com>,<ccielab@groupstudy.com>
> >Subject: Re: CAn Ping but not telnet /
> >Date: Wed, 21 Jul 2004 07:11:03 +0200
> >
> >Hi Walla,
> >
> >Have you checked the MTU tfrom Lan A to Lan C? I had this problem from
> >Australia to New Zealand once. Could do anything with tiny tiny packets,
> >but as soon as it got bigger it timed out. It was a black hole in the
ISP
> >network combined with a smaller MTU.
> >
> >Do a ping from lan A to a computer on Lan C with the 'dont defragment'
bit
> >set.
> >
> >Also, what does it say, when you try to do a telnet? Does it just
timeout?
> >Or do you get a 'connection refused' message?
> >Is there an access group under the line vty perchance?
> >Is there NAT /PAT involved anywhere? Is so, is it passing through
> >everything properly?
> >
> >Let us know what you find...
> >
> >Dan
> >
> >
> >----- Original Message -----
> >From: "W Walla" <wallafly@hotmail.com>
> >To: <ccielab@groupstudy.com>
> >Sent: Wednesday, July 21, 2004 7:00 AM
> >Subject: CAn Ping but not telnet /
> >
> >
> > > Not as easy as it sounds. I can ping across my wan from my lan
through
> >a
> > > remote router and across that wan to another LAN. 0--0--0 A--B--C <--
> >like
> > > this: From a through b to c's LAN. However! I can not telnet from
A's
> >LAN
> > > into C's LAN.
> > >
> > > From A's LAN I can telnet and remote desktop into B's LAN.
> > > From B's LAN I can Telnet and Remote desktop into C's LAN.
> > > ButI can not Telnet or remote desktop from A's LAN into C's LAN
through
> > > Router B!
> > >
> > > I do not have any acl's applied on any routers... There used to be
some
> >but
> > > they have been unapplied from any and all interfaces. I am not aware
of
> >any
> > > Firewalls in between. WhenI trace router from Router A to Router C it
> >hits
> > > all appropriate interfaces along the way... Not like I could see a
> >firewall
> > > anyway probably..
> > >
> > > There is also some ospf and some statics on these routers...
> > >
> > > Anything jump out at anyone as the possible causes? I have
reasearched
> >this
> > > for a full 2 days now and desperately need access.
> > >
> > > Help!
> > >
> > > Thanks!
> > >
> > > wallafly@hotmail.com
> > >
> > > _________________________________________________________________
> > > Dont just search. Find. Check out the new MSN Search!
> > > http://search.msn.click-url.com/go/onm00200636ave/direct/01/
> > >
> > >

• Next message: W Walla: "Re: CAn Ping but not telnet /"
• Previous message: Peasah, Richard Kwame: "My Turn"
• Maybe in reply to: W Walla: "CAn Ping but not telnet /"
• Next in thread: W Walla: "Re: CAn Ping but not telnet /"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Aug 01 2004 - 10:12:00 GMT-3