• 0

Can't access some websites


Go to solution Solved by BudMan,

Question

Gabe84

Yesterday I've started having a weird problem with my connection, when I try to access OneDrive, Office Web Apps, Calendar and Contacts I cannot connect, however I can connect and use Outlook.com, but I can't use the search function in the mail, my browser keeps loading the page without displaying it, this happens with other two sites, OpenDNS website, and an Italian website, subito.it

 

I use Lubuntu 14.04 fully updated, my main browser is Firefox 36.0.1 with LastPass, Ghostery, AdBlock Plus, HTTPS Everywhere, X-Notifier, EPUBReader and Ubuntu Firefox Modifications 3.0; Ghostery and ABP are disabled on Microsoft websites as I found that they don't allow Outlook.com and others to work properly. I tried to disable HTTPS Everywhere but it didn't change anything.

 

That's the same exact configuration I had 2 days ago when all those sites worked perfectly.

 

I tried with Midori and Opera, without extensions, and those sites don't work either.

Edit: I tried using Chrome, those sites don't load either.

 

When I started having this problem I had OpenDNS, I changed them to Google Public DNS and still didn't work, I changed again to my ISP DNS and I still can't get those sites to work.

 

Here's something even stranger, if I use Tor Browser, no matter what DNS I use, I can reach and use those sites flawlessly, I don't know about OneDrive as I don't log in using TOR, but Tor Browser displays the site quickly and without any problem.

 

Besides this my connection works perfectly, every other site works and other protocols work too.

 

Do you have any idea why this happens?

Link to post
Share on other sites

Recommended Posts

  • 0
+BudMan

Well that never a good idea..  If your not going to read over the thread, or at least breeze over it you shouldn't be posting.. To be honest you waste everyone's time and can make yourself look foolish suggesting stuff that was clearly proven already to not be the case, etc.

 

I normally like your input, but in this case -- READ the THREAD before posting..  While at first glimpse I too thought is was most likely dns related.  But once he posted that he could resolve in post #3 it shows not to be dns related.

Link to post
Share on other sites
  • 0
Gabe84

edit:

So looks like it installs dnsmasq-base, which prob doesn't allow you to config it, etc.  That is pretty crappy setup if you ask me.  But in the network manager you should be able to just remove 127.0.1.1 and add what you want.  You can see it gets dns from dhcp as well

 

attachicon.gifdnsmasqrunninglocal.png

 

You could most likely install the full dnsmasq and that way to be able to set it up what it forwards to vs what you got from dhcp, or you could most likely do something in the resolv.conf to not let it get overwritten pointing to whatever you want.  Or could just change your dhcp server to hand out what you want on your router.  Do you have access to do that?  Either way this is just all extra stuff in understanding what your using for dns, etc..  DNS from everything I see is not your issue.

I have root access so I can change/edit, I believe, whatever I want.

 

When I tried to change 127.0.0.1 to 8.8.8.8 (Google DNS) it immediately reverted to 127.0.0.1, I have installed, I think, the full dnsmasq

sudo apt-get install dnsmasq

I have changed 127.0.0.1 from the GUI but it immediately reverted to it.

 

Even if I manually remove 127.0.0.1 and add 8.8.8.8 it reverts the changes.

 

If I simply add 8.8.8.8 it gets deleted.

Link to post
Share on other sites
  • 0
+BudMan

Dude I just noticed your traceroutes.  10 HOPS on a private network.. WTF??  That is nuts!!  ALL those 10.x.x.x why would you have so many hops on a private network?

 

I am not talking about changing it on your linux box, talking about changing it on your router where you hand out your dhcp info..  Running dnsmasq is not a big deal, you just now have a caching forwarder running, windows does the same thing to be honest it caches dns locally, etc.  dnsmasq is a great forwarder. 

 

But if you don't want to point what your dhcp hands out for dns, and you can not change your dhcp server your other options would be to change what dnsmasq points to and don't care what dhcp hands out or don't use dnsmasq.  Let me look real quick.. Let me look to see where and how to edit dnsmasq on this setup.

Link to post
Share on other sites
  • 0
Gabe84

Dude I just noticed your traceroutes.  10 HOPS on a private network.. WTF??  That is nuts!!  ALL those 10.x.x.x why would you have so many hops on a private network?

 

I am not talking about changing it on your linux box, talking about changing it on your router where you hand out your dhcp info..  Running dnsmasq is not a big deal, you just now have a caching forwarder running, windows does the same thing to be honest it caches dns locally, etc.  dnsmasq is a great forwarder. 

 

But if you don't want to point what your dhcp hands out for dns, and you can not change your dhcp server your other options would be to change what dnsmasq points to and don't care what dhcp hands out or don't use dnsmasq.  Let me look real quick.. Let me look to see where and how to edit dnsmasq on this setup.

I haven't the faintest idea about hops :/

 

As for the router, it's supplied by the ISP, I don't even have and address to access settings, I can change settings from a private page on the ISP's website, but all I can change is Wi-Fi, I can change the password, turn it off or on, and stop broadcasting signal.

 

I don't know if this can help, according to Wikipedia my ISP uses a Metropolitan Area Network, I don't have a public IP, I have a static private IP and I'm behind a NAT, they remotely configure everything, I can't even update the router's firmware.

 

Actually this caused many problems to me, since the IP servers identify me with is the same for a huge area, if someone else does something then I have to pay the consequences, eg. sometimes I got banned from private sites because the mods saw two accounts with the same IP, it was just another user inside the same MAN, so we shared the same IP, or sometimes I get G/K lined on IRC because some other user might have used this same public IP to spam or broke the rules.

Link to post
Share on other sites
  • 0
Gabe84

Weird

You tell me! But it's the only ISP that guarantees your bandwidth, if you pay for a bandwidth you're guaranteed you will have those speeds no matter what, while other ISPs sell you bandwidth "up to" a certain speed, but there's no guarantee whether you'll ever reach those speeds or how many times.

 

It's just a 6 Mbit/512K connection but most 7/6 Mbit connections here will run around 4Mbits.

Link to post
Share on other sites
  • 0
binaryzero

You might be running on some private WAN link your provider has. That's how they could guarantee you QOS you pay for.

 

For instance, I organise to get these private links set up between branch offices at client sites. Usually run VPN over them.

Link to post
Share on other sites
  • 0
Gabe84

You might be running on some private WAN link your provider has. That's how they could guarantee you QOS you pay for.

 

For instance, I organise to get these private links set up between branch offices at client sites. Usually run VPN over them.

Yes, that's exactly how it works!

Link to post
Share on other sites
  • 0
binaryzero

Well then it could  be something on their network.

 

Call the provider, give them some of the information Budman has provided, and see if they can replicate.

Link to post
Share on other sites
  • 0
Gabe84

Well then it could  be something on their network.

 

Call the provider, give them some of the information Budman has provided, and see if they can replicate.

I will, luckily I can contact them via PM on Facebook or mail, that way I can enclose the screen grabs of the packet sniffing.

Link to post
Share on other sites
  • 0
+BudMan

So behind a NAT for sure with those 10.x.x.x addresses, a HOP is router along the path to where you want to go.. So for example you normally see your router. then your isp router..

 

post-14624-0-09399700-1426941924.png

 

So see the pfsense.local.lan - that is my router lan side connection, then it has a wan side connection that talks to my ISP in the 24.13 network - the router in my isp is second hop.  Then looks like I go to a router in mount prospects (chicagoland) then not sure where area4 is, then 350 Cermack - this is large DC in the chicagoland area.

 

http://www.datacenterknowledge.com/special-report-the-worlds-largest-data-centers/worlds-largest-data-center-350-e-cermak/

 

Then not sure where but you can see on difference between response time to hop 5 and 7 that Went across the country from chicago to San Jose, hit a couple of routers in that area and then connect into a opendns router at hop 10, and then finally to the dest IP.  So along the way hit 10 different routers to get to where I wanted to go..  You hit 10 routers before you even got on the internet ;)  10.x.x.x networks are private and can not route on the internet.  Once you leave your isp network, looks like you go to Milan I would guess, and then amterdam, nl etc.. You notice the high response times to that hop 14 in amsterdam - that seems like a high response time of 189 ms.. There could be a problem with that router or connection to that router, etc.Or id could just be slow answering pings.. Since you see the next hope seems to be fine at 30 ms.  Then you go across the pond is where you should expect the high 200ms response times, etc.

 

As to having to share the same public IP with other users, yeah that could cause you lots of pain.  And for example could explain your issues with some sites not answering you.  For example opendns.com - maybe someone else on that IP or even netblock your coming from ###### them off in some way, doing massive amounts of dns queries or something, etc.

 

You might want to look for a vpn or use tor if your having issues with the IP your connection is natting you to.  For example that vps in luxembourg cost me a whole 15$ a year.  with 500GB a month transfer - you could get something like that and just route all your traffic through there.  Then your IP is just yours, and would have less troubles with forums blocking you, etc. ;)

Link to post
Share on other sites
  • 0
binaryzero

Might explain why Tor works for you lol.

Link to post
Share on other sites
  • 0
Gabe84

Ok, thanks again guys, I'll mark the thread as solved and will call my ISP.

Link to post
Share on other sites
  • 0
+BudMan

So for you to edit what your using for dns, bit of research all I can say is the system they are using is pretty messed up if you ask me.  Seems dnsmasq is not ever running cache locally?  So the NM runs the copy of dnsmasq, and its seems pretty locked down to what you can do with it, etc.

 

Not sure where you were changing it, but if you edit the conf file it changes for sure.  So example

 

post-14624-0-44349900-1426944302.png

 

the conf file is in /etc/networkmanager, edit that conf to point to what dns you want, I then rebooted and its still there and that is what it is using for dns.

Link to post
Share on other sites
  • 0
binaryzero

Just a crappy distro if you ask me - load a different one and see the results.

Link to post
Share on other sites
  • 0
Gabe84

So for you to edit what your using for dns, bit of research all I can say is the system they are using is pretty messed up if you ask me.  Seems dnsmasq is not ever running cache locally?  So the NM runs the copy of dnsmasq, and its seems pretty locked down to what you can do with it, etc.

 

Not sure where you were changing it, but if you edit the conf file it changes for sure.  So example

 

attachicon.gifnmdns.png

 

the conf file is in /etc/networkmanager, edit that conf to point to what dns you want, I then rebooted and its still there and that is what it is using for dns.

I must be doing something wrong, that's what I do

sudo su

to get root access, then

cd /etc/NetworkManager

and

gedit NetworkManager.conf

but whenever I type anything in NetworkManager.conf this is what I get

(gedit:2186): Gtk-WARNING **: Calling Inhibit failed: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.gnome.SessionManager was not provided by any .service files

(gedit:2186): Gtk-WARNING **: Calling Inhibit failed: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.gnome.SessionManager was not provided by any .service files

If I save and reopen NetworkManager.conf my edits are there, and when I launch

cat NetworkManager.conf

I get this

[main]
plugins=ifupdown,keyfile,ofono
dns=8.8.8.8

no-auto-default=00:01:6C:EE:29:2B,

[ifupdown]
managed=false

But in the GUI the DNS stays 127.0.0.1, even after a reboot or simply restarting the connection from the taskbar, and there's also a NetworkManager.conf backup file that creates itself anytime I try to edit the original one.

 

I tried with Leafpad, the default text editor for my distro, but the DNS in the GUI stay the same.

Link to post
Share on other sites
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.