Can you unblock HTTP from 65.57.245.11?

It's not blocked. It's probably a problem at your end. Ping is TCP but doesn't connect to port 80, which is what web servers, and ILX typically listen on. You could try:

telnet www.ilxor.com 80

and when that connects, type:

get /ILX/

And that should return you the text of the front page and disconnect. If you can't get there, it's likely a firewall or ISP issue.

Hey Keith--

Manually GET'ing the page doesn't work either. It's highly unlikely that it's blocked on my side, but I'll re-verify.

Does this have to do with the problem with linux or at least ubuntu 7.04 and firefox. I still can't connect here at all with out a proxy.

paul@yep:~$ telnet www.ilxor.com 80
Trying 206.174.196.167...
Connected to www.ilxor.com.
Escape character is '^]'.
Connection closed by foreign host.
paul@yep:~$

It is a dual booting machine and it work fine in XP so it isn't a isp issue. Any ideas?

It's an ISP issue at our end that one, best we can make out. I'm setting up a transparent proxy that will let people get in from a different URL, but need to test it a bit more first.

svend, that's interesting, did it just close the connection immediately? That might help in looking into it.

multi-rbl checker doesn't show that in any blacklists. why is ilx's isp blocking level 3?

It closes the connection after about 5-10 seconds.

why is ilx's isp blocking level 3?
They're not actually blocking, they're using a virtual router that has problems with some OSs. The connection opens, hangs for a while, then closes. It's not absolutely certain to be the VRRP, but that's the best guess of a few folks far cleverer than me I've been discussing and testing this with. I've raised it with the hosts more than once, but obviously we're living rent-free so I'm reluctant of pushing it too hard.

PaperThinWalls had the exact same problem, incidentally -- the people who couldn't get to us couldn't get to them, but they seem to have recently resolved it so there's a chance that fix will make its way down to us.

Well, I'm sitting here at home running Ubuntu 7.04 and Firefox. It's essentially what I run at work too, which is the IP address listed above. It works from home just fine but not at work.

FWIW, the connection never closes for me at work. It just hangs forever.

Let me know if there's anything I can do to help track this down.

Hmm, I wonder what's different in the two setups then. Odd. I'll let you know how we get on.

Hey Stet--

I have an explanation.

For some reason, www.ilxor.com doesn't negotiate back TCP window scaling and for some reason, the 2.6.18 kernel I'm using with Ubuntu 7.04 doesn't like that. On the host that works, I'm running a 2.6.17 kernel and it happily notices the wscale 0.

If I "echo 0 > /proc/sys/net/ipv4/tcp_window_scaling" on the host that doesn't work, I can connect fine. tcp_window_scaling is set to '1' on the host that does work, however.

So two things:

- Obviously lots of Ubuntu 7.04 people are broken this way, although I imagine the bug is known
- If you can enable window scaling on your host, it will probably fix the problem. It will also speed transfers for lots of people. As far as I know, it's only a bad thing if there's really broken routers, etc, in between. Can you do this?

Here's a tcpdump:

## note wscale 8 requested here
10:11:34.752954 IP (tos 0x0, ttl 64, id 58863, offset 0, flags DF, proto: TCP (6), length: 60) 172.18.103.22.46847 > 206.174.196.167.80: S, cksum 0x4c45 (correct), 199263728:199263728(0) win 5840 <mss 1460,sackOK,timestamp 2502647839 0,nop,wscale 8>

## note wscale 0 responded here
10:11:34.792492 IP (tos 0x0, ttl 48, id 5123, offset 0, flags DF, proto: TCP (6), length: 64) 206.174.196.167.80 > 172.18.103.22.46847: S, cksum 0x51b0 (correct), 3027402126:3027402126(0) ack 199263729 win 49968 <nop,nop,timestamp 1517793256 2502647839,mss 1400,nop,wscale 0,nop,nop,sackOK>

## note my host responds with a "win 23" which is realy small if window scaling
## is off
10:11:34.792507 IP (tos 0x0, ttl 64, id 58864, offset 0, flags DF, proto: TCP (6), length: 52) 172.18.103.22.46847 > 206.174.196.167.80: ., cksum 0x5531 (correct), 1:1(0) ack 1 win 23 <nop,nop,timestamp 2502647879 1517793256>

## Nothing else will work now, your host probably chokes on sending a 23
## byte window
10:11:34.792640 IP (tos 0x0, ttl 64, id 58865, offset 0, flags DF, proto: TCP (6), length: 157) 172.18.103.22.46847 > 206.174.196.167.80: P 1:106(105) ack 1 win 23 <nop,nop,timestamp 2502647879 1517793256>
10:11:34.832022 IP (tos 0x0, ttl 48, id 5124, offset 0, flags DF, proto: TCP (6), length: 52) 206.174.196.167.80 > 172.18.103.22.46847: ., cksum 0x91aa (correct), 1:1(0) ack 106 win 49968 <nop,nop,timestamp 1517793260 2502647879>

That's v. plausible. It's also set on in Vista for the first time, which explains why it's only Vista and Ubuntu that are getting hit. I'll try it out tonight. Thanks!

Hmm. It's already set to always on.

Arg, looks like it's someone busted in between then.

Here's some fun links:

http://kerneltrap.org/node/6723
http://marc.info/?l=linux-netdev&m=114478312100641&w=2>
http://lwn.net/Articles/92727/

I love the broken innurnet.

The great thing is, if I switch off window scaling, it slows everything else down. And of course, there's still piles of people out there who can't get to ilxor.com.

Right, this should now be fixed. The hosts have reconfigured the router and from my tests here it has cleared up. Can anyone still seeing timeout/hang problems leave a note or email me?

Works great now. Thank you.

works in firefox using vista now for me too, thanks!