Hi there,
I recently have noticed certain web sites were timing out when trying to load with the error message " The connection has timed out. <website name> is taking too long to respond. "
now at first I honestly thought it was just website maintenance, but the other day I started testing access to the sites by utilizing a VPN tunnel back to my Head Office and using it's Internet access to test the same URL
Right now for instance when I try to go to the www.apple.com/itunes/download page, I get a time out message when accessing it from PC, but I am getting clear and fast access to the exact same page from my Sun Ray thin client talking back via VPN (over my idnet service) to my Head office using their Internet access.
Any idea why I can access the page from work indirectly? but not from home directly?
-Binwooke
My first thought is that it might be an MTU/RWIN problem. Try using an MTU of 1460 or 1430, adjusting RWIN to suit and see if that helps. Does it tend to affect 'distant' sites more than UK ones?
It would be worth running some pings to the affected site, see if that yields any clues.
Welcome to the forum. :)
No trouble accessing the link here.
;)
Me neither, Mo. Pings and tracerts do time out though, but support are not aware of any issues and can reach Apple themselves with no problems.
I have used TCP optimizer to set what it thinks is optimal MTU (1370) but that is still not letting me through clean. The problem is half the page loads ok, it's the download frame that times out. Another site that just plain doesn't load via my home PC is http://petopia.brashendeavors.net/
is it a case of just keep dropping the MTU until it hits a win? What impact would that have overall?
-Binwooke
1370 is far too low!!
1470 could be more like it. ;)
That site works fine too. An MTU of 1370 is very low for the IDNet network and would possibly impact on web access. I use 1500 (RWIN 256960), Miriam recommends 1458, so I'd suggest you try a larger figure and see if it helps.
OK, it is getting worse.
I tried 1500 and 1470. Now I cannot get the apple site at all (let alone any download pages)
The other thing I have noticed is this problem is explicit to my PC. My laptop over wireless can access the problem pages with ease. Even both of my Virtual Machines running across wireless are able to access the problem pages.
I have changed cables on my PC network card, I have also plugged it directly into the router (instead of on my gig network switch) and it still has a problem. Is it at all possible that the on board Nvidia NIC is finally succumbing to the abuse of hours of online gaming? :)
When I run:
The SG RWIN/BDP Calculator is a tool provided for quick calculation of approximate RWIN (TCP Window) values using the BDP (Bandwidth*Delay Product).
it gives me a calcualted RWIN/BDP of 1289.06 which seems a bit low...
It's beginning to sound like it might be hardware or possibly the networking setup on that machine. Is there any chance you could plug in a new NIC to test? Have you checked in Device Manager to see that there's nothing being flagged on the existing NIC?
Have you tried TCP Optimizer from the laptop, does it give a more sensible recommendation for MTU?
Quote from: Binwooke.........it gives me a calcualted RWIN/BDP of 1289.06 which seems a bit low...
To say the least! ::)
Formula for RWin;
MSS (always 40 below MTU) X 46 - will give base figure, then base X 2 or X 4.
If RWin is over 65535, Windows Scaling must be 'ON'.
If you use Vista, RWin and MTU are decided by the O/S and can't be changed in the registry (They reckon!).
HTH
Mo ;D
OK, expanding a bit further, the BDP appears comparable when I plug the laptop in to copper instead of Wireless, however the Site Access is not presenting any problems.
Device manager on the PC is not showing any faults with the NIC, but I am not convinced. I am almost certain it's a hardware fault, but I have no NIC card to hand. All my machines have built-in NIC's on the mainboards.
oh and my original RWIN/BDP reading was mis-quoted. the Raw RWIN number I am getting is: 258076
is there a way to manually add a RWIN number? TCP Optimizer doesn't appear to have a tool, however speedguide.net does give some other numbers it reckons would fit my "MTU" better.
-Binwooke
maybe this is more useful than me fumbling around :)
« SpeedGuide.net TCP Analyzer Results »
Tested on: 07.25.2007 13:27
IP address: 91.135.x.xxx
TCP options string: 0204058a0103030201010402
MSS: 1418
MTU: 1458
TCP Window: 258076 (multiple of MSS)
RWIN Scaling: 2
Unscaled RWIN : 64519
Reccomended RWINs: 65228, 130456, 260912, 521824
BDP limit (200ms): 10323kbps (1290KBytes/s)
BDP limit (500ms): 4129kbps (516KBytes/s)
MTU Discovery: ON
TTL: 52
Timestamps: OFF
SACKs: ON
IP ToS: 00000000 (0)
The figures look OK, the issue seems to be is the PC talking to the 'net?
Have you had a look in Device Manager and checked the TCP/IP settings?
Your TCP Window is not a multiple of the MSS.
Their 'recommended' ones are, as per my formula above.
:)
Thanks everybody for the responses so far.
I have checked Device Manager and it lists the device as working OK. My TCP/IP Properties are set to DHCP and automatic DNS (From Router). Output of ipconfig /all looks OK, it seems to have picked up the DNS servers correctly.
-Binwooke
I think it would be useful if you could try an alternative NIC, given your results so far.
OK, Further investigation has me puzzled. I decided to boot into my Fedora Core 7 partition just to check one last time if it was a hardware fault only to find that my Fedora session has no problem whatsoever with accessing websites. Now I thought pehaps it was a Firewall thing, but after disabling that, my Virus software, my stopzilla etc.... I still get problems on Windows XP accessing certain sites. :-[
Increasingly it appears that it's an OS problem. I would suggest removing and re-installing the network components, Control Panel > Add/Remove programs > Add/Remove Windows components.
OK Finally fixed the problem. It was an issue with Nvidia Firewall and Nvidia Network Access Manager. Removing both has freed up my Internet Access to the sites I was unable to attach too.
Thanks
-Binwooke
I didn't even know nVidia did a firewall! Glad you're sorted - pesky software. If you want to run a firewall, you might like to try the free Comodo offering. :)
The nvidia firewall is a feature built into some of it's higher end motherboard chips, and therefore hardware!
But it needs software to work... ;)