1 |
Lindsay Haisley <fmouse-gentoo@×××.com> posted |
2 |
1242442935.27501.113.camel@××××××××××.com, excerpted below, on Fri, 15 |
3 |
May 2009 22:02:15 -0500: |
4 |
|
5 |
> I'm having some problems reaching *.python.org with web browers here, |
6 |
> and the problem appears to be related to ipv6 issues. My desktop system |
7 |
> is connected to a Linux router which has an assigned /64 v6 block from |
8 |
> freenet6. Firefox defaults to using ipv6 if there's an AAAA record for |
9 |
> an address. This isn't a problem in most cases. |
10 |
> |
11 |
> If I access most v6 enabled web servers, e.g. www.kame.net or |
12 |
> testmyipv6.com with firefox, no problem. I get back a page indicating |
13 |
> that I"ve made a v6 connection to the web server. www.python.org also |
14 |
> resolves with an aaaa record (2001:888:2000:d::a2), and I can ping6 the |
15 |
> server, so I know that routing is OK. I can't, however, get a response |
16 |
> from the server with a firefox, which just blocks trying to retrieve a |
17 |
> page. |
18 |
|
19 |
Disclaimer: Note that I'm still entirely IPv4 and the following |
20 |
suggestions, based on IPv4, simply assume IPv6 versions of the same thing |
21 |
exist and work similarly. |
22 |
|
23 |
In addition to Tom's suggestion, I'd add trying a(n IPv6) telnet session |
24 |
to the web server as well. Very basic, just open the connection, then |
25 |
type quit if you get one. You can of course do a get, etc, if desired, |
26 |
but it's often not necessary or helpful. Sometimes the "raw" interface |
27 |
is helpful at diagnosing errors that get hidden by the fancy browser |
28 |
interface and that's all it takes. If you get a proper telnet connection |
29 |
that equally properly quits when told to, you're most of the way there |
30 |
already. |
31 |
|
32 |
What about tcptraceroute? The manpages don't seem to indicate |
33 |
tcptraceroute itself does IPv6, but standard traceroute does with -6, and |
34 |
has -T to use TCP SYN packets for tracing (with -p to specify port |
35 |
number). A run using TCP packets on the target port, contrasted with a |
36 |
normal traceroute run (and contrasted further with a traceroute -I, ICMP |
37 |
run, if desired), can be VERY helpful. Another nice thing about it is |
38 |
that it usually allows seeing hops behind firewalls, since they obviously |
39 |
must allow TCP SYN packets thru to that port or the web server wouldn't |
40 |
work. If ping and a normal trace (the IPv6 versions in this case) are |
41 |
getting thru but a tcptraceroute to the assigned port isn't, you know |
42 |
it's a TCP specific issue and at what layer-4/IP hop it's happening. |
43 |
|
44 |
mtr is IPv6 enabled (USE flag) and can be helpful for certain diagnostics |
45 |
as well, altho it tends to be most useful at detecting levels of packet |
46 |
loss and where, due to its continuous tracing functionality. |
47 |
|
48 |
-- |
49 |
Duncan - List replies preferred. No HTML msgs. |
50 |
"Every nonfree program has a lord, a master -- |
51 |
and if you use the program, he is your master." Richard Stallman |