Sunday 30 September 2012

Diagnosing Routing Problems

A friend of mine was having trouble with web requests not working to a specific site from his home office.  The usual investigations of DNS, tracert and the like showed that the requests were heading off to the correct server, but they never seemed to return.  As my friend didn't have admin access to the server to check if the requests arrived, I decided to set up a proxy to see if that would help with the diagnosis.  Here are the steps:

  1. Installed squid using aptitude
  2. Aptitude turned on squid by default.  As I didn't want to risk having an open proxy, I turned it off with:  sudo /etc/init.d/squid stop
  3. Edited the config file: sudo vim /etc/squid/squid.conf
  4. Added access line just for my IP
    1. acl allowed src 123.456.789.012
    2. http_access allow allowed
  5. Fired up the squid server with: sudo /etc/init.d/squid restart
  6. Added the proxy settings to the browser:, port 3128
  7. Checked the access log: sudo less /var/log/squid/access.log
  8. That seemed to be working fine, so I remembered that there had been a really good post on the GeekUp mailing list about monitoring traffic hitting a server, so I went and had a read
  9. I installed tcpdump with aptitude, and then...
  10. sudo tcpdump -i eth0 host

With the proxy set up the PC connected to the target server just fine.  I think it is something wrong at the server end and I don't have control of that.  Over to the server's admins...

No comments: