tcpdump -i eth0 port 80 host <clientip> on the server as root. Try to connect from the client. If you get nothing, you know there's some name resolution/routing problem on the client.
On Wed, Jan 12, 2011 at 1:57 PM, John BORIS <jbo...@adphila.org> wrote: > Yes. Sorry forgot that point. > > > John J. Boris, Sr. > JEN-A-SyS Administrator > Archdiocese of Philadelphia > 222 North 17th Street > Philadelphia, Pa. 19103 > Tel: 215-965-1714 > Fax: 215-587-3525 > "Remember! That light at the end of the tunnel > Just might be the headlight of an oncoming train!" > >>>> "Singer X.J. Wang" <w...@singerwang.com> 1/12/2011 1:40 PM >>> > Do your FQDN resolve to the same IP when you're on the server compared > to > when you're not on the server? > > > On Wed, Jan 12, 2011 at 13:36, John BORIS <jbo...@adphila.org> wrote: > >> I have a question concerning the process for an http request. I need > to >> know the transactions between a web server and a web browser to > bring >> the home page. I am trying to troubleshoot a problem and I have to > prove >> to the keepers of our network that it is not my web server. >> >> here is the problem. This is all internal and not on the Internet >> >> Web Server (WS) Running Big Brother Professional (RHEL 5, apache), >> SELinux disabled, no firewall rules on the server. >> Client PC (Firefox, MSIE, SSH) >> >> I can connect from Client to Web Server using ssh without a problem. > I >> can connect to the Big Brother Professional Home Page via lynx by >> ssh'ing to the Server and firing off lynx. If I walk down to the > console >> and log into the graphical desktop, run firfox and then I can bring > up >> the Big Brother Professional home page. >> >> So I know the Server is accepting connections at least locally. When > I >> try from the GUI on the Web Server I use the Fully qualified name > for >> the link not the IP address or local host. The same thing when I do > it >> with lynx from the ssh screen. >> >> Now if I try to do this from a client PC I get the message that MSIE > is >> waiting for the host and then after about 20 seconds I get the > Internet >> Explorer can't display the page. >> >> I setup iptraf to see what goes on and the minute I make the request > I >> see a message in iptraf saying "Host unreachable" >> >> Now on the network side. These machines are on the same switch. same >> network but are routed to the main router for the network. That > router >> hijacks all port 80 traffic and directs it to our web filter, well I >> assume that but not sure if you can hijack http traffic. I changed > the >> listening port of the Web process to 8081 and then retested and got > the >> same results. >> >> All of this started to happen when the network was moved from one > web >> filter to another so I point to the last move. Not sure why a flaky > nic >> card would deny http traffic only and allow everything else as Big >> Brother listens on port 1984, ssh is on 22, email works as well. >> >> So after such a long story I would like to know the actual > mechanics >> of a web request. Like client makes a call to web server. Web server >> then finishes the connection. I know there are a bunch of ACKs and > stuff >> in there but I need to see where this is broken. >> >> I am about to change the NIC card if this brings a blind alley. >> >> >> Thanks in advance and sorry for the long post. >> >> >> >> John J. Boris, Sr. >> JEN-A-SyS Administrator >> Archdiocese of Philadelphia >> "Remember! That light at the end of the tunnel >> Just might be the headlight of an oncoming train!" >> _______________________________________________ >> Tech mailing list >> Tech@lists.lopsa.org >> https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech >> This list provided by the League of Professional System > Administrators >> http://lopsa.org/ >> > > -- > The best compliment you could give Pythian for our service is a > referral. > _______________________________________________ > Tech mailing list > Tech@lists.lopsa.org > https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech > This list provided by the League of Professional System Administrators > http://lopsa.org/ > _______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
