Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


3397 posts

Uber Geek
+1 received by user: 1140

Subscriber

Topic # 236096 17-May-2018 18:02
Send private message quote this post

Alright so this had me stumped today... site in question is:

 

https://essentials.myob.co.nz

 

ISP is 2talk, UFB 100/100, router is Mikrotik. VEEERRY basic network. Single site, three PC's, three IP phones, Unifi AP.

 

Basically, loading just hangs, and then eventually errors out.

 

Troubleshooting I have done...

 

- Client was using Chrome, so firstly cleared all cached data - no change
- Tried an Incognito window - no change
- Flushed DNS, 'ipconfig /flushdns' - no change
- Tried on IE - same issue, no change
- Tried on another PC with all of the above - same issue, no change
- Tried on my laptop - same issue, no change
- Jump on router, flush DNS, flush DNS on PC - no change
- Change public IP address, flush DNS, flush DNS on PC - no change (we are a 2talk reseller so can manage the connections ourselves)
- Jump on to a terminal on our head office network - site loads no problem
- Try on Spark mobile data - site loads no problem

 

So this leads to me think I have a router config issue. We run a rubber stamped config for all our routers, and just modify where needed. This site has zero changes to our standard config - a config deployed on 200+ routers.

 

So i default the router, reload a new config, issue is still there.

 

So now I wonder, is the issue with the UFB connection itself? I haven't pushed this to 2talk support as I want to keep working on it for a bit.

 

My quick work around for the client was to just set them up a VPN out through a different connection, that will suffice for the short term.

 

What do you reckon?!


Create new topic
'That VDSL Cat'
7782 posts

Uber Geek
+1 received by user: 1571

Trusted
Spark
Subscriber

  Reply # 2017811 17-May-2018 18:08
Send private message quote this post

While defaulting the router, did you try with default configuration?

 

 

 

tried running a traceroute to check the path?

 

Checked dns entry points to the same address?

 

 





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.




3397 posts

Uber Geek
+1 received by user: 1140

Subscriber

  Reply # 2017816 17-May-2018 18:17
Send private message quote this post

Oh when I say default I mean completely bare - Mikrotik, so literally no default config.

 

DNS resolves to same IP on 2talk and Spark mobile.

 

Can't ping the site, but traceroute from two 2talk connection gives the same path - seems to be hosted on Amazon. Haven't tried traceroute on another ISP though.


241 posts

Master Geek
+1 received by user: 58


  Reply # 2017824 17-May-2018 18:33
Send private message quote this post

Here is my trace:

 

1 bng3.akl-alb.unlimitedinternet.co.nz 103.52.207.253 34.305 ms 35.263 ms 34.985 ms
2 as24466-ip-34.cust.ntc-cr1.as45177.net.nz 14.1.39.34 36.015 ms 34.968 ms 34.781 ms
3 lt-0-0-0-34.ntc-cr1.as45177.net.nz 14.1.39.33 36.287 ms 35.495 ms 34.582 ms
4 as45177.nsw.ix.asn.au 218.100.52.76 57.451 ms 57.482 ms 57.426 ms
5 as16509.nsw.ix.asn.au 218.100.52.9 58.626 ms 59.973 ms 60.092 ms
6 * * *
7 * * *
8 52.95.37.187 52.95.37.187 63.078 ms
9 52.95.36.131 52.95.36.131 57.619 ms
10 52.95.36.16 52.95.36.16 61.843 ms 62.479 ms
11 52.95.36.107 52.95.36.107 60.734 ms
12 54.240.192.109 54.240.192.109 59.414 ms 59.924 ms

 

 

Domain info:

Checking Domain Name
Domain Name: essentials.myob.co.nz
Top Level Domain: NZ (New Zealand)
DNS Lookup
IP Address: 13.236.39.170
Geolocation: AU (Australia), 02, New South Wales, 1001 Sydney - Google Maps
Reverse DNS: ec2-13-236-39-170.ap-southeast-2.compute.amazonaws.com
Domain Check
Domain Name: essentials.myob.co.nz
Top Level Domain: NZ (New Zealand)

 

EDIT - updated traceroute


Meow
7375 posts

Uber Geek
+1 received by user: 3541

Moderator
Trusted
Lifetime subscriber

  Reply # 2017844 17-May-2018 18:47
Send private message quote this post
241 posts

Master Geek
+1 received by user: 58


  Reply # 2017845 17-May-2018 18:47
Send private message quote this post
26354 posts

Uber Geek
+1 received by user: 5924

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  Reply # 2017858 17-May-2018 19:06
Send private message quote this post

I'd pick MTU / MSS clamping

 

 




3397 posts

Uber Geek
+1 received by user: 1140

Subscriber

  Reply # 2017882 17-May-2018 20:03
Send private message quote this post

hmmm MTU was one of my thoughts too... 

 

Generally though you would expect to see other sites have issues to though right?

 

Tried a bunch of other https sites.. banks, wholesaler portals etc.

 

Worth sticking one of the old mangle rules in for MSS clamping?.. we haven't used that for years. Router is up to date FWIW, v6.42


1136 posts

Uber Geek
+1 received by user: 252


  Reply # 2017887 17-May-2018 20:08
Send private message quote this post

What does the F12 developer tools network waterfall timeline suggest?



3397 posts

Uber Geek
+1 received by user: 1140

Subscriber

  Reply # 2017889 17-May-2018 20:12
Send private message quote this post

yitz: What does the F12 developer tools network waterfall timeline suggest?

 

I had a quick look at that but didn't really see much/know what to look at.

 

The network page just showed the page loading in that '(pending)' stage.


4810 posts

Uber Geek
+1 received by user: 1491


  Reply # 2017897 17-May-2018 20:17
Send private message quote this post

Tried from a different site that uses the same/similar router config?


1136 posts

Uber Geek
+1 received by user: 252


  Reply # 2017920 17-May-2018 20:23
Send private message quote this post

If you eventually get (failed) net::ERR_CONNECTION_TIMED_OUT and you've tested multiple browsers then I wouldn't rule out them blocking your IP range.

 

 

A request for https://essentials.myob.co.nz only returns 605 bytes of text/html, I say unlikely to be MTU/MSS clamping.



3397 posts

Uber Geek
+1 received by user: 1140

Subscriber

  Reply # 2017936 17-May-2018 20:38
Send private message quote this post

yitz: If you eventually get (failed) net::ERR_CONNECTION_TIMED_OUT and you've tested multiple browsers then I wouldn't rule out them blocking your IP range. A request for https://essentials.myob.co.nz only returns 605 bytes of text/html, I say unlikely to be MTU/MSS clamping.

 

Hmm I got fed up it and can't remember the specific Chrome error.

 

I did change the public IP on the connection and that still didn't work.

 

The second connection I tested from was within the same /24 block as the connection with the issue - and it works just fine from the second connection.


241 posts

Master Geek
+1 received by user: 58


  Reply # 2017940 17-May-2018 20:45
Send private message quote this post

Can you get to here ?
https://login.myob.com/Account/Login

 

Its where https://essentials.myob.co.nz/ ends up, but with all the rubbish after link removed
Wonder if the long link is the issue 

 

I had play with MSS-clamping size but could not break going to that link with settings from 536 to 1492 (I have it on 1452,and MTU on WAN 1500 and PPPoE 1492)
Am using an ERL3 though




3397 posts

Uber Geek
+1 received by user: 1140

Subscriber

  Reply # 2018049 17-May-2018 21:37
Send private message quote this post

Yep finding out where that page redirected too was one of my thoughts too.
So that login page loads just fine when browsing direct, but when you try to login with proper credentials or errors out. When you look at the URL it has a field for 'client' and an Oauth ID and stuff... so I assume that gets passed with the login.
Otherwise I would have been out of there quick fast!!

72 posts

Master Geek
+1 received by user: 16

Subscriber

  Reply # 2018077 17-May-2018 22:28
Send private message quote this post

Check their international traffic cap. Don’t know if they still have these, they may not know they even have one. We use to gets clients have issues like this.

Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

IBM leads Call for Code to use cloud, data, AI, blockchain for natural disaster relief
Posted 25-May-2018 14:12


New FUJIFILM X-T100 aims to do better job than smartphones
Posted 24-May-2018 20:17


Stuff takes 100% ownership of Stuff Fibre
Posted 24-May-2018 19:41


Exhibition to showcase digital artwork from across the globe
Posted 23-May-2018 16:44


Auckland tops list of most vulnerable cities in a zombie apocalypse
Posted 23-May-2018 12:52


ASB first bank in New Zealand to step out with Garmin Pay
Posted 23-May-2018 00:10


Umbrellar becomes Microsoft Cloud Solution Provider
Posted 22-May-2018 15:43


Three New Zealand projects shortlisted in IDC Asia Pacific Smart Cities Awards
Posted 22-May-2018 15:14


UpStarters - the New Zealand tech and innovation story
Posted 21-May-2018 09:55


Lightbox updates platform with new streaming options
Posted 17-May-2018 13:09


Norton Core router launches with high-performance, IoT security in New Zealand
Posted 16-May-2018 02:00


D-Link ANZ launches new 4G LTE Dual SIM M2M VPN Router
Posted 15-May-2018 19:30


New Panasonic LUMIX FT7 ideal for outdoor: waterproof, dustproof
Posted 15-May-2018 19:17


Ryanair Goes All-In on AWS
Posted 15-May-2018 19:14


Te Papa and EQC Minecraft Mod shakes up earthquake education
Posted 15-May-2018 19:12



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.