Text only | Text with Images

IDNetters Forums

Technical News & Discussion => IDNet Help => Topic started by: Dangerjunkie on Aug 04, 2009, 02:03:46

Title: Web access problems - Have I broken it
Post by: Dangerjunkie on Aug 04, 2009, 02:03:46
Hi,

I've been doing some out of hours experimenting with VLANs and a new firewall on my network. With the new firewall I had problems with http connections being refused, Firefox not being able to reload the BBC News live bookmarks and generally poor performance.

I just went back to my old firewall on the main house VLAN and I'm now having similar problems. Everything should be how it was and working. Before I tear my hair out, is there a problem in IDLand(TM) or have I broken something please?

Thanks,
Paul.
Title: Re: Web access problems - Have I broken it
Post by: Glenn on Aug 04, 2009, 07:04:42
I think you may have broken something Paul, it works OK here.
Title: Re: Web access problems - Have I broken it
Post by: Dangerjunkie on Aug 04, 2009, 08:00:31
Oh dear. That was what I was hoping you wouldn't say...
Title: Re: Web access problems - Have I broken it
Post by: Dangerjunkie on Aug 04, 2009, 08:16:45
This is strange. The problem is intermittent. I get a "connection refused" then as soon as I press reload it works the second time.

Just happened to this site. I've rebooted just about everything... Core router is next
Title: Re: Web access problems - Have I broken it
Post by: Simon on Aug 04, 2009, 11:42:17
I get a "connection interrupted" browser message occasionally, but the "Try again" button always seems to work.  It's been ongoing for a while now, but not frequent enough to worry about.
Title: Re: Web access problems - Have I broken it
Post by: Dangerjunkie on Aug 04, 2009, 17:12:16
Hi,

OK. I made it go away by throwing out all the routing tables in the switch and writing a really simple set. Here is the arrangement that went wrong:

VLAN 2: Router 192.168.26.2 Mask 255.255.255.0
VLAN 10: Router 10.126.0.1 Mask 255.255.255.0

Routes:
VLAN 2: IP 0.0.0.0 Mask 0.0.0.0 Next Hop 192.168.26.1 (the firewall) Weight 360
VLAN 2: IP 10.126.0.1 Mask 255.255.255.0 Next Hop 192.168.26.2 Weight 60 (smaller is more powerful)
VLAN 10: IP 0.0.0.0 Mask 0.0.0.0 Next Hop 192.168.26.2 (the firewall) Weight 360
VLAN 10: IP 192.168.26.1 Mask 255.255.255.0 Next Hop 10.126.0.1 Weight 60

DHCP gateway options: VLAN2=192.168.26.2, VLAN10=10.126.0.1

The router is an Allied Telesyn Rapier 48i managed switch. Does anyone have any idea why the presence of the VLAN10 routes would cause item fetch failures (timeouts) when the client was 192.168.26.168 and the firewall 192.168.26.1 (i.e. the data should have gone nowhere near VLAN10 and both client and firewall were on the same subnet)?

Thanks,
Paul.


Title: Re: Web access problems - Have I broken it
Post by: Rik on Aug 04, 2009, 17:34:41
Not me, Paul, sorry. :(
Text only | Text with Images