[YBA][OT] rating for ISP ansol.co.il
Hi list members, Anyone have recommendations regarding ATM Internet service from ansol.co.il? Especially re service? - yba -- EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA~. .~ Tk Open Systems =}ooO--U--Ooo{= - [EMAIL PROTECTED] - tel: +972.2.679.5364, http://www.tkos.co.il - = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
[SOLVED] Re: [YBA] SYN dropped from Netvision timsoret
Hi list members, Many thanks to Shachar Shemesh and Amichai Rotman for their help on this problem. The symptoms were 50-70% packet loss on TCP packets to an address at the end of a fractional E1 (timsoret) managed by Netvision with 5-10% packet loss for ICMP. The symptoms appeared after the customer moved offices from one location to another but retained the same IP address subnet. We immediately suspected that Netvision had forgotten to remove the static routes from an internal router and that these routes were poluting a gateway router, but we expected the packet loss for TCP and ICMP to be the same. We were not able to reach people at Netvision service who would take us seriously. We kept getting first and second line service people who told us you have a firewall problem and who were sitting in front of Microsoft Windows machines and who did not know what Wireshark or tcpdump means. Even though we were able to show one of these people the problem in a way that he could reproduce it independently, Netvision would not act on the problem. Only after a week of complaints we were able to get Netvision to send an integrator to the site. After about 30 minutes the integrator called someone at Netvision who admitted that there was a routing error and fixed it. It is clear to me that in order to get high-level of service from Netvision you have to know whom to call. The regular service people will effectively prevent you from solving anything more that the simplest of problems. Regards, - yba On Sun, 23 Mar 2008, Shachar Shemesh wrote: Date: Sun, 23 Mar 2008 16:46:55 +0200 From: Shachar Shemesh [EMAIL PROTECTED] To: Jonathan Ben Avraham [EMAIL PROTECTED] Cc: ILUG linux-il@cs.huji.ac.il Subject: Re: [YBA] SYN dropped from Netvision timsoret Jonathan Ben Avraham wrote: What should we do next? apt-get install hping2 (or hping3, if you prefer) RTFM the --traceroute option. It should probably go something along the lines of: hping2 ip -S -p port num -M0 --traceroute Whenever it gets stuck, press ^Z to make it skip that hop. Do the same with a ping packet (hping2 ip -1 --traceroute), and see which router is the faulty one. Also, read about firewalking. - yba Shachar = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] -- EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA~. .~ Tk Open Systems =}ooO--U--Ooo{= - [EMAIL PROTECTED] - tel: +972.2.679.5364, http://www.tkos.co.il - = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: [YBA][OT] rating for ISP ansol.co.il
On Fri, 28 Mar 2008, Jonathan Ben Avraham wrote: Date: Fri, 28 Mar 2008 09:42:03 +0300 (IDT) From: Jonathan Ben Avraham [EMAIL PROTECTED] To: ILUG linux-il@cs.huji.ac.il Subject: [YBA][OT] rating for ISP ansol.co.il Hi list members, Anyone have recommendations regarding ATM Internet service from ansol.co.il? Especially re service? i.e. support - yba -- EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA~. .~ Tk Open Systems =}ooO--U--Ooo{= - [EMAIL PROTECTED] - tel: +972.2.679.5364, http://www.tkos.co.il - = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: [SOLVED] Re: [YBA] SYN dropped from Netvision timsoret
Jonathan Ben Avraham wrote: It is clear to me that in order to get high-level of service from Netvision you have to know whom to call. The regular service people will effectively prevent you from solving anything more that the simplest of problems. Didn't the hostmaster address have someone knowledgeable behind it? That is a disappointment. Shachar = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: [SOLVED] Re: [YBA] SYN dropped from Netvision timsoret
On Fri, 28 Mar 2008, Shachar Shemesh wrote: Date: Fri, 28 Mar 2008 10:26:23 +0300 From: Shachar Shemesh [EMAIL PROTECTED] To: Jonathan Ben Avraham [EMAIL PROTECTED] Cc: ILUG linux-il@cs.huji.ac.il Subject: Re: [SOLVED] Re: [YBA] SYN dropped from Netvision timsoret Jonathan Ben Avraham wrote: It is clear to me that in order to get high-level of service from Netvision you have to know whom to call. The regular service people will effectively prevent you from solving anything more that the simplest of problems. Didn't the hostmaster address have someone knowledgeable behind it? Hi Shachar, We did not try emailing hostmaster. We called Netvision support telephone number. At some point we requested to escalate, but this also did not help. - yba That is a disappointment. Shachar -- EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA~. .~ Tk Open Systems =}ooO--U--Ooo{= - [EMAIL PROTECTED] - tel: +972.2.679.5364, http://www.tkos.co.il - = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: [SOLVED] Re: [YBA] SYN dropped from Netvision timsoret
IANAL, but I gather that there is a solid cause for damages both for lack of service during that time and failing to provide support by reasonable and run-of-the-mill means. If your custoner is not a company, Small Claims Court will do just fine. Moish Jonathan Ben Avraham wrote: Hi list members, Many thanks to Shachar Shemesh and Amichai Rotman for their help on this problem. The symptoms were 50-70% packet loss on TCP packets to an address at the end of a fractional E1 (timsoret) managed by Netvision with 5-10% packet loss for ICMP. The symptoms appeared after the customer moved offices from one location to another but retained the same IP address subnet. We immediately suspected that Netvision had forgotten to remove the static routes from an internal router and that these routes were poluting a gateway router, but we expected the packet loss for TCP and ICMP to be the same. We were not able to reach people at Netvision service who would take us seriously. We kept getting first and second line service people who told us you have a firewall problem and who were sitting in front of Microsoft Windows machines and who did not know what Wireshark or tcpdump means. Even though we were able to show one of these people the problem in a way that he could reproduce it independently, Netvision would not act on the problem. Only after a week of complaints we were able to get Netvision to send an integrator to the site. After about 30 minutes the integrator called someone at Netvision who admitted that there was a routing error and fixed it. It is clear to me that in order to get high-level of service from Netvision you have to know whom to call. The regular service people will effectively prevent you from solving anything more that the simplest of problems. Regards, - yba On Sun, 23 Mar 2008, Shachar Shemesh wrote: Date: Sun, 23 Mar 2008 16:46:55 +0200 From: Shachar Shemesh [EMAIL PROTECTED] To: Jonathan Ben Avraham [EMAIL PROTECTED] Cc: ILUG linux-il@cs.huji.ac.il Subject: Re: [YBA] SYN dropped from Netvision timsoret Jonathan Ben Avraham wrote: What should we do next? apt-get install hping2 (or hping3, if you prefer) RTFM the --traceroute option. It should probably go something along the lines of: hping2 ip -S -p port num -M0 --traceroute Whenever it gets stuck, press ^Z to make it skip that hop. Do the same with a ping packet (hping2 ip -1 --traceroute), and see which router is the faulty one. Also, read about firewalking. - yba Shachar = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Updating the http://www.linux.org.il/ Site
Hi all! Today I started to update the http://www.linux.org.il/ site. What I did so far was: 1. Fix some textual errors. 2. Repair many broken URLs. 3. Update the http://www.linux.org.il/whatis page. 4. Update the events on the front page. --- Since I wasn't sure if the site contains any confidential information, I set up a private Subversion repository on my home computer and used it to maintain the site, while periodically uploading it to the main copy on tux.hamakor.org.il. Perhaps it would be a good idea to set up a closed Subversion repository for managing the site somewhere that is accessible online. Regards, Shlomi Fish - Shlomi Fish [EMAIL PROTECTED] Homepage:http://www.shlomifish.org/ I'm not an actor - I just play one on T.V. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: major packet loss at hot server
I haven't solved the problem yet. From 012 someone superior (network dep) are supposed to call me and they will put hot on conference and this time I intend to request the net admin/integrator to take care of that AND ask them to go directly to the switch and disable the firewall.The ip from where there is 75-80% packet lost is a principal switchand another 1 or 2 ips where I get additional ~15-20% packet lost. They have a harsh firewall on the main switch. ALL UDP ports are blocked. TCP also a lot of ports closed. tcptraceroute (as opposed to traceroute manages to bypass firewall) reveals that there is a firewall, although inside hot (between switches) the ports are open (firewalk). As for the problem you had last week, I am not sure, because I have static IP without dialer (MPLS) and the first 2 hops belong to hot (where the packet loss occurs) and the 3rd hop is 012. One of support guys said that is 012 blame because they are only infrastructure. 012 says it's hot ip and they are right. And I am the ball which is ping-ponged. ;-( AND ttl to my default gateway is 255. ttl for google.com is 225. But, I will try wireshark as well to check syn, syn-ack. I don't use 3 way handshake. Otherwise I will be detected. I use nmap -sS. I understand that you used -sT flag. Correct? They make troubles if you scan their net? -sT for instance? If you can tell me what exactly you ran, I will be glad. On 3/28/08, Jonathan Ben Avraham [EMAIL PROTECTED] wrote: Hi Sara, Did you solve this problem? Are you sure that it isn't a routing problem at 012 similar to what I had last week with Netvision? - yba On Fri, 21 Mar 2008, sara fink wrote: Date: Fri, 21 Mar 2008 22:10:56 +0200 From: sara fink [EMAIL PROTECTED] To: Israeli Linux mailing list linux-il@cs.huji.ac.il Subject: major packet loss at hot server Hello Everyone I am having major problem with packet loss at some hot server that sits in tel aviv. www.dnsstuff.com revealed this info. I would like to know how many people suffer from this problem. For this task mtr program is needed. The program can be downloaded at http://www.bitwizard.nl/mtr/ . The description of the program is mtr combines the functionality of the traceroute and ping programs in a single network diagnostic tool. As mtr starts, it investigates the network connection between the host mtr runs on and HOSTNAME. by sending packets with purposly low TTLs. It continues to send packets with low TTL, noting the response time of the intervening routers. This allows mtr to print the response percentage and response times of the internet route to HOSTNAME. A sudden increase in packetloss or response time is often an indication of a bad (or simply overloaded) link. After installing this program please run the command mtr google.com or even mtr walla.co.il mtr ynet.co.il I got in all 3 urls ~75% packet loss at ip 213.57.43.199 and at 213.57.43.22 (or 14) another ~20% packet loss. Please inform me how many people suffer from this problem and who is their isp. Mine is 012. but the ips mentioned belong to hot. I already talked with a nice technician at hot and he promissed to give me an answer. Meanwhile at 012 tried to help me and in the end he told me it's a operating sytem problem. I just hate to hear such stupid excuses. I tried bot with and without iptables and it's the same. Instead of solving the problem they blame the OS. And all this happens with router or without. Besides that, the first IP is actually border gateway. Thanks for your help = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] -- EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA ~. .~ Tk Open Systems =}ooO--U--Ooo{= - [EMAIL PROTECTED] - tel: +972.2.679.5364, http://www.tkos.co.il - = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
installing CentOS/RHEL without CD using PXE?
Hi, I just got an thinkpad X31 without the ultrabase, which means - no CDROM/DVD. I don't have an external CDROM/DVD (I have 6 internal DVD drives on my other machines already). So I was wondering if someone knows a way to install CentOS/RHEL (or any other Linux distribution) without using any external DVD/CD drive, without disk-on-key (the ISO image itself is about 3.6 GB). Any ideas? anyone tried to install a distribution using the PXE boot? Also, does anyone knows any Linux program which can simulate a CDROM/DVD drive with a PXE? Thanks, Hetz -- Skepticism is the lazy person's default position. my blog (hebrew): http://benhamo.org = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: installing CentOS/RHEL without CD using PXE?
CentOS/RHEL has the 'kickstart' over network mechanism for about a decade :) This is a big question, so in general: 1. The DVD contents should be available for reading on an NFS share. 2. TFTP server should supply PXE (see pxelinux), which would lead to the correct kernel + initrd (also on the tftp), with kernel parameters ks to point on your ks.cfg. 3. DHCP would give the server its IP and the path to the TFTP PXE boot. (next-server dhcp parameter). I'm sure there's plenty of docs out there about ks.. On Friday, 28 March 2008 17:41:50 Hetz Ben Hamo wrote: Hi, I just got an thinkpad X31 without the ultrabase, which means - no CDROM/DVD. I don't have an external CDROM/DVD (I have 6 internal DVD drives on my other machines already). So I was wondering if someone knows a way to install CentOS/RHEL (or any other Linux distribution) without using any external DVD/CD drive, without disk-on-key (the ISO image itself is about 3.6 GB). Any ideas? anyone tried to install a distribution using the PXE boot? Also, does anyone knows any Linux program which can simulate a CDROM/DVD drive with a PXE? Thanks, Hetz = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Updating the http://www.linux.org.il/ Site
On Friday 28 March 2008, Nadav Vinik wrote: אם כבר עדיף שתוריד את: Looking for IGLU's site? You can find it at www.iglu.org.il. עקב ירידת האתר Sorry, but I don't intend to remove this banner, as it will be a reminder that the site is down and that the Israeli FOSS community does not have an English portal to actively replace it. I hope the site will return one day. Regards, Shlomi Fish בברכה נדב On Fri, Mar 28, 2008 at 2:14 PM, Shlomi Fish [EMAIL PROTECTED] wrote: Hi all! Today I started to update the http://www.linux.org.il/ site. What I did so far was: 1. Fix some textual errors. 2. Repair many broken URLs. 3. Update the http://www.linux.org.il/whatis page. 4. Update the events on the front page. --- Since I wasn't sure if the site contains any confidential information, I set up a private Subversion repository on my home computer and used it to maintain the site, while periodically uploading it to the main copy on tux.hamakor.org.il. Perhaps it would be a good idea to set up a closed Subversion repository for managing the site somewhere that is accessible online. Regards, Shlomi Fish - Shlomi Fish [EMAIL PROTECTED] Homepage:http://www.shlomifish.org/ I'm not an actor - I just play one on T.V. ___ Board mailing list [EMAIL PROTECTED] http://hamakor.org.il/cgi-bin/mailman/listinfo/board - Shlomi Fish [EMAIL PROTECTED] Homepage:http://www.shlomifish.org/ I'm not an actor - I just play one on T.V. To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]