[YBA][OT] rating for ISP ansol.co.il
Hi list members,
Anyone have recommendations regarding ATM Internet service from
ansol.co.il? Especially re service?
- yba
--
EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA~. .~ Tk Open Systems
=}ooO--U--Ooo{=
- [EMAIL PROTECTED] - tel: +972.2.679.5364, http://www.tkos.co.il -
=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word unsubscribe in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
[SOLVED] Re: [YBA] SYN dropped from Netvision timsoret
Hi list members,
Many thanks to Shachar Shemesh and Amichai Rotman for their help on this
problem.
The symptoms were 50-70% packet loss on TCP packets to an address at the
end of a fractional E1 (timsoret) managed by Netvision with 5-10% packet
loss for ICMP.
The symptoms appeared after the customer moved offices from one location
to another but retained the same IP address subnet.
We immediately suspected that Netvision had forgotten to remove the static
routes from an internal router and that these routes were poluting a
gateway router, but we expected the packet loss for TCP and ICMP to be the
same.
We were not able to reach people at Netvision service who would take us
seriously. We kept getting first and second line service people who
told us you have a firewall problem and who were sitting in front of
Microsoft Windows machines and who did not know what Wireshark or
tcpdump means. Even though we were able to show one of these people the
problem in a way that he could reproduce it independently, Netvision would
not act on the problem.
Only after a week of complaints we were able to get Netvision to send an
integrator to the site. After about 30 minutes the integrator called
someone at Netvision who admitted that there was a routing error and fixed
it.
It is clear to me that in order to get high-level of service from
Netvision you have to know whom to call. The regular service people will
effectively prevent you from solving anything more that the simplest of
problems.
Regards,
- yba
On Sun, 23 Mar 2008, Shachar Shemesh wrote:
Date: Sun, 23 Mar 2008 16:46:55 +0200
From: Shachar Shemesh [EMAIL PROTECTED]
To: Jonathan Ben Avraham [EMAIL PROTECTED]
Cc: ILUG linux-il@cs.huji.ac.il
Subject: Re: [YBA] SYN dropped from Netvision timsoret
Jonathan Ben Avraham wrote:
What should we do next?
apt-get install hping2 (or hping3, if you prefer)
RTFM the --traceroute option. It should probably go something along the lines
of:
hping2 ip -S -p port num -M0 --traceroute
Whenever it gets stuck, press ^Z to make it skip that hop.
Do the same with a ping packet (hping2 ip -1 --traceroute), and see which
router is the faulty one.
Also, read about firewalking.
- yba
Shachar
=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word unsubscribe in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
--
EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA~. .~ Tk Open Systems
=}ooO--U--Ooo{=
- [EMAIL PROTECTED] - tel: +972.2.679.5364, http://www.tkos.co.il -
=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word unsubscribe in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
Re: [YBA][OT] rating for ISP ansol.co.il
On Fri, 28 Mar 2008, Jonathan Ben Avraham wrote:
Date: Fri, 28 Mar 2008 09:42:03 +0300 (IDT)
From: Jonathan Ben Avraham [EMAIL PROTECTED]
To: ILUG linux-il@cs.huji.ac.il
Subject: [YBA][OT] rating for ISP ansol.co.il
Hi list members,
Anyone have recommendations regarding ATM Internet service from ansol.co.il?
Especially re service?
i.e. support
- yba
--
EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA~. .~ Tk Open Systems
=}ooO--U--Ooo{=
- [EMAIL PROTECTED] - tel: +972.2.679.5364, http://www.tkos.co.il -
=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word unsubscribe in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
Re: [SOLVED] Re: [YBA] SYN dropped from Netvision timsoret
Jonathan Ben Avraham wrote: It is clear to me that in order to get high-level of service from Netvision you have to know whom to call. The regular service people will effectively prevent you from solving anything more that the simplest of problems. Didn't the hostmaster address have someone knowledgeable behind it? That is a disappointment. Shachar = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: [SOLVED] Re: [YBA] SYN dropped from Netvision timsoret
On Fri, 28 Mar 2008, Shachar Shemesh wrote:
Date: Fri, 28 Mar 2008 10:26:23 +0300
From: Shachar Shemesh [EMAIL PROTECTED]
To: Jonathan Ben Avraham [EMAIL PROTECTED]
Cc: ILUG linux-il@cs.huji.ac.il
Subject: Re: [SOLVED] Re: [YBA] SYN dropped from Netvision timsoret
Jonathan Ben Avraham wrote:
It is clear to me that in order to get high-level of service from Netvision
you have to know whom to call. The regular service people will effectively
prevent you from solving anything more that the simplest of problems.
Didn't the hostmaster address have someone knowledgeable behind it?
Hi Shachar,
We did not try emailing hostmaster. We called Netvision support
telephone number. At some point we requested to escalate, but this also
did not help.
- yba
That is a disappointment.
Shachar
--
EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA~. .~ Tk Open Systems
=}ooO--U--Ooo{=
- [EMAIL PROTECTED] - tel: +972.2.679.5364, http://www.tkos.co.il -
=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word unsubscribe in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
Re: [SOLVED] Re: [YBA] SYN dropped from Netvision timsoret
IANAL, but I gather that there is a solid cause for damages both for lack of service during that time and failing to provide support by reasonable and run-of-the-mill means. If your custoner is not a company, Small Claims Court will do just fine. Moish Jonathan Ben Avraham wrote: Hi list members, Many thanks to Shachar Shemesh and Amichai Rotman for their help on this problem. The symptoms were 50-70% packet loss on TCP packets to an address at the end of a fractional E1 (timsoret) managed by Netvision with 5-10% packet loss for ICMP. The symptoms appeared after the customer moved offices from one location to another but retained the same IP address subnet. We immediately suspected that Netvision had forgotten to remove the static routes from an internal router and that these routes were poluting a gateway router, but we expected the packet loss for TCP and ICMP to be the same. We were not able to reach people at Netvision service who would take us seriously. We kept getting first and second line service people who told us you have a firewall problem and who were sitting in front of Microsoft Windows machines and who did not know what Wireshark or tcpdump means. Even though we were able to show one of these people the problem in a way that he could reproduce it independently, Netvision would not act on the problem. Only after a week of complaints we were able to get Netvision to send an integrator to the site. After about 30 minutes the integrator called someone at Netvision who admitted that there was a routing error and fixed it. It is clear to me that in order to get high-level of service from Netvision you have to know whom to call. The regular service people will effectively prevent you from solving anything more that the simplest of problems. Regards, - yba On Sun, 23 Mar 2008, Shachar Shemesh wrote: Date: Sun, 23 Mar 2008 16:46:55 +0200 From: Shachar Shemesh [EMAIL PROTECTED] To: Jonathan Ben Avraham [EMAIL PROTECTED] Cc: ILUG linux-il@cs.huji.ac.il Subject: Re: [YBA] SYN dropped from Netvision timsoret Jonathan Ben Avraham wrote: What should we do next? apt-get install hping2 (or hping3, if you prefer) RTFM the --traceroute option. It should probably go something along the lines of: hping2 ip -S -p port num -M0 --traceroute Whenever it gets stuck, press ^Z to make it skip that hop. Do the same with a ping packet (hping2 ip -1 --traceroute), and see which router is the faulty one. Also, read about firewalking. - yba Shachar = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Updating the http://www.linux.org.il/ Site
Hi all! Today I started to update the http://www.linux.org.il/ site. What I did so far was: 1. Fix some textual errors. 2. Repair many broken URLs. 3. Update the http://www.linux.org.il/whatis page. 4. Update the events on the front page. --- Since I wasn't sure if the site contains any confidential information, I set up a private Subversion repository on my home computer and used it to maintain the site, while periodically uploading it to the main copy on tux.hamakor.org.il. Perhaps it would be a good idea to set up a closed Subversion repository for managing the site somewhere that is accessible online. Regards, Shlomi Fish - Shlomi Fish [EMAIL PROTECTED] Homepage:http://www.shlomifish.org/ I'm not an actor - I just play one on T.V. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: major packet loss at hot server
I haven't solved the problem yet. From 012 someone superior (network
dep) are supposed to call me and they will put hot on conference and
this time I intend to request the net admin/integrator to take care of
that AND ask them to go directly to the switch and disable the
firewall.The ip from where there is 75-80% packet lost is a principal
switchand another 1 or 2 ips where I get additional ~15-20% packet
lost. They have a harsh firewall on the main switch. ALL UDP ports
are blocked. TCP also a lot of ports closed.
tcptraceroute (as opposed to traceroute manages to bypass firewall)
reveals that there is a firewall, although inside hot (between
switches) the ports are open (firewalk). As for the problem you had
last week, I am not sure, because I have static IP without dialer
(MPLS) and the first 2 hops belong to hot (where the packet loss
occurs) and the 3rd hop is 012. One of support guys said that is 012
blame because they are only infrastructure. 012 says it's hot ip and
they are right. And I am the ball which is ping-ponged. ;-(
AND ttl to my default gateway is 255. ttl for google.com is 225.
But, I will try wireshark as well to check syn, syn-ack. I don't use 3
way handshake. Otherwise I will be detected. I use nmap -sS. I
understand that you used -sT flag. Correct?
They make troubles if you scan their net? -sT for instance?
If you can tell me what exactly you ran, I will be glad.
On 3/28/08, Jonathan Ben Avraham [EMAIL PROTECTED] wrote:
Hi Sara,
Did you solve this problem?
Are you sure that it isn't a routing problem at 012 similar to what I had
last week with Netvision?
- yba
On Fri, 21 Mar 2008, sara fink wrote:
Date: Fri, 21 Mar 2008 22:10:56 +0200
From: sara fink [EMAIL PROTECTED]
To: Israeli Linux mailing list linux-il@cs.huji.ac.il
Subject: major packet loss at hot server
Hello Everyone
I am having major problem with packet loss at some hot server that
sits in tel aviv. www.dnsstuff.com revealed this info.
I would like to know how many people suffer from this problem.
For this task mtr program is needed. The program can be downloaded at
http://www.bitwizard.nl/mtr/ .
The description of the program is mtr combines the functionality
of the traceroute and ping programs in a single network diagnostic
tool.
As mtr starts, it investigates the network connection between the
host mtr runs on and HOSTNAME. by sending packets with purposly
low TTLs. It continues to send packets with low TTL, noting the
response time of the intervening routers. This allows mtr to print
the response percentage and response times of the internet route
to HOSTNAME. A sudden increase in packetloss or response time
is often an indication of a bad (or simply overloaded) link.
After installing this program please run the command mtr google.com or
even mtr walla.co.il mtr ynet.co.il
I got in all 3 urls ~75% packet loss at ip 213.57.43.199 and at
213.57.43.22 (or 14) another ~20% packet loss.
Please inform me how many people suffer from this problem and who is
their isp. Mine is 012. but the ips mentioned belong to hot.
I already talked with a nice technician at hot and he promissed to
give me an answer. Meanwhile at 012 tried to help me and in the end he
told me it's a operating sytem problem. I just hate to hear such
stupid excuses. I tried bot with and without iptables and it's the
same. Instead of solving the problem they blame the OS. And all this
happens with router or without.
Besides that, the first IP is actually border gateway.
Thanks for your help
=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word unsubscribe in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
--
EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA ~. .~ Tk Open
Systems
=}ooO--U--Ooo{=
- [EMAIL PROTECTED] - tel: +972.2.679.5364, http://www.tkos.co.il -
=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word unsubscribe in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
installing CentOS/RHEL without CD using PXE?
Hi, I just got an thinkpad X31 without the ultrabase, which means - no CDROM/DVD. I don't have an external CDROM/DVD (I have 6 internal DVD drives on my other machines already). So I was wondering if someone knows a way to install CentOS/RHEL (or any other Linux distribution) without using any external DVD/CD drive, without disk-on-key (the ISO image itself is about 3.6 GB). Any ideas? anyone tried to install a distribution using the PXE boot? Also, does anyone knows any Linux program which can simulate a CDROM/DVD drive with a PXE? Thanks, Hetz -- Skepticism is the lazy person's default position. my blog (hebrew): http://benhamo.org = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: installing CentOS/RHEL without CD using PXE?
CentOS/RHEL has the 'kickstart' over network mechanism for about a decade :) This is a big question, so in general: 1. The DVD contents should be available for reading on an NFS share. 2. TFTP server should supply PXE (see pxelinux), which would lead to the correct kernel + initrd (also on the tftp), with kernel parameters ks to point on your ks.cfg. 3. DHCP would give the server its IP and the path to the TFTP PXE boot. (next-server dhcp parameter). I'm sure there's plenty of docs out there about ks.. On Friday, 28 March 2008 17:41:50 Hetz Ben Hamo wrote: Hi, I just got an thinkpad X31 without the ultrabase, which means - no CDROM/DVD. I don't have an external CDROM/DVD (I have 6 internal DVD drives on my other machines already). So I was wondering if someone knows a way to install CentOS/RHEL (or any other Linux distribution) without using any external DVD/CD drive, without disk-on-key (the ISO image itself is about 3.6 GB). Any ideas? anyone tried to install a distribution using the PXE boot? Also, does anyone knows any Linux program which can simulate a CDROM/DVD drive with a PXE? Thanks, Hetz = To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Updating the http://www.linux.org.il/ Site
On Friday 28 March 2008, Nadav Vinik wrote: אם כבר עדיף שתוריד את: Looking for IGLU's site? You can find it at www.iglu.org.il. עקב ירידת האתר Sorry, but I don't intend to remove this banner, as it will be a reminder that the site is down and that the Israeli FOSS community does not have an English portal to actively replace it. I hope the site will return one day. Regards, Shlomi Fish בברכה נדב On Fri, Mar 28, 2008 at 2:14 PM, Shlomi Fish [EMAIL PROTECTED] wrote: Hi all! Today I started to update the http://www.linux.org.il/ site. What I did so far was: 1. Fix some textual errors. 2. Repair many broken URLs. 3. Update the http://www.linux.org.il/whatis page. 4. Update the events on the front page. --- Since I wasn't sure if the site contains any confidential information, I set up a private Subversion repository on my home computer and used it to maintain the site, while periodically uploading it to the main copy on tux.hamakor.org.il. Perhaps it would be a good idea to set up a closed Subversion repository for managing the site somewhere that is accessible online. Regards, Shlomi Fish - Shlomi Fish [EMAIL PROTECTED] Homepage:http://www.shlomifish.org/ I'm not an actor - I just play one on T.V. ___ Board mailing list [EMAIL PROTECTED] http://hamakor.org.il/cgi-bin/mailman/listinfo/board - Shlomi Fish [EMAIL PROTECTED] Homepage:http://www.shlomifish.org/ I'm not an actor - I just play one on T.V. To unsubscribe, send mail to [EMAIL PROTECTED] with the word unsubscribe in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
