![]() |
Network wierdness
This is really strange. My main machine doesn't seem to be able to get out on the network (beyond the router) using Safari, ftp, iTunes, iChat, etc. I'm using explorer now and can ping the Apple site. This happens every few days and I have to reboot the machine to get things working again.
There are other machines on the net and their communications work just fine. I can 'speak' to them from the main machine and they have access to the net from all apps. dp500g4 10.2.6 1.5G RAM Comcast cable SMC7004 Router Any ideas? (Besides rebooting :) ) Jim |
Got a firewall running? Are you getting your IP via DHCP? Can you nail it down to a certain time frame?
|
Sorry.. clarifications on my questions. Are you running a firewall locally on the Mac. Also, has it ever worked, or has this always plagued you?
|
This has been an on and off again thing. It occurs every few days and this is the second router I've used. Same make and model each time. The IP addresses are hard-coded for the machines generally on the net and DHCP-provided for sometime guests.
I'm running the local OS X firewall as my machine is in DMZ (Web server). Jim |
And without the firewall running, does it drop off the network?
|
It drops off regardless of the local firewall. I'm currently using IE to post this and Safari can't make a connection to the net. Both on the same machine.
Jim |
Anything in the logs then? /var/log/system.log or in /Applications/Utilities/Console?
|
I wonder if this is related to the awake from sleep problem that's around. My system is set
to never sleep and there's even a CRON comand that keeps the FireWire drives alive. The Monitor, however, does sleep... From /var/log/system.log: Code:
Jun 28 10:10:00 localhost CRON[8121]: (jim) CMD (ls /Volumes/fire1 > /dev/null) |
Monitor sleep won't efffect network connectivity..
DNSAgent: dns_send_query_server - send failed for 65.169.224.2 DNSAgent: dns_send_query_server - send failed for 12.242.16.115 Are these by any chance the addresses that you supplied to the Mac for your DNS? If so, are you allowing UDP (port 53) in from them? |
i don't think those DNS IP's exist.
|
65.169.224.2 is owned by Comcast Cable
12.242.16.115 is owned by AT&T Worldnet (!owned, read registered instead) |
I'm not supplying them explicitly in the Mac. They've been entered into the SMC router. I still have no connection and the internal firewall's off. I just opened them, turned on the firewall and toggled the network off/on.
Here's the log: Code:
Jun 28 13:15:22 localhost configd[110]: executing /System/Library/SystemConfiguration/Kicker.bundle/Resources/restart-AppleTalk |
Quote:
|
Quote:
into the internet preferences of OS X and the WAN portion of the router setup. |
Quote:
nslookup reports them as "Non-existent host/domain" DNS servers are down? try some other ones temporarily: 207.69.188.186 207.69.188.185 207.69.188.187 |
65.169.224.2 looks like a DNS server to me..
At least it's a box that provides DNS. yellow% sudo nmap -sU -p 53 65.169.224.2 Starting nmap V. 3.00 ( www.insecure.org/nmap/ ) Interesting ports on (65.169.224.2): Port State Service 53/udp open domain 12.242.16.115 isn't answering. Well it's pretty odd either way. Oddest part is that IE works as normal but nothing else does. Someone spoofing perhaps? Not likely. |
Jim, are you using the Apple ipfw GUI or ipfw at the command line?
|
Quote:
|
Quote:
Maybe I've done that sometime in the past. Is there a way to check the files involved? |
I use it at the CLI, so I don't know where Apple keeps their rules, or plist, or any of it :(
And this has happened on and off since you got the Mac, or installed OS X, or some other identifiable action/event/time? |
Quote:
#@$$@!! |
BTW, I agree with you mT, that DNS should have a name associated with it's IP. Weird. Wonder where those addys are coming from.
Jim, lets get back to basics. In IE you can go to http://www.yahoo.com In Safari, you get a time out? But you can ping www.yahoo.com? |
Quote:
|
Can we associate an attempt to get to yahoo in Safari & some entries in your system.log?
|
Quote:
|
Sorry, I'm stumped. There are a lot of ways to go from here. Reboot and trying another user, reinstalling the 10.2.6 combo patch, ad naseum.
Seems odd to me that your machine thinks it's hostname is localhost and you can still get out on the net. |
Quote:
|
do you have tcpdump installed? If not, you can install it via fink. Then run:
Code:
sudo tcpdump -i en0Also, have you tried bypassing DNS entirely in safari and using http://216.109.125.69/ directly? J |
isolate the DNS issue
Quote:
[edit] I see that JavaOSX has just suggested the same thing. But I note that when I do 'ping www.yahoo.com', I get: Code:
PING www.yahoo.akadns.net (216.109.125.78): 56 data bytes |
Re: isolate the DNS issue
Code:
$ nslookup www.yahoo.com |
Thanks to all for your help. I'll keep the comments and try tcpdump next time this problem occurs. As for now, I restarted and the problem went away. But, like Arnold, it'll be back...
Jim |
hmm, can we see your mtu? and any proxy definitions?
Code:
$ ifconfig | grep mtu |
Quote:
Code:
% ifconfig | grep mtu |
jim, [i] re-read the thread. you mentioned DMZ.
could you map your entire network architecture for us? ISP to your LAN and each device/host and the config'd roles of each. |
It looks to me like from your ifconfig you have two ethernet interfaces up and running. what does ifconfig -a show for the addressess? two interfaces on the same logical network but on different physical networks would cause the sporadic problems you see. It woould be hellpful to also see;
"netstat -rn" because this tells you the default route to take if the destination address is not on the local network. so do: ifconfig -a and netstat -rn on my system it looks like this: estination Gateway Flags Refs Use Netif Expire default 192.168.1.1 UGSc 22 6 en0 the 192.168.1.1 is the router and I only have 1 interface running. |
Quote:
Code:
[localhost:~] jim% ifconfig -a |
your interface and routing table looks fine, so u will need to look elsewhere.
Please be sure anothe rmachine hasn't "captured" your IP address; i.e. another machine has the same address or DHCP is serving this up to another machine. It would do this only if the DHCP server had the address in its range to serve up and someone also hardcoded it, too (granted, a long shot). No two machines can have the same IP address on the same LAN. So when it happens, again, check the other machines. normally, you can "look" from your machine via arp -a to see if another ethernet address also has your IP address. once the local lan is "cleared" then the issue is routing and NAT or the firewall. I don't know what router u have, but since you are on the "inside" the router must be told to forward incoming packets to you (there is usually a DMZ setting). I haven't used the firewall, but it's possible to deactivate some rules but the FW may still filter and you must totally unload the firewall module. If the other machines are fine then it's unlikely the router and must be local to your machine (or dup IP) and I would lean towards the firewall if you have been using it. see man ipfw. network problems are tough to debug via email... ;) |
Quote:
I've disabled the local firewall for now and am depending on the router's firewall for protection. Merve suggested that as well. (Thanks) The IP addresses are, for the most part, pre-assigned with a specific range served dynamically for "guests." Now I wait... :) |
I have been having this SAME PROBLEM, pretty much. Safari, after a while, stops connecting to web sites. IE still works. I can ping, tracert, etc, from Terminal, and I can see other machines on the network. FTP, mail are AOK.
Safari CAN access my router's webpage. |
Jim-
I realized you and I have similar routers (I have the SMC 7004VWBR wireless). I downloaded and installed the firware upgrade, then did a hard reset and reentered my data. Now Safari works without rebooting! I'm crossing my fingers, but in the meantime you might want to give it a try. |
Quote:
Does using a firewall have anything to do with network not working? I use ipfw from the command line. The problem I'm facing is not being able to achieve full duplex settings. ifconfig shows full duplex active but even ping does not work. When I bring the interface down, /var/log/system.log shows interface comes up in half duplex. And ifconfig shows media : full-duplex ( <half-duplex> ) What could the problem be? Is full duplex mode unsupported in OS X? Where can I get help from? |
Ipfw should not affect your duplex settings at all. Typically if there is a duplex negotiation problem, it's with the router. The computer simply does what it's told by the router.
|
Is it possible that this is a rounting table issue on this specific computer ? Just asking as this does happen from time to time on the Windows based PCs here at work and the symptoms are that some items will be able to connect, but not others... Just asking about this as it would seem that this is the only machine having this issue.
|
Very Similar Intermittent Issue
Ok, for weeks I've been struggling trying to figure out why I lose Internet access on my Mac Pro - not just Safari, but any web browser, Mail, Remote Desktop - I do retain access to any local resources however.
The particulars: Mac Pro, 10.4.9, all latest patches. Wired 100 Base T, static IP, no local firewall. Connected to a 100 Base T switch - switch connected to a Secure Computing firewall. Firewall is configured to allow complete access to the web from my static IP. Computer does not sleep; monitors does. DNS is set to the router; router DNS is from the cable company When it works, it works fine. Every few days, I start to experience obvious slowdowns, then no access to the Internet. I have several other computer, both wired and wireless, and they all continue to access the internet without an issue. The simplest fix for me is to unplug my ethernet cable from the back of the router, wait 10 seconds, and plug it back in - everything comes back fine until the next time. I've tried both enet ports, and different patch cable and ethernet switch. I've tried different DNS, but it doesn't and shouldn't matter given the other computers' continued access. I've not yet tried antoher use account - the problem is intermittment enough, and all my user stuff is of course unavailable if I play around in another account, so I'm wondering what I should look for in terms of logs? I can fumfer around in Terminal if someone tells me what to do... Thanks |
1) Do you really lose access to the Internet, or just to the web? E.g. does email work?
2) Is the problem merely a DNS problem? You can test this by using IP addresses instead of host names. E.g. instead of trying http://www.apple.com try: http://17.254.0.91 |
| All times are GMT -5. The time now is 09:31 PM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
Site design © IDG Consumer & SMB; individuals retain copyright of their postings
but consent to the possible use of their material in other areas of IDG Consumer & SMB.