?
Solved

Some computers can't access Yahoo at www.yahoo.com

Posted on 2011-05-04
16
Medium Priority
?
408 Views
Last Modified: 2012-05-11
We have about a dozen computers.  All work thorugh the same firewall with different web filters applied.  Which web filter is applied seems to not affect the outcome.
Only computers working through a particular managed switch have the problem:

- www.yahoo.com loads very slowly if at all .. but mostly slowly.
- the page doesn't come up looking "normal" with much of the structure and alignment missing.

Yet, the same computer can access other websites including the Yahoo Calendar page just fine.
IE, Firefox and Chrom are all affected.

I'm thinking this has to be the switch as I've seen "weird" results from flaky switches.  Rebooting the switch does no good.

I'm going to go deal with it tomorrow and would like some opinions, experiences, etc.
0
Comment
Question by:Fred Marshall
  • 7
  • 2
  • 2
  • +2
14 Comments
 
LVL 15

Expert Comment

by:alienvoice
ID: 35694970
Can you swap put the switch as a testing measure? Seems odd it is stripping the site of structure.

Or even move a currently working computer on to that switch and see if it occurs, (after deleting local cache and so on).
0
 
LVL 9

Expert Comment

by:Brian
ID: 35695162
If there are VLANs involved could be another computer or device on the VLAN causing the issue. Seems odd that a switch would be so site specific, even a managed switch.
0
 
LVL 26

Author Comment

by:Fred Marshall
ID: 35698782
My plan is to restore the switch firmware and configuration.
If that doesn't work then replace it.

I have seen this type of thing with switches in the past.  Some web pages work / others don't.  VERY hard to know/diagnose because it looks so much like a software issue.  Usually a reboot fixes it though...

Also Malwarebytes doesn't update which initially caused me to go down a "parasite" path until I learned that this applied to all computers on the switch.  So, I'm tackling the switch first.
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 15

Expert Comment

by:alienvoice
ID: 35703349
Tell us how you go.
0
 
LVL 26

Author Comment

by:Fred Marshall
ID: 35703406
Some terminology / topology:

Switch #1 (office switch) aggregates quite a few computers and connects to:
Switch #2 (LAN switch) which aggregates a bit more stuff on the LAN and connects to:
Firewall which connects to:
Switch #3 (Internet switch) which aggregates public IP addressed devices and connects to:
ADSL modem.

I replaced the managed switch #1 (with a plain dumb switch #1) and things seemed to be fixed.
Now I understand that it's not fixed....
So I'm going back in the morning.

Things remaining to look at:

- The firewall filters web access according to computer LAN IP addresses.  So, will look more at firewall web filtering - even though computers on the switch and not on the switch are using different filters.  i.e. If they are on the switch they seem to fail no matter their filter status.

- State of the connectors and cabling.  I may have seen a change in behavior when I was changing switch #1 but can't be sure.

Will likely introduce another/new managed switch #1 so I can see errors on the ports at that point.
Currently don't see errors coming out of the replacement switch arriving at the upstream switch #2.

I believe Yahoo main page www.yahoo.com remains a/the problem.  Very strange......
0
 
LVL 9

Expert Comment

by:Brian
ID: 35703928
Do you have issues with other content heavy main pages like msn or other main landing page?
Have you tried wireshark to see if you can see any strange traffic on the network?
0
 
LVL 26

Author Comment

by:Fred Marshall
ID: 35706842
No.  It appears not to affect other websites although I do recall one isolated failures to connect via a VPN device.  But those tend to happen now and then and are usually fixed with a computer reboot - this one was.
Yes I have used Wireshark and nothing jumps out.
Also have looked at switch port errors on Switch #2.  All 0.

I'm going to switch ports on Switch #2 where Switch #1 connects.
Switch #2 is a potential candidate for swapping out.

I'm going to investigate for parasites.
0
 
LVL 26

Author Comment

by:Fred Marshall
ID: 35707878
OK.  I've got one computer that works and another that doesn't.  They happen to be on different switches at the Switch #1 level but that seems to make no difference as others fail where one works...

I'm doing this transaction: Open www.yahoo.com

On the one that works there are only three http packets and lots of TCP packets.
On the one that fails (goes very slowly and finally renders a page with only simple text really) there are lots of http packets that say "continuation or non http".  Nothing more obvious yet....
0
 
LVL 26

Author Comment

by:Fred Marshall
ID: 35709696
It appears that I found a "workaround" for now.  Not entirely satisfying but it seemed
to work - after a lot of work.  Here are the details:

- As before, www.yahoo.com would not open reliably on SOME/most computers.  It either timed out, normally
opened VERY slowly and then only text appeared.  
- While I was on site, it was reported that the Yahoo calendar also had trouble: - it
opened slowly and then would not switch to other months.

By accident I discovered this fix:

- on EACH computer on the network do this:
1) demonstrate that one of the known problems exist (as above)
2) log into the SSG-5 firewall
3) turn off antivirus and web screening on the profile associated with the computer in
use.
4) demonstrate that now the known problems go away.
5) turn back on antivirus and web screening for that same profile.
6) demonstrate that the problems remain gone.
Again, this had to be done on EACH computer.  Very strange.

This "feels like" an ARP cache sort of issue.  Although I had cleared the ARP cache on the firewall
recently.....
And, we had not changed anything on this network for quite a long time.  The problem just "appeared".

The nagging questions that remain:
- how could this be in the first place?
- will it return just as unexpectedly as it appeared this time?
- what happens if we reboot the firewall?  I don't even want to think about it!!
- etc.

0
 
LVL 4

Expert Comment

by:eli_cook
ID: 35710682
Does the Juniper have stateful packet inspection? I have seen SPI cause problems with websites (on other firewalls) - maybe try switching it off if it is on?
0
 
LVL 26

Author Comment

by:Fred Marshall
ID: 35808851
The problem cured itself with no explanation re: what was causing it.  
0
 
LVL 26

Accepted Solution

by:
Fred Marshall earned 0 total points
ID: 35962858
No objection.  But I think we just found the cause:

The ISP switched us from PPPoA to PPPoE.  As I understand it, PPPoE carries higher packet overhead.  
Changing TCP MSS from 1500 to 1350 on the internet firewall (SSG-5) seems to have fixed the problem.  Without this, apparently there will be fragmented packets.  Why only some pages, some times on some computers eludes me!

But it seems to be fixed with this setting change.
0
 
LVL 71

Expert Comment

by:Qlemo
ID: 35964301
I've requested that this question be deleted for the following reason:

This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0
 
LVL 71

Expert Comment

by:Qlemo
ID: 35964302
CV Objection: Solution posted by OP in http:#a35962858, should be accepted.

Qlemo
Cleanup Volunteer
0

Featured Post

Restore individual SQL databases with ease

Veeam Explorer for Microsoft SQL Server delivers an easy-to-use, wizard-driven interface for restoring your databases from a backup. No expert SQL background required. Web interface provides a complete view of all available SQL databases to simplify the recovery of lost database

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
LinkedIn blogging is great for networking, building up an audience, and expanding your influence as well. However, if you want to achieve these results, you need to work really hard to make your post worth liking and sharing. Here are 4 tips that ca…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

750 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question