# [SOLVED]Ping OK but surf KO ...

## befa

hi

weird problem...

i have a interface eth0 up by dhcp

here is my ifconfig :

```
buster befa # ifconfig 

eth0      Lien encap:Ethernet  HWaddr 00:10:DC:E3:CC:E3  

          inet adr:192.168.1.20  Bcast:192.168.1.255  Masque:255.255.255.0

          UP BROADCAST NOTRAILERS RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:380 errors:0 dropped:0 overruns:0 frame:0

          TX packets:966 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 lg file transmission:1000 

          RX bytes:127210 (124.2 Kb)  TX bytes:133570 (130.4 Kb)

          Interruption:217 Adresse de base:0xec00 

```

now here is my route :

```
buster befa # route -n

Table de routage IP du noyau

Destination     Passerelle      Genmask         Indic Metric Ref    Use Iface

192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0

127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo

0.0.0.0         192.168.1.1     0.0.0.0         UG    0      0        0 eth0

```

now, here is a ping 

```
buster befa # ping linuxfr.org

PING linuxfr.org (212.27.33.225) 56(84) bytes of data.

64 bytes from a225.linuxfr.org (212.27.33.225): icmp_seq=1 ttl=57 time=22.5 ms

64 bytes from a225.linuxfr.org (212.27.33.225): icmp_seq=2 ttl=57 time=20.1 ms

64 bytes from a225.linuxfr.org (212.27.33.225): icmp_seq=3 ttl=57 time=19.8 ms

--- linuxfr.org ping statistics ---

3 packets transmitted, 3 received, 0% packet loss, time 2002ms

rtt min/avg/max/mdev = 19.832/20.822/22.521/1.217 ms

```

so i can ping every site...

but when i'm using a browser i can't see anything...

except google... but i suppose it's kinda cache...

any idea?

----------

## psychomunky

Is your browser set up to use a proxy??

Can you wget the main page from linuxfr.org??

If you can do the second, then it is a browser issue, if not, we have an ipstack or net driver issue.....

BTW, what browser(s) have you tried?

----------

## befa

i try the wget 

```
buster befa # wget http://marco.ledsn.net/projet2.html

--01:18:49--  http://marco.ledsn.net/projet2.html

           => `projet2.html'

Résolution de marco.ledsn.net... 213.186.33.19

Connexion vers marco.ledsn.net|213.186.33.19|:80...connecté.

requête HTTP transmise, en attente de la réponse...

```

for the browser i tried firefox, opera. i don't have proxy.

if we have an ipstack or net driver issue, what's the solution?i'm feeling lost...

ps: thanks for the reply, and sorry for my bad english!

----------

## psychomunky

no problems....your english is definately better than my french   :Laughing:   In fact the only way I could tell English was not your first language was when I saw your output from route -n

Anyways, I was thinking, it might not actually be a ip stack or net driver issue.  From the looks of your routing table you are behind a router/firewall of some type (perhaps hardware, perhaps another linux box).  So perhaps something has gone a little wrong with it (I have had it happen).  I am wondering if somehow your firewall started blocking port 80 on the outgoing....

You could try a couple of things.

1. see if other net utilities work...like ftp, smtp, POP, IMAP, etc....if they (or some of them) do, then maybe it is a firewall mis-configuration.

2. this option depends upon you comfort level....it will decrease your security temporarily.  Try plugging your computer straight into the internet connection, without going through the firewall.  If you do this, don't do it for long, and make sure any unnessecary services are shutdown.  If you do this, and renew your IP, and are able to browse the web, then it is your firewall/router that is misbehaving.  This will likely be the most conclusive test, but as I said, you may choose not to do it because of the security implications.

----------

## befa

thanks for my english  :Smile:   :Wink:  ... 

so i tried the ftp (but i only have a graphical one  :Sad:  ) but apparently i'm logged in ... but i can't list the directory.

i also tried IM with kopote... and no connexion...

now for the security, it's a "beta machine" a fresh new gentoo (kde+beryz+xgl) so i don't start iptables yet.

i'll turn on my own script. but we  :Wink:  have to resolve that problem before....

i'm desesperate....  :Smile: 

----------

## befa

*up*

----------

## befa

to have more information

here is my dmesg with grep on sis

```

buster befa # dmesg | grep -i sis

[   17.543543] Uncovering SIS963 that hid as a SIS503 (compatible=1)

[   17.543546] Enabling SiS 96x SMBus.

[   18.433825] Failed to disable AUX port, but continuing anyway... Is this a SiS?

[   18.930209] SIS5513: IDE controller at PCI slot 0000:00:02.5

[   18.930250] SIS5513: chipset revision 0

[   18.930252] SIS5513: not 100% native mode: will probe irqs later

[   18.930265] SIS5513: SiS 962/963 MuTIOL IDE UDMA133 controller

[   68.566548] sis900.c: v1.08.10 Apr. 2 2006

[   68.582587] eth0: SiS 900 PCI Fast Ethernet at 0xec00, IRQ 217, 00:10:dc:e3:cc:e3.

[   72.166185] agpgart: Detected SiS 648 chipset

[   72.724712] sis96x_smbus 0000:00:02.1: SiS96x SMBus base address: 0x10c0

[  110.167078] agpgart: SiS delay workaround: giving bridge time to recover.

```

and i make an other dmesg with grep on IRQ 217

```

buster befa # dmesg | grep -i irq | grep -i 217

[   68.566625] ACPI: PCI Interrupt 0000:00:04.0[A] -> GSI 19 (level, low) -> IRQ 217

[   68.582587] eth0: SiS 900 PCI Fast Ethernet at 0xec00, IRQ 217, 00:10:dc:e3:cc:e3.
```

and i have something in my /var/log/message log

```

Nov  5 04:35:55 buster [ 4243.263042] APIC error on CPU0: 00(40)Nov  5 06:40:04 buster [11673.759610] APIC error on CPU0: 40(40)

Nov  5 07:15:05 buster [13770.179069] APIC error on CPU0: 40(40)Nov  5 07:34:31 buster [14933.406814] APIC error on CPU0: 40(40)

Nov  5 08:03:06 buster [16644.283221] APIC error on CPU0: 40(40)Nov  5 08:08:17 buster [16954.565932] APIC error on CPU0: 40(40)

Nov  5 08:09:04 buster [17001.204741] APIC error on CPU0: 40(40)Nov  5 08:44:20 buster [19112.832507] APIC error on CPU0: 40(40)

Nov  5 09:54:10 buster [23292.640412] APIC error on CPU0: 40(40)Nov  5 10:01:02 buster [23703.397672] APIC error on CPU0: 40(40)

```

i think it's the last shot... if i don't resolve that i give gentoo to go back first love (debian) ...

help me please

----------

## Tyrius

When you do the pings and wget are you using the same user that you are trying to use with the web browser. I ask this question as it could be something like your resolv.conf file in /etc has the wrong permissions and so the web browser cannot work out how to get to a DNS server. To see if this is the problem you could try to do http://<insert IP address here>/ and see if that works.

----------

## befa

i also try that... but it's the same wether i'm root or a user...

any other idea?

what 'bout ipstack? or eth0 module?

maybe something to recompile in my kernel...

----------

## befa

problem solved.

here is the solution

```
echo 4096 87380 174760 > /proc/sys/net/ipv4/tcp_rmem
```

apparently the last numbers are not good on the 2.6.17 2.6.18 kernel. so i took the 2.6.16 numbers and it works great  :Smile: 

later dudes

----------

## psychomunky

Hrm....how bizarre.....how the hell did you ever figure that out??

----------

## befa

 *psychomunky wrote:*   

> Hrm....how bizarre.....how the hell did you ever figure that out??

 

someone told me about TCP window scaling...so i try to look after that. finally it wasn't the scale but the allocation of mermory of the incoming buffer. i was miles away from that solution...

anyway now it works, thanks for reading and helping me  :Wink: 

one more thing apparently it's "kinda" recurent on 2.6.17 and 2.6.18 kernel...

have fun and take care!

----------

