# [Solved] Can't access some pages with any browser

## heikkikk

Hello.

I have trouble accessing several sites, such as aireuropa.com s-pankki.fi and paypal.com

with Gentoo Linux.

I've had this problem for months already.

I was thinking it is a Network problem from the internet provider, but then i booted to Windows 10 and all works fine there.

So in Gentoo I have tried Google-Chrome-stable and Firefox

Both binary packages.

Most sites work fine, including https:// sites.

Also if i share the connection using wifi from my laptop to my phone, the phone can't access these sites, but with mobile Network it can Access the sites fine.

So it has to be a problem of Gentoo.

Where to dig further??Last edited by heikkikk on Tue Mar 24, 2020 3:30 pm; edited 1 time in total

----------

## heikkikk

wgetpaste -c "emerge -pvuDU --backtrack=120 --verbose-conflicts @world"

http://dpaste.com/3X9NBS0

----------

## Hund

What happens when you try to access the websites? Any error messages? Have you tried doing a traceroute?

----------

## The Doctor

 *heikkikk wrote:*   

> Also if i share the connection using wifi from my laptop to my phone, the phone can't access these sites, but with mobile Network it can Access the sites fine.

 Ahh... these symptoms are known to me.

Try editing /etc/resolv.conf and replace the automatically generated nameserver with nameserver 8.8.8.8 and check to see if you can access the problem websites. This is temporary to diagnose the problem and will be overwritten the next time dhcpcd is called.

Short answer is your provider is the problem. They have a terrible nameserver and windows covers for them whereas Linux will not. You need to simply switch to a more reliable one, although you may or may not want to use google long term. This is typical of many small providers.

----------

## heikkikk

 *Hund wrote:*   

> What happens when you try to access the websites? Any error messages? Have you tried doing a traceroute?

 

Waiting for www.aireuropa.com...

it loads half way the site but not completely.

traceroute last lines:

traceroute www.aireuropa.com

```

 7  * * *

 8  10.111.3.38 (10.111.3.38)  20.836 ms 10.111.3.30 (10.111.3.30)  20.843 ms  20.826 ms

 9  190.238.35.202 (190.238.35.202)  23.191 ms  23.173 ms  23.116 ms

10  * * *

11  * * *

12  * * *

13  * * *

14  * * *

15  * * *

16  * * *

17  * * *

18  * * *

19  * * *

20  * * *

21  * * *

22  * * *

23  * * *

24  * * *

25  * * *

26  * * *

27  * * *

28  * * *

29  * * *

30  * * *

```

----------

## heikkikk

 *The Doctor wrote:*   

> 
> 
> Try editing /etc/resolv.conf and replace the automatically generated nameserver with nameserver 8.8.8.8 and check to see if you can access the problem websites. 

 

Not helping, but thanks.

----------

## Banana

What does the browser network information say as you try to access those sites?

chrome: https://developers.google.com/web/tools/chrome-devtools/network

FF: https://developer.mozilla.org/de/docs/Tools/netzwerkanalyse/toolbar

Do you have any custom proxy or DNS settings or maybe some browser plugins installed?

Also, what happends if you try to visit those sites with links https://en.wikipedia.org/wiki/Links_(web_browser) ?

----------

## heikkikk

aireuropa.com 408 request timed out

favicon.ico 408 request timed out

with "links" it opens ok.

And no, i do not have any special dns/network things, nor any vps. Just a normal wired connection.

In Firefox no plugins.

----------

## heikkikk

Now aireuropa.com shows me in Chrome:

Request Timeout

The server timed out while waiting for the browser's request.

Reference #2.b6be3cc8.1584980645.0

----------

## Banana

firewall?

----------

## heikkikk

 *Banana wrote:*   

> firewall?

 

Not that i know. In Linux i do not have a firewall, and everything works in Windows so -> Can't be firewall, imho.

----------

## The Doctor

Actually it can be. What settings are on your router? It has its own internal firewall and sometimes they don't play well with linux. I've seen that as well. I don't know why the networking stacks in linux and windows are so different but they are.

----------

## heikkikk

If the problem is the router, there is nothing i can do.

i just have a plug on the wall, i have no access to the router.

----------

## Hu

My first thought on reading this thread is broken PMTU discovery.  From man iptables-extensions:

```
       This target is used to overcome criminally braindead  ISPs  or  servers

       which  block  "ICMP  Fragmentation  Needed"  or "ICMPv6 Packet Too Big"

       packets.  The symptoms of this problem are that everything  works  fine

       from  your  Linux  firewall/router,  but  machines  behind it can never

       exchange large packets:

       1.  Web browsers connect, then hang with no data received.

       2.  Small mail works fine, but large emails hang.

       3.  ssh works fine, but scp hangs after initial handshaking.
```

Windows might be choosing a lower MTU on its own, which would enable it to work despite this problem.

If this sounds like you, consider enabling the TCPMSS target to fix it.  Caveat: this target is done in the router, which you just said you don't have access to.

----------

## Fitzcarraldo

I had a similar problem back in 2010 [1] on an old machine, and it was due to PLPMTUD (Packetisation Layer MTU Discovery). I was able able to resolve it with the following command as root user:

```
echo 2 > /proc/sys/net/ipv4/tcp_mtu_probing
```

If “echo 2” does not solve the problem, you could try “echo 1” instead. The possible values are:

0   Do not perform PLPMTUD (Packetization Layer Path MTU Discovery)

1   Perform PLPMTUD only after detecting a ‘blackhole’.

2   Always perform PLPMTUD.

Ref. 1: Why can’t I access a specific Web site?

----------

## heikkikk

 *Fitzcarraldo wrote:*   

> 
> 
> ```
> echo 2 > /proc/sys/net/ipv4/tcp_mtu_probing
> ```
> ...

 

Thanks!! This worked! At least now i could connect to the site  :Smile: 

I will reply back if the problem comes back.

----------

## heikkikk

what is the correct way to set it permanent?

----------

## Hu

Patch the kernel to make it the default.  :Smile: 

For a slightly less permanent solution, you could configure the init system to run that echo at boot.

----------

## Fitzcarraldo

As per Ref. 1 in my previous post:

```
# echo "echo 2 > /proc/sys/net/ipv4/tcp_mtu_probing" > /etc/local.d/01network.start

# chmod +x /etc/local.d/01network.start
```

----------

## Banana

and maybe write this as a note somewhere down. Need to do a reinstall, well you just safed some headache since you now why something is not working after that.

----------

