<HTML>
<HEAD>
<META content="text/html; charset=windows-1252" http-equiv=Content-Type>
<META content="OPENWEBMAIL" name=GENERATOR>
</HEAD>
<BODY bgColor=#ffffff>
<div><font size="2">Dear Brian,</font></div>
<div>
<br /></div>
<div><font size="2">Thank you very much for sharing all the technical details. It will help us, the bdNOG community, in future trouble-shootings.</font></div>
<div>
<br /></div>
<div><font size="2">The site has been accessible since Aug 11, 2019 morning as the concerned administrator looked after the issue, although he did not share any details of the problem or its trouble-shooting.
<br /></font></div>
<div>
<br /></div>
<div><font size="2">Best regards,</font>
<br /></div>
<font size="2">
<br />ANIRUDDHA BARUA
<br />
Email: aniruddha.barua@colbd.com, cto@colbd.com
<br />
<br />
<br /><b>---------- Original Message
-----------</b>
<br />
From: Brian Candler <brian@nsrc.org>
<br />
To: nog@bdnog.org
<br />
Sent: Sat, 10 Aug 2019 18:23:19 +0100
<br />
Subject: Re: [bdNOG] A Bangladesh Open University website (OSAPS) not opening.
<br />
<br />> FWIW: from the UK I can connect to port 80, but get no
response
from the webserver for a HTTP request for the home page.
<br />>
<br />>
<tt>$ ping osaps.bou.edu.bd</tt><tt>
<br />>
</tt><tt>PING osaps.bou.edu.bd (103.103.100.21): 56 data
bytes</tt><tt>
<br />>
</tt><tt>64 bytes from 103.103.100.21: icmp_seq=0
ttl=49
time=252.833 ms</tt><tt>
<br />>
</tt><tt>64 bytes from 103.103.100.21: icmp_seq=1
ttl=49
time=253.525 ms</tt><tt>
<br />>
</tt><tt>^C</tt><tt>
<br />>
</tt><tt>--- osaps.bou.edu.bd ping statistics ---</tt><tt>
<br />>
</tt><tt>2 packets transmitted, 2 packets received, 0.0%
packet
loss</tt><tt>
<br />>
</tt><tt>round-trip min/avg/max/stddev
=
252.833/253.179/253.525/0.346
ms</tt>
<br />> <tt>$ telnet osaps.bou.edu.bd 80</tt><tt>
<br />>
</tt><tt>Trying 103.103.100.21...</tt><tt>
<br />>
</tt><tt>Won't send login name and/or authentication
information.</tt><tt>
<br />>
</tt><tt>Connected to osaps.bou.edu.bd.</tt><tt>
<br />>
</tt><tt>Escape character is '^]'.</tt><tt>
<br />>
</tt><tt>GET / HTTP/1.0</tt><tt>
<br />>
</tt>
<br />> <tt><< hangs here
>></tt>
<br />> <tt>$ time curl -v osaps.bou.edu.bd</tt><tt>
<br />>
</tt><tt>* Rebuilt URL to: osaps.bou.edu.bd/</tt><tt>
<br />>
</tt><tt>*�� Trying 103.103.100.21...</tt><tt>
<br />>
</tt><tt>* TCP_NODELAY set</tt><tt>
<br />>
</tt><tt>* Connected to osaps.bou.edu.bd (103.103.100.21) port
80
(#0)</tt><tt>
<br />>
</tt><tt>> GET / HTTP/1.1</tt><tt>
<br />>
</tt><tt>> Host: osaps.bou.edu.bd</tt><tt>
<br />>
</tt><tt>> User-Agent: curl/7.54.0</tt><tt>
<br />>
</tt><tt>> Accept: */*</tt><tt>
<br />>
</tt><tt>></tt><tt>
<br />>
</tt>
<br />> <tt><< hangs here
>></tt>
<br />> <tt>* Recv failure: Connection reset by peer
<br />>
* stopped the pause stream!
<br />>
* Closing connection 0
<br />>
curl: (56) Recv failure: Connection reset by peer
<br />>
<br />>
real��� 4m3.266s
<br />>
user��� 0m0.011s
<br />>
sys��� 0m0.020s
<br />>
</tt>
<br />>
<br />> However, if I request a non-existent page, it's
handled
correctly:
<br />>
<br />> <tt>$ curl -v
osaps.bou.edu.bd/zxcv</tt><tt>
<br />>
</tt><tt>...</tt><tt>
<br />>
</tt><tt><body></tt><tt>
<br />>
</tt><tt>��� <div id="container"></tt><tt>
<br />>
</tt><tt>��� ��� <h1>404 Page Not Found</h1></tt><tt>
<br />>
</tt><tt>��� ��� <p>The page you requested was
not
found.</p>��� </div></tt><tt>
<br />>
</tt><tt></body></tt><tt>
<br />>
</tt><tt>* Closing connection
0</tt>
<br />> Similarly if I make an invalid HTTP
request:
<br />> <tt>$ telnet osaps.bou.edu.bd 80</tt><tt>
<br />>
</tt><tt>
Trying 103.103.100.21...</tt><tt>
<br />>
</tt><tt>
Won't send login name and/or authentication
information.</tt><tt>
<br />>
</tt><tt>
Connected to osaps.bou.edu.bd.</tt><tt>
<br />>
</tt><tt>
Escape character is '^]'.</tt><tt>
<br />>
</tt><tt>
<b>bluergh</b></tt><tt>
<br />>
</tt><tt>
HTTP/1.1 400 Bad Request</tt><tt>
<br />>
</tt><tt>
Date: Sat, 10 Aug 2019 17:21:54 GMT</tt><tt>
<br />>
</tt><tt>
Server: Apache/2.2.15 (CentOS)</tt><tt>
<br />>
</tt><tt>
Content-Length: 308</tt><tt>
<br />>
</tt><tt>
Connection: close</tt><tt>
<br />>
</tt><tt>
Content-Type: text/html; charset=iso-8859-1</tt><tt>
<br />>
</tt> <tt>
<br />>
</tt><tt>
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML
2.0//EN"></tt><tt>
<br />>
</tt><tt>
<html><head></tt><tt>
<br />>
</tt><tt>
<title>400 Bad Request</title></tt><tt>
<br />>
</tt><tt>
</head><body></tt><tt>
<br />>
</tt><tt>
<h1>Bad Request</h1></tt><tt>
<br />>
</tt><tt>
<p>Your browser sent a request that this server could
not
understand.<br /></tt><tt>
<br />>
</tt><tt>
</p></tt><tt>
<br />>
</tt><tt>
<hr></tt><tt>
<br />>
</tt><tt>
<address>Apache/2.2.15 (CentOS) Server at
osaps.bou.edu.bd
Port 80</address></tt><tt>
<br />>
</tt><tt>
</body></html></tt>
<br />>
<br />> My first reaction is that this may be something to do with
MTU.�
That
is:
<br />> 1. I connect to the
webserver
<br />> 2. I send a HTTP
request
<br />> 3. The webserver starts sending a large request - the next
packet
in the TCP stream has MTU 1500
(say)
<br />> 4. But there is a link somewhere which does not support
MTU
1500.� Rather than fragmenting the packets or sending back
ICMP
Fragmentation Needed, it just throws the packets
away.
<br />> This could be a combination of an ISP which uses PPPoE
(MTU
1492), and a badly-configured firewall at the
institution.
<br />>
<br />> However, ping doesn't support this
theory:
<br />> $ ping -D -s1472 osaps.bou.edu.bd
<br />>
PING osaps.bou.edu.bd (103.103.100.21): 56 data bytes
<br />>
64 bytes from 103.103.100.21: icmp_seq=0 ttl=49 time=252.326 ms
<br />>
64 bytes from 103.103.100.21: icmp_seq=1 ttl=49 time=252.857 ms
<br />>
64 bytes from 103.103.100.21: icmp_seq=2 ttl=49 time=252.153 ms
<br />>
^C
<br />>
--- osaps.bou.edu.bd ping statistics ---
<br />>
3 packets transmitted, 3 packets received, 0.0% packet loss
<br />>
round-trip min/avg/max/stddev = 252.153/252.445/252.857/0.300
ms
<br />> (That's for MacOS. Under Linux, use "-Mdo" instead of "-D"
to
prevent
fragmentation)
<br />> As far as I can see, 1500-byte packets are working
end-to-end.
(1472 data + 8 bytes ICMP header + 20 bytes IP header =
1500)
<br />>
<br />> So more likely I think it's a problem with the webserver
itself.�
Maybe it's running some sort of dynamic web page
generation
software which has locked up.� Maybe it's proxying to a
back-end
webserver which has locked up.� This doesn't explain why
mobile
users can see the page, unless the mobile network is
doing
aggressive caching and always returning a cached version of
the
page, or different dynamic content is being returned based
on
source IP address.
<br />>
<br />> Debugging on the target webserver
would be the best approach IMO.
<br />>
<br />>
HTH,
<br />> Brian.
<br /><b>------- End of Original Message
-------</b>
<br />
</font>
</BODY>
</HTML>