Can't post to Forums when on FTTN; ok via Sonic VPN?

[blakers]

> wired connection via a switch and then to the Pace

ok, that's 1 difference: as per OP, here via a linux router, with modem in DMZ+ mode.

the switch to DMZ+ mode was necessary (or at least the only way i was able to get any functionality) to be able to route my LAN successfully through the modem.

not sure if/how that'd play any part in the can't-post-to-forums issue :-/

[blakers]

fwiw,

switching OFF sonic vpn, i.e. back to direct-via-FTTN, then using an online proxy service (HideMyAss) through the browser,

I'm able to nav to virtually all sites, login at members sites, etc.

I can also nav to & view https://sonic.com

BUT, at attempt to access the forums, https://forums.sonic.net, I get:

"The requested resource could not be loaded."

Can't even get TO the Sonic forums site via proxy, let alone login or post ...

[rtrinh]

By any chance you are using Sonic's nameservers?

Have you tried connecting directly to the modem and seeing if you can post? Maybe even try a VM running a different OS to see if you you can post.

I'm posting from FTTN ip. NVG598 in pass through to my router running DDWRT using Google's nameservers.

[blakers]

> By any chance you are using Sonic's nameservers?

I typically run my own NS, with 'forward first' to Google's & AT&T's ns's.

But, I've tried

DIRECT to Sonic NS, Google NS & ATT NS, as well as turning OFF fwd'ing from my own. No difference.

> Have you tried connecting directly to the modem and seeing if you can post?
> Maybe even try a VM running a different OS to see if you you can post.

Neither is of interest for my use, so, no I haven't.

I assume you mean non-Linux OS? I have tried from multiple variants, but neither have, nor am interested in, Windows or MacOS.

> I'm posting from FTTN ip. NVG598 in pass through to my router running DDWRT using Google's nameservers.

So, you're on a bonded-pair? IIUC, that's a requirement for the NVG598 ...

[rtrinh]

Neither is of interest for my use, so, no I haven't.

I assume you mean non-Linux OS? I have tried from multiple variants, but neither have, nor am interested in, Windows or MacOS.

Well I mean what if there's a setting in linux across all 3 computers you are using that is causing the problem? What if the router is configured in some odd way causing the problem?

You can at least directly connect one of the computers to the modem and see if it works you can narrow it down to not being the router and being the computer or the modem.

So, you're on a bonded-pair? IIUC, that's a requirement for the NVG598 ...

I don't see how this would be related to being able and not being able to post with a non Sonic.net IP address on here. Just stating the fact I am using a different modem, but I am able to post on here with a non Sonic.net IP address.

[blakers]

Here's a more complete set of attempts, including the direct-connect

Code: Select all

Circuit     SonicVPN   Mode                            Post/Preview status

LegacyDSL   Off        direct connect to modem         OK
LegacyDSL   On         direct connect to modem         OK
LegacyDSL   Off        connect through Linux Router    OK
LegacyDSL   On         connect through Linux Router    OK
FTTN        Off        direct connect to modem         FAIL
FTTN        On         direct connect to modem         OK
FTTN        Off        connect through Linux Router    FAIL
FTTN        On         connect through Linux Router    OK

>> So, you're on a bonded-pair? IIUC, that's a requirement for the NVG598 ...
> I don't see how this would be related to being able and not being able to post with a non Sonic.net IP address on here.

Uverse is notorious -- certainly not just at Sonic -- for having a variety of issues in connectivity & routing. Including, but not limited to 'broken' firmware upgrades, filtering policies, etc.

The NVG598 modem on a 2x-pair circuit has already been seen to have different behavior. Specifically w.r.t. IPv6 connectivity capability ... Whether that's because of the modem's firmware, firewall/filter configuration, some difference in the circuit, AT&T's upstream filtering, etc etc, I've no firm answer; but the Pace firmware is currently, strongly suspect.

I've also seen a change in VoIP setting required in my non-Sonic ATA for connection through the FTTN circuit vs the legacyDSL, apparently having to do with SIP DNS resolution and NAT traversal. Again, with the same caveats as above.

Given that 'history', I've seen nothing that that _excludes_ the possibility, even likelihood, of such problematic Uverse-specific cause in this case. Particularly, given my own limited testing that demonstrates that I see this problem ONLY in the case of (1) sonic forums + (2) using the FTTN circuit+modem.

[hhwong]

A few questions -

Are you running any extensions on your browsers?

What do you get back when you do a "nslookup forums.sonic.net"

Can you verify what your nameservers are on your Linux boxes?

I have FTTNx2 with a NVG589 and DMZ+ / Ubiquiti ERL - no problems here reaching forums.sonic.net

[blakers]

> Are you running any extensions on your browsers?

I see the same behavior with all of

firefox 39b (BID/20150523155636)
google-chrome 43.0.2357.81
chromium 43.0.2357.81

with either

normal user + extensions=ON
normal user + extensions=OFF
vanilla/new use, no extentions

> What do you get back when you do a "nslookup forums.sonic.net"
> Can you verify what your nameservers are on your Linux boxes?

Noting,

Code: Select all

	egrep "hosts:|networks" /etc/nsswitch.conf
		hosts:          dns files mdns4_minimal [NOTFOUND=return]
		networks:       dns files

Typically

Code: Select all

	nslookup forums.sonic.net
		Server:         2001:...::53
		Address:        2001:...::53#53

		Non-authoritative answer:
		Name:   forums.sonic.net
		Address: 69.12.208.33

where

Code: Select all

	cat /etc/resolv.conf
		nameserver 2001:...::53

and, @

Code: Select all

	2001:...::53

I've my local bind9 v9.10.2 server listening, configured with

Code: Select all

	...
	forward first;
	forwarders { 8.8.8.8; 68.94.156.1; 8.8.4.4; 68.94.157.1; };
	...

I've also tested with forwarding disabled

Code: Select all

	...
	// forward first;
	// forwarders { 8.8.8.8; 68.94.156.1; 8.8.4.4; 68.94.157.1; };
	...

as well as with local DNS removed from the loop, using only external DNSs with each of the NS pairs @

Code: Select all

	google-public-dns-a.google.com   -->   nameserver 8.8.8.8
	google-public-dns-b.google.com   -->   nameserver 8.8.4.4

	ns1.sonic.net   -->   nameserver 208.201.224.11
	ns2.sonic.net   -->   nameserver 208.201.224.33

	optns1.sonic.net   -->   nameserver 75.101.19.196
	optns2.sonic.net   -->   nameserver 75.101.19.228

	dnsr1.sbcglobal.net   -->   nameserver 68.94.156.1
	dnsr2.sbcglobal.net   -->   nameserver 68.94.157.1

All to no avail.

In all cases, the entire web is browsable-and-postable except for Sonic forum.

And, in all cases, switching to the Sonic VPN 'cures' the posting problem.

[hhwong]

IPv6 issue possibly?

I know that IPv6 was causing me to time-out on a number of websites. Maybe turn it off?

[blakers]

> IPv6 issue possibly?

Irrelevant here.

IPv6 is 'turned off' on the external interface, because it's nonfunctional (viewtopic.php?f=13&t=2688#p19043).