[nSLUG] [OT] Net connectivity problem (Attn. sys admins)

Mike Spencer mspencer at tallships.ca
Sun Apr 28 04:12:51 ADT 2013


I have a problem with my ISP that neither I nor the sys admin has been
able to figure out. 

   + Dialup works as expected

   + Authentication works as expected

   + I get assigned a local IP address, connected through the ISP's
     modem terminal server.

   + Everything works as expected EXCEPT:

 +++ I can't connect to the ISP's POP3 server. Most of the
     time. Access (re)appears erratically, unpredictably,
     infrequently. Works fine when it appears.

   + POP3 server is not down, can be accessed from the net (see infra).

Tedious details follow.

The sys admin tells me that the authentication server is the same
physical machine as the POP3 server.  Ergo, when my dialer program
hands username & password to the modem terminal server, it must
connect to the POP3/authentication server and exchange bytes with
it. Authentication is the "old" kind, where I (or software, rather)
respond to Username: and Password: prompts and then send "ppp";
doesn't use PAP. [3]

But once connected:

    + traceroute fails to reach the POP3 server, dying after one hop,
      the response from the modem terminal server itself.

    + ping has 100% packet loss

    + su root; nmap -P0 -n reports all ports "filtered"

    + My usual mail reader and spam-catcher software cannot, of
      course, connect.

Connection to the ISP's SMTP and HTTP servers (different machines)
work as expected. Connection to the rest of the net works as expected.

I've encountered this when assigned at least 15 of the addresses
available for assignment to dialup/PPP users.


Happens I have a 2nd ISP. [1] I can dial into that service with no
problem. Once connected to the net via OtherISP, I can always access
the POP3 server at MyISP without problem. [2] POP3 server at MyISP
resolves to the same IP address from both dialup accounts.

No upgrades, system or software mods at home. AFAIK, servers at MyISP
run on Windoes, not Linux -- not certain.

Anybody with sys admin experience have a notion, however weird, of
what's going on here?  Packet of death? Known hardware failure mode?
Known routing or firewall configuration error? 

If I didn't have the backup ISP, I would, of course, be in a snit due
to a fortnight's lack of email.  As it is, any help is welcome lest I
have to drive over to Kentville with a screwdriver and go all
postal. :-)


- Mike


[1] The inheritor of our own, original NSTN, after numerous mergers,
    takeovers and spin-offs: ca.inter.net. Cute, eh?

[2] Except for the annoying fact that doing POP3 sends password in the
    clear and the route goes through NYC and Boston to get from
    Ontario to Kentville.

[3] OtherISP switched to PAP without notification last year.  Peggy's
    Windoes box somehow accommodated itself without comment.  I spent
    a week picking through docs and manpages and tcpdumps to figure
    out what they'd done and then re-write the dialer script. Big
    corporation, y'know. Nobody on the help desk even knew what I was
    talking about. When a Help Guy told me some things that were
    blatantly counterfactual, I gave up on them.

-- 
Michael Spencer                  Nova Scotia, Canada       .~. 
                                                           /V\ 
mspencer at tallships.ca                                     /( )\
http://home.tallships.ca/mspencer/                        ^^-^^


More information about the nSLUG mailing list