Saturday, January 28, 2012

My ISP finally happy with Ubuntu box


I was struggling to make my Ubuntu box work with login server of ISP. It was not getting better at all. Sometimes after 50 attempts, ISP used to say yes and login window appeared. However I was totally annoyed by this. When I switch back to Windows, everything was fine. I started digging to the problem myself rather than asking ISP itself (just for fun and learning).

1)      ISP provides a cable modem and recognizes the packets by MAC address of cable modem.
2)      I have a wireless router attached to my laptop.
3)      The WAN cable of modem is connected to wireless router.
4)      All my connections go via wireless router to cable modem to ISP Internet gateway.
5)      Wireless router has DHCP server to provide IP address to locally connected hosts.
6)      Of-course it acts like a NAT and router, in the sense you can have multiple hosts connecting to wireless router (not sure about limit).

The network setup is something like this:

NETWORK-SETUP
Let me come back to the problem of login server not responding. I struggled a lot. I thought the problem with wireless router and ISP may not be accepting the MAC other than my PC. No I was wrong, in windows everything was clean. Next, I pulled out wireless router and directly cabled modem to my PC. Again did not work out. I used to login from windows and work with Ubuntu for my net access. This was successful since login information was maintained in ISP side than locally in the system.

After so much of struggle, I decided to take packet captures of both windows and Ubuntu. I observed Ethernet packets and IP packets and they looked similar. Finally I gazed through TCP packets.

Aha here you are! Linux adds all TCP options to TCP packet while windows adds few. I knew this was problem but which options? I started disabling one by one

sudo sysctl net.ipv4.tcp_sack=0

This did not work

sudo sysctl net.ipv4.tcp_window_scaling=0

Na this did not work. I thought my assumption was wrong. I decided to give final try

sudo sysctl net.ipv4.tcp_timestamps=0

Hurrah!!! It worked out. I was really delighted. I updated the /etc/sysctl.conf and never faced the problem again.

So it is basically problem with tcp timestamp option which linux kernel includes by default. I really did not understand why this would give a problem. TCP timestamp just sends current clock of the system to avoid packets being recognized as duplicate during sequence number overflow. However they need not even synchronize with system clock. I raised this issue with ISP and let me see what happens further.

At the end of day, one more piece of learning and one more topic to write about ;). I just loved the investigations I carried out. It may be very silly problem to experts however for me it was seamless learning.

Here is the TCP packet capture of windows and linux. It shows Windows does not add TCP timestamp field in TCP packet during SYN state.



Courtesy: wireshark