If you experience sudden, otherwise inexplicable, Internet access problems, you might victim to a black hole router. This week, it happened to me for the third time in two years. This time, I’m writing the experience down so that I don’t have to hunt around for a solution with a crippled connection again.
This problem is most noticeable when you’re using a popular web site. Sites like Google, Microsoft, Slashdot, Yahoo, have close to 100% up time. If you’re having a problem connecting to such a site, it’s not often because the site itself is down. Which is why these sites provide a good indicator of a problem elsewhere.
To check if a site is really down you can use web site which scans other sites, such as the W3C HTML validator. If the validator loads the site okay but you get nothing, or very slow access from your browser, there’s a possibility that your Internet messages are going down a black hole.
Internet messages get passed from computer to computer until they reach the computer you want to contact. Machines that are dedicated to this purpose are called routers.
A single Internet message can be quite large. Sometimes the routers decide to split them up to transfer them around the network. But if your messages always got split to the smallest size it would slow down your communication, so there is a protocol the machines follow to detect the maximum size. This size is known as the MTU.
To detect the MTU machines deliberately send messages that are big enough to require splitting. They also tag the message to tell the other routers not to split it up if possible. They wait for a router somewhere along the line to send back an error saying that it can’t pass on the message without splitting it. Iterating this process, the sender can work out the MTU. Without this feature, every computer on the Internet would have to use the minimum size for all messages.
A black hole is a router which has been configured to discard the messages and not report errors. When a message is routed to a black hole, the sender assumes the network connection is down. Some routers are deliberately configured as black holes to prevent DoS attacks. However, sometimes an administrator of a router is over zealous in filtering out messages through the firewall.
If a badly configured router sits between you and the machine you want to connect to, the automatic MTU detection process will fail and your computer will assume that the machine you want to talk to is not working.
It’s easy to check if a badly configured router is eating your Internet messages if you are using Linux. A single command can reduce the MTU on your machine.
sudo ifconfig eth0 mtu 1492
If the connection now works fine, then there’s a problem with a router somewhere between you and the computer you want to access. The size of MTU to use depends on how you connect to the Internet. If you’re using a standard broadband DSL connection and you connect to a modem router with a cable or using wireless then the size you’ll need is 1492. It’s possible to change the MTU on Windows too, but you’ll have edit the registry and reboot after each change!
The fix for the problem is to detect where the black hole router is and get the administrator to fix the problem. In practice this could take a while so most of the time you’ll want to work around the problem instead. If you’re lucky, you might be able to set the MTU for your whole home network by changing a setting on your modem router. This should fix all the machines on your network in one go. You might will probably need to reboot the server and all the machines on the network before this change is distributed.
To set the MTU size on Linux automatically on boot, you can edit the /etc/network/interfaces file. Find where your connection is set up and add the following:
auto eth0 iface eth0 inet dhcp up ifconfig eth0 mtu 1492
In Windows you have to first find the key for your active network connection. You can find this by using regedit.exe. First look for:
HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\Network\\{4D36E972-E325-11CE-BFC1-08002BE10318}\.
Under this are the keys for your connections. Make a note of the key for your connection. (You don’t have to remember the whole thing, the first few digits should be enough. Then look for the key:
HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Services\\tcpip\\parameters\\interfaces
Under this you should find a key that matches the one you noted before. Under that key, add a new DWORD key called “MTU” here and set the value to decimal 1492. Then quit regedit.exe and reboot.
Leave a Reply