[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Edlug Archive Oct 2007 ]

Re: [edlug] a rather peculiar problem



A couple of points (which may or may not be related to your problem, but which are worth noting even if they aren't):

not-vista-related:

* BBC news was down for some time yesterday (so if you were using it as a connectivity test, this may have contributed to mis-diagnosis):

http://www.bbc.co.uk/blogs/theeditors/2007/10/site_problems_1.html

vista-related:

* There are considerable changes to how networking works in vista, ranging from a new tcp/ip stack to support for new protocols and technologies enabled out of the box, to changes to the behaviour of existing protocols (like DHCP).

* There's also a lot of misinformation surrounding this behaviour, much of which comes from slashdot, which has been a steady source of misleading and badly edited/selected/summarised articles regarding Vista for quite some time (prime example - http://tinyurl.com/3dhtaq)

Specifically:

i) Vista has a totally new TCP/IP stack - see http://tinyurl.com/dkklc. This isn't the cause of any specific issues I'm aware of, but is worth noting (and is actually quite interesting).

ii) Vista enables a bunch of new protocols by default, including a discovery protocol (LLDT) as well as IPv4/6 interop protocols (TEREDO and ISATAP). The behaviour of these under a range of circumstances may have yet to be discovered, as they're new.

There's a good overview to many of these, as well as an exploration of (i) in a Symantec research paper by Tim Newsham and Jim Hoagland (this paper, too, has been misrepresented by slashdot) which is worth a read:

http://www.symantec.com/avcenter/reference/ATR-VistaAttackSurface.pdf

iii) Vista enables TCP Window Scaling by default. Lots of routers and network devices don't like this. See http://tinyurl.com/2ta5qg.

iv) Vista changes the way DHCP behaves when it sends DHCPDISCOVER messages, enabling the BROADCAST flag, which requests broadcast rather than unicast DHCPOFFER and DHCPACK messages back from the responding server. Many routers/DHCP Servers don't like this (slashdot have covered this one too...), even though it's per-the-RFC (if illogical) behaviour. Why this has been enabled is a bit of a mystery, but this behaviour can very simply be altered (and reverted to the pre-Vista setting):

http://support.microsoft.com/default.aspx/kb/928233

Best guess, the IT person had encountered this one before and figured out which one it was, guessed and did several, or there's some other consideration (proxy settings, 802.1x, DNS Servers, hosts file entries, or any number of other wacky-and-wonderful things).

HTH.

- James.

Tahir Hafiz wrote:
Hi,

The student at QMU phoned me to let me know that earlier a techie from the
IT department came over and logged on as administrator.
He "did something" and now it works for him - and he can go online.

Networking - don't you just love it!

Mark - no registering is required via ethernet it is purely a log-in process
via username and password. Another laptop did work fine on the same port -
ibm x41.

I am not going to know how the techie resolved the issue but maybe it was
vista doing something weird.

Thanks everyone for the help though.

Tahir



On 10/9/07, Mark Cairney <Mark.Cairney@xxx.xxx.xxx> wrote:
Just a hunch here but do QMU use any form of web proxies to the internet?
Also although you've ruled out MAC address filtering but did the user
have to register his network card MAC address with whoever runs the
network at any point? Im just wondering in case the wrong adapter was
registered.
Have you tried another laptop on the network (preferably the same port)
to see if it works?
Finally do they use any form of authentication to get onto the internet
a la Ed Uni's bluesocket wireless gateway/ Laplan2?

Cheers,

Mark

Tahir Hafiz wrote:
Hello,

I was helping a student at Queen Margarets University in the new
campus with a problem they were having with their laptop connecting to
the university network in his room on Sunday via a wired ethernet
connection.

I spent several hours trying to help him have internet access but to
no avail with his laptop in his room (its an HP dv9398eu) .

Basically, his laptop had Vista installed and the university techies
have told him that it is the laptop not the network that is at fault.
So I went to the campus and tried to get the laptop to connect.
I discovered that he could log in to the network as he received a pop
up window telling him that he was logged in but he couldn't surf the
net.
I pinged out (ping www.bbc.co.uk <http://www.bbc.co.uk>) and got back
www.bbc.net.co.uk <http://www.bbc.net.co.uk> and an ip address of the
bbc through dns resolution. So I think he can connect to the dns
servers ok. But he didn't get any pings back. So data packets were not
getting back to him.  I thought he had a security setting switched on
under Vista preventing him surfing the net via a redirected webpage so
I spent a long time in vain trying to switch on/off whatever setting
it was but nothing worked. I saw there were quite a few network
adapters labelled "tunnelling .....eth...etc ..etc" which I thought
was weird as well as the normal one. I switched off IPv6 and had only
IPv4 but still it didn't help.

Last night he put xp on and same issue, he also tried a number of live
linux cds which I gave him (ubuntu, xubuntu, kubuntu) but same thing -
he can log in to the network but no further - no further webpages, no
web browsing.

So I don't think it is a security setting. Could his hardware be at
fault in some way?

He has tried an ethernet to usb adapter and again no further access
beyond the university log-in page (the adapter would have had a
different MAC address ) so it can't be his laptop is denied access
because of MAC address filtering.

When someone else tried to log-in with his HP laptop she also did not
get beyond the log-in page - that was on Sunday evening. However, when
she used a different laptop (IBM x41) plugged into the same ethernet
port she was able to log on and surf the internet. This other IBM
laptop also worked for him.

Furthermore, he says he bought the HP laptop from PC World a week ago,
took it to his room, and says other people came round to look at it,
people chatted away amiably and he says one girl saw a student
checking emails on his HP laptop, so the first student who logged on
got through. When he tried it he was denied access to the internet.

I don't know? Has anyone seen anything like this before?

Thank you,
Tahir






-- James (njan) Eaton-Lee | UIN: 10807960 | http://www.jeremiad.org

   "All at sea again / And now my hurricanes
   Have brought down this ocean rain / To bathe me again"

 https://www.bsrf.org.uk | ca: https://www.cacert.org/index.php?id=3
--

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature



This archive is kept by wibble+RM@xxx.xxx.xxx
Morpheux
HomePage