Websites which can’t handle TCP window scaling
June 27, 2007 – 8:03 pmI’ve run into a dead end in a process of debugging a website. Here’s the low-down.
- A particular university website is needed for my (and my sister’s) study.
- I have a 2 desktops and 1 laptop, all running kubuntu fiesty, on the same network, same dmz etc
- Only the laptop loads the website
- The website will load under windows on both of the desktops
- Turns out, that the desktops will load the website, but very, very slowly (about 5 minute delay)
I have absolutely, no clue about how to continue debugging and hopefully fixing the problem. Does anybody have any suggestions that I could use to try and get this up and running again?
nb: it doesn’t seem to be ipv6 causing the problems.
Update:
A big big thanks to Jonathan Brugge and LukyLuke who have already solved my problem. Turns out that my university couldn’t be arsed hiring decent software developers (or paying for a decent system). The website simply doesn’t handle scaled TCP windows properly. There are two solutions:
echo "0" > /proc/sys/net/ipv4/tcp_window_scaling
Caveat: this causes no window scaling to be applied on all sites, so the better method is to apply on a per ip basis:
ip route add IP.ADD.RE.SS/32 via <your default gateway> window 65535
(found on the openSUSE wiki)
8 Responses to “Websites which can’t handle TCP window scaling”
Java — check your java settings .
By Random on Jun 27, 2007
Maybe a bit obvious, but have you tried tcpdump?
By Anon Ymous on Jun 27, 2007
I’ve seen a similar problem which took me quite some time to solve. In that case, there was a faulty router somewhere between me and the website. It didn’t work well with TCP scaling and combined with some specific kernel versions which made the situation worse, lead to the problem you describe. Does ‘echo 0 > /proc/sys/net/ipv4/tcp_window_scaling’ solve it?
By Jonathan Brugge on Jun 27, 2007
Check the MTU of your network card(s). I had similar problems with PCs behind a router. Try setting the MTU down to 1450 for example.
By Darkstar on Jun 27, 2007
FWIW, I get the same issue here with Konq 3.5.7 on Gentoo here in NZ. Jonothan Brugge’s remedy above seems to fix it though, so hopefully it will for you as well
By Paul Eggleton on Jun 27, 2007
Hi. That website wouldn’t load here either. Wireshark showed that I could connect and send the http request alright, but the server didn’t respond to that.
Jonathan’s solution made it work for me. Weird kind of problem…
By Chris on Jun 27, 2007
Based on the information/solution from Jonathan I found an other, in my point of view a much better, solution.
Instead to scale down the whole net to a 64 KByte buffer for sending and receiving, you can add custom routes for hosts/nets where this occurres:
ip route add IP.ADD.RE.SS/32 via YourDefaultGateway window 65535
For your given site for example something like this:
ip route add 149.171.95.20 via YourDefaultGateway window 65535
(Just replace “YourDefaultGateway” with it)
NB: I found this solution (in german) on http://de.opensuse.org/SDB:Problem_mit_der_Herstellung_einer_TCP/IP_Verbindung_in_openSUSE_10.2
By LukyLuke on Jun 27, 2007
Thanks you all so much, you have solved my seemingly unfixable problem.
By Seb on Jun 27, 2007