8

I have this strange problem, I am unable to access imgur.com from Ubuntu !

I have checked the /etc/hosts file, there seems to no entry related to imgur. I can access it from Windows(same connection).

I cannot ping it or traceroute it, I cannot even ping the IP of imgur. I have cleared iptables too, what could be the cause ?

i cannot access gravatar.com too !! I just noticed that sorry.

Running host imgur.com (the same output with google's dns servers)

gowtham@gowtham-hacktohell:~$ host imgur.com
imgur.com has address 23.23.110.58
imgur.com has address 23.23.110.81
imgur.com has address 54.243.128.92
imgur.com mail is handled by 5 alt1.aspmx.l.google.com.
imgur.com mail is handled by 1 aspmx.l.google.com.
imgur.com mail is handled by 10 aspmx2.googlemail.com.
imgur.com mail is handled by 5 alt2.aspmx.l.google.com.
imgur.com mail is handled by 10 aspmx3.googlemail.com.

Running tcptraceroute 

gowtham@gowtham-hacktohell:~$ tcptraceroute imgur.com
Selected device ppp0, address 117.199.141.54, port 44995 for outgoing packets
Tracing the path to imgur.com (54.243.128.92) on TCP port 80 (http), 30 hops max
 1  117.199.128.1  17.534 ms  17.764 ms  17.896 ms
 2  218.248.171.102  93.272 ms  26.393 ms  109.985 ms
 3  115.114.130.49.STATIC-Chennai.vsnl.net.in (115.114.130.49)  49.442 ms  47.180 ms  46.981 ms
 4  * * *
 5  ix-0-100.tcore2.MLV-Mumbai.as6453.net (180.87.39.25)  70.085 ms  69.712 ms  70.361 ms
 6  if-2-2.tcore1.MLV-Mumbai.as6453.net (180.87.38.1)  186.862 ms  186.434 ms  185.515 ms
 7  if-9-5.tcore1.WYN-Marseille.as6453.net (80.231.217.17)  181.965 ms  182.963 ms  184.682 ms
 8  if-8-1600.tcore1.PYE-Paris.as6453.net (80.231.217.6)  186.152 ms  184.483 ms  182.950 ms
 9  if-12-2.tcore1.PVU-Paris.as6453.net (80.231.154.70)  191.271 ms  189.655 ms  188.606 ms
10  if-3-2.tcore1.FR0-Frankfurt.as6453.net (80.231.153.54)  187.245 ms  186.013 ms  193.808 ms
11  xe-0-1-0-6.r02.frnkge03.de.bb.gin.ntt.net (129.250.9.57)  288.412 ms  281.124 ms  281.011 ms
12  ae-2.r20.frnkge04.de.bb.gin.ntt.net (129.250.5.217)  352.432 ms  357.071 ms  357.256 ms
13  ae-1.r21.asbnva02.us.bb.gin.ntt.net (129.250.3.20)  391.405 ms  394.961 ms  391.812 ms
14  ae-2.r00.asbnva02.us.bb.gin.ntt.net (129.250.3.114)  378.128 ms  381.786 ms  385.697 ms
15  ae-4.amazon.asbnva02.us.bb.gin.ntt.net (168.143.232.50)  370.938 ms  353.306 ms  351.793 ms
16  72.21.220.55  361.004 ms * 364.525 ms
17  205.251.245.55  368.187 ms  380.907 ms  375.333 ms
18  * * *
19  * * *
20  * * *

I dial the connection using PPoE.

Capturing the stream through Wireshark, I see this


(source: akamaihd.net)

Running curl

gowtham@gowtham-hacktohell:~$ curl -I http://imgur.com
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Jan 2013 12:24:01 GMT
Content-Type: text/html
Connection: keep-alive
Cache-Control: max-age=5, s-maxage=5, must-revalidate
X-Cached: EXPIRED

And telnetting, 

gowtham@gowtham-hacktohell:~$ telnet imgur.com 80
Trying 23.23.110.58...
Connected to imgur.com.
Escape character is '^]'.
HEAD / HTTP/1.0


HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Jan 2013 12:25:11 GMT
Content-Type: text/html
Connection: close
Cache-Control: max-age=5, s-maxage=5, must-revalidate
X-Cached: HIT

Connection closed by foreign host.
Glorfindel
  • 971
  • 3
  • 13
  • 20
HackToHell
  • 6,726
  • I too cannot ping imgur.com but, AFAICT, Ask Ubuntu relies on that site for graphics and those display just fine. –  Jan 11 '13 at 11:21
  • The AU images do not load for me :'( imgur might have disabled icmp replies – HackToHell Jan 11 '13 at 11:22
  • Sorry! I can ping i.stack.imgur.com successfully. That, is where (at least some of) the graphics are. Did you start having this problem recently? Since you're getting through via Windows, ISP/DNS don't seem to be to blame ... –  Jan 11 '13 at 11:25
  • Maybe a filter on your router? One that only targets the IP/MAC of your Ubuntu machine. – Kevin Jan 11 '13 at 11:34
  • I use ppoe, and I just checked the filters, it's clean. – HackToHell Jan 11 '13 at 11:37
  • I wrote down some more ways to get information: http://paste.ubuntu.com/1519624/ – qbi Jan 11 '13 at 11:55
  • @Mowgli MAC addresses are in hardware. They don't change from one OS to the other, unless the different OSes are using different network adapters, or you are spoofing them (which the OP would know about, as this has to be somewhat painstakingly configured). – Eliah Kagan Jan 11 '13 at 11:56
  • @EliahKagan: A user just can run macchanger and every reboot. No pain anymore. :-) – qbi Jan 11 '13 at 11:58
  • 2
    Worth a try. You didn't specify anything about where your OSes were. Separate machines, VMs etc- will have different MACs. My flatmates often rig the router with joke filters. – Kevin Jan 11 '13 at 12:02
  • @qbi Edited the question – HackToHell Jan 11 '13 at 12:26
  • Well from your edits above it looks that you can access http://imgur.com from commandline. So maybe there is some strange setting in your browser. What browser do you use? – qbi Jan 11 '13 at 12:38
  • @qbi Tried from firefox, chromium, chrone – HackToHell Jan 11 '13 at 13:46
  • Could you check your system wide proxy settings? Is there a proxy set? You could also use dconf-editor and move to system -> proxy -> http to see if there are settings. – qbi Jan 11 '13 at 14:21
  • @HackToHell: Does imgur.com work for you? If yes, what steps did you do to get it working? – qbi Jan 15 '13 at 13:35
  • @qbi It still dos not work :( – HackToHell Feb 02 '13 at 06:59
  • Have you checked your proxy settings? – qbi Feb 02 '13 at 10:49
  • @HackToHell, are you still facing this issue? Did you try Alistair's answer? – Alaa Ali Jun 21 '13 at 15:40
  • @Alaa NOPE IT WORKS !! \o/ – HackToHell Jul 20 '13 at 13:14
  • @Gowtham, cool. I was very interested in this and was going to offer a bounty =). Glad you got it to work. – Alaa Ali Jul 20 '13 at 13:40
  • @Alaa Some sites take a long time to load, prolly due to packet fragmentation but it's a fix nevertheless – HackToHell Jul 20 '13 at 13:49
  • I have same problem: http://askubuntu.com/questions/322411/network-manager-problem – liquid3 Jul 21 '13 at 00:58

2 Answers2

5

This may be a MTU path discovery issue. This can lead to certain websites working incorrectly even though all others work fine. It will appear as a time out rather than connection refused. It will only show up with reasonably large transfers like whole webpages - telnet will probably not send any packets which need to be fragmented. It can affect outgoing ssh too.

The fix is to lower the MTU on your network device so that packets above a certain size are always fragmented. See for example:

http://tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.cookbook.mtu-discovery.html

In detail what happens is that when you send data over the internet it is split up into packets. The maximum size for these packets anywhere on the internet is 1460 bytes not including headers. If you send a message large than that it must be split up, or fragmented.

Now, if your message goes over certain types of internet links it must be encapsulated in another protocol. That means that the packet including headers will get wrapped inside another packet. That obviously increases the size of the packet, so if your packet is already maximum size it must be split up again. However, because this can be exploited to perform DDoS attacks, many routers won't automatically fragment packets that they didn't create. Therefore your maximum size packets won't cross these routers.

In order to avoid this problem MTU path discovery was invented. If a packet is too big for a router it will send back a message saying to send smaller packets. However, it turns out this could be exploited too, and so many routers won't do that either.

So the way to overcome this problem is to always send packets slightly smaller than the absolute maximum. That's what the MTU setting is for. The idea is to set it just small enough that any extra overhead doesn't put you over the limit. Of course you won't know how small that is so you have to find the optimal value (biggest value that still works) by experimentation.

Alistair Buxton
  • 6,722
0

From what I have seen of your curl output, you can access it.

If you can't see it on your browser, try with another browser.

My curl output.

curl -I http://imgur.com
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Jan 2013 03:21:00 GMT
Content-Type: text/html
Connection: keep-alive
Cache-Control: max-age=5, s-maxage=5, must-revalidate
X-Cached: HIT
ggarron
  • 201
  • 1
    Most of what OP posted doesn't involve use of a browser, any browser. –  Jan 12 '13 at 03:42