Some sites are blocked (http)

mamruoc

Hello,

I have upgraded my system with pfSense-Embedded-Update-1.2-RC3.tgz, first dated 04.11.2007 and now 07.11.2007.

The problem is that some sites are blocked, while some aother are not.

A site I have problem with is:

http://www.osdir.com

$: nslookup osdir.com
Server:        192.168.1.1
Address:        192.168.1.1#53

Non-authoritative answer:
osdir.com      canonical name = ec2-67-202-28-124.compute-1.amazonaws.com.
Name:  ec2-67-202-28-124.compute-1.amazonaws.com
Address: 67.202.28.124

ping osdir.com
PING ec2-67-202-28-124.compute-1.amazonaws.com (67.202.28.124) 56(84) bytes of data.

–- ec2-67-202-28-124.compute-1.amazonaws.com ping statistics ---
30 packets transmitted, 0 received, 100% packet loss, time 29003ms

In the Diagnostics: Show States is see (filtered on ip):
Proto    Source -> Router -> Destination    State   
tcp 67.202.28.124:80 <- 192.168.1.4:36377 CLOSED:SYN_SENT
tcp 67.202.28.124:80 <- 192.168.1.4:50036 CLOSED:SYN_SENT
tcp 67.202.28.124:80 <- 192.168.1.4:44252 CLOSED:SYN_SENT
tcp 67.202.28.124:80 <- 192.168.1.4:44285 CLOSED:SYN_SENT
tcp 192.168.1.4:44252 -> 217.14.12.255:60429 -> 67.202.28.124:80 SYN_SENT:CLOSED
tcp 192.168.1.4:36377 -> 217.14.12.255:55329 -> 67.202.28.124:80 SYN_SENT:CLOSED
tcp 192.168.1.4:44285 -> 217.14.12.255:59348 -> 67.202.28.124:80 SYN_SENT:CLOSED
tcp 192.168.1.4:50036 -> 217.14.12.255:60904 -> 67.202.28.124:80 SYN_SENT:CLOSED

Anyone seen this problem before?

I used pfSense-1.2RC2-full on a AMD TBird 1.4 GHz with 1 GB RAM without any problem.
The problem hitted me when I changed to VIA 1.2 Fanless  with 1GB RAM-embedded

mamruoc

Bypassing tha pfsense box, everything is OK.

This is very weird…

The pfsense's CPU is all under 10% usage and memory is under 15%...

I'll try to take it down to RC2 later today

Itwerx

Is this multi-WAN?

sullrich

If this is multi-wan you need to ensure static routes are in place to send a dns server out to each isp.