No google images problem - SOLVED
04/02/10 09:05 Filed in: General
I’ve recently connected to Internode broadband ADSL
and immediately had this issue:
Run a google (or yahoo) search for something. Then click on the images link to display all the images google/yahoo found for your search. Result: no images, only blank boxes.
The page load status indicator stalls and eventually times out. General browsing works perfectly fine.
After thinking it was my browser (Firefox 3.6 on OS X) and clearing it’s cache, I tried a few others. Safari, Opera, OmniWeb all had the same issue. So it wasn’t the browsers.
I fired up a virtual Windows XP machine and tried Firefox 3.5.7, IE 7, Opera 10, Safari and Chrome. All the same.. NO IMAGES!
Just in case, I fired up a virtual Ubuntu and OpenSuse machine also. Same issue.
Perhaps it was the MacBook.
I tried another machine entirely. I put together an old Dell PC I had lying around, running Ubuntu and same problem. Booted from a live openSuse CD... same problem.
So it wasn’t just the MacBook.
I walked away from the technical stuff and sat outside with a cuppa to ponder the situation for a while.
What could be impacting the situation?
Browsers? ...possible, but over multiple machines?
IP config of the machines? ...possible but general browsing works fine and config is issued by DHCP.
DNS? ...possible, but general browsing works fine.
Wireless hardware? ...possible.
ADSL modem? ...possible.
Internode??? ...possible but rather unlikely.
So Wireless.
I run a Linksys WRT54GL wireless router, which basically gives me a wireless access point. It also provides the DHCP info for the network. No special settings here, firewall is turned off.
However, just in case, I plug my MacBook into one of the switch ports. Same issue.
So its unlikely to be the wireless router. Moving along.
ADSL Modem then?
I run a Linksys AM300 ADSL2+ modem so I plug the MacBook into the back of it. Set an IP address and DNS entries manually and ... you guessed it, Same problem.
Ok time to look at the config of the modem.
I run the firewall on this as it’s the connection to the great unwashed. As a test, I turned of the firewall. I HAVE IMAGES!
Firewall on: no images, firewall off: images, on:no, off:yes. Ah-huh!
Time to investigate the firewall settings.
Access Control: disabled - no impact here
Schedule Rule: disabled - no impact here
MAC address filters: none - no impact here
URL blocking: none - no impact here
VPN: enabled for passthrough - no impact here
Intrusion detection: enabled - IMPACT!
ello ello, what’s going on here then?
RIP impact: enabled - probably nothing
Discard ping to WAN: enabled - probably nothing
Stateful packet inspection settings look interesting.
SPI and Anti-DoS firewall protection: enabled - let’s turn that off and see what happens.
I HAVE IMAGES AGAIN!
on: no images, off: images.
So why would Anti-Denial of Service have an impact?
Well, after giving it a few minutes thought, this is what I’ve come up with.
Internet speeds are getting faster. To take advantage of these speeds, browsers (of all types) are multi-threading in a way, making more and more simultaneous requests for information. I think Firefox defaults at 30 simultaneous http requests for objects on a page. On a page like Google images, this could end up being huge numbers of incoming connections, from different sources. All browses are doing this to appear faster and faster. To a router, could this perhaps look like a DoS attack? Possibly.
My Linksys AM300 is fairly old and the last firmware update was back in 2008 (which I am running BTW). It is possible the aged firmware simply is not designed to take into account the changing of the times, the software behind it and the speed of the internet in front of it. I’ve seen, by searching the net, that this issue doesn’t appear on all routers/modems. But what I have noticed is the newer ones tend NOT to display the problem. Only the older ones.
Mayhap, mayhap not. But what I do know for sure is, when I turn on Anti-DoS protection, I don’t get images from google or yahoo.
As a last and final check before walking away whistling, I fired up WIRESHARK.. one of my favourite network trouble shooting tools.
What I should normally see is the standard SYN --> ACK --> SYN-ACK handshakes.
What I’m expecting to see (based on my findings), when the Anti-DoS setting is enabled, is a huge list of SYN packets going out, and no ACK’s coming back. And that’s exactly what I see. Huge numbers of SYN packets going out to a wide range of google addresses, but no ACK replies.
They’re being dropped at the AM300 firewall.
Turn off the DoS protection and there are so many ACK/SYN-ACK replies it’s like I’ve stepped into a Russian war-zone with AK-47’s everywhere.
I could have been more technical with this troubleshooting process (and indeed Wireshark is usually the first place I go, and would have saved me quite a bit of time), but I’m a little off colour today so you’ll just have to forgive me :-)
In hindsight, I probably should have checked the logs on the modem when I first suspected it. But who the hell reads logs right? That’s like RTFM! ...my excuse “I’m ill”. Sue me.
So, if you come accross this information because you’re having the same issue, try turning off your firewall at your ADSL modem/router as a test. You may find, as I did, things start to work as expected. You may need to update your firmware, or perhaps buy a newer modem/router, but hopefully I’ve narrowed your focus for you.
Best of British to you!
Run a google (or yahoo) search for something. Then click on the images link to display all the images google/yahoo found for your search. Result: no images, only blank boxes.
The page load status indicator stalls and eventually times out. General browsing works perfectly fine.
After thinking it was my browser (Firefox 3.6 on OS X) and clearing it’s cache, I tried a few others. Safari, Opera, OmniWeb all had the same issue. So it wasn’t the browsers.
I fired up a virtual Windows XP machine and tried Firefox 3.5.7, IE 7, Opera 10, Safari and Chrome. All the same.. NO IMAGES!
Just in case, I fired up a virtual Ubuntu and OpenSuse machine also. Same issue.
Perhaps it was the MacBook.
I tried another machine entirely. I put together an old Dell PC I had lying around, running Ubuntu and same problem. Booted from a live openSuse CD... same problem.
So it wasn’t just the MacBook.
I walked away from the technical stuff and sat outside with a cuppa to ponder the situation for a while.
What could be impacting the situation?
Browsers? ...possible, but over multiple machines?
IP config of the machines? ...possible but general browsing works fine and config is issued by DHCP.
DNS? ...possible, but general browsing works fine.
Wireless hardware? ...possible.
ADSL modem? ...possible.
Internode??? ...possible but rather unlikely.
So Wireless.
I run a Linksys WRT54GL wireless router, which basically gives me a wireless access point. It also provides the DHCP info for the network. No special settings here, firewall is turned off.
However, just in case, I plug my MacBook into one of the switch ports. Same issue.
So its unlikely to be the wireless router. Moving along.
ADSL Modem then?
I run a Linksys AM300 ADSL2+ modem so I plug the MacBook into the back of it. Set an IP address and DNS entries manually and ... you guessed it, Same problem.
Ok time to look at the config of the modem.
I run the firewall on this as it’s the connection to the great unwashed. As a test, I turned of the firewall. I HAVE IMAGES!
Firewall on: no images, firewall off: images, on:no, off:yes. Ah-huh!
Time to investigate the firewall settings.
Access Control: disabled - no impact here
Schedule Rule: disabled - no impact here
MAC address filters: none - no impact here
URL blocking: none - no impact here
VPN: enabled for passthrough - no impact here
Intrusion detection: enabled - IMPACT!
ello ello, what’s going on here then?
RIP impact: enabled - probably nothing
Discard ping to WAN: enabled - probably nothing
Stateful packet inspection settings look interesting.
SPI and Anti-DoS firewall protection: enabled - let’s turn that off and see what happens.
I HAVE IMAGES AGAIN!
on: no images, off: images.
So why would Anti-Denial of Service have an impact?
Well, after giving it a few minutes thought, this is what I’ve come up with.
Internet speeds are getting faster. To take advantage of these speeds, browsers (of all types) are multi-threading in a way, making more and more simultaneous requests for information. I think Firefox defaults at 30 simultaneous http requests for objects on a page. On a page like Google images, this could end up being huge numbers of incoming connections, from different sources. All browses are doing this to appear faster and faster. To a router, could this perhaps look like a DoS attack? Possibly.
My Linksys AM300 is fairly old and the last firmware update was back in 2008 (which I am running BTW). It is possible the aged firmware simply is not designed to take into account the changing of the times, the software behind it and the speed of the internet in front of it. I’ve seen, by searching the net, that this issue doesn’t appear on all routers/modems. But what I have noticed is the newer ones tend NOT to display the problem. Only the older ones.
Mayhap, mayhap not. But what I do know for sure is, when I turn on Anti-DoS protection, I don’t get images from google or yahoo.
As a last and final check before walking away whistling, I fired up WIRESHARK.. one of my favourite network trouble shooting tools.
What I should normally see is the standard SYN --> ACK --> SYN-ACK handshakes.
What I’m expecting to see (based on my findings), when the Anti-DoS setting is enabled, is a huge list of SYN packets going out, and no ACK’s coming back. And that’s exactly what I see. Huge numbers of SYN packets going out to a wide range of google addresses, but no ACK replies.
They’re being dropped at the AM300 firewall.
Turn off the DoS protection and there are so many ACK/SYN-ACK replies it’s like I’ve stepped into a Russian war-zone with AK-47’s everywhere.
I could have been more technical with this troubleshooting process (and indeed Wireshark is usually the first place I go, and would have saved me quite a bit of time), but I’m a little off colour today so you’ll just have to forgive me :-)
In hindsight, I probably should have checked the logs on the modem when I first suspected it. But who the hell reads logs right? That’s like RTFM! ...my excuse “I’m ill”. Sue me.
So, if you come accross this information because you’re having the same issue, try turning off your firewall at your ADSL modem/router as a test. You may find, as I did, things start to work as expected. You may need to update your firmware, or perhaps buy a newer modem/router, but hopefully I’ve narrowed your focus for you.
Best of British to you!
Comments