Can’t access select websites on Linux (but can on Windows)

Posted on

Problem :

My internet connection used to be a direct LAN connection to my provider. Back then, everything would load fine on both Windows and Ubuntu (dual boot). However, a while ago they started needing me to dial using a username and password (over a PPPoE connection). But since then, I haven’t been able to browse certain websites on Ubuntu, even though there have been no such issues on Windows. Some example websites are – Ovi’s sign in page (although loads fine, and loads fine), Live Mail (works on Chrome(ium) and Opera but not on Firefox (both 3.6 and 4)) and other random websites.

Some of the websites that don’t load show timeout messages on Chrome and for some websites, the browser will keep trying to load without an end (I’ve left it like that even for hours but not noticed anything different happen).

I have tried changing the DNS servers to the ones suggested in the comment. I have even tried booting from a Fedora LiveCD and then changing the DNS to those (and even to the ones of OpenDNS), but the exact same thing happens.

Here’s output of ipconfig on Windows:

alt text

If it’s any help, Opera error messages seem to be a little more informative and they have the following errors in turns:

  • Secure connection: fatal error (552)
  • Secure connection: fatal error (40)

Followed by: Opera was not able to connect to the server. The server may be using the unsupported SSL 2 protocol, which is not considered safe enough for secure communication. The site owner should upgrade to TLS 1.0 or newer.

Does anyone know why this is happening and how it can be fixed?

Update: Just saw here that someone else was having similar problem and solved it by putting a NetworkManager.conf file in /etc/NetworkManager. What needs to be in that file?

Solution :

(Copied from Unix Stack Exchange)

You have the symptoms of an MTU problem: some TCP connections freeze, more or less reproducibly for a given command or URL but with no easily discernible overall pattern. A telltale symptom is that interactive ssh sessions work well but file transfers almost always fail. Furthermore pppoe is the number one bringer of MTU problem for home users. So I prescribe an MTU check.

What is it?
The maximum transmission unit is the maximum size of a packet over a network link. The MTU varies from transport medium to transport medium, e.g. wired Ethernet and wifi (802.11) have different MTUs, and ATM links (which make up most of the long-distance infrastructure) each have their own MTU.
PPPOE is an encapsulated protocol, which means that every packet consists of a few bytes of header followed by the underlying packet — so it lowers the maximum packet size by the size of the header.
IP allows routers to fragment packets if they detect that they’re too big for the next hop, but this doesn’t always work. In theory the proper MTU should be discovered automatically, but this also doesn’t always work either. In particular googling suggests that Network Manager doesn’t always properly act on MTU information obtained from MTU discovery, but I don’t know what versions are affected or what the problematic use cases are.

How to measure it.
Try sending ping packets of a given size to an outside hosts that responds to them, e.g. ping -c 1 -s 42 (on Linux; on other systems, look up the documentation of your ping command). Your packets should get through for small enough values of 42 (if 42 doesn’t work, something is blocking pings.). For larger values, the packet won’t get through. 1464 is a typical maximum value if the limiting piece of infrastructure is your local Ethernet network. If you’re lucky, when you send a too large packet, you’ll see a message like Frag needed and DF set (mtu = 1492). If you’re not lucky, just keep experimenting with the value until you find what the maximum is, then add 28 (-s specifies the payload size, and there are 28 bytes of headers in addition to that).
See also How to Optimize your Internet Connection using MTU and RWIN on the Ubuntu forums.

How to set it (replace 1454 by the MTU you have determined, and eth0 by the name of your network interface)

  • As a once-off (Linux):
    run ifconfig eth0 mtu 1454
  • Permanently (Debian and derivatives such as Ubuntu, if not using Network Manager):
    Edit /etc/network/interfaces. Just after the entry for your network interface (after the iface eth0 … directive), add a line with pre-up ifconfig $IFACE mtu 1454. Alternatively, if your IP address is static, you can add the mtu 1454 parameter to the iface eth0 inet static directive.
  • Permanently (Debian and derivatives such as Ubuntu, with or without Network Manager):
    Create a script called /etc/network/if-pre-up.d/mtu with the following contents and make it world-executable (chmod a+rx):

    ifconfig $IFACE mtu 1454

I did leave the default configuration in interface file but set the MTU=1300 in my wireless router “WAN” section.

That solved the problem.

I have the same issue. Some of the website cannot open in my KUBUNTU 17.04. I use this command:

echo 0 >/proc/sys/net/ipv4/tcp_timestamps

The problem may be related to the DNS setup. For me, the problem solved by doing a few steps:

  1. First, open the Terminal.
  2. Inside, run sudo apt-get install resolvconf (it’ll install resolvconf package).
  3. Go to /etc/resolvconf/resolv.conf.d/ directory.
  4. Open the file named base with root permissions by running sudo nano base.
  5. Simply, add/change the entries. A valid entry example is nameserver The entries must be separated by new lines. The following, is a valid file:

    Note: A list of DNS names and addresses can be found here.

  6. Save the file and exit.
  7. Run sudo resolvconf -u (it will update DNS configuration).

That’s it! Now, try loading some websites that didn’t load, it should work!

Leave a Reply

Your email address will not be published. Required fields are marked *