Un certain nombre d'adresses réseau semblent inaccessibles depuis mon ordinateur (Mac Mavericks, 10.9.2). Par exemple, je ne vois aucune image sur wikipedia. L'article vedette d'aujourd'hui n'affiche pas l'image http://upload.wikimedia.org/wikipedia/commons/5/54/Potret_Roekiah1.jpg (Safari se bloque en essayant de charger l'image).
Voici mes tentatives pour comprendre ce qui se passe (j'ai modifié les identifiants et certains numéros d'IP).
[Radek ~]$ ping upload.wikimedia.org
PING upload-lb.esams.wikimedia.org (91.198.174.234): 56 data bytes
36 bytes from ae2.cr1-esams.wikimedia.org (195.69.145.176): Destination Net Unreachable
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 48 5400 e066 0 0000 3c 01 d18f 192.168.1.18 91.198.174.234
Request timeout for icmp_seq 0
Request timeout for icmp_seq 1
(et le ping s'arrête ou rapporte Destination Net Unreachable
pour d'autres tentatives)
[Radek ~]$ traceroute upload.wikimedia.org
traceroute to upload-lb.esams.wikimedia.org (91.198.174.234), 64 hops max, 52 byte packets
1 192.168.1.1 (192.168.1.1) 2.359 ms 2.102 ms 2.016 ms
2 xxx.adsl2.static.versatel.nl (82.173.xx.xx) 104.734 ms 106.157 ms 107.574 ms
3 xxx.xxx.versatel.net (217.16.39.169) 125.938 ms * 49.443 ms
4 ae6-xxx.brxxxsara.versatel.net (212.53.xx.xx) 55.765 ms 66.818 ms 80.532 ms
5 * * *
...
64 * * *
Voici quelques détails de ma configuration :
[Radek ~]$ ifconfig -a
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
options=3<RXCSUM,TXCSUM>
inet6 ::1 prefixlen 128
inet 127.0.0.1 netmask 0xff000000
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
nd6 options=1<PERFORMNUD>
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether xx:xx
inet6 xxxx:xxxx%en0 prefixlen 64 scopeid 0x4
inet 192.168.1.18 netmask 0xffffff00 broadcast 192.168.1.255
nd6 options=1<PERFORMNUD>
media: autoselect
status: active
en1: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=60<TSO4,TSO6>
ether xx:xx
media: autoselect <full-duplex>
status: inactive
en2: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=60<TSO4,TSO6>
ether xx:xx
nd6 options=1<PERFORMNUD>
media: autoselect <full-duplex>
status: inactive
bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=63<RXCSUM,TXCSUM,TSO4,TSO6>
ether xx:xx
Configuration:
id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
ipfilter disabled flags 0x2
member: en1 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 6 priority 0 path cost 0
nd6 options=1<PERFORMNUD>
media: <unknown type>
status: inactive
p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
ether xx:xx
media: autoselect
status: inactive
[Radek ~]$ netstat -s
tcp:
4041934 packets sent
2109154 data packets (2412741336 bytes)
4336 data packets (4973578 bytes) retransmitted
0 resends initiated by MTU discovery
1515058 ack-only packets (788 delayed)
0 URG only packets
8 window probe packets
315897 window update packets
98042 control packets
997 data packets sent after flow control
3032003 checksummed in software
3032003 segments (2030699244 bytes) over IPv4
0 segments (0 bytes) over IPv6
4874936 packets received
1245553 acks (for 2412436596 bytes)
61704 duplicate acks
0 acks for unsent data
3590173 packets (4105070383 bytes) received in-sequence
4782 completely duplicate packets (2495220 bytes)
881 old duplicate packets
103 packets with some dup. data (44979 bytes duped)
88880 out-of-order packets (119408758 bytes)
0 packets (0 bytes) of data after window
0 window probes
1297 window update packets
2853 packets received after close
0 bad resets
1 discarded for bad checksum
3221507 checksummed in software
3221507 segments (2755880532 bytes) over IPv4
0 segments (0 bytes) over IPv6
0 discarded for bad header offset fields
0 discarded because packet too short
53415 connection requests
11 connection accepts
0 bad connection attempts
0 listen queue overflows
45391 connections established (including accepts)
53529 connections closed (including 5839 drops)
742 connections updated cached RTT on close
742 connections updated cached RTT variance on close
258 connections updated cached ssthresh on close
5357 embryonic connections dropped
2919226 segments updated rtt (of 1129684 attempts)
7233 retransmit timeouts
44 connections dropped by rexmit timeout
0 connections dropped after retransmitting FIN
21 persist timeouts
0 connections dropped by persist timeout
137 keepalive timeouts
1 keepalive probe sent
84 connections dropped by keepalive
522089 correct ACK header predictions
3349375 correct data packet header predictions
1800 SACK recovery episodes
3142 segment rexmits in SACK recovery episodes
4404841 byte rexmits in SACK recovery episodes
40073 SACK options (SACK blocks) received
88105 SACK options (SACK blocks) sent
0 SACK scoreboard overflow
0 LRO coalesced packets
0 times LRO flow table was full
0 collisions in LRO flow table
0 times LRO coalesced 2 packets
0 times LRO coalesced 3 or 4 packets
0 times LRO coalesced 5 or more packets
2627 limited transmits done
1212 early retransmits done
1495 times cumulative ack advanced along with SACK
udp:
1116361 datagrams received
0 with incomplete header
0 with bad data length field
0 with bad checksum
1 with no checksum
831232 checksummed in software
814776 datagrams (107515088 bytes) over IPv4
16456 datagrams (5525356 bytes) over IPv6
463 dropped due to no socket
588682 broadcast/multicast datagrams undelivered
0 times multicast source filter matched
0 dropped due to full socket buffers
0 not for hashed pcb
527216 delivered
68356 datagrams output
57620 checksummed in software
50288 datagrams (3553575 bytes) over IPv4
7332 datagrams (1789298 bytes) over IPv6
ip:
6126838 total packets received
0 bad header checksums
4194980 headers (83905872 bytes) checksummed in software
0 with size smaller than minimum
0 with data size < data length
154979 with data size > data length
0 packets forced to software checksum
0 with ip length > max ip packet size
0 with header length < data size
0 with data length < header length
0 with bad options
0 with incorrect version number
121 fragments received
0 dropped (dup or out of space)
0 dropped after timeout
60 reassembled ok
5964502 packets for this host
7957 packets for unknown/unsupported protocol
0 packets forwarded (0 packets fast forwarded)
2108 packets not forwardable
152210 packets received for unknown multicast group
0 redirects sent
4125494 packets sent from this host
305 packets sent with fabricated ip header
0 output packets dropped due to no bufs, etc.
3 output packets discarded due to no route
0 output datagrams fragmented
0 fragments created
0 datagrams that can't be fragmented
0 tunneling packets that can't find gif
0 datagrams with bad address in header
0 packets dropped due to no bufs for control data
3091053 headers (61835944 bytes) checksummed in software
icmp:
463 calls to icmp_error
0 errors not generated 'cuz old message was icmp
Output histogram:
echo reply: 4
destination unreachable: 463
0 messages with bad code fields
0 messages < minimum length
0 bad checksums
0 messages with bad length
0 multicast echo requests ignored
0 multicast timestamp requests ignored
Input histogram:
echo reply: 100
destination unreachable: 6099
echo: 4
time exceeded: 71
4 message responses generated
ICMP address mask responses are disabled
igmp:
1971 messages received
0 messages received with too few bytes
1 message received with wrong TTL
0 messages received with bad checksum
1963 V1/V2 membership queries received
0 V3 membership queries received
0 membership queries received with invalid field(s)
1963 general queries received
0 group queries received
0 group-source queries received
0 group-source queries dropped
7 membership reports received
0 membership reports received with invalid field(s)
7 membership reports received for groups to which we belong
0 V3 reports received without Router Alert
3506 membership reports sent
ipsec:
0 inbound packets processed successfully
0 inbound packets violated process security policy
0 inbound packets with no SA available
0 invalid inbound packets
0 inbound packets failed due to insufficient memory
0 inbound packets failed getting SPI
0 inbound packets failed on AH replay check
0 inbound packets failed on ESP replay check
0 inbound packets considered authentic
0 inbound packets failed on authentication
0 outbound packets processed successfully
0 outbound packets violated process security policy
0 outbound packets with no SA available
0 invalid outbound packets
0 outbound packets failed due to insufficient memory
0 outbound packets with no route
arp:
1236 ARP requests sent
1838 ARP replies sent
0 ARP announcements sent
171129 ARP requests received
1141 ARP replies received
172326 total ARP packets received
0 ARP conflict probes sent
0 invalid ARP resolve requests
0 total packets dropped due to lack of memory
2014 total packets dropped due to no ARP entry
71 total packets dropped during ARP entry removal
960 ARP entries timed out
0 Duplicate IPs seen
ip6:
33159 total packets received
0 with size smaller than minimum
0 with data size < data length
0 with data size > data length
0 packets forced to software checksum
0 with bad options
0 with incorrect version number
1208 fragments received
0 dropped (dup or out of space)
0 dropped after timeout
0 exceeded limit
604 reassembled ok
27697 packets for this host
0 packets forwarded
4297 packets not forwardable
0 redirects sent
4297 multicast packets which we don't join
0 packets whose headers are not continuous
0 tunneling packets that can't find gif
0 packets discarded due to too may headers
0 forward cache hit
0 forward cache miss
0 packets dropped due to no bufs for control data
5010 packets sent from this host
0 packets sent with fabricated ip header
0 output packets dropped due to no bufs, etc.
5782 output packets discarded due to no route
0 output datagrams fragmented
0 fragments created
0 datagrams that can't be fragmented
0 packets that violated scope rules
Input histogram:
hop by hop: 62
TCP: 30
UDP: 26459
fragment: 1208
ICMP6: 5397
Mbuf statistics:
7285 one mbuf
two or more mbuf:
lo0= 4535
21339 one ext mbuf
0 two or more ext mbuf
0 failures of source address selection
icmp6:
0 calls to icmp_error
0 errors not generated because old message was icmp error or so
0 errors not generated because rate limitation
Output histogram:
router solicitation: 186
neighbor solicitation: 73
neighbor advertisement: 73
MLDv2 listener report: 113
0 messages with bad code fields
0 messages < minimum length
0 bad checksums
0 messages with bad length
Input histogram:
MLDv1 listener report: 50
neighbor solicitation: 21
neighbor advertisement: 1091
Histogram of error messages to be generated:
0 no route
0 administratively prohibited
0 beyond scope
0 address unreachable
0 port unreachable
0 packet too big
0 time exceed transit
0 time exceed reassembly
0 erroneous header field
0 unrecognized next header
0 unrecognized option
0 redirect
0 unknown
0 message responses generated
0 messages with too many ND options
0 messages with bad ND options
0 bad neighbor solicitation messages
19 bad neighbor advertisement messages
0 bad router solicitation messages
0 bad router advertisement messages
0 bad redirect messages
0 path MTU changes
ipsec6:
0 inbound packets processed successfully
0 inbound packets violated process security policy
0 inbound packets with no SA available
0 invalid inbound packets
0 inbound packets failed due to insufficient memory
0 inbound packets failed getting SPI
0 inbound packets failed on AH replay check
0 inbound packets failed on ESP replay check
0 inbound packets considered authentic
0 inbound packets failed on authentication
0 outbound packets processed successfully
0 outbound packets violated process security policy
0 outbound packets with no SA available
0 invalid outbound packets
0 outbound packets failed due to insufficient memory
0 outbound packets with no route
rip6:
0 messages received
0 checksum calcurations on inbound
0 messages with bad checksum
0 messages dropped due to no socket
0 multicast messages dropped due to no socket
0 messages dropped due to full socket buffers
0 delivered
0 datagrams output
pfkey:
0 requests sent to userland
0 bytes sent to userland
0 messages with invalid length field
0 messages with invalid version field
0 messages with invalid message type field
0 messages too short
0 messages with memory allocation failure
0 messages with duplicate extension
0 messages with invalid extension type
0 messages with invalid sa type
0 messages with invalid address extension
0 requests sent from userland
0 bytes sent from userland
0 messages toward single socket
0 messages toward all sockets
0 messages toward registered sockets
0 messages with memory allocation failure
Le problème est spécifique à mon Mac (wikipedia fonctionne sur les appareils iOS) et persiste malgré les essais :
- des réseaux différents (défaillances au travail et à la maison)
- différentes interfaces (via wi-fi ou ethernet)
- redémarrage (même les mises à jour du système, actuellement 10.9.2)
- différents DNS ("automatique" ainsi que google 8.8.8.8 et 8.8.4.4)
UPDATE :
Résolu ! Merci.... C'est un client "VPN over ssh" sshuttle qui a changé mon /etc/hosts
fichier à rediriger de wikimedia (parmi >1000 autres )