Black holes in the net

If you experience sudden, otherwise inexplicable, Internet access problems, you might victim to a black hole router. This week, it happened to me for the third time in two years. This time, I’m writing the experience down so that I don’t have to hunt around for a solution with a crippled connection again.

This problem is most noticeable when you’re using a popular web site. Sites like Google, Microsoft, Slashdot, Yahoo, have close to 100% up time. If you’re having a problem connecting to such a site, it’s not often because the site itself is down. Which is why these sites provide a good indicator of a problem elsewhere.

To check if a site is really down you can use web site which scans other sites, such as the W3C HTML validator. If the validator loads the site okay but you get nothing, or very slow access from your browser, there’s a possibility that your Internet messages are going down a black hole.

Internet messages get passed from computer to computer until they reach the computer you want to contact. Machines that are dedicated to this purpose are called routers.

A single Internet message can be quite large. Sometimes the routers decide to split them up to transfer them around the network. But if your messages always got split to the smallest size it would slow down your communication, so there is a protocol the machines follow to detect the maximum size. This size is known as the MTU.

To detect the MTU machines deliberately send messages that are big enough to require splitting. They also tag the message to tell the other routers not to split it up if possible. They wait for a router somewhere along the line to send back an error saying that it can’t pass on the message without splitting it. Iterating this process, the sender can work out the MTU. Without this feature, every computer on the Internet would have to use the minimum size for all messages.

A black hole is a router which has been configured to discard the messages and not report errors. When a message is routed to a black hole, the sender assumes the network connection is down. Some routers are deliberately configured as black holes to prevent DoS attacks. However, sometimes an administrator of a router is over zealous in filtering out messages through the firewall.

If a badly configured router sits between you and the machine you want to connect to, the automatic MTU detection process will fail and your computer will assume that the machine you want to talk to is not working.

It’s easy to check if a badly configured router is eating your Internet messages if you are using Linux. A single command can reduce the MTU on your machine.

sudo ifconfig eth0 mtu 1492

If the connection now works fine, then there’s a problem with a router somewhere between you and the computer you want to access. The size of MTU to use depends on how you connect to the Internet. If you’re using a standard broadband DSL connection and you connect to a modem router with a cable or using wireless then the size you’ll need is 1492. It’s possible to change the MTU on Windows too, but you’ll have edit the registry and reboot after each change!

The fix for the problem is to detect where the black hole router is and get the administrator to fix the problem. In practice this could take a while so most of the time you’ll want to work around the problem instead. If you’re lucky, you might be able to set the MTU for your whole home network by changing a setting on your modem router. This should fix all the machines on your network in one go. You might will probably need to reboot the server and all the machines on the network before this change is distributed.

To set the MTU size on Linux automatically on boot, you can edit the /etc/network/interfaces file. Find where your connection is set up and add the following:

auto eth0
iface eth0 inet dhcp
    up ifconfig eth0 mtu 1492

In Windows you have to first find the key for your active network connection. You can find this by using regedit.exe. First look for:

HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\Network\\{4D36E972-E325-11CE-BFC1-08002BE10318}\.

Under this are the keys for your connections. Make a note of the key for your connection. (You don’t have to remember the whole thing, the first few digits should be enough. Then look for the key:

HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Services\\tcpip\\parameters\\interfaces

Under this you should find a key that matches the one you noted before. Under that key, add a new DWORD key called “MTU” here and set the value to decimal 1492. Then quit regedit.exe and reboot.

12 Replies to “Black holes in the net”

  1. Good information. Lucky me I discovered your site by chance (stumbleupon). I’ve saved as a favorite for later!

  2. I am just vineoris commenting to make you know of the nice experience my wife’s girl had using your web page. She learned such a lot of details, including what it is like to have a wonderful coaching mood to make the others just gain knowledge of specific very confusing topics. You undoubtedly exceeded our desires. Thanks for delivering such beneficial, healthy, explanatory and as well as unique guidance on that topic to Evelyn.

  3. I undoubtedly did not realize that. Learnt something new today! Thanks for that.

  4. Hi there! This blog post couldn’t be written much better! Reading through this post reminds me of my previous roommate! He always kept preaching about this. I will send this information to him. Pretty sure he will have a very good read. Many thanks for sharing!

  5. I doubt there are any straight up spelling errors as I have a checker for that. But there are probably numerous grammar and idiomatic errors. Feel free to point them out and I will fix them.

  6. obviously like your web-site but you have to take a look at the spelling on quite a few of your posts. Several of them are rife with spelling problems and I in finding it very bothersome to inform the reality however I will surely come back again.

  7. Thanks to acquire expressing these details. Nevertheless it can be truly superb to have even more details!

  8. Today good day :)
    The interesting name of a site – blog.powered-up-games.com
    I at night 4 hours
    sat in the Internet So I have found your site :)
    The interesting site but does not suffice several sections!
    However this section is very necessary!
    Best wishes for you!
    Forgive I is drunk :))

Leave a Reply

Your email address will not be published.