I am completely stumped and don't have a great deal to go on so i am hopping that somebody can suggest what might be wrong.
I have been successfully running a DNS server and Webserver, they are both on separate machines behind a router. My domains nameservers point to the DNS server which contains the a records. The router sends all DNS traffic (coming in at port 53) to the DNS server and routes all HTTP traffic (ports 80 and 443) to the webserver.
Everything has been working fine for ages... until all of a sudden it didn't. Now, whenever i try to view any of the websites i host it just doesn't work. "The connection to the server was reset whilst the page was loading".
When i try to view the websites from inside the network, every single one of my domains points to the router.
The odd thing is, if i view the one website that is configured to use SSL from anywhere then it works so it seems to only be a port 80 issue.
I have recently installed SP2 on the webserver (Windows Server 2008), other than that i am pretty sure nothing else has changed. The NAT tables are all correct on the router.
I don't understand! Any suggestions would be greatly appreciated.
You need to localize which part isn't working. Breaking down "browsing a web page" into it's respective parts:
So, first you need to verify that DNS is resolving correctly. Ideally, this should be from a machine outside (I'm assuming you're serving pages to external customers) your network.
Secondly, telnet to port 80, internally first. For me this is:
If that works (with any valid server response), then the server is responding on that port. If you wanna be picky, you can use:
replacing index.htm with whatever your server uses for it's default. This should return a valid page:
Now, if you can do this, from the outside, and receive any sort of valid server response, then the problem is on the server itself (code or configuration).
Third, you need to verify that your server is able to communicate it's response back to the customer. This one is probably more of an issue with SLB setups where the NAT, server, and virtual are all different addresses and the server can communicate back to the customer via a different address than the request was made to (asynchronous routing).
Hope that helps. If you give some more information, I'm sure some of us would be willing to help you verify the external stuff...
edit: Well, if 91.135.5.118 is the correct resolution, then DNS appears to be fine from both nameservers.
However, when I try:
it times out.
This would normally make me suggest that you talk to your ISP about them potentially blocking inbound port 80 requests. But, that would be kinda silly if they're allowing all those other ports that appear to be open.
I did a packet capture, just to see what was happening on the wire, and it appears that your server is never actually completing a TCP handshake. It appears to receive the initial SYN, returns a SYN/ACK, I send the final ACK, and your server keeps trying to resend the SYN/ACK.
My bet moves to a firewall config either upstream or on your server.
From your machine get a command prompt up and type nslookup. This will showwhcih DNS server you are using, type debug. This way you know what is being resolved and what DNS server is resolving it, you can then take it from there updating records or entries if required.
The inside IP addresses of your servers are different from the outside IP address on the router, right? So when you attempt to connect to www.whatever.com from an inside computer, it is trying to connect to the outside IP address. Most routers can't handle this properly.
So what you need to do is override the DNS for your inside computers so that the inside computers use the internal IP address of your web server.
The quick-and-dirty workaround is to modify the hosts file on each internal computer (windows: C:\windows\system32\drivers\etc\hosts ; Linux: /etc/hosts) to contain the internal IP addresses of the web servers.
Another way is to run another internal DNS server that gives out the internal IP addresses of your servers. Then configure all your internal systems to use this DNS server instead.
I think your issues need some further explaining, but it sounds like something is wrong with your resolver. You can query the server directly via nslookup. However, you also said if you view HTTPS (port TCP443) it works. But, since DNS (UDP53) works the same for both HTTP (TCP80)and HTTPS this is causing a bit of an error with your diagnosis, since if DNS was broken you wouldn't be able to view the HTTPS port either. Note that there could be some DNS caching at play here, and this might be confusing your diagnosis.
My initial guess is that your ISP started blocking ports. Either TCP/UDP 53 and/or TCP / UDP 80 would both be common ports to block (incoming) because if you have a residential connection they don't want you running servers.
In summary I would:
SOLVED: Very stupid problem, somehow the router had been reconfigured to allow for access to the control panel from the internet so it was clearly trying to take all port 80 traffic pointing to the external IP.
Thanks for all the help you have offered though!