Maximum length for a http url?

Unanswered Question
Jun 24th, 2010
User Badges:

I have a website that I cannot access via any of the Cisco 877 routers I have installed, 10 in total.  When I try to access this url


http://learning.learndirect.co.uk/player/content.action?context=PIz%2B1AAbkBr9oZ06cNz0G04o8ezRdU056DCQxwQcpRckuE2u3egpOibxJHUnDFsp9pzCHXE2BNa2%0AR1kvHvXxkHJzoZ2GoCzlTktahp4vim2NChDG7Qs4Th3rlAEs87tNDk84t%2BmL1CMHLsosVW5jilJ1%0AkfL57d4wzADx1pjWjyvfemq5LNQ3oCfuQ1kkTcxGJTtdmT/5%2BpPHbvkpj1IjDvfZNL6YbmUWDdoL%0AzV%2BdBbe3yZFQDp70gc/35S/z45A0NJ0aqrnOdUkaa1RdO%2BokZwtDK9PrlHki%2B5VEluIf5Ab6v/lf%0APj7DBRfsjXhoHZ7bfWDI%2BJF5DsZGuETVgN8sZYhUYuWwwg8J3ElqEvdeJA0SDiIlj0m%2BAf2klyW4%0ADh6ODfLwiWuvjpgFEY9B4qXXBTHnTNieypzTrCBJkRW240wW4wNr%2BTz5kas4M8ks/yz3OMbouUbk%0AoPiFwbETdCuw1BrnDYqNuB40X1dQPQ6unohwvrS35Lp7P4rPs1G1nrMqyCgrJs9FNkeYcOnXtkPg%0A%2BMMXMnA7dZlY6/SNKQeoh%2BVSkg2kw9HyoTbWZkn9i1qdJTMMNefFCgAOQohc7uwZRxcoyLNqxu9h%0A8jhEn4C0hftlP85adlcWZQUHwun6Sr3IyWrXOSDpdrICwWvisx9lGiMs%2B6m44zke%2BPpfG4RcopCq%0A/Vpk5kOcQeU7UD2EmbBs8R2eKYPPd1PWQRBlTDn/MZV2OJ044xCnTKCtNX31ogGP%2Bm8q8zu2sF56%0AKr4f9wyEVywxwl3Gu7phGxl/4dVoZEJZfPLEZFPD6JzJ8647e3bGLwJHhdvAg3fF3vJC9ENapi%2Bj%0A1WFAr27ADoNybktNVNfQmJaFg8NXMA1sTK2EPFFt%2BI5gdsabG%2BSNhGbJdj9TRaKJUP%2Bn2R%2BVrFk8%0A27eOvFBVgfnrHd0u4/rmwqqWppyztqO7E44IpO1n9/VLhPhr51SSaMe99elLUPdTQ%2Bzbaf8EiIwk%0AoKnFPXxfD3KYmsl9SlgS5f5aDKMdoUG3v5FJ


The page does not display after a period of about 3 minutes waiting for the browser to retry.  The question is, is there a maximum length on a url that Cisco implement in the Advanced Security IOS for this model?


I have tried the url on a Cisco 1841 and it works fine with a very similar config.


Im sorry if this isnt the right place for this post, please redirect me if there is a better forum for this!


Thanks


Kyle

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Diego Armando C... Thu, 06/24/2010 - 14:29
User Badges:
  • Bronze, 100 points or more

This problem might be related with mtu maybe or mss. from the 800 routers... does the traffic pass a GRE tunnel?

kyle.heath Thu, 06/24/2010 - 14:31
User Badges:

It doesnt no, but I do have an IPSEC tunnel to another 877 at a remote site.  I set the mss on the ATM0.1 interface to 1300 on a ADSL2 circuit, this has improved the IPSEC tunnel significantly in terms of fragmentation.


I will try upping the mss back to 1452 again and test.  Thanks

kyle.heath Thu, 06/24/2010 - 14:45
User Badges:

I have just tested further and the issue seems to only fail from Windows XP, I have tested from a Windows 2008 Server and this is successful.  I have changed the command on the ATM0.1 interface to


no ip tcp adjust-mss 1300


and the issue still occurs.  Its really making me think this one as the site is a government website and worked for my customer for months until last thursday so I can only think that something changed at the website level or hosting otherwise it wouldnt have worked before.

Diego Armando C... Thu, 06/24/2010 - 14:52
User Badges:
  • Bronze, 100 points or more

Go ahead and do a debug for ICMP .. If you see this messange


ICMP: dst (x.x.x.x) frag. needed and DF set 
unreachable sent to x.x.x.x  this is a fragmentation issue.
kyle.heath Thu, 06/24/2010 - 15:07
User Badges:

Thanks, I will try that tomorrow.  I just can't work out why it works on Windows 2008 and not Windows XP behind the same router.



--




Kyle Heath

Actions

This Discussion