Post by Greg TroxelReading your tcpdump, it appears your end is sending
GET /index.html HTTP/1.1
but I don't see a host specification.
What uesr agent are you using, and is it trying to send host? I do not
have those rules paged in this minute, but there is a scheme to tell the
server which vhost you want out of many on an IP address.
$ wget https://archive.netbsd.org/
--2022-04-15 14:36:21-- https://archive.netbsd.org/
Resolving archive.netbsd.org (archive.netbsd.org)... 151.101.1.6
Connecting to archive.netbsd.org (archive.netbsd.org)|151.101.1.6|:443... connected.
HTTP request sent, awaiting response...
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 733
Server: bozohttpd/20190228
Content-Type: text/html
Accept-Ranges: bytes
Date: Fri, 15 Apr 2022 18:36:22 GMT
Via: 1.1 varnish
Age: 5047
X-Served-By: cache-bos4641-BOS
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1650047782.024733,VS0,VE310
Length: 733 [text/html]
Saving to: âindex.html'
The previous tcpdump was for
# ftp http://archive.netbsd.org/index.html
on NetBSD-current on a raspberry pi. Before that I was trying to connect
from my iPad Pro, but I canât tcpdump there. Sorry if that made things
more confusing.
Here is the (verbose) output for wget http://archive.netbsd.org/ on the
same NetBSD-current pi4. It is sending host and gives the same error 503):
# tcpdump tcp -v
tcpdump: listening on genet0, link-type EN10MB (Ethernet),
capture size 262144 bytes
12:34:46.370085 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP
(6), length 60)
192.168.86.2.65512 > 151.101.1.6.http: Flags [S], cksum 0x7375
(correct), seq 199203167, win 32768, options [mss 1460,nop,wscale
3,sackOK,TS val 1 ecr 0], length 0
12:34:46.393882 IP (tos 0x0, ttl 56, id 0, offset 0, flags [DF], proto TCP
(6), length 60)
151.101.1.6.http > 192.168.86.2.65512: Flags [S.], cksum 0xc33d
(correct), seq 633182354, ack 199203168, win 65535, options [mss
1460,sackOK,TS val 1116483397 ecr 1,nop,wscale 9], length 0
12:34:46.393952 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP
(6), length 52)
192.168.86.2.65512 > 151.101.1.6.http: Flags [.], cksum 0xe1a6
(correct), ack 1, win 4197, options [nop,nop,TS val 1 ecr 1116483397],
length 0
12:34:46.394081 IP (tos 0x0, ttl 64, id 6759, offset 0, flags [DF], proto
TCP (6), length 195)
192.168.86.2.65512 > 151.101.1.6.http: Flags [P.], cksum 0x80bb
(correct), seq 1:144, ack 1, win 4197, options [nop,nop,TS val 1 ecr
1116483397], length 143: HTTP, l
ength: 143
GET /index.html HTTP/1.1
Host: archive.netbsd.org
User-Agent: Wget/1.21.3
Accept: */*
Accept-Encoding: identity
Connection: Keep-Alive
12:34:46.416896 IP (tos 0x0, ttl 56, id 27170, offset 0, flags [DF], proto
TCP (6), length 52) 151.101.1.6.http > 192.168.86.2.65512: Flags [.],
cksum 0xf048 (correct), ack 144, win 285, options [nop,nop,TS val
1116483420 ecr 1], length 0
12:34:46.416912 IP (tos 0x0, ttl 56, id 27171, offset 0, flags [DF], proto
TCP (6), length 52)
151.101.1.6.http > 192.168.86.2.65512: Flags [.], cksum 0xf048
(correct), ack 144, win 285, options [nop,nop,TS val 1116483420 ecr 1],
length 0
12:35:01.583600 IP (tos 0x0, ttl 56, id 27172, offset 0, flags [DF], proto
TCP (6), length 395)
151.101.1.6.http > 192.168.86.2.65512: Flags [P.], cksum 0x9604
(correct), seq 1:344, ack 144, win 285, options [nop,nop,TS val 1116498587
ecr 1], length 343: HTTP,
length: 343
HTTP/1.1 503 first byte timeout
Server: Varnish
Retry-After: 0
Content-Type: text/html; charset=utf-8
Accept-Ranges: bytes
Content-Length: 455
Date: Fri, 15 Apr 2022 19:34:55 GMT
Via: 1.1 varnish
Connection: keep-alive
X-Served-By: cache-bur-kbur8200028-BUR
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1650051280.848820,VS0,VE15167
12:35:01.583612 IP (tos 0x0, ttl 56, id 27173, offset 0, flags [DF], proto
TCP (6), length 507)
151.101.1.6.http > 192.168.86.2.65512: Flags [P.], cksum 0x23d4
(correct), seq 344:799, ack 144, win 285, options [nop,nop,TS val
1116498587 ecr 1], length 455: HTTP
12:35:01.583672 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP
(6), length 52)
192.168.86.2.65512 > 151.101.1.6.http: Flags [.], cksum 0xa2e9
(correct), ack 799, win 4097, options [nop,nop,TS val 31 ecr 1116498587],
length 0
12:35:01.584220 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP
(6), length 52)
192.168.86.2.65512 > 151.101.1.6.http: Flags [F.], cksum 0xa284
(correct), seq 144, ack 799, win 4197, options [nop,nop,TS val 31 ecr
1116498587], length 0
12:35:01.607783 IP (tos 0x0, ttl 56, id 27174, offset 0, flags [DF], proto
TCP (6), length 52)
151.101.1.6.http > 192.168.86.2.65512: Flags [.], cksum 0xb1b5
(correct), ack 145, win 285, options [nop,nop,TS val 1116498610 ecr 31],
length 0
12:35:01.607795 IP (tos 0x0, ttl 56, id 27175, offset 0, flags [DF], proto
TCP (6), length 52)
151.101.1.6.http > 192.168.86.2.65512: Flags [F.], cksum 0xb1b4
(correct), seq 799, ack 145, win 285, options [nop,nop,TS val 1116498610
ecr 31], length 0
12:35:01.607855 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP
(6), length 52)
192.168.86.2.65512 > 151.101.1.6.http: Flags [.], cksum 0xa26c
(correct), ack 800, win 4197, options [nop,nop,TS val 31 ecr 1116498610],
length 0