certain IP addresses blocked on one computer

Hi @ATTU-verseCare and @JefferMC ,

I have figured out the proximal cause of my problem, and a simple temporary workaround, although the root cause is still a bit of a mystery to me. Here is a detailed description of my discovery this weekend:

1. Background

I have two devices with http connection capabilities connected to my RG - my "fast" Linux machine and my "portable" Linux machine. Once a day and whenever I go out for a meeting or some cafe-time, I rsync the the fast machine's data to the portable machine. When I return home, I rsync the portable machine's data to the fast machine.

For convenience, when I am in my home office the normal state of the system is that both machines are on and networked into the RG. Both machines typically have both Firefox and Chrome up, with a dozen or so tabs open, each. At least half of these browser instances are connections to my two GoDaddy shared hosting IP addresses, as I am a web developer working on a number of projects simultaneously.

As reported earlier, I have recently started having trouble connecting to these two IP addresses on my "fast" machine, to the extent that I have lately been completely blocked from accessing them.

2. Accidental Discovery

This weekend I left home for a while with the portable machine. When I left, the fast machine was in its normal state of being unable to connect to the two GoDaddy IP addresses via the RG.

When I got home I turned on the fast machine, opened Chrome and, just as a test, navigated to urls on both the problematic IP addresses. To my surprise, they opened without a problem. I figured this grace period would last 10-15 minutes as it has in the past, so I decided to time it. Twenty minutes later, all was still well. A small lightbulb started to glow gently in the back of my mind.

I then plugged in and turned on the portable machine. As it started up I turned off its networking and closed its browsers. I then checked the fast machine, and found that its connection to the two GoDaddy IP addresses was still good.

I then connected the portable machine to the RG, with its browsers still closed, and started an rsync. Checked the fast machine and all was still well.

Finally, I opened Chrome on the portable machine. On the portable machine, Chrome defaults to its previous state, which is dozens of tabs, many of which are connected to the problematic IP addresses.

I checked the fast machine, and indeed, it could no longer connect to those IP addresses.

3. Further Research

I then went to the portable machine and closed Chrome, and went back to the fast machine. Instant connection.

I decided to work with just one of the IP addresses. I opened an associated URL on the portable machine - one that I know to contain very simple, fast-loading html. I set my stopwatch when the site loaded on the portable machine, then moved to the fast machine and loaded the same URL there.

The fast machine was unable to open the same URL for nearly two minutes. After that it could connect.

Further testing and timing showed that the delay for the fast machine to connect to a URL that had been opened on the portable machine was between 1:37 and 2:45 minutes. This seems to approximately correlate with the amount of time that the TCP connection on the portable machine is in the "Established" or  "Time Wait" state.

4. More Information

At this point I started to think more about my normal http connection habits. As I mentioned, I often have at least a dozen connections to the two problematic IP addresses open. As I most often develop both websites and plugins in WordPress, many of these connections are to the WordPress dashboard, which periodically refreshes itself to check for updates. I also use a WordPress site traffic monitor which refreshes every minute, in some views, in order to provide a current snapshot of visitors. Finally, some of my sites on those IP addresses include JavaScript animations that periodically reload the page in order to restart the animation.

Given all this, there is a high likelihood that in its normal resting mode, the portable machine is making http requests to one of the problematic IP addresses more than once a minute.

And, indeed. When I point a browser on the portable machine to one of the urls that automatically sends http requests to one of the problematic IP addresses, urls on that IP address become continuously blocked on the fast machine.

5. Even Further Research

a. The effect is not reversible. The fast machine's connections have no effect on the portable machine's ability to connect.

b. The effect does not (so far) occur with other gateways. When both machines are connected to the internet via my mobile hotspot, they do not interfere with each other at all. Similarly, when my portable machine was connected to the internet via Comcast cable with a Linksys e1200  router, my portable macine and several Windows machines were able to simultaneouly and immediately connect to one of the urls on a problematic GoDaddy IP address.

6. Conclusion

Because there is a simple workaround to my problem, which is to close the browers on my portable machine when it is connected to my home network, I no longer feel so much urgency about this issue.

Nonetheless, I do not believe that this is normal or acceptable gateway behavior. I am curious about whether this is related to my unusual behavior related to running Linux machines and to having multiple simultaneous connections from several devices to the same IP address.

I occasionally train clients on the use of their WordPress dashboard in my home office. This problem, which makes it impossible to have two computers connected simultaneously to the same URL on my home network, will make that kind of training impossible.

Finally, I have not cancelled tomorrow's appointment with the ATT technician. I would like him to see, understand, and document the problem I am having so at the very least he can assist others who might be experiencing something similar.

Again, thanks for all your help and attention to this problem.

Saill

Can you find the page on your RG where it shows the number of NAT sessions in use?

On my 3800, it's found under Settings > Diagnostics > NAT:

Current NAT Sessions

current secs since boot: 90132
session table 888/1024 available, 0/512 used in inbound sessions:

@JefferMC - checking for that.

Ok - found it. Can easily cut and paste it. Any suggestion for a test to perform?

Saill

Looking to see if when you're experiencing your issues, has the NAT table been exhausted.

Ok - I closed all tabs on the portable machine (NAT = 192.168.1.65)  except the one that's refreshing its connection to the IP address 72.162.1.128 once a minute. A connection to the same URL on the fast machine (NAT = 192.168.1.64) will not load. I have only that URL and the ATT forum URL open on the fast machine. A tail of the RG NAT page shows mainly connections to the ATT page, with a few attempts to connect to 72.162.1.128 by the 192.168.1.64 machine, which resulted in SYN_SENT state. This matches what netstat -nat tells me on the fast machine.

current secs since boot: 185345
session table 867/1024 available, 1/512 used in inbound sessions:
sess[47660]: bkt 2, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:123, f: 152.2.133.54:123, n: 99.189.112.141:49749
 last used 184828, max_idle: 600
sess[47735]: bkt 2, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:123, f: 4.53.160.75:123, n: 99.189.112.141:49750
 last used 184980, max_idle: 600
sess[47748]: bkt 2, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:123, f: 96.44.142.5:123, n: 99.189.112.141:49752
 last used 185019, max_idle: 600
sess[47765]: bkt 2, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:33784, f: 8.8.8.8:53, n: 99.189.112.141:33784
 last used 185027, max_idle: 600
sess[47806]: bkt 2, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:123, f: 173.230.144.109:123, n: 99.189.112.141:123
 last used 185262, max_idle: 600
sess[47238]: bkt 3, flags: 0x3b6001a1, proto: 17, cnt: 7
 l: 192.168.1.64:2419, f: 8.8.8.8:53, n: 99.189.112.141:2419
 last used 184929, max_idle: 600
sess[47647]: bkt 3, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:64385, f: 8.8.8.8:53, n: 99.189.112.141:64385
 last used 184825, max_idle: 600
sess[47688]: bkt 3, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:59538, f: 8.8.8.8:53, n: 99.189.112.141:59538
 last used 184910, max_idle: 600
sess[47709]: bkt 3, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:39395, f: 8.8.8.8:53, n: 99.189.112.141:39395
 last used 184947, max_idle: 600
sess[47721]: bkt 6, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:46793, f: 8.8.8.8:53, n: 99.189.112.141:46793
 last used 184959, max_idle: 600
sess[47781]: bkt 6, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:43988, f: 8.8.8.8:53, n: 99.189.112.141:43988
 last used 185181, max_idle: 600
sess[47629]: bkt 7, flags: 0x3b6001a1, proto: 17, cnt: 2
 l: 192.168.1.64:31236, f: 8.8.8.8:53, n: 99.189.112.141:31236
 last used 184761, max_idle: 600
sess[47746]: bkt 9, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:3196, f: 8.8.8.8:53, n: 99.189.112.141:3196
 last used 185019, max_idle: 600
sess[47755]: bkt 13, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:45509, f: 8.8.8.8:53, n: 99.189.112.141:45509
 last used 185022, max_idle: 600
sess[47657]: bkt 14, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:53670, f: 8.8.8.8:53, n: 99.189.112.141:53670
 last used 184826, max_idle: 600
sess[47694]: bkt 14, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:61336, f: 8.8.8.8:53, n: 99.189.112.141:61336
 last used 184910, max_idle: 600
sess[47681]: bkt 18, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:59778, f: 8.8.8.8:53, n: 99.189.112.141:59778
 last used 184873, max_idle: 600
sess[47821]: bkt 18, flags: 0x380001a1, proto: 6, cnt: 6
 l: 192.168.1.64:41858, f: 50.63.95.1:80, n: 99.189.112.141:41858
 last used 185345, max_idle: 15
 TCP state CLOSED
 TCP IN: is: 756065164, sent: 2, unack'd 0, mss 0, windows_scale 0 
 TCP OUT: is: 2295812390, sent: 2, unack'd 0, mss 0, windows_scale 0 
sess[47715]: bkt 19, flags: 0x380001a1, proto: 6, cnt: 33
 l: 192.168.1.64:40167, f: 135.209.208.146:80, n: 99.189.112.141:40167
 last used 185317, max_idle: 86400
 TCP state CLOSE_WAIT
 TCP IN: is: 1194053304, sent: 605, unack'd 604, mss 0, windows_scale 0 
 TCP OUT: is: 3739615777, sent: 1, unack'd -3733, mss 0, windows_scale 0 
sess[47795]: bkt 27, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:40957, f: 8.8.8.8:53, n: 99.189.112.141:40957
 last used 185256, max_idle: 600
sess[47631]: bkt 28, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:14684, f: 8.8.8.8:53, n: 99.189.112.141:14684
 last used 184761, max_idle: 600
sess[47756]: bkt 28, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:54704, f: 8.8.8.8:53, n: 99.189.112.141:54704
 last used 185022, max_idle: 600
sess[47272]: bkt 29, flags: 0x3b6001a1, proto: 17, cnt: 6
 l: 192.168.1.64:43212, f: 8.8.8.8:53, n: 99.189.112.141:43212
 last used 184930, max_idle: 600
sess[47654]: bkt 33, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:53143, f: 8.8.8.8:53, n: 99.189.112.141:53143
 last used 184826, max_idle: 600
sess[47644]: bkt 34, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:35282, f: 8.8.8.8:53, n: 99.189.112.141:35282
 last used 184802, max_idle: 600
sess[47651]: bkt 34, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:24324, f: 8.8.8.8:53, n: 99.189.112.141:24324
 last used 184826, max_idle: 600
sess[47696]: bkt 34, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:37832, f: 8.8.8.8:53, n: 99.189.112.141:37832
 last used 184930, max_idle: 600
sess[47650]: bkt 35, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:53643, f: 8.8.8.8:53, n: 99.189.112.141:53643
 last used 184826, max_idle: 600
sess[47704]: bkt 38, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:13164, f: 8.8.8.8:53, n: 99.189.112.141:13164
 last used 184941, max_idle: 600
sess[47677]: bkt 39, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:34267, f: 8.8.8.8:53, n: 99.189.112.141:34267
 last used 184872, max_idle: 600
sess[47815]: bkt 39, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:55177, f: 8.8.8.8:53, n: 99.189.112.141:55177
 last used 185331, max_idle: 600
sess[47679]: bkt 40, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:58804, f: 8.8.8.8:53, n: 99.189.112.141:58804
 last used 184873, max_idle: 600
sess[47818]: bkt 41, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:33747, f: 8.8.8.8:53, n: 99.189.112.141:33747
 last used 185331, max_idle: 600
sess[47736]: bkt 42, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:8817, f: 8.8.8.8:53, n: 99.189.112.141:8817
 last used 184994, max_idle: 600
sess[47802]: bkt 42, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:43514, f: 8.8.8.8:53, n: 99.189.112.141:43514
 last used 185260, max_idle: 600
sess[47770]: bkt 43, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:7246, f: 8.8.8.8:53, n: 99.189.112.141:7246
 last used 185094, max_idle: 600
sess[47649]: bkt 44, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:32040, f: 8.8.8.8:53, n: 99.189.112.141:32040
 last used 184826, max_idle: 600
sess[47814]: bkt 47, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:59582, f: 8.8.8.8:53, n: 99.189.112.141:59582
 last used 185331, max_idle: 600
sess[47653]: bkt 48, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:51843, f: 8.8.8.8:53, n: 99.189.112.141:51843
 last used 184826, max_idle: 600
sess[47656]: bkt 49, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:35522, f: 8.8.8.8:53, n: 99.189.112.141:35522
 last used 184826, max_idle: 600
sess[47766]: bkt 49, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:3140, f: 8.8.8.8:53, n: 99.189.112.141:3140
 last used 185039, max_idle: 600
sess[47646]: bkt 53, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:56464, f: 8.8.8.8:53, n: 99.189.112.141:56464
 last used 184825, max_idle: 600
sess[47778]: bkt 53, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:31543, f: 8.8.8.8:53, n: 99.189.112.141:31543
 last used 185176, max_idle: 600
sess[47764]: bkt 54, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:62906, f: 8.8.8.8:53, n: 99.189.112.141:62906
 last used 185027, max_idle: 600
sess[47695]: bkt 55, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:23570, f: 8.8.8.8:53, n: 99.189.112.141:23570
 last used 184929, max_idle: 600
sess[47793]: bkt 60, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:35535, f: 8.8.8.8:53, n: 99.189.112.141:35535
 last used 185256, max_idle: 600
sess[47645]: bkt 62, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:36298, f: 8.8.8.8:53, n: 99.189.112.141:36298
 last used 184813, max_idle: 600
sess[47710]: bkt 63, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:58530, f: 8.8.8.8:53, n: 99.189.112.141:58530
 last used 184947, max_idle: 600
sess[47661]: bkt 66, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:55021, f: 8.8.8.8:53, n: 99.189.112.141:55021
 last used 184838, max_idle: 600
sess[47630]: bkt 76, flags: 0x3b6001a1, proto: 17, cnt: 2
 l: 192.168.1.64:36025, f: 8.8.8.8:53, n: 99.189.112.141:36025
 last used 184761, max_idle: 600
sess[47702]: bkt 76, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:10524, f: 8.8.8.8:53, n: 99.189.112.141:10524
 last used 184941, max_idle: 600
sess[47680]: bkt 77, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:34225, f: 8.8.8.8:53, n: 99.189.112.141:34225
 last used 184872, max_idle: 600
sess[47673]: bkt 78, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:18559, f: 8.8.8.8:53, n: 99.189.112.141:18559
 last used 184850, max_idle: 600
sess[47783]: bkt 78, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:43932, f: 8.8.8.8:53, n: 99.189.112.141:43932
 last used 185181, max_idle: 600
sess[47816]: bkt 78, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:39852, f: 8.8.8.8:53, n: 99.189.112.141:39852
 last used 185331, max_idle: 600
sess[47698]: bkt 79, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:63951, f: 8.8.8.8:53, n: 99.189.112.141:63951
 last used 184931, max_idle: 600
sess[10]: bkt 80, flags: 0x3b6001a1, proto: 17, cnt: 31918
 l: 192.168.1.66:35746, f: 192.84.16.35:5165, n: 99.189.112.141:35746
 last used 185343, max_idle: 600
sess[47682]: bkt 83, flags: 0x3b600190, proto: 17, cnt: 8
 l: 99.189.112.141:56384, f: 99.99.99.53:53, n: 99.189.112.141:56384
 last used 184892, max_idle: 600
sess[47761]: bkt 83, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:17000, f: 8.8.8.8:53, n: 99.189.112.141:17000
 last used 185025, max_idle: 600
sess[47784]: bkt 84, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:47767, f: 8.8.8.8:53, n: 99.189.112.141:47767
 last used 185181, max_idle: 600
sess[47636]: bkt 86, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:30807, f: 8.8.8.8:53, n: 99.189.112.141:30807
 last used 184769, max_idle: 600
sess[47676]: bkt 88, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:48540, f: 8.8.8.8:53, n: 99.189.112.141:48540
 last used 184872, max_idle: 600
sess[47731]: bkt 89, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:14617, f: 8.8.8.8:53, n: 99.189.112.141:14617
 last used 184964, max_idle: 600
sess[47762]: bkt 90, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:43402, f: 8.8.8.8:53, n: 99.189.112.141:43402
 last used 185025, max_idle: 600
sess[47739]: bkt 92, flags: 0x3b600190, proto: 17, cnt: 2
 l: 99.189.112.141:50518, f: 99.99.99.53:53, n: 99.189.112.141:50518
 last used 185005, max_idle: 600
sess[47658]: bkt 95, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:38066, f: 8.8.8.8:53, n: 99.189.112.141:38066
 last used 184826, max_idle: 600
sess[47628]: bkt 96, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:38029, f: 8.8.8.8:53, n: 99.189.112.141:38029
 last used 184761, max_idle: 600
sess[47813]: bkt 101, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:57026, f: 8.8.8.8:53, n: 99.189.112.141:57026
 last used 185331, max_idle: 600
sess[47691]: bkt 102, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:57854, f: 8.8.8.8:53, n: 99.189.112.141:57854
 last used 184910, max_idle: 600
sess[47725]: bkt 104, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:5125, f: 8.8.8.8:53, n: 99.189.112.141:5125
 last used 184962, max_idle: 600
sess[47742]: bkt 105, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:56010, f: 8.8.8.8:53, n: 99.189.112.141:56010
 last used 185011, max_idle: 600
sess[47807]: bkt 107, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:56008, f: 8.8.8.8:53, n: 99.189.112.141:56008
 last used 185320, max_idle: 600
sess[47817]: bkt 109, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:56520, f: 8.8.8.8:53, n: 99.189.112.141:56520
 last used 185331, max_idle: 600
sess[38676]: bkt 110, flags: 0x09200198, proto: 6, cnt: 6
 l: 99.189.112.141:49152, f: 71.6.165.200:39852, n: 99.189.112.141:49152
 last used 137483, max_idle: 86400
 TCP state ESTABLISHED
 TCP IN: is: 1493863120, sent: 1, unack'd 0, mss 0, windows_scale 0 
 TCP OUT: is: 412905713, sent: 1, unack'd 1, mss 0, windows_scale 0 
sess[47760]: bkt 112, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:39057, f: 8.8.8.8:53, n: 99.189.112.141:39057
 last used 185023, max_idle: 600
sess[47757]: bkt 113, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:35458, f: 8.8.8.8:53, n: 99.189.112.141:35458
 last used 185022, max_idle: 600
sess[47812]: bkt 113, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:45240, f: 8.8.8.8:53, n: 99.189.112.141:45240
 last used 185331, max_idle: 600
sess[47732]: bkt 115, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:45752, f: 8.8.8.8:53, n: 99.189.112.141:45752
 last used 184964, max_idle: 600
sess[47752]: bkt 119, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:44451, f: 8.8.8.8:53, n: 99.189.112.141:44451
 last used 185022, max_idle: 600
sess[47632]: bkt 121, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:60909, f: 8.8.8.8:53, n: 99.189.112.141:60909
 last used 184762, max_idle: 600
sess[47782]: bkt 121, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:49601, f: 8.8.8.8:53, n: 99.189.112.141:49601
 last used 185181, max_idle: 600
sess[47648]: bkt 122, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:56798, f: 8.8.8.8:53, n: 99.189.112.141:56798
 last used 184826, max_idle: 600
sess[47652]: bkt 124, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:11819, f: 8.8.8.8:53, n: 99.189.112.141:11819
 last used 184826, max_idle: 600
sess[47774]: bkt 124, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:10285, f: 8.8.8.8:53, n: 99.189.112.141:10285
 last used 185124, max_idle: 600
sess[47635]: bkt 127, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:19277, f: 8.8.8.8:53, n: 99.189.112.141:19277
 last used 184769, max_idle: 600
sess[47665]: bkt 127, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:42656, f: 8.8.8.8:53, n: 99.189.112.141:42656
 last used 184847, max_idle: 600
sess[47785]: bkt 128, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:53046, f: 8.8.8.8:53, n: 99.189.112.141:53046
 last used 185181, max_idle: 600
sess[47798]: bkt 128, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:40292, f: 8.8.8.8:53, n: 99.189.112.141:40292
 last used 185256, max_idle: 600
sess[47819]: bkt 133, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:45389, f: 8.8.8.8:53, n: 99.189.112.141:45389
 last used 185331, max_idle: 600
sess[47769]: bkt 134, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:39015, f: 8.8.8.8:53, n: 99.189.112.141:39015
 last used 185094, max_idle: 600
sess[47633]: bkt 138, flags: 0x3b6001a1, proto: 17, cnt: 2
 l: 192.168.1.64:43354, f: 8.8.8.8:53, n: 99.189.112.141:43354
 last used 184762, max_idle: 600
sess[47662]: bkt 141, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:27037, f: 8.8.8.8:53, n: 99.189.112.141:27037
 last used 184838, max_idle: 600
sess[47775]: bkt 144, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:19621, f: 8.8.8.8:53, n: 99.189.112.141:19621
 last used 185124, max_idle: 600
sess[47687]: bkt 146, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:48725, f: 8.8.8.8:53, n: 99.189.112.141:48725
 last used 184910, max_idle: 600
sess[47745]: bkt 148, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:53564, f: 8.8.8.8:53, n: 99.189.112.141:53564
 last used 185018, max_idle: 600
sess[47751]: bkt 148, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:33897, f: 8.8.8.8:53, n: 99.189.112.141:33897
 last used 185022, max_idle: 600
sess[47810]: bkt 148, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:35431, f: 8.8.8.8:53, n: 99.189.112.141:35431
 last used 185323, max_idle: 600
sess[47779]: bkt 152, flags: 0x380001a1, proto: 6, cnt: 7
 l: 192.168.1.64:47102, f: 72.167.1.128:80, n: 99.189.112.141:47102
 last used 185239, max_idle: 86400
 TCP state SYN_SENT
 TCP IN: is: 0, sent: 0, unack'd 0, mss 0, windows_scale 0 
 TCP OUT: is: 1523516416, sent: 1, unack'd 1, mss 0, windows_scale 0 
sess[47809]: bkt 152, flags: 0x380001a1, proto: 6, cnt: 8
 l: 192.168.1.65:57513, f: 72.167.1.128:80, n: 99.189.112.141:57513
 last used 185332, max_idle: 15
 TCP state CLOSED
 TCP IN: is: 3039073552, sent: 4643, unack'd 0, mss 0, windows_scale 0 
 TCP OUT: is: 3850495152, sent: 2617, unack'd 0, mss 0, windows_scale 0 
sess[47791]: bkt 153, flags: 0x380001a1, proto: 6, cnt: 7
 l: 192.168.1.64:47103, f: 72.167.1.128:80, n: 99.189.112.141:47103
 last used 185306, max_idle: 86400
 TCP state SYN_SENT
 TCP IN: is: 0, sent: 0, unack'd 0, mss 0, windows_scale 0 
 TCP OUT: is: 548678959, sent: 1, unack'd 1, mss 0, windows_scale 0 
sess[47771]: bkt 155, flags: 0x380001a1, proto: 6, cnt: 7
 l: 192.168.1.64:47101, f: 72.167.1.128:80, n: 99.189.112.141:47101
 last used 185158, max_idle: 86400
 TCP state SYN_SENT
 TCP IN: is: 0, sent: 0, unack'd 0, mss 0, windows_scale 0 
 TCP OUT: is: 2629539144, sent: 1, unack'd 1, mss 0, windows_scale 0 
sess[47659]: bkt 156, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:20661, f: 8.8.8.8:53, n: 99.189.112.141:20661
 last used 184826, max_idle: 600
sess[47747]: bkt 157, flags: 0x380001a1, proto: 6, cnt: 7
 l: 192.168.1.64:47099, f: 72.167.1.128:80, n: 99.189.112.141:47099
 last used 185082, max_idle: 86400
 TCP state SYN_SENT
 TCP IN: is: 0, sent: 0, unack'd 0, mss 0, windows_scale 0 
 TCP OUT: is: 1488365097, sent: 1, unack'd 1, mss 0, windows_scale 0 
sess[47780]: bkt 159, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:42560, f: 8.8.8.8:53, n: 99.189.112.141:42560
 last used 185181, max_idle: 600
sess[47668]: bkt 160, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:65063, f: 8.8.8.8:53, n: 99.189.112.141:65063
 last used 184848, max_idle: 600
sess[47706]: bkt 160, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:52759, f: 8.8.8.8:53, n: 99.189.112.141:52759
 last used 184947, max_idle: 600
sess[47674]: bkt 164, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:36176, f: 8.8.8.8:53, n: 99.189.112.141:36176
 last used 184872, max_idle: 600
sess[47796]: bkt 165, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:47204, f: 8.8.8.8:53, n: 99.189.112.141:47204
 last used 185256, max_idle: 600
sess[47787]: bkt 171, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:44925, f: 8.8.8.8:53, n: 99.189.112.141:44925
 last used 185181, max_idle: 600
sess[47797]: bkt 172, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:57652, f: 8.8.8.8:53, n: 99.189.112.141:57652
 last used 185256, max_idle: 600
sess[47719]: bkt 173, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:59187, f: 8.8.8.8:53, n: 99.189.112.141:59187
 last used 184959, max_idle: 600

Hi @JefferMC 

Tried to cut and past the RG's NAT diagnostics page, but the forum wouldn't accept so many characters. In a nutshell... Closed all connections on the portable machine (192.168.1.65), except the one to 72.167.1.128 that reconnects once a minute. Closed all connections on the fast machine (192.168.1.64) except the one to the same URL (which will not load) and the one to this forum. When I attempt to refresh the problematic page on 192.168.1.64, the following shows up on the RG NAT diagnostics page, mixed in with a preponderance of connections to the ATT IP address. It shows the connection to the 72.167... IP address to be in the SYN-SENT state on the .64 machine, which matches its netstat -nat results that I see.

(forum seems to be blocking copy/paste from RG page. Let's see if this gets through...)

Saill

Ok  -got that through. Here is what NATdiagnostics says:

sess[48223]: bkt 204, flags: 0x380001a1, proto: 6, cnt: 3
 l: 192.168.1.64:47269, f: 72.167.1.128:80, n: 99.189.112.141:47269
 last used 186696, max_idle: 86400
 TCP state SYN_SENT
 TCP IN: is: 0, sent: 0, unack'd 0, mss 0, windows_scale 0 
 TCP OUT: is: 1981846503, sent: 1, unack'd 1, mss 0, windows_scale 0 
sess[48211]: bkt 205, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:29639, f: 8.8.8.8:53, n: 99.189.112.141:29639
 last used 186550, max_idle: 600
sess[48097]: bkt 206, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.65:17396, f: 8.8.8.8:53, n: 99.189.112.141:17396
 last used 186249, max_idle: 600
sess[48129]: bkt 206, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:54626, f: 8.8.8.8:53, n: 99.189.112.141:54626
 last used 186400, max_idle: 600
sess[48161]: bkt 206, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:51327, f: 8.8.8.8:53, n: 99.189.112.141:51327
 last used 186407, max_idle: 600
sess[48226]: bkt 207, flags: 0x380001a1, proto: 6, cnt: 3
 l: 192.168.1.64:47270, f: 72.167.1.128:80, n: 99.189.112.141:47270
 last used 186697, max_idle: 86400
 TCP state SYN_SENT
 TCP IN: is: 0, sent: 0, unack'd 0, mss 0, windows_scale 0 
 TCP OUT: is: 1045880679, sent: 1, unack'd 1, mss 0, windows_scale 0 
sess[48156]: bkt 211, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:13980, f: 8.8.8.8:53, n: 99.189.112.141:13980
 last used 186404, max_idle: 600
sess[48103]: bkt 228, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:3731, f: 8.8.8.8:53, n: 99.189.112.141:3731
 last used 186322, max_idle: 600
sess[48130]: bkt 228, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:2966, f: 8.8.8.8:53, n: 99.189.112.141:2966
 last used 186400, max_idle: 600
sess[48119]: bkt 234, flags: 0x3b6001a1, proto: 17, cnt: 3
 l: 192.168.1.64:23496, f: 8.8.8.8:53, n: 99.189.112.141:23496
 last used 186399, max_idle: 600

Honestly, I was hoping for the table summary like the one I pasted, to get an idea if the translation table is overflowing.  I'm not seeing anything in these entries, but this is just a small subset.  The Protocol 17, port 53 requests to 8.8.8.8 are DNS requests to Google.  The Protocol 6, port 80 requests are obviously requests to your Web server.

Hi @JefferMC - Oops - missed the little table you posted. Here is mine, in the state of one machine connected and refreshing, and the other machine unable to load the page:

current secs since boot: 228204
session table 714/1024 available, 0/512 used in inbound sessions:
sess[59186]: bkt 0, flags: 0x3b6001a1, proto: 17, cnt: 3

For some reason your original post just filled in the long log and the table was at the top of it as well.  Well, NAT session overload is not the answer.  Sigh.  Scratching head thinking of other possibilities.