From owner-freebsd-net Sun Jan 6 23:15:19 2002 Delivered-To: freebsd-net@freebsd.org Received: from albatross.prod.itd.earthlink.net (albatross.mail.pas.earthlink.net [207.217.120.120]) by hub.freebsd.org (Postfix) with ESMTP id 455FE37B404 for ; Sun, 6 Jan 2002 23:15:14 -0800 (PST) Received: from user-33qtnie.dialup.mindspring.com ([199.174.222.78] helo=gohan.cjclark.org) by albatross.prod.itd.earthlink.net with esmtp (Exim 3.33 #1) id 16NU00-0002nQ-00; Sun, 06 Jan 2002 23:15:13 -0800 Received: (from cjc@localhost) by gohan.cjclark.org (8.11.6/8.11.1) id g076dWi02971; Sun, 6 Jan 2002 22:39:32 -0800 (PST) (envelope-from cjc) Date: Sun, 6 Jan 2002 22:39:31 -0800 From: "Crist J. Clark" To: Rachel Leising Cc: freebsd-net@FreeBSD.ORG Subject: Re: name resolution problems and "full socket buffers" Message-ID: <20020106223931.E2029@gohan.cjclark.org> Reply-To: cjclark@alum.mit.edu References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from rleising@sbcglobal.net on Sun, Jan 06, 2002 at 05:22:00PM -0800 X-URL: http://people.freebsd.org/~cjc/ Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sun, Jan 06, 2002 at 05:22:00PM -0800, Rachel Leising wrote: > > -- > I can't seem to get name resolution working correctly. > > According to sniffer output, the dns query goes out fine and the > response comes back just fine. However, my machine then replies to > the dns server with an ICMP "port unreachable message"... regardless > of the ephemeral port used by my machine as the source port for the > dns query. Could you post the actual tcpdump(1) output, # tcpdump -vvvn 'udp && port 53' Just in case you are missing something. > nestat -s also shows the following udp counters incrementing: > > "x dropped due to no socket" This is what I would expect for what you describe... > "y dropped due to full socket buffers" Hmmmm... Could we double-check the firewall issue, $ sysctl net.inet.ip.fw.enable net.inet.ipf.fr_running And see the full output of, $ netstat -s -p udp $ netstat -an -p udp $ host testhost # your DNS test here $ netstat -s -p udp $ netstat -an -p udp -- "It's always funny until someone gets hurt. Then it's hilarious." Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message