From owner-freebsd-questions Wed Jan 21 07:14:18 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id HAA01489 for questions-outgoing; Wed, 21 Jan 1998 07:14:18 -0800 (PST) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from awfulhak.org (awfulhak.demon.co.uk [158.152.17.1]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA01452 for ; Wed, 21 Jan 1998 07:14:05 -0800 (PST) (envelope-from brian@Awfulhak.org) Received: from gate.lan.awfulhak.org (localhost [127.0.0.1]) by awfulhak.org (8.8.7/8.8.7) with ESMTP id NAA14585; Wed, 21 Jan 1998 13:21:12 GMT (envelope-from brian@Awfulhak.org) Message-Id: <199801211321.NAA14585@awfulhak.org> X-Mailer: exmh version 2.0.1 12/23/97 To: "Daniel C. Konnoff" cc: brian@Awfulhak.org, questions@FreeBSD.ORG Subject: Re: ppp routing problems In-reply-to: Your message of "Wed, 21 Jan 1998 17:59:44 +0800." Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 21 Jan 1998 13:21:12 +0000 From: Brian Somers Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk Hi, I suspect there are two problems here. First, it doesn't look as if mail is forwarding IP packets. Check the gateway_enable setting in /etc/rc.conf. The second problem seems to be that tpe is refusing connections from mail. Can you try doing a telnet, then an ftp from mail to tpe and see how things go ? You may also want to see what `set log +tcp/ip' on each side comes up with. I'm assuming you're using a reasonably recent version of ppp from http://www.FreeBSD.org/~brian :-) > Hello Brian: > > In early November 97 you responded to several questions > I posted to questions@freebsd.org so I'm mailing you > directly. I am in Asia now attempting to debug this and > some other problems. Let me briefly refresh you memory. > ppp > bsd2.2.1 system named tpe <----------> bsd2.2.5 system - mail <--> > > LAN <--> ISP > > These two systems, tpe and mail, are connected via user level ppp > over a dedicated 14.4 modem line. The mail machine is the principle > mail server at the corporate headquarters, part of a local lan > connected to the isp through fiber. > > User level ppp is functioning between mail and tpe but only the > telnet function works. Ftp, and rlogin both fail: > > daniel@mail(12)$ftp tpe > Connected to tpe.myson.com.tw. > 220 tpe.myson.com.tw FTP server (Version 6.00) ready. > Name (tpe:daniel): > 331 Password required for daniel. > Password: > 230 User daniel logged in. > Remote system type is UNIX. > Using binary mode to transfer files. > ftp> pwd > 257 "/home/user/daniel" is current directory. > ftp> put foo > local: foo remote: foo > 200 PORT command successful. > 425 Can't build data connection: Connection refused. > ftp> > > > daniel@mail(13)$rlogin tpe > rlogind: Permission denied. > daniel@mail(14)$ > > > Neither the mail or the tpe machine are running any type of > firewall; before the tpe machine was at the end of the ppp > link it was part of the local lan here and all networking > commands functioned normally. PPP was the single configuration > addition. > > I've checked inetd.conf, services, and sysconfig on both > machines and cannot find anything amiss, so at this point > I'm a bit stumped. Nslookup works fine from the ppp client > machine tpe: (resolv.conf points to mail) > > daniel@tpe$ nslookup www.freebsd.org > Server: mail.myson.com.tw > Address: 172.16.2.1 > > Name: hub.freebsd.org > Address: 204.216.27.18 > Aliases: www.freebsd.org > > daniel@tpe$ > > So does ping: > > daniel@tpe$ ping www.freebsd.org > PING hub.freebsd.org (204.216.27.18): 56 data bytes > 64 bytes from 204.216.27.18: icmp_seq=0 ttl=240 time=569.078 ms > 64 bytes from 204.216.27.18: icmp_seq=1 ttl=240 time=650.184 ms > > but any network connection (ftp, telnet, rlogin) beyond > the mail machine fails (ftp and rlogin etc. do not work > even to mail as already mentioned). > > I have tcpdump working on the mail > platform and have looked at the traffic between mail and tpe > during a ftp session and included it below. > > First is netstat -rn for both tpe and mail > > Any help would be greatly appreciated! > > Thanks in advance. > > > Daniel C. Konnoff > Myson Technologies > 20111 Stevens Creek Blvd. #138 > Cupertino, Ca. 95014 > > daniel@mysonusa.com.tw > Tele: 408/252-8788 > Fax: 408/252-8789 > > > daniel@tpe$ netstat -rn > Routing tables > > Internet: > Destination Gateway Flags Refs Use Netif > Expire > default 172.16.2.1 UGSc 1 53 tun0 > 127.0.0.1 127.0.0.1 UH 0 0 lo0 > 172.16.2.1 172.16.1.247 UH 4 10434 tun0 > 192.168.188 link#1 UC 0 0 > 192.168.188.20 0:c0:f6:0:2:e UHLW 0 7 ed1 > 348 > daniel@tpe$ > > > daniel@mail(7)$netstat -rn > Routing tables > > Internet: > Destination Gateway Flags Refs Use Netif Expire > default 172.16.1.254 UGSc 21 7 ed0 > 127.0.0.1 127.0.0.1 UH 0 60 lo0 > 172.16 link#1 UC 0 0 > 172.16.1.100 link#1 UHLW 0 5 > 172.16.1.103 0:c0:b4:1:95:0 UHLW 0 608 ed0 990 > 172.16.1.109 0:c0:b4:70:12:82 UHLW 0 191 ed0 1087 > 172.16.1.111 0:c0:b4:70:13:8 UHLW 0 14 ed0 968 > 172.16.1.113 0:c0:b4:70:13:27 UHLW 0 227 ed0 943 > 172.16.1.115 0:c0:b4:70:12:a8 UHLW 0 225 ed0 1039 > 172.16.1.119 0:c0:f6:0:1:46 UHLW 0 184 ed0 1111 > 172.16.1.123 0:0:e8:2c:61:2c UHLW 0 106 ed0 872 > 172.16.1.139 0:0:e8:29:fe:20 UHLW 0 1423 ed0 498 > 172.16.1.149 0:0:e8:39:bb:7f UHLW 1 515 ed0 507 > 172.16.1.155 0:c0:b4:70:13:2 UHLW 0 79 ed0 1042 > 172.16.1.160 0:c0:b4:11:11:11 UHLW 0 3 ed0 289 > 172.16.1.172 0:0:e8:39:b9:65 UHLW 0 63 ed0 185 > 172.16.1.174 0:c0:b4:70:4:e1 UHLW 0 197 ed0 1003 > 172.16.1.247 172.16.2.1 UH 2 10355 tun0 > 172.16.1.247 0:0:e8:1f:e5:69 UHLS2 0 0 ed0 > 172.16.1.254 8:0:20:22:e4:e8 UHLW 22 17 ed0 821 > 172.16.2.1 0:0:e8:1f:e5:69 UHLW 1 3419 lo0 > 172.16.2.3 8:0:20:23:b:16 UHLW 2 14 ed0 624 > 172.16.2.4 8:0:20:22:e2:d6 UHLW 0 13 ed0 160 > 172.16.2.6 8:0:20:73:c3:1e UHLW 3 4304 ed0 1187 > 172.16.2.7 8:0:20:22:97:da UHLW 0 273 ed0 641 > 172.16.2.8 8:0:20:72:fc:32 UHLW 0 202 ed0 698 > 172.16.2.10 8:0:20:23:6e:1e UHLW 0 242 ed0 1193 > 172.16.2.11 8:0:20:73:8:41 UHLW 0 46 ed0 156 > 172.16.2.12 8:0:20:72:fc:b4 UHLW 0 244 ed0 318 > 172.16.2.13 8:0:20:20:28:2b UHLW 0 14 ed0 154 > 172.16.2.14 8:0:20:23:16:2f UHLW 0 1269 ed0 191 > 172.16.2.15 8:0:20:23:16:a4 UHLW 0 566 ed0 963 > 172.16.2.17 8:0:20:73:0:49 UHLW 0 505 ed0 1059 > 172.16.2.18 8:0:20:73:d8:3b UHLW 0 52 ed0 1026 > 172.16.2.19 8:0:20:22:93:da UHLW 0 244 ed0 398 > 172.16.2.20 8:0:20:8e:4e:7c UHLW 2 6551 ed0 539 > 172.16.2.28 8:0:20:22:cf:a7 UHLW 0 119 ed0 114 > 172.16.2.29 8:0:20:72:14:ac UHLW 0 100 ed0 1030 > 172.16.2.30 8:0:20:23:30:db UHLW 0 588 > 172.16.2.31 8:0:20:72:14:8c UHLW 0 859 ed0 396 > 172.16.2.32 0:1:7a:81:b0:c2 UHLW 0 192 ed0 266 > 172.16.2.33 8:0:20:d:e6:eb UHLW 0 320 ed0 220 > 172.16.2.40 8:0:20:8e:b:65 UHLW 0 226 ed0 149 > 172.16.2.41 8:0:20:8e:4c:2b UHLW 0 20 ed0 1032 > 172.16.2.42 8:0:20:8e:8:19 UHLW 0 210 ed0 1002 > 172.16.2.49 0:c0:78:0:0:c8 UHLW 0 101 ed0 1034 > 172.16.2.53 8:0:20:8e:4c:30 UHLW 0 179 ed0 173 > 172.16.2.54 8:0:20:8e:a:b4 UHLW 0 84 ed0 1024 > 172.16.2.57 8:0:20:8e:7:9c UHLW 0 242 ed0 1149 > 172.16.2.58 8:0:20:8e:52:cf UHLW 0 99 ed0 1127 > 172.16.2.72 0:c0:78:0:1:7c UHLW 0 239 ed0 28 > 172.16.2.78 0:40:61:c2:13:b2 UHLW 0 800 ed0 230 > 172.16.2.79 0:3:e3:d0:4:b UHLW 0 441 ed0 337 > 172.16.2.97 0:3:e3:c0:4:15 UHLW 0 100 ed0 1189 > 172.16.2.150 8:0:20:8e:52:b5 UHLW 1 204 ed0 712 > daniel@mail(8)$ > > > Here is the ftp session: > > daniel@mail(20)$ftp tpe > Connected to tpe.myson.com.tw. > 220 tpe.myson.com.tw FTP server (Version 6.00) ready. > Name (tpe:daniel): > 331 Password required for daniel. > Password: > 230 User daniel logged in. > Remote system type is UNIX. > Using binary mode to transfer files. > ftp> bi > 200 Type set to I. > ftp> pwd > 257 "/home/user/daniel" is current directory. > ftp> ls > 200 PORT command successful. > 425 Can't build data connection: Connection refused. > ftp> put test > local: test remote: test > 200 PORT command successful. > 425 Can't build data connection: Connection refused. > ftp> quit > 221 Goodbye. > daniel@mail(21)$ > > > Here is the tcpdump output as run on mail during the ftp session shown > above: > > root@mail(64)$tcpdump -i tun0 'host mail and (port ftp or ftp-data)' > tcpdump: listening on tun0 > 17:57:28.108774 mail.myson.com.tw.ansoft-lm-1 > tpe.ftp: S > 1520286024:1520286024(0) win 16384 0,nop,nop,timestamp 15652 0,nop,nop,cc[|tcp]> (DF) > 17:57:28.350234 tpe.ftp > mail.myson.com.tw.ansoft-lm-1: S > 1216667494:1216667494(0) ack 1520286025 win 17280 0,nop,nop,timestamp 12769 15652,nop,nop,cc[|tcp]> (DF) > 17:57:28.350342 mail.myson.com.tw.ansoft-lm-1 > tpe.ftp: . ack 1 win > 17280 (DF) > 17:57:28.700281 tpe.ftp > mail.myson.com.tw.ansoft-lm-1: P 1:56(55) ack 1 > win 17280 (DF) [tos 0x10] > 17:57:28.820057 mail.myson.com.tw.ansoft-lm-1 > tpe.ftp: . ack 56 win > 17280 (DF) [tos 0x10] > 17:57:31.831503 mail.myson.com.tw.ansoft-lm-1 > tpe.ftp: P 1:14(13) ack > 56 win 17280 (DF) [tos > 0x10] > 17:57:32.070233 tpe.ftp > mail.myson.com.tw.ansoft-lm-1: P 56:91(35) ack > 14 win 17280 (DF) [tos 0x10] > 17:57:32.220055 mail.myson.com.tw.ansoft-lm-1 > tpe.ftp: . ack 91 win > 17280 (DF) [tos 0x10] > 17:57:38.390405 mail.myson.com.tw.ansoft-lm-1 > tpe.ftp: P 14:28(14) ack > 91 win 17280 (DF) [tos > 0x10] > 17:57:38.710215 tpe.ftp > mail.myson.com.tw.ansoft-lm-1: . ack 28 win > 17280 (DF) [tos 0x10] > 17:57:38.850235 tpe.ftp > mail.myson.com.tw.ansoft-lm-1: P 91:119(28) ack > 28 win 17280 (DF) [tos 0x10] > 17:57:38.850875 mail.myson.com.tw.ansoft-lm-1 > tpe.ftp: P 28:34(6) ack > 119 win 17280 (DF) [tos > 0x10] > 17:57:39.100292 tpe.ftp > mail.myson.com.tw.ansoft-lm-1: P 119:158(39) > ack 34 win 17280 (DF) [tos > 0x10] > 17:57:39.220065 mail.myson.com.tw.ansoft-lm-1 > tpe.ftp: . ack 158 win > 17280 (DF) [tos 0x10] > 17:57:41.270320 mail.myson.com.tw.ansoft-lm-1 > tpe.ftp: P 34:42(8) ack > 158 win 17280 (DF) [tos > 0x10] > 17:57:41.490302 tpe.ftp > mail.myson.com.tw.ansoft-lm-1: P 158:178(20) > ack 42 win 17280 (DF) [tos > 0x10] > 17:57:41.620059 mail.myson.com.tw.ansoft-lm-1 > tpe.ftp: . ack 178 win > 17280 (DF) [tos 0x10] > 17:57:43.772146 mail.myson.com.tw.ansoft-lm-1 > tpe.ftp: P 42:47(5) ack > 178 win 17280 (DF) [tos > 0x10] > 17:57:44.010285 tpe.ftp > mail.myson.com.tw.ansoft-lm-1: P 178:225(47) > ack 47 win 17280 (DF) [tos > 0x10] > 17:57:44.020074 mail.myson.com.tw.ansoft-lm-1 > tpe.ftp: . ack 225 win > 17280 (DF) [tos 0x10] > 17:57:47.031004 mail.myson.com.tw.ansoft-lm-1 > tpe.ftp: P 47:55(8) ack > 225 win 17280 (DF) [tos > 0x10] > 17:57:47.250234 tpe.ftp > mail.myson.com.tw.ansoft-lm-1: P 225:245(20) > ack 55 win 17280 (DF) [tos > 0x10] > 17:57:47.250659 mail.myson.com.tw.ansoft-lm-1 > tpe.ftp: P 55:79(24) ack > 245 win 17280 (DF) [tos > 0x10] > 17:57:47.460260 tpe.ftp > mail.myson.com.tw.ansoft-lm-1: P 245:275(30) > ack 79 win 17280 (DF) [tos > 0x10] > 17:57:47.460964 mail.myson.com.tw.ansoft-lm-1 > tpe.ftp: P 79:85(6) ack > 275 win 17280 (DF) [tos > 0x10] > 17:57:47.730219 tpe.ftp > mail.myson.com.tw.ansoft-lm-1: . ack 85 win > 17280 nop,timestamp 12808 15690,nop,nop,cc 9> (DF) [tos 0x10] > 17:57:47.900244 tpe.ftp > mail.myson.com.tw.ansoft-lm-1: P 275:329(54) > ack 85 win 17280 (DF) [tos > 0x10] > 17:57:48.020058 mail.myson.com.tw.ansoft-lm-1 > tpe.ftp: . ack 329 win > 17280 (DF) [tos 0x10] > 17:57:51.814949 mail.myson.com.tw.ansoft-lm-1 > tpe.ftp: P 85:93(8) ack > 329 win 17280 (DF) [tos > 0x10] > 17:57:52.030236 tpe.ftp > mail.myson.com.tw.ansoft-lm-1: P 329:349(20) > ack 93 win 17280 (DF) [tos > 0x10] > 17:57:52.030847 mail.myson.com.tw.ansoft-lm-1 > tpe.ftp: P 93:117(24) ack > 349 win 17280 (DF) [tos > 0x10] > 17:57:52.260238 tpe.ftp > mail.myson.com.tw.ansoft-lm-1: P 349:379(30) > ack 117 win 17280 (DF) [tos > 0x10] > 17:57:52.260908 mail.myson.com.tw.ansoft-lm-1 > tpe.ftp: P 117:128(11) > ack 379 win 17280 (DF) > [tos 0x10] > 17:57:52.520223 tpe.ftp > mail.myson.com.tw.ansoft-lm-1: . ack 128 win > 17280 (DF) [tos 0x10] > 17:57:52.730255 tpe.ftp > mail.myson.com.tw.ansoft-lm-1: P 379:433(54) > ack 128 win 17280 (DF) [tos > 0x10] > 17:57:52.820058 mail.myson.com.tw.ansoft-lm-1 > tpe.ftp: . ack 433 win > 17280 (DF) [tos 0x10] > 17:58:17.095410 mail.myson.com.tw.ansoft-lm-1 > tpe.ftp: P 128:134(6) ack > 433 win 17280 (DF) [tos > 0x10] > 17:58:17.310232 tpe.ftp > mail.myson.com.tw.ansoft-lm-1: P 433:447(14) > ack 134 win 17280 (DF) [tos > 0x10] > 17:58:17.310842 mail.myson.com.tw.ansoft-lm-1 > tpe.ftp: F 134:134(0) ack > 447 win 17280 (DF) [tos > 0x10] > 17:58:17.360233 tpe.ftp > mail.myson.com.tw.ansoft-lm-1: F 447:447(0) ack > 134 win 17280 (DF) [tos 0x10] > 17:58:17.360322 mail.myson.com.tw.ansoft-lm-1 > tpe.ftp: F 134:134(0) ack > 448 win 17280 (DF) [tos > 0x10] > 17:58:17.520217 tpe.ftp > mail.myson.com.tw.ansoft-lm-1: F 447:447(0) ack > 135 win 17280 (DF) [tos 0x10] > 17:58:17.520296 mail.myson.com.tw.ansoft-lm-1 > tpe.ftp: . ack 448 win > 17280 (DF) [tos 0x10] > 17:58:17.550243 tpe.ftp > mail.myson.com.tw.ansoft-lm-1: . ack 135 win > 17280 (DF) [tos 0x10] > ^C > 339 packets received by filter > 0 packets dropped by kernel > root@mail(65)$ >