From owner-freebsd-questions@FreeBSD.ORG Thu Mar 22 17:03:43 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 6B1C316A404 for ; Thu, 22 Mar 2007 17:03:43 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from mail-out4.apple.com (mail-out4.apple.com [17.254.13.23]) by mx1.freebsd.org (Postfix) with ESMTP id 3312413C4D3 for ; Thu, 22 Mar 2007 17:03:41 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from relay5.apple.com (relay5.apple.com [17.128.113.35]) by mail-out4.apple.com (8.13.8/8.13.8) with ESMTP id l2MH3eG5029840; Thu, 22 Mar 2007 10:03:40 -0700 (PDT) Received: from relay5.apple.com (unknown [127.0.0.1]) by relay5.apple.com (Symantec Mail Security) with ESMTP id 6263329C004; Thu, 22 Mar 2007 10:03:40 -0700 (PDT) X-AuditID: 11807123-b062fbb000005a91-d3-4602b6ec7dce Received: from [17.214.13.96] (cswiger1.apple.com [17.214.13.96]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by relay5.apple.com (Apple SCV relay) with ESMTP id 4FCC230400B; Thu, 22 Mar 2007 10:03:40 -0700 (PDT) In-Reply-To: <868xdqnnzd.fsf@king.swox.se> References: <868xdqnnzd.fsf@king.swox.se> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: Chuck Swiger Date: Thu, 22 Mar 2007 10:03:39 -0700 To: Torbjorn Granlund X-Mailer: Apple Mail (2.752.2) X-Brightmail-Tracker: AAAAAA== Cc: freebsd-questions@freebsd.org Subject: Re: TCP conection problems IBM VM -> FreeBSD X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Mar 2007 17:03:43 -0000 On Mar 21, 2007, at 5:03 PM, Torbjorn Granlund wrote: > When vm attempts to make a TCP connection (e.g., on port 25) to > smtp.swox.se I see the following traffic on the router: > > 22:46:27.015389 IP vm.se.lsoft.com.47218 > smtp.swox.se.smtp: S > 27523124:27523124(0) win 8192 0,nop,nop,nop,timestamp 1888741492 0> > 22:46:27.015523 IP smtp.swox.se.smtp > vm.se.lsoft.com.47218: S > 1745147473:1745147473(0) ack 3530628660 win 57344 > 22:46:27.056277 IP vm.se.lsoft.com.47218 > smtp.swox.se.smtp: R > 3530628660:3530628660(0) win 0 > > I.e., the vm box appears to dislike the SYNACK from smtp.swox.se, and > sends an RST. One might ask if it is the fault of vm or of > smtp.swox.se. The second line should have been smtp.swox.se.smtp SYN+ACK'ing the ISN of 27523124. vm is sending a RST to that because the sequence #'s don't match. It's also odd that the set of options being listed don't correspond at all...if you run the tcpdump for several minutes, can you track down other SYN requests which do correspond? Sometimes this kind of re-writing can happen if natd or PF is attempting to translate the packets, perhaps when they shouldn't if both sides of your router box are using routable IPs.... -- -Chuck