Date: Wed, 25 Oct 2000 19:16:09 +0400 From: "Sergey V. Artjushkin" <skiv@caravan.ru> To: freebsd-net@freebsd.org Cc: freebsd-question@freebsd.org Subject: questions about tcp-connections Message-ID: <39F6F939.417A7846@caravan.ru>
next in thread | raw e-mail | index | archive | help
Hello colleagues.
I have some problem with connectivity from some of my subnets.
My network is like this:
internet -- FreeBSD router 1 (4.1-R) --- VLAN -- FreeBSD router 2 (4.0
R) -- ethernet -- workstation(217.23.130.87)
The problem is, that some sites are not accessible by HTTP from
workstation.
For example:
(tcpdump log file from router 2 from ethernet interface)
217.23.130.87.1105 > 195.2.70.38.80: S 166910132:166910132(0) win 32120
<mss 1460,sackOK,timestamp 1172228[|tcp]> (DF) [tos 0x10] (ttl 64, id
10731)
195.2.70.38.80 > 217.23.130.87.1105: S 782516795:782516795(0) ack
166910133 win 33304 <nop,nop,time
stamp 56473859 1172228,nop,[|tcp]> (DF) (ttl 58, id 65057)
217.23.130.87.1105 > 195.2.70.38.80: . ack 1 win 32120
<nop,nop,timestamp 1172229 56473859> (DF) [t
os 0x10] (ttl 64, id 10732)
217.23.130.87.1105 > 195.2.70.38.80: P 1:695(694) ack 1 win 32120
<nop,nop,timestamp 1172229 564738
59> (DF) [tos 0x10] (ttl 64, id 10733)
195.2.70.38.80 > 217.23.130.87.1105: . ack 695 win 33304
<nop,nop,timestamp 56473861 1172229> (DF)
(ttl 58, id 65058)
195.2.70.38.80 > 217.23.130.87.1105: P 1:189(188) ack 695 win 33304
<nop,nop,timestamp 56473862 117
2229> (DF) (ttl 58, id 65059)
217.23.130.87.1105 > 195.2.70.38.80: . ack 189 win 32120
<nop,nop,timestamp 1172232 56473862> (DF)
[tos 0x10] (ttl 64, id 10734)
195.2.70.38.80 > 217.23.130.87.1105: P 1637:2015(378) ack 695 win 33304
<nop,nop,timestamp 56473862
1172229> (DF) (ttl 58, id 65061)
195.2.70.38.80 > 217.23.130.87.1105: P 2015:2039(24) ack 695 win 33304
<nop,nop,timestamp 56473862
1172229> (DF) (ttl 58, id 65062)
217.23.130.87.1105 > 195.2.70.38.80: . ack 189 win 32120
<nop,nop,timestamp 1172233 56473862,nop,no
p,[|tcp]> (DF) [tos 0x10] (ttl 64, id 10735)
217.23.130.87.1105 > 195.2.70.38.80: . ack 189 win 32120
<nop,nop,timestamp 1172233 56473862,nop,no
p,[|tcp]> (DF) [tos 0x10] (ttl 64, id 10736)
195.2.70.38.80 > 217.23.130.87.1105: P 2039:2887(848) ack 695 win 33304
<nop,nop,timestamp 56473862
1172229> (DF) (ttl 58, id 65063)
195.2.70.38.80 > 217.23.130.87.1105: P 2887:2935(48) ack 695 win 33304
<nop,nop,timestamp 56473862
1172229> (DF) (ttl 58, id 65064)
217.23.130.87.1105 > 195.2.70.38.80: . ack 189 win 32120
<nop,nop,timestamp 1172234 56473862,nop,no
p,[|tcp]> (DF) [tos 0x10] (ttl 64, id 10737)
and so on
The workstation sending ack only for first packet
195.2.70.38.80 > 217.23.130.87.1105: P 1:189(188) ack 695 win 33304
<nop,nop,timestamp 56473862 117
2229> (DF) (ttl 58, id 65059)
This is the same connection from router 1 (from vlan interface):
217.23.130.87.1106 > 195.2.70.38.80: S 605375461:605375461(0) win 32120
<mss 1460,sackOK,timestamp
1211734 0,nop,wscale 0> (DF) [tos 0x10] (ttl 63, id 10845)
195.2.70.38.80 > 217.23.130.87.1106: S 1113114427:1113114427(0) ack
605375462 win 33304 <nop,nop,ti
mestamp 56733928 1211734,nop,wscale 0,nop,nop,sackOK,mss 1460> (DF) (ttl
59, id 59665)
217.23.130.87.1106 > 195.2.70.38.80: . ack 1 win 32120
<nop,nop,timestamp 1211737 56733928> (DF) [t
os 0x10] (ttl 63, id 10846)
217.23.130.87.1106 > 195.2.70.38.80: P 1:695(694) ack 1 win 32120
<nop,nop,timestamp 1211737 567339
28> (DF) [tos 0x10] (ttl 63, id 10847)
195.2.70.38.80 > 217.23.130.87.1106: . ack 695 win 32610
<nop,nop,timestamp 56733932 1211737> (DF)
(ttl 59, id 59666)
195.2.70.38.80 > 217.23.130.87.1106: P 1:189(188) ack 695 win 33304
<nop,nop,timestamp 56733955 121
1737> (DF) (ttl 59, id 59667)
195.2.70.38.80 > 217.23.130.87.1106: P 1637:2015(378) ack 695 win 33304
<nop,nop,timestamp 56733955
1211737> (DF) (ttl 59, id 59669)
195.2.70.38.80 > 217.23.130.87.1106: P 2015:2039(24) ack 695 win 33304
<nop,nop,timestamp 56733955
1211737> (DF) (ttl 59, id 59670)
195.2.70.38.80 > 217.23.130.87.1106: P 2039:2887(848) ack 695 win 33304
<nop,nop,timestamp 56733955
1211737> (DF) (ttl 59, id 59671)
217.23.130.87.1106 > 195.2.70.38.80: . ack 189 win 32120
<nop,nop,timestamp 1211764 56733955> (DF)
[tos 0x10] (ttl 63, id 10850)
195.2.70.38.80 > 217.23.130.87.1106: . 2887:4285(1398) ack 695 win 33304
<nop,nop,timestamp 5673395
7 1211764> (DF) (ttl 59, id 59672)
217.23.130.87.1106 > 195.2.70.38.80: . ack 189 win 32120
<nop,nop,timestamp 1211764 56733955,nop,no
p,sack sack 1 {1637:2015} > (DF) [tos 0x10] (ttl 63, id 10851)
217.23.130.87.1106 > 195.2.70.38.80: . ack 189 win 32120
<nop,nop,timestamp 1211764 56733955,nop,no
p,sack sack 1 {1637:2039} > (DF) [tos 0x10] (ttl 63, id 10852)
217.23.130.87.1106 > 195.2.70.38.80: . ack 189 win 32120
<nop,nop,timestamp 1211765 56733955,nop,no
p,sack sack 1 {1637:2887} > (DF) [tos 0x10] (ttl 63, id 10853)
195.2.70.38.80 > 217.23.130.87.1106: P 4285:4975(690) ack 695 win 33304
<nop,nop,timestamp 56733959
1211765> (DF) (ttl 59, id 59674)
and so on
What do you think about the connections like this?
With other servers the connections is ok. In this segment of the network
there are no filters on all routers.
All worked well while, we have not installed VLAN between routers. As I
see a problem not in VLAN MTU
but something else. What it can be?
Thak you for advance.
----------------------------------------------------------------
Sergey Artjushkin ISP
Tel: +7 095 203-10-72 "CARAVAN"
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39F6F939.417A7846>