From owner-freebsd-net Wed Oct 25 8:12:55 2000 Delivered-To: freebsd-net@freebsd.org Received: from skiv1.caravan.ru (mag.caravan.ru [212.24.53.226]) by hub.freebsd.org (Postfix) with ESMTP id 95D2F37B4C5; Wed, 25 Oct 2000 08:12:34 -0700 (PDT) Received: from caravan.ru (localhost [127.0.0.1]) by skiv1.caravan.ru (8.11.0/8.9.3) with ESMTP id e9PFGAZ01645; Wed, 25 Oct 2000 19:16:14 +0400 (MSD) (envelope-from skiv@caravan.ru) Message-ID: <39F6F939.417A7846@caravan.ru> Date: Wed, 25 Oct 2000 19:16:09 +0400 From: "Sergey V. Artjushkin" X-Mailer: Mozilla 4.72 [ru] (X11; I; FreeBSD 4.1.1-RELEASE i386) X-Accept-Language: ru, en MIME-Version: 1.0 To: freebsd-net@freebsd.org Cc: freebsd-question@freebsd.org Subject: questions about tcp-connections Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello colleagues. I have some problem with connectivity from some of my subnets. My network is like this: internet -- FreeBSD router 1 (4.1-R) --- VLAN -- FreeBSD router 2 (4.0 R) -- ethernet -- workstation(217.23.130.87) The problem is, that some sites are not accessible by HTTP from workstation. For example: (tcpdump log file from router 2 from ethernet interface) 217.23.130.87.1105 > 195.2.70.38.80: S 166910132:166910132(0) win 32120 (DF) [tos 0x10] (ttl 64, id 10731) 195.2.70.38.80 > 217.23.130.87.1105: S 782516795:782516795(0) ack 166910133 win 33304 (DF) (ttl 58, id 65057) 217.23.130.87.1105 > 195.2.70.38.80: . ack 1 win 32120 (DF) [t os 0x10] (ttl 64, id 10732) 217.23.130.87.1105 > 195.2.70.38.80: P 1:695(694) ack 1 win 32120 (DF) [tos 0x10] (ttl 64, id 10733) 195.2.70.38.80 > 217.23.130.87.1105: . ack 695 win 33304 (DF) (ttl 58, id 65058) 195.2.70.38.80 > 217.23.130.87.1105: P 1:189(188) ack 695 win 33304 (DF) (ttl 58, id 65059) 217.23.130.87.1105 > 195.2.70.38.80: . ack 189 win 32120 (DF) [tos 0x10] (ttl 64, id 10734) 195.2.70.38.80 > 217.23.130.87.1105: P 1637:2015(378) ack 695 win 33304 (DF) (ttl 58, id 65061) 195.2.70.38.80 > 217.23.130.87.1105: P 2015:2039(24) ack 695 win 33304 (DF) (ttl 58, id 65062) 217.23.130.87.1105 > 195.2.70.38.80: . ack 189 win 32120 (DF) [tos 0x10] (ttl 64, id 10735) 217.23.130.87.1105 > 195.2.70.38.80: . ack 189 win 32120 (DF) [tos 0x10] (ttl 64, id 10736) 195.2.70.38.80 > 217.23.130.87.1105: P 2039:2887(848) ack 695 win 33304 (DF) (ttl 58, id 65063) 195.2.70.38.80 > 217.23.130.87.1105: P 2887:2935(48) ack 695 win 33304 (DF) (ttl 58, id 65064) 217.23.130.87.1105 > 195.2.70.38.80: . ack 189 win 32120 (DF) [tos 0x10] (ttl 64, id 10737) and so on The workstation sending ack only for first packet 195.2.70.38.80 > 217.23.130.87.1105: P 1:189(188) ack 695 win 33304 (DF) (ttl 58, id 65059) This is the same connection from router 1 (from vlan interface): 217.23.130.87.1106 > 195.2.70.38.80: S 605375461:605375461(0) win 32120 (DF) [tos 0x10] (ttl 63, id 10845) 195.2.70.38.80 > 217.23.130.87.1106: S 1113114427:1113114427(0) ack 605375462 win 33304 (DF) (ttl 59, id 59665) 217.23.130.87.1106 > 195.2.70.38.80: . ack 1 win 32120 (DF) [t os 0x10] (ttl 63, id 10846) 217.23.130.87.1106 > 195.2.70.38.80: P 1:695(694) ack 1 win 32120 (DF) [tos 0x10] (ttl 63, id 10847) 195.2.70.38.80 > 217.23.130.87.1106: . ack 695 win 32610 (DF) (ttl 59, id 59666) 195.2.70.38.80 > 217.23.130.87.1106: P 1:189(188) ack 695 win 33304 (DF) (ttl 59, id 59667) 195.2.70.38.80 > 217.23.130.87.1106: P 1637:2015(378) ack 695 win 33304 (DF) (ttl 59, id 59669) 195.2.70.38.80 > 217.23.130.87.1106: P 2015:2039(24) ack 695 win 33304 (DF) (ttl 59, id 59670) 195.2.70.38.80 > 217.23.130.87.1106: P 2039:2887(848) ack 695 win 33304 (DF) (ttl 59, id 59671) 217.23.130.87.1106 > 195.2.70.38.80: . ack 189 win 32120 (DF) [tos 0x10] (ttl 63, id 10850) 195.2.70.38.80 > 217.23.130.87.1106: . 2887:4285(1398) ack 695 win 33304 (DF) (ttl 59, id 59672) 217.23.130.87.1106 > 195.2.70.38.80: . ack 189 win 32120 (DF) [tos 0x10] (ttl 63, id 10851) 217.23.130.87.1106 > 195.2.70.38.80: . ack 189 win 32120 (DF) [tos 0x10] (ttl 63, id 10852) 217.23.130.87.1106 > 195.2.70.38.80: . ack 189 win 32120 (DF) [tos 0x10] (ttl 63, id 10853) 195.2.70.38.80 > 217.23.130.87.1106: P 4285:4975(690) ack 695 win 33304 (DF) (ttl 59, id 59674) and so on What do you think about the connections like this? With other servers the connections is ok. In this segment of the network there are no filters on all routers. All worked well while, we have not installed VLAN between routers. As I see a problem not in VLAN MTU but something else. What it can be? Thak you for advance. ---------------------------------------------------------------- Sergey Artjushkin ISP Tel: +7 095 203-10-72 "CARAVAN" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message