Date: Thu, 15 Dec 2005 16:57:13 -0300 From: "Mario Lobo" <mario.lobo@ipad.com.br> To: freebsd-hackers@freebsd.org Subject: [OFF TOPIC] Please, see attached TXT file Message-ID: <43A1A069.12349.2A94B474@localhost>
index | next in thread | raw e-mail
[-- Attachment #1 --] Please, forgive me for posting this here but I am trying to shoot on every direction to see if someone can give me any clues or directions on whatīs going on here I am a true FreeBSDer but this is a system that was dumped right on my lap, with this problem to be solved. Again, sorry for this inconvinience and thanks for reading. -- //| //|| // | // || -//--//---|| ARIO LOBO // // || --------------------------------- mario.lobo@ipad.com.br http://www.ipad.com.br [-- Attachment #2 --] The following section of this message contains a file attachment prepared for transmission using the Internet MIME message format. If you are using Pegasus Mail, or any other MIME-compliant system, you should be able to save it or view it from within your mailer. If you cannot, please ask your system administrator for assistance. ---- File information ----------- File: Problem.txt Date: 15 Dec 2005, 16:56 Size: 5077 bytes. Type: Text [-- Attachment #3 --] The setup is as follows: | Win XP | | linux router OpenswanVPN | | OpenswanVPN linux router | | Win 2000 DB server | | 15.3.83.2 |----| eth1:15.3.83.201 ppp0/ipsec0 |------{ INTERNET }------| eth0/ipsec0 eth1:10.0.0.8 |-----| 10.0.0.25 | **** ALL DUMPS are from the 15.3.83.201 machine **** These dumps are from the login attempt sequence from the XP client app, to the DB server on 2000. **** From the linux router 15.3.83.201 I can telnet fine to Win 2000 port 1502 **** but from Win XP I canīt. From Win XP I can ping any machine on 10.0.0.0/24 with a packet size of up to 1500 bytes ----- DUMPS ----- ************************************************* >tcpdump -v -i eth1 host 15.3.83.2 >tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes ************************************************* 03:50:01.570581 IP (tos 0x0, ttl 128, id 24067, offset 0, flags [DF], proto 6, length: 48) 15.3.83.2.1070 > 10.0.0.25.1502: S [tcp sum ok] 28839154:28839154(0) win 8192 <mss 1460,nop,nop,sackOK> == This is the line thatīs breaking everything. Why the need to frag a 48 bytes packet (see line (**) bellow) ?? 03:50:01.570684 IP (tos 0xc0, ttl 64, id 31027, offset 0, flags [none], proto 1, length: 76) 15.3.83.201 > 15.3.83.2: icmp 56: 10.0.0.25 unreachable - need to frag == 03:50:01.623863 IP (tos 0x0, ttl 61, id 12144, offset 0, flags [none], proto 6, length: 48) 10.0.0.25.1502 > 15.3.83.2.1070: S [tcp sum ok] 3456775304:3456775304(0) ack 28839155 win 5840 <mss 1460,nop,nop,sackOK> 03:50:01.623958 IP (tos 0x0, ttl 128, id 24323, offset 0, flags [none], proto 6, length: 40) 15.3.83.2.1070 > 10.0.0.25.1502: R [tcp sum ok] 28839155:28839155(0) win 0 == Another attempt 03:50:07.569872 IP (tos 0x0, ttl 128, id 24579, offset 0, flags [DF], proto 6, length: 48) 15.3.83.2.1070 > 10.0.0.25.1502: S [tcp sum ok] 28839154:28839154(0) win 8192 <mss 1460,nop,nop,sackOK> 03:50:07.569971 IP (tos 0xc0, ttl 64, id 31028, offset 0, flags [none], proto 1, length: 76) 15.3.83.201 > 15.3.83.2: icmp 56: 10.0.0.25 unreachable - need to frag == 03:50:07.623128 IP (tos 0x0, ttl 62, id 12145, offset 0, flags [none], proto 6, length: 48) 10.0.0.25.1502 > 15.3.83.2.1070: S [tcp sum ok] 3462772533:3462772533(0) ack 28839155 win 5840 <mss 1460,nop,nop,sackOK> 03:50:07.623229 IP (tos 0x0, ttl 128, id 24835, offset 0, flags [none], proto 6, length: 40) 15.3.83.2.1070 > 10.0.0.25.1502: R [tcp sum ok] 28839155:28839155(0) win 0 ************************************************* >tcpdump -v -i eth1 host 10.0.0.25 >tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes ************************************************* 03:50:51.524370 IP (tos 0x0, ttl 128, id 25603, offset 0, flags [DF], proto 6, length: 48) 15.3.83.2.1071 > 10.0.0.25.1502: S [tcp sum ok] 28892097:28892097(0) win 8192 <mss 1460,nop,nop,sackOK> == (**) 03:50:51.588365 IP (tos 0x0, ttl 62, id 12147, offset 0, flags [none], proto 6, length: 48) 10.0.0.25.1502 > 15.3.83.2.1071: S [tcp sum ok] 3497515622:3497515622(0) ack 28892098 win 5840 <mss 1460,nop,nop,sackOK> == 03:50:51.588529 IP (tos 0x0, ttl 128, id 25859, offset 0, flags [none], proto 6, length: 40) 15.3.83.2.1071 > 10.0.0.25.1502: R [tcp sum ok] 28892098:28892098(0) win 0 == Another attempt 03:50:54.464291 IP (tos 0x0, ttl 128, id 26115, offset 0, flags [DF], proto 6, length: 48) 15.3.83.2.1071 > 10.0.0.25.1502: S [tcp sum ok] 28892097:28892097(0) win 8192 <mss 1460,nop,nop,sackOK> 03:50:54.515038 IP (tos 0x0, ttl 62, id 12148, offset 0, flags [none], proto 6, length: 48) 10.0.0.25.1502 > 15.3.83.2.1071: S [tcp sum ok] 3500451534:3500451534(0) ack 28892098 win 5840 <mss 1460,nop,nop,sackOK> == 03:50:54.515157 IP (tos 0x0, ttl 128, id 26371, offset 0, flags [none], proto 6, length: 40) 15.3.83.2.1071 > 10.0.0.25.1502: R [tcp sum ok] 28892098:28892098(0) win 0 03:51:00.463564 IP (tos 0x0, ttl 128, id 26627, offset 0, flags [DF], proto 6, length: 48) 15.3.83.2.1071 > 10.0.0.25.1502: S [tcp sum ok] 28892097:28892097(0) win 8192 <mss 1460,nop,nop,sackOK> 03:51:00.516300 IP (tos 0x0, ttl 62, id 12149, offset 0, flags [none], proto 6, length: 48) 10.0.0.25.1502 > 15.3.83.2.1071: S [tcp sum ok] 3506451385:3506451385(0) ack 28892098 win 5840 <mss 1460,nop,nop,sackOK> 03:51:00.516420 IP (tos 0x0, ttl 128, id 26883, offset 0, flags [none], proto 6, length: 40) 15.3.83.2.1071 > 10.0.0.25.1502: R [tcp sum ok] 28892098:28892098(0) win 0 03:51:12.462154 IP (tos 0x0, ttl 128, id 27139, offset 0, flags [DF], proto 6, length: 48) 15.3.83.2.1071 > 10.0.0.25.1502: S [tcp sum ok] 28892097:28892097(0) win 8192 <mss 1460,nop,nop,sackOK> 03:51:12.517629 IP (tos 0x0, ttl 62, id 12150, offset 0, flags [none], proto 6, length: 48) 10.0.0.25.1502 > 15.3.83.2.1071: S [tcp sum ok] 3518448416:3518448416(0) ack 28892098 win 5840 <mss 1460,nop,nop,sackOK> 03:51:12.517756 IP (tos 0x0, ttl 128, id 27395, offset 0, flags [none], proto 6, length: 40) 15.3.83.2.1071 > 10.0.0.25.1502: R [tcp sum ok] 28892098:28892098(0) win 0help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?43A1A069.12349.2A94B474>