Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 3 Oct 2002 11:21:35 +1000 (EST)
From:      Tony Maher <tonym@biolateral.com.au>
To:        peter.jeremy@alcatel.com.au
Cc:        stable@FreeBSD.ORG
Subject:   Re: 'losing' every second packet
Message-ID:  <200210030121.g931LZWv047336@dt.home>
In-Reply-To: <20021003003859.GN495@gsmx07.alcatel.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help 
Peter,

> I'm also using Optus cable, but with -STABLE from about a week ago and
> IPfilter rather than ipfw.  (I found that ipfw+natd+keep-state didn't
> work).

Ok sounds like we are running almost identical release so its good to
know there is an alternative.  (BTW ipfw+natd+keep-state
have been working fine for me for past 12 months until this last month)

> I haven't seen this problem and can't suggest any obvious
> cause within FreeBSD.  It is possible that Optus have added something
> to their firewall to 'discourage' incoming setup packets (to enforce
> their "no servers" policy).

Hard to see how this could be the case ... hmmm unless they added a 50%
drop rate on a destination after observing some form of 'unlawful'
behaviour.  Not that I am running any servers (well except sshd and
hosts.allow restricts it to just my work machines).
Using ssh does not seem to trigger it.

    Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
      Interesting ports on gw.optus (210.49.XXX.XX):
      (The 1599 ports scanned but not shown below are in state: filtered)
    Port       State       Service
    22/tcp     open        ssh                     
    113/tcp    closed      auth                    
    No exact OS matches for host (If you know what OS is running on it,

> All I can suggest is running tcpdump on your firewall and a remote
> machine and studying the packet loss when you send various packets
> between the machines (ping, UDP and TCP).  This might identify where
> (in which direction) the packet loss is occurring.

Packet loss appears to be independent of protocol, see it with ping,
ssh (tcp) and games (udp).
But yes - with long weekend I should get some time for trawling thru packets
:-)

thanks!
--
tonym

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200210030121.g931LZWv047336>