Date: Tue, 30 Dec 2003 15:34:36 +0100 From: Bogdan TARU <bgd@icomag.de> To: freebsd-net@freebsd.org Subject: strange ICMP problems Message-ID: <20031230143436.GB27308@icomag.de>
next in thread | raw e-mail | index | archive | help
Hi,
I've got some strange ICMP problems on my FreeBSD
router/firewall. I'm trying to ping a host (dst) from this router,
and I don't get any answer (100% packet loss). A tcpdump shows me
(src=freebsd router/firewall, dst=destination host of the ping):
src > dst: icmp: echo request (ttl 64, id 15739, len 84)
dst > src: icmp: echo reply (ttl 58, id 33870, len 84)
src > dst: icmp: time exceeded in-transit for
dst > src: icmp: echo reply [ttl 1]
(id 33870, len 84) [tos 0xc0] (ttl 254, id 6572, len 56)
over and over and over again. This happens only with ICMP and only
for this destination HOST! (It doesn't happen if I try from a
different source box, though).
I guess it's the freebsd router's fault, because it definitely
receives a packet with ttl 58, and sends an ttl exceeded.
The router is running freebsd 4.8-RELEASE, with IPF v3.4.31, and
IPnat for natting. It's been running ok for about 100 days, and the
problems with this destination hosts appeared suddenly, without
configuration changes on any end.
Any hints if IPF is really the problem?
Thanks,
bogdan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031230143436.GB27308>