From owner-freebsd-questions@FreeBSD.ORG Tue Apr 13 11:30:55 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EBD3116A4CE for ; Tue, 13 Apr 2004 11:30:55 -0700 (PDT) Received: from mta11.adelphia.net (mta11.adelphia.net [68.168.78.205]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9EE1B43D2F for ; Tue, 13 Apr 2004 11:30:55 -0700 (PDT) (envelope-from Barbish3@adelphia.net) Received: from barbish ([67.20.101.71]) by mta11.adelphia.net (InterMail vM.5.01.06.08 201-253-122-130-108-20031117) with SMTP id <20040413183054.MNBQ21898.mta11.adelphia.net@barbish>; Tue, 13 Apr 2004 14:30:54 -0400 From: "JJB" To: "Kevin D. Kinsey, DaleCo, S.P." , Date: Tue, 13 Apr 2004 14:30:54 -0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) In-Reply-To: <407C1E7C.8020500@daleco.biz> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Importance: Normal Subject: RE: Interpreting ping response? (the POD lives??) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Barbish3@adelphia.net List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Apr 2004 18:30:56 -0000 Check the archives, I remember seeing the question asked about what the ping response fields mean about 2+ years ago. http://groups.google.com/groups?q=ping+group:lucky.freebsd.questions &hl=en&lr=lang_en&ie=UTF-8&group=lucky.freebsd.questions&sa=G -----Original Message----- From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Kevin D. Kinsey, DaleCo, S.P. Sent: Tuesday, April 13, 2004 1:08 PM To: freebsd-questions@freebsd.org Subject: Re: Interpreting ping response? (the POD lives??) Rob wrote: > Kevin D. Kinsey, DaleCo, S.P. wrote: > >> can you tell me what might be happening? >> >> [/home/kdk] [16:25] >> #sudo ping -s 2048 app >> PING app.southuni.com (192.168.0.80): 2048 data bytes >> 36 bytes from app.southuni.com (192.168.0.80): Destination Host >> Unreachable > > This may indicate that the computer is behind a firewall, that blocks > response > to ping. Well, yes; I am somewhat aware of that. Can you tell me what the hieroglyphics mean? >Vr HL TOS Len ID Flg off TTL Pro cks Src Dst >4 5 00 05dc 07bd 0 0000 3f 01 1677 192.168.0.2 192.168.0.80 There is, AFAIK, no firewall here; the situation: the two hosts are on the same private Class C, and "app" is an application server running an OS that is neither a *BSD nor M$ stuff. The crux of the issue is that "app" responded normally to pings of 56, 128, 256, 512, and 1024 bytes, and then when the 2048 byte packet was sent, we got this response and the whole shop went offline, hence the subtitle to this post (the POD lives??) The shop has problems similar to this rather frequently, and my next step is probably to put an old-style hub on the wire right next to "app" with a lil' FBSD box that I can run ethereal or tcpdump on, but it may not do me much good until I can learn how to read this stuff a little better. I want to blame the OS or the app vendor, or the M$ Windows client that connects to it. Fortunately for us, the only FreeBSD machine in this scenario is the one doing the attacking. I'll probably be hunting for clues (and harping the blues) elsewhere, as it doesn't appear to be related to FreeBSD at all, but as I frequent this list I thought I might gain a bit of insight by asking. Thanks for your response :-) Kevin Kinsey _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"