Date: Tue, 1 Dec 1998 11:11:35 -0700 From: Nate Williams <nate@mt.sri.com> To: hackers@FreeBSD.ORG Subject: TCP bug Message-ID: <199812011811.LAA00104@mt.sri.com>
next in thread | raw e-mail | index | archive | help
In trying to track down why some boxes in my network can't connect to certain WWW hosts, I determined that my FreeBSD is not routing the packets for some reason. It's receiving them, and the firewall code *thinks* it's passing them on, but tcpdump doesn't see these packets go out on the wire. Here is a tcpdump running on the router box on the SLIP interface, which is used to connect this box to the net. trout:~ # tcpdump -i sl0 host caddis and www.nfl.com tcpdump: listening on sl0 10:59:25.070467 caddis.mt.sri.com.1168 > 204.202.130.220.http: F 44509504:44509504(0) ack 590573758 win 8760 (DF) 10:59:25.301468 204.202.130.220.http > caddis.mt.sri.com.1168: . ack 1 win 8523 (DF) 10:59:26.743584 caddis.mt.sri.com.1169 > 204.202.130.220.http: S 44535173:44535173(0) win 8192 <mss 1460> (DF) 10:59:27.030647 204.202.130.220.http > caddis.mt.sri.com.1169: S 61555778:61555778(0) ack 44535174 win 8760 <mss 1460> (DF) 10:59:27.040487 caddis.mt.sri.com.1169 > 204.202.130.220.http: . ack 1 win 8760 (DF) 10:59:27.045184 caddis.mt.sri.com.1169 > 204.202.130.220.http: P 1:238(237) ack 1 win 8760 (DF) 10:59:30.270350 caddis.mt.sri.com.1169 > 204.202.130.220.http: P 1:238(237) ack 1 win 8760 (DF) 10:59:30.569812 204.202.130.220.http > caddis.mt.sri.com.1169: . ack 238 win 8523 (DF) 11:00:00.450457 204.202.130.220.http > caddis.mt.sri.com.1169: R 61558699:61558699(0) win 0 (DF) So, things appear to be working fine. Now, if I run the same attempt on the ethernet segment where my box is connected, I get the following: trout:~ # tcpdump -i le0 host caddis and www.nfl.com tcpdump: listening on le0 11:01:44.152318 caddis.mt.sri.com.1170 > 204.202.130.220.http: S 44672602:44672602(0) win 8192 <mss 1460> (DF) 11:01:44.371405 caddis.mt.sri.com.1170 > 204.202.130.220.http: . ack 43281555 win 8760 (DF) 11:01:44.373678 caddis.mt.sri.com.1170 > 204.202.130.220.http: P 0:237(237) ack 1 win 8760 (DF) 11:01:47.531398 caddis.mt.sri.com.1170 > 204.202.130.220.http: P 0:237(237) ack 1 win 8760 (DF) Again, I'm not TCPDUMP expert, but it's obvious that the response from www.nfl.com isn't getting on the wire. However, in my early attempts to diagnose this, I have the following rules. 00100 allow log tcp from 206.127.76.139 to any 80 via le0 00110 allow log tcp from 206.127.76.139 to any 80 via sl0 00200 allow log tcp from any 80 to 206.127.76.139 via sl0 00210 allow log tcp from any 80 to 206.127.76.139 via le0 So, I should see packets going out my ethernet segment to the router (100) through my slip connection to the net (110), back from the remote site through my slip connection (200), and then back to the originator on my ethernet segment (210). This happens according to the firewall entries, but tcpdump doesn't seen any traffic? Any clues? A number of FreeBSD boxes in my net have this problem, so it would be nice to get this resolved. Note, I have Route-discovery ICMP packets turned on in the firewall. 00150 allow icmp from any to any via ed0 icmptype 0,3,8,11 Nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199812011811.LAA00104>