Re: tcpdump : need one line explanation

From: Bruno Costacurta (cd1_at_biz.tiscali.be)
Date: 09/05/05

  • Next message: Juha Laiho: "Re: Bind service to a particular ethernet device" 
    Date: Mon, 05 Sep 2005 19:32:46 +0200

    Olivier wrote:

    > Bruno Costacurta wrote:
    >> Clifford Kite wrote:
    >>
    >>
    >>>Bruno <cd1@biz.tiscali.be> wrote:
    >>>
    >>>>I have problem configuring a Wireless ADSL router :
    >>>>ping to www address work fine but not browsing which finish with
    >>>>time-out. So I used tcpdump and tried to browse www.google.be.
    >>>>Following lines were returned:
    >>>>...
    >
    >>>
    >>>It means that mygateway.ar7 runs a DNS server which provided the host
    >>>192.168.1.2 with the bogus IP address 1.0.0.0 for www.google.be in
    >>>line-1 and so the TCP SYN handshake (S) fails for lack of a response.
    >>>
    >>>Try disabling the DNS server on mygateway.ar7 so an ISP DNS server can
    >>>do it's job - assuming NAT or MASQUERADING is done somewhere along the
    >>>way since 192.168.1.2 is a RFC 1918 address (private) and any packet from
    >>>it would be discarded by the first properly configured Internet router.
    >>>
    >>>Note:
    >>>
    >>>corncob:/usr/src/linux# host 1.0.0.0
    >
    >>
    >> I updated DNS into /etc/resolv.conf with my ISP values.
    >> Result is :
    >>
    >> [root@pc34ghz ~]# host www.google.be
    >> www.google.be has address 216.239.59.147
    >> ;; Warning: Message parser reports malformed message packet.
    >> ;; connection timed out; no servers could be reached
    >>
    >
    > Could you give more information about your network setup?
    > It looks you confused yourself.
    > Your adsl modem is probably able to do routing, firewall, dhcp, dns, and
    > perhaps even ntp.
    > Configure it with default values everywhere, enabling dns.
    > Then, on your desktop you just have to do:
    > dhclient <interface connected to the modem>
    >
    > and everything should run smoothly. Do not try to tamper dns settings,
    > routes etc, or else explain why you want to.
    >
    > Olivier

    I tried many things.
    >From default values to specifics ones (ie. disabling firewall, specifying
    manually DNS regarding ISP indications..) and got allways more or less same
    huge amount of inconsistencies ie. some web site never works, other work
    few times (especially after a reboot) or return 'time-out' or 'document
    contain no data', all host commands failed to check site failed, very slow
    traceroute..etc..

    Note:
    - another Wireless ADSL router (NetGear DG834G) I tried works perfectly !
    Only with entering Internet user / password !

    The problem appears to be the Wireless ADSL router istelf.
    Model is D-Link DSL-G604T. IMHO a crap model.
    And the update of the firmware (with a recent one from August 2005) changes
    nothing noticeable.

    However hereafter the 'standard' config as delivered by the router :

    Destination Gateway Genmask Flags Metric Ref Use
    Iface
    83.134.238.1 * 255.255.255.255 UH 0 0 0 ppp0
    192.168.1.0 * 255.255.255.0 U 0 0 0 br0
    239.0.0.0 * 255.0.0.0 U 0 0 0 br0
    default ip-83-134-238-1 0.0.0.0 UG 0 0 0 ppp0

    # iptables -L
    Chain INPUT (policy ACCEPT)
    target prot opt source destination
    ACCEPT all -- anywhere anywhere state
    RELATED,ESTABLISHED
    DROP all -- anywhere anywhere

    Chain FORWARD (policy ACCEPT)
    target prot opt source destination
    TCPMSS tcp -- anywhere anywhere tcp
    flags:SYN,RST/SYN TCPMSS set 1360
    ACCEPT all -- anywhere anywhere state
    RELATED,ESTABLISHED
    DROP all -- anywhere anywhere

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination
    DROP icmp -- anywhere anywhere icmp
    destination-unreachable
    DROP icmp -- anywhere anywhere state INVALID

    # route on the PC:
    Destination Gateway Genmask Flags Metric Ref Use
    Iface
    192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
    169.254.0.0 * 255.255.0.0 U 0 0 0 eth0
    default mygateway.ar7 0.0.0.0 UG 0 0 0 eth0

    Note: router address ip-83-134-238-1 = 192.168.1.1

    If you have an idea I'll appreciate...

  • Next message: Juha Laiho: "Re: Bind service to a particular ethernet device"

    Relevant Pages

    • Re: gp error
      ... PASS - All the DNS entries for DC are registered on DNS server ... Starting test: CrossRefValidation ... Friendly name: Default Domain Policy ... Friendly name: New Group Policy Object ...
      (microsoft.public.windows.group_policy)
    • Re: GPO applies to one user and not to another ??
      ... Then check your dns configuration to make sure that ... probably the cause of ninety percent of Group Policy problems. ... A new user added to this GPO does not apply the GPO when ... > The Folder redirection policy is not enabled. ...
      (microsoft.public.win2000.group_policy)
    • Re: W2K Server / XP Pro Clients / Group Policy -- LOCK TASKBAR
      ... make your dns configuration is correct in that domain ... > only to themselves or other domain controllers as their preferred dns ... > they are in an Organizational Unit, then the policy should be configured ... >> are on the domain controller and I am logging onto the domain from the ...
      (microsoft.public.windowsxp.setup_deployment)
    • Re: W2K Server / XP Pro Clients / Group Policy -- LOCK TASKBAR
      ... make your dns configuration is correct in that domain ... > only to themselves or other domain controllers as their preferred dns ... > they are in an Organizational Unit, then the policy should be configured ... >> are on the domain controller and I am logging onto the domain from the ...
      (microsoft.public.windows.server.active_directory)
    • Re: Path Rules - Enabled Paths sometime are restricted
      ... machine I ran netdiag and dcdiag. ... all DC were as expected and DNS records were good. ... the proper policy was applied and came from our ... domain controler named SKIP. ...
      (microsoft.public.windows.group_policy)