IP Not Forwarding

---

• From: Cris Collins <clc@xxxxxxxxx>
• Date: Mon, 30 Jan 2006 22:21:59 -0000

---

I have a Linux gateway with all Policies set to Accept
and all targets flushed. All traffic is passing through
except some UDP IBM ClearCase Traffic. Using tcpdump the
response to ClearCase querries can be seen on the
external interface, but not on the internal interface. The
packets don't appear to be forwarding. IP forwarding is
on or all other traffic would not pass.
The user sees a RPC timeout. I increased ipfrag_high_thresh
and ipfrag_low_thresh with no affect. Any Ideas are
welcome.

Here as an example on the external side you can see the
responses:

11:49:56.531876 IP servr.mnb.some.com.53212 > client.cam.some.com.x11: P 4138541173:4138541177(4) ack 1798031910 win 50700
11:49:56.532202 IP client.cam.some.com.x11 > servr.mnb.some.com.53212: P 1:41(40) ack 4 win 65055
11:49:56.727092 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 104
11:49:56.854936 IP servr.mnb.some.com.53212 > client.cam.some.com.x11: . ack 41 win 50700
11:49:56.938388 IP servr.mnb.some.com.clearcase > client.cam.some.com.3234: UDP, length 36
11:49:56.939093 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 296
11:49:57.186369 IP servr.mnb.some.com.clearcase > client.cam.some.com.3234: UDP, length 32
11:49:57.186703 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 152
11:49:57.376507 IP servr.mnb.some.com.clearcase > client.cam.some.com.3234: UDP, length 76
11:49:57.377593 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 152
11:49:57.571518 IP servr.mnb.some.com.clearcase > client.cam.some.com.3234: UDP, length 76
11:49:57.572357 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 152
11:49:57.771902 IP servr.mnb.some.com.clearcase > client.cam.some.com.3234: UDP, length 76
11:50:01.453769 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 160
11:50:01.695484 IP servr.mnb.some.com > client.cam.some.com: udp
11:50:04.453557 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 160
11:50:04.642012 IP servr.mnb.some.com > client.cam.some.com: udp
11:50:07.453596 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 160
11:50:07.684234 IP servr.mnb.some.com > client.cam.some.com: udp
11:50:10.453634 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 160
11:50:10.708092 IP servr.mnb.some.com > client.cam.some.com: udp
11:50:13.453796 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 160
11:50:13.643627 IP servr.mnb.some.com > client.cam.some.com: udp
11:50:16.453834 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 160
11:50:16.652119 IP servr.mnb.some.com > client.cam.some.com: udp
11:50:19.453872 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 160
11:50:19.711705 IP servr.mnb.some.com > client.cam.some.com: udp
11:50:20.499745 IP servr.mnb.some.com.53212 > client.cam.some.com.x11: P 4:8(4) ack 41 win 50700
11:50:20.500151 IP client.cam.some.com.x11 > servr.mnb.some.com.53212: P 41:81(40) ack 8 win 65051
11:50:20.862408 IP servr.mnb.some.com.53212 > client.cam.some.com.x11: . ack 81 win 50700
11:50:22.453911 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 160
11:50:22.694088 IP servr.mnb.some.com > client.cam.some.com: udp
11:50:25.453948 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 160
11:50:25.644614 IP servr.mnb.some.com > client.cam.some.com: udp
11:50:35.502104 IP servr.mnb.some.com.netbios-ssn > client.cam.some.com.1775: P 553399112:553399116(4) ack 1087929100 win 49400 NBT Session Packet: Session Keepalive
11:50:35.671867 IP client.cam.some.com.1775 > servr.mnb.some.com.netbios-ssn: . ack 4 win 65089
11:50:47.517706 IP servr.mnb.some.com.53212 > client.cam.some.com.x11: P 8:12(4) ack 81 win 50700
11:50:47.518106 IP client.cam.some.com.x11 > servr.mnb.some.com.53212: P 81:121(40) ack 12 win 65047
11:50:47.770433 IP servr.mnb.some.com.53212 > client.cam.some.com.x11: . ack 121 win 50700


Here is an example on the internal side where you can not see the responses:

11:49:56.531886 IP servr.mnb.some.com.53212 > client.cam.some.com.x11: P 4138541173:4138541177(4) ack 1798031910 win 50700
11:49:56.532194 IP client.cam.some.com.x11 > servr.mnb.some.com.53212: P 1:41(40) ack 4 win 65055
11:49:56.727082 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 104
11:49:56.854944 IP servr.mnb.some.com.53212 > client.cam.some.com.x11: . ack 41 win 50700
11:49:56.938395 IP servr.mnb.some.com.clearcase > client.cam.some.com.3234: UDP, length 36
11:49:56.939086 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 296
11:49:57.186377 IP servr.mnb.some.com.clearcase > client.cam.some.com.3234: UDP, length 32
11:49:57.186695 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 152
11:49:57.376514 IP servr.mnb.some.com.clearcase > client.cam.some.com.3234: UDP, length 76
11:49:57.377586 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 152
11:49:57.571525 IP servr.mnb.some.com.clearcase > client.cam.some.com.3234: UDP, length 76
11:49:57.572350 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 152
11:49:57.771909 IP servr.mnb.some.com.clearcase > client.cam.some.com.3234: UDP, length 76
11:50:01.453760 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 160
11:50:04.453549 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 160
11:50:07.453587 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 160
11:50:10.453625 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 160
11:50:13.453788 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 160
11:50:16.453826 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 160
11:50:19.453864 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 160
11:50:20.499755 IP servr.mnb.some.com.53212 > client.cam.some.com.x11: P 4:8(4) ack 41 win 50700
11:50:20.500142 IP client.cam.some.com.x11 > servr.mnb.some.com.53212: P 41:81(40) ack 8 win 65051
11:50:20.862416 IP servr.mnb.some.com.53212 > client.cam.some.com.x11: . ack 81 win 50700
11:50:22.453902 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 160
11:50:25.453940 IP client.cam.some.com.3234 > servr.mnb.some.com.clearcase: UDP, length 160
11:50:35.502113 IP servr.mnb.some.com.netbios-ssn > client.cam.some.com.1775: P 553399112:553399116(4) ack 1087929100 win 49400 NBT Session Packet: Session Keepalive
11:50:35.671858 IP client.cam.some.com.1775 > servr.mnb.some.com.netbios-ssn: . ack 4 win 65089
11:50:47.517716 IP servr.mnb.some.com.53212 > client.cam.some.com.x11: P 8:12(4) ack 81 win 50700
11:50:47.518098 IP client.cam.some.com.x11 > servr.mnb.some.com.53212: P 81:121(40) ack 12 win 65047
11:50:47.770440 IP servr.mnb.some.com.53212 > client.cam.some.com.x11: . ack 121 win 50700

--
my signature file
Ultimate - Let it fly and I'll be there in the end zone.
.

---

• Prev by Date: Problems with DHCPDECLINE with no IP Conflicts
• Next by Date: IP Not Forwarding
• Previous by thread: Problems with DHCPDECLINE with no IP Conflicts
• Next by thread: IP Not Forwarding
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• Mailing-Lists
• Newsgroups
• About
• Privacy
• Search
• Imprint

linux.derkeiler.com  > Newsgroups  > comp.os.linux.networking  > 2006-01