RE: Urgent 4.9 networking problems

From: JJB (Barbish3_at_adelphia.net)
Date: 06/24/04

  • Next message: Matthew Seaman: "Re: Urgent 4.9 networking problems" 
    To: "Dave Raven" <dave@raven.za.net>, <freebsd-questions@freebsd.org>
Date: Thu, 24 Jun 2004 17:45:24 -0400

    Post your ipf rules and ipnat rules and /etc/resolv.conf
    resolv.conf should have your isp's dns server names. If not then
    post rc.conf also. Give interface name of Nic card connected to
    public internet. Has this network ever functioned correctly or is
    it something you are just putting together now?

    -----Original Message-----
    From: owner-freebsd-questions@freebsd.org
    [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Dave Raven
    Sent: Thursday, June 24, 2004 5:29 PM
    To: freebsd-questions@freebsd.org
    Subject: RE: Urgent 4.9 networking problems

    I have made further progress - thanks for all your steady replies. I
    know it
    might look like I haven't looked into it enough but this is just
    part of my
    bigger problem - here we go..

    By adding my routers ip and my local machines ip to hosts, I've
    fixed the
    telnet to the router and the ping -R - but why is telnet timing out
    ?? I
    have NO DNS at all - there is nothing in resolv.conf yet it still
    makes
    requests to local host. I have to disable dns.

    I have no idea why it would sit for 2 minutes trying to resolve the
    ip for
    my telnet though???
    Is this a problem? How do I stop dns altogether... The machine is
    acting as
    a firewall with NAT'ing and routing.

    The real problem that's gotten me down to here is with IPNat
    though - it
    says its map'd the address but in actual fact freebsd forwards it.
    Could
    this all be a red herring as a dns problem?

    Thanks
    Dave

    -----Original Message-----
    From: JJB [mailto:Barbish3@adelphia.net]
    Sent: 24 June 2004 11:23 PM
    To: Dave Raven; freebsd-questions@freebsd.org
    Subject: RE: Urgent 4.9 networking problems

    Your symptoms are typical of DNS time outs.
    Ping ip address does no DNS lookups.
    Ping freebsd.org will not work either.

    With out a lot more detail about your network environment, the best
    I can say is look at how your network resolves DNS lookups.

    Some times a ISP will change the ip address of their DNS or DHCP
    servers and if you have their ip address hard coded in your firewall
    rules your network will just stop talking to the public internet.
    Start your research there.

    -----Original Message-----
    From: owner-freebsd-questions@freebsd.org
    [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Dave Raven
    Sent: Thursday, June 24, 2004 4:54 PM
    To: freebsd-questions@freebsd.org
    Subject: Urgent 4.9 networking problems

    Hi all,
            I really need some urgent help with this I'm completely
    confused. I
    have a FreeBSD 4.9 machine running ipfilter ipnat vrrp and a few
    other
    services, today is the first time I tried to access through the
    specific
    method but now every interface and every local address I try has the
    same
    problem. I can ping anything - but any other kind of traffic waits
    for about
    2 minutes before transmitting - this is true with tcp and udp. I'm
    trying to
    access machines on the same network - and if I ping -R you can see
    the same
    effect - pasted below. I've also included the interface that I'm
    trying to
    do this on although it seems to be happening on all my other
    interfaces..
    I try to telnet to a cisco router that's on a switch I'm plugged in
    and I
    see the same behaviour - it just waits then suddenly responds very
    quickly.
    My IpFilter rules don't log anything until it responds at which time
    they
    pass it - and tethereal + tcpdump also see if perfectly AFTER the
    long
    delay.

    It appears that its sitting on the kernel for 2 minutes??? It just
    does
    NOTHING then all of a sudden responds. The only thing I can find
    that works
    is icmp - and perfectly. I'm sorry for the urgency but its very high
    priority

    Thanks in advance
    Dave

    # ifconfig fxp1
    fxp1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
            inet x.y.186.3 netmask 0xffffff00 broadcast x.y.186.255
            inet x.y.186.1 netmask 0xffffffff broadcast x.y.186.1
            inet x.y.186.15 netmask 0xffffffff broadcast x.y.186.15
            inet x.y.186.14 netmask 0xffffffff broadcast x.y.186.14
            inet x.y.186.142 netmask 0xffffffff broadcast x.y.186.142
            inet x.y.186.33 netmask 0xffffffff broadcast x.y.186.33
            inet x.y.186.124 netmask 0xffffffff broadcast x.y.186.124
            inet x.y.186.250 netmask 0xffffffff broadcast x.y.186.250
            inet x.y.186.122 netmask 0xffffffff broadcast x.y.186.122
            inet x.y.186.25 netmask 0xffffffff broadcast x.y.186.25
            inet x.y.186.127 netmask 0xffffffff broadcast x.y.186.127

    # date ; ping -R -c1 x.y.186.253 ; date
    Thu Jun 24 22:43:13 SAST 2004
    PING x.y.186.253 (152.110.186.253): 56 data bytes
    64 bytes from x.y.186.253: icmp_seq=0 ttl=255 time=0.414 ms
    RR: x.y.186.253
            x.y.186.253
            x.y.186.3

    --- x.y.186.253 ping statistics ---
    1 packets transmitted, 1 packets received, 0% packet loss
    round-trip min/avg/max/stddev = 0.414/0.414/0.414/0.000 ms
    Thu Jun 24 22:46:58 SAST 2004

    _______________________________________________
    freebsd-questions@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-questions
    To unsubscribe, send any mail to
    "freebsd-questions-unsubscribe@freebsd.org"

    _______________________________________________
    freebsd-questions@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-questions
    To unsubscribe, send any mail to
    "freebsd-questions-unsubscribe@freebsd.org"

    _______________________________________________
    freebsd-questions@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-questions
    To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"

  • Next message: Matthew Seaman: "Re: Urgent 4.9 networking problems"

    Relevant Pages

    • Re: iptables udp and output
      ... Ping can be a nice tool to help troubleshoot the network with. ... If those are incoming connection requests, you could specify that they're ... DNS traffic is UDP. ...
      (comp.os.linux.security)
    • Re: Internet Access problems in Fedora Core 4
      ... using the raw ip was to factor out DNS from the troubleshooting. ... set right or your card's interface isn't setup right. ... nameserver <proxy if proxy does dns to you or isp's dns> ... PING 64.233.179.99 56bytes of data. ...
      (comp.os.linux.misc)
    • RE: Urgent 4.9 networking problems
      ... It is currently functioning perfectly and has been for 48 days - ipnat ... possible to _not_ have a dns server without having the timeout. ... Give interface name of Nic card connected to ... With out a lot more detail about your network environment, ...
      (freebsd-questions)
    • Re: Trouble adding pc to domain
      ... Just tried to reset the IP stack and that didn't help either. ... I can ping public sites such as yahoo.com by name but I can not ping internal hostnames. ... Any ideas on what I need to do to the dns server to resolve this? ... The network card works as I can surf the net without any problems. ...
      (microsoft.public.windows.server.networking)
    • RE: Urgent 4.9 networking problems
      ... telnet to the router and the ping -R - but why is telnet timing out ?? ... I have to disable dns. ... Ping ip address does no DNS lookups. ... I can say is look at how your network resolves DNS lookups. ...
      (freebsd-questions)