Date: Tue, 16 Jun 1998 10:46:04 +0200 From: Christoph Kukulies <kuku@gilberto.physik.RWTH-Aachen.DE> To: malte@webmore.com Cc: Christoph Kukulies <kuku@gilberto.physik.RWTH-Aachen.DE>, freebsd-questions@freefall.cdrom.com, Doug White <dwhite@resnet.uoregon.edu> Subject: Re: using tcpdump effectively Message-ID: <19980616104604.33409@gil.physik.rwth-aachen.de> In-Reply-To: <XFMail.980616103002.malte@webmore.com>; from Malte Lance on Tue, Jun 16, 1998 at 10:30:02AM %2B0200 References: <19980616081040.53544@gil.physik.rwth-aachen.de> <XFMail.980616103002.malte@webmore.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jun 16, 1998 at 10:30:02AM +0200, Malte Lance wrote: > > On 16-Jun-98 Christoph Kukulies wrote: > > On Mon, Jun 15, 1998 at 08:29:47PM -0700, Doug White wrote: > >> On Mon, 15 Jun 1998, Christoph Kukulies wrote: > >> > >> > > >> > To trace down why some network based X11 sessions are spuriously failing > >> > I' trying to use tcpdump. > >> > > >> > What sporadically happens is that a X session to our Mentor Design > >> > Architect > >> > running on HP is ceased and the connection breaks (we login via rlogin > >> > and start the X client with DISPLAY set to the FreeBSD machine.) > >> > > >> > When the connection breaks we see something like 'no route to host' > > Who is loosing the route ? Displaying-machine or the machine running the app ? Displaying machine. But see below: In the meantime I located the problem (see my posting to the list about two hours ago) as being probably a NT machine in the local net or some other malign program that was sending a host unreachable ICMP packet to my host (the X server host - FreeBSD) which then disconnected due to that ICMP packet. > What about running a continious ping from the displaying-machine to the > HP-machine to keep the route up. If this helps, there is really a routing- > problem. > > How are the routes build up ? Routing daemon or static routes ? As said already earlier, no hop involved, just the local ethernet. The routes are set up statically. > > Malte. > > >> > >> Most likely the client is loosing the network connection to the host, > >> either by damage to the routing tables on the client or on an intermediate > >> network device. Run a traceroute to the HP box when MDA crashes and see if > >> it fails anywhere. > > > > As stated in a previous reply, it happens even on the local ethernet. > > So there is no hop involved and I don't see a reason > > why there should be a 'route lost' or no 'route to host'. > > > >> > >> > Could that be caused by denial of service attacks? What exactly is a > >> > denial > >> > of service attack? > >> > >> A denial of service attack (DoS) attempts to keep a machine from being > >> servicable by overwhelming it with requests or by disabling a server, > >> rending it useless. > > > > OK, this doesn't seem to be the case here. > > > >> > >> Doug White | University of Oregon > >> Internet: dwhite@resnet.uoregon.edu | Residence Networking Assistant > >> http://gladstone.uoregon.edu/~dwhite | Computer Science Major > >> NOTICE: Make sure your mailer replies to dwhite@resnet or I won't get it! > > > > -- > > --Chris Christoph P. U. Kukulies kuku@gil.physik.rwth-aachen.de > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > ---------------------------------- > E-Mail: Malte Lance <malte@webmore.com> > Date: 16-Jun-98 > Time: 10:16:12 > ---------------------------------- -- Chris Christoph P. U. Kukulies kuku@gil.physik.rwth-aachen.de To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980616104604.33409>