Date: Wed, 6 Mar 2002 09:22:49 -0700 From: "Tim Pushor" <timp@crossthread.com> To: "f.johan.beisser" <jan@caustic.org> Cc: <questions@FreeBSD.ORG> Subject: Re: Weird IP problem (arp?) Message-ID: <022801c1c52b$2cb835a0$9828f99f@valkyrie> References: <20020305220316.F52371-100000@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
Johan, First of all, thanks for the reply. I am not as inept as my post may have seemed. I would not trouble the list with a network problem before checking the obvious. I must admit, that my setup is not quite as simple as I have made out, but not much more diffucult. We have a class 'C' block from our ISP that we have further broken down into two subnets. The Cisco 1005 belongs to the ISP and I have no administrative control over it. The machines use the mask 0xffffff80. As I said, I have a few freebsd boxes on this subnet, so I know our network works :). The IP address is within the upper range of the class 'C' (it is not the network or broadcast address). The lower 126 addresses are not currently in use. Again, from the console, I can get to the local network, or out to the Internet, and the Internet can then get to the box. If I wait an hour, I cannot get to the box from the Internet any more, but if I either: 1) Get on the box locally and establish a connection somwhere outside 2) Establish communication from the Internal network to the box Then I can access the box from the Internet for a period of time (hour or two, I havn't measured - but it seems consistent). So if it were a problem with ARP, I would think that the problem is with the router, not the box, and I don't have administrative control over the router. Do other machines on the subnet listen to the ARP request and response and update their cache's? I can't remember. I am an application programmer, not TCPIP guru (but I know what a netmask is :) Thanks, Tim ----- Original Message ----- From: "f.johan.beisser" <jan@caustic.org> To: "Tim Pushor" <timp@crossthread.com> Cc: <questions@FreeBSD.ORG> Sent: Tuesday, March 05, 2002 11:20 PM Subject: Re: Weird IP problem (arp?) > On Tue, 5 Mar 2002, Tim Pushor wrote: > > > Hi, > > > > I am having a strange problem and hoping someone has seen this one > > before. > > > > I have an Internet connected network with several FreeBSD servers > > sitting on a class 'C' subnet behind a Cisco 1005 series router > > connected to ISP - simple setup. The symptoms are: > > are you sure this is a true class C? > > if so, the netmask is 255.255.255.0 (0xffffff00). > > > The server seemed fine upon initial build. It could talk everywhere - > > locally, and to the Internet via the 1005 (its default route). > > ok. so hte 1005 knows what to do with the packets headed out from that > machine. that makes sense. > > next question, can you hit any other machines on that subnet? > > > I get home and try to get there over the Internet, no go - no response. > > I go to another machine in the local network and ping or otherwise try > > to get to the machine in question. Sometimes its immediate, sometimes it > > takes a short while, but it always comes back. After this I can > > communicate from my house over the Internet to the server for a while > > (not sure exactly how long, but I would guess for at least an hour and > > never more than 4) before it becomes inaccessible again. > > > > It would also seem that getting on the box locally and establishing > > network connections anywhere also cures the problem for a short while. > > > > I initially started with a 3COM 3C905C card, and have switched it out > > with a D-Link to rule out the network card. There was no change. There > > is nothing at all in the system log (or system logs of neighboring > > machines). I am running the stock Generic kernel (for now). I do not > > have access to the router. > > i doubt this is a NIC problem. > > > I am no expert in troubleshooting TCP/IP, but this seems like an arp > > problem. Has anyone seen this before? > > i doubt this is the issue. what's the output from arp -an? > > it should have something like this: > > ? (192.168.1.1) at 00:00:c5:7e:f4:b4 on fxp0 [ethernet] > > to break it down simply: > > 192.168.1.1 is my switch's IP. > 00:00:c5:7e:f4:b4 is it's MAC address. > > what you're looking for is any kind of breakage, or partially resolved MAC > addresses. this is rare, though. > > > Failing this I will probably run tcpdump on one of the other servers, > > but I guess I am not exactly sure what I am looking for. > > if the network is switched, this won't do you much good. running tcpdump > on one of other machines in a hubbed network will give you more > information. in the switched network, it'll allow you to see if hte > packets are arriving at all; but that's about it. > > the first thing i would do is make sure that your netmask and IP are > correct. after that, start looking at the router. next talk to the network > adminsitrator, and see if you can get some assistance in diagnosing any > problems. > > -------/ f. johan beisser /--------------------------------------+ > http://caustic.org/~jan jan@caustic.org > "John Ashcroft is really just the reanimated corpse > of J. Edgar Hoover." -- Tim Triche > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?022801c1c52b$2cb835a0$9828f99f>