From owner-freebsd-questions@FreeBSD.ORG  Wed Apr  2 21:09:01 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9348537B401
	for <freebsd-questions@freebsd.org>;
	Wed,  2 Apr 2003 21:09:01 -0800 (PST)
Received: from yowie.cc.uq.edu.au (yowie.cc.uq.edu.au [130.102.2.2])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 5E19943FB1
	for <freebsd-questions@freebsd.org>;
	Wed,  2 Apr 2003 21:09:00 -0800 (PST)
	(envelope-from csmith@its.uq.edu.au)
Received: from its.uq.edu.au (tobermory.its.uq.edu.au [130.102.152.68])
	by yowie.cc.uq.edu.au (8.12.9/8.12.9) with ESMTP id h3358qfI025128
	for <freebsd-questions@freebsd.org>;
	Thu, 3 Apr 2003 15:08:52 +1000 (GMT+1000)
Date: Thu, 3 Apr 2003 15:08:52 +1000
Mime-Version: 1.0 (Apple Message framework v551)
Content-Type: text/plain; charset=US-ASCII; format=flowed
From: Christopher Smith <csmith@its.uq.edu.au>
To: freebsd-questions@freebsd.org
Content-Transfer-Encoding: 7bit
Message-Id: <5C9140FE-6592-11D7-BABB-000502F96668@its.uq.edu.au>
X-Mailer: Apple Mail (2.551)
Subject: Weird traceroute problem
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Apr 2003 05:09:02 -0000

Ok, I'm sure I'm missing something really simple and obvious here, but 
I'm stuck.

I have two firewalls - the second is being prepped to replace the 
first.  All networking from the second machine appears to be fine 
*except* traceroute looks broken.  This happens:

(machine that works)
mr2fw2# traceroute 130.102.2.15
traceroute to 130.102.2.15 (130.102.2.15), 64 hops max, 40 byte packets
  1  beak-fw (130.102.1.67)  0.802 ms  0.639 ms  0.567 ms
  2  zeus-beak (130.102.1.91)  0.484 ms  0.373 ms  0.367 ms
  3  feather-zeus (130.102.1.81)  0.911 ms  0.523 ms  0.538 ms
  4  krefti.cc.uq.edu.au (130.102.2.15)  0.386 ms  0.311 ms  0.425 ms
mr2fw2#

(machine that doesn't)
rock# traceroute 130.102.2.15
traceroute to 130.102.2.15 (130.102.2.15), 64 hops max, 44 byte packets
  1  * * *
  2  * * *
  3  * * *
  4  krefti.cc.uq.edu.au (130.102.2.15)  0.311 ms  0.329 ms  0.257 ms
rock#


Traceroute *from* the target machine (130.102.2.15) to the non-working 
machine works fine.  The networking guys assure me there are no filters 
on the router that might be causing problems.

The machine that works is running 4.6.2p2.
The machine that doesn't is running 4.8-RELEASE

Any ideas ?


Other info that might be relevant:
(machine that works)
netstat -nr:
Internet:
Destination        Gateway            Flags    Refs      Use  Netif 
Expire
default            130.102.1.67       UGSc        2      114  vlan0
127.0.0.1          127.0.0.1          UH          0        0    lo0
130.102.1.64/28    link#3             UC          1        0  vlan0
130.102.1.67       0.d0.0.db.f8.0     UHLW        3        0  vlan0   
1198

ifconfig vlan0:
vlan0: flags=9843<UP,BROADCAST,RUNNING,SIMPLEX,LINK0,MULTICAST> mtu 1500
         inet 130.102.1.68 netmask 0xfffffff0 broadcast 130.102.1.79
         inet6 fe80::206:5bff:fe8f:4390%vlan0 prefixlen 64 scopeid 0x3
         ether 00:06:5b:8f:43:90
         media: Ethernet autoselect (1000baseTX <full-duplex>)
         status: active
         vlan: 366 parent interface: bge0

tcpdump of a successful traceroute:
15:03:17.134503 130.102.1.71.54793 > 130.102.2.15.33435:  udp 12 [ttl 1]
15:03:17.135310 130.102.1.71.54793 > 130.102.2.15.33436:  udp 12 [ttl 1]
15:03:17.135837 130.102.1.71.54793 > 130.102.2.15.33437:  udp 12 [ttl 1]
15:03:17.136613 130.102.1.71.54793 > 130.102.2.15.33438:  udp 12
15:03:17.137084 130.102.1.71.54793 > 130.102.2.15.33439:  udp 12
15:03:17.137427 130.102.1.71.54793 > 130.102.2.15.33440:  udp 12
15:03:17.138053 130.102.1.71.54793 > 130.102.2.15.33441:  udp 12
15:03:17.138820 130.102.1.71.54793 > 130.102.2.15.33442:  udp 12
15:03:17.139376 130.102.1.71.54793 > 130.102.2.15.33443:  udp 12
15:03:17.140625 130.102.1.71.54793 > 130.102.2.15.33444:  udp 12
15:03:17.141021 130.102.2.15 > 130.102.1.71: icmp: 130.102.2.15 udp 
port 33444 unreachable
15:03:17.141352 130.102.1.71.54793 > 130.102.2.15.33445:  udp 12
15:03:17.141611 130.102.2.15 > 130.102.1.71: icmp: 130.102.2.15 udp 
port 33445 unreachable
15:03:17.141904 130.102.1.71.54793 > 130.102.2.15.33446:  udp 12
15:03:17.142196 130.102.2.15 > 130.102.1.71: icmp: 130.102.2.15 udp 
port 33446 unreachable


(machine that doesn't)

Destination        Gateway            Flags    Refs      Use  Netif 
Expire
default            130.102.1.67       UGSc       52 -1293793694  vlan0
127.0.0.1          127.0.0.1          UH          0   623179    lo0
130.102.1.64/28    link#5             UC          3        0  vlan0
130.102.1.67       0.d0.0.db.f8.0     UHLW       51       30  vlan0   
1180

ifconfig vlan0:
vlan0: flags=9843<UP,BROADCAST,RUNNING,SIMPLEX,LINK0,MULTICAST> mtu 1500
         inet 130.102.1.71 netmask 0xfffffff0 broadcast 130.102.1.79
         inet 130.102.1.74 netmask 0xffffffff broadcast 130.102.1.74
         inet 130.102.1.75 netmask 0xffffffff broadcast 130.102.1.75
         inet 130.102.1.76 netmask 0xffffffff broadcast 130.102.1.76
         inet 130.102.1.73 netmask 0xffffffff broadcast 130.102.1.73
         inet 130.102.1.78 netmask 0xffffffff broadcast 130.102.1.78
         ether 00:a0:cc:73:48:2c
         vlan: 366 parent interface: ti0

tcpdump of an attempted traceroute:
15:05:58.806352 130.102.1.69.34304 > 130.102.2.15.33435: [no cksum] udp 
16 [ttl 1] (id 34305, len 44)
15:06:03.807616 130.102.1.69.34304 > 130.102.2.15.33436: [no cksum] udp 
16 [ttl 1] (id 34306, len 44)
15:06:08.817647 130.102.1.69.34304 > 130.102.2.15.33437: [no cksum] udp 
16 [ttl 1] (id 34307, len 44)
15:06:13.827789 130.102.1.69.34304 > 130.102.2.15.33438: [no cksum] udp 
16 (ttl 2, id 34308, len 44)
15:06:18.837804 130.102.1.69.34304 > 130.102.2.15.33439: [no cksum] udp 
16 (ttl 2, id 34309, len 44)
15:06:23.847896 130.102.1.69.34304 > 130.102.2.15.33440: [no cksum] udp 
16 (ttl 2, id 34310, len 44)
15:06:28.857986 130.102.1.69.34304 > 130.102.2.15.33441: [no cksum] udp 
16 (ttl 3, id 34311, len 44)
15:06:33.868034 130.102.1.69.34304 > 130.102.2.15.33442: [no cksum] udp 
16 (ttl 3, id 34312, len 44)
15:06:38.878104 130.102.1.69.34304 > 130.102.2.15.33443: [no cksum] udp 
16 (ttl 3, id 34313, len 44)
15:06:43.888194 130.102.1.69.34304 > 130.102.2.15.33444: [no cksum] udp 
16 (ttl 4, id 34314, len 44)
15:06:43.888610 130.102.2.15 > 130.102.1.69: icmp: 130.102.2.15 udp 
port 33444 unreachable (ttl 61, id 23355, len 56)
15:06:43.888734 130.102.1.69.34304 > 130.102.2.15.33445: [no cksum] udp 
16 (ttl 4, id 34315, len 44)
15:06:43.892707 130.102.2.15 > 130.102.1.69: icmp: 130.102.2.15 udp 
port 33445 unreachable (ttl 61, id 23356, len 56)
15:06:43.892788 130.102.1.69.34304 > 130.102.2.15.33446: [no cksum] udp 
16 (ttl 4, id 34316, len 44)
15:06:43.893001 130.102.2.15 > 130.102.1.69: icmp: 130.102.2.15 udp 
port 33446 unreachable (ttl 61, id 23358, len 56)


-- 
+- Christopher Smith, Systems Administrator 
------------------------------+
|  Server & Security Group, Information Technology Services             
   |
|  The University of Queensland, Brisbane, Australia, 4072              
   |
+- Ph +61 7 3365 4046 | email csmith@its.uq.edu.au | Fax +61 7 3365 
4065 -+