Date: Tue, 18 Apr 2006 13:24:38 +0200 From: "Nicholas von Waltsleben" <nicvw@korbi.net> To: <freebsd-questions@freebsd.org> Subject: Routing problem Message-ID: <E948674FCA7E37459C2967DC72DBB35201D08C35@Exchange.korbitec.int>
next in thread | raw e-mail | index | archive | help
Hi, I am running a 5.4 box as a gateway server / firewall / mail relay at our company. Previously we had a 4.3-beta server which although horribly outdated hardly ever gave us any problems. Since replacing it with a Dell 850 and installing 5.4 I have experienced intermittent routing issues. The box will stop routing traffic correctly (I have included the output of a ping below). I initially thought that the box was just dropping the packets but after running a trafshow I saw that this was not the case. The server has four interfaces (2 X fxp (dual Intel card), 2 X onboard bge), bge0 connects directly to out hosted infrastructure, bge1 connects to our internal LAN, fxp0 connects to our ISP and, fxp1 is our old DMZ network. The routing issue affects all interfaces except bge1 which is also the only interface running at 1Gbit. Most of the traffic routed through any other interfaces is lost and this seriously impacts on the performance experienced by my users. We have two other identical servers in front of our commercially hosted infrastructure and neither of them is displaying this behavior. I was wondering whether anyone had any ideas as to what could be causing this or what I should be checking when next this occurs? Regards, Nicholas Uname -a output: FreeBSD cptgw01.korbitec.com 5.4-RELEASE-p11 FreeBSD 5.4-RELEASE-p11 #1: Mon Feb 27 09:03:21 SAST 2006 nicvw@:/usr/obj/usr/src/sys/KORBI i386 Ifconfig output: fxp0: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 options=3D8<VLAN_MTU> inet 196.31.9.186 netmask 0xfffffffc broadcast 196.31.9.187 ether 00:90:27:c3:ba:c0 media: Ethernet 10baseT/UTP status: active fxp1: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 options=3D8<VLAN_MTU> inet 192.96.88.225 netmask 0xffffffe0 broadcast 192.96.88.255 ether 00:90:27:c3:ba:c1 media: Ethernet autoselect (100baseTX <full-duplex>) status: active bge0: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 options=3D1a<TXCSUM,VLAN_MTU,VLAN_HWTAGGING> inet 196.31.10.14 netmask 0xfffffff0 broadcast 196.31.10.15 ether 00:13:72:3b:d9:c5 media: Ethernet autoselect (100baseTX <full-duplex>) status: active bge1: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 options=3D1a<TXCSUM,VLAN_MTU,VLAN_HWTAGGING> inet 10.0.0.1 netmask 0xfffffffc broadcast 10.0.0.3 ether 00:13:72:3b:d9:c6 media: Ethernet autoselect (1000baseTX <full-duplex>) status: active lo0: flags=3D8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet 127.0.0.1 netmask 0xff000000 Example of a ping to another 5.4 box connected directly to one of the bge interfaces: ping: sendto: No route to host ping: sendto: No route to host ping: sendto: No route to host ping: sendto: No route to host ping: sendto: No route to host 64 bytes from 196.31.10.2: icmp_seq=3D5 ttl=3D64 time=3D0.383 ms Output of trafshow: fw.in.company.com,ssh 10.4.3.2,2278 tcp 22K 742 10.4.3.2,echo-reqst fw.in.company.com icmp 1680 60 10.4.3.2,echo-reqst 196.31.10.2 icmp 1680 60 fw.in.company.com,echo-reply 10.4.3.2 icmp 1680 60 196.31.10.2,echo-reply 10.4.3.2 icmp 900 20 fw.in.company.com,unrch-host 10.4.3.2 icmp 784 56 Output of netstat -rn: default 196.31.9.185 UGS 0 89193 fxp0 10/30 link#4 UC 0 0 bge1 10.0.0.2 00:16:35:32:1c:00 UHLW 6 39818 bge1 631 10.2/16 10.0.0.2 UGS 0 108 bge1 10.3/16 10.0.0.2 UGS 0 0 bge1 10.4/16 10.0.0.2 UGS 0 68268 bge1 10.4.13/24 192.96.88.247 UGS 0 138 fxp1 10.5/16 10.0.0.2 UGS 0 96 bge1 127.0.0.1 127.0.0.1 UH 0 10456566 lo0 172.16 10.0.0.2 UGS 0 4 bge1 192.96.88.64/26 10.0.0.2 UGS 0 1 bge1 192.96.88.128/26 196.31.10.2 UGS 0 4791 bge0 192.96.88.224/27 link#2 UC 0 0 fxp1 192.96.88.227 00:02:b3:c2:59:2a UHLW 0 33447909 fxp1 1010 192.96.88.229 00:02:b3:b4:bb:2d UHLW 0 113042 fxp1 524 192.96.88.245 00:02:55:54:cb:81 UHLW 0 92 fxp1 333 192.96.88.246 00:90:27:8b:3c:80 UHLW 0 1615758 fxp1 1121 192.96.88.247 00:d0:b7:5e:79:7c UHLW 1 868677 fxp1 828 192.96.88.249 00:90:27:8a:f6:82 UHLW 0 13 fxp1 650 192.96.88.254 00:10:83:ef:2a:c0 UHLW 0 192331 fxp1 371 196.7.154/27 196.31.10.2 UGS 0 1664 bge0 196.7.156.144/28 196.31.10.3 UGS 0 36538 bge0 196.31.9.184/30 link#1 UC 0 0 fxp0 196.31.9.185 00:e0:a3:13:79:25 UHLW 1 9 fxp0 106 196.31.10/28 link#3 UC 0 0 bge0 196.31.10.2 00:13:72:3b:e0:16 UHLW 2 385625 bge0 227 196.31.10.3 00:03:47:81:cc:8a UHLW 1 430667 bge0 208 196.31.10.5 00:13:72:3b:e0:16 UHLW 0 51731 bge0 507 196.31.10.8 00:13:72:3b:e0:16 UHLW 0 452 bge0 1016 196.31.10.15 ff:ff:ff:ff:ff:ff UHLWb 0 9 bge0
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E948674FCA7E37459C2967DC72DBB35201D08C35>