Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 30 Sep 2003 21:57:09 +0000
From:      Lewis Thompson <lthompson@cs.man.ac.uk>
To:        questions@freebsd.org
Subject:   weird natd issue (maybe reinjection trouble?)
Message-ID:  <20030930215709.GA21498@SDF-EU.ORG>

next in thread | raw e-mail | index | archive | help
# please cc me!  I've just got to university and can't get all my mail
# right now.  It'd really help a lot.  Thanks!

Hi,

I'm having trouble with natd on a dual-homed host.  I've done my best to
troubleshoot the problem but I'm no networking expert and I'm hoping
it's something I've overlooked.

  I have two machines -- clientmachine (also
black.lewiz.org/192.168.0.12) and natdmachine (also
purple.lewiz.org/192.168.0.1, lh014.halls.umist.ac.uk/130.88.163.14).
natdmachine can access the Internet fine -- I can use the web, ping,
etc.  However, when it comes to natting the connection I stumble across
problems.

  First of all ICMP ping works and I get replies.  Some nat stuff is
going on and seemingly working.  However, if I try and access the web
(through a proxy at UMIST) the trouble starts.  It seems to me that the
following is happening (the ``evidence'' from tcpdump and natd is shown
below):

clientmachine attempts to access site through proxy.  The default route
is to natdmachine.  This arrives at natdmachine and gets passed through
natd, which then duly sends out the packet to the proxy.  Fine.  The
response from the proxy comes back, goes through natd (which realises
where the packet is bound) and then... well, nothing.  It's very much as
though natd doesn't spit the packet back out.  I have searched for
reinjection problems but afaik this is not it (please tell me I'm
wrong!)

  I've not included the log outputs for an ICMP ping but it basically
shows:

22:43:20.207183 black.lewiz.org > 216.239.37.99: icmp: echo request
22:43:20.288565 216.239.37.99 > black.lewiz.org: icmp: echo reply

on natdmachine's local interface (sis0).  With an attempt to access the
proxy all I get is the equivalent of a request but no response (despite
it being processed by natd).

  *ANY IDEAS AT ALL* would be greatly appreciated!  I'm really stuck
here and I'm no routing/natting genius.  If it's something simple I'm
sorry (but glad).  I can provide any details required.  Thanks very
much,

# logs.  all snipped as i saw appropriate.  if you want more verbosity,
# just ask!

clientmachine# tcpdump -i rl0  (rl0 is clientmachine's only if (internal))
22:33:05.514351 black.lewiz.org.49205 > kevin.umist.ac.uk.3128: S 4110987312:411
0987312(0) win 65535 <mss 1460,nop,wscale 1,nop,nop,timestamp 1658030 0> (DF)

natdmachine# tcpdump -i sis0  (sis0 is internal if)
22:33:06.391596 black.lewiz.org.49205 > kevin.umist.ac.uk.3128: S 4110987312:411
0987312(0) win 65535 <mss 1460,nop,wscale 1,nop,nop,timestamp 1658650 0> (DF)

natdmachine# /sbin/natd -n rl0 -v  (rl0 is internet/external if)
Out [TCP]  [TCP] 192.168.0.12:49205 -> 130.88.96.65:3128 aliased to
           [TCP] 130.88.163.14:49205 -> 130.88.96.65:3128
In  [TCP]  [TCP] 130.88.96.65:3128 -> 130.88.163.14:49205 aliased to
           [TCP] 130.88.96.65:3128 -> 192.168.0.12:49205

natdmachine# tcpdump -i rl0  (rl0 is internet/external if)
22:33:06.391813 lh014.halls.umist.ac.uk.49205 > kevin.umist.ac.uk.3128: S 411098
7312:4110987312(0) win 65535 <mss 1460,nop,wscale 1,nop,nop,timestamp 1658650 0>
 (DF)
22:33:06.392139 kevin.umist.ac.uk.3128 > lh014.halls.umist.ac.uk.49205: S 355908
4666:3559084666(0) ack 4110987313 win 5792 <mss 1460,nop,nop,timestamp 944903651
 1658030,nop,wscale 0> (DF)
# no response from lh014 here
22:33:06.878969 kevin.umist.ac.uk.3128 > lh014.halls.umist.ac.uk.49204: S 351740
0283:3517400283(0) ack 3127196455 win 5792 <mss 1460,nop,nop,timestamp 944903700
 1654158,nop,wscale 0> (DF)

-lewiz.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030930215709.GA21498>