Hi,
There seem to be something weird in 2.4 compared to 2.2.
The masquerading in 2.4 can apparently transform a router into an
automatic trafic generator in some cases.
Here is the logical network configuration I have, a simple masqueraded
network :
I----F----E
I (bepc.paralline.i) : internal computer using masquerading (standard
linux 2.2.16)
F (external IP : maxwell.paralline.com, internal IP 192.168.2.1) :
firewall doing the masquerading (2.4.0test8, PII/350 128MB, uptime 30
days)
E : external network (cable modem)
For switching from 2.2 to 2.4, I compiled the ipchains module and used
the emulation method.
Here are the firewall masquerading rules this problem appeared with :
ipchains -P forward DENY
ipchains -A forward -s 192.168.2.0/24 -j MASQ
Exactly the same that what I used for 2.2 kernels...
And here is a crazy log from tcpdump executed on the external interface
of the firewall :
20:42:55.594209 maxwell.paralline.com.61642 > www.geologie.ens.fr.http:
. ack 1 win 31856 <nop,nop,timestamp 36419278 22758571> (DF)
20:42:55.594877 www.geologie.ens.fr.http > bepc.paralline.i.4198: . ack
1 win 8760 <nop,nop,timestamp 22759037 36387023> (DF)
20:42:55.595405 maxwell.paralline.com.61642 > www.geologie.ens.fr.http:
. ack 1 win 31856 <nop,nop,timestamp 36419278 22758571> (DF)
20:42:55.595879 www.geologie.ens.fr.http > bepc.paralline.i.4198: . ack
1 win 8760 <nop,nop,timestamp 22759037 36387023> (DF)
20:42:55.596212 maxwell.paralline.com.61642 > www.geologie.ens.fr.http:
. ack 1 win 31856 <nop,nop,timestamp 36419278 22758571> (DF)
20:42:55.596729 www.geologie.ens.fr.http > bepc.paralline.i.4198: . ack
1 win 8760 <nop,nop,timestamp 22759037 36387023> (DF)
20:42:55.597403 maxwell.paralline.com.61642 > www.geologie.ens.fr.http:
. ack 1 win 31856 <nop,nop,timestamp 36419278 22758571> (DF)
20:42:55.604912 www.geologie.ens.fr.http > bepc.paralline.i.4198: . ack
1 win 8760 <nop,nop,timestamp 22759037 36387023> (DF)
20:42:55.605259 maxwell.paralline.com.61642 > www.geologie.ens.fr.http:
. ack 1 win 31856 <nop,nop,timestamp 36419279 22758571> (DF)
20:42:55.605495 www.geologie.ens.fr.http > bepc.paralline.i.4198: . ack
1 win 8760 <nop,nop,timestamp 22759037 36387023> (DF)
20:42:55.605806 maxwell.paralline.com.61642 > www.geologie.ens.fr.http:
. ack 1 win 31856 <nop,nop,timestamp 36419279 22758571> (DF)
20:42:55.606113 www.geologie.ens.fr.http > bepc.paralline.i.4198: . ack
1 win 8760 <nop,nop,timestamp 22759037 36387023> (DF)
20:42:55.606654 maxwell.paralline.com.61642 > www.geologie.ens.fr.http:
. ack 1 win 31856 <nop,nop,timestamp 36419279 22758571> (DF)
20:42:55.612966 www.geologie.ens.fr.http > bepc.paralline.i.4198: . ack
1 win 8760 <nop,nop,timestamp 22759037 36387023> (DF)
20:42:55.613309 maxwell.paralline.com.61642 > www.geologie.ens.fr.http:
. ack 1 win 31856 <nop,nop,timestamp 36419280 22758571> (DF)
Stopping the http browser didn't help.
If I disconnect the external network ethernet cable during a few seconds
and reconnect it, it stops generating trafic.
This problem happens with various web servers being browsed (i.e. :
different OS stacks). It did not appear before the 2.4 switch with the
same internal computer and kernel.
I checked the list archives and found nothing related to that kind of
problems. I don't know this area of the kernel enough to track down the
bug, but I will give all the help I can.
I can add test code to the firewall, patch/recompile a kernel and
provide new logs if needed.
Hope it helps,
Pierre BRUA
--
PARALLINE /// Parallelism & Linux
///
71,av. des Vosges Phone:+33 388 141 740 mailto:brua@paralline.com
F-67000 STRASBOURG Fax:+33 388 141 741 http://www.paralline.com
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Sep 21 2000 - 20:04:47 EDT