[Ilugc] Weird network problem

• From: joe_steeve@xxxxxxx (Joe Steeve)
• Date: Mon Jul 31 12:57:50 2006

I'm facing a weird network issue which is not directly a Linux kernel
issue., but I'm not sure.

The following is the layout of the network which causes the issue.

{mailserver}------\
203.129.914.19    |
                  |---{switch}----{firewall}-\
                  |                          |
{proxy server}----/                          |
203.129.194.20                               |
                                       {cisco router}
                                       203.129.194.17
                                             |
                                             |
                                          {modem}
                                             |
                                             |
                                        {ISP router}
                                       203.129.194.201
                                             |
                                             |
                                         Internet


- The 'switch1' is a normal Dlink switch

- The 'firewall' is a PIII box running gnu/linux. It bridges traffic
between eth0 to eth1., and in the process denies some incoming
connections and unwanted outgoing connections (basic iptables +
bridging)

- The router is a Cisco router.

The problem: This issue happens randomly. We are not able to identify a
pattern or reason why this happens. At some random times.,
203.129.194.201 will not be reachable from the 'mailserver'. The 'cisco
router' would be reachable (via a ping) from the 'mailserver'. A
traceroute from the 'mailserver' to an external site (like
www.google.com) would end with the 'cisco router'. But all other
machines ('proxy server') would not have a problem. A 'ifdown-ifup'
cycle on the 'mailserver' fixes the issue.

I verified the route configuration which is as follows., and that is not
the one that is responsible for the problem.

Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
203.129.194.16  0.0.0.0         255.255.255.240 U     0      0        0 eth1
10.0.0.0        0.0.0.0         255.0.0.0       U     0      0        0 eth0
0.0.0.0         203.129.194.17  0.0.0.0         UG    0      0        0 eth1

I suspected the router., but the router's configuration has not been
touched in years., and it has been running fine for atleast 3 years now
(to my knowledge). A restart of the router did not solve the issue.
'ifdown-ifup' cycle on the mailserver solves the issue., so it does not
seem anything related to the router.

The rules in the firewall either allow traffic out or dont. If a machine
behind the firewall is able to reach 203.129.194.17., it means it the
firewall has passed it through.

Any clues or pointers would be very helpful.

-- 
.o. A proud GNU user
..o
ooo [W] http://www.joesteeve.org/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
Url : 
http://www.ae.iitm.ac.in/pipermail/ilugc/attachments/20060731/6d6925a7/signature.bin

• Follow-Ups:
  • [Ilugc] Weird network problem
    • From: Girish Venkatachalam

Other related posts:

• » [Ilugc] Weird network problem - Joe Steeve
• » [Ilugc] Weird network problem- Girish Venkatachalam
• » [Ilugc] Weird network problem- Joe Steeve
• » [Ilugc] Weird network problem- Girish Venkatachalam
• » [Ilugc] Weird network problem- Joe Steeve
• » [Ilugc] Weird network problem- Girish Venkatachalam
• » [Ilugc] Weird network problem- Suresh Ramasubramanian
• » [Ilugc] Weird network problem- Joe Steeve
• » [Ilugc] Weird network problem- Joe Steeve

1. Home
2. ilugc
3. Archive
4. 07-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---