Some packets leaving Ethernet interface include a source port value of 1

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I googled around and I found this addressed in two different threads, but
I'm too dense to know how to resolve this my configuration.
	http://marc.theaimsgroup.com/?l=netfilter&m=114303032503010&w=2
	
http://lists.netfilter.org/pipermail/netfilter/2004-March/051044.html

I have two DHCP servers, one with IP address a.b.c.22 and the other with
a.b.c.23.  These are set up in redundant form, such that if one fails, the
other takes over.  The master and floating IP address, much like VRRP, is
a.b.c.24.  My DHCP relays point to this IP address.  

The DHCP response packets have been given a rule to replace their source
address from the .22 or .23 to the correct .24.  When the DHCP relay was
using a UDP src/dst port of 68/67 we had no problems, with just some of the
DHCP Acks using a source port of 1.  That's not great, but the big problem
started when our DHCP relay started using a UDP src/dst port of 67/67.  Now
most DHCP Offers and Acks have a source port of 1.

The NAT table has this rule:
	-A POSTROUTING -s a.b.c.22 -p udp -m udp --sport 67 -j SNAT
--to-source a.b.c.24 


And here's the output of iptables-save:
# Generated by iptables-save v1.2.11 on Mon Oct 30 21:51:38 2006
*nat
:PREROUTING ACCEPT [692:279420]
:POSTROUTING ACCEPT [1696:186148]
:OUTPUT ACCEPT [2070:309673]
-A POSTROUTING -s a.b.c.22 -o eth0 -p udp -m udp --sport 67 -j SNAT
--to-source a.b.c.24 
COMMIT
# Completed on Mon Oct 30 21:51:38 2006

Here's the relevant portion of my ifconfig:

server1:~# ifconfig -a
eth0      Link encap:Ethernet  HWaddr 00:E0:81:64:B2:B1  
          inet addr:a.b.c.22  Bcast:a.b.c.255  Mask:255.255.255.0
          inet6 addr: fe80::2e0:81ff:fe64:b2b1/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:790809 errors:0 dropped:0 overruns:0 frame:0
          TX packets:263333 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:89577696 (85.4 Mb)  TX bytes:71876862 (68.5 Mb)
          Interrupt:20 Base address:0x7000 

eth0:0    Link encap:Ethernet  HWaddr 00:E0:81:64:B2:B1  
          inet addr:a.b.c.24  Bcast:199.120.69.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:20 Base address:0x7000 

Any ideas how to rewrite the POSTROUTING rule so that this works correctly?

Regards,

Frank
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux