Re: Mystics of packet forwarding

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Ivan Petrushev wrote:
One think I can come with is TTL limiting (largely known here where I
live). Try pinging these "troubling" sites from your home gateway and
see if TTL is 1 or 2 or some bigger value.
I don't quite understand what are you saying? TTL too small and expires in path? TTL too big and gets filtered some how?

And one other thing - you said these sites disappear, but I didin't
understood where from are you testing? From the home gateway or from
the NATed boxes behind it?
From both sites..

Could you add SNAT rule for non-existant box (IP that is not present
on your network, like 192.168.0.200) and see if these sites work.

And one other thing - /16 ? Do you really have such big network? :)
No, but I have a lot of dumbass users who love to set static ips to ones that servers use :)) And I doubt that this is the problem...
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux