Urgent 4.9 networking problems

Bill Moran wmoran at potentialtech.com
Thu Jun 24 14:22:15 PDT 2004 

"Dave Raven" <dave at raven.za.net> wrote:
> Okay thank you I've been so confused with all this that it didn't even occur
> to me - its now responding as expected - but I still have my original TCP
> problem.. It takes EXTREMELY long to send the first SYN, once its done that
> the entire session is perfect...
> 
> Anyone at all? Any suggestions on further tests?

Are you sure all your problems aren't caused by DNS delays?

Most TCP servers will do a reverse lookup on the client attempting to
connect, so they have a friendly name to put in their log.  If there
is no DNS configured for that machine, they'll wait for a fixed timeout
before giving up and just logging the IP addy.

Try creating PTR records for all these machines and see if that fixes
it.  Or, just create a zone file for those IPs with no records ... at
least that will result in an immediate negative response from the DNS
server, which should avoid the delay.

> 
> Thanks again
> Dave
> 
> -----Original Message-----
> From: Gordon Freeman [mailto:freebsdjunkie at gmail.com] 
> Sent: 24 June 2004 11:09 PM
> To: Dave Raven
> Subject: Re: Urgent 4.9 networking problems
> 
> 
> try ping -nR -c1 x.y.186.254
> 
> If you don't get the same "lag" then it is your DNS lookup that is
> causing the problem.
> 
> On Thu, 24 Jun 2004 22:54:10 +0200, Dave Raven <dave at raven.za.net> wrote:
> > 
> > Hi all,
> >         I really need some urgent help with this I'm completely confused.
> I
> > have a FreeBSD 4.9 machine running ipfilter ipnat vrrp and a few other
> > services, today is the first time I tried to access through the specific
> > method but now every interface and every local address I try has the same
> > problem. I can ping anything - but any other kind of traffic waits for
> about
> > 2 minutes before transmitting - this is true with tcp and udp. I'm trying
> to
> > access machines on the same network - and if I ping -R you can see the
> same
> > effect - pasted below. I've also included the interface that I'm trying to
> > do this on although it seems to be happening on all my other interfaces..
> > I try to telnet to a cisco router that's on a switch I'm plugged in and I
> > see the same behaviour - it just waits then suddenly responds very
> quickly.
> > My IpFilter rules don't log anything until it responds at which time they
> > pass it - and tethereal + tcpdump also see if perfectly AFTER the long
> > delay.
> > 
> > It appears that its sitting on the kernel for 2 minutes??? It just does
> > NOTHING then all of a sudden responds. The only thing I can find that
> works
> > is icmp - and perfectly. I'm sorry for the urgency but its very high
> > priority
> > 
> > Thanks in advance
> > Dave
> > 
> > # ifconfig fxp1
> > fxp1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> >         inet x.y.186.3 netmask 0xffffff00 broadcast x.y.186.255
> >         inet x.y.186.1 netmask 0xffffffff broadcast x.y.186.1
> >         inet x.y.186.15 netmask 0xffffffff broadcast x.y.186.15
> >         inet x.y.186.14 netmask 0xffffffff broadcast x.y.186.14
> >         inet x.y.186.142 netmask 0xffffffff broadcast x.y.186.142
> >         inet x.y.186.33 netmask 0xffffffff broadcast x.y.186.33
> >         inet x.y.186.124 netmask 0xffffffff broadcast x.y.186.124
> >         inet x.y.186.250 netmask 0xffffffff broadcast x.y.186.250
> >         inet x.y.186.122 netmask 0xffffffff broadcast x.y.186.122
> >         inet x.y.186.25 netmask 0xffffffff broadcast x.y.186.25
> >         inet x.y.186.127 netmask 0xffffffff broadcast x.y.186.127
> > 
> > # date ; ping -R -c1 x.y.186.253 ; date
> > Thu Jun 24 22:43:13 SAST 2004
> > PING x.y.186.253 (152.110.186.253): 56 data bytes
> > 64 bytes from x.y.186.253: icmp_seq=0 ttl=255 time=0.414 ms
> > RR:     x.y.186.253
> >         x.y.186.253
> >         x.y.186.3
> > 
> > --- x.y.186.253 ping statistics ---
> > 1 packets transmitted, 1 packets received, 0% packet loss
> > round-trip min/avg/max/stddev = 0.414/0.414/0.414/0.000 ms
> > Thu Jun 24 22:46:58 SAST 2004
> > 
> > _______________________________________________
> > freebsd-questions at freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
> >
> 
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"


-- 
Bill Moran
Potential Technologies
http://www.potentialtech.com

More information about the freebsd-questions mailing list