Ricardo Kleemann
2003-Oct-29 09:53 UTC
[Shorewall-users] Please help with diagnosing packet loss problem
Hi all,
I''m trying to diagnose a packet loss problem, and I don''t
know if it is related to shorewall or to something else.
I have an LRP box running shorewall and linux 2.4.20. If I
ping the shorewall box from my internal network, I get
varying degrees of packet loss. If I run ping to eth0 of the
local machine, then I get 0% packet loss as expected.
I ran pings with different packet sizes, results to the
shorewall (LRP) box:
# ping 192.168.1.254 -q -c 100 -s 1024
PING 192.168.1.254 (192.168.1.254) 1024(1052) bytes of data.
--- 192.168.1.254 ping statistics ---
100 packets transmitted, 90 received, 10% packet loss, time
99880ms
rtt min/avg/max/mdev = 1.173/1.846/38.505/4.033 ms
# ping 192.168.1.254 -q -c 100
PING 192.168.1.254 (192.168.1.254) 56(84) bytes of data.
--- 192.168.1.254 ping statistics ---
100 packets transmitted, 93 received, 7% packet loss, time
99348ms
rtt min/avg/max/mdev = 0.714/0.906/2.430/0.313 ms
# ping 192.168.1.254 -q -c 100 -s 2048
PING 192.168.1.254 (192.168.1.254) 2048(2076) bytes of data.
--- 192.168.1.254 ping statistics ---
100 packets transmitted, 98 received, 2% packet loss, time
99970ms
rtt min/avg/max/mdev = 1.874/2.581/39.165/3.825 ms
I get similar results from outside:
# ping fw.americasnet.com -q -c 100 -s 1024
PING fw.americasnet.com (38.118.152.244) from 65.86.234.142
: 1024(1052) bytes of data.
--- fw.americasnet.com ping statistics ---
100 packets transmitted, 95 packets received, 5% packet loss
round-trip min/avg/max/mdev = 66.639/71.337/101.640/6.060 ms
However, internally, from host<->host without going through
the shorewall box, everything seems fine:
# ping 192.168.1.202 -q -c 100 -s 1024
PING 192.168.1.202 (192.168.1.202) 1024(1052) bytes of data.
--- 192.168.1.202 ping statistics ---
100 packets transmitted, 100 received, 0% packet loss, time
99127ms
rtt min/avg/max/mdev = 0.498/0.564/0.746/0.073 ms
So the only conclusion I can gather at this moment is that
either the LRP networking is faulty or something with
shorewall may be causing the packet loss. The shorewall box
is idle (load avg 0.00), and its networking stats are below;
I see some errors but those were already there prior to
getting the packet loss figures for the pings, and did not
increase, and I don''t see any dropped packets.
Can someone give me some pointers as to how diagnose this
problem?
# ip -s link
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
RX: bytes packets errors dropped overrun mcast
174666 1739 0 0 0 0
TX: bytes packets errors dropped carrier collsns
174666 1739 0 0 0 0
2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
0 0 0 0 0 0
TX: bytes packets errors dropped carrier collsns
0 0 0 0 0 0
3: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast
qlen 100
link/ether 00:00:24:c0:01:08 brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
336561333 712842546 0 0 0 0
TX: bytes packets errors dropped carrier collsns
2427405911 724871042 10 0 0 0
4: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast
qlen 100
link/ether 00:00:24:c0:01:09 brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
2535272305 710958565 0 0 0 0
TX: bytes packets errors dropped carrier collsns
4275276070 600664867 12 0 0 0
5: eth2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop qlen 100
link/ether 00:00:24:c0:01:0a brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
0 0 0 0 0 0
TX: bytes packets errors dropped carrier collsns
0 0 0 0 0 0
Tom Eastep
2003-Oct-29 10:16 UTC
[Shorewall-users] Please help with diagnosing packet loss problem
On Wed, 2003-10-29 at 09:53, Ricardo Kleemann wrote:> Hi all, > > I''m trying to diagnose a packet loss problem, and I don''t > know if it is related to shorewall or to something else.a) "shorewall clear" b) Repeat your test. If you still get packet loss, then the problem has nothing to do with Shorewall. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net