Hi there,
I have a small problem with a single server that seems unreachable from
my machines. Strange thing is that tcpdump seems to be showing correct
replies:
$ ping 62.148.160.39
PING 62.148.160.39 (62.148.160.39): 56 data bytes
--- 62.148.160.39 ping statistics ---
3 packets transmitted, 0 packets received, 100% packet loss
While running:
# tcpdump -n host 62.148.160.39
tcpdump: listening on eth0
16:50:35.328452 62.195.73.64 > 62.148.160.39: icmp: echo request (DF)
16:50:35.556595 62.148.160.39 > 62.195.73.64: icmp: echo reply (DF)
16:50:36.329623 62.195.73.64 > 62.148.160.39: icmp: echo request (DF)
16:50:36.609144 62.148.160.39 > 62.195.73.64: icmp: echo reply (DF)
16:50:37.329535 62.195.73.64 > 62.148.160.39: icmp: echo request (DF)
16:50:37.513023 62.148.160.39 > 62.195.73.64: icmp: echo reply (DF)
9 packets received by filter
0 packets dropped by kernel
Also, when i run shorewall clear, or try from a different location, the
reply does come though... Exact same thing happens with http traffic in
stead of a ping. This is with Shorewall 1.4.8 and 1.4.10a.
I have tried putting the site in /etc/shorewall/ecn and turning off ECN
completely (echo 0 > /proc/sys/net/ipv4/tcp_ecn) and restarting shorewall.
This is probably dumb, but is there anything else i can try?
Thanks,
--
- Pieter