Matej Kosik a écrit : >>> I am experiencing some deterministic packet drop: >>> - when I tcpreplay on "lo" some pcap (0.pcap) file, >>> that traffic does not reach listening applications > > I have discovered the following regularity: > - if source IP address in given pcap is one of "my" IP addresses, > then when I try to tcpreplay given pcap, the data is not delivered > to applications > - if I change all source IP addresses to any other non-local > IP addresses (e.g. 10.0.10.6, 10.0.10.7, ... > or if I use whatever other address from local network > except for my address), then when I tcpreplay modified pcap file, > then data is delivered to applications.
The tcpreplay FAQ (e.g. <http://tcpreplay.synfin.net/wiki/FAQ>) mentions this issue, but the explanation about layer-2 header sounds dubious, as just changing the source IP address changes the behaviour. I may be wrong, but this sounds very much to me like the "martian source" filtering which discards incoming IP packets with a source address belonging to the host. Of course this should not happen (and does not normally happen) on a loopback interface ; but my guess is that "normally" generated IP packets sent over the loopback interface may take some kind of "shortcut" in the networking stack and skip this check, whereas packets injected by tcpreplay may take the full inbound path as if they had be received on an external interface. You can enable the log_martians sysctl to check this. > iptables-save does not print anything so the list of rules might be > empty, I guess. Correct. Actually iptables is not even active (loaded), otherwise iptables-save would at least display the empty built-in chains. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/50b7bcb4.3070...@plouf.fr.eu.org
