Mimiko <vbv...@gmail.com> wrote: > I did some test today to with tcpdump. It's realy strange. First I > uninstalled vlan. Configured all again. using tcpdump I saw it was > sending packets. But at first it didn't want to work.
> I added 8021q to /etc/modules, rebooted server and as I wrote: ping > works, ftp works, but not http. Which is very very strange. If FTP works, which is a TCP-based protocol like HTTP, then HTTP should work as well. FTP, with its two connections (control and data) being a much bigger pain in the ass to a) firewall and b) masquerade, is normally the procotol which does not work in a complex setup. > The strange thing that as soon I am doing `tcpdump -i eth1 -ne`, where > eth1 is the interface to the internet and vlan configured, http starts > working. So in a start up script I've put: > timeout 1 tcpdump -i eth1 -ne You can use something like "ip link set dev $DEVICE promisc on" so toggle that, no need to run a tcpdump in the background. > Its strange that this is needed to start web to work. > I think its not wright this. Is this tipical? No, this is not typical. Something smells fishy here. Forcing a device into promiscuous to get it working in my book normally indicates a problem with the driver (or the hardware). For example I once had a problem with the via-velocity network driver and IPv6, which only started working once I put the device into promiscuous mode because the driver did not correctly configure the hardware for multicasts. What kind of network card and kernel version do you use? Please show the unmodified (!) output from ip route show ip link show ip rule show iptables -v -L Grüße, Sven. -- Sigmentation fault. Core dumped. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/ibfpo3mro...@mids.svenhartge.de
