Re: Sometime NAT, sometimes NOT?

Wed, 13 Jun 2007 02:02:05 -0700 

Maybe try to check and possibly replace the interfaces involve as well as the 
cables and
let us know if this issue still occur.

> pfctl -x loud  && tail -f /var/log/messages
>
> ~BAS
>
> On Mon, 11 Jun 2007, Geraerts Andy wrote:
>
>>
>>>> We have an OpenBSD firewall running for a while now. Since a few days we
>>>> encounter some sort of selective natting. I try to ping a host, I get 
>>>> reply,
>>>> and 2 minutes later I try to ping the same host and I dont get replies.
>>
>>> So despite the state being created in both instances, you see a packet
>>> egress your external interface with the source address of the internal
>>> host instead of the external interface of the NAT box?
>>
>> We indeed see the state being created. The packet egresses on the external 
>> interface
>> without NAT. So the ip packet contains the source ip address of my laptop 
>> and therefor
>> further on the path gets blocked because it isn't natted. A few 
>> seconds/minutes later
>> I try again and everything works again.
>>
>> Is there a way to see why it isn't doing the NAT?
>>
>> (There are around 80 interfaces (vlan + carp) on the box.)
>>
>> Regards,
>>
>> Andy.
>>
>>
>>
>> No virus found in this outgoing message.
>> Checked by AVG Free Edition.
>> Version: 7.5.472 / Virus Database: 269.8.13/843 - Release Date: 10/06/2007 
>> 13:39
>>
>>
>> ______________________________________________________________________
>>
>> This email and any files transmitted with it are confidential and intended 
>> solely for
>> the use of the individual or entity to whom they are addressed.
>> If you have received this email in error please notify the system manager at 
>> :
>> [EMAIL PROTECTED] or call +32-(0)11-240234.
>> This footnote also confirms that this email message has been swept by Sophos 
>> for the
>> presence of computer viruses.
>> ______________________________________________________________________
>>
>>
>
> l8*
>       -lava (Brian A. Seklecki - Pittsburgh, PA, USA)
>              http://www.spiritual-machines.org/
>
>      "Guilty? Yeah. But he knows it. I mean, you're guilty.
>      You just don't know it. So who's really in jail?"
>      ~Maynard James Keenan

Reply via email to