On 17 Jan 2002, Bret Hughes wrote: > On Thu, 2002-01-17 at 14:21, Mike Burger wrote: > > I've got a weird problem. > > > > One of my systems can not connect to a remote host...while every other > > system on the network can. > > > > Now, I thought that maybe it was a matter of the IP being blocked/filtered > > at the remote end...but at the time, the system was acting as a mail > > server, and a masquerading firewall...so all connections to the remote end > > looked like they were coming from the same IP. Yet, connections directly > > from the system in question were failing (even when had run "service > > iptables stop"). > > > > So, thinking it might have to do with the firewall system, I put together > > a dedicated firewall, and put the server behind it. Now, with the > > firewall masquerading that connection, the connections appear to be coming > > from the firewall's IP. Great? No. > > > > The firewall can make connections to the remote host, and the server still > > can not. > > > > So, I'm now trying to figure out what's going on with this system. There > > are no extraneous routes on the system...just the localhost, local > > network, and default gateway. This is a RH 7.1 box, fully up2dated. > > > > Any ideas? Anyone else having a similar problem? > > Not similar probs but lots of ideas. > > Can you ping the remote box? what does traceroute show? > What service are you trying? does it have a debug/verbose mode?
Can't ping the remote host from any of my systems...they're probably filtering certain icmp packets. You'll see that all the systems I'm trying are pretty much able to traceroute. All but the server can telnet to port 25, without a problem. Traceroute shows results similar to the following from a number of systems: >From the firewall, itself, which can connect (ie, I can telnet to port 25 on the remote system): [mburger@border mburger]$ ping mail.menanet.net PING mnmail.menanet.net (163.121.42.5) from 216.140.122.67 : 56(84) bytes of data. --- mnmail.menanet.net ping statistics --- 2 packets transmitted, 0 packets received, 100% packet loss [mburger@border mburger]$ traceroute mail.menanet.net bash: traceroute: command not found [mburger@border mburger]$ /usr/sbin/traceroute mail.menanet.net traceroute to mnmail.menanet.net (163.121.42.5), 30 hops max, 38 byte packets 1 CompuComIS-NANC.CompuComIS.net (216.140.122.65) 5.977 ms 2.447 ms 2.722 ms 2 CompuComIS-T1.NANC.com (216.140.109.73) 4.027 ms 3.942 ms 4.157 ms 3 Border-1.router.NANC.com (216.140.108.1) 13.878 ms 16.269 ms 7.852 ms 4 a1-1-0-80.e1.nwrk.broadwing.net (216.140.64.173) 27.707 ms 39.427 ms 75.330 ms 5 P4-2.a0.nwrk.broadwing.net (216.140.9.25) 90.965 ms 40.152 ms 39.890 ms 6 P4-3.c0.wash.broadwing.net (216.140.9.1) 39.462 ms 51.977 ms 34.956 ms 7 p2-0.a0.nwak.broadwing.net (216.140.8.194) 24.758 ms 26.281 ms 40.147 ms 8 pos4-5.core1.NewYork1.Level3.net (63.211.54.85) 44.145 ms 38.063 ms 36.743 ms 9 gige6-2.ipcolo1.NewYork1.Level3.net (64.159.17.131) 44.767 ms 24.107 ms 45.832 ms 10 unknown.Level3.net (63.208.175.30) 41.051 ms 37.913 ms 48.209 ms 11 62.216.142.10 (62.216.142.10) 60.171 ms 73.851 ms 38.297 ms 12 62.216.144.78 (62.216.144.78) 280.358 ms 400.296 ms 432.304 ms 13 alz-gtw-atm500.nile-online.net (62.140.103.132) 200.409 ms 212.829 ms 229.065 ms 14 62.140.104.5 (62.140.104.5) 364.231 ms 297.209 ms 241.806 ms 15 62.12.105.249 (62.12.105.249) 279.307 ms 224.323 ms 267.554 ms 16 menanet21729135145.menanet.net (217.29.135.145) 248.279 ms menanet21729135141.menanet.net (217.29.135.141) 227.809 ms menanet21729135153.menanet.net (217.29.135.153) 239.553 ms 17 mnmail.menanet.net (163.121.42.5) 198.885 ms * 196.146 ms >From the system that can't connect (telnet to port 25 times out): [mburger@burgers mburger]$ traceroute mail.menanet.net traceroute to mnmail.menanet.net (163.121.42.5), 30 hops max, 38 byte packets 1 border (192.168.0.9) 0.724 ms 0.539 ms 0.500 ms 2 CompuComIS-NANC.CompuComIS.net (216.140.122.65) 3.119 ms 2.603 ms 2.607 ms 3 CompuComIS-T1.NANC.com (216.140.109.73) 4.573 ms 4.388 ms 4.678 ms 4 Border-1.router.NANC.com (216.140.108.1) 15.671 ms 9.355 ms 6.654 ms 5 a1-1-0-80.e1.nwrk.broadwing.net (216.140.64.173) 24.604 ms 19.320 ms 12.313 ms 6 P4-2.a0.nwrk.broadwing.net (216.140.9.25) 12.046 ms 16.194 ms 18.328 ms 7 P4-3.c0.wash.broadwing.net (216.140.9.1) 19.604 ms 33.795 ms 21.041 ms 8 p2-0.a0.nwak.broadwing.net (216.140.8.194) 37.652 ms 32.155 ms 30.586 ms 9 pos4-5.core1.NewYork1.Level3.net (63.211.54.85) 24.773 ms 41.684 ms 32.556 ms 10 gige6-2.ipcolo1.NewYork1.Level3.net (64.159.17.131) 34.799 ms 30.703 ms 30.708 ms 11 unknown.Level3.net (63.208.175.30) 45.909 ms 36.957 ms 28.831 ms 12 62.216.142.10 (62.216.142.10) 25.204 ms 26.687 ms 26.836 ms 13 62.216.144.78 (62.216.144.78) 171.251 ms 178.052 ms 170.840 ms 14 alz-gtw-atm500.nile-online.net (62.140.103.132) 179.461 ms 180.357 ms 179.245 ms 15 62.140.104.5 (62.140.104.5) 211.266 ms 208.365 ms 195.965 ms 16 62.12.105.249 (62.12.105.249) 211.414 ms 185.864 ms 190.739 ms 17 menanet21729135157.menanet.net (217.29.135.157) 234.564 ms menanet21729135153.menanet.net (217.29.135.153) 187.469 ms menanet21729135141.menanet.net (217.29.135.141) 178.480 ms 18 mnmail.menanet.net (163.121.42.5) 202.862 ms * 179.303 ms >From another machine, the trace stops on hop 17, but that machine can connect to port 25 on the remote host. >From my laptop, which can also connect to the remote host in question: [mburger@batlaptop mburger]$ traceroute mail.menanet.net traceroute to mnmail.menanet.net (163.121.42.5), 30 hops max, 38 byte packets 1 border (192.168.0.9) 6.377 ms 0.622 ms 0.492 ms 2 CompuComIS-NANC.CompuComIS.net (216.140.122.65) 2.581 ms 2.946 ms 2.436 ms 3 CompuComIS-T1.NANC.com (216.140.109.73) 4.342 ms 4.246 ms 4.181 ms 4 Border-1.router.NANC.com (216.140.108.1) 6.400 ms 6.260 ms 6.512 ms 5 a1-1-0-80.e1.nwrk.broadwing.net (216.140.64.173) 11.794 ms 22.359 ms 11.978 ms 6 P4-2.a0.nwrk.broadwing.net (216.140.9.25) 11.758 ms 11.655 ms 21.610 ms 7 P4-3.c0.wash.broadwing.net (216.140.9.1) 18.881 ms 19.016 ms 18.814 ms 8 p2-0.a0.nwak.broadwing.net (216.140.8.194) 39.401 ms 23.866 ms 46.830 ms 9 pos4-5.core1.NewYork1.Level3.net (63.211.54.85) 24.895 ms 24.386 ms 28.652 ms 10 gige6-2.ipcolo1.NewYork1.Level3.net (64.159.17.131) 24.466 ms 24.772 ms 48.973 ms 11 unknown.Level3.net (63.208.175.30) 24.708 ms 24.591 ms 24.526 ms 12 62.216.142.10 (62.216.142.10) 24.679 ms 24.560 ms 24.481 ms 13 62.216.144.78 (62.216.144.78) 181.321 ms 182.116 ms 178.392 ms 14 alz-gtw-atm500.nile-online.net (62.140.103.132) 196.390 ms 185.171 ms 173.582 ms 15 62.140.104.5 (62.140.104.5) 175.590 ms 188.610 ms 176.896 ms 16 62.12.105.249 (62.12.105.249) 188.224 ms 183.422 ms 204.201 ms 17 menanet21729135157.menanet.net (217.29.135.157) 190.002 ms 200.879 ms 203.199 ms 18 mnmail.menanet.net (163.121.42.5) 194.610 ms * 178.306 ms _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
