[tcpdump-workers] using tcpdump
Hello all users I am using scientific linux 6.3 which kernel 2.6.32-279.5.1.el6.x86_64. The chassis, say 'A', has 3 network interfaces. Eth1 has valid IP and is connected to internet and eth2 has invalid IP and is connected to another local switch. Problem is that the internet is randomly disconnected on eth1 so the computer is unreachable through ping command. At the same time, there is another chassis, say 'B', which has also the same configuration. I mean one interface of 'B' is connected to the internet (same internet witch as 'A') and one interface to local switch (same local switch as 'A'). However 'B' uses Ubuntu 12.04. The internet connection is steady and that means while 'A' is unreachable, 'B' can be pinged. The situation is very very random, so I tried to use "tcpdump -vvv -i eth1" to see if I can find any useful information about connect/disconnect messages. Can tcpdump help me with this problem? Any feedback is appreciated. Regards, Mahmood ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Re: [tcpdump-workers] using tcpdump
>I would suspect that you have a duplicate IP address on your internet side In case of ip conflict, is there any special message/packet which can be extracted from tcpdump? Regards, Mahmood From: Michael Richardson To: Mahmood Naderan Cc: "tcpdump-workers@lists.tcpdump.org" Sent: Thursday, May 16, 2013 6:26 PM Subject: Re: [tcpdump-workers] using tcpdump >>>>> "Mahmood" == Mahmood Naderan writes: Mahmood> I am using scientific linux 6.3 which kernel Mahmood> 2.6.32-279.5.1.el6.x86_64. The chassis, say 'A', has 3 Mahmood> network interfaces. Eth1 has valid IP and is connected to Mahmood> internet and eth2 has invalid IP and is connected to Mahmood> another local switch. Mahmood> Problem is that the internet is randomly disconnected on Mahmood> eth1 so the computer is unreachable through ping Mahmood> command. At the same time, there is another chassis, say Mahmood> 'B', which has also the same configuration. I mean one Mahmood> interface of 'B' is connected to the internet (same Mahmood> internet witch as 'A') and one interface to local switch Mahmood> (same local switch as 'A'). However 'B' uses Ubuntu 12.04. .. Mahmood> The situation is very very random, so I tried to use Mahmood> "tcpdump -vvv -i eth1" to see if I can find any useful Mahmood> information about connect/disconnect messages. Mahmood> Can tcpdump help me with this problem? Any feedback is appreciated. I think not if you are not very experienced using it. I would suspect that you have a duplicate IP address on your internet side. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | network architect [ ] m...@sandelman.ca http://www.sandelman.ca/ | ruby on rails [ ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Re: [tcpdump-workers] using tcpdump
Problem is, syslog (and kernel in general) doesn't record such things *at all* Regards, Mahmood From: Mark W. Jeanmougin To: Mahmood Naderan Cc: "tcpdump-workers@lists.tcpdump.org" Sent: Sunday, May 19, 2013 1:09 AM Subject: Re: [tcpdump-workers] using tcpdump For an issue like this, I would look at syslog before I'd check tcpdump. Is anything there when the box looses the network connection? MJ On May 16, 2013 9:16 AM, "Mahmood Naderan" wrote: Hello all users >I am using scientific linux 6.3 which kernel 2.6.32-279.5.1.el6.x86_64. The >chassis, say 'A', has 3 network interfaces. Eth1 has valid IP and is connected >to internet and eth2 has invalid IP and is connected to another local switch. > >Problem is that the internet is randomly disconnected on eth1 so the computer >is unreachable through ping command. At the same time, there is another >chassis, say 'B', which has also the same configuration. I mean one interface >of 'B' is connected to the internet (same internet witch as 'A') and one >interface to local switch (same local switch as 'A'). However 'B' uses Ubuntu >12.04. > >The internet connection is steady and that means while 'A' is unreachable, 'B' >can be pinged. > >The situation is very very random, so I tried to use "tcpdump -vvv -i eth1" to >see if I can find any useful information about connect/disconnect messages. > >Can tcpdump help me with this problem? Any feedback is appreciated. > > >Regards, >Mahmood >___ >tcpdump-workers mailing list >tcpdump-workers@lists.tcpdump.org >https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers > ___ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
