LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 09-19-2009, 12:25 AM   #1
jukes
LQ Newbie
 
Registered: Sep 2009
Posts: 1

Rep: Reputation: 0
Help Debugging NATed box read time outs with tcpdump


Hi People

I have a box that connects to internet through a gateway. From recent days I started to have random read timeouts when sending requests to a specific host. Those are HTTPS requests done through java code running on this private machine. It seems that my box connects correctly but reads fail after several retries with Read Time Out error.

This happens in a somewhat random way because sometimes i have several successful requests but then a new one will fail.

My machine is 192.168.25.4 and requests are made to host 'clubworld.com'. My gateway is a Linux machine with IPTABLES masquerade.

These are outputs of tcpdump for both successful and failed requests, hope you guys can help me with a clue of what is happening here based on the outputs.

Thanks for your help.


FAILED
----------
[root@frontend1:~]# tcpdump 'host clubworld.com'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes
04:31:35.840805 IP 192.168.25.4.35299 > clubworld.com.https: S 330065403:330065403(0) win 5840 <mss 1460,sackOK,timestamp 1178820306 0,nop,wscale 7>
04:31:35.842071 IP clubworld.com.https > 192.168.25.4.35299: S 2620296529:2620296529(0) ack 330065404 win 16384 <mss 1460,nop,wscale 0,nop,nop,timestamp 0 0,nop,nop,sackOK>
04:31:35.842107 IP 192.168.25.4.35299 > clubworld.com.https: . ack 1 win 46 <nop,nop,timestamp 1178820308 0>

04:31:35.918815 IP 192.168.25.4.35299 > clubworld.com.https: P 1:101(100) ack 1 win 46 <nop,nop,timestamp 1178820384 0>
04:31:36.120433 IP 192.168.25.4.35299 > clubworld.com.https: P 1:101(100) ack 1 win 46 <nop,nop,timestamp 1178820586 0>
04:31:36.524280 IP 192.168.25.4.35299 > clubworld.com.https: P 1:101(100) ack 1 win 46 <nop,nop,timestamp 1178820990 0>
04:31:37.331977 IP 192.168.25.4.35299 > clubworld.com.https: P 1:101(100) ack 1 win 46 <nop,nop,timestamp 1178821798 0>
04:31:38.947376 IP 192.168.25.4.35299 > clubworld.com.https: P 1:101(100) ack 1 win 46 <nop,nop,timestamp 1178823414 0>
04:31:42.178158 IP 192.168.25.4.35299 > clubworld.com.https: P 1:101(100) ack 1 win 46 <nop,nop,timestamp 1178826646 0>
04:31:48.640724 IP 192.168.25.4.35299 > clubworld.com.https: P 1:101(100) ack 1 win 46 <nop,nop,timestamp 1178833110 0>
04:32:01.563861 IP 192.168.25.4.35299 > clubworld.com.https: P 1:101(100) ack 1 win 46 <nop,nop,timestamp 1178846038 0>
04:32:27.412131 IP 192.168.25.4.35299 > clubworld.com.https: P 1:101(100) ack 1 win 46 <nop,nop,timestamp 1178871894 0>
04:32:35.902220 IP 192.168.25.4.35299 > clubworld.com.https: FP 101:108(7) ack 1 win 46 <nop,nop,timestamp 1178880387 0>


SUCCESS
-----------
[root@frontend1:~]# tcpdump 'host clubworld.com'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes
04:18:27.011470 IP 192.168.25.4.44771 > clubworld.com.https: S 3784488812:3784488812(0) win 5840 <mss 1460,sackOK,timestamp 1178031239 0,nop,wscale 7>
04:18:27.013940 IP clubworld.com.https > 192.168.25.4.44771: S 3260039476:3260039476(0) ack 3784488813 win 16384 <mss 1460,nop,wscale 0,nop,nop,timestamp 0 0,nop,nop,sackOK>
04:18:27.013972 IP 192.168.25.4.44771 > clubworld.com.https: . ack 1 win 46 <nop,nop,timestamp 1178031242 0>

04:18:27.091889 IP 192.168.25.4.44771 > clubworld.com.https: P 1:101(100) ack 1 win 46 <nop,nop,timestamp 1178031320 0>
04:18:27.094852 IP clubworld.com.https > 192.168.25.4.44771: . 1:1449(1448) ack 101 win 65435 <nop,nop,timestamp 87109346 1178031320>
04:18:27.094867 IP 192.168.25.4.44771 > clubworld.com.https: . ack 1449 win 69 <nop,nop,timestamp 1178031323 87109346>
04:18:27.094871 IP clubworld.com.https > 192.168.25.4.44771: P 1449:1498(49) ack 101 win 65435 <nop,nop,timestamp 87109346 1178031320>
04:18:27.094877 IP 192.168.25.4.44771 > clubworld.com.https: . ack 1498 win 69 <nop,nop,timestamp 1178031323 87109346>
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: SSH Tunnels: Using a service from a nated (twice) box LXer Syndicated Linux News 0 06-08-2009 01:30 PM
VNC, time-outs, and ports? bezdomny Linux - Software 2 05-01-2007 06:24 AM
Using tcpdump to find out the TTL of a packet going outside my box Menestrel Linux - Networking 4 01-20-2006 11:03 AM
Slow Internet-Constant time outs in SuSe WebX Linux - Distributions 2 06-19-2004 05:37 PM
Debugging and run time error checking tools for C/C++ on Linux Laury Yang Programming 1 07-24-2001 05:10 PM


All times are GMT -5. The time now is 05:20 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration