|
Traceroute detects drop-offs every 6th packet
My LAN is made up of assorted Linux boxes and a Windows XP box.
When I ping -c1000 from any of my Linux boxes to another Linux box or a Windows machine, all packets are returned properly. When I repeatedly traceroute -n -qX, where X > 6, from my Linux boxes to my Windows XP box, I get the normal, expected output without any losses. However, when I traceroute -n -qX, with X > 6 from a Linux box to another Linux box, then every 6th packet gets dropped. All firewalls that could be affecting the results have been flushed and all default policies set to ACCEPT. My Linux boxes are running a variety of Linux distributions: Ubuntu 6.06, Redhat 9, and CentOS 4, and all use the distribution's current kernel. Network cards have been replaced as well as cables and routers, but no changes in traceroute's behavior was noticed. Question: It appears that there is something in the Linux kernel that is the cause for the drop-offs. Please explain why this is hapenning. TIA... |
It appears that there is something in the Linux kernel that is the cause for the drop-offs.
Interesting. What kernel major+minor versions kind of similar? Does a (much) lower minor kernel show similar behaviour? Does a 2.4 kernel show similar behaviour? Any non default IP related sysctl values set? Does checking traffic with tcpdump confirm? Does running "traceroute -I" show similar behaviour? Does running tcptraceroute show similar behaviour? |
tcpdump give the most interesting output: it appears that UDP ports 33XX are being blocked. But first, to answer your questions in order...
Linux Kernels: RedHat 9: 2.4.20-46.9.legacy Ubuntu 6.06: 2.6.15-27-386 CentOS 4: 2.6.17.11 sysctl has not been tampered with (by me, but by RedHat?). Here is output from sysctl -A | egrep "^net" from the sending Linux box (CentOS 4): net.unix.max_dgram_qlen = 10 net.ipv4.ip_conntrack_max = 16384 net.ipv4.netfilter.ip_conntrack_tcp_max_retrans = 3 net.ipv4.netfilter.ip_conntrack_tcp_be_liberal = 0 net.ipv4.netfilter.ip_conntrack_tcp_loose = 3 net.ipv4.netfilter.ip_conntrack_tcp_timeout_max_retrans = 300 net.ipv4.netfilter.ip_conntrack_log_invalid = 0 net.ipv4.netfilter.ip_conntrack_generic_timeout = 600 net.ipv4.netfilter.ip_conntrack_icmp_timeout = 30 net.ipv4.netfilter.ip_conntrack_udp_timeout_stream = 180 net.ipv4.netfilter.ip_conntrack_udp_timeout = 30 net.ipv4.netfilter.ip_conntrack_tcp_timeout_close = 10 net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait = 120 net.ipv4.netfilter.ip_conntrack_tcp_timeout_last_ack = 30 net.ipv4.netfilter.ip_conntrack_tcp_timeout_close_wait = 60 net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait = 120 net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 432000 net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_recv = 60 net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_sent = 120 net.ipv4.netfilter.ip_conntrack_buckets = 7935 net.ipv4.netfilter.ip_conntrack_count = 39 net.ipv4.netfilter.ip_conntrack_max = 16384 net.ipv4.conf.eth1.promote_secondaries = 0 net.ipv4.conf.eth1.force_igmp_version = 0 net.ipv4.conf.eth1.disable_policy = 0 net.ipv4.conf.eth1.disable_xfrm = 0 net.ipv4.conf.eth1.arp_accept = 0 net.ipv4.conf.eth1.arp_ignore = 0 net.ipv4.conf.eth1.arp_announce = 0 net.ipv4.conf.eth1.arp_filter = 0 net.ipv4.conf.eth1.tag = 0 net.ipv4.conf.eth1.log_martians = 0 net.ipv4.conf.eth1.bootp_relay = 0 net.ipv4.conf.eth1.medium_id = 0 net.ipv4.conf.eth1.proxy_arp = 0 net.ipv4.conf.eth1.accept_source_route = 0 net.ipv4.conf.eth1.send_redirects = 1 net.ipv4.conf.eth1.rp_filter = 1 net.ipv4.conf.eth1.shared_media = 1 net.ipv4.conf.eth1.secure_redirects = 1 net.ipv4.conf.eth1.accept_redirects = 1 net.ipv4.conf.eth1.mc_forwarding = 0 net.ipv4.conf.eth1.forwarding = 0 net.ipv4.conf.lo.promote_secondaries = 0 net.ipv4.conf.lo.force_igmp_version = 0 net.ipv4.conf.lo.disable_policy = 1 net.ipv4.conf.lo.disable_xfrm = 1 net.ipv4.conf.lo.arp_accept = 0 net.ipv4.conf.lo.arp_ignore = 0 net.ipv4.conf.lo.arp_announce = 0 net.ipv4.conf.lo.arp_filter = 0 net.ipv4.conf.lo.tag = 0 net.ipv4.conf.lo.log_martians = 0 net.ipv4.conf.lo.bootp_relay = 0 net.ipv4.conf.lo.medium_id = 0 net.ipv4.conf.lo.proxy_arp = 0 net.ipv4.conf.lo.accept_source_route = 0 net.ipv4.conf.lo.send_redirects = 1 net.ipv4.conf.lo.rp_filter = 1 net.ipv4.conf.lo.shared_media = 1 net.ipv4.conf.lo.secure_redirects = 1 net.ipv4.conf.lo.accept_redirects = 1 net.ipv4.conf.lo.mc_forwarding = 0 net.ipv4.conf.lo.forwarding = 0 net.ipv4.conf.default.promote_secondaries = 0 net.ipv4.conf.default.force_igmp_version = 0 net.ipv4.conf.default.disable_policy = 0 net.ipv4.conf.default.disable_xfrm = 0 net.ipv4.conf.default.arp_accept = 0 net.ipv4.conf.default.arp_ignore = 0 net.ipv4.conf.default.arp_announce = 0 net.ipv4.conf.default.arp_filter = 0 net.ipv4.conf.default.tag = 0 net.ipv4.conf.default.log_martians = 0 net.ipv4.conf.default.bootp_relay = 0 net.ipv4.conf.default.medium_id = 0 net.ipv4.conf.default.proxy_arp = 0 net.ipv4.conf.default.accept_source_route = 0 net.ipv4.conf.default.send_redirects = 1 net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.default.shared_media = 1 net.ipv4.conf.default.secure_redirects = 1 net.ipv4.conf.default.accept_redirects = 1 net.ipv4.conf.default.mc_forwarding = 0 net.ipv4.conf.default.forwarding = 0 net.ipv4.conf.all.promote_secondaries = 0 net.ipv4.conf.all.force_igmp_version = 0 net.ipv4.conf.all.disable_policy = 0 net.ipv4.conf.all.disable_xfrm = 0 net.ipv4.conf.all.arp_accept = 0 net.ipv4.conf.all.arp_ignore = 0 net.ipv4.conf.all.arp_announce = 0 net.ipv4.conf.all.arp_filter = 0 net.ipv4.conf.all.tag = 0 net.ipv4.conf.all.log_martians = 0 net.ipv4.conf.all.bootp_relay = 0 net.ipv4.conf.all.medium_id = 0 net.ipv4.conf.all.proxy_arp = 0 net.ipv4.conf.all.accept_source_route = 0 net.ipv4.conf.all.send_redirects = 1 net.ipv4.conf.all.rp_filter = 1 net.ipv4.conf.all.shared_media = 1 net.ipv4.conf.all.secure_redirects = 1 net.ipv4.conf.all.accept_redirects = 1 net.ipv4.conf.all.mc_forwarding = 0 net.ipv4.conf.all.forwarding = 0 net.ipv4.neigh.eth1.base_reachable_time_ms = 30000 net.ipv4.neigh.eth1.retrans_time_ms = 1000 net.ipv4.neigh.eth1.locktime = 100 net.ipv4.neigh.eth1.proxy_delay = 80 net.ipv4.neigh.eth1.anycast_delay = 100 net.ipv4.neigh.eth1.proxy_qlen = 64 net.ipv4.neigh.eth1.unres_qlen = 3 net.ipv4.neigh.eth1.gc_stale_time = 60 net.ipv4.neigh.eth1.delay_first_probe_time = 5 net.ipv4.neigh.eth1.base_reachable_time = 30 net.ipv4.neigh.eth1.retrans_time = 100 net.ipv4.neigh.eth1.app_solicit = 0 net.ipv4.neigh.eth1.ucast_solicit = 3 net.ipv4.neigh.eth1.mcast_solicit = 3 net.ipv4.neigh.lo.base_reachable_time_ms = 30000 net.ipv4.neigh.lo.retrans_time_ms = 1000 net.ipv4.neigh.lo.locktime = 100 net.ipv4.neigh.lo.proxy_delay = 80 net.ipv4.neigh.lo.anycast_delay = 100 net.ipv4.neigh.lo.proxy_qlen = 64 net.ipv4.neigh.lo.unres_qlen = 3 net.ipv4.neigh.lo.gc_stale_time = 60 net.ipv4.neigh.lo.delay_first_probe_time = 5 net.ipv4.neigh.lo.base_reachable_time = 30 net.ipv4.neigh.lo.retrans_time = 100 net.ipv4.neigh.lo.app_solicit = 0 net.ipv4.neigh.lo.ucast_solicit = 3 net.ipv4.neigh.lo.mcast_solicit = 3 net.ipv4.neigh.default.base_reachable_time_ms = 30000 net.ipv4.neigh.default.retrans_time_ms = 1000 net.ipv4.neigh.default.gc_thresh3 = 1024 net.ipv4.neigh.default.gc_thresh2 = 512 net.ipv4.neigh.default.gc_thresh1 = 128 net.ipv4.neigh.default.gc_interval = 30 net.ipv4.neigh.default.locktime = 100 net.ipv4.neigh.default.proxy_delay = 80 net.ipv4.neigh.default.anycast_delay = 100 net.ipv4.neigh.default.proxy_qlen = 64 net.ipv4.neigh.default.unres_qlen = 3 net.ipv4.neigh.default.gc_stale_time = 60 net.ipv4.neigh.default.delay_first_probe_time = 5 net.ipv4.neigh.default.base_reachable_time = 30 net.ipv4.neigh.default.retrans_time = 100 net.ipv4.neigh.default.app_solicit = 0 net.ipv4.neigh.default.ucast_solicit = 3 net.ipv4.neigh.default.mcast_solicit = 3 net.ipv4.tcp_workaround_signed_windows = 0 net.ipv4.tcp_base_mss = 512 net.ipv4.tcp_mtu_probing = 0 net.ipv4.tcp_abc = 1 net.ipv4.tcp_congestion_control = bic net.ipv4.tcp_tso_win_divisor = 3 net.ipv4.tcp_moderate_rcvbuf = 1 net.ipv4.tcp_no_metrics_save = 0 net.ipv4.ipfrag_max_dist = 64 net.ipv4.ipfrag_secret_interval = 600 net.ipv4.tcp_low_latency = 0 net.ipv4.tcp_frto = 0 net.ipv4.tcp_tw_reuse = 0 net.ipv4.icmp_ratemask = 6168 net.ipv4.icmp_ratelimit = 250 net.ipv4.tcp_adv_win_scale = 2 net.ipv4.tcp_app_win = 31 net.ipv4.tcp_rmem = 4096 87380 4194304 net.ipv4.tcp_wmem = 4096 16384 4194304 net.ipv4.tcp_mem = 393216 524288 786432 net.ipv4.tcp_dsack = 1 net.ipv4.tcp_ecn = 0 net.ipv4.tcp_reordering = 5 net.ipv4.tcp_fack = 1 net.ipv4.tcp_orphan_retries = 0 net.ipv4.inet_peer_gc_maxtime = 120 net.ipv4.inet_peer_gc_mintime = 10 net.ipv4.inet_peer_maxttl = 600 net.ipv4.inet_peer_minttl = 120 net.ipv4.inet_peer_threshold = 65664 net.ipv4.igmp_max_msf = 10 net.ipv4.igmp_max_memberships = 1 net.ipv4.route.secret_interval = 600 net.ipv4.route.min_adv_mss = 256 net.ipv4.route.min_pmtu = 552 net.ipv4.route.mtu_expires = 600 net.ipv4.route.gc_elasticity = 8 net.ipv4.route.error_burst = 1250 net.ipv4.route.error_cost = 250 net.ipv4.route.redirect_silence = 5120 net.ipv4.route.redirect_number = 9 net.ipv4.route.redirect_load = 5 net.ipv4.route.gc_interval = 60 net.ipv4.route.gc_timeout = 300 net.ipv4.route.gc_min_interval_ms = 500 net.ipv4.route.gc_min_interval = 0 net.ipv4.route.max_size = 524288 net.ipv4.route.gc_thresh = 32768 net.ipv4.route.max_delay = 10 net.ipv4.route.min_delay = 2 net.ipv4.icmp_errors_use_inbound_ifaddr = 0 net.ipv4.icmp_ignore_bogus_error_responses = 1 net.ipv4.icmp_echo_ignore_broadcasts = 1 net.ipv4.icmp_echo_ignore_all = 0 net.ipv4.ip_local_port_range = 32768 61000 net.ipv4.tcp_max_syn_backlog = 64 net.ipv4.tcp_rfc1337 = 0 net.ipv4.tcp_stdurg = 0 net.ipv4.tcp_abort_on_overflow = 0 net.ipv4.tcp_tw_recycle = 0 net.ipv4.tcp_fin_timeout = 30 net.ipv4.tcp_retries2 = 15 net.ipv4.tcp_retries1 = 3 net.ipv4.tcp_keepalive_intvl = 75 net.ipv4.tcp_keepalive_probes = 9 net.ipv4.tcp_keepalive_time = 1800 net.ipv4.ipfrag_time = 8 net.ipv4.ip_dynaddr = 0 net.ipv4.ipfrag_low_thresh = 196608 net.ipv4.ipfrag_high_thresh = 262144 net.ipv4.tcp_max_tw_buckets = 180000 net.ipv4.tcp_max_orphans = 131072 net.ipv4.tcp_synack_retries = 3 net.ipv4.tcp_syn_retries = 6 net.ipv4.ip_nonlocal_bind = 0 net.ipv4.ip_no_pmtu_disc = 0 net.ipv4.ip_autoconfig = 0 net.ipv4.ip_default_ttl = 64 net.ipv4.ip_forward = 0 net.ipv4.tcp_retrans_collapse = 1 net.ipv4.tcp_sack = 0 net.ipv4.tcp_window_scaling = 0 net.ipv4.tcp_timestamps = 0 net.core.netdev_budget = 300 net.core.somaxconn = 128 net.core.xfrm_aevent_rseqth = 2 net.core.xfrm_aevent_etime = 10 net.core.divert_version = 0.46 net.core.optmem_max = 10240 net.core.message_burst = 10 net.core.message_cost = 5 net.core.netdev_max_backlog = 1000 net.core.dev_weight = 64 net.core.rmem_default = 107520 net.core.wmem_default = 107520 net.core.rmem_max = 131071 net.core.wmem_max = 131071 Here is the output of sysctl -A | egrep "^net" from the recieving Linux box (Redhat 9): net.appletalk.aarp-resolve-time = 10 net.appletalk.aarp-retransmit-limit = 10 net.appletalk.aarp-tick-time = 0 net.appletalk.aarp-expiry-time = 300 net.unix.max_dgram_qlen = 10 net.token-ring.rif_timeout = 60000 net.ipv4.ip_conntrack_max = 16384 net.ipv4.conf.eth0.arp_filter = 0 net.ipv4.conf.eth0.tag = 0 net.ipv4.conf.eth0.log_martians = 0 net.ipv4.conf.eth0.bootp_relay = 0 net.ipv4.conf.eth0.medium_id = 0 net.ipv4.conf.eth0.proxy_arp = 0 net.ipv4.conf.eth0.accept_source_route = 0 net.ipv4.conf.eth0.send_redirects = 1 net.ipv4.conf.eth0.rp_filter = 1 net.ipv4.conf.eth0.shared_media = 1 net.ipv4.conf.eth0.secure_redirects = 1 net.ipv4.conf.eth0.accept_redirects = 1 net.ipv4.conf.eth0.mc_forwarding = 0 net.ipv4.conf.eth0.forwarding = 1 net.ipv4.conf.eth2.arp_filter = 0 net.ipv4.conf.eth2.tag = 0 net.ipv4.conf.eth2.log_martians = 0 net.ipv4.conf.eth2.bootp_relay = 0 net.ipv4.conf.eth2.medium_id = 0 net.ipv4.conf.eth2.proxy_arp = 0 net.ipv4.conf.eth2.accept_source_route = 0 net.ipv4.conf.eth2.send_redirects = 1 net.ipv4.conf.eth2.rp_filter = 1 net.ipv4.conf.eth2.shared_media = 1 net.ipv4.conf.eth2.secure_redirects = 1 net.ipv4.conf.eth2.accept_redirects = 1 net.ipv4.conf.eth2.mc_forwarding = 0 net.ipv4.conf.eth2.forwarding = 1 net.ipv4.conf.eth1.arp_filter = 0 net.ipv4.conf.eth1.tag = 0 net.ipv4.conf.eth1.log_martians = 0 net.ipv4.conf.eth1.bootp_relay = 0 net.ipv4.conf.eth1.medium_id = 0 net.ipv4.conf.eth1.proxy_arp = 0 net.ipv4.conf.eth1.accept_source_route = 0 net.ipv4.conf.eth1.send_redirects = 1 net.ipv4.conf.eth1.rp_filter = 1 net.ipv4.conf.eth1.shared_media = 1 net.ipv4.conf.eth1.secure_redirects = 1 net.ipv4.conf.eth1.accept_redirects = 1 net.ipv4.conf.eth1.mc_forwarding = 0 net.ipv4.conf.eth1.forwarding = 1 net.ipv4.conf.lo.arp_filter = 0 net.ipv4.conf.lo.tag = 0 net.ipv4.conf.lo.log_martians = 0 net.ipv4.conf.lo.bootp_relay = 0 net.ipv4.conf.lo.medium_id = 0 net.ipv4.conf.lo.proxy_arp = 0 net.ipv4.conf.lo.accept_source_route = 0 net.ipv4.conf.lo.send_redirects = 1 net.ipv4.conf.lo.rp_filter = 1 net.ipv4.conf.lo.shared_media = 1 net.ipv4.conf.lo.secure_redirects = 1 net.ipv4.conf.lo.accept_redirects = 1 net.ipv4.conf.lo.mc_forwarding = 0 net.ipv4.conf.lo.forwarding = 1 net.ipv4.conf.default.arp_filter = 0 net.ipv4.conf.default.tag = 0 net.ipv4.conf.default.log_martians = 0 net.ipv4.conf.default.bootp_relay = 0 net.ipv4.conf.default.medium_id = 0 net.ipv4.conf.default.proxy_arp = 0 net.ipv4.conf.default.accept_source_route = 0 net.ipv4.conf.default.send_redirects = 1 net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.default.shared_media = 1 net.ipv4.conf.default.secure_redirects = 1 net.ipv4.conf.default.accept_redirects = 1 net.ipv4.conf.default.mc_forwarding = 0 net.ipv4.conf.default.forwarding = 1 net.ipv4.conf.all.arp_filter = 0 net.ipv4.conf.all.tag = 0 net.ipv4.conf.all.log_martians = 0 net.ipv4.conf.all.bootp_relay = 0 net.ipv4.conf.all.medium_id = 0 net.ipv4.conf.all.proxy_arp = 0 net.ipv4.conf.all.accept_source_route = 0 net.ipv4.conf.all.send_redirects = 1 net.ipv4.conf.all.rp_filter = 1 net.ipv4.conf.all.shared_media = 1 net.ipv4.conf.all.secure_redirects = 1 net.ipv4.conf.all.accept_redirects = 0 net.ipv4.conf.all.mc_forwarding = 0 net.ipv4.conf.all.forwarding = 1 net.ipv4.neigh.eth0.locktime = 100 net.ipv4.neigh.eth0.proxy_delay = 80 net.ipv4.neigh.eth0.anycast_delay = 100 net.ipv4.neigh.eth0.proxy_qlen = 64 net.ipv4.neigh.eth0.unres_qlen = 3 net.ipv4.neigh.eth0.gc_stale_time = 60 net.ipv4.neigh.eth0.delay_first_probe_time = 5 net.ipv4.neigh.eth0.base_reachable_time = 30 net.ipv4.neigh.eth0.retrans_time = 100 net.ipv4.neigh.eth0.app_solicit = 0 net.ipv4.neigh.eth0.ucast_solicit = 3 net.ipv4.neigh.eth0.mcast_solicit = 3 net.ipv4.neigh.eth2.locktime = 100 net.ipv4.neigh.eth2.proxy_delay = 80 net.ipv4.neigh.eth2.anycast_delay = 100 net.ipv4.neigh.eth2.proxy_qlen = 64 net.ipv4.neigh.eth2.unres_qlen = 3 net.ipv4.neigh.eth2.gc_stale_time = 60 net.ipv4.neigh.eth2.delay_first_probe_time = 5 net.ipv4.neigh.eth2.base_reachable_time = 30 net.ipv4.neigh.eth2.retrans_time = 100 net.ipv4.neigh.eth2.app_solicit = 0 net.ipv4.neigh.eth2.ucast_solicit = 3 net.ipv4.neigh.eth2.mcast_solicit = 3 net.ipv4.neigh.eth1.locktime = 100 net.ipv4.neigh.eth1.proxy_delay = 80 net.ipv4.neigh.eth1.anycast_delay = 100 net.ipv4.neigh.eth1.proxy_qlen = 64 net.ipv4.neigh.eth1.unres_qlen = 3 net.ipv4.neigh.eth1.gc_stale_time = 60 net.ipv4.neigh.eth1.delay_first_probe_time = 5 net.ipv4.neigh.eth1.base_reachable_time = 30 net.ipv4.neigh.eth1.retrans_time = 100 net.ipv4.neigh.eth1.app_solicit = 0 net.ipv4.neigh.eth1.ucast_solicit = 3 net.ipv4.neigh.eth1.mcast_solicit = 3 net.ipv4.neigh.lo.locktime = 100 net.ipv4.neigh.lo.proxy_delay = 80 net.ipv4.neigh.lo.anycast_delay = 100 net.ipv4.neigh.lo.proxy_qlen = 64 net.ipv4.neigh.lo.unres_qlen = 3 net.ipv4.neigh.lo.gc_stale_time = 60 net.ipv4.neigh.lo.delay_first_probe_time = 5 net.ipv4.neigh.lo.base_reachable_time = 30 net.ipv4.neigh.lo.retrans_time = 100 net.ipv4.neigh.lo.app_solicit = 0 net.ipv4.neigh.lo.ucast_solicit = 3 net.ipv4.neigh.lo.mcast_solicit = 3 net.ipv4.neigh.default.gc_thresh3 = 1024 net.ipv4.neigh.default.gc_thresh2 = 512 net.ipv4.neigh.default.gc_thresh1 = 128 net.ipv4.neigh.default.gc_interval = 30 net.ipv4.neigh.default.locktime = 100 net.ipv4.neigh.default.proxy_delay = 80 net.ipv4.neigh.default.anycast_delay = 100 net.ipv4.neigh.default.proxy_qlen = 64 net.ipv4.neigh.default.unres_qlen = 3 net.ipv4.neigh.default.gc_stale_time = 60 net.ipv4.neigh.default.delay_first_probe_time = 5 net.ipv4.neigh.default.base_reachable_time = 30 net.ipv4.neigh.default.retrans_time = 100 net.ipv4.neigh.default.app_solicit = 0 net.ipv4.neigh.default.ucast_solicit = 3 net.ipv4.neigh.default.mcast_solicit = 3 net.ipv4.ipfrag_secret_interval = 600 net.ipv4.tcp_low_latency = 0 net.ipv4.tcp_frto = 0 net.ipv4.tcp_tw_reuse = 0 net.ipv4.icmp_ratemask = 6168 net.ipv4.icmp_ratelimit = 100 net.ipv4.tcp_adv_win_scale = 2 net.ipv4.tcp_app_win = 31 net.ipv4.tcp_rmem = 4096 87380 174760 net.ipv4.tcp_wmem = 4096 16384 131072 net.ipv4.tcp_mem = 97280 97792 98304 net.ipv4.tcp_dsack = 1 net.ipv4.tcp_ecn = 0 net.ipv4.tcp_reordering = 5 net.ipv4.tcp_fack = 1 net.ipv4.tcp_orphan_retries = 0 net.ipv4.inet_peer_gc_maxtime = 120 net.ipv4.inet_peer_gc_mintime = 10 net.ipv4.inet_peer_maxttl = 600 net.ipv4.inet_peer_minttl = 120 net.ipv4.inet_peer_threshold = 65664 net.ipv4.igmp_max_memberships = 1 net.ipv4.route.secret_interval = 600 net.ipv4.route.min_adv_mss = 256 net.ipv4.route.min_pmtu = 552 net.ipv4.route.mtu_expires = 600 net.ipv4.route.gc_elasticity = 8 net.ipv4.route.error_burst = 500 net.ipv4.route.error_cost = 100 net.ipv4.route.redirect_silence = 2048 net.ipv4.route.redirect_number = 9 net.ipv4.route.redirect_load = 2 net.ipv4.route.gc_interval = 60 net.ipv4.route.gc_timeout = 300 net.ipv4.route.gc_min_interval = 5 net.ipv4.route.max_size = 65536 net.ipv4.route.gc_thresh = 4096 net.ipv4.route.max_delay = 10 net.ipv4.route.min_delay = 2 net.ipv4.icmp_ignore_bogus_error_responses = 1 net.ipv4.icmp_echo_ignore_broadcasts = 1 net.ipv4.icmp_echo_ignore_all = 0 net.ipv4.ip_local_port_range = 32768 61000 net.ipv4.tcp_max_syn_backlog = 64 net.ipv4.tcp_rfc1337 = 0 net.ipv4.tcp_stdurg = 0 net.ipv4.tcp_abort_on_overflow = 0 net.ipv4.tcp_tw_recycle = 0 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_fin_timeout = 30 net.ipv4.tcp_retries2 = 15 net.ipv4.tcp_retries1 = 3 net.ipv4.tcp_keepalive_intvl = 75 net.ipv4.tcp_keepalive_probes = 9 net.ipv4.tcp_keepalive_time = 1800 net.ipv4.ipfrag_time = 8 net.ipv4.ip_dynaddr = 0 net.ipv4.ipfrag_low_thresh = 196608 net.ipv4.ipfrag_high_thresh = 262144 net.ipv4.tcp_max_tw_buckets = 180000 net.ipv4.tcp_max_orphans = 16384 net.ipv4.tcp_synack_retries = 3 net.ipv4.tcp_syn_retries = 6 net.ipv4.ip_nonlocal_bind = 0 net.ipv4.ip_no_pmtu_disc = 0 net.ipv4.ip_autoconfig = 0 net.ipv4.ip_default_ttl = 64 net.ipv4.ip_forward = 1 net.ipv4.tcp_retrans_collapse = 1 net.ipv4.tcp_sack = 0 net.ipv4.tcp_window_scaling = 0 net.ipv4.tcp_timestamps = 0 net.core.divert_version = 0.46 net.core.hot_list_length = 128 net.core.optmem_max = 10240 net.core.message_burst = 50 net.core.message_cost = 5 net.core.mod_cong = 290 net.core.lo_cong = 100 net.core.no_cong = 20 net.core.no_cong_thresh = 20 net.core.netdev_max_backlog = 300 net.core.dev_weight = 64 net.core.rmem_default = 65535 net.core.wmem_default = 65535 net.core.rmem_max = 65535 net.core.wmem_max = 65535 Upon running #traceroute -n -q99 192.168.9.110 tpcdump yields the following output: 11:15:00.624660 IP 192.168.9.4.33056 > 192.168.9.110.domain: 28119+ A? Dell-RH9.hts.net. (34) 11:15:00.625265 IP 192.168.9.110.domain > 192.168.9.4.33056: 28119* 1/0/0 A 192.168.9.110 (50) 11:15:00.625812 IP 192.168.9.4.33056 > 192.168.9.110.33435: UDP, length 10 11:15:00.625963 IP 192.168.9.110 > 192.168.9.4: icmp 46: 192.168.9.110 udp port 33435 unreachable 11:15:00.679665 IP 192.168.9.4.33056 > 192.168.9.110.33436: UDP, length 10 11:15:00.679850 IP 192.168.9.110 > 192.168.9.4: icmp 46: 192.168.9.110 udp port 33436 unreachable 11:15:00.680082 IP 192.168.9.4.33056 > 192.168.9.110.33437: UDP, length 10 11:15:00.680187 IP 192.168.9.110 > 192.168.9.4: icmp 46: 192.168.9.110 udp port 33437 unreachable 11:15:00.680362 IP 192.168.9.4.33056 > 192.168.9.110.33438: UDP, length 10 11:15:00.680466 IP 192.168.9.110 > 192.168.9.4: icmp 46: 192.168.9.110 udp port 33438 unreachable 11:15:00.680818 IP 192.168.9.4.33056 > 192.168.9.110.33439: UDP, length 10 11:15:00.680922 IP 192.168.9.110 > 192.168.9.4: icmp 46: 192.168.9.110 udp port 33439 unreachable 11:15:00.799064 IP 192.168.9.4.33056 > 192.168.9.110.33440: UDP, length 10 ... Running #traceroute -I -n -q99 192.168.9.110 results in no dropped packets. The -I switch causes traceroute to use ICMP ECHO datagrams instead of the default UDP packets, so aparently the kernel is coughing on too many UDP datagrams. tcptraceroute -n -q99 runs without any dropped packets against all targets. TIA... |
Continuing the above remarks,
The behavior of dropping UDP packets is happening for both 2.4 and 2.6 kernels. TIAA |
What prompted me to investigate this problem was that I often encounter momentary delays when using ssh across the Internet. After eliminating hardware defects, I narrowed it down to lost packets. In particular, when I performed the followning
#ping -c1000 XXX.XXX.XXX.XXX where the X's specified an address that was not on my LAN, I noticed that I typically lost 7% to 14% of the packets. Tracroute showed that about every 6th packet was being dropped. These observations led me to investigate my LAN, but I have not been able to reproduce the ssh hesitation that I have experienced on the Internet. My connections to the Internet are: Source: Selectable between Dialup and Cable Destination: DSL Anyone else experiencing unexplained ssh delays? |
What prompted me to investigate this problem was that I often encounter momentary delays when using ssh across the Internet.
From LAN to remote, the other way around or both? Anyway. That's why I wedged in the tcptraceroute question. That should give a "better" view of what's going on than ping or traceroute, after all SSH is TCP and not UDP or ICMP. Anyone else experiencing unexplained ssh delays? Yes, and there are some threads on LQ about that. What I finally resorted to is setting ClientAliveInterval and ClientAliveCountMax in sshd_config and using AutoSSH for keeping tunnels alive. |
This is an old thread but since it's the first hit on google for 'linux 6th packet drop', here is out I fixed this today.
This seems to be related to the kernel's icmp rate limiter. See 'ratelimit' in man icmp. My solution was to echo 0 > /proc/sys/net/ipv6/icmp/ratelimit |
| All times are GMT -5. The time now is 06:31 AM. |