Welcome to the most active Linux Forum on the web.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 05-03-2005, 08:46 PM   #1
LQ Newbie
Registered: May 2005
Posts: 2

Rep: Reputation: 0
strange nat problem

Hi, I had a nat box running debian woody (2.4.19 kernel).
Everything was working great, but i upgraded to sarge and installed a kernel, and this issue came up:
in the nat clients, some web pages work and others don't, while in the nat box everything works fine.
For example google works great, but hotmail doesn't (and it does work in the nat box). An ethereal run shows that it does some talking (it sends and receives packets containing html headers) and then starts waiting for something that never comes. hotmail is just an example, there are some other web pages not requiring authentication that doesn't work either.
I'm using the same configuration i used in woody, only the programs versions changed. I have a lot of iptables rules plus some traffic shaping commands (with tc), but the problem persist even using this minimal set of rules and no Traffic Control:

:PREROUTING ACCEPT [22307:4559231]
:INPUT ACCEPT [16590:2976594]
:FORWARD ACCEPT [5364:1548354]
:OUTPUT ACCEPT [16414:1661497]
:POSTROUTING ACCEPT [21770:3197851]
:INPUT ACCEPT [14850:2866366]
:OUTPUT ACCEPT [14907:1537177]
:PREROUTING ACCEPT [10490:589933]
:OUTPUT ACCEPT [402:24212]

I find it very strange that some things work and some things doesn't, and i have no clue what the problem could be, i don't even know if it is an iptables-related issue, so any help pointing me to the right direction will be appreciated.
Old 05-03-2005, 09:19 PM   #2
Registered: Aug 2004
Location: .au
Distribution: debian, BSD
Posts: 104

Rep: Reputation: 16
it might not have anything to do with your firewall. maybe it's an MTU or IP flag option that causing problems. Did you compile this kernel yourself? If so, rember setting up any IP options (like ECN for instance) which might cause this sort of problem?
Old 05-03-2005, 11:20 PM   #3
LQ Newbie
Registered: May 2005
Posts: 2

Original Poster
Rep: Reputation: 0
I did compile the kernel, but i used the same options i was using on the old kernel, orat least that's what i think, it was a big kernel change and maybe i missed some new options.
Anyway, the only packets affected are those that get masqueraded, if it were that kind of problem wouldn't the nat box have trouble also?.
Old 05-11-2005, 01:21 PM   #4
Registered: Apr 2004
Distribution: Gentoo
Posts: 95

Rep: Reputation: 28
Re: strange nat problem

Originally posted by KennyNotDead
in the nat clients, some web pages work and others don't, while in the nat box everything works fine.
Sounds like bad MTU setting.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
strange, strange alsa problem: sound is grainy/pixellated? fenderman11111 Linux - Software 1 11-01-2004 06:16 PM
iptables - strange behaviour of nat?? shacky Linux - Networking 2 10-17-2004 11:44 AM
Susefirewall2 Nat Problem / nat 1:1 trubi Linux - Distributions 0 07-20-2004 06:50 AM
NAT problem Comatose51 Linux - Networking 1 06-23-2003 11:41 PM
What's the difference between Linux-NAT and Sygate-NAT? yuzuohong Linux - Networking 0 08-07-2002 05:07 AM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 11:45 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration