LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 06-10-2016, 03:34 PM   #1
Slicster
LQ Newbie
 
Registered: Jun 2015
Posts: 2

Rep: Reputation: Disabled
Strange networking issue in communications from two different WAN links


Hi Guys,
I'm having a strange networking issue where one of my public linux servers does not respond from one of my two office SITES. I'm trying to connect my backup server to the agent on my linux server over port 5120. When I connect from SITE1, it works and responds but not from SITE2.

**FAKE IP's were used below...

SITE1 WAN = 1.1.1.1
SITE2 WAN = 2.2.2.2

LINUX SERVER/BACKUP CLIENT = 5.5.5.5

Here is a capture of my IPTABLES:

Code:
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:5120
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
When I open a TCPDUMP to capture from SITE1, the working site, the connection is established:

Code:
11:45:48.423312 IP 1.1.1.1.51578 > 5.5.5.5.5120: Flags [S], seq 2227196580, win 29200, options [mss 1460,sackOK,TS val 670406847 ecr 0,nop,wscale 9], length 0
11:45:48.423329 IP 5.5.5.5.5120 > 1.1.1.1.51578: Flags [S.], seq 3807874851, ack 2227196581, win 14480, options [mss 1460,sackOK,TS val 240215494 ecr 670406847,nop,wscale 7], length 0
11:45:48.434244 IP 1.1.1.1.51578 > 5.5.5.5.5120: Flags [.], ack 1, win 58, options [nop,nop,TS val 670406850 ecr 240215494], length 0
11:45:48.434767 IP 1.1.1.1.51578 > 5.5.5.5.5120: Flags [P.], seq 1:497, ack 1, win 58, options [nop,nop,TS val 670406850 ecr 240215494], length 496
11:45:48.434775 IP 5.5.5.5.5120 > 1.1.1.1.51578: Flags [.], ack 497, win 122, options [nop,nop,TS val 240215505 ecr 670406850], length 0
11:45:48.437192 IP 5.5.5.5.5120 > 1.1.1.1.51578: Flags [P.], seq 1:497, ack 497, win 122, options [nop,nop,TS val 240215508 ecr 670406850], length 496
11:45:48.450690 IP 1.1.1.1.51578 > 5.5.5.5.5120: Flags [.], ack 497, win 60, options [nop,nop,TS val 670406854 ecr 240215508], length 0
On SITE2, the site that doesn't work, I only get the following on a TCPDUMP:

Code:
15:14:43.050423 IP 2.2.2.2.55454 > 5.5.5.5.5120: Flags [S], seq 4233177303, win 29200, options [mss 1460,sackOK,TS val 673540506 ecr 0,nop,wscale 9], length 0
As you can see, it's as if the Linux server receives the packet but never replies. The strange thing is that if I use do a "telnet 5.5.5.5 5120" it connects and works fine from either SITE.

Here is the TCPDUMP I receive for Telnet:

Code:
15:33:21.935673 IP 2.2.2.2.twcss > 5.5.5.5.5120: Flags [SEW], seq 3414449020, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
15:33:21.935694 IP 5.5.5.5.5120 > 2.2.2.2.twcss: Flags [S.E], seq 3511501023, ack 3414449021, win 14600, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
15:33:21.944412 IP 2.2.2.2.twcss > 5.5.5.5.5120: Flags [.], ack 1, win 513, length 0
15:33:24.191990 IP 5.5.5.5.5120 > 2.2.2.2.44878: Flags [F.], seq 1103838895, ack 3720413533, win 115, length 0
15:33:24.192233 IP 2.2.2.2.44878 > 5.5.5.5.5120: Flags [R], seq 3720413533, win 0, length 0
Really not sure where things are blocking, any ideas?

Last edited by Slicster; 06-10-2016 at 03:43 PM.
 
Old 06-11-2016, 03:20 PM   #2
vincix
Senior Member
 
Registered: Feb 2011
Distribution: Ubuntu, Centos
Posts: 1,240

Rep: Reputation: 103Reputation: 103
One would think there's something going on with site2. Or perhaps there's authentication problem? I think you should offer more detailed information about the software you're using. Perhaps the request does reach the server, but the server doesn't respond? You could slso write a temporary logging rule before the 5120 one to see if the server does receive the request.

Perhaps check some other logs related to authentication? How does the backup actually take place?
 
Old 06-16-2016, 10:55 PM   #3
JJJCR
Senior Member
 
Registered: Apr 2010
Posts: 2,138

Rep: Reputation: 447Reputation: 447Reputation: 447Reputation: 447Reputation: 447
backup agent is installed on both sides?

backup agent on site2 is configured to listen on port 5120?

Any anti-virus or firewall rules blocking?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Transparent Proxy with 2 WAN links yorbs8 Linux - Networking 7 03-01-2010 08:32 PM
[SOLVED] strange networking issue involving xen interface housemusic42 Linux - Networking 1 01-27-2010 05:30 PM
Setting MTU breaks WAN communications, LAN works great Bviper Linux - Networking 3 06-11-2008 02:30 AM
Strange networking issue on my linux workstation tate_harmann Linux - Networking 3 03-27-2008 03:02 PM
Strange Networking Issue EclipseAgent SUSE / openSUSE 2 04-28-2006 09:51 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 10:34 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration