LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 05-04-2006, 05:24 PM   #1
gepas
LQ Newbie
 
Registered: Feb 2006
Posts: 19

Rep: Reputation: 0
Really strange problem with NAT router


Hello,

I'm running a Slackware 10.2 as a NAT router, with latest kernel 2.4.32. The problem I'm suffering from is strange enough to sound but it is true! After some days of operation the router refuses to make new Internet connections - but which is curious not from all the machines that are behind the NAT, but instead from just let's say from 2-3 machines. At this moment, I can ping from those problematic machines any address with no problem, also I can open and browse the FTP site on the router itself successfully. And of course from the rest of the machines the Internet and NAT-ting is working perfectly.

Here are the simptons once again in brief in case I was not clear enough:

1. A network of 30 PCs with a Slackware router, NAT.
2. At some moment for 2-3 PCs (IPs) it becomes impossible to make new and any connections to Internet services: HTTP, FTP, ICQ, Skype, etc.
3. From those 2-3 PCs (IPs) it is still possible to ping and receive answer from any Internet site/address!!!
4. From those 2-3 PCs (IPs) I can access and use the Web/FTP service on the Linux router itself with no problems!!!
5. From the other 28 PCs (IPs) Internet access is still working perfectly.
6. The problem is fixed after rebooting the Linux - but regularly repeats itself again after some period of time.

Please, somebody shed some light how to diagnose this strange and absolutley unlogical situation and problem !

Just an additional note: this is a newly setup router which replaced a Redhat 9 Linux machine - when I return the Redhat machine in place the problem does not appear.

thank you
Evgeni
 
Old 05-04-2006, 06:16 PM   #2
egag
Senior Member
 
Registered: Jul 2004
Location: Netherlands
Distribution: Slackware
Posts: 2,721

Rep: Reputation: 53
sounds like those 2-3 pc's have problems with dns resolving.
did you already check, at the time the prob is there, the file /etc/resolv.conf ?

egag
 
Old 05-04-2006, 06:59 PM   #3
gepas
LQ Newbie
 
Registered: Feb 2006
Posts: 19

Original Poster
Rep: Reputation: 0
thanks egag,

but i don't think it could be something related to DNS, since from these 2 PC-s when I execute at the time of the problem ping yahoo.com it is successful!
But only ping is working, and also all other LAN connections work on these PCs fine, except for the www, ftp, icq, skype, etc...

Evgeni
 
Old 05-04-2006, 07:29 PM   #4
egag
Senior Member
 
Registered: Jul 2004
Location: Netherlands
Distribution: Slackware
Posts: 2,721

Rep: Reputation: 53
it would be too simple...
didn't read too well.
( i kinda guessed you pinged ip-addresses )

so it looks like some ports (not all) get closed,
but only for a few machines (not all )after " some time ".

sounds strange enough to me.
is there something in the logs from the time the prob. arises ?
( that's where i would start )

egag
 
Old 05-05-2006, 02:33 AM   #5
gepas
LQ Newbie
 
Registered: Feb 2006
Posts: 19

Original Poster
Rep: Reputation: 0
Well, nothing in logs at that moment: i've checked messages, debug files.
Do you have an idea what other logs to look for, or switch on some additional debugging, how ?

Also, when the problem occurs the problematic PC can make an FTP to the router itself but not outside to the Internet.
 
Old 05-05-2006, 08:26 AM   #6
egag
Senior Member
 
Registered: Jul 2004
Location: Netherlands
Distribution: Slackware
Posts: 2,721

Rep: Reputation: 53
if those ports for the problematic pc's are blocked by iptables
there should be smth. in /var/log/syslog.

i think those ports are blocked by iptables( don't know what else ?)
maybe someone who is more familiar with iptables can give some hints here.

egag
 
Old 05-05-2006, 08:28 AM   #7
onebuck
Moderator
 
Registered: Jan 2005
Location: Central Florida 20 minutes from Disney World
Distribution: SlackwareŽ
Posts: 13,971
Blog Entries: 46

Rep: Reputation: 3195Reputation: 3195Reputation: 3195Reputation: 3195Reputation: 3195Reputation: 3195Reputation: 3195Reputation: 3195Reputation: 3195Reputation: 3195Reputation: 3195
Quote:
Originally Posted by gepas
Well, nothing in logs at that moment: i've checked messages, debug files.
Do you have an idea what other logs to look for, or switch on some additional debugging, how ?

Also, when the problem occurs the problematic PC can make an FTP to the router itself but not outside to the Internet.
Hi,

Is the network wired or wireless?

Do you have static or dhcp for the 2-3 machines in question? What OS are you running on these stations?

What is your network topology? How are the machines connected?
All machines on the same sub-net?

Just trying to get a view of the network overall!
 
Old 05-06-2006, 09:14 AM   #8
Ken-ji
LQ Newbie
 
Registered: Apr 2003
Location: Philippines
Distribution: Slackware
Posts: 19

Rep: Reputation: 0
You also might want to check if issuing
# sysctl -w net.ipv4.ip_conntrack_max = 1048576
while the problem is acting up, makes the problem disappear.

Note: the number 1048576 is 1M, this might be overkill/not enough in your case.

if it does fix your problem, then create or append to /etc/sysctl.conf
net.ipv4.ip_conntrack_max = 1048576

which makes this change permanent.

I had this problem on my NAT box running loads of BitTorrent and having around 4 clients also running BitTorrent. I saw some error in logs about unable to track connections.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Really strange problem with NAT router gepas Linux - Networking 3 05-05-2006 12:05 PM
problem update via router with NAT and Firewall qinelo Linux - Networking 1 01-13-2006 05:03 PM
please help: strange problem with NAT??? cutejai Linux - Networking 3 12-16-2005 06:37 AM
strange nat problem KennyNotDead Linux - Networking 3 05-11-2005 01:21 PM
nat problem with newly set up router cutejai Linux - Networking 2 04-29-2005 03:01 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 04:06 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration