Weird Ping, weird FTP, weird Telnet... HELP!!!

Weird Ping, weird FTP, weird Telnet... HELP!!!

Post by k3310 » Thu, 28 Sep 2000 04:00:00



Can anyone diagnose this for me?

I'm in the process of building up a firewall but at some stage I musta
messed up and am now getting really weird results.

This is the results of a ping from 192.168.0.1 to 192.168.0.1 (the box
which will become the fireawall).

# PING 192.168.0.1
PING 192.168.0.1 (192.168.0.1) from 192.168.0.1 : 56(84) bytes of
data.
64 bytes from 192.168.0.1: icmp_seq=0 ttl=225 time=0.7ms
64 bytes from 192.168.0.1: icmp_seq=1 ttl=225 time=80001.0ms
64 bytes from 192.168.0.1: icmp_seq=2 ttl=225 time=160000.9ms
64 bytes from 192.168.0.1: icmp_seq=3 ttl=225 time=240000.8ms
64 bytes from 192.168.0.1: icmp_seq=4 ttl=225 time=320000.8ms
64 bytes from 192.168.0.1: icmp_seq=5 ttl=225 time=400000.7ms
64 bytes from 192.168.0.1: icmp_seq=6 ttl=225 time=480000.7ms

^c

--- 192.168.0.1 ping statistics ---
509 packets transmitted, 8 packets received, 98% packet loss
round-trip min/avg/max = 0.7/280000.7/560000.6 ms

This also happens when I do it from other machines behind the firewall
but I was very surprised when it did it when pinging itself.

Theres a pattern of 80000ms increments between successful pings...
Can't figure out whats wrong though.

If I try to telnet or FTP, I have to wait for an eternity b4 the login
prompt appears after the initial "connected" msg. But once I login
there is no problem using the console or transferring files. Same
thing for other machines to 192.168.0.1. So the network is "working"
but its waiting for something.

Has anyone had this happen to them b4 and manage to solve it?

Any help appreciated

Regards,

 
 
 

Weird Ping, weird FTP, weird Telnet... HELP!!!

Post by Hal Burgi » Thu, 28 Sep 2000 04:00:00



>Can anyone diagnose this for me?

>I'm in the process of building up a firewall but at some stage I musta
>messed up and am now getting really weird results.

>This is the results of a ping from 192.168.0.1 to 192.168.0.1 (the box
>which will become the fireawall).

># PING 192.168.0.1
>PING 192.168.0.1 (192.168.0.1) from 192.168.0.1 : 56(84) bytes of
>data.
>64 bytes from 192.168.0.1: icmp_seq=0 ttl=225 time=0.7ms
>64 bytes from 192.168.0.1: icmp_seq=1 ttl=225 time=80001.0ms
>64 bytes from 192.168.0.1: icmp_seq=2 ttl=225 time=160000.9ms
>64 bytes from 192.168.0.1: icmp_seq=3 ttl=225 time=240000.8ms
>64 bytes from 192.168.0.1: icmp_seq=4 ttl=225 time=320000.8ms
>64 bytes from 192.168.0.1: icmp_seq=5 ttl=225 time=400000.7ms
>64 bytes from 192.168.0.1: icmp_seq=6 ttl=225 time=480000.7ms

>^c

RH6.2?

Quote:>--- 192.168.0.1 ping statistics ---
>509 packets transmitted, 8 packets received, 98% packet loss
>round-trip min/avg/max = 0.7/280000.7/560000.6 ms

>This also happens when I do it from other machines behind the firewall
>but I was very surprised when it did it when pinging itself.

>Theres a pattern of 80000ms increments between successful pings...
>Can't figure out whats wrong though.

I've seen something similar but only on rare occasions. It 'fixes'
itself. Sometimes after a few pings, sometimes after minutes. I am not
able to duplicate it. Run tcpdump and see if the packets are really
taking this long, or ping is misreporting the times.

Quote:>If I try to telnet or FTP, I have to wait for an eternity b4 the login
>prompt appears after the initial "connected" msg. But once I login
>there is no problem using the console or transferring files. Same
>thing for other machines to 192.168.0.1. So the network is "working"
>but its waiting for something.

Maybe something different like DNS timeout. ???

--
Hal B



--

 
 
 

Weird Ping, weird FTP, weird Telnet... HELP!!!

Post by k3310 » Thu, 28 Sep 2000 04:00:00


Oops, forgot to mention the system specs.

Redhat 6.2 running on pentium133 with 32megs ram

eth cards, a SMZ 1211TX and a surecom fast ethernet card (both
rtl8139).

kernel 2.17 compiled to specifications of the MASQ howto.
ipchains not configured yet... all chains set to "ACCEPT"

eth0 = SMZ 1211TX. not configured yet. Allowed to timeout during boot
eth1 = surecom

# /etc/sysconfig/network
NETWORKING=yes
HOSTNAME="FIREWALL"
GATEWAY=192.168.0.1

# /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE="eth1"
BOOTPROTO="none"
BROADCAST=192.168.0.255
IPADDR="192.168.0.1"
NETMASK="255.255.255.0"
NETWORK="192.168.0.0"
ONBOOT="yes"

#route -n
Kernel IP routing table
Destination     Gateway Genmask Flags   Metric  Ref     Use     Iface
192.168.0.1     0.0.0.0         255.255.255.255 UH      0       0
0       eth1
192.168.0.0     0.0.0.0         255.255.255.0    U      0       0
0       eth1
127.0.0.1       0.0.0.0         255.0.0.0        U      0       0
0       lo
0.0.0.0         192.168.0.1     0.0.0.0         UG      0       0
0       eth1

 
 
 

Weird Ping, weird FTP, weird Telnet... HELP!!!

Post by k3310 » Thu, 28 Sep 2000 04:00:00


Damn!!! I think u are right!!!

I deleted everything in /etc/resolv.conf and it works now.
But why on earth is it doing a DNS look up when I gave it an IP addr?

Does this mean I have to setup a DNS for the local network  for the
occasions when my cable goes down and the routes to my ISPs DNS
servers are cut?




>>Can anyone diagnose this for me?

>>I'm in the process of building up a firewall but at some stage I musta
>>messed up and am now getting really weird results.

>>This is the results of a ping from 192.168.0.1 to 192.168.0.1 (the box
>>which will become the fireawall).

>># PING 192.168.0.1
>>PING 192.168.0.1 (192.168.0.1) from 192.168.0.1 : 56(84) bytes of
>>data.
>>64 bytes from 192.168.0.1: icmp_seq=0 ttl=225 time=0.7ms
>>64 bytes from 192.168.0.1: icmp_seq=1 ttl=225 time=80001.0ms
>>64 bytes from 192.168.0.1: icmp_seq=2 ttl=225 time=160000.9ms
>>64 bytes from 192.168.0.1: icmp_seq=3 ttl=225 time=240000.8ms
>>64 bytes from 192.168.0.1: icmp_seq=4 ttl=225 time=320000.8ms
>>64 bytes from 192.168.0.1: icmp_seq=5 ttl=225 time=400000.7ms
>>64 bytes from 192.168.0.1: icmp_seq=6 ttl=225 time=480000.7ms

>>^c

>RH6.2?

>>--- 192.168.0.1 ping statistics ---
>>509 packets transmitted, 8 packets received, 98% packet loss
>>round-trip min/avg/max = 0.7/280000.7/560000.6 ms

>>This also happens when I do it from other machines behind the firewall
>>but I was very surprised when it did it when pinging itself.

>>Theres a pattern of 80000ms increments between successful pings...
>>Can't figure out whats wrong though.

>I've seen something similar but only on rare occasions. It 'fixes'
>itself. Sometimes after a few pings, sometimes after minutes. I am not
>able to duplicate it. Run tcpdump and see if the packets are really
>taking this long, or ping is misreporting the times.

>>If I try to telnet or FTP, I have to wait for an eternity b4 the login
>>prompt appears after the initial "connected" msg. But once I login
>>there is no problem using the console or transferring files. Same
>>thing for other machines to 192.168.0.1. So the network is "working"
>>but its waiting for something.

>Maybe something different like DNS timeout. ???

>--
>Hal B




 
 
 

Weird Ping, weird FTP, weird Telnet... HELP!!!

Post by Adam Lan » Thu, 28 Sep 2000 04:00:00


Check your cable or something. The 98% packet loss is probably the clincher.

See if it is the medium that is the problem.

--

Adam Lang
Systems Engineer
Rutgers Casualty Insurance Company


> Can anyone diagnose this for me?

> I'm in the process of building up a firewall but at some stage I musta
> messed up and am now getting really weird results.

> This is the results of a ping from 192.168.0.1 to 192.168.0.1 (the box
> which will become the fireawall).

> # PING 192.168.0.1
> PING 192.168.0.1 (192.168.0.1) from 192.168.0.1 : 56(84) bytes of
> data.
> 64 bytes from 192.168.0.1: icmp_seq=0 ttl=225 time=0.7ms
> 64 bytes from 192.168.0.1: icmp_seq=1 ttl=225 time=80001.0ms
> 64 bytes from 192.168.0.1: icmp_seq=2 ttl=225 time=160000.9ms
> 64 bytes from 192.168.0.1: icmp_seq=3 ttl=225 time=240000.8ms
> 64 bytes from 192.168.0.1: icmp_seq=4 ttl=225 time=320000.8ms
> 64 bytes from 192.168.0.1: icmp_seq=5 ttl=225 time=400000.7ms
> 64 bytes from 192.168.0.1: icmp_seq=6 ttl=225 time=480000.7ms

> ^c

> --- 192.168.0.1 ping statistics ---
> 509 packets transmitted, 8 packets received, 98% packet loss
> round-trip min/avg/max = 0.7/280000.7/560000.6 ms

> This also happens when I do it from other machines behind the firewall
> but I was very surprised when it did it when pinging itself.

> Theres a pattern of 80000ms increments between successful pings...
> Can't figure out whats wrong though.

> If I try to telnet or FTP, I have to wait for an eternity b4 the login
> prompt appears after the initial "connected" msg. But once I login
> there is no problem using the console or transferring files. Same
> thing for other machines to 192.168.0.1. So the network is "working"
> but its waiting for something.

> Has anyone had this happen to them b4 and manage to solve it?

> Any help appreciated

> Regards,

 
 
 

Weird Ping, weird FTP, weird Telnet... HELP!!!

Post by Hal Burgi » Thu, 28 Sep 2000 04:00:00



>Damn!!! I think u are right!!!

>I deleted everything in /etc/resolv.conf and it works now.
>But why on earth is it doing a DNS look up when I gave it an IP addr?

The default ping behavior is to use hostnames:


PING 152.19.254.81 (152.19.254.81) from 216.78.197.8 : 56(84) bytes of data.
64 bytes from oldmetalab.unc.edu (152.19.254.81): icmp_seq=0 ttl=242 time=211.5 ms
64 bytes from oldmetalab.unc.edu (152.19.254.81): icmp_seq=1 ttl=242 time=220.1 ms
64 bytes from oldmetalab.unc.edu (152.19.254.81): icmp_seq=2 ttl=242 time=216.1 ms

I suspect a lot of utilities do this for logging purposes, etc.
Try putting hostnames in everybody's /etc/hosts.

Quote:>>># PING 192.168.0.1
>>>PING 192.168.0.1 (192.168.0.1) from 192.168.0.1 : 56(84) bytes of
>>>data.
>>>64 bytes from 192.168.0.1: icmp_seq=0 ttl=225 time=0.7ms
>>>64 bytes from 192.168.0.1: icmp_seq=1 ttl=225 time=80001.0ms
>>>64 bytes from 192.168.0.1: icmp_seq=2 ttl=225 time=160000.9ms
>>>64 bytes from 192.168.0.1: icmp_seq=3 ttl=225 time=240000.8ms
>>>64 bytes from 192.168.0.1: icmp_seq=4 ttl=225 time=320000.8ms
>>>64 bytes from 192.168.0.1: icmp_seq=5 ttl=225 time=400000.7ms
>>>64 bytes from 192.168.0.1: icmp_seq=6 ttl=225 time=480000.7ms

Possibly this is related somehow, but I suspect something else is
involved, since I and several others have seen this to one extent or
another. All RH6.2 BTW, FWIW.

--
Hal B



--

 
 
 

Weird Ping, weird FTP, weird Telnet... HELP!!!

Post by Tim Hayne » Thu, 28 Sep 2000 04:00:00



> Damn!!! I think u are right!!!

> I deleted everything in /etc/resolv.conf and it works now.
> But why on earth is it doing a DNS look up when I gave it an IP addr?

Probably so it can
        a) verify that DNS agrees the IP# and name are the same
        b) make a note of it in the logs

Quote:> Does this mean I have to setup a DNS for the local network  for the
> occasions when my cable goes down and the routes to my ISPs DNS
> servers are cut?

Yep, if you have a LAN you should probably get local DNS on
it. Alternatively, you could do the messy thing and use a symmetric pair of
/etc/hosts files.

[snip]

~Tim
--

(seen during a recent, >y2000, installation)    | http://piglet.is.dreaming.org

 
 
 

1. Weird, weird, weird issue ....

Hi expert,
    I have this particular weird issue that is hitting some of my Sun
machine once in a while.

    The issue is I could not "rlogin", "ftp" to the machine, even though
I could "ping" the machine. When I did a "telnet" to that machine, then
everything else works.

    Have you come across this before ??

    How do I go about to trouble-shoot this ? Thanks.

Regards,
Francis.

2. Win95/Linux Partitions

3. Weird - Ping, traceroute problems - but telnet, http, ftp ok - ??

4. IPTABELS for bandwidth control

5. Weird, really weird???

6. Verion of linux?

7. WEIRD netwk prob.. NetscapeOK,ftp/telnet not!

8. PPP on demand

9. WEIRD problem -- ftp FINE but telnet NOT WORKING

10. weird telnet FTP problem...

11. weird telnet and ftp problem

12. Weird hang on telnet, rlogin, ftp

13. help! telnet gives xtra chars, weird formatting