Frees/wan setup problems
Kenneth E. Lussier
ken.lussier at zuken.com
Fri Feb 28 11:32:40 EST 2003
On Fri, 2003-02-28 at 10:27, Cole Tuininga wrote:
> > That would narrow it down to a routing problem. If you run
> > 'tcpdump -n -i any' on both gateways (at the same time) and do a
> > traceroute from a machine on the subnet to the private ip address of the
> > opposite gateway, do you see anything going out and coming back? Then
> > try tracrouting to a machine on the other subnet.
>
> Here's something interesting .... I tried this. I'm at work at the
> moment (192.168.1.x) so I ssh'd into both .1 (gateway) boxes and ran
> tcpdump -n -i any. Then, from my local machine (192.168.1.69) I tried
> to ping 192.168.2.1.
>
> The 192.168.1.1 box showed the icmp requests immediately - including the
> reply. Here's where the interesting part comes in - the remote gateway
> (192.168.2.1) started showing packets around 10 to 20 seconds *later*?!?
That could just be the latency on the ssh connection. The packets were
received/sent, but the display of the tcpdump didn't echo back right
away.
So, the ping went from your subnet box (192.168.1.69) to the internal
interface of the local gateway (192.168.1.1) out the tunnel to the
opposite gateway (192.168.2.1), then back to the internal interface of
the local gateway? Or did it come back to the external interface? Either
way, it never reached 192.168.1.69 again, right? If it came back to the
internal interface, then there is a routing problem between the local
internal interface and the subnet. If it came back to the external
interface, then it was routed incorrectly at the other end.
C-Ya,
Kenny
--
----------------------------------------------------------------------------
"Tact is just *not* saying true stuff" -- Cordelia Chase
Kenneth E. Lussier
Sr. Systems Administrator
Zuken, USA
PGP KeyID CB254DD0
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xCB254DD0
More information about the gnhlug-discuss
mailing list