[geeks] Further info on Sol8 networking problem

Joshua D Boyd jdboyd at cs.millersville.edu
Wed Mar 20 01:07:12 CST 2002 

So, I broke out tcpdump tonight (don't know why I didn't think of it earlier).

And when I type telnet cs.millersville.edu, tcp dump shows normal activity,
plus the following sorts of messages over and over:

02:01:05.359189 192.168.0.55.32776 > cs.millersville.edu.telnet: S 23529836:23529836(0) win 24820 <nop,nop,sackOK,mss 1460> (DF)
02:01:18.858901 192.168.0.55.32776 > cs.millersville.edu.telnet: S 23529836:23529836(0) win 24820 <nop,nop,sackOK,mss 1460> (DF)

Similar results for ftp:

02:01:57.071870 192.168.0.55.32777 > cs.millersville.edu.ftp: S 38739166:38739166(0) win 24820 <nop,nop,sackOK,mss 1460> (DF)

And again similar results if I substitute in other hostnames.

Pinging epix.net returns results like:
02:03:23.738327 192.168.0.55.32778 > mail1.bellatlantic.net.domain:  27110+ A? epix.net. (26) (DF)
02:03:23.780336 arp who-has 192.168.0.55 tell 192.168.0.1
02:03:23.780552 arp reply 192.168.0.55 is-at 8:0:20:8a:cd:7f
02:03:23.780883 192.168.0.99.32780 > mail1.bellatlantic.net.domain:  65163+ PTR? 1.0.168.192.in-addr.arpa. (42) (DF)
02:03:23.781213 mail1.bellatlantic.net.domain > 192.168.0.55.32778:  27110* 2/3/3 A almond.epix.net, (186) (DF)
02:03:23.788003 192.168.0.55 > almond.epix.net: icmp: echo request (DF)
02:03:23.811488 mail1.bellatlantic.net.domain > 192.168.0.99.32780:  65163 NXDomain 0/1/0 (114) (DF)
02:03:23.812542 192.168.0.99.32780 > mail1.bellatlantic.net.domain:  65164+ PTR? 140.89.224.199.in-addr.arpa. (45) (DF)
02:03:23.852974 almond.epix.net > 192.168.0.55: icmp: echo reply (DF)
02:03:23.950112 mail1.bellatlantic.net.domain > 192.168.0.99.32780:  65164* 1/2/2 (171) (DF)
02:03:28.771825 arp who-has 192.168.0.1 tell 192.168.0.99
02:03:28.772345 arp reply 192.168.0.1 is-at 0:a0:cc:79:79:b0

Which is pretty much what I'd expect (I can't ping cs.millersville.edu due
to the campus filtering icmp packets).

Any idea why the servers aren't replying?  The packets are obviously making it
out over my network, so why are the outside servers responding to my linux
and netbsd machines, but not the Solaris one?  I don't know if this tcpdump
is actually of any use, but it seemed worth trying.

-- 
Joshua D. Boyd

More information about the geeks mailing list