Bug#516078: marked as done (IP masquerade misbehaves on kernel-2.6.26)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Sun, 30 May 2010 23:39:03 +0200
with message-id <20100530213903.GA8147@galadriel.inutil.org>
and subject line Re: IP masquerade misbehaves on kernel-2.6.26
has caused the Debian Bug report #516078,
regarding IP masquerade misbehaves on kernel-2.6.26
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
516078: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=516078
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: <submit@bugs.debian.org>
• Subject: IP masquerade misbehaves on kernel-2.6.26
• From: Carlos López <musikolo@hotmail.com>
• Date: Thu, 19 Feb 2009 08:00:32 +0000
• Message-id: <COL110-W35E72EBE0853E77029ADD7CAB20@phx.gbl>

Package: linux-image-2.6.26-1-486
Status: install ok installed
Priority: optional
Section: admin
Installed-Size: 58292
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Architecture: i386
Source: linux-2.6
Version: 2.6.26-13
Provides: linux-image, linux-image-2.6, linux-modules-2.6.26-1-486
Depends: module-init-tools, initramfs-tools (>= 0.55) | yaird (>= 0.0.13) | linux-initramfs-tool
Pre-Depends: debconf | debconf-2.0
Suggests: linux-doc-2.6.26, grub | lilo
Conflicts: initramfs-tools (<< 0.55), yaird (<< 0.0.13)
Description: Linux 2.6.26 image on x86
 This package provides the binary image and pre-built loadable modules for
 Linux kernel 2.6.26 on x86 and compatible machines.

Hi mates,

I have recently upgraded my box from Debian Etch to Lenny. The process worked fine broadly speaking. However, IP masquerade stopped working correctly since then. If I do a small test from a computer in my LAN, I get this http://pastebin.com/m2d03b79a As you seen everything works fine, but no answer is received for the HTTP request. The "external world" is partially accessible.

However, just by rebooting and choosing the kernel 2.6.18, the issue is solved: http://pastebin.com/m7ab4a89b 

I have spent more than 3 days doing all kind of tests, because I thought that there was something wrong in my shorewall configuration. After much trial and error, I thought the kernel might be the culprit, and, as you see, it seems to be.

Some more details about my box: AMD K6 333Mhz - 256 MB - 4 GB hard disk - Ext3 fs
I have also attached two dmesg files including a trace of each kernel, just in case it might be helpful.

I look forward to having news from you soon. 
Regards.

---

Juega a las preguntas de Live Quiz con tus contactos de Messenger ¡Empieza ahora!

--- End Message ---

--- Begin Message ---

• To: Carlos López <musikolo@hotmail.com>
• Cc: 516078-done@bugs.debian.org
• Subject: Re: IP masquerade misbehaves on kernel-2.6.26
• From: Moritz Muehlenhoff <jmm@inutil.org>
• Date: Sun, 30 May 2010 23:39:03 +0200
• Message-id: <20100530213903.GA8147@galadriel.inutil.org>
• In-reply-to: <COL110-W58E1C04DAE9884DFA3E58ACA7B0@phx.gbl>
• References: <COL110-W58E1C04DAE9884DFA3E58ACA7B0@phx.gbl>

On Fri, Apr 17, 2009 at 08:00:16PM +0000, Carlos López wrote:
> 
> Hi Maarten,
> 
> I have just read your post and you are right. Unfortunately, I have had to work much more because I hadn't read your email. I excepcted to be notified by email, but I haven't. I have two nics
> 
> eth0 --> intranet static ip
> eth1 --> internet dhcp ip
> 
> Although on both kernel 2.6.18-etch and 2.8.26-lenny eth1 MTU was 576 (X.25 network size) for some reason with the former kernel it worked, but with the latter it didn't. By setting up the right MTU size (1500 for my cable connection) everything works pretty good.
> 
> I found this article that was very helpful: http://adam.rosi-kessel.org/weblog/2009/02/25/iptables_router_failed_after_debian_lenny_upgrade_solved_by_setting_mtu
> 
> My solution was inspired in what says here http://www.debianadmin.com/change-mtu-maximum-transmission-unit-of-network-interface.html but I had to put this instead in my /etc/network/interfaces file:
> ...etc...
> allow-hotplug eth1
> iface eth1 inet dhcp
>         post-up /sbin/ifconfig eth1 mtu 1500
> 
> I hope it helps anyone and again, thanks a lot Maarten for your help.
> 
> Best regards! :-)
> 
> PD: I have upgraded the pastebin links I pasted in my above posts. They were temporary and the new ones are permanent.
> Test on 2.6.18-etch: http://pastebin.com/f24d02877
> Test on 2.6.28-lenny: http://pastebin.com/f62e2ffe4

If everything works with the correct MTU setting, let's close this bug.
The references helpfully provided by you and Maarten will still be available
for people googling for the problem.

Cheers,
        Moritz

--- End Message ---