cobalt raq2 as a router - weird connection issues
I'm trying to replace my old Pentium router/firewall with my raq2, the
one with two NIC's. The interfaces themselves seem stable - I'm
not having that standard problem of the interface dying after
time. It was acting as a stable web/email/irc/ssh server behind
my pentium router for a long time (using eth0), and I've done some
stress tests on eth1 and that seems fine also.
What it's doing is when I enable NAT and try to go out to the internet
from the lan, things get weird. Some things work and others
don't, and I have no idea what the pattern is. For instance, I
can get to my school's website at www.uakron.edu, but not the one down
the road at www.kent.edu. I can get to google and do a search,
but if i try to go to any of the url's (like tldp.org), it won't.
I can even get to a server I have a shell on, at
http://irc.shroomery.org/~link BUT can't get to
http://irc.shroomery.org/~link/stats. Same server, but the latter
hangs. The connections hang on 'waiting for site'. I can
also ssh to that server, but can't sftp, it won't connect. I can
duplicate this on several machines. The web issues I can
duplicate with both IE, firefox and lynx. I can get to all those
sites fine from the cobalt itself. It's just the machines behind
it.
I was originally using a patched custom kernel compile of 2.4.31, which
was working fine until this. After running into this issue, I
tried the 2.4.27 debian kernel someone posted in an earlier
thread. Still had the same issue (which is currently my ONLY
issue)
Thinking it might be my firewall, I flushed all the rules, set the
default policies to ACCEPT, enabled forwarding, and made a rule for
NAT, and that's it. No deny rules. Still had the same
issues - some things work, others don't. It's not the connection
nor my ISP. If I put my old router up, everything's fine.
I was able to run a 'tcpdump -xX -s 1024' on both interfaces at one
point, and noticed that at the point of dying, the last packet seen is
fine coming in eth1 from the LAN, but when it leaves ppp0, it's
garbled. The top line that says something like:
09:00:07.212048 IP 123.321.123.321.123 > 321.123.321.123.321
It looked something like that on eth1, but when it left ppp0 the ip section got garbled into something like this:
09:00:07.212048 646d 578e fa48 0004 4297 c00c 069a 3438 bc54
which is what the data section of the packet should contain.
I'm at a loss. I guess I should try to set it up as a router
behind my existing router, and rule out the possibility of it being a
PPPoE thing. That'll be a bit of a pain, but if someone thinks
it's worth a shot, I'll try it. The fact that some things work
fine and others don't work at all and there's no pattern, yet it's
repeatable, just has be baffled, and I don't know where to look.
I've tried different kernels, and even compiled a different version of
iptables. Not sure what else would be relevant. Any
suggestions would be really appreciated.
Thanks
-Ryan
--
I have often wondered if the majority
of mankind ever pause to reflect upon the occasionally titanic
significance of dreams, and of the obscure world to which they
belong. -- H.P. Lovecraft
Reply to: