On Tue, 2005-12-20 at 23:54 -0800, Todd A. Jacobs wrote: > I'm experiencing something very strange: running ping several times in a > row results in lost packets from ping's point of view, even though the > kernel is getting the echo replies back. > > I can experience this on demand by running ping, with tcpdump running in > another window and watching for ICMP traffic. Leaving tcpdump running, > and stopping and restarting ping, often results in the stated behavior. > The replies keep coming back, but ping doesn't recognize them for > whatever reason. > > Any ideas what could be wrong, and how to troubleshoot it further? I can > inspect deeper into the packets, if I had some idea of why ping (the > application) would discard what appears to be valid replies. I'd suggest looking at your iptables settings. I believe that tcpdump will pick up packets BEFORE they're filtered by iptables, whereas ping would obviously sit BEHIND the firewall. In this way, if iptables was set up to drop ICMP packets, the kernel would still receive them, but ping wouldn't. -- Alex Malinovich Support Free Software, delete your Windows partition TODAY! Encrypted mail preferred. You can get my public key from any of the pgp.net keyservers. Key ID: A6D24837
Attachment:
signature.asc
Description: This is a digitally signed message part