Linux bridge TCP routing problem

To: debian-user@lists.debian.org
Subject: Linux bridge TCP routing problem
From: lare@puhti.com
Date: Tue, 30 Mar 2010 07:07:36 +0300 (EEST)
Message-id: <[🔎] 082ae19851cb6ef9852c548143c41206.squirrel@ssl.puhti.com>

Hello folks

I have following setup:

           DMZ public IP 4
           DMZ public IP 3
                  |
Internet---br0, public IP 1 (eth0 is internet side and eth1 is DMZ side)
           br0:0, public IP 2---nat (eth2)---private IP

Problem is that sometimes (a 2-4 times in a day) DMZ public IP 3 cannot
make TCP connection to br0:0 public IP 2. The connection is lost from 5
minutes to 5 hours and fixes by itself. Connection can be fixed manually
by running command "nmap public IP 2" from DMZ public IP3. ICMP and UDP
-protocols works fine. When system is broken and I try to make
tcp-connection from DMZ public IP 3 to public IP 2 and dumping eth2, I see
some of packets there. When system is working, no those backets can bee
seen on eth2. DMZ public IP 3 can connect all the time in other mentioned
IP:s. This system went broken when we removed all physdev-things from our
firewall and upgraded from etch to lenny. Does anybody have a clue what
could cause the broblem or at least what could I do to investigate this
problem more?

System is Debian Lenny with default kernel 2.6.26-2-686

-Lauri-

Reply to:

Follow-Ups:
- Re: Linux bridge TCP routing problem
  - From: Alexander Samad <alex@samad.com.au>

Prev by Date: Re: nvidia 32-bit opengl libs
Next by Date: Re: handling removable media without gnome-volume-manager
Previous by thread: Re: OT: Debian Mentors Access
Next by thread: Re: Linux bridge TCP routing problem
Index(es):
- Date
- Thread