Connectivity issue - tcpdump reports ping a success, ping itself does not.
Hi,
I am having some connectivity issues. The arp table is not populated even if the arp request are successfully transferred on the wire. Which leads to unsuccessfully ping. When I add a arp entry manually, tcpdump shows replies but not ping itself.
I have had this problems before only that was after I uploaded data using ssh or ssl. Then I got the same weird results. I lost connectivity on the application level, but tcpdump showed that the packets went through(ping packets got reply in tcpdump but not in ping, www would only load some kb with data before it stopped transmitting.) So I hope this is a known issue.
All help is much appreciated.
-tslura
I have rebooted my system, and this is what I get.
[2304][root@pwwrpad:~]# uname -a
Linux pwwrpad 2.6.32-3-686 #1 SMP Thu Feb 25 06:14:20 UTC 2010 i686 GNU/Linux
I am using GNS3 to simulate a CiscoRuter. This I connect to a "cloud" which is connected to a tap0 interface.
The tap0 interface is created by:
# tunctl -t tap0
[2327][root@pwwrpad:~]# ifconfig tap0
tap0 Link encap:Ethernet HWaddr 46:7c:75:84:7f:dd
inet addr:10.10.0.1 Bcast:10.10.0.255 Mask:255.255.255.0
inet6 addr: fe80::447c:75ff:fe84:7fdd/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:5742 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
[2324][root@pwwrpad:~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.10.0.0 0.0.0.0 255.255.255.0 U 0 0 0 tap0
109.246.52.0 0.0.0.0 255.255.252.0 U 0 0 0 eth0
0.0.0.0 109.246.52.1 0.0.0.0 UG 0 0 0 eth0
Router#sh ip int
FastEthernet0/0 is up, line protocol is up
Broadcast address is 255.255.255.255
Router#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C 10.10.0.0 is directly connected, FastEthernet0/0
I can see the network traffic from the router node, connected to tap0
Router>ping 10.10.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.0.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Router>
[2258][root@pwwrpad:~]# tcpdump -i tap0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tap0, link-type EN10MB (Ethernet), capture size 65535 bytes
22:58:40.904701
22:58:50.904699
22:58:56.308857 ARP, Request who-has pwwrpad.local tell 10.10.0.2, length 46
22:58:56.463492 IP6 fe80::447c:75ff:fe84:7fdd.mdns > ff02::fb.mdns: 0 PTR (QM)? 1.0.10.10.in-addr.arpa. (40)
22:58:56.463570 IP pwwrpad.local.mdns > 224.0.0.251.mdns: 0 PTR (QM)? 1.0.10.10.in-addr.arpa. (40)
22:58:56.463906 IP pwwrpad.local.mdns > 224.0.0.251.mdns: 0*- [0q] 1/0/0 (Cache flush) PTR pwwrpad.local. (61)
22:58:56.620013 IP6 fe80::447c:75ff:fe84:7fdd.mdns > ff02::fb.mdns: 0 PTR (QM)? 2.0.10.10.in-addr.arpa. (40)
22:58:56.620082 IP pwwrpad.local.mdns > 224.0.0.251.mdns: 0 PTR (QM)? 2.0.10.10.in-addr.arpa. (40)
22:58:57.267462 CDPv2, ttl: 180s, Device-ID 'Router', length 333
22:58:57.620916 IP6 fe80::447c:75ff:fe84:7fdd.mdns > ff02::fb.mdns: 0 PTR (QM)? 2.0.10.10.in-addr.arpa. (40)
22:58:57.620991 IP pwwrpad.local.mdns > 224.0.0.251.mdns: 0 PTR (QM)? 2.0.10.10.in-addr.arpa. (40)
22:58:58.308839 ARP, Request who-has pwwrpad.local tell 10.10.0.2, length 46
22:58:59.622211 IP6 fe80::447c:75ff:fe84:7fdd.mdns > ff02::fb.mdns: 0 PTR (QM)? 2.0.10.10.in-addr.arpa. (40)
22:58:59.622279 IP pwwrpad.local.mdns > 224.0.0.251.mdns: 0 PTR (QM)? 2.0.10.10.in-addr.arpa. (40)
22:59:00.308839 ARP, Request who-has pwwrpad.local tell 10.10.0.2, length 46
[2259][leafwiz@pwwrpad:~]$ ping 10.10.0.2
PING 10.10.0.2 (10.10.0.2) 56(84) bytes of data.
From 10.10.0.1 icmp_seq=2 Destination Host Unreachable
From 10.10.0.1 icmp_seq=3 Destination Host Unreachable
From 10.10.0.1 icmp_seq=4 Destination Host Unreachable
^C
--- 10.10.0.2 ping statistics ---
6 packets transmitted, 0 received, +3 errors, 100% packet loss, time 5009ms
pipe 3
[2300][leafwiz@pwwrpad:~]$
23:00:51.246623 ARP, Request who-has 10.10.0.2 tell pwwrpad.local, length 28
23:00:51.251907 ARP, Reply 10.10.0.2 is-at c0:00:21:a4:00:00 (oui Unknown), length 46
23:00:52.246623 ARP, Request who-has 10.10.0.2 tell pwwrpad.local, length 28
23:00:52.248841 ARP, Reply 10.10.0.2 is-at c0:00:21:a4:00:00 (oui Unknown), length 46
23:00:53.246623 ARP, Request who-has 10.10.0.2 tell pwwrpad.local, length 28
23:00:53.248839 ARP, Reply 10.10.0.2 is-at c0:00:21:a4:00:00 (oui Unknown), length 46
23:00:55.246623 ARP, Request who-has 10.10.0.2 tell pwwrpad.local, length 28
23:00:55.248837 ARP, Reply 10.10.0.2 is-at c0:00:21:a4:00:00 (oui Unknown), length 46
23:00:56.246623 ARP, Request who-has 10.10.0.2 tell pwwrpad.local, length 28
23:00:56.248970 ARP, Reply 10.10.0.2 is-at c0:00:21:a4:00:00 (oui Unknown), length 46
23:00:57.246625 ARP, Request who-has 10.10.0.2 tell pwwrpad.local, length 28
23:00:57.248851 ARP, Reply 10.10.0.2 is-at c0:00:21:a4:00:00 (oui Unknown), length 46
On problem is that the ARP table isn't populated
[2300][root@pwwrpad:~]# arp -n
Address HWtype HWaddress Flags Mask Iface
109.246.52.1 ether 00:21:f7:b0:95:91 C eth0
10.10.0.2 (incomplete) tap0
But here is the kicker.
If I add a arp entry manually I get A successfully ping in tcpdump, but not in ping itself.
[2304][root@pwwrpad:~]# arp -s 10.10.0.2 c0:00:21:a4:00:00
[2304][root@pwwrpad:~]# arp -n
Address HWtype HWaddress Flags Mask Iface
109.246.52.1 ether 00:21:f7:b0:95:91 C eth0
10.10.0.2 ether c0:00:21:a4:00:00 CM tap0
[2304][leafwiz@pwwrpad:~]$ ping 10.10.0.2
PING 10.10.0.2 (10.10.0.2) 56(84) bytes of data.
^C
--- 10.10.0.2 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3024ms
23:04:43.616537 IP pwwrpad.local >
10.10.0.2: ICMP echo request, id 25294, seq 1, length 64
23:04:43.626150 IP 10.10.0.2 > pwwrpad.local: ICMP echo reply, id 25294, seq 1, length 64
23:04:44.624722 IP pwwrpad.local >
10.10.0.2: ICMP echo request, id 25294, seq 2, length 64
23:04:44.628177 IP 10.10.0.2 > pwwrpad.local: ICMP echo reply, id 25294, seq 2, length 64
23:04:45.632717 IP pwwrpad.local >
10.10.0.2: ICMP echo request, id 25294, seq 3, length 64
23:04:45.634383 IP 10.10.0.2 > pwwrpad.local: ICMP echo reply, id 25294, seq 3, length 64
23:04:46.640716 IP pwwrpad.local >
10.10.0.2: ICMP echo request, id 25294, seq 4, length 64
23:04:46.642635 IP 10.10.0.2 > pwwrpad.local: ICMP echo reply, id 25294, seq 4, length 64
Arping works. Also before I manually add a arp table entry.
[2322][root@pwwrpad:~]# arping 10.10.0.2
ARPING 10.10.0.2
60 bytes from c0:00:21:a4:00:00 (10.10.0.2): index=0 time=2.185 msec
60 bytes from c0:00:21:a4:00:00 (10.10.0.2): index=1 time=1.279 msec
60 bytes from c0:00:21:a4:00:00 (10.10.0.2): index=2 time=2.900 msec
60 bytes from c0:00:21:a4:00:00 (10.10.0.2): index=3 time=2.145 msec
60 bytes from c0:00:21:a4:00:00 (10.10.0.2): index=4 time=2.054 msec
60 bytes from c0:00:21:a4:00:00 (10.10.0.2): index=5 time=2.050 msec
23:22:13.962375 ARP, Request who-has 10.10.0.2 tell pwwrpad.local, length 28
23:22:13.968460 ARP, Reply 10.10.0.2 is-at c0:00:21:a4:00:00 (oui Unknown), length 46
23:22:14.966650 ARP, Request who-has 10.10.0.2 tell pwwrpad.local, length 28
23:22:14.967922 ARP, Reply 10.10.0.2 is-at c0:00:21:a4:00:00 (oui Unknown), length 46
23:22:15.966654 ARP, Request who-has 10.10.0.2 tell pwwrpad.local, length 28
23:22:15.969549 ARP, Reply 10.10.0.2 is-at c0:00:21:a4:00:00 (oui Unknown), length 46
23:22:16.967654 ARP, Request who-has 10.10.0.2 tell pwwrpad.local, length 28
23:22:16.969786 ARP, Reply 10.10.0.2 is-at c0:00:21:a4:00:00 (oui Unknown), length 46
Reply to: