Outbound Wierdness

Hi,

I have four dedicated linux servers behind a hardware firewall. Lets
call the servers s1, s2, s3 and s4 for the sake of discussion.

s1 seems to be causing problems. If i make a ping or an ssh request to
it (or any request for that matter) and watch it using tcpdump the
request goes out to s1 and arrives and then s1 says its sent a reply
but it doesn't arrive back at the requesting machine.

So the request comes into the box and it sends a reply but is never
received back. It doesn't matter if I test this with s1/2/3/4 with s1
it doesn't work. All other combinations do i.e. s3-s4, s2-s3, s3-s2.
But as soon as I involve s1 I get a problem.

However going through the firewall to the outside world is fine and me
accessing each machine on opened ports from outside is fine.

It is just internally, behind the firewall, that the connection fails
and times out. So basically I guess its something software wise
stopping outbound connections to machines on the local subnet.

This is a big problem for me at the moment as it has broken my dns
cluster and I need to get it fixed.

My linux knowledge is fairly limited and I can't think what to do. I
have tried stopping iptables and that didn't help and the iptable
config is the same across all boxes anyway.

Any ideas would be greatly appreciated. I have checked every log file I
can find and I can't see any indication of any errors whatsoever.

Kind Regards,
Mark

<(E-Mail Removed)> wrote in message
news:(E-Mail Removed) oups.com

> s1 seems to be causing problems. If i make a ping or an ssh request to
> it (or any request for that matter) and watch it using tcpdump the
> request goes out to s1 and arrives and then s1 says its sent a reply
> but it doesn't arrive back at the requesting machine.
[...]
> This is a big problem for me at the moment as it has broken my dns
> cluster and I need to get it fixed.
>
> My linux knowledge is fairly limited and I can't think what to do. I
> have tried stopping iptables and that didn't help and the iptable
> config is the same across all boxes anyway.
>
> Any ideas would be greatly appreciated. I have checked every log file
> I can find and I can't see any indication of any errors whatsoever.

/sbin/ifconfig -a
/sbin/route -n

If you post the output of the above 2 commands, someone might be able to
help you better.

(E-Mail Removed) wrote:
> Hi,
>
> I have four dedicated linux servers behind a hardware firewall. Lets
> call the servers s1, s2, s3 and s4 for the sake of discussion.
>
> s1 seems to be causing problems. If i make a ping or an ssh request to
> it (or any request for that matter) and watch it using tcpdump the
> request goes out to s1 and arrives and then s1 says its sent a reply
> but it doesn't arrive back at the requesting machine.
>

Ok, at first do:
iptables -L
on s1. If anything shows up but empty chains do:
/etc/init.d/iptables stop
or
iptables -F

*** If this is a production server and you do not know what these
commands will do, do not do it! *********

Then check again.

If the problem persists do this:
route

and make sure a route exists so that packet can come back to the
original servers.

Basically, if s1,s2,s3,s4 are all plugged on the same hub/switch ( they
are on the same subnet ) then it's ok. But if s1 is on separate network
( DMZ ? ) then verify there are static routes ( probably your fw/router
is not the problem because the packets came at first ) allowing the
packet to come back to sender.

I hope this helps.

If you do not understand anything to all of this, try to make a new post
with:
output of:
iptables -L
on s1 and s2 ( or another server from which you have problems )
and also the output of
route
on both servers

Olivier