 |
| Register | FAQ | Members List | Calendar | Links | Search | Today's Posts | Mark Forums Read |
|
||||||||
|
|
#1
09-02-2006, 03:51 AM
|
Strange Routing Behavior
I have a dedicated server hosted in California. The server runs SMTP,
SSH and HTTP. This morning (~7 AM PDT - UTC-0700) attempts to connect to it on port 25, either by name or by IP address, were redirected to smtp2-cm.mail.eni.net. When I tried telneting to my server on port 25 I got the SMTP banner for smtp2-cm.mail.eni.net. Curiously, I was still able to connect to my server on port 22 (SSH), so I logged in, fired up tcpdump and monitored port 25. Then I opened a second local command-line (on my laptop) and telneted to port 25 on the server. Again I got the smtp banner from smtp2-cm.mail.eni.net, and saw no incoming traffic on my server in tcpdump. As far as I know, this is not possible. If traffic is being misrouted it would affect all ports, not a subset. Can someone explain the circumstances that would result in this behavior? The problem corrected itself within a couple of hours, and is working OK now, but I'd really like to understand what happened. Jim Garrison 
|
|
#2
09-04-2006, 05:13 AM
|
|||
|
|||
|
Re: Strange Routing Behavior
On Fri, 01 Sep 2006 19:51:12 -0700, Jim Garrison <(E-Mail Removed)>
wrote: >I have a dedicated server hosted in California. The server runs SMTP, >SSH and HTTP. This morning (~7 AM PDT - UTC-0700) attempts to connect to >it on port 25, either by name or by IP address, were redirected to >smtp2-cm.mail.eni.net. When I tried telneting to my server on port 25 I >got the SMTP banner for smtp2-cm.mail.eni.net. > >Curiously, I was still able to connect to my server on port 22 (SSH), so >I logged in, fired up tcpdump and monitored port 25. Then I opened a >second local command-line (on my laptop) and telneted to port 25 on the >server. Again I got the smtp banner from smtp2-cm.mail.eni.net, and saw >no incoming traffic on my server in tcpdump. > >As far as I know, this is not possible. If traffic is being misrouted >it would affect all ports, not a subset. Can someone explain the >circumstances that would result in this behavior? > >The problem corrected itself within a couple of hours, and is working >OK now, but I'd really like to understand what happened. That is odd. The only thing I can think of is if you connected to port 25 by your server name, but connected to port 22 via the IP address. That would point to a dns issue. Grog
|
|
#3
09-04-2006, 04:12 PM
|
|||
|
|||
|
Re: Strange Routing Behavior
Grog wrote:
> That is odd. The only thing I can think of is if you connected to > port 25 by your server name, but connected to port 22 via the IP > address. That would point to a dns issue. That was the first thing that came to mind, so I tried both IP and hostname, with identical results. The other obvious answer is some sort of proxy between me and the server, but AFAIK there wasn't one.
|
 |
| Tags |
| behavior, routing, strange |
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
