Re: Routing issues - ping works one way but not the other

Discussion in 'Linux Networking' started by Pascal Hambourg, Oct 12, 2010.

  1. Hello,

    David Brown a écrit :
    Don't you mean "192.168.1.0/24 gw 192.168.0.3" ?
    What about ping A from D ? I guess it works fine ?
    Is there some NAT or stateful filtering on the box A and box C ? These
    don't work well with asymmetric routing.
    Can you run tcpdump on the boxes and see what's going on ?
    Then I guess it rules out box B not replying to ping at all.
     
    Pascal Hambourg, Oct 12, 2010
    #1
    1. Advertisements

  2. David Brown a écrit :
    Because box A's connection tracking state machine did not see the echo
    request it replies to, due to the asymmetric routing. In the other way,
    box A sees the echo request which has state NEW, and does not see the
    echo reply, but that does not matter.
    You can safely ACCEPT any packet arriving and leaving on the same
    internal LAN interface, regardless of its state.
     
    Pascal Hambourg, Oct 12, 2010
    #2
    1. Advertisements

  3. Andrew Gideon a écrit :
    Check conntrackd from conntrack-tools.
    <http://conntrack-tools.netfilter.org/>
     
    Pascal Hambourg, Oct 12, 2010
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.