From: RoMaN SoFt / LLFB!! <roman@madrid.com>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] Balancing ip traffic over two or more internet (adsl) connections
Date: Fri, 16 Mar 2001 10:16:43 +0000 [thread overview]
Message-ID: <marc-lartc-98473770213134@msgid-missing> (raw)
In-Reply-To: <marc-lartc-98465591406063@msgid-missing>
On Thu, 15 Mar 2001 17:56:37 +0100 (MET), you wrote:
>> 1) Could you exemplify this TOS field "hacking"?
>
>ipchains <yourmatchfields> -t 0x01 0x00
Ummm. I don't get it to work... I've created the following test
ipchains rule (see log):
goliat:~ # ipchains -F
goliat:~ # ipchains -A output -p tcp --source-port 20:21 -b -t 0x01
0x00 -j ACCEPT -l
goliat:~ # ipchains -L
Chain input (policy ACCEPT):
Chain forward (policy ACCEPT):
Chain output (policy ACCEPT):
target prot opt source destination
ports
ACCEPT tcp ----l- anywhere anywhere
ftp-data:ftp -> any
ACCEPT tcp ----l- anywhere anywhere any
-> ftp-data:ftp
goliat:~ # ftp 62.22.78.68
Connected to sniff.batmap.com.
220 Sniff FTP-Server ready
Name (62.22.78.68:roman):
421 Service not available, remote server has closed connection.
ftp: Login failed.
ftp: No control connection for command.
ftp> bye
goliat:~ #
Now, we have a look to the ftp server:
sniff:~ # tcpdump -ni eth0
User level filter, protocol ALL, datagram packet socket
tcpdump: listening on eth0
11:06:16.821899 62.174.128.49.7772 > 62.22.78.68.ftp: S
395928648:395928648(0) win 32767 <mss 1460,sackOK,timestamp 7029574
0,nop,wscale 0> (DF)
11:06:16.821934 62.22.78.68.ftp > 62.174.128.49.7772: S
384708931:384708931(0) ack 395928649 win 32120 <mss
1460,sackOK,timestamp 811698645 7029574,nop,wscale 0> (DF)
11:06:16.863172 62.174.128.49.7772 > 62.22.78.68.ftp: . 1:1(0) ack 1
win 65160 <nop,nop,timestamp 7029631 811698645> (DF)
11:06:16.866108 62.22.78.68.ampr-inter > 62.174.128.49.ident: S
390274631:390274631(0) win 32120 <mss 1460,sackOK,timestamp 811698649
0,nop,wscale 0> (DF)
11:06:16.900480 62.174.128.49.ident > 62.22.78.68.ampr-inter: R 0:0(0)
ack 390274632 win 0
11:06:16.906885 62.22.78.68.1053 > 194.98.65.65.domain: 3187+ PTR?
49.128.174.62.in-addr.arpa. (44)
11:06:16.940612 194.98.65.65.domain > 62.22.78.68.1053: 3187 1/2/2 PTR
49-MAD2-X1.red.retevision.es. (183) (DF)
11:06:16.941507 62.22.78.68.sdsc-lm > 62.174.128.49.ident: S
384359382:384359382(0) win 32120 <mss 1460,sackOK,timestamp 811698657
0,nop,wscale 0> (DF)
11:06:16.980458 62.174.128.49.ident > 62.22.78.68.sdsc-lm: R 0:0(0)
ack 384359383 win 0
11:06:16.980641 62.22.78.68.ftp > 62.174.128.49.7772: P 1:29(28) ack 1
win 32120 <nop,nop,timestamp 811698661 7029631> (DF)
11:06:17.038691 62.175.108.41.7857 > 62.22.78.68.ftp: .
395928649:395928649(0) ack 384708960 win 65160 <nop,nop,timestamp
7029648 811698661> (DF)
11:06:17.038720 62.22.78.68.ftp > 62.175.108.41.7857: R
384708960:384708960(0) win 0
11:06:17.229273 0:2:b9:7a:87:4a > 1:0:0:0:0:0 802.1d ui/C
11:06:19.980029 62.22.78.68.ftp > 62.174.128.49.7772: P 1:29(28) ack 1
win 32120 <nop,nop,timestamp 811698961 7029631> (DF)
11:06:20.026685 62.174.128.49.7772 > 62.22.78.68.ftp: R
395928649:395928649(0) win 0
11:06:21.235019 0:2:b9:7a:87:4a > 1:0:0:0:0:0 802.1d ui/C
11:06:21.820027 arp who-has 62.22.78.65 tell 62.22.78.68
(0:c0:26:a0:a4:63)
11:06:21.821221 arp reply 62.22.78.65 is-at 0:2:fd:8a:c7:e0
(0:c0:26:a0:a4:63)
23 packets received by filter
sniff:~ #
It looks like the TOS translation has been produced ok. Despite
packets having same TOS, the machine doing multipath has chosen
DIFFERENT paths, which isn't the expected behaviour. :-????
Am I doing something wrong?
I only could imagine that TOS translation is being doing AFTER
multipath has acted. Is it possible? In this case, how to avoid it?
Could you paste some ipchains rules and/or other useful config files
for your (working) configuration? Perhaps this may helps.
Any help would be *highly* appreciated.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
** RoMaN SoFt / LLFB **
roman@madrid.com
http://pagina.de/romansoft
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
next prev parent reply other threads:[~2001-03-16 10:16 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-03-15 11:33 [LARTC] Balancing ip traffic over two or more internet (adsl) connections RoMaN SoFt / LLFB!!
2001-03-15 11:48 ` [LARTC] Balancing ip traffic over two or more internet (adsl) Arthur van Leeuwen
2001-03-15 15:44 ` [LARTC] Balancing ip traffic over two or more internet (adsl) connections RoMaN SoFt / LLFB!!
2001-03-15 16:56 ` [LARTC] Balancing ip traffic over two or more internet (adsl) Arthur van Leeuwen
2001-03-16 10:16 ` RoMaN SoFt / LLFB!! [this message]
2001-03-16 10:41 ` Arthur van Leeuwen
2001-03-16 11:52 ` [LARTC] Balancing ip traffic over two or more internet (adsl) connections RoMaN SoFt / LLFB!!
2001-03-16 12:41 ` [LARTC] Balancing ip traffic over two or more internet (adsl) Arthur van Leeuwen
2001-03-16 18:25 ` [LARTC] Balancing ip traffic over two or more internet (adsl) connections RoMaN SoFt / LLFB!!
2001-03-16 18:32 ` Mike Fedyk
2001-03-16 19:10 ` RoMaN SoFt / LLFB!!
2001-03-16 19:52 ` Mike Fedyk
2001-03-17 12:56 ` [LARTC] Balancing ip traffic over two or more internet (adsl) Arthur van Leeuwen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-98473770213134@msgid-missing \
--to=roman@madrid.com \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.