[Bug 443] 2.6 kernel failing in NAT with significant outbound traffic

bugzilla-daemon at bugzilla.netfilter.org bugzilla-daemon at bugzilla.netfilter.org
Thu Feb 9 00:44:12 CET 2006


https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=443





------- Additional Comments From nothingel at hotmail.com  2006-02-09 00:44 MET -------
just tested the following:

Fedora Core 2 (stock kernel, 2.6.5-1.358) does NOT exhibit the problem
described.  It works perfectly!

Fedora Core 2 (upgraded to kernel 2.6.10-1.771 via the updates) DOES EXHIBIT the
problem described above.  So...some code has changed it seems.

--
I've attempted to draw a diagram of the network layout.  It's important to note
that the problem is ONLY observed when data is being tranferred TO
"internetserver1" (as the arrows indicate).  Data flowing FROM internetserver1
does not have a problem.



+---------+
| client1 |
+---------+

   -->

       +-------------------------+
       |          linux1         |
       |  (the problem machine   |
       | with SNAT or MASQUERADE)|
       +-------------------------+

          -->

               +-----------------------+
               | at least 2 routers    |
               | plus at least one     |
               | Cisco PIX.  NO ICMP is|
               | allowed so the exact  |
               | number is unknown.    |
               |                       |
               | I have no knowledge or|
               | control at this level |
               +-----------------------+

                          --->

                               +-------------+
                               |  Internet   |
                               +-------------+

                                         ---->

                                              +------------------+
                                              |  internetserver1 |
                                              | under my control |
                                              +------------------+





-- 
Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.



More information about the netfilter-buglog mailing list