I have some machines in a companys' network that are interconnected
with a piece of coaxial cable (ethernet 10base2). This trunk goes through a
switch that acts also as a media converter and connects to the Internet
router.
For a while now I'm having trouble with this 10base2 trunk and I dropped
in another FreeBSD
machine to move the services I'm running to the newer (9.0) machine.
At the moment the two FreeBSD boxes (one 9.0, the other 5.1) are on the net.
Both have a DIVERT kernel and act as gateways between the in house
network and the Internet (natd).
Now strange things happen:
When I ping from the 9.0 machine to another machine (a Windows XP) in
the network,
I don't get an immediate response from the ping but after some, day 20s
or so I get:
(I prefer to not use the real addresses in the source or destination)
forum2# ping 80.90.34.226
forum2# tcpdump -i ed0 -l ip proto ICMP
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ed0, link-type EN10MB (Ethernet), capture size 65535 bytes
16:15:06.748522 IP 80.90.34.228 > 129.82.138.44: ICMP echo reply, id
50777, seq 49408, length 8
or:
16:15:06.748522 IP 80.90.34.228 > 129.82.138.44: ICMP echo reply, id
50777, seq 49408, length 8
16:17:01.920480 IP 80.90.34.228 > 203.178.148.19: ICMP echo reply, id
9061, seq 48393, length 8
^C
2 packets captured
473 packets received by filter
0 packets dropped by kernel
Doing the same ping from the 5.1 box (pretty sure it hasn't got to do
with the OS versions),
gives an echo reply immediately from the target address I pinged.
So why does there come an echo reply from machines on the net which seem
to exist and
even have names like pinger-j2.ant.isi.edu or pinger6.netsec.colostate.edu?
Does there some packet redirection take place?
--
Christoph Kukulies
_______________________________________________
[hidden email] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackersTo unsubscribe, send any mail to "
[hidden email]"
Locked
