[ale] Stumped by Slashdot and network problems

John Wells lists at sourceillustrated.com
Sat Oct 23 19:46:59 EDT 2004


Guys,

I'm having a network problem regarding which I hope you can provide some
insight.  I have an interesting setup, in that I have a NAT'd connection
to the internet, but I also have another NAT'd firewall behind *that*
firewall that allows wireless connections to VPN into my internal LAN via
PPTP (to support Macs).

Everything has been working fine, and I can pull up any site from my
wireless connection.  But...if I try slashdot:

[root at airport scripts]# tcpdump host slashdot.org
tcpdump: listening on eth0
03:22:43.001759 172.16.3.2.2143 > slashdot.org.http: F
826142373:826142373(0) ack 2628767187 win 17200 (DF)
03:22:43.002294 172.16.3.2.2174 > slashdot.org.http: S
838336042:838336042(0) win 16384 <mss 860,nop,nop,sackOK> (DF)
03:22:43.111256 slashdot.org.http > 172.16.3.2.2174: S
2761579604:2761579604(0) ack 838336043 win 5840 <mss 1460,nop,nop,sackOK>
(DF) [tos 0x20]
03:22:43.115439 172.16.3.2.2174 > slashdot.org.http: . ack 1 win 17200 (DF)
03:22:43.119546 172.16.3.2.2174 > slashdot.org.http: P 1:481(480) ack 1
win 17200 (DF)
03:22:43.139064 slashdot.org.http > 172.16.3.2.2143: . ack 1 win 6432 (DF)
[tos 0x20]
03:22:43.390118 slashdot.org.http > 172.16.3.2.2174: . ack 481 win 6432
(DF) [tos 0x20]
03:22:48.622356 slashdot.org.http > 172.16.3.2.2174: . 1:861(860) ack 481
win 6432 (DF) [tos 0x20]
03:22:48.622786 172.16.3.2 > slashdot.org: icmp: 172.16.3.2 unreachable -
need to frag (mtu 896) [tos 0xc0]
03:22:48.627690 slashdot.org.http > 172.16.3.2.2174: . 861:1721(860) ack
481 win 6432 (DF) [tos 0x20]
03:22:48.627931 172.16.3.2 > slashdot.org: icmp: 172.16.3.2 unreachable -
need to frag (mtu 896) [tos 0xc0]
03:22:51.617229 slashdot.org.http > 172.16.3.2.2174: . 1:861(860) ack 481
win 6432 (DF) [tos 0x20]
03:22:51.617486 172.16.3.2 > slashdot.org: icmp: 172.16.3.2 unreachable -
need to frag (mtu 896) [tos 0xc0]
03:22:52.497982 slashdot.org.http > 172.16.3.2.2143: . 1:861(860) ack 1
win 6432 (DF) [tos 0x20]
03:22:52.498089 172.16.3.2 > slashdot.org: icmp: 172.16.3.2 unreachable -
need to frag (mtu 896) [tos 0xc0]
03:22:57.618855 slashdot.org.http > 172.16.3.2.2174: . 1:861(860) ack 481
win 6432 (DF) [tos 0x20]
03:22:57.619334 172.16.3.2 > slashdot.org: icmp: 172.16.3.2 unreachable -
need to frag (mtu 896) [tos 0xc0]
03:23:09.622825 slashdot.org.http > 172.16.3.2.2174: . 1:861(860) ack 481
win 6432 (DF) [tos 0x20]
03:23:09.623369 172.16.3.2 > slashdot.org: icmp: 172.16.3.2 unreachable -
need to frag (mtu 896) [tos 0xc0]

172.16.3.2 is the interface that wireless connections would be MASQ'ing
through.  It really looks like this:

[wireless hosts 172.16.2.10-20] -> [FIRST NAT 172.16.3.2] -> [ SECOND NAT
66.234.19.133] -> INTERNET

I've been beating my head against this too long, and am a bit muddled. 
Anyone care to speculate what might be happening?

Thanks,
John



More information about the Ale mailing list