Re: Problems connecting to svm: RTP2_NOTCLIENT (F)

jochen Tue, 17 Dec 2002 11:39:00 -0800

Hi,

On Tue, Dec 17, 2002 at 12:12:51PM -0500, Jan Harkes wrote:
> Typically this is caused by a bad firewall setup or incorrect routing.
> I don't know how your setup is, but 192.168.0.2 is an address in a
> private range, so it is typically not routable across the internet.
> 
> Perhaps you have a firewall that is passing packets through, but doesn't
> do any ip header rewriting (NAT/masquerading), and as a result the
> server cannot send any responses back to the client, it simply doesn't
> know the right address to get back to the client.


Well, here is the network layout:


+--------+
Š client | 192.168.0.2 eth0
+--------+     \
                \
            192.168.0.1 eth0
                 +---------+    eth2                     (ppp0)
                 | server -+-192.168.2.1===ADSL modem-- public IP addr
                 +---------+
                192.168.1.1 eth1
                     |
                     .

The SVM is running at the 192.168.2.1 interface, the public IP addr is
available on ppp0 (pppoe). I'm running nearly all server processes on
192.168.2.1 since the other interfaces normally (note: normally, not
while testing this) run ipsec an most servers don't like to bind to an
ipsec interface.

All subnets are declared /24, here is the routing table:

217.5.98.41 dev ppp0  proto kernel  scope link  src 217.226.148.10 
192.168.2.0/24 dev eth2  proto kernel  scope link  src 192.168.2.1 
192.168.1.0/24 dev eth1  proto kernel  scope link  src 192.168.1.1 
192.168.0.0/24 dev eth0  proto kernel  scope link  src 192.168.0.1 
default via 217.5.98.41 dev ppp0 

I've attached a "tcpdump -i eth0" output from the server... sadly, I
haven't located the .deb package on your site which contains the
rpc2portmap tool.

regards
-- jochen

20:35:32.920761 192.168.2.1.22 > 192.168.0.2.32829: P 174185900:174185964(64) ack 
602773761 win 13056 <nop,nop,timestamp 7399961 4665376> (DF) [tos 0x10] 
20:35:32.923570 192.168.0.2.32829 > 192.168.2.1.22: . ack 64 win 63712 
<nop,nop,timestamp 4665404 7399961> (DF) [tos 0x10] 
20:35:34.688769 192.168.0.2.32778 > 192.168.2.1.53:  8481+ A? gw.coffee.homeunix.org. 
(40) (DF)
20:35:34.690535 192.168.2.1.53 > 192.168.0.2.32778:  8481* 1/1/1 A[|domain] (DF)
20:35:34.694047 192.168.0.2.32778 > 192.168.2.1.53:  8482+ PTR? 
1.2.168.192.in-addr.arpa. (42) (DF)
20:35:34.695637 192.168.2.1.53 > 192.168.0.2.32778:  8482* 1/1/1 PTR[|domain] (DF)
20:35:37.544890 192.168.0.2.32778 > 192.168.2.1.2432: udp 297 (DF)
20:35:37.635594 192.168.0.1.2432 > 192.168.0.2.32778: udp 80 (DF)
20:35:37.639221 192.168.0.2.32778 > 192.168.2.1.2432: udp 140 (DF)
20:35:37.883370 192.168.0.1.2432 > 192.168.0.2.32778: udp 292 (DF)
20:35:37.887141 192.168.0.2.32778 > 192.168.0.1.2432: udp 80 (DF)
20:35:37.888308 192.168.0.2.32779 > 192.168.2.1.53:  8483+ PTR? 
1.0.168.192.in-addr.arpa. (42) (DF)
20:35:37.889236 192.168.0.1.2432 > 192.168.0.2.32778: udp 72 (DF)
20:35:37.891024 192.168.2.1.53 > 192.168.0.2.32779:  8483* 1/1/1 PTR[|domain] (DF)
20:35:37.895498 192.168.0.2.32778 > 192.168.0.1.2432: udp 60 (DF)
20:35:37.898087 192.168.0.1.2432 > 192.168.0.2.32778: udp 60 (DF)
20:35:37.902815 192.168.0.2.32778 > 192.168.2.1.2432: udp 297 (DF)
20:35:37.904928 192.168.0.1.2432 > 192.168.0.2.32778: udp 80 (DF)
20:35:37.908174 192.168.0.2.32778 > 192.168.2.1.2432: udp 140 (DF)
20:35:37.919939 192.168.0.1.2432 > 192.168.0.2.32778: udp 292 (DF)
20:35:37.923609 192.168.0.2.32778 > 192.168.0.1.2432: udp 80 (DF)
20:35:37.924446 192.168.0.2.32779 > 192.168.2.1.53:  8484+ PTR? 
1.0.168.192.in-addr.arpa. (42) (DF)
20:35:37.925409 192.168.0.1.2432 > 192.168.0.2.32778: udp 72 (DF)
20:35:37.927243 192.168.2.1.53 > 192.168.0.2.32779:  8484* 1/1/1 PTR[|domain] (DF)
20:35:37.931188 192.168.0.2.32778 > 192.168.0.1.2432: udp 60 (DF)
20:35:37.933630 192.168.0.1.2432 > 192.168.0.2.32778: udp 60 (DF)
20:35:37.938210 192.168.0.2.32778 > 192.168.2.1.2432: udp 297 (DF)
20:35:37.940385 192.168.0.1.2432 > 192.168.0.2.32778: udp 80 (DF)
20:35:37.943649 192.168.0.2.32778 > 192.168.2.1.2432: udp 140 (DF)
20:35:37.952515 192.168.0.1.2432 > 192.168.0.2.32778: udp 292 (DF)
20:35:37.956203 192.168.0.2.32778 > 192.168.0.1.2432: udp 80 (DF)
20:35:37.957175 192.168.0.2.32779 > 192.168.2.1.53:  8485+ PTR? 
1.0.168.192.in-addr.arpa. (42) (DF)
20:35:37.958001 192.168.0.1.2432 > 192.168.0.2.32778: udp 72 (DF)
20:35:37.959916 192.168.2.1.53 > 192.168.0.2.32779:  8485* 1/1/1 PTR[|domain] (DF)
20:35:37.963896 192.168.0.2.32778 > 192.168.0.1.2432: udp 60 (DF)
20:35:37.966303 192.168.0.1.2432 > 192.168.0.2.32778: udp 60 (DF)
20:35:52.965482 192.168.0.2.32778 > 192.168.2.1.2432: udp 297 (DF)
20:35:52.967197 192.168.0.1.2432 > 192.168.0.2.32778: udp 80 (DF)
20:35:52.970440 192.168.0.2.32778 > 192.168.2.1.2432: udp 140 (DF)
20:35:52.978838 192.168.0.1.2432 > 192.168.0.2.32778: udp 292 (DF)
20:35:52.982521 192.168.0.2.32778 > 192.168.0.1.2432: udp 80 (DF)
20:35:52.983368 192.168.0.2.32779 > 192.168.2.1.53:  8486+ PTR? 
1.0.168.192.in-addr.arpa. (42) (DF)
20:35:52.984330 192.168.0.1.2432 > 192.168.0.2.32778: udp 72 (DF)
20:35:52.986128 192.168.2.1.53 > 192.168.0.2.32779:  8486* 1/1/1 PTR[|domain] (DF)
20:35:52.990597 192.168.0.2.32778 > 192.168.0.1.2432: udp 60 (DF)
20:35:52.993081 192.168.0.1.2432 > 192.168.0.2.32778: udp 60 (DF)
20:35:52.997922 192.168.0.2.32778 > 192.168.2.1.2432: udp 297 (DF)
20:35:52.999422 192.168.0.1.2432 > 192.168.0.2.32778: udp 80 (DF)
20:35:53.002711 192.168.0.2.32778 > 192.168.2.1.2432: udp 140 (DF)
20:35:53.011007 192.168.0.1.2432 > 192.168.0.2.32778: udp 292 (DF)
20:35:53.014677 192.168.0.2.32778 > 192.168.0.1.2432: udp 80 (DF)
20:35:53.015306 192.168.0.2.32779 > 192.168.2.1.53:  8487+ PTR? 
1.0.168.192.in-addr.arpa. (42) (DF)
20:35:53.016459 192.168.0.1.2432 > 192.168.0.2.32778: udp 72 (DF)
20:35:53.018398 192.168.2.1.53 > 192.168.0.2.32779:  8487* 1/1/1 PTR[|domain] (DF)
20:35:53.022358 192.168.0.2.32778 > 192.168.0.1.2432: udp 60 (DF)
20:35:53.024855 192.168.0.1.2432 > 192.168.0.2.32778: udp 60 (DF)
20:35:53.030203 192.168.0.2.32778 > 192.168.2.1.2432: udp 297 (DF)
20:35:53.031682 192.168.0.1.2432 > 192.168.0.2.32778: udp 80 (DF)
20:35:53.034896 192.168.0.2.32778 > 192.168.2.1.2432: udp 140 (DF)
20:35:53.043032 192.168.0.1.2432 > 192.168.0.2.32778: udp 292 (DF)
20:35:53.046756 192.168.0.2.32778 > 192.168.0.1.2432: udp 80 (DF)
20:35:53.047313 192.168.0.2.32779 > 192.168.2.1.53:  8488+ PTR? 
1.0.168.192.in-addr.arpa. (42) (DF)
20:35:53.048491 192.168.0.1.2432 > 192.168.0.2.32778: udp 72 (DF)
20:35:53.050273 192.168.2.1.53 > 192.168.0.2.32779:  8488* 1/1/1 PTR[|domain] (DF)
20:35:53.054259 192.168.0.2.32778 > 192.168.0.1.2432: udp 60 (DF)
20:35:53.056905 192.168.0.1.2432 > 192.168.0.2.32778: udp 60 (DF)

Re: Problems connecting to svm: RTP2_NOTCLIENT (F)

Reply via email to