Myron,
I had seen this same behavior a few months ago with one of our GB-1000s running v3.1.3s, and discovered the same "solution" that you did -- reboot. I chalked this problem up as being a random event at the time since I had not seen this behavior before, nor have I seen it since. Like you, I have no idea as to what caused this behavior. -Bill > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Myron Szymanskyj > Sent: Thursday, August 30, 2001 8:34 PM > To: [EMAIL PROTECTED] > Subject: Static address mapping can become screwed up. > > > --------------------- Attention ----------------------------- > A digest version of this list is now available. > Send email to [EMAIL PROTECTED], with the following message: > subscribe gb-users-digest your_email_address > Then unsubscribe from this list. > ------------------------------------------------------------- > GNAT Box User Forum http://www.gnatbox.com/cgi-bin/Ultimate.cgi > Send postings to: [EMAIL PROTECTED] > Access the list archives at: http://www.gnatbox.com/gb-users/ > ------------------------------------------------------------- > Spoke to a very nice person at GTA and have uncovered a rather > odd problem. > > Assume the following: > External NIC: 200.1.1.1 > Alias addressed: 200.1.1.2 and 200.1.1.3 > > A mail server sat at 172.16.0.1. It's bound to that IP. > > NAT: A static IP mapping for IP address 172.16.0.1 (on PSN) to IP address > 200.1.1.2 for outbound traffic to the external NIC. > > OBF: Outbound filter accepts connections from PSN on IP > 172.16.0.1 TCP port > 25 to any IP. > > NAT: Inbound tunnel: 200.1.1.2 TCP 25 -> 172.16.0.1 TCP 25 > > RMF: Remote access filter accepts connections coming to an inbound tunnel > 200.1.1.2 TCP 25 -> 172.16.0.1 TCP 25. > > Here is the problem with firmware v3.2.0 and possibly v3.2.1, > which can be > worked around by simply rebooting the GnatBOX. I'm actually running the > GB-1000. > > Outbound connections from the mail server on 172.16.0.1 start > getting sent > out of the external NIC with an originating IP of `200.1.1.1`. This is > incorrect as the originating IP should be `200.1.1.2`. It's a > bug. (Shock > horror . . .) > > Exactly how to recreate I do not know. Enough to say that the IP > dropped a > number our ISP's mail relay didn't know the new originating IP > address (no > RDNS) and was rejecting e-mail from our mail server. It just happened. > > After a decent discussion with a technical person at GTA, the temporary > solution was to keep an eye out for it happening again and if it does, > reboot the GnatBOX. The problem (I belive) has been passed on to > the gurus > in the states. > > That's all folks . . . > > So, I'm curious. Who else has suffered from this? I only sussed > out that > was happening as our mail server logged our ISP's mail relay's welcoming > reply, which (luckily) also returned the IP address of the mail > client/server that the ISP's mail relay thought was talking to it. > > Hmm.. Stealthy and nasty. > > ---------------------------------------------- > To Unsubscribe: send mail to [EMAIL PROTECTED] > with "unsubscribe gb-users your_email_address > in the body of the message >
