Spoke to a very nice person at GTA and have uncovered a rather odd problem.
Assume the following:
External NIC: 200.1.1.1
Alias addressed: 200.1.1.2 and 200.1.1.3
A mail server sat at 172.16.0.1. It's bound to that IP.
NAT: A static IP mapping for IP address 172.16.0.1 (on PSN) to IP address
200.1.1.2 for outbound traffic to the external NIC.
OBF: Outbound filter accepts connections from PSN on IP 172.16.0.1 TCP port
25 to any IP.
NAT: Inbound tunnel: 200.1.1.2 TCP 25 -> 172.16.0.1 TCP 25
RMF: Remote access filter accepts connections coming to an inbound tunnel
200.1.1.2 TCP 25 -> 172.16.0.1 TCP 25.
Here is the problem with firmware v3.2.0 and possibly v3.2.1, which can be
worked around by simply rebooting the GnatBOX. I'm actually running the
GB-1000.
Outbound connections from the mail server on 172.16.0.1 start getting sent
out of the external NIC with an originating IP of `200.1.1.1`. This is
incorrect as the originating IP should be `200.1.1.2`. It's a bug. (Shock
horror . . .)
Exactly how to recreate I do not know. Enough to say that the IP dropped a
number our ISP's mail relay didn't know the new originating IP address (no
RDNS) and was rejecting e-mail from our mail server. It just happened.
After a decent discussion with a technical person at GTA, the temporary
solution was to keep an eye out for it happening again and if it does,
reboot the GnatBOX. The problem (I belive) has been passed on to the gurus
in the states.
That's all folks . . .
So, I'm curious. Who else has suffered from this? I only sussed out that
was happening as our mail server logged our ISP's mail relay's welcoming
reply, which (luckily) also returned the IP address of the mail
client/server that the ISP's mail relay thought was talking to it.
Hmm.. Stealthy and nasty.
